From 1a4b7ee28bf7413af6513fb45ad0d0736048f866 Mon Sep 17 00:00:00 2001
From: Brad Bishop
Finally, you can use SSL for complete +-end-to-end encryption if you have an SSL-enabled mailserver.
++Finally, you can use SSL or TLS for complete ++end-to-end encryption if you have a TLS-enabled mailserver.
+ +You'll need to have the OpenSSL libraries installed, and they +-should at least be version 0.9.7. ++should at least be version 0.9.8, with 1.0.1 preferred. + Configure with --with-ssl. If you have the OpenSSL libraries + installed in commonly-used default locations, this will + suffice. If you have them installed in a non-default location, +@@ -2130,7 +2130,7 @@ to --with-ssl after an equal sign.
+Fetchmail binaries built this way support ssl
,
+ sslkey
, and sslcert
options that control
+ SSL encryption, and will automatically use tls
if the
+-server offers it. You will need to have an SSL-enabled mailserver to
++server offers it. You will need to have an SSL/TLS-enabled mailserver to
+ use these options. See the manual page for details and some words
+ of care on the limited security provided.
You should note that SSL is only secure against a "man-in-the-middle" +-attack if the client is able to verify that the peer's public key is the +-correct one, and has not been substituted by an attacker. fetchmail can do +-this in one of two ways: by verifying the SSL certificate, or by checking +-the fingerprint of the peer's public key.
++You should note that SSL or TLS are only secure against a ++"man-in-the-middle" attack if the client is able to verify that the ++peer's public key is the correct one, and has not been substituted by an ++attacker. fetchmail can do this in one of two ways: by verifying the SSL ++certificate, or by checking the fingerprint of the peer's public ++key.
+ +-There are three parts to SSL certificate verification: checking that the ++
There are three parts to TLS certificate verification: checking that the + domain name in the certificate matches the hostname you asked to connect to; + checking that the certificate expiry date has not passed; and checking that + the certificate has been signed by a known Certificate Authority (CA). This +@@ -2227,8 +2228,12 @@ will automatically attempt TLS negotiati + time. This can however cause problems if the upstream didn't configure + his certificates properly.
+ +-In order to prevent fetchmail from trying TLS (STLS, STARTTLS) +-negotiation, add this option:
++In order to prevent fetchmail 6.4.0 and newer versions from trying ++STLS or STARTTLS negotiation, add this option:
++sslproto ''++ ++
In order to prevent older fetchmail versions from trying TLS (STLS, STARTTLS) ++negotiation where the above does not work, try this option:
+ +sslproto ssl23+ +@@ -2876,15 +2881,22 @@ need to say something like '
envelo
+
+
+ Received: from send103.yahoomail.com (send103.yahoomail.com [205.180.60.92])
+- by iserv.ttns.net (8.8.5/8.8.5) with SMTP id RAA10088
+- for <ksturgeon@fbceg.org>; Wed, 9 Sep 1998 17:01:59 -0700
++ by iserv.example.net (8.8.5/8.8.5) with SMTP id RAA10088
++ for <ksturgeon@fbceg.example.org>; Wed, 9 Sep 1998 17:01:59 -0700
+
+
+-it checks to see if 'iserv.ttns.net' is a DNS alias of your
+-mailserver before accepting 'ksturgeon@fbceg.org' as an envelope
++
it checks to see if 'iserv.example.net' is a DNS alias of your
++mailserver before accepting 'ksturgeon@fbceg.example.org' as an envelope
+ address. This check might fail if your DNS were misconfigured, or
+-if you were using 'no dns' and had failed to declare iserv.ttns.net
+-as an alias of your server.
++if you were using 'no dns' and had failed to declare iserv.example.net
++as an alias of your server. The typical hint is logging similar to:
++line rejected, iserv.example.net is not an alias of the mailserver
,
++if you use fetchmail in verbose mode.
++
++Workaround: You can specify the alias explicitly, with aka
++ iserv.example.net
statements in the rcfile. Replace
++iserv.example.net by the name you find in your
++'by' part of the 'Received:' line.
+
+ M8. Users are getting multiple copies of
+ messages.
+@@ -3237,6 +3249,8 @@ Hayes mode escape "+++".
+ X8. A spurious ) is being appended to my
+ messages.
+
++Fetchmail 6.3.5 and newer releases are supposed to fix this.
++
+ Due to the problem described in S2, the
+ IMAP support in fetchmail cannot follow the IMAP protocol 100 %.
+ Most of the time it doesn't matter, but if you combine it with an
+@@ -3279,8 +3293,6 @@ it at the end of the message it forwards
+ on, you'll get a message about actual != expected.
+
+
+-
There is no fix for this.
+-
+ X9. Missing "Content-Transfer-Encoding" header
+ with Domino IMAP
+
+--- fetchmail-6.3.26.orig/fetchmail.c
++++ fetchmail-6.3.26/fetchmail.c
+@@ -54,6 +54,10 @@
+ #define ENETUNREACH 128 /* Interactive doesn't know this */
+ #endif /* ENETUNREACH */
+
++#ifdef SSL_ENABLE
++#include /* for OPENSSL_NO_SSL2 and ..._SSL3 checks */
++#endif
++
+ /* prototypes for internal functions */
+ static int load_params(int, char **, int);
+ static void dump_params (struct runctl *runp, struct query *, flag implicit);
+@@ -138,7 +142,7 @@ static void printcopyright(FILE *fp) {
+ "Copyright (C) 2004 Matthias Andree, Eric S. Raymond,\n"
+ " Robert M. Funk, Graham Wilson\n"
+ "Copyright (C) 2005 - 2012 Sunil Shetye\n"
+- "Copyright (C) 2005 - 2013 Matthias Andree\n"
++ "Copyright (C) 2005 - 2015 Matthias Andree\n"
+ ));
+ fprintf(fp, GT_("Fetchmail comes with ABSOLUTELY NO WARRANTY. This is free software, and you\n"
+ "are welcome to redistribute it under certain conditions. For details,\n"
+@@ -262,6 +266,9 @@ int main(int argc, char **argv)
+ #endif /* ODMR_ENABLE */
+ #ifdef SSL_ENABLE
+ "+SSL"
++#if (HAVE_DECL_SSLV3_CLIENT_METHOD + 0 == 0) || defined(OPENSSL_NO_SSL3)
++ "-SSLv3"
++#endif
+ #endif
+ #ifdef OPIE_ENABLE
+ "+OPIE"
+--- fetchmail-6.3.26.orig/fetchmail.h
++++ fetchmail-6.3.26/fetchmail.h
+@@ -771,9 +771,9 @@ int servport(const char *service);
+ int fm_getaddrinfo(const char *node, const char *serv, const struct addrinfo *hints, struct addrinfo **res);
+ void fm_freeaddrinfo(struct addrinfo *ai);
+
+-/* prototypes from tls.c */
+-int maybe_tls(struct query *ctl);
+-int must_tls(struct query *ctl);
++/* prototypes from starttls.c */
++int maybe_starttls(struct query *ctl);
++int must_starttls(struct query *ctl);
+
+ /* prototype from rfc822valid.c */
+ int rfc822_valid_msgid(const unsigned char *);
+--- fetchmail-6.3.26.orig/fetchmail.man
++++ fetchmail-6.3.26/fetchmail.man
+@@ -412,23 +412,22 @@ from. The folder information is written
+ .B \-\-ssl
+ (Keyword: ssl)
+ .br
+-Causes the connection to the mail server to be encrypted
+-via SSL. Connect to the server using the specified base protocol over a
+-connection secured by SSL. This option defeats opportunistic starttls
+-negotiation. It is highly recommended to use \-\-sslproto 'SSL3'
+-\-\-sslcertck to validate the certificates presented by the server and
+-defeat the obsolete SSLv2 negotiation. More information is available in
+-the \fIREADME.SSL\fP file that ships with fetchmail.
+-.IP
+-Note that fetchmail may still try to negotiate SSL through starttls even
+-if this option is omitted. You can use the \-\-sslproto option to defeat
+-this behavior or tell fetchmail to negotiate a particular SSL protocol.
++Causes the connection to the mail server to be encrypted via SSL, by
++negotiating SSL directly after connecting (SSL-wrapped mode). It is
++highly recommended to use \-\-sslcertck to validate the certificates
++presented by the server. Please see the description of \-\-sslproto
++below! More information is available in the \fIREADME.SSL\fP file that
++ships with fetchmail.
++.IP
++Note that even if this option is omitted, fetchmail may still negotiate
++SSL in-band for POP3 or IMAP, through the STLS or STARTTLS feature. You
++can use the \-\-sslproto option to modify that behavior.
+ .IP
+ If no port is specified, the connection is attempted to the well known
+ port of the SSL version of the base protocol. This is generally a
+ different port than the port used by the base protocol. For IMAP, this
+ is port 143 for the clear protocol and port 993 for the SSL secured
+-protocol, for POP3, it is port 110 for the clear text and port 995 for
++protocol; for POP3, it is port 110 for the clear text and port 995 for
+ the encrypted variant.
+ .IP
+ If your system lacks the corresponding entries from /etc/services, see
+@@ -470,39 +469,73 @@ cause some complications in daemon mode.
+ .IP
+ Also see \-\-sslcert above.
+ .TP
+-.B \-\-sslproto
+-(Keyword: sslproto)
++.B \-\-sslproto
++(Keyword: sslproto, NOTE: semantic changes since v6.4.0)
+ .br
+-Forces an SSL/TLS protocol. Possible values are \fB''\fP,
+-\&'\fBSSL2\fP' (not supported on all systems),
+-\&'\fBSSL23\fP', (use of these two values is discouraged
+-and should only be used as a last resort) \&'\fBSSL3\fP', and
+-\&'\fBTLS1\fP'. The default behaviour if this option is unset is: for
+-connections without \-\-ssl, use \&'\fBTLS1\fP' so that fetchmail will
+-opportunistically try STARTTLS negotiation with TLS1. You can configure
+-this option explicitly if the default handshake (TLS1 if \-\-ssl is not
+-used) does not work for your server.
+-.IP
+-Use this option with '\fBTLS1\fP' value to enforce a STARTTLS
+-connection. In this mode, it is highly recommended to also use
+-\-\-sslcertck (see below). Note that this will then cause fetchmail
+-v6.3.19 to force STARTTLS negotiation even if it is not advertised by
+-the server.
+-.IP
+-To defeat opportunistic TLSv1 negotiation when the server advertises
+-STARTTLS or STLS, and use a cleartext connection use \fB''\fP. This
+-option, even if the argument is the empty string, will also suppress the
+-diagnostic 'SERVER: opportunistic upgrade to TLS.' message in verbose
+-mode. The default is to try appropriate protocols depending on context.
++This option has a dual use, out of historic fetchmail behaviour. It
++controls both the SSL/TLS protocol version and, if \-\-ssl is not
++specified, the STARTTLS behaviour (upgrading the protocol to an SSL or
++TLS connection in-band). Some other options may however make TLS
++mandatory.
++.PP
++Only if this option and \-\-ssl are both missing for a poll, there will
++be opportunistic TLS for POP3 and IMAP, where fetchmail will attempt to
++upgrade to TLSv1 or newer.
++.PP
++Recognized values for \-\-sslproto are given below. You should normally
++chose one of the auto-negotiating options, i. e. '\fBauto\fP' or one of
++the options ending in a plus (\fB+\fP) character. Note that depending
++on OpenSSL library version and configuration, some options cause
++run-time errors because the requested SSL or TLS versions are not
++supported by the particular installed OpenSSL library.
++.RS
++.IP "\fB''\fP, the empty string"
++Disable STARTTLS. If \-\-ssl is given for the same server, log an error
++and pretend that '\fBauto\fP' had been used instead.
++.IP '\fBauto\fP'
++(default). Since v6.4.0. Require TLS. Auto-negotiate TLSv1 or newer, disable SSLv3 downgrade.
++(fetchmail 6.3.26 and older have auto-negotiated all protocols that
++their OpenSSL library supported, including the broken SSLv3).
++.IP "\&'\fBSSL23\fP'
++see '\fBauto\fP'.
++.IP \&'\fBSSL3\fP'
++Require SSLv3 exactly. SSLv3 is broken, not supported on all systems, avoid it
++if possible. This will make fetchmail negotiate SSLv3 only, and is the
++only way besides '\fBSSL3+\fP' to have fetchmail 6.4.0 or newer permit SSLv3.
++.IP \&'\fBSSL3+\fP'
++same as '\fBauto\fP', but permit SSLv3 as well. This is the only way
++besides '\fBSSL3\fP' to have fetchmail 6.4.0 or newer permit SSLv3.
++.IP \&'\fBTLS1\fP'
++Require TLSv1. This does not negotiate TLSv1.1 or newer, and is
++discouraged. Replace by TLS1+ unless the latter chokes your server.
++.IP \&'\fBTLS1+\fP'
++Since v6.4.0. See 'fBauto\fP'.
++.IP \&'\fBTLS1.1\fP'
++Since v6.4.0. Require TLS v1.1 exactly.
++.IP \&'\fBTLS1.1+\fP'
++Since v6.4.0. Require TLS. Auto-negotiate TLSv1.1 or newer.
++.IP \&'\fBTLS1.2\fP'
++Since v6.4.0. Require TLS v1.2 exactly.
++.IP '\fBTLS1.2+\fP'
++Since v6.4.0. Require TLS. Auto-negotiate TLSv1.2 or newer.
++.IP "Unrecognized parameters"
++are treated the same as '\fBauto\fP'.
++.RE
++.IP
++NOTE: you should hardly ever need to use anything other than '' (to
++force an unencrypted connection) or 'auto' (to enforce TLS).
+ .TP
+ .B \-\-sslcertck
+ (Keyword: sslcertck)
+ .br
+-Causes fetchmail to strictly check the server certificate against a set of
+-local trusted certificates (see the \fBsslcertfile\fP and \fBsslcertpath\fP
+-options). If the server certificate cannot be obtained or is not signed by one
+-of the trusted ones (directly or indirectly), the SSL connection will fail,
+-regardless of the \fBsslfingerprint\fP option.
++Causes fetchmail to require that SSL/TLS be used and disconnect if it
++can not successfully negotiate SSL or TLS, or if it cannot successfully
++verify and validate the certificate and follow it to a trust anchor (or
++trusted root certificate). The trust anchors are given as a set of local
++trusted certificates (see the \fBsslcertfile\fP and \fBsslcertpath\fP
++options). If the server certificate cannot be obtained or is not signed
++by one of the trusted ones (directly or indirectly), fetchmail will
++disconnect, regardless of the \fBsslfingerprint\fP option.
+ .IP
+ Note that CRL (certificate revocation lists) are only supported in
+ OpenSSL 0.9.7 and newer! Your system clock should also be reasonably
+@@ -1202,31 +1235,33 @@ capability response. Specify a user opti
+ username and the part to the right as the NTLM domain.
+
+ .SS Secure Socket Layers (SSL) and Transport Layer Security (TLS)
++.PP All retrieval protocols can use SSL or TLS wrapping for the
++transport. Additionally, POP3 and IMAP retrival can also negotiate
++SSL/TLS by means of STARTTLS (or STLS).
+ .PP
+ Note that fetchmail currently uses the OpenSSL library, which is
+ severely underdocumented, so failures may occur just because the
+ programmers are not aware of OpenSSL's requirement of the day.
+ For instance, since v6.3.16, fetchmail calls
+ OpenSSL_add_all_algorithms(), which is necessary to support certificates
+-using SHA256 on OpenSSL 0.9.8 -- this information is deeply hidden in the
+-documentation and not at all obvious. Please do not hesitate to report
+-subtle SSL failures.
+-.PP
+-You can access SSL encrypted services by specifying the \-\-ssl option.
+-You can also do this using the "ssl" user option in the .fetchmailrc
+-file. With SSL encryption enabled, queries are initiated over a
+-connection after negotiating an SSL session, and the connection fails if
+-SSL cannot be negotiated. Some services, such as POP3 and IMAP, have
++using SHA256 on OpenSSL 0.9.8 -- this information is deeply hidden in
++the documentation and not at all obvious. Please do not hesitate to
++report subtle SSL failures.
++.PP
++You can access SSL encrypted services by specifying the options starting
++with \-\-ssl, such as \-\-ssl, \-\-sslproto, \-\-sslcertck, and others.
++You can also do this using the corresponding user options in the .fetchmailrc
++file. Some services, such as POP3 and IMAP, have
+ different well known ports defined for the SSL encrypted services. The
+ encrypted ports will be selected automatically when SSL is enabled and
+-no explicit port is specified. The \-\-sslproto 'SSL3' option should be
+-used to select the SSLv3 protocol (default if unset: v2 or v3). Also,
+-the \-\-sslcertck command line or sslcertck run control file option
+-should be used to force strict certificate checking - see below.
++no explicit port is specified. Also, the \-\-sslcertck command line or
++sslcertck run control file option should be used to force strict
++certificate checking - see below.
+ .PP
+ If SSL is not configured, fetchmail will usually opportunistically try to use
+-STARTTLS. STARTTLS can be enforced by using \-\-sslproto "TLS1". TLS
+-connections use the same port as the unencrypted version of the
++STARTTLS. STARTTLS can be enforced by using \-\-sslproto\~auto and
++defeated by using \-\-sslproto\~''.
++TLS connections use the same port as the unencrypted version of the
+ protocol and negotiate TLS via special command. The \-\-sslcertck
+ command line or sslcertck run control file option should be used to
+ force strict certificate checking - see below.
+--- fetchmail-6.3.26.orig/imap.c
++++ fetchmail-6.3.26/imap.c
+@@ -405,6 +405,8 @@ static int imap_getauth(int sock, struct
+ /* apply for connection authorization */
+ {
+ int ok = 0;
++ char *commonname;
++
+ (void)greeting;
+
+ /*
+@@ -429,25 +431,21 @@ static int imap_getauth(int sock, struct
+ return(PS_SUCCESS);
+ }
+
+-#ifdef SSL_ENABLE
+- if (maybe_tls(ctl)) {
+- char *commonname;
+-
+- commonname = ctl->server.pollname;
+- if (ctl->server.via)
+- commonname = ctl->server.via;
+- if (ctl->sslcommonname)
+- commonname = ctl->sslcommonname;
++ commonname = ctl->server.pollname;
++ if (ctl->server.via)
++ commonname = ctl->server.via;
++ if (ctl->sslcommonname)
++ commonname = ctl->sslcommonname;
+
+- if (strstr(capabilities, "STARTTLS")
+- || must_tls(ctl)) /* if TLS is mandatory, ignore capabilities */
++#ifdef SSL_ENABLE
++ if (maybe_starttls(ctl)) {
++ if ((strstr(capabilities, "STARTTLS") && maybe_starttls(ctl))
++ || must_starttls(ctl)) /* if TLS is mandatory, ignore capabilities */
+ {
+- /* Use "tls1" rather than ctl->sslproto because tls1 is the only
+- * protocol that will work with STARTTLS. Don't need to worry
+- * whether TLS is mandatory or opportunistic unless SSLOpen() fails
+- * (see below). */
++ /* Don't need to worry whether TLS is mandatory or
++ * opportunistic unless SSLOpen() fails (see below). */
+ if (gen_transact(sock, "STARTTLS") == PS_SUCCESS
+- && (set_timeout(mytimeout), SSLOpen(sock, ctl->sslcert, ctl->sslkey, "tls1", ctl->sslcertck,
++ && (set_timeout(mytimeout), SSLOpen(sock, ctl->sslcert, ctl->sslkey, ctl->sslproto, ctl->sslcertck,
+ ctl->sslcertfile, ctl->sslcertpath, ctl->sslfingerprint, commonname,
+ ctl->server.pollname, &ctl->remotename)) != -1)
+ {
+@@ -470,7 +468,7 @@ static int imap_getauth(int sock, struct
+ {
+ report(stdout, GT_("%s: upgrade to TLS succeeded.\n"), commonname);
+ }
+- } else if (must_tls(ctl)) {
++ } else if (must_starttls(ctl)) {
+ /* Config required TLS but we couldn't guarantee it, so we must
+ * stop. */
+ set_timeout(0);
+@@ -492,6 +490,10 @@ static int imap_getauth(int sock, struct
+ /* Usable. Proceed with authenticating insecurely. */
+ }
+ }
++ } else {
++ if (strstr(capabilities, "STARTTLS") && outlevel >= O_VERBOSE) {
++ report(stdout, GT_("%s: WARNING: server offered STARTTLS but sslproto '' given.\n"), commonname);
++ }
+ }
+ #endif /* SSL_ENABLE */
+
+--- fetchmail-6.3.26.orig/po/Makevars
++++ fetchmail-6.3.26/po/Makevars
+@@ -46,3 +46,15 @@ MSGID_BUGS_ADDRESS = fetchmail-devel@lis
+ # This is the list of locale categories, beyond LC_MESSAGES, for which the
+ # message catalogs shall be used. It is usually empty.
+ EXTRA_LOCALE_CATEGORIES =
++
++# This tells whether the $(DOMAIN).pot file contains messages with an 'msgctxt'
++# context. Possible values are "yes" and "no". Set this to yes if the
++# package uses functions taking also a message context, like pgettext(), or
++# if in $(XGETTEXT_OPTIONS) you define keywords with a context argument.
++USE_MSGCTXT = no
++
++# These options get passed to msgmerge.
++# Useful options are in particular:
++# --previous to keep previous msgids of translated messages,
++# --quiet to reduce the verbosity.
++MSGMERGE_OPTIONS =
+--- fetchmail-6.3.26.orig/pop3.c
++++ fetchmail-6.3.26/pop3.c
+@@ -281,6 +281,7 @@ static int pop3_getauth(int sock, struct
+ #endif /* OPIE_ENABLE */
+ #ifdef SSL_ENABLE
+ flag connection_may_have_tls_errors = FALSE;
++ char *commonname;
+ #endif /* SSL_ENABLE */
+
+ done_capa = FALSE;
+@@ -393,7 +394,7 @@ static int pop3_getauth(int sock, struct
+ (ctl->server.authenticate == A_KERBEROS_V5) ||
+ (ctl->server.authenticate == A_OTP) ||
+ (ctl->server.authenticate == A_CRAM_MD5) ||
+- maybe_tls(ctl))
++ maybe_starttls(ctl))
+ {
+ if ((ok = capa_probe(sock)) != PS_SUCCESS)
+ /* we are in STAGE_GETAUTH => failure is PS_AUTHFAIL! */
+@@ -406,12 +407,12 @@ static int pop3_getauth(int sock, struct
+ (ok == PS_SOCKET && !ctl->wehaveauthed))
+ {
+ #ifdef SSL_ENABLE
+- if (must_tls(ctl)) {
++ if (must_starttls(ctl)) {
+ /* fail with mandatory STLS without repoll */
+ report(stderr, GT_("TLS is mandatory for this session, but server refused CAPA command.\n"));
+ report(stderr, GT_("The CAPA command is however necessary for TLS.\n"));
+ return ok;
+- } else if (maybe_tls(ctl)) {
++ } else if (maybe_starttls(ctl)) {
+ /* defeat opportunistic STLS */
+ xfree(ctl->sslproto);
+ ctl->sslproto = xstrdup("");
+@@ -431,24 +432,19 @@ static int pop3_getauth(int sock, struct
+ }
+
+ #ifdef SSL_ENABLE
+- if (maybe_tls(ctl)) {
+- char *commonname;
++ commonname = ctl->server.pollname;
++ if (ctl->server.via)
++ commonname = ctl->server.via;
++ if (ctl->sslcommonname)
++ commonname = ctl->sslcommonname;
+
+- commonname = ctl->server.pollname;
+- if (ctl->server.via)
+- commonname = ctl->server.via;
+- if (ctl->sslcommonname)
+- commonname = ctl->sslcommonname;
+-
+- if (has_stls
+- || must_tls(ctl)) /* if TLS is mandatory, ignore capabilities */
++ if (maybe_starttls(ctl)) {
++ if (has_stls || must_starttls(ctl)) /* if TLS is mandatory, ignore capabilities */
+ {
+- /* Use "tls1" rather than ctl->sslproto because tls1 is the only
+- * protocol that will work with STARTTLS. Don't need to worry
+- * whether TLS is mandatory or opportunistic unless SSLOpen() fails
+- * (see below). */
++ /* Don't need to worry whether TLS is mandatory or
++ * opportunistic unless SSLOpen() fails (see below). */
+ if (gen_transact(sock, "STLS") == PS_SUCCESS
+- && (set_timeout(mytimeout), SSLOpen(sock, ctl->sslcert, ctl->sslkey, "tls1", ctl->sslcertck,
++ && (set_timeout(mytimeout), SSLOpen(sock, ctl->sslcert, ctl->sslkey, ctl->sslproto, ctl->sslcertck,
+ ctl->sslcertfile, ctl->sslcertpath, ctl->sslfingerprint, commonname,
+ ctl->server.pollname, &ctl->remotename)) != -1)
+ {
+@@ -475,7 +471,7 @@ static int pop3_getauth(int sock, struct
+ {
+ report(stdout, GT_("%s: upgrade to TLS succeeded.\n"), commonname);
+ }
+- } else if (must_tls(ctl)) {
++ } else if (must_starttls(ctl)) {
+ /* Config required TLS but we couldn't guarantee it, so we must
+ * stop. */
+ set_timeout(0);
+@@ -495,7 +491,11 @@ static int pop3_getauth(int sock, struct
+ }
+ }
+ }
+- } /* maybe_tls() */
++ } else { /* maybe_starttls() */
++ if (has_stls && outlevel >= O_VERBOSE) {
++ report(stdout, GT_("%s: WARNING: server offered STLS, but sslproto '' given.\n"), commonname);
++ }
++ } /* maybe_starttls() */
+ #endif /* SSL_ENABLE */
+
+ /*
+--- fetchmail-6.3.26.orig/socket.c
++++ fetchmail-6.3.26/socket.c
+@@ -876,7 +876,9 @@ int SSLOpen(int sock, char *mycert, char
+ {
+ struct stat randstat;
+ int i;
++ int avoid_ssl_versions = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
+ long sslopts = SSL_OP_ALL;
++ int ssle_connect = 0;
+
+ SSL_load_error_strings();
+ SSL_library_init();
+@@ -906,25 +908,57 @@ int SSLOpen(int sock, char *mycert, char
+ /* Make sure a connection referring to an older context is not left */
+ _ssl_context[sock] = NULL;
+ if(myproto) {
+- if(!strcasecmp("ssl2",myproto)) {
+-#if HAVE_DECL_SSLV2_CLIENT_METHOD + 0 > 0
+- _ctx[sock] = SSL_CTX_new(SSLv2_client_method());
++ if(!strcasecmp("ssl3",myproto)) {
++#if (HAVE_DECL_SSLV3_CLIENT_METHOD > 0) && (0 == OPENSSL_NO_SSL3 + 0)
++ _ctx[sock] = SSL_CTX_new(SSLv3_client_method());
++ avoid_ssl_versions &= ~SSL_OP_NO_SSLv3;
+ #else
+- report(stderr, GT_("Your operating system does not support SSLv2.\n"));
++ report(stderr, GT_("Your OpenSSL version does not support SSLv3.\n"));
+ return -1;
+ #endif
+- } else if(!strcasecmp("ssl3",myproto)) {
+- _ctx[sock] = SSL_CTX_new(SSLv3_client_method());
++ } else if(!strcasecmp("ssl3+",myproto)) {
++ avoid_ssl_versions &= ~SSL_OP_NO_SSLv3;
++ myproto = NULL;
+ } else if(!strcasecmp("tls1",myproto)) {
+ _ctx[sock] = SSL_CTX_new(TLSv1_client_method());
+- } else if (!strcasecmp("ssl23",myproto)) {
++ } else if(!strcasecmp("tls1+",myproto)) {
++ myproto = NULL;
++#if defined(TLS1_1_VERSION) && TLS_MAX_VERSION >= TLS1_1_VERSION
++ } else if(!strcasecmp("tls1.1",myproto)) {
++ _ctx[sock] = SSL_CTX_new(TLSv1_1_client_method());
++ } else if(!strcasecmp("tls1.1+",myproto)) {
++ myproto = NULL;
++ avoid_ssl_versions |= SSL_OP_NO_TLSv1;
++#else
++ } else if(!strcasecmp("tls1.1",myproto) || !strcasecmp("tls1.1+", myproto)) {
++ report(stderr, GT_("Your OpenSSL version does not support TLS v1.1.\n"));
++ return -1;
++#endif
++#if defined(TLS1_2_VERSION) && TLS_MAX_VERSION >= TLS1_2_VERSION
++ } else if(!strcasecmp("tls1.2",myproto)) {
++ _ctx[sock] = SSL_CTX_new(TLSv1_2_client_method());
++ } else if(!strcasecmp("tls1.2+",myproto)) {
++ myproto = NULL;
++ avoid_ssl_versions |= SSL_OP_NO_TLSv1;
++ avoid_ssl_versions |= SSL_OP_NO_TLSv1_1;
++#else
++ } else if(!strcasecmp("tls1.2",myproto) || !strcasecmp("tls1.2+", myproto)) {
++ report(stderr, GT_("Your OpenSSL version does not support TLS v1.2.\n"));
++ return -1;
++#endif
++ } else if (!strcasecmp("ssl23",myproto) || 0 == strcasecmp("auto",myproto)) {
+ myproto = NULL;
+ } else {
+- report(stderr,GT_("Invalid SSL protocol '%s' specified, using default (SSLv23).\n"), myproto);
++ report(stderr,GT_("Invalid SSL protocol '%s' specified, using default autoselect (SSL23).\n"), myproto);
+ myproto = NULL;
+ }
+ }
+- if(!myproto) {
++ // do not combine into an else { } as myproto may be nulled
++ // above!
++ if (!myproto) {
++ // SSLv23 is a misnomer and will in fact use the best
++ // available protocol, subject to SSL_OP_NO*
++ // constraints.
+ _ctx[sock] = SSL_CTX_new(SSLv23_client_method());
+ }
+ if(_ctx[sock] == NULL) {
+@@ -938,7 +972,7 @@ int SSLOpen(int sock, char *mycert, char
+ sslopts &= ~ SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
+ }
+
+- SSL_CTX_set_options(_ctx[sock], sslopts);
++ SSL_CTX_set_options(_ctx[sock], sslopts | avoid_ssl_versions);
+
+ if (certck) {
+ SSL_CTX_set_verify(_ctx[sock], SSL_VERIFY_PEER, SSL_ck_verify_callback);
+@@ -1008,8 +1042,18 @@ int SSLOpen(int sock, char *mycert, char
+ }
+
+ if (SSL_set_fd(_ssl_context[sock], sock) == 0
+- || SSL_connect(_ssl_context[sock]) < 1) {
++ || (ssle_connect = SSL_connect(_ssl_context[sock])) < 1) {
++ int e = errno;
++ unsigned long ssle_err_from_queue = ERR_peek_error();
++ unsigned long ssle_err_from_get_error = SSL_get_error(_ssl_context[sock], ssle_connect);
+ ERR_print_errors_fp(stderr);
++ if (SSL_ERROR_SYSCALL == ssle_err_from_get_error && 0 == ssle_err_from_queue) {
++ if (0 == ssle_connect) {
++ report(stderr, GT_("Server shut down connection prematurely during SSL_connect().\n"));
++ } else if (ssle_connect < 0) {
++ report(stderr, GT_("System error during SSL_connect(): %s\n"), strerror(e));
++ }
++ }
+ SSL_free( _ssl_context[sock] );
+ _ssl_context[sock] = NULL;
+ SSL_CTX_free(_ctx[sock]);
+@@ -1017,6 +1061,24 @@ int SSLOpen(int sock, char *mycert, char
+ return(-1);
+ }
+
++ if (outlevel >= O_VERBOSE) {
++ SSL_CIPHER const *sc;
++ int bitsmax, bitsused;
++
++ const char *ver;
++
++ ver = SSL_get_version(_ssl_context[sock]);
++
++ sc = SSL_get_current_cipher(_ssl_context[sock]);
++ if (!sc) {
++ report (stderr, GT_("Cannot obtain current SSL/TLS cipher - no session established?\n"));
++ } else {
++ bitsused = SSL_CIPHER_get_bits(sc, &bitsmax);
++ report(stdout, GT_("SSL/TLS: using protocol %s, cipher %s, %d/%d secret/processed bits\n"),
++ ver, SSL_CIPHER_get_name(sc), bitsused, bitsmax);
++ }
++ }
++
+ /* Paranoia: was the callback not called as we expected? */
+ if (!_depth0ck) {
+ report(stderr, GT_("Certificate/fingerprint verification was somehow skipped!\n"));
+--- /dev/null
++++ fetchmail-6.3.26/starttls.c
+@@ -0,0 +1,37 @@
++/** \file tls.c - collect common TLS functionality
++ * \author Matthias Andree
++ * \date 2006
++ */
++
++#include "fetchmail.h"
++
++#include
++
++#ifdef HAVE_STRINGS_H
++#include
++#endif
++
++/** return true if user allowed opportunistic STARTTLS/STLS */
++int maybe_starttls(struct query *ctl) {
++#ifdef SSL_ENABLE
++ /* opportunistic or forced TLS */
++ return (!ctl->sslproto || strlen(ctl->sslproto))
++ && !ctl->use_ssl;
++#else
++ (void)ctl;
++ return 0;
++#endif
++}
++
++/** return true if user requires STARTTLS/STLS, note though that this
++ * code must always use a logical AND with maybe_tls(). */
++int must_starttls(struct query *ctl) {
++#ifdef SSL_ENABLE
++ return maybe_starttls(ctl)
++ && (ctl->sslfingerprint || ctl->sslcertck
++ || (ctl->sslproto && !strcasecmp(ctl->sslproto, "tls1")));
++#else
++ (void)ctl;
++ return 0;
++#endif
++}
diff --git a/meta-openembedded/meta-networking/recipes-support/fetchmail/fetchmail_6.3.26.bb b/meta-openembedded/meta-networking/recipes-support/fetchmail/fetchmail_6.3.26.bb
index 1d78288c8..5af5d0df6 100644
--- a/meta-openembedded/meta-networking/recipes-support/fetchmail/fetchmail_6.3.26.bb
+++ b/meta-openembedded/meta-networking/recipes-support/fetchmail/fetchmail_6.3.26.bb
@@ -7,7 +7,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fbb509e0303f5ded1cbfc0cc8705f28c"
DEPENDS = "openssl"
-SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.xz"
+SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.xz \
+ file://02_remove_SSLv3.patch \
+ "
SRC_URI[md5sum] = "61b66faad044afa26e142bb1791aa2b3"
SRC_URI[sha256sum] = "79b4c54cdbaf02c1a9a691d9948fcb1a77a1591a813e904283a8b614b757e850"
diff --git a/meta-openembedded/meta-networking/recipes-support/geoip/geoip-perl_1.50.bb b/meta-openembedded/meta-networking/recipes-support/geoip/geoip-perl_1.50.bb
deleted file mode 100644
index 95147bdad..000000000
--- a/meta-openembedded/meta-networking/recipes-support/geoip/geoip-perl_1.50.bb
+++ /dev/null
@@ -1,35 +0,0 @@
-#
-# Copyright (C) 2014, 2015 Wind River Systems, Inc.
-# Released under the MIT license (see COPYING.MIT for the terms)
-#
-SUMMARY = "GeoIP perl API library to access location database"
-DESCRIPTION = "perl library for country/city/organization to IP address or hostname mapping"
-HOMEPAGE = "http://www.maxmind.com/app/ip-location"
-SECTION = "libdevel"
-LICENSE = "Artistic-1.0 | GPL-1.0+"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=b7a36f55e8ba62aadd74e4f0886a405e"
-
-S = "${WORKDIR}/git"
-SRCREV = "47f7d49bd15cfc2e5f8c0f5c4068dc8bb0e10e96"
-SRC_URI = "git://github.com/maxmind/geoip-api-perl.git;protocol=https; \
- file://run-ptest \
-"
-
-DEPENDS += "geoip"
-
-inherit cpan ptest
-
-EXTRA_CPANFLAGS = "LIBS='-L${STAGING_LIBDIR}' INC='-I${STAGING_INCDIR}'"
-
-
-# perl scripts and some special small data files
-#
-do_install_ptest () {
- install -d -m 0755 ${D}${PTEST_PATH}/t/data
-
- install ${S}/t/*.t* ${D}${PTEST_PATH}/t
- install ${S}/t/data/* ${D}${PTEST_PATH}/t/data
-}
-
-FILES_${PN}-dbg += "${libdir}/perl/vendor_perl/*/auto/Geo/IP/.debug"
-
diff --git a/meta-openembedded/meta-networking/recipes-support/geoip/geoip-perl_1.51.bb b/meta-openembedded/meta-networking/recipes-support/geoip/geoip-perl_1.51.bb
new file mode 100644
index 000000000..ed5c3a979
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/geoip/geoip-perl_1.51.bb
@@ -0,0 +1,35 @@
+#
+# Copyright (C) 2014, 2015 Wind River Systems, Inc.
+# Released under the MIT license (see COPYING.MIT for the terms)
+#
+SUMMARY = "GeoIP perl API library to access location database"
+DESCRIPTION = "perl library for country/city/organization to IP address or hostname mapping"
+HOMEPAGE = "http://www.maxmind.com/app/ip-location"
+SECTION = "libdevel"
+LICENSE = "Artistic-1.0 | GPL-1.0+"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=e4f3ea6e9b28af88dc0321190a1f8250"
+
+S = "${WORKDIR}/git"
+SRCREV = "4cdfdc38eca237c19c22a8b90490446ce6d970fa"
+SRC_URI = "git://github.com/maxmind/geoip-api-perl.git;protocol=https; \
+ file://run-ptest \
+"
+
+DEPENDS += "geoip"
+
+inherit cpan ptest
+
+EXTRA_CPANFLAGS = "LIBS='-L${STAGING_LIBDIR}' INC='-I${STAGING_INCDIR}'"
+
+
+# perl scripts and some special small data files
+#
+do_install_ptest () {
+ install -d -m 0755 ${D}${PTEST_PATH}/t/data
+
+ install ${S}/t/*.t* ${D}${PTEST_PATH}/t
+ install ${S}/t/data/* ${D}${PTEST_PATH}/t/data
+}
+
+FILES_${PN}-dbg += "${libdir}/perl/vendor_perl/*/auto/Geo/IP/.debug"
+
diff --git a/meta-openembedded/meta-networking/recipes-support/geoip/geoip_1.6.11.bb b/meta-openembedded/meta-networking/recipes-support/geoip/geoip_1.6.11.bb
deleted file mode 100644
index 3527d0cba..000000000
--- a/meta-openembedded/meta-networking/recipes-support/geoip/geoip_1.6.11.bb
+++ /dev/null
@@ -1,90 +0,0 @@
-SUMMARY = "C library for country/city/organization to IP address or hostname mapping"
-DESCRIPTION = "GeoIP is a C library that enables the user to find the country that any IP \
-address or hostname originates from. It uses a file based database that is \
-accurate as of March 2003. This database simply contains IP blocks as keys, and \
-countries as values. This database should be more complete and accurate than \
-using reverse DNS lookups."
-
-HOMEPAGE = "http://dev.maxmind.com/geoip/"
-SECTION = "libdevel"
-
-SRC_URI = "git://github.com/maxmind/geoip-api-c.git \
- http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz;apply=no;name=GeoIP-dat \
- http://geolite.maxmind.com/download/geoip/database/GeoIPv6.dat.gz;apply=no;name=GeoIPv6-dat \
- http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz;apply=no;name=GeoLiteCity-dat \
- http://geolite.maxmind.com/download/geoip/database/GeoLiteCityv6-beta/GeoLiteCityv6.dat.gz;apply=no;name=GeoLiteCityv6-dat \
- file://run-ptest \
-"
-SRCREV = "3169a8a88808c8df862e0b0355f99c738cce9f7e"
-
-SRC_URI[GeoIP-dat.md5sum] = "37c84ead332dda0362a5ac7b049b72d4"
-SRC_URI[GeoIP-dat.sha256sum] = "79ff1099e96c2dc1c2539c9a18aaa13a9afd085cae477df60d95f1644d42bc07"
-
-SRC_URI[GeoIPv6-dat.md5sum] = "e75b84a4044e81d6d4484e33816bc762"
-SRC_URI[GeoIPv6-dat.sha256sum] = "a009b0f21968d2868e6dd19d14f3c3b8cd60ae84a4bfc2970df34d771a04811e"
-
-SRC_URI[GeoLiteCity-dat.md5sum] = "4b6588d0bfe1af22e267ac90aa97f769"
-SRC_URI[GeoLiteCity-dat.sha256sum] = "8a6467033a528f68b1a97de24d9d0ce86c8e8e83683820e16e433ddbd3f712f7"
-
-SRC_URI[GeoLiteCityv6-dat.md5sum] = "ad0cb42518af7f752499425dca0952bb"
-SRC_URI[GeoLiteCityv6-dat.sha256sum] = "eda67f4204ba9fa5204a53cdb629167cca9394c712f5378bc723a8c29c0b440f"
-
-LICENSE = "LGPL-2.1"
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=243b725d71bb5df4a1e5920b344b86ad \
- file://LICENSE;md5=0388276749a542b0d611601fa7c1dcc8 "
-
-S = "${WORKDIR}/git"
-
-inherit autotools
-
-EXTRA_OECONF = "--disable-static \
- --disable-dependency-tracking "
-
-do_install() {
- make DESTDIR=${D} install
- install -d ${D}/${datadir}/GeoIP
- install ${WORKDIR}/GeoIP.dat ${D}/${datadir}/GeoIP/
- install ${WORKDIR}/GeoIPv6.dat ${D}/${datadir}/GeoIP/
- install ${WORKDIR}/GeoLiteCity.dat ${D}/${datadir}/GeoIP/
- install ${WORKDIR}/GeoLiteCityv6.dat ${D}/${datadir}/GeoIP/
- ln -s GeoLiteCity.dat ${D}${datadir}/GeoIP/GeoIPCity.dat
-}
-
-PACKAGES =+ "${PN}-database"
-FILES_${PN}-database = ""
-FILES_${PN}-database += "${datadir}/GeoIP/*"
-
-# We cannot do much looking up without databases.
-#
-RDEPENDS_${PN} += "${PN}-database"
-
-inherit ptest
-
-do_configure_ptest() {
- sed -i -e "s/noinst_PROGRAMS = /test_PROGRAMS = /g" \
- -e 's:SRCDIR=\\"$(top_srcdir)\\":SRCDIR=\\"$(testdir)\\":' \
- ${S}/test/Makefile.am
-
- if ! grep "^testdir = " ${S}/test/Makefile.am ; then
- sed -e '/EXTRA_PROGRAMS = /itestdir = ${PTEST_PATH}/tests' \
- -i ${S}/test/Makefile.am
- fi
-
- sed -i -e "s:/usr/local/share:/usr/share:g" \
- ${S}/test/benchmark.c
-
- sed -i -e 's:"../data/:"/usr/share/GeoIP/:g' \
- ${S}/test/test-geoip-city.c \
- ${S}/test/test-geoip-isp.c \
- ${S}/test/test-geoip-asnum.c \
- ${S}/test/test-geoip-netspeed.c \
- ${S}/test/test-geoip-org.c \
- ${S}/test/test-geoip-region.c
-}
-
-
-do_install_ptest() {
- oe_runmake -C test DESTDIR=${D} install-testPROGRAMS
- install ${S}/test/*.txt ${D}${PTEST_PATH}/tests
-}
diff --git a/meta-openembedded/meta-networking/recipes-support/geoip/geoip_1.6.12.bb b/meta-openembedded/meta-networking/recipes-support/geoip/geoip_1.6.12.bb
new file mode 100644
index 000000000..4271c2e15
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/geoip/geoip_1.6.12.bb
@@ -0,0 +1,92 @@
+SUMMARY = "C library for country/city/organization to IP address or hostname mapping"
+DESCRIPTION = "GeoIP is a C library that enables the user to find the country that any IP \
+address or hostname originates from. It uses a file based database that is \
+accurate as of March 2003. This database simply contains IP blocks as keys, and \
+countries as values. This database should be more complete and accurate than \
+using reverse DNS lookups."
+
+HOMEPAGE = "http://dev.maxmind.com/geoip/"
+SECTION = "libdevel"
+
+GEOIP_DATABASE_VERSION = "20181205"
+
+SRC_URI = "git://github.com/maxmind/geoip-api-c.git \
+ http://sources.openembedded.org/GeoIP.dat.${GEOIP_DATABASE_VERSION}.gz;apply=no;name=GeoIP-dat; \
+ http://sources.openembedded.org/GeoIPv6.dat.${GEOIP_DATABASE_VERSION}.gz;apply=no;name=GeoIPv6-dat; \
+ http://sources.openembedded.org/GeoLiteCity.dat.${GEOIP_DATABASE_VERSION}.gz;apply=no;name=GeoLiteCity-dat; \
+ http://sources.openembedded.org/GeoLiteCityv6.dat.${GEOIP_DATABASE_VERSION}.gz;apply=no;name=GeoLiteCityv6-dat; \
+ file://run-ptest \
+"
+SRCREV = "4b526e7331ca1d692b74a0509ddcc725622ed31a"
+
+SRC_URI[GeoIP-dat.md5sum] = "d538e57ad9268fdc7955c6cf9a37c4a9"
+SRC_URI[GeoIP-dat.sha256sum] = "b9c05eb8bfcf90a6ddfdc6815caf40a8db2710f0ce3dd48fbd6c24d485ae0449"
+
+SRC_URI[GeoIPv6-dat.md5sum] = "52d6aa0aac1adbfa5eb7fa4742197c11"
+SRC_URI[GeoIPv6.sha256sum] = "416ac92fcc35a21d5efbb32e5c88e609c37aec1aa1af6247d088b8da1af6e9bf"
+
+SRC_URI[GeoLiteCity-dat.md5sum] = "d700c137232f8e077ac8db8577f699d9"
+SRC_URI[GeoLiteCity-dat.sha256sum] = "90db2e52195e3d1bcdb2c2789209006d09de5c742812dbd9a1b36c12675ec4cd"
+
+SRC_URI[GeoLiteCityv6-dat.md5sum] = "6734ccdc644fc0ba76eb276dce73d005"
+SRC_URI[GeoLiteCityv6-dat.sha256sum] = "c95a9d2643b7f53d7abeed2114388870e13fbbad4653f450a49efa7e4b86aca4"
+
+LICENSE = "LGPL-2.1"
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=243b725d71bb5df4a1e5920b344b86ad \
+ file://LICENSE;md5=0388276749a542b0d611601fa7c1dcc8 "
+
+S = "${WORKDIR}/git"
+
+inherit autotools
+
+EXTRA_OECONF = "--disable-static \
+ --disable-dependency-tracking "
+
+do_install() {
+ make DESTDIR=${D} install
+ install -d ${D}/${datadir}/GeoIP
+ install ${WORKDIR}/GeoIP.dat.${GEOIP_DATABASE_VERSION} ${D}/${datadir}/GeoIP/GeoIP.dat
+ install ${WORKDIR}/GeoIPv6.dat.${GEOIP_DATABASE_VERSION} ${D}/${datadir}/GeoIP/GeoIPv6.dat
+ install ${WORKDIR}/GeoLiteCity.dat.${GEOIP_DATABASE_VERSION} ${D}/${datadir}/GeoIP/GeoLiteCity.dat
+ install ${WORKDIR}/GeoLiteCityv6.dat.${GEOIP_DATABASE_VERSION} ${D}/${datadir}/GeoIP/GeoLiteCityv6.dat
+ ln -s GeoLiteCity.dat ${D}${datadir}/GeoIP/GeoIPCity.dat
+}
+
+PACKAGES =+ "${PN}-database"
+FILES_${PN}-database = ""
+FILES_${PN}-database += "${datadir}/GeoIP/*"
+
+# We cannot do much looking up without databases.
+#
+RDEPENDS_${PN} += "${PN}-database"
+
+inherit ptest
+
+do_configure_ptest() {
+ sed -i -e "s/noinst_PROGRAMS = /test_PROGRAMS = /g" \
+ -e 's:SRCDIR=\\"$(top_srcdir)\\":SRCDIR=\\"$(testdir)\\":' \
+ ${S}/test/Makefile.am
+
+ if ! grep "^testdir = " ${S}/test/Makefile.am ; then
+ sed -e '/EXTRA_PROGRAMS = /itestdir = ${PTEST_PATH}/tests' \
+ -i ${S}/test/Makefile.am
+ fi
+
+ sed -i -e "s:/usr/local/share:/usr/share:g" \
+ ${S}/test/benchmark.c
+
+ sed -i -e 's:"../data/:"/usr/share/GeoIP/:g' \
+ ${S}/test/test-geoip-city.c \
+ ${S}/test/test-geoip-isp.c \
+ ${S}/test/test-geoip-asnum.c \
+ ${S}/test/test-geoip-netspeed.c \
+ ${S}/test/test-geoip-org.c \
+ ${S}/test/test-geoip-region.c
+}
+
+
+do_install_ptest() {
+ oe_runmake -C test DESTDIR=${D} install-testPROGRAMS
+ install ${S}/test/*.txt ${D}${PTEST_PATH}/tests
+}
diff --git a/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate/0001-Make-environment-variables-assignments-to-be-weak.patch b/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate/0001-Make-environment-variables-assignments-to-be-weak.patch
new file mode 100644
index 000000000..0ee44c162
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate/0001-Make-environment-variables-assignments-to-be-weak.patch
@@ -0,0 +1,31 @@
+From 04603f52d793f964653e6a985944400fe4fa87ee Mon Sep 17 00:00:00 2001
+From: Khem Raj
+Date: Wed, 13 Jun 2018 17:50:20 -0700
+Subject: [PATCH] Make environment variables assignments to be weak
+
+So that OE can override them for cross builds
+
+Signed-off-by: Khem Raj
+---
+ Makefile | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/Makefile b/Makefile
+index 1c80c09..884126c 100644
+--- a/Makefile
++++ b/Makefile
+@@ -2,11 +2,11 @@ prefix = $(DESTDIR)/usr
+ bindir = ${prefix}/bin
+ mandir = ${prefix}/share/man
+
+-CC = gcc
++CC ?= gcc
+ CFLAGS += -Wall -std=c99 -pedantic -O2
+
+-INSTALL = /usr/bin/install -c
+-STRIP = /usr/bin/strip -s
++INSTALL ?= /usr/bin/install -c
++STRIP ?= /usr/bin/strip -s
+
+ all: htpdate
+
diff --git a/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate/0001-Replace-ntp_adjtime-with-adjtimex.patch b/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate/0001-Replace-ntp_adjtime-with-adjtimex.patch
new file mode 100644
index 000000000..cca8c6c36
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate/0001-Replace-ntp_adjtime-with-adjtimex.patch
@@ -0,0 +1,40 @@
+From 75646a2d2df14fdbc4a01e222a779afac94861d1 Mon Sep 17 00:00:00 2001
+From: Khem Raj
+Date: Thu, 14 Jun 2018 20:11:08 -0700
+Subject: [PATCH] Replace ntp_adjtime with adjtimex.
+
+ntp_adjtime in glibc is an alias to adjtimex and
+musl does not provide ntp_adjtime at all
+
+Signed-off-by: Khem Raj
+---
+Upstream-Status: Pending
+
+ htpdate.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/htpdate.c b/htpdate.c
+index 4171efe..ff0bf8d 100644
+--- a/htpdate.c
++++ b/htpdate.c
+@@ -391,7 +391,7 @@ static int htpdate_adjtimex( double drift ) {
+
+ /* Read current kernel frequency */
+ tmx.modes = 0;
+- ntp_adjtime(&tmx);
++ adjtimex(&tmx);
+
+ /* Calculate new frequency */
+ freq = (long)(65536e6 * drift);
+@@ -406,7 +406,7 @@ static int htpdate_adjtimex( double drift ) {
+
+ /* Become root */
+ swuid(0);
+- return( ntp_adjtime(&tmx) );
++ return( adjtimex(&tmx) );
+
+ }
+
+--
+2.17.1
+
diff --git a/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate_1.2.0.bb b/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate_1.2.0.bb
new file mode 100644
index 000000000..eb6787846
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/htpdate/htpdate_1.2.0.bb
@@ -0,0 +1,39 @@
+# Copyright (C) 2018 Khem Raj
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+SUMMARY = "HTTP based time synchronization tool"
+
+DESCRIPTION = "The HTTP Time Protocol (HTP) is used to synchronize a computer's time with\
+ web servers as reference time source. This program can be used instead\
+ ntpdate or similar, in networks that has a firewall blocking the NTP port.\
+ Htpdate will synchronize the computer time to Greenwich Mean Time (GMT),\
+ using the timestamps from HTTP headers found in web servers response (the\
+ HEAD method will be used to get the information).\
+ Htpdate works through proxy servers. Accuracy of htpdate will be usually\
+ within 0.5 seconds (better with multiple servers).\
+"
+
+HOMEPAGE = "http://www.vervest.org/htp/"
+
+LICENSE = "GPL-2.0+"
+LIC_FILES_CHKSUM = "file://htpdate.c;beginline=26;endline=30;md5=d7018a4d2c5a6eab392709a05e5e168a"
+
+SRC_URI = "http://www.vervest.org/htp/archive/c/htpdate-${PV}.tar.xz \
+ file://0001-Make-environment-variables-assignments-to-be-weak.patch \
+ file://0001-Replace-ntp_adjtime-with-adjtimex.patch \
+ "
+SRC_URI[md5sum] = "9d5ca69be06edf5d535b52b5f790da4e"
+SRC_URI[sha256sum] = "22b2cf3ec45b0eedecddd3ad2a3d754ac57942ae7dcbac410d254935f0bdbc03"
+
+do_configure () {
+ :
+}
+
+do_compile () {
+ oe_runmake
+}
+
+do_install () {
+ oe_runmake install 'INSTALL=install' 'STRIP=echo' 'DESTDIR=${D}'
+}
+
diff --git a/meta-openembedded/meta-networking/recipes-support/ifenslave/ifenslave_2.9.bb b/meta-openembedded/meta-networking/recipes-support/ifenslave/ifenslave_2.9.bb
index ea28b34aa..125b59e76 100644
--- a/meta-openembedded/meta-networking/recipes-support/ifenslave/ifenslave_2.9.bb
+++ b/meta-openembedded/meta-networking/recipes-support/ifenslave/ifenslave_2.9.bb
@@ -5,9 +5,11 @@ SECTION = "net"
LICENSE = "GPLv3"
LIC_FILES_CHKSUM = "file://debian/copyright;md5=acc89812938cf9ad6b1debc37cea0253"
+inherit manpages
+MAN_PKG = "${PN}"
SRCREV = "42bfbb9beb924672ca86b86e9679ac3d6b87d992"
-SRC_URI = "git://anonscm.debian.org/collab-maint/ifenslave.git"
+SRC_URI = "git://salsa.debian.org/debian/ifenslave.git;protocol=https"
S = "${WORKDIR}/git"
@@ -23,5 +25,3 @@ do_install() {
FILES_${PN}-doc_remove = "${mandir}"
FILES_${PN} += "${mandir}/man8/ifenslave.8"
-
-RDEPENDS_${PN} = "man"
diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-Disable-gcc8-specific-warnings.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-Disable-gcc8-specific-warnings.patch
new file mode 100644
index 000000000..11a910393
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-Disable-gcc8-specific-warnings.patch
@@ -0,0 +1,86 @@
+From 282d492e4cab7b4d9c7321f4c0c55b615948e280 Mon Sep 17 00:00:00 2001
+From: Khem Raj
+Date: Fri, 11 May 2018 14:09:17 -0700
+Subject: [PATCH] Disable gcc8 specific warnings
+
+Signed-off-by: Khem Raj
+---
+ src/libipsec/ipsec_dump_policy.c | 5 +++++
+ src/libipsec/pfkey_dump.c | 5 +++++
+ src/racoon/isakmp.c | 11 ++++++++++-
+ 3 files changed, 20 insertions(+), 1 deletion(-)
+
+diff --git a/src/libipsec/ipsec_dump_policy.c b/src/libipsec/ipsec_dump_policy.c
+index 4d0eb77..c3fc842 100644
+--- a/src/libipsec/ipsec_dump_policy.c
++++ b/src/libipsec/ipsec_dump_policy.c
+@@ -275,6 +275,10 @@ ipsec_dump_policy1(policy, delimiter, withports)
+ return buf;
+ }
+
++#pragma GCC diagnostic push
++#if defined(__GNUC__) && (__GNUC__ >= 8)
++#pragma GCC diagnostic ignored "-Wformat-truncation"
++#endif
+ static char *
+ ipsec_dump_ipsecrequest(buf, len, xisr, bound, withports)
+ char *buf;
+@@ -419,3 +423,4 @@ set_address(buf, len, sa, withports)
+
+ return buf;
+ }
++#pragma GCC diagnostic pop
+diff --git a/src/libipsec/pfkey_dump.c b/src/libipsec/pfkey_dump.c
+index 4627ebc..451e535 100644
+--- a/src/libipsec/pfkey_dump.c
++++ b/src/libipsec/pfkey_dump.c
+@@ -691,6 +691,10 @@ str_ipport(sa)
+ /*
+ * set "/prefix[port number]" to buffer.
+ */
++#pragma GCC diagnostic push
++#if defined(__GNUC__) && (__GNUC__ >= 8)
++#pragma GCC diagnostic ignored "-Wformat-truncation"
++#endif
+ static char *
+ str_prefport(family, pref, port, ulp)
+ u_int family, pref, port, ulp;
+@@ -735,6 +739,7 @@ str_prefport(family, pref, port, ulp)
+
+ return buf;
+ }
++#pragma GCC diagnostic pop
+
+ static void
+ str_upperspec(ulp, p1, p2)
+diff --git a/src/racoon/isakmp.c b/src/racoon/isakmp.c
+index 7ff53a3..4addf24 100644
+--- a/src/racoon/isakmp.c
++++ b/src/racoon/isakmp.c
+@@ -3124,7 +3124,12 @@ script_hook(iph1, script)
+ #endif
+
+ /* local address */
++#pragma GCC diagnostic push
++#if defined(__GNUC__) && (__GNUC__ >= 8)
++#pragma GCC diagnostic ignored "-Wstringop-truncation"
++#endif
+ GETNAMEINFO(iph1->local, addrstr, portstr);
++#pragma GCC diagnostic pop
+
+ if (script_env_append(&envp, &envc, "LOCAL_ADDR", addrstr) != 0) {
+ plog(LLV_ERROR, LOCATION, NULL, "Cannot set LOCAL_ADDR\n");
+@@ -3138,8 +3143,12 @@ script_hook(iph1, script)
+
+ /* Peer address */
+ if (iph1->remote != NULL) {
++#pragma GCC diagnostic push
++#if defined(__GNUC__) && (__GNUC__ >= 8)
++#pragma GCC diagnostic ignored "-Wstringop-truncation"
++#endif
+ GETNAMEINFO(iph1->remote, addrstr, portstr);
+-
++#pragma GCC diagnostic pop
+ if (script_env_append(&envp, &envc,
+ "REMOTE_ADDR", addrstr) != 0) {
+ plog(LLV_ERROR, LOCATION, NULL,
diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-ipsec-tools-add-openssl-1.1-support.patch b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-ipsec-tools-add-openssl-1.1-support.patch
new file mode 100644
index 000000000..228274436
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools/0001-ipsec-tools-add-openssl-1.1-support.patch
@@ -0,0 +1,1086 @@
+From b572350a922187d43dd4629c3b43e19979fae3ef Mon Sep 17 00:00:00 2001
+From: Eneas U de Queiroz
+Date: Tue, 25 Sep 2018 15:30:04 +0800
+Subject: [PATCH] ipsec-tools: add openssl 1.1 support
+
+To: equeiroz@troianet.com.br
+
+This patch updates the calls to openssl 1.1 API, and adds a
+compatibility layer so it compiles with (at least) openssl 1.0.2, I
+haven't tested it with lower versions, but all that's needed is to edit
+the openssl_compat.* files and add the missing functions there--they're
+usually trivial.
+
+Signed-off-by: Eneas U de Queiroz
+
+Upstream-Status: Submitted [https://sourceforge.net/p/ipsec-tools/mailman/message/36327963/]
+https://github.com/openwrt/packages/blob/master/net/ipsec-tools/patches/015-openssl-1.1.patch
+
+Signed-off-by: Hongxu Jia
+---
+ src/racoon/Makefile.am | 10 +--
+ src/racoon/algorithm.c | 6 +-
+ src/racoon/crypto_openssl.c | 197 +++++++++++++++++++++-------------------
+ src/racoon/crypto_openssl.h | 2 +-
+ src/racoon/eaytest.c | 7 +-
+ src/racoon/ipsec_doi.c | 2 +-
+ src/racoon/openssl_compat.c | 213 ++++++++++++++++++++++++++++++++++++++++++++
+ src/racoon/openssl_compat.h | 45 ++++++++++
+ src/racoon/plainrsa-gen.c | 41 +++++----
+ src/racoon/prsa_par.y | 28 ++++--
+ src/racoon/rsalist.c | 5 +-
+ 11 files changed, 430 insertions(+), 126 deletions(-)
+ create mode 100644 src/racoon/openssl_compat.c
+ create mode 100644 src/racoon/openssl_compat.h
+
+diff --git a/src/racoon/Makefile.am b/src/racoon/Makefile.am
+index 0662957..272b009 100644
+--- a/src/racoon/Makefile.am
++++ b/src/racoon/Makefile.am
+@@ -4,7 +4,7 @@ sbin_PROGRAMS = racoon racoonctl plainrsa-gen
+ noinst_PROGRAMS = eaytest
+ include_racoon_HEADERS = racoonctl.h var.h vmbuf.h misc.h gcmalloc.h admin.h \
+ schedule.h sockmisc.h isakmp_var.h isakmp.h isakmp_xauth.h \
+- isakmp_cfg.h isakmp_unity.h ipsec_doi.h evt.h
++ isakmp_cfg.h isakmp_unity.h ipsec_doi.h evt.h openssl_compat.h
+ lib_LTLIBRARIES = libracoon.la
+
+ adminsockdir=${localstatedir}/racoon
+@@ -32,7 +32,7 @@ racoon_SOURCES = \
+ gssapi.c dnssec.c getcertsbyname.c privsep.c \
+ pfkey.c admin.c evt.c ipsec_doi.c oakley.c grabmyaddr.c vendorid.c \
+ policy.c localconf.c remoteconf.c crypto_openssl.c algorithm.c \
+- proposal.c sainfo.c strnames.c \
++ openssl_compat.c proposal.c sainfo.c strnames.c \
+ plog.c logger.c schedule.c str2val.c \
+ safefile.c backupsa.c genlist.c rsalist.c \
+ cftoken.l cfparse.y prsa_tok.l prsa_par.y
+@@ -51,12 +51,12 @@ libracoon_la_SOURCES = kmpstat.c vmbuf.c sockmisc.c misc.c
+ libracoon_la_CFLAGS = -DNOUSE_PRIVSEP $(AM_CFLAGS)
+
+ plainrsa_gen_SOURCES = plainrsa-gen.c plog.c \
+- crypto_openssl.c logger.c
++ crypto_openssl.c logger.c openssl_compat.c
+ EXTRA_plainrsa_gen_SOURCES = $(MISSING_ALGOS)
+ plainrsa_gen_LDADD = $(CRYPTOBJS) vmbuf.o misc.o
+ plainrsa_gen_DEPENDENCIES = $(CRYPTOBJS) vmbuf.o misc.o
+
+-eaytest_SOURCES = eaytest.c plog.c logger.c
++eaytest_SOURCES = eaytest.c plog.c logger.c openssl_compat.c
+ EXTRA_eaytest_SOURCES = missing/crypto/sha2/sha2.c
+ eaytest_LDADD = crypto_openssl_test.o vmbuf.o str2val.o misc_noplog.o \
+ $(CRYPTOBJS)
+@@ -75,7 +75,7 @@ noinst_HEADERS = \
+ debugrm.h isakmp.h misc.h sainfo.h \
+ dhgroup.h isakmp_agg.h netdb_dnssec.h schedule.h \
+ isakmp_cfg.h isakmp_xauth.h isakmp_unity.h isakmp_frag.h \
+- throttle.h privsep.h \
++ throttle.h privsep.h openssl_compat.h \
+ cfparse_proto.h cftoken_proto.h genlist.h rsalist.h \
+ missing/crypto/sha2/sha2.h missing/crypto/rijndael/rijndael_local.h \
+ missing/crypto/rijndael/rijndael-api-fst.h \
+diff --git a/src/racoon/algorithm.c b/src/racoon/algorithm.c
+index 3fd50f6..66c874b 100644
+--- a/src/racoon/algorithm.c
++++ b/src/racoon/algorithm.c
+@@ -128,7 +128,7 @@ static struct enc_algorithm oakley_encdef[] = {
+ { "aes", algtype_aes, OAKLEY_ATTR_ENC_ALG_AES, 16,
+ eay_aes_encrypt, eay_aes_decrypt,
+ eay_aes_weakkey, eay_aes_keylen, },
+-#ifdef HAVE_OPENSSL_CAMELLIA_H
++#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA)
+ { "camellia", algtype_camellia, OAKLEY_ATTR_ENC_ALG_CAMELLIA, 16,
+ eay_camellia_encrypt, eay_camellia_decrypt,
+ eay_camellia_weakkey, eay_camellia_keylen, },
+@@ -168,7 +168,7 @@ static struct enc_algorithm ipsec_encdef[] = {
+ { "twofish", algtype_twofish, IPSECDOI_ESP_TWOFISH, 16,
+ NULL, NULL,
+ NULL, eay_twofish_keylen, },
+-#ifdef HAVE_OPENSSL_IDEA_H
++#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA)
+ { "3idea", algtype_3idea, IPSECDOI_ESP_3IDEA, 8,
+ NULL, NULL,
+ NULL, NULL, },
+@@ -179,7 +179,7 @@ static struct enc_algorithm ipsec_encdef[] = {
+ { "rc4", algtype_rc4, IPSECDOI_ESP_RC4, 8,
+ NULL, NULL,
+ NULL, NULL, },
+-#ifdef HAVE_OPENSSL_CAMELLIA_H
++#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA)
+ { "camellia", algtype_camellia, IPSECDOI_ESP_CAMELLIA, 16,
+ NULL, NULL,
+ NULL, eay_camellia_keylen, },
+diff --git a/src/racoon/crypto_openssl.c b/src/racoon/crypto_openssl.c
+index 55b076a..8fb358f 100644
+--- a/src/racoon/crypto_openssl.c
++++ b/src/racoon/crypto_openssl.c
+@@ -90,6 +90,7 @@
+ #endif
+ #endif
+ #include "plog.h"
++#include "openssl_compat.h"
+
+ #define USE_NEW_DES_API
+
+@@ -316,9 +317,12 @@ eay_cmp_asn1dn(n1, n2)
+ i = idx+1;
+ goto end;
+ }
+- if ((ea->value->length == 1 && ea->value->data[0] == '*') ||
+- (eb->value->length == 1 && eb->value->data[0] == '*')) {
+- if (OBJ_cmp(ea->object,eb->object)) {
++ ASN1_STRING *sa = X509_NAME_ENTRY_get_data(ea);
++ ASN1_STRING *sb = X509_NAME_ENTRY_get_data(eb);
++ if ((ASN1_STRING_length(sa) == 1 && ASN1_STRING_get0_data(sa)[0] == '*') ||
++ (ASN1_STRING_length(sb) == 1 && ASN1_STRING_get0_data(sb)[0] == '*')) {
++ if (OBJ_cmp(X509_NAME_ENTRY_get_object(ea),
++ X509_NAME_ENTRY_get_object(eb))) {
+ i = idx+1;
+ goto end;
+ }
+@@ -430,7 +434,7 @@ cb_check_cert_local(ok, ctx)
+
+ if (!ok) {
+ X509_NAME_oneline(
+- X509_get_subject_name(ctx->current_cert),
++ X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)),
+ buf,
+ 256);
+ /*
+@@ -438,7 +442,8 @@ cb_check_cert_local(ok, ctx)
+ * ok if they are self signed. But we should still warn
+ * the user.
+ */
+- switch (ctx->error) {
++ int ctx_error = X509_STORE_CTX_get_error(ctx);
++ switch (ctx_error) {
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+ case X509_V_ERR_INVALID_CA:
+@@ -453,9 +458,9 @@ cb_check_cert_local(ok, ctx)
+ }
+ plog(log_tag, LOCATION, NULL,
+ "%s(%d) at depth:%d SubjectName:%s\n",
+- X509_verify_cert_error_string(ctx->error),
+- ctx->error,
+- ctx->error_depth,
++ X509_verify_cert_error_string(ctx_error),
++ ctx_error,
++ X509_STORE_CTX_get_error_depth(ctx),
+ buf);
+ }
+ ERR_clear_error();
+@@ -477,10 +482,11 @@ cb_check_cert_remote(ok, ctx)
+
+ if (!ok) {
+ X509_NAME_oneline(
+- X509_get_subject_name(ctx->current_cert),
++ X509_get_subject_name(X509_STORE_CTX_get_current_cert(ctx)),
+ buf,
+ 256);
+- switch (ctx->error) {
++ int ctx_error=X509_STORE_CTX_get_error(ctx);
++ switch (ctx_error) {
+ case X509_V_ERR_UNABLE_TO_GET_CRL:
+ ok = 1;
+ log_tag = LLV_WARNING;
+@@ -490,9 +496,9 @@ cb_check_cert_remote(ok, ctx)
+ }
+ plog(log_tag, LOCATION, NULL,
+ "%s(%d) at depth:%d SubjectName:%s\n",
+- X509_verify_cert_error_string(ctx->error),
+- ctx->error,
+- ctx->error_depth,
++ X509_verify_cert_error_string(ctx_error),
++ ctx_error,
++ X509_STORE_CTX_get_error_depth(ctx),
+ buf);
+ }
+ ERR_clear_error();
+@@ -516,14 +522,15 @@ eay_get_x509asn1subjectname(cert)
+ if (x509 == NULL)
+ goto error;
+
++ X509_NAME *subject_name = X509_get_subject_name(x509);
+ /* get the length of the name */
+- len = i2d_X509_NAME(x509->cert_info->subject, NULL);
++ len = i2d_X509_NAME(subject_name, NULL);
+ name = vmalloc(len);
+ if (!name)
+ goto error;
+ /* get the name */
+ bp = (unsigned char *) name->v;
+- len = i2d_X509_NAME(x509->cert_info->subject, &bp);
++ len = i2d_X509_NAME(subject_name, &bp);
+
+ X509_free(x509);
+
+@@ -661,15 +668,16 @@ eay_get_x509asn1issuername(cert)
+ if (x509 == NULL)
+ goto error;
+
++ X509_NAME *issuer_name = X509_get_issuer_name(x509);
+ /* get the length of the name */
+- len = i2d_X509_NAME(x509->cert_info->issuer, NULL);
++ len = i2d_X509_NAME(issuer_name, NULL);
+ name = vmalloc(len);
+ if (name == NULL)
+ goto error;
+
+ /* get the name */
+ bp = (unsigned char *) name->v;
+- len = i2d_X509_NAME(x509->cert_info->issuer, &bp);
++ len = i2d_X509_NAME(issuer_name, &bp);
+
+ X509_free(x509);
+
+@@ -850,7 +858,7 @@ eay_check_x509sign(source, sig, cert)
+ return -1;
+ }
+
+- res = eay_rsa_verify(source, sig, evp->pkey.rsa);
++ res = eay_rsa_verify(source, sig, EVP_PKEY_get0_RSA(evp));
+
+ EVP_PKEY_free(evp);
+ X509_free(x509);
+@@ -992,7 +1000,7 @@ eay_get_x509sign(src, privkey)
+ if (evp == NULL)
+ return NULL;
+
+- sig = eay_rsa_sign(src, evp->pkey.rsa);
++ sig = eay_rsa_sign(src, EVP_PKEY_get0_RSA(evp));
+
+ EVP_PKEY_free(evp);
+
+@@ -1079,7 +1087,11 @@ eay_strerror()
+ int line, flags;
+ unsigned long es;
+
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
++ es = 0; /* even when allowed by OPENSSL_API_COMPAT, it is defined as 0 */
++#else
+ es = CRYPTO_thread_id();
++#endif
+
+ while ((l = ERR_get_error_line_data(&file, &line, &data, &flags)) != 0){
+ n = snprintf(ebuf + len, sizeof(ebuf) - len,
+@@ -1100,7 +1112,7 @@ vchar_t *
+ evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc)
+ {
+ vchar_t *res;
+- EVP_CIPHER_CTX ctx;
++ EVP_CIPHER_CTX *ctx;
+
+ if (!e)
+ return NULL;
+@@ -1111,7 +1123,7 @@ evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc
+ if ((res = vmalloc(data->l)) == NULL)
+ return NULL;
+
+- EVP_CIPHER_CTX_init(&ctx);
++ ctx = EVP_CIPHER_CTX_new();
+
+ switch(EVP_CIPHER_nid(e)){
+ case NID_bf_cbc:
+@@ -1125,54 +1137,41 @@ evp_crypt(vchar_t *data, vchar_t *key, vchar_t *iv, const EVP_CIPHER *e, int enc
+ /* XXX: can we do that also for algos with a fixed key size ?
+ */
+ /* init context without key/iv
+- */
+- if (!EVP_CipherInit(&ctx, e, NULL, NULL, enc))
+- {
+- OpenSSL_BUG();
+- vfree(res);
+- return NULL;
+- }
++ */
++ if (!EVP_CipherInit(ctx, e, NULL, NULL, enc))
++ goto out;
+
+- /* update key size
+- */
+- if (!EVP_CIPHER_CTX_set_key_length(&ctx, key->l))
+- {
+- OpenSSL_BUG();
+- vfree(res);
+- return NULL;
+- }
+-
+- /* finalize context init with desired key size
+- */
+- if (!EVP_CipherInit(&ctx, NULL, (u_char *) key->v,
++ /* update key size
++ */
++ if (!EVP_CIPHER_CTX_set_key_length(ctx, key->l))
++ goto out;
++
++ /* finalize context init with desired key size
++ */
++ if (!EVP_CipherInit(ctx, NULL, (u_char *) key->v,
+ (u_char *) iv->v, enc))
+- {
+- OpenSSL_BUG();
+- vfree(res);
+- return NULL;
+- }
++ goto out;
+ break;
+ default:
+- if (!EVP_CipherInit(&ctx, e, (u_char *) key->v,
+- (u_char *) iv->v, enc)) {
+- OpenSSL_BUG();
+- vfree(res);
+- return NULL;
+- }
++ if (!EVP_CipherInit(ctx, e, (u_char *) key->v,
++ (u_char *) iv->v, enc))
++ goto out;
+ }
+
+ /* disable openssl padding */
+- EVP_CIPHER_CTX_set_padding(&ctx, 0);
++ EVP_CIPHER_CTX_set_padding(ctx, 0);
+
+- if (!EVP_Cipher(&ctx, (u_char *) res->v, (u_char *) data->v, data->l)) {
+- OpenSSL_BUG();
+- vfree(res);
+- return NULL;
+- }
++ if (!EVP_Cipher(ctx, (u_char *) res->v, (u_char *) data->v, data->l))
++ goto out;
+
+- EVP_CIPHER_CTX_cleanup(&ctx);
++ EVP_CIPHER_CTX_free(ctx);
+
+ return res;
++out:
++ EVP_CIPHER_CTX_free(ctx);
++ OpenSSL_BUG();
++ vfree(res);
++ return NULL;
+ }
+
+ int
+@@ -1230,7 +1229,7 @@ eay_des_keylen(len)
+ return evp_keylen(len, EVP_des_cbc());
+ }
+
+-#ifdef HAVE_OPENSSL_IDEA_H
++#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA)
+ /*
+ * IDEA-CBC
+ */
+@@ -1587,7 +1586,7 @@ eay_aes_keylen(len)
+ return len;
+ }
+
+-#if defined(HAVE_OPENSSL_CAMELLIA_H)
++#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA)
+ /*
+ * CAMELLIA-CBC
+ */
+@@ -1680,9 +1679,9 @@ eay_hmac_init(key, md)
+ vchar_t *key;
+ const EVP_MD *md;
+ {
+- HMAC_CTX *c = racoon_malloc(sizeof(*c));
++ HMAC_CTX *c = HMAC_CTX_new();
+
+- HMAC_Init(c, key->v, key->l, md);
++ HMAC_Init_ex(c, key->v, key->l, md, NULL);
+
+ return (caddr_t)c;
+ }
+@@ -1761,8 +1760,7 @@ eay_hmacsha2_512_final(c)
+
+ HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l);
+ res->l = l;
+- HMAC_cleanup((HMAC_CTX *)c);
+- (void)racoon_free(c);
++ HMAC_CTX_free((HMAC_CTX *)c);
+
+ if (SHA512_DIGEST_LENGTH != res->l) {
+ plog(LLV_ERROR, LOCATION, NULL,
+@@ -1811,8 +1809,7 @@ eay_hmacsha2_384_final(c)
+
+ HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l);
+ res->l = l;
+- HMAC_cleanup((HMAC_CTX *)c);
+- (void)racoon_free(c);
++ HMAC_CTX_free((HMAC_CTX *)c);
+
+ if (SHA384_DIGEST_LENGTH != res->l) {
+ plog(LLV_ERROR, LOCATION, NULL,
+@@ -1861,8 +1858,7 @@ eay_hmacsha2_256_final(c)
+
+ HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l);
+ res->l = l;
+- HMAC_cleanup((HMAC_CTX *)c);
+- (void)racoon_free(c);
++ HMAC_CTX_free((HMAC_CTX *)c);
+
+ if (SHA256_DIGEST_LENGTH != res->l) {
+ plog(LLV_ERROR, LOCATION, NULL,
+@@ -1912,8 +1908,7 @@ eay_hmacsha1_final(c)
+
+ HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l);
+ res->l = l;
+- HMAC_cleanup((HMAC_CTX *)c);
+- (void)racoon_free(c);
++ HMAC_CTX_free((HMAC_CTX *)c);
+
+ if (SHA_DIGEST_LENGTH != res->l) {
+ plog(LLV_ERROR, LOCATION, NULL,
+@@ -1962,8 +1957,7 @@ eay_hmacmd5_final(c)
+
+ HMAC_Final((HMAC_CTX *)c, (unsigned char *) res->v, &l);
+ res->l = l;
+- HMAC_cleanup((HMAC_CTX *)c);
+- (void)racoon_free(c);
++ HMAC_CTX_free((HMAC_CTX *)c);
+
+ if (MD5_DIGEST_LENGTH != res->l) {
+ plog(LLV_ERROR, LOCATION, NULL,
+@@ -2266,6 +2260,7 @@ eay_dh_generate(prime, g, publen, pub, priv)
+ u_int32_t g;
+ {
+ BIGNUM *p = NULL;
++ BIGNUM *BNg = NULL;
+ DH *dh = NULL;
+ int error = -1;
+
+@@ -2276,25 +2271,28 @@ eay_dh_generate(prime, g, publen, pub, priv)
+
+ if ((dh = DH_new()) == NULL)
+ goto end;
+- dh->p = p;
+- p = NULL; /* p is now part of dh structure */
+- dh->g = NULL;
+- if ((dh->g = BN_new()) == NULL)
++ if ((BNg = BN_new()) == NULL)
+ goto end;
+- if (!BN_set_word(dh->g, g))
++ if (!BN_set_word(BNg, g))
+ goto end;
++ if (! DH_set0_pqg(dh, p, NULL, BNg))
++ goto end;
++ BNg = NULL;
++ p = NULL; /* p is now part of dh structure */
+
+ if (publen != 0)
+- dh->length = publen;
++ DH_set_length(dh, publen);
+
+ /* generate public and private number */
+ if (!DH_generate_key(dh))
+ goto end;
+
+ /* copy results to buffers */
+- if (eay_bn2v(pub, dh->pub_key) < 0)
++ BIGNUM *pub_key, *priv_key;
++ DH_get0_key(dh, (const BIGNUM**) &pub_key, (const BIGNUM**) &priv_key);
++ if (eay_bn2v(pub, pub_key) < 0)
+ goto end;
+- if (eay_bn2v(priv, dh->priv_key) < 0) {
++ if (eay_bn2v(priv, priv_key) < 0) {
+ vfree(*pub);
+ goto end;
+ }
+@@ -2306,6 +2304,8 @@ end:
+ DH_free(dh);
+ if (p != 0)
+ BN_free(p);
++ if (BNg != 0)
++ BN_free(BNg);
+ return(error);
+ }
+
+@@ -2319,6 +2319,10 @@ eay_dh_compute(prime, g, pub, priv, pub2, key)
+ int l;
+ unsigned char *v = NULL;
+ int error = -1;
++ BIGNUM *p = BN_new();
++ BIGNUM *BNg = BN_new();
++ BIGNUM *pub_key = BN_new();
++ BIGNUM *priv_key = BN_new();
+
+ /* make public number to compute */
+ if (eay_v2bn(&dh_pub, pub2) < 0)
+@@ -2327,19 +2331,21 @@ eay_dh_compute(prime, g, pub, priv, pub2, key)
+ /* make DH structure */
+ if ((dh = DH_new()) == NULL)
+ goto end;
+- if (eay_v2bn(&dh->p, prime) < 0)
++ if (p == NULL || BNg == NULL || pub_key == NULL || priv_key == NULL)
+ goto end;
+- if (eay_v2bn(&dh->pub_key, pub) < 0)
++
++ if (eay_v2bn(&p, prime) < 0)
+ goto end;
+- if (eay_v2bn(&dh->priv_key, priv) < 0)
++ if (eay_v2bn(&pub_key, pub) < 0)
+ goto end;
+- dh->length = pub2->l * 8;
+-
+- dh->g = NULL;
+- if ((dh->g = BN_new()) == NULL)
++ if (eay_v2bn(&priv_key, priv) < 0)
+ goto end;
+- if (!BN_set_word(dh->g, g))
++ if (!BN_set_word(BNg, g))
+ goto end;
++ DH_set0_key(dh, pub_key, priv_key);
++ DH_set_length(dh, pub2->l * 8);
++ DH_set0_pqg(dh, p, NULL, BNg);
++ pub_key = priv_key = p = BNg = NULL;
+
+ if ((v = racoon_calloc(prime->l, sizeof(u_char))) == NULL)
+ goto end;
+@@ -2350,6 +2356,14 @@ eay_dh_compute(prime, g, pub, priv, pub2, key)
+ error = 0;
+
+ end:
++ if (p != NULL)
++ BN_free(p);
++ if (BNg != NULL)
++ BN_free(BNg);
++ if (pub_key != NULL)
++ BN_free(pub_key);
++ if (priv_key != NULL)
++ BN_free(priv_key);
+ if (dh_pub != NULL)
+ BN_free(dh_pub);
+ if (dh != NULL)
+@@ -2400,12 +2414,14 @@ eay_bn2v(var, bn)
+ void
+ eay_init()
+ {
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ OpenSSL_add_all_algorithms();
+ ERR_load_crypto_strings();
+ #ifdef HAVE_OPENSSL_ENGINE_H
+ ENGINE_load_builtin_engines();
+ ENGINE_register_all_complete();
+ #endif
++#endif
+ }
+
+ vchar_t *
+@@ -2504,8 +2520,7 @@ binbuf_pubkey2rsa(vchar_t *binbuf)
+ goto out;
+ }
+
+- rsa_pub->n = mod;
+- rsa_pub->e = exp;
++ RSA_set0_key(rsa_pub, mod, exp, NULL);
+
+ out:
+ return rsa_pub;
+@@ -2582,5 +2597,5 @@ eay_random()
+ const char *
+ eay_version()
+ {
+- return SSLeay_version(SSLEAY_VERSION);
++ return OpenSSL_version(OPENSSL_VERSION);
+ }
+diff --git a/src/racoon/crypto_openssl.h b/src/racoon/crypto_openssl.h
+index 66fac73..ee5b765 100644
+--- a/src/racoon/crypto_openssl.h
++++ b/src/racoon/crypto_openssl.h
+@@ -124,7 +124,7 @@ extern vchar_t *eay_aes_decrypt __P((vchar_t *, vchar_t *, vchar_t *));
+ extern int eay_aes_weakkey __P((vchar_t *));
+ extern int eay_aes_keylen __P((int));
+
+-#if defined(HAVE_OPENSSL_CAMELLIA_H)
++#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA)
+ /* Camellia */
+ extern vchar_t *eay_camellia_encrypt __P((vchar_t *, vchar_t *, vchar_t *));
+ extern vchar_t *eay_camellia_decrypt __P((vchar_t *, vchar_t *, vchar_t *));
+diff --git a/src/racoon/eaytest.c b/src/racoon/eaytest.c
+index d609e4f..d2d20da 100644
+--- a/src/racoon/eaytest.c
++++ b/src/racoon/eaytest.c
+@@ -62,6 +62,7 @@
+ #include "dhgroup.h"
+ #include "crypto_openssl.h"
+ #include "gnuc.h"
++#include "openssl_compat.h"
+
+ #include "package_version.h"
+
+@@ -103,7 +104,7 @@ rsa_verify_with_pubkey(src, sig, pubkey_txt)
+ printf ("PEM_read_PUBKEY(): %s\n", eay_strerror());
+ return -1;
+ }
+- error = eay_check_rsasign(src, sig, evp->pkey.rsa);
++ error = eay_check_rsasign(src, sig, EVP_PKEY_get0_RSA(evp));
+
+ return error;
+ }
+@@ -698,7 +699,7 @@ ciphertest(ac, av)
+ eay_cast_encrypt, eay_cast_decrypt) < 0)
+ return -1;
+
+-#ifdef HAVE_OPENSSL_IDEA_H
++#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA)
+ if (ciphertest_1 ("IDEA",
+ &data, 8,
+ &key, key.l,
+@@ -715,7 +716,7 @@ ciphertest(ac, av)
+ eay_rc5_encrypt, eay_rc5_decrypt) < 0)
+ return -1;
+ #endif
+-#if defined(HAVE_OPENSSL_CAMELLIA_H)
++#if defined(HAVE_OPENSSL_CAMELLIA_H) && ! defined(OPENSSL_NO_CAMELLIA)
+ if (ciphertest_1 ("CAMELLIA",
+ &data, 16,
+ &key, key.l,
+diff --git a/src/racoon/ipsec_doi.c b/src/racoon/ipsec_doi.c
+index 08e4325..7b1604d 100644
+--- a/src/racoon/ipsec_doi.c
++++ b/src/racoon/ipsec_doi.c
+@@ -715,7 +715,7 @@ out:
+ /* key length must not be specified on some algorithms */
+ if (keylen) {
+ if (sa->enctype == OAKLEY_ATTR_ENC_ALG_DES
+-#ifdef HAVE_OPENSSL_IDEA_H
++#if defined(HAVE_OPENSSL_IDEA_H) && ! defined(OPENSSL_NO_IDEA)
+ || sa->enctype == OAKLEY_ATTR_ENC_ALG_IDEA
+ #endif
+ || sa->enctype == OAKLEY_ATTR_ENC_ALG_3DES) {
+diff --git a/src/racoon/openssl_compat.c b/src/racoon/openssl_compat.c
+new file mode 100644
+index 0000000..864b5fb
+--- /dev/null
++++ b/src/racoon/openssl_compat.c
+@@ -0,0 +1,213 @@
++/*
++ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
++ *
++ * Licensed under the OpenSSL license (the "License"). You may not use
++ * this file except in compliance with the License. You can obtain a copy
++ * in the file LICENSE in the source distribution or at
++ * https://www.openssl.org/source/license.html
++ */
++
++#include "openssl_compat.h"
++
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++
++#include
++
++static void *OPENSSL_zalloc(size_t num)
++{
++ void *ret = OPENSSL_malloc(num);
++
++ if (ret != NULL)
++ memset(ret, 0, num);
++ return ret;
++}
++
++int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
++{
++ /* If the fields n and e in r are NULL, the corresponding input
++ * parameters MUST be non-NULL for n and e. d may be
++ * left NULL (in case only the public key is used).
++ */
++ if ((r->n == NULL && n == NULL)
++ || (r->e == NULL && e == NULL))
++ return 0;
++
++ if (n != NULL) {
++ BN_free(r->n);
++ r->n = n;
++ }
++ if (e != NULL) {
++ BN_free(r->e);
++ r->e = e;
++ }
++ if (d != NULL) {
++ BN_free(r->d);
++ r->d = d;
++ }
++
++ return 1;
++}
++
++int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q)
++{
++ /* If the fields p and q in r are NULL, the corresponding input
++ * parameters MUST be non-NULL.
++ */
++ if ((r->p == NULL && p == NULL)
++ || (r->q == NULL && q == NULL))
++ return 0;
++
++ if (p != NULL) {
++ BN_free(r->p);
++ r->p = p;
++ }
++ if (q != NULL) {
++ BN_free(r->q);
++ r->q = q;
++ }
++
++ return 1;
++}
++
++int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp)
++{
++ /* If the fields dmp1, dmq1 and iqmp in r are NULL, the corresponding input
++ * parameters MUST be non-NULL.
++ */
++ if ((r->dmp1 == NULL && dmp1 == NULL)
++ || (r->dmq1 == NULL && dmq1 == NULL)
++ || (r->iqmp == NULL && iqmp == NULL))
++ return 0;
++
++ if (dmp1 != NULL) {
++ BN_free(r->dmp1);
++ r->dmp1 = dmp1;
++ }
++ if (dmq1 != NULL) {
++ BN_free(r->dmq1);
++ r->dmq1 = dmq1;
++ }
++ if (iqmp != NULL) {
++ BN_free(r->iqmp);
++ r->iqmp = iqmp;
++ }
++
++ return 1;
++}
++
++void RSA_get0_key(const RSA *r,
++ const BIGNUM **n, const BIGNUM **e, const BIGNUM **d)
++{
++ if (n != NULL)
++ *n = r->n;
++ if (e != NULL)
++ *e = r->e;
++ if (d != NULL)
++ *d = r->d;
++}
++
++void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q)
++{
++ if (p != NULL)
++ *p = r->p;
++ if (q != NULL)
++ *q = r->q;
++}
++
++void RSA_get0_crt_params(const RSA *r,
++ const BIGNUM **dmp1, const BIGNUM **dmq1,
++ const BIGNUM **iqmp)
++{
++ if (dmp1 != NULL)
++ *dmp1 = r->dmp1;
++ if (dmq1 != NULL)
++ *dmq1 = r->dmq1;
++ if (iqmp != NULL)
++ *iqmp = r->iqmp;
++}
++
++int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g)
++{
++ /* If the fields p and g in d are NULL, the corresponding input
++ * parameters MUST be non-NULL. q may remain NULL.
++ */
++ if ((dh->p == NULL && p == NULL)
++ || (dh->g == NULL && g == NULL))
++ return 0;
++
++ if (p != NULL) {
++ BN_free(dh->p);
++ dh->p = p;
++ }
++ if (q != NULL) {
++ BN_free(dh->q);
++ dh->q = q;
++ }
++ if (g != NULL) {
++ BN_free(dh->g);
++ dh->g = g;
++ }
++
++ if (q != NULL) {
++ dh->length = BN_num_bits(q);
++ }
++
++ return 1;
++}
++
++void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
++{
++ if (pub_key != NULL)
++ *pub_key = dh->pub_key;
++ if (priv_key != NULL)
++ *priv_key = dh->priv_key;
++}
++
++int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key)
++{
++ /* If the field pub_key in dh is NULL, the corresponding input
++ * parameters MUST be non-NULL. The priv_key field may
++ * be left NULL.
++ */
++ if (dh->pub_key == NULL && pub_key == NULL)
++ return 0;
++
++ if (pub_key != NULL) {
++ BN_free(dh->pub_key);
++ dh->pub_key = pub_key;
++ }
++ if (priv_key != NULL) {
++ BN_free(dh->priv_key);
++ dh->priv_key = priv_key;
++ }
++
++ return 1;
++}
++
++int DH_set_length(DH *dh, long length)
++{
++ dh->length = length;
++ return 1;
++}
++
++HMAC_CTX *HMAC_CTX_new(void)
++{
++ return OPENSSL_zalloc(sizeof(HMAC_CTX));
++}
++
++void HMAC_CTX_free(HMAC_CTX *ctx)
++{
++ HMAC_CTX_cleanup(ctx);
++ OPENSSL_free(ctx);
++}
++
++RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey)
++{
++ if (pkey->type != EVP_PKEY_RSA) {
++ return NULL;
++ }
++ return pkey->pkey.rsa;
++}
++
++
++#endif /* OPENSSL_VERSION_NUMBER */
+diff --git a/src/racoon/openssl_compat.h b/src/racoon/openssl_compat.h
+new file mode 100644
+index 0000000..9e152c2
+--- /dev/null
++++ b/src/racoon/openssl_compat.h
+@@ -0,0 +1,45 @@
++#ifndef OPENSSL_COMPAT_H
++#define OPENSSL_COMPAT_H
++
++#include
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
++
++#include
++#include
++#include
++#include
++
++int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);
++int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);
++int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);
++void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);
++void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);
++void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp);
++
++int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g);
++void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key);
++int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key);
++int DH_set_length(DH *dh, long length);
++
++HMAC_CTX *HMAC_CTX_new(void);
++void HMAC_CTX_free(HMAC_CTX* ctx);
++
++RSA *EVP_PKEY_get0_RSA(EVP_PKEY *pkey);
++
++#define ASN1_STRING_length(s) s->length
++#define ASN1_STRING_get0_data(s) s->data
++
++#define X509_get_subject_name(x) x->cert_info->subject
++#define X509_get_issuer_name(x) x->cert_info->issuer
++#define X509_NAME_ENTRY_get_data(n) n->value
++#define X509_NAME_ENTRY_get_object(n) n->object
++#define X509_STORE_CTX_get_current_cert(ctx) ctx->current_cert
++#define X509_STORE_CTX_get_error(ctx) ctx->error
++#define X509_STORE_CTX_get_error_depth(ctx) ctx->error_depth
++
++#define OPENSSL_VERSION SSLEAY_VERSION
++#define OpenSSL_version SSLeay_version
++
++#endif /* OPENSSL_VERSION_NUMBER */
++
++#endif /* OPENSSL_COMPAT_H */
+diff --git a/src/racoon/plainrsa-gen.c b/src/racoon/plainrsa-gen.c
+index cad1861..b949b08 100644
+--- a/src/racoon/plainrsa-gen.c
++++ b/src/racoon/plainrsa-gen.c
+@@ -60,6 +60,7 @@
+ #include "vmbuf.h"
+ #include "plog.h"
+ #include "crypto_openssl.h"
++#include "openssl_compat.h"
+
+ #include "package_version.h"
+
+@@ -90,12 +91,14 @@ mix_b64_pubkey(const RSA *key)
+ char *binbuf;
+ long binlen, ret;
+ vchar_t *res;
+-
+- binlen = 1 + BN_num_bytes(key->e) + BN_num_bytes(key->n);
++ const BIGNUM *e, *n;
++
++ RSA_get0_key(key, &n, &e, NULL);
++ binlen = 1 + BN_num_bytes(e) + BN_num_bytes(n);
+ binbuf = malloc(binlen);
+ memset(binbuf, 0, binlen);
+- binbuf[0] = BN_bn2bin(key->e, (unsigned char *) &binbuf[1]);
+- ret = BN_bn2bin(key->n, (unsigned char *) (&binbuf[binbuf[0] + 1]));
++ binbuf[0] = BN_bn2bin(e, (unsigned char *) &binbuf[1]);
++ ret = BN_bn2bin(n, (unsigned char *) (&binbuf[binbuf[0] + 1]));
+ if (1 + binbuf[0] + ret != binlen) {
+ plog(LLV_ERROR, LOCATION, NULL,
+ "Pubkey generation failed. This is really strange...\n");
+@@ -131,16 +134,20 @@ print_rsa_key(FILE *fp, const RSA *key)
+
+ fprintf(fp, "# : PUB 0s%s\n", pubkey64->v);
+ fprintf(fp, ": RSA\t{\n");
+- fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(key->n));
++ const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp;
++ RSA_get0_key(key, &n, &e, &d);
++ RSA_get0_factors(key, &p, &q);
++ RSA_get0_crt_params(key, &dmp1, &dmq1, &iqmp);
++ fprintf(fp, "\t# RSA %d bits\n", BN_num_bits(n));
+ fprintf(fp, "\t# pubkey=0s%s\n", pubkey64->v);
+- fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(key->n)));
+- fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(key->e)));
+- fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(key->d)));
+- fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(key->p)));
+- fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(key->q)));
+- fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(key->dmp1)));
+- fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(key->dmq1)));
+- fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(key->iqmp)));
++ fprintf(fp, "\tModulus: 0x%s\n", lowercase(BN_bn2hex(n)));
++ fprintf(fp, "\tPublicExponent: 0x%s\n", lowercase(BN_bn2hex(e)));
++ fprintf(fp, "\tPrivateExponent: 0x%s\n", lowercase(BN_bn2hex(d)));
++ fprintf(fp, "\tPrime1: 0x%s\n", lowercase(BN_bn2hex(p)));
++ fprintf(fp, "\tPrime2: 0x%s\n", lowercase(BN_bn2hex(q)));
++ fprintf(fp, "\tExponent1: 0x%s\n", lowercase(BN_bn2hex(dmp1)));
++ fprintf(fp, "\tExponent2: 0x%s\n", lowercase(BN_bn2hex(dmq1)));
++ fprintf(fp, "\tCoefficient: 0x%s\n", lowercase(BN_bn2hex(iqmp)));
+ fprintf(fp, " }\n");
+
+ vfree(pubkey64);
+@@ -203,11 +210,13 @@ int
+ gen_rsa_key(FILE *fp, size_t bits, unsigned long exp)
+ {
+ int ret;
+- RSA *key;
++ RSA *key = RSA_new();
++ BIGNUM *e = BN_new();
+
+- key = RSA_generate_key(bits, exp, NULL, NULL);
+- if (!key) {
++ BN_set_word(e, exp);
++ if (! RSA_generate_key_ex(key, bits, e, NULL)) {
+ fprintf(stderr, "RSA_generate_key(): %s\n", eay_strerror());
++ RSA_free(key);
+ return -1;
+ }
+
+diff --git a/src/racoon/prsa_par.y b/src/racoon/prsa_par.y
+index 1987e4d..27ce4c6 100644
+--- a/src/racoon/prsa_par.y
++++ b/src/racoon/prsa_par.y
+@@ -68,6 +68,7 @@
+ #include "isakmp_var.h"
+ #include "handler.h"
+ #include "crypto_openssl.h"
++#include "openssl_compat.h"
+ #include "sockmisc.h"
+ #include "rsalist.h"
+
+@@ -85,7 +86,18 @@ char *prsa_cur_fname = NULL;
+ struct genlist *prsa_cur_list = NULL;
+ enum rsa_key_type prsa_cur_type = RSA_TYPE_ANY;
+
+-static RSA *rsa_cur;
++struct my_rsa_st {
++ BIGNUM *n;
++ BIGNUM *e;
++ BIGNUM *d;
++ BIGNUM *p;
++ BIGNUM *q;
++ BIGNUM *dmp1;
++ BIGNUM *dmq1;
++ BIGNUM *iqmp;
++};
++
++static struct my_rsa_st *rsa_cur;
+
+ void
+ prsaerror(const char *s, ...)
+@@ -201,8 +213,12 @@ rsa_statement:
+ rsa_cur->iqmp = NULL;
+ }
+ }
+- $$ = rsa_cur;
+- rsa_cur = RSA_new();
++ RSA * rsa_tmp = RSA_new();
++ RSA_set0_key(rsa_tmp, rsa_cur->n, rsa_cur->e, rsa_cur->d);
++ RSA_set0_factors(rsa_tmp, rsa_cur->p, rsa_cur->q);
++ RSA_set0_crt_params(rsa_tmp, rsa_cur->dmp1, rsa_cur->dmq1, rsa_cur->iqmp);
++ $$ = rsa_tmp;
++ memset(rsa_cur, 0, sizeof(struct my_rsa_st));
+ }
+ | TAG_PUB BASE64
+ {
+@@ -351,10 +367,12 @@ prsa_parse_file(struct genlist *list, char *fname, enum rsa_key_type type)
+ prsa_cur_fname = fname;
+ prsa_cur_list = list;
+ prsa_cur_type = type;
+- rsa_cur = RSA_new();
++ rsa_cur = malloc(sizeof(struct my_rsa_st));
++ memset(rsa_cur, 0, sizeof(struct my_rsa_st));
+ ret = prsaparse();
+ if (rsa_cur) {
+- RSA_free(rsa_cur);
++ memset(rsa_cur, 0, sizeof(struct my_rsa_st));
++ free(rsa_cur);
+ rsa_cur = NULL;
+ }
+ fclose (fp);
+diff --git a/src/racoon/rsalist.c b/src/racoon/rsalist.c
+index f152c82..96e8363 100644
+--- a/src/racoon/rsalist.c
++++ b/src/racoon/rsalist.c
+@@ -52,6 +52,7 @@
+ #include "genlist.h"
+ #include "remoteconf.h"
+ #include "crypto_openssl.h"
++#include "openssl_compat.h"
+
+ #ifndef LIST_FIRST
+ #define LIST_FIRST(head) ((head)->lh_first)
+@@ -98,7 +99,9 @@ rsa_key_dup(struct rsa_key *key)
+ return NULL;
+
+ if (key->rsa) {
+- new->rsa = key->rsa->d != NULL ? RSAPrivateKey_dup(key->rsa) : RSAPublicKey_dup(key->rsa);
++ const BIGNUM *d;
++ RSA_get0_key(key->rsa, NULL, NULL, &d);
++ new->rsa = (d != NULL ? RSAPrivateKey_dup(key->rsa) : RSAPublicKey_dup(key->rsa));
+ if (new->rsa == NULL)
+ goto dup_error;
+ }
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb
index 5cbeb15ad..a6d473b59 100644
--- a/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb
+++ b/meta-openembedded/meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb
@@ -25,6 +25,8 @@ SRC_URI = "http://ftp.netbsd.org/pub/NetBSD/misc/ipsec-tools/0.8/ipsec-tools-${P
file://0001-Fix-header-issues-found-with-musl-libc.patch \
file://0002-cfparse-clear-memory-equal-to-size-of-array.patch \
file://fix-CVE-2016-10396.patch \
+ file://0001-Disable-gcc8-specific-warnings.patch \
+ file://0001-ipsec-tools-add-openssl-1.1-support.patch \
"
SRC_URI[md5sum] = "d53ec14a0a3ece64e09e5e34b3350b41"
SRC_URI[sha256sum] = "8eb6b38716e2f3a8a72f1f549c9444c2bc28d52c9536792690564c74fe722f2d"
diff --git a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/0001-Modify-the-Makefile-for-cross-compile.patch b/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/0001-Modify-the-Makefile-for-cross-compile.patch
index 7c3dfe4a8..d7b0267d5 100644
--- a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/0001-Modify-the-Makefile-for-cross-compile.patch
+++ b/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/0001-Modify-the-Makefile-for-cross-compile.patch
@@ -1,18 +1,22 @@
-From 58292175115bae7a4c3600d3022e59ea57213025 Mon Sep 17 00:00:00 2001
-From: Jianchuan Wang
-Date: Mon, 12 Jan 2015 15:53:23 +0800
+From 801224257015788d3aff026bf2ae1cd8531d4fcc Mon Sep 17 00:00:00 2001
+From: Changqing Li
+Date: Wed, 25 Jul 2018 13:12:04 +0800
Subject: [PATCH] Modify the Makefile for cross compile.
Upstream-Status: Inappropriate [embedded specific]
Signed-off-by: Jianchuan Wang
+
+update to version 1.29
+
+Signed-off-by: Changqing Li
---
- Makefile | 23 ++++++-----------------
+ Makefile | 9 ++++-----
libipvs/Makefile | 3 +--
- 2 files changed, 7 insertions(+), 19 deletions(-)
+ 2 files changed, 5 insertions(+), 7 deletions(-)
diff --git a/Makefile b/Makefile
-index e4e03cc..461c021 100644
+index 91a2991..906086d 100644
--- a/Makefile
+++ b/Makefile
@@ -35,10 +35,9 @@ ARCH = $(shell uname -m)
@@ -23,57 +27,29 @@ index e4e03cc..461c021 100644
INCLUDE =
SBIN = $(BUILD_ROOT)/sbin
-MANDIR = usr/man
-+MANDIR = usr/share/man
++MANDIR = usr/share/man
MAN = $(BUILD_ROOT)/$(MANDIR)/man8
INIT = $(BUILD_ROOT)/etc/rc.d/init.d
MKDIR = mkdir
-@@ -62,17 +61,7 @@ RPMBUILD = $(shell \
- echo "/bin/rpm"; \
- fi )
-
--ifeq (,$(FORCE_GETOPT))
--LIB_SEARCH = /lib64 /usr/lib64 /usr/local/lib64 /lib /usr/lib /usr/local/lib
--POPT_LIB = $(shell for i in $(LIB_SEARCH); do \
-- if [ -f $$i/libpopt.a ]; then \
-- if nm $$i/libpopt.a | fgrep -q poptGetContext; then \
-- echo "-lpopt"; \
-- break; \
-- fi; \
-- fi; \
--done)
--endif
-+POPT_LIB = -lpopt
-
- ifneq (,$(POPT_LIB))
- POPT_DEFINE = -DHAVE_POPT
-@@ -81,7 +70,7 @@ endif
- OBJS = ipvsadm.o config_stream.o dynamic_array.o
- LIBS = $(POPT_LIB)
- ifneq (0,$(HAVE_NL))
--LIBS += -lnl
-+LIBS += -lnl-3 -lnl-genl-3
- endif
- DEFINES = -DVERSION=\"$(VERSION)\" -DSCHEDULERS=\"$(SCHEDULERS)\" \
- -DPE_LIST=\"$(PE_LIST)\" $(POPT_DEFINE)
-@@ -91,13 +80,13 @@ DEFINES += $(shell if [ ! -f ../ip_vs.h ]; then \
+@@ -81,13 +80,13 @@ DEFINES += $(shell if [ ! -f ../ip_vs.h ]; then \
.PHONY = all clean install dist distclean rpm rpms
-all: libs ipvsadm
-+all: ipvsadm
++all: ipvsadm
libs:
make -C libipvs
-ipvsadm: $(OBJS) $(STATIC_LIBS)
- $(CC) $(CFLAGS) -o $@ $^ $(LIBS)
-+ipvsadm: $(OBJS) libs
++ipvsadm: $(OBJS) libs
+ $(CC) $(CFLAGS) -o $@ $(OBJS) $(STATIC_LIBS) $(LIBS)
install: all
if [ ! -d $(SBIN) ]; then $(MKDIR) -p $(SBIN); fi
diff --git a/libipvs/Makefile b/libipvs/Makefile
-index a527a7f..b7300ec 100644
+index f845c8b..dafab30 100644
--- a/libipvs/Makefile
+++ b/libipvs/Makefile
@@ -1,6 +1,5 @@
@@ -83,7 +59,7 @@ index a527a7f..b7300ec 100644
CFLAGS = -Wall -Wunused -Wstrict-prototypes -g -fPIC
ifneq (0,$(HAVE_NL))
CFLAGS += -DLIBIPVS_USE_NL
-@@ -18,7 +17,7 @@ SHARED_LIB = libipvs.so
+@@ -30,7 +29,7 @@ SHARED_LIB = libipvs.so
all: $(STATIC_LIB) $(SHARED_LIB)
$(STATIC_LIB): libipvs.o ip_vs_nl_policy.o
@@ -93,5 +69,5 @@ index a527a7f..b7300ec 100644
$(SHARED_LIB): libipvs.o ip_vs_nl_policy.o
$(CC) -shared -Wl,-soname,$@ -o $@ $^
--
-1.9.1
+2.7.4
diff --git a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/0002-Replace-nl_handle-to-nl_sock.patch b/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/0002-Replace-nl_handle-to-nl_sock.patch
deleted file mode 100644
index 7896d6d1e..000000000
--- a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/0002-Replace-nl_handle-to-nl_sock.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From 2686213259b15df9cf1d969c5a14d62f14cfbaae Mon Sep 17 00:00:00 2001
-From: Jianchuan Wang
-Date: Thu, 8 Jan 2015 17:37:11 +0800
-Subject: [PATCH 2/2] Replace nl_handle to nl_sock.
-
-The nl_handle was replace with nl_sock in the libnl-3.
-
-Upstream-Status: Inappropriate [embedded specific]
-
-Signed-off-by: Jianchuan Wang
----
- libipvs/libipvs.c | 10 +++++-----
- 1 file changed, 5 insertions(+), 5 deletions(-)
-
-diff --git a/libipvs/libipvs.c b/libipvs/libipvs.c
-index a157e18..21a9bfa 100644
---- a/libipvs/libipvs.c
-+++ b/libipvs/libipvs.c
-@@ -32,7 +32,7 @@ static void* ipvs_func = NULL;
- struct ip_vs_getinfo ipvs_info;
-
- #ifdef LIBIPVS_USE_NL
--static struct nl_handle *sock = NULL;
-+static struct nl_sock *sock = NULL;
- static int family, try_nl = 1;
- #endif
-
-@@ -73,7 +73,7 @@ int ipvs_nl_send_message(struct nl_msg *msg, nl_recvmsg_msg_cb_t func, void *arg
- {
- int err = EINVAL;
-
-- sock = nl_handle_alloc();
-+ sock = nl_socket_alloc();
- if (!sock) {
- nlmsg_free(msg);
- return -1;
-@@ -88,7 +88,7 @@ int ipvs_nl_send_message(struct nl_msg *msg, nl_recvmsg_msg_cb_t func, void *arg
-
- /* To test connections and set the family */
- if (msg == NULL) {
-- nl_handle_destroy(sock);
-+ nl_socket_free(sock);
- sock = NULL;
- return 0;
- }
-@@ -104,12 +104,12 @@ int ipvs_nl_send_message(struct nl_msg *msg, nl_recvmsg_msg_cb_t func, void *arg
-
- nlmsg_free(msg);
-
-- nl_handle_destroy(sock);
-+ nl_socket_free(sock);
-
- return 0;
-
- fail_genl:
-- nl_handle_destroy(sock);
-+ nl_socket_free(sock);
- sock = NULL;
- nlmsg_free(msg);
- errno = err;
---
-1.8.3.1
-
diff --git a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/makefile-add-ldflags.patch b/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/makefile-add-ldflags.patch
index 1bf1eed4c..a2c5235c3 100644
--- a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/makefile-add-ldflags.patch
+++ b/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm/makefile-add-ldflags.patch
@@ -1,19 +1,33 @@
-Add LDFLAGS variable to Makefile, make sure the extra linker flags can be passed.
+From 8aff1e965ec17262f3a5b376f7eb3e053d81905c Mon Sep 17 00:00:00 2001
+From: Changqing Li
+Date: Tue, 24 Jul 2018 18:18:05 +0800
+Subject: [PATCH] Add LDFLAGS variable to Makefile, make sure the extra linker
+ flags can be passed.
Upstream-Status: Pending
Signed-off-by: Yi Zhao
+Update to version 1.29
+
+Signed-off-by: Changqing Li
+---
+ Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
diff --git a/Makefile b/Makefile
-index 461c021..8bc9cde 100644
+index f29bbae..81beb5a 100644
--- a/Makefile
+++ b/Makefile
@@ -86,7 +86,7 @@ libs:
make -C libipvs
- ipvsadm: $(OBJS) libs
+ ipvsadm: $(OBJS) libs
- $(CC) $(CFLAGS) -o $@ $(OBJS) $(STATIC_LIBS) $(LIBS)
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $(OBJS) $(STATIC_LIBS) $(LIBS)
install: all
if [ ! -d $(SBIN) ]; then $(MKDIR) -p $(SBIN); fi
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm_1.26.bb b/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm_1.26.bb
deleted file mode 100644
index b35a9f4a4..000000000
--- a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm_1.26.bb
+++ /dev/null
@@ -1,37 +0,0 @@
-SUMMARY = "Linux Virtual Server administration Utility"
-HOMEPAGE = "http://www.linux-vs.org/software/index.html"
-DESCRIPTION = "Ipvsadm is used to set up, maintain or inspect the virtual server \
-table in the Linux kernel. The Linux Virtual Server can be used to \
-build scalable network services based on a cluster of two or more nodes. \
-The active node of the cluster redirects service requests to a \
-collection of server hosts that will actually perform the services. \
-Supported features include two protocols (TCP and UDP), three packet-forwarding \
-methods (NAT, tunneling, and direct routing), and eight load balancing algorithms \
-(round robin, weighted round robin, least-connec-tion, weighted least-connection, \
-locality-based least-connection, locality-based least-connection with replication, \
-destination-hashing, and source-hashing)."
-SECTION = "net"
-LICENSE = "GPL-2.0"
-LIC_FILES_CHKSUM = "file://README;beginline=40;endline=56;md5=a54cba37b64924aa5008881607942892"
-
-DEPENDS += "libnl popt"
-
-SRC_URI = "http://www.linuxvirtualserver.org/software/kernel-2.6/${BP}.tar.gz \
- file://0001-Modify-the-Makefile-for-cross-compile.patch \
- file://0002-Replace-nl_handle-to-nl_sock.patch \
- file://0003-ipvsadm-remove-dependency-on-bash.patch \
- file://makefile-add-ldflags.patch \
-"
-
-SRC_URI[md5sum] = "eac3ba3f62cd4dea2da353aeddd353a8"
-SRC_URI[sha256sum] = "6d6c46fecb1c532a892616b4445c73b71730e8790d5630f60269fd9cbee0eb2d"
-
-do_compile() {
- oe_runmake \
- CC="${CC} -I${STAGING_INCDIR} -I${STAGING_INCDIR}/libnl3 -L${STAGING_LIBDIR}" \
- all
-}
-
-do_install() {
- oe_runmake 'BUILD_ROOT=${D}' install
-}
diff --git a/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm_1.29.bb b/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm_1.29.bb
new file mode 100644
index 000000000..4f3c16dc3
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/ipvsadm/ipvsadm_1.29.bb
@@ -0,0 +1,41 @@
+SUMMARY = "Linux Virtual Server administration Utility"
+HOMEPAGE = "http://www.linux-vs.org/software/index.html"
+DESCRIPTION = "Ipvsadm is used to set up, maintain or inspect the virtual server \
+table in the Linux kernel. The Linux Virtual Server can be used to \
+build scalable network services based on a cluster of two or more nodes. \
+The active node of the cluster redirects service requests to a \
+collection of server hosts that will actually perform the services. \
+Supported features include two protocols (TCP and UDP), three packet-forwarding \
+methods (NAT, tunneling, and direct routing), and eight load balancing algorithms \
+(round robin, weighted round robin, least-connec-tion, weighted least-connection, \
+locality-based least-connection, locality-based least-connection with replication, \
+destination-hashing, and source-hashing)."
+SECTION = "net"
+LICENSE = "GPL-2.0"
+LIC_FILES_CHKSUM = "file://README;beginline=40;endline=56;md5=b4e40069f15598d0e3fe2aa177e5ec77"
+
+DEPENDS += "libnl popt"
+
+SRC_URI = "https://mirrors.edge.kernel.org/pub/linux/utils/kernel/ipvsadm/${BP}.tar.gz \
+ file://0001-Modify-the-Makefile-for-cross-compile.patch \
+ file://0003-ipvsadm-remove-dependency-on-bash.patch \
+ file://makefile-add-ldflags.patch \
+"
+
+SRC_URI[md5sum] = "88b35030b4766b3e44ad15aacdef65c4"
+SRC_URI[sha256sum] = "297f5cd459c3eef81ed0ca32e53bf320ed6b132fe7ed6ea5e44aa6b1fbd2a7de"
+
+UPSTREAM_CHECK_URI = "${KERNELORG_MIRROR}/linux/utils/kernel/ipvsadm"
+
+do_compile() {
+ oe_runmake \
+ CC="${CC} -I${STAGING_INCDIR} -I${STAGING_INCDIR}/libnl3 -L${STAGING_LIBDIR}" \
+ all
+}
+
+do_install() {
+ sed -i -e "s;SBIN\t\t= \$(BUILD_ROOT)/sbin;SBIN\t\t= \$(BUILD_ROOT)/$base_sbindir;" ${S}/Makefile
+ oe_runmake 'BUILD_ROOT=${D}' install
+}
+
+inherit pkgconfig
diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/0001-libldb-fix-config-error.patch b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/0001-libldb-fix-config-error.patch
new file mode 100644
index 000000000..5818d57f7
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/0001-libldb-fix-config-error.patch
@@ -0,0 +1,87 @@
+From bc4ff7e37ce120c257e52a81fe3475499dfd2573 Mon Sep 17 00:00:00 2001
+From: Changqing Li
+Date: Tue, 24 Jul 2018 10:10:24 +0800
+Subject: [PATCH] libldb: fix config error
+
+Signed-off-by: Changqing Li
+---
+ wscript | 58 +++++++++++++++++++++++++++++-----------------------------
+ 1 file changed, 29 insertions(+), 29 deletions(-)
+
+diff --git a/wscript b/wscript
+index b0af7b6..8ad9f96 100644
+--- a/wscript
++++ b/wscript
+@@ -115,40 +115,40 @@ def configure(conf):
+ onlyif='talloc tdb tevent pyldb-util',
+ implied_deps='replace talloc tdb tevent'):
+ conf.define('USING_SYSTEM_LDB', 1)
++ if not Options.options.without_ldb_lmdb:
++ if not conf.CHECK_CODE('return !(sizeof(size_t) >= 8)',
++ "HAVE_64_BIT_SIZE_T_FOR_LMDB",
++ execute=True,
++ msg='Checking for a 64-bit host to '
++ 'support lmdb'):
++ Logs.warn("--without-ldb-lmdb implied as this "
++ "host is not 64-bit")
++
++ if not conf.env.standalone_ldb and \
++ not Options.options.without_ad_dc and \
++ conf.CONFIG_GET('ENABLE_SELFTEST'):
++ Logs.warn("NOTE: Some AD DC parts of selftest will fail")
+
+- if not conf.CHECK_CODE('return !(sizeof(size_t) >= 8)',
+- "HAVE_64_BIT_SIZE_T_FOR_LMDB",
+- execute=True,
+- msg='Checking for a 64-bit host to '
+- 'support lmdb'):
+- Logs.warn("--without-ldb-lmdb implied as this "
+- "host is not 64-bit")
+-
+- if not conf.env.standalone_ldb and \
+- not Options.options.without_ad_dc and \
+- conf.CONFIG_GET('ENABLE_SELFTEST'):
+- Logs.warn("NOTE: Some AD DC parts of selftest will fail")
+-
+- conf.env.REQUIRE_LMDB = False
+- else:
+- if conf.env.standalone_ldb:
+- if Options.options.without_ldb_lmdb:
+- conf.env.REQUIRE_LMDB = False
+- else:
+- conf.env.REQUIRE_LMDB = True
+- elif Options.options.without_ad_dc:
+ conf.env.REQUIRE_LMDB = False
+ else:
+- if Options.options.without_ldb_lmdb:
+- if not Options.options.without_ad_dc and \
+- conf.CONFIG_GET('ENABLE_SELFTEST'):
+- raise Utils.WafError('--without-ldb-lmdb conflicts '
+- 'with --enable-selftest while '
+- 'building the AD DC')
+-
++ if conf.env.standalone_ldb:
++ if Options.options.without_ldb_lmdb:
++ conf.env.REQUIRE_LMDB = False
++ else:
++ conf.env.REQUIRE_LMDB = True
++ elif Options.options.without_ad_dc:
+ conf.env.REQUIRE_LMDB = False
+ else:
+- conf.env.REQUIRE_LMDB = True
++ if Options.options.without_ldb_lmdb:
++ if not Options.options.without_ad_dc and \
++ conf.CONFIG_GET('ENABLE_SELFTEST'):
++ raise Utils.WafError('--without-ldb-lmdb conflicts '
++ 'with --enable-selftest while '
++ 'building the AD DC')
++
++ conf.env.REQUIRE_LMDB = False
++ else:
++ conf.env.REQUIRE_LMDB = True
+
+
+ if conf.CONFIG_SET('USING_SYSTEM_LDB'):
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/avoid-openldap-unless-wanted.patch b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/avoid-openldap-unless-wanted.patch
index 8ab094fa7..b30afeee2 100644
--- a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/avoid-openldap-unless-wanted.patch
+++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/avoid-openldap-unless-wanted.patch
@@ -1,6 +1,16 @@
---- a/wscript 2015-11-18 12:43:33.000000000 +0100
-+++ b/wscript 2015-11-18 12:46:25.000000000 +0100
-@@ -58,9 +58,7 @@
+From 63570b98ef63c91d8508478fcbe6b89c90c8398f Mon Sep 17 00:00:00 2001
+From: Jens Rehsack
+Date: Thu, 19 Nov 2015 20:45:56 +0100
+
+---
+ wscript | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/wscript b/wscript
+index e7c05d2..1633593 100644
+--- a/wscript
++++ b/wscript
+@@ -161,9 +161,7 @@ def configure(conf):
if conf.env.standalone_ldb:
conf.CHECK_XSLTPROC_MANPAGES()
diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/do-not-import-target-module-while-cross-compile.patch b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/do-not-import-target-module-while-cross-compile.patch
old mode 100755
new mode 100644
index fdd312c0a..ee4936a5a
--- a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/do-not-import-target-module-while-cross-compile.patch
+++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/do-not-import-target-module-while-cross-compile.patch
@@ -1,12 +1,21 @@
+From f4cda3a71311e4496b725bc5f46af93413ec7a1c Mon Sep 17 00:00:00 2001
+From: Bian Naimeng
+Date: Fri, 17 Jul 2015 11:58:49 +0800
+Subject: [PATCH] libldb: add new recipe
+
Some modules such as dynamic library maybe cann't be imported while cross compile,
we just check whether does the module exist.
Signed-off-by: Bian Naimeng
-Index: ldb-1.1.26/buildtools/wafsamba/samba_bundled.py
-===================================================================
---- ldb-1.1.26.orig/buildtools/wafsamba/samba_bundled.py
-+++ ldb-1.1.26/buildtools/wafsamba/samba_bundled.py
+---
+ buildtools/wafsamba/samba_bundled.py | 32 ++++++++++++++++++++++++--------
+ 1 file changed, 24 insertions(+), 8 deletions(-)
+
+diff --git a/buildtools/wafsamba/samba_bundled.py b/buildtools/wafsamba/samba_bundled.py
+index 253d604..398cc6a 100644
+--- a/buildtools/wafsamba/samba_bundled.py
++++ b/buildtools/wafsamba/samba_bundled.py
@@ -2,6 +2,7 @@
import sys
@@ -15,7 +24,7 @@ Index: ldb-1.1.26/buildtools/wafsamba/samba_bundled.py
from Configure import conf
from samba_utils import TO_LIST
-@@ -230,17 +231,32 @@ def CHECK_BUNDLED_SYSTEM_PYTHON(conf, li
+@@ -249,17 +250,32 @@ def CHECK_BUNDLED_SYSTEM_PYTHON(conf, libname, modulename, minversion='0.0.0'):
# versions
minversion = minimum_library_version(conf, libname, minversion)
diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/libldb-fix-musl-libc-conflict-type-error.patch b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/libldb-fix-musl-libc-conflict-type-error.patch
new file mode 100644
index 000000000..444fa3ff1
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/libldb-fix-musl-libc-conflict-type-error.patch
@@ -0,0 +1,45 @@
+From 5bd7b5d04435bd593349825973ce32290f5f604d Mon Sep 17 00:00:00 2001
+From: Changqing Li
+Date: Wed, 25 Jul 2018 09:55:25 +0800
+Subject: [PATCH] libldb: fix musl libc conflicting types error
+
+/third_party/cmocka/cmocka.h:126:28: error: conflicting types for 'uintptr_t'
+ typedef unsigned int uintptr_t;
+ ^~~~~~~~~
+use __DEFINED_uintptr_t in alltypes.h to check if uintptr already defined
+
+Upstream-Status: Pending
+
+Signed-off-by: Changqing Li
+---
+ third_party/cmocka/cmocka.h | 7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/third_party/cmocka/cmocka.h b/third_party/cmocka/cmocka.h
+index 4fd82a9..5443a08 100644
+--- a/third_party/cmocka/cmocka.h
++++ b/third_party/cmocka/cmocka.h
+@@ -110,7 +110,7 @@ typedef uintmax_t LargestIntegralType;
+ ((LargestIntegralType)(value))
+
+ /* Smallest integral type capable of holding a pointer. */
+-#if !defined(_UINTPTR_T) && !defined(_UINTPTR_T_DEFINED)
++#if !defined(__DEFINED_uintptr_t)
+ # if defined(_WIN32)
+ /* WIN32 is an ILP32 platform */
+ typedef unsigned int uintptr_t;
+@@ -134,9 +134,8 @@ typedef uintmax_t LargestIntegralType;
+ # endif /* __WORDSIZE */
+ # endif /* _WIN32 */
+
+-# define _UINTPTR_T
+-# define _UINTPTR_T_DEFINED
+-#endif /* !defined(_UINTPTR_T) || !defined(_UINTPTR_T_DEFINED) */
++# define __DEFINED_uintptr_t
++#endif /* !defined(__DEFINED_uintptr_t)
+
+ /* Perform an unsigned cast to uintptr_t. */
+ #define cast_to_pointer_integral_type(value) \
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/libldb-fix-musl-libc-unkown-type-error.patch b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/libldb-fix-musl-libc-unkown-type-error.patch
new file mode 100644
index 000000000..c0e7e8907
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/libldb-fix-musl-libc-unkown-type-error.patch
@@ -0,0 +1,31 @@
+From d90534469c5c43bf2a97e5698a5ddb4b7471f92a Mon Sep 17 00:00:00 2001
+From: Changqing Li
+Date: Tue, 24 Jul 2018 10:53:16 +0800
+Subject: [PATCH] libldb: fix musl libc unkoown type error
+
+tevent.h:1440:8: error: unknown type name 'pid_t'; did you mean 'div_t'?
+ pid_t *pid,
+ ^~~~~
+ div_t
+
+Signed-off-by: Changqing Li
+---
+ lib/tevent/tevent.h | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/lib/tevent/tevent.h b/lib/tevent/tevent.h
+index aa6fe0d..2572696 100644
+--- a/lib/tevent/tevent.h
++++ b/lib/tevent/tevent.h
+@@ -32,6 +32,8 @@
+ #include
+ #include
+ #include
++#include
++#include
+
+ struct tevent_context;
+ struct tevent_ops;
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/options-1.3.1.patch b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/options-1.3.1.patch
deleted file mode 100644
index ffe253b63..000000000
--- a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/options-1.3.1.patch
+++ /dev/null
@@ -1,193 +0,0 @@
-From a4da3ab4d76013aaa731d43d52ccca1ebd37c395 Mon Sep 17 00:00:00 2001
-From: Jackie Huang
-Date: Wed, 21 Sep 2016 10:06:39 +0800
-Subject: [PATCH 1/1] ldb: Add configure options for packages
-
-Add configure options for the following packages:
- - acl
- - attr
- - libaio
- - libbsd
- - libcap
- - valgrind
-
-Upstream-Status: Inappropriate [oe deterministic build specific]
-
-Signed-off-by: Jackie Huang
----
- lib/replace/system/wscript_configure | 6 ++-
- lib/replace/wscript | 94 +++++++++++++++++++++++++++---------
- wscript | 7 +++
- 3 files changed, 83 insertions(+), 24 deletions(-)
-
-diff --git a/lib/replace/system/wscript_configure b/lib/replace/system/wscript_configure
-index 2035474..10f9ae7 100644
---- a/lib/replace/system/wscript_configure
-+++ b/lib/replace/system/wscript_configure
-@@ -1,6 +1,10 @@
- #!/usr/bin/env python
-
--conf.CHECK_HEADERS('sys/capability.h')
-+import Options
-+
-+if Options.options.enable_libcap:
-+ conf.CHECK_HEADERS('sys/capability.h')
-+
- conf.CHECK_FUNCS('getpwnam_r getpwuid_r getpwent_r')
-
- # solaris varients of getXXent_r
-diff --git a/lib/replace/wscript b/lib/replace/wscript
-index 2f94d49..68b2d3a 100644
---- a/lib/replace/wscript
-+++ b/lib/replace/wscript
-@@ -23,6 +23,41 @@ def set_options(opt):
- opt.PRIVATE_EXTENSION_DEFAULT('')
- opt.RECURSE('buildtools/wafsamba')
-
-+ opt.add_option('--with-acl',
-+ help=("Enable use of acl"),
-+ action="store_true", dest='enable_acl')
-+ opt.add_option('--without-acl',
-+ help=("Disable use of acl"),
-+ action="store_false", dest='enable_acl', default=False)
-+
-+ opt.add_option('--with-attr',
-+ help=("Enable use of attr"),
-+ action="store_true", dest='enable_attr')
-+ opt.add_option('--without-attr',
-+ help=("Disable use of attr"),
-+ action="store_false", dest='enable_attr', default=False)
-+
-+ opt.add_option('--with-libaio',
-+ help=("Enable use of libaio"),
-+ action="store_true", dest='enable_libaio')
-+ opt.add_option('--without-libaio',
-+ help=("Disable use of libaio"),
-+ action="store_false", dest='enable_libaio', default=False)
-+
-+ opt.add_option('--with-libbsd',
-+ help=("Enable use of libbsd"),
-+ action="store_true", dest='enable_libbsd')
-+ opt.add_option('--without-libbsd',
-+ help=("Disable use of libbsd"),
-+ action="store_false", dest='enable_libbsd', default=False)
-+
-+ opt.add_option('--with-libcap',
-+ help=("Enable use of libcap"),
-+ action="store_true", dest='enable_libcap')
-+ opt.add_option('--without-libcap',
-+ help=("Disable use of libcap"),
-+ action="store_false", dest='enable_libcap', default=False)
-+
- @Utils.run_once
- def configure(conf):
- conf.RECURSE('buildtools/wafsamba')
-@@ -32,12 +67,25 @@ def configure(conf):
- conf.DEFINE('HAVE_LIBREPLACE', 1)
- conf.DEFINE('LIBREPLACE_NETWORK_CHECKS', 1)
-
-- conf.CHECK_HEADERS('linux/types.h crypt.h locale.h acl/libacl.h compat.h')
-- conf.CHECK_HEADERS('acl/libacl.h attr/xattr.h compat.h ctype.h dustat.h')
-+ conf.CHECK_HEADERS('linux/types.h crypt.h locale.h compat.h')
-+ conf.CHECK_HEADERS('compat.h ctype.h dustat.h')
- conf.CHECK_HEADERS('fcntl.h fnmatch.h glob.h history.h krb5.h langinfo.h')
-- conf.CHECK_HEADERS('libaio.h locale.h ndir.h pwd.h')
-- conf.CHECK_HEADERS('shadow.h sys/acl.h')
-- conf.CHECK_HEADERS('sys/attributes.h attr/attributes.h sys/capability.h sys/dir.h sys/epoll.h')
-+ conf.CHECK_HEADERS('locale.h ndir.h pwd.h')
-+ conf.CHECK_HEADERS('shadow.h')
-+ conf.CHECK_HEADERS('sys/attributes.h sys/dir.h sys/epoll.h')
-+
-+ if Options.options.enable_acl:
-+ conf.CHECK_HEADERS('acl/libacl.h sys/acl.h')
-+
-+ if Options.options.enable_attr:
-+ conf.CHECK_HEADERS('attr/attributes.h attr/xattr.h')
-+
-+ if Options.options.enable_libaio:
-+ conf.CHECK_HEADERS('libaio.h')
-+
-+ if Options.options.enable_libcap:
-+ conf.CHECK_HEADERS('sys/capability.h')
-+
- conf.CHECK_HEADERS('port.h')
- conf.CHECK_HEADERS('sys/fcntl.h sys/filio.h sys/filsys.h sys/fs/s5param.h sys/fs/vx/quota.h')
- conf.CHECK_HEADERS('sys/id.h sys/ioctl.h sys/ipc.h sys/mman.h sys/mode.h sys/ndir.h sys/priv.h')
-@@ -73,7 +121,9 @@ def configure(conf):
-
- conf.CHECK_CODE('', headers='rpc/rpc.h rpcsvc/yp_prot.h', define='HAVE_RPCSVC_YP_PROT_H')
-
-- conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h')
-+ if Options.options.enable_valgrind:
-+ conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h')
-+
- conf.CHECK_HEADERS('nss_common.h nsswitch.h ns_api.h')
- conf.CHECK_HEADERS('sys/extattr.h sys/ea.h sys/proplist.h sys/cdefs.h')
- conf.CHECK_HEADERS('utmp.h utmpx.h lastlog.h')
-@@ -266,22 +316,20 @@ def configure(conf):
-
- conf.CHECK_FUNCS('prctl dirname basename')
-
-- strlcpy_in_bsd = False
--
-- # libbsd on some platforms provides strlcpy and strlcat
-- if not conf.CHECK_FUNCS('strlcpy strlcat'):
-- if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
-- checklibc=True):
-- strlcpy_in_bsd = True
-- if not conf.CHECK_FUNCS('getpeereid'):
-- conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
-- if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
-- conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
-- if not conf.CHECK_FUNCS('setproctitle_init'):
-- conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
--
-- if not conf.CHECK_FUNCS('closefrom'):
-- conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
-+ if Options.options.enable_libbsd:
-+ # libbsd on some platforms provides strlcpy and strlcat
-+ if not conf.CHECK_FUNCS('strlcpy strlcat'):
-+ conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
-+ checklibc=True)
-+ if not conf.CHECK_FUNCS('getpeereid'):
-+ conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
-+ if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
-+ conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
-+ if not conf.CHECK_FUNCS('setproctitle_init'):
-+ conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
-+
-+ if not conf.CHECK_FUNCS('closefrom'):
-+ conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
-
- conf.CHECK_CODE('''
- struct ucred cred;
-@@ -632,7 +680,7 @@ removeea setea
- # look for a method of finding the list of network interfaces
- for method in ['HAVE_IFACE_GETIFADDRS', 'HAVE_IFACE_AIX', 'HAVE_IFACE_IFCONF', 'HAVE_IFACE_IFREQ']:
- bsd_for_strlcpy = ''
-- if strlcpy_in_bsd:
-+ if Options.options.enable_libbsd:
- bsd_for_strlcpy = ' bsd'
- if conf.CHECK_CODE('''
- #define %s 1
-diff --git a/wscript b/wscript
-index 8ae5be3..a178cc4 100644
---- a/wscript
-+++ b/wscript
-@@ -31,6 +31,13 @@ def set_options(opt):
- opt.RECURSE('lib/replace')
- opt.tool_options('python') # options for disabling pyc or pyo compilation
-
-+ opt.add_option('--with-valgrind',
-+ help=("enable use of valgrind"),
-+ action="store_true", dest='enable_valgrind')
-+ opt.add_option('--without-valgrind',
-+ help=("disable use of valgrind"),
-+ action="store_false", dest='enable_valgrind', default=False)
-+
- def configure(conf):
- conf.RECURSE('lib/tdb')
- conf.RECURSE('lib/tevent')
---
-2.16.2
-
diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/options-1.4.1.patch b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/options-1.4.1.patch
new file mode 100644
index 000000000..357afbea5
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/options-1.4.1.patch
@@ -0,0 +1,184 @@
+From ffffd29bc6303d60b3d77048fbbf6776f6fbbe01 Mon Sep 17 00:00:00 2001
+From: Changqing Li
+Date: Thu, 19 Jul 2018 16:40:31 +0800
+Subject: [PATCH] ldb: Add configure options for packages
+
+Add configure options for the following packages:
+ - acl
+ - attr
+ - libaio
+ - libbsd
+ - libcap
+ - valgrind
+
+Upstream-Status: Inappropriate [oe deterministic build specific]
+
+Signed-off-by: Jackie Huang
+
+Update to version 1.4.1, and fix one configure error
+
+Cross answers file cross-answers-i586.txt is incomplete with
+"Checking for a 64-bit host to support lmdb: UNKNOWN"
+
+we don't support lmdb, so only check when lmdb is support
+
+Signed-off-by: Changqing Li
+---
+ lib/replace/wscript | 94 ++++++++++++++++++++++++++++++++++++++++-------------
+ wscript | 6 ++++
+ 2 files changed, 77 insertions(+), 23 deletions(-)
+
+diff --git a/lib/replace/wscript b/lib/replace/wscript
+index fd00a42..434192e 100644
+--- a/lib/replace/wscript
++++ b/lib/replace/wscript
+@@ -23,6 +23,41 @@ def set_options(opt):
+ opt.PRIVATE_EXTENSION_DEFAULT('')
+ opt.RECURSE('buildtools/wafsamba')
+
++ opt.add_option('--with-acl',
++ help=("Enable use of acl"),
++ action="store_true", dest='enable_acl')
++ opt.add_option('--without-acl',
++ help=("Disable use of acl"),
++ action="store_false", dest='enable_acl', default=False)
++
++ opt.add_option('--with-attr',
++ help=("Enable use of attr"),
++ action="store_true", dest='enable_attr')
++ opt.add_option('--without-attr',
++ help=("Disable use of attr"),
++ action="store_false", dest='enable_attr', default=False)
++
++ opt.add_option('--with-libaio',
++ help=("Enable use of libaio"),
++ action="store_true", dest='enable_libaio')
++ opt.add_option('--without-libaio',
++ help=("Disable use of libaio"),
++ action="store_false", dest='enable_libaio', default=False)
++
++ opt.add_option('--with-libbsd',
++ help=("Enable use of libbsd"),
++ action="store_true", dest='enable_libbsd')
++ opt.add_option('--without-libbsd',
++ help=("Disable use of libbsd"),
++ action="store_false", dest='enable_libbsd', default=False)
++
++ opt.add_option('--with-libcap',
++ help=("Enable use of libcap"),
++ action="store_true", dest='enable_libcap')
++ opt.add_option('--without-libcap',
++ help=("Disable use of libcap"),
++ action="store_false", dest='enable_libcap', default=False)
++
+ @Utils.run_once
+ def configure(conf):
+ conf.RECURSE('buildtools/wafsamba')
+@@ -32,12 +67,25 @@ def configure(conf):
+ conf.DEFINE('HAVE_LIBREPLACE', 1)
+ conf.DEFINE('LIBREPLACE_NETWORK_CHECKS', 1)
+
+- conf.CHECK_HEADERS('linux/types.h crypt.h locale.h acl/libacl.h compat.h')
+- conf.CHECK_HEADERS('acl/libacl.h attr/xattr.h compat.h ctype.h dustat.h')
++ conf.CHECK_HEADERS('linux/types.h crypt.h locale.h compat.h')
++ conf.CHECK_HEADERS('compat.h ctype.h dustat.h')
+ conf.CHECK_HEADERS('fcntl.h fnmatch.h glob.h history.h krb5.h langinfo.h')
+- conf.CHECK_HEADERS('libaio.h locale.h ndir.h pwd.h')
+- conf.CHECK_HEADERS('shadow.h sys/acl.h')
+- conf.CHECK_HEADERS('sys/attributes.h attr/attributes.h sys/capability.h sys/dir.h sys/epoll.h')
++ conf.CHECK_HEADERS('locale.h ndir.h pwd.h')
++ conf.CHECK_HEADERS('shadow.h')
++ conf.CHECK_HEADERS('sys/attributes.h sys/dir.h sys/epoll.h')
++
++ if Options.options.enable_acl:
++ conf.CHECK_HEADERS('acl/libacl.h sys/acl.h')
++
++ if Options.options.enable_attr:
++ conf.CHECK_HEADERS('attr/attributes.h attr/xattr.h')
++
++ if Options.options.enable_libaio:
++ conf.CHECK_HEADERS('libaio.h')
++
++ if Options.options.enable_libcap:
++ conf.CHECK_HEADERS('sys/capability.h')
++
+ conf.CHECK_HEADERS('port.h')
+ conf.CHECK_HEADERS('sys/fcntl.h sys/filio.h sys/filsys.h sys/fs/s5param.h sys/fs/vx/quota.h')
+ conf.CHECK_HEADERS('sys/id.h sys/ioctl.h sys/ipc.h sys/mman.h sys/mode.h sys/ndir.h sys/priv.h')
+@@ -108,7 +156,9 @@ def configure(conf):
+ conf.CHECK_HEADERS('sys/fileio.h sys/filesys.h sys/dustat.h sys/sysmacros.h')
+ conf.CHECK_HEADERS('xfs/libxfs.h netgroup.h')
+
+- conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h')
++ if Options.options.enable_valgrind:
++ conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h')
++
+ conf.CHECK_HEADERS('nss_common.h nsswitch.h ns_api.h')
+ conf.CHECK_HEADERS('sys/extattr.h sys/ea.h sys/proplist.h sys/cdefs.h')
+ conf.CHECK_HEADERS('utmp.h utmpx.h lastlog.h')
+@@ -340,22 +390,20 @@ def configure(conf):
+
+ conf.CHECK_FUNCS('prctl dirname basename')
+
+- strlcpy_in_bsd = False
+-
+- # libbsd on some platforms provides strlcpy and strlcat
+- if not conf.CHECK_FUNCS('strlcpy strlcat'):
+- if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
+- checklibc=True):
+- strlcpy_in_bsd = True
+- if not conf.CHECK_FUNCS('getpeereid'):
+- conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
+- if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
+- conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
+- if not conf.CHECK_FUNCS('setproctitle_init'):
+- conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
+-
+- if not conf.CHECK_FUNCS('closefrom'):
+- conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
++ if Options.options.enable_libbsd:
++ # libbsd on some platforms provides strlcpy and strlcat
++ if not conf.CHECK_FUNCS('strlcpy strlcat'):
++ conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
++ checklibc=True)
++ if not conf.CHECK_FUNCS('getpeereid'):
++ conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
++ if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
++ conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
++ if not conf.CHECK_FUNCS('setproctitle_init'):
++ conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
++
++ if not conf.CHECK_FUNCS('closefrom'):
++ conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
+
+ conf.CHECK_CODE('''
+ struct ucred cred;
+@@ -699,7 +747,7 @@ def configure(conf):
+ # look for a method of finding the list of network interfaces
+ for method in ['HAVE_IFACE_GETIFADDRS', 'HAVE_IFACE_AIX', 'HAVE_IFACE_IFCONF', 'HAVE_IFACE_IFREQ']:
+ bsd_for_strlcpy = ''
+- if strlcpy_in_bsd:
++ if Options.options.enable_libbsd:
+ bsd_for_strlcpy = ' bsd'
+ if conf.CHECK_CODE('''
+ #define %s 1
+diff --git a/wscript b/wscript
+index ad91bc6..2d20fee 100644
+--- a/wscript
++++ b/wscript
+@@ -36,6 +36,12 @@ def set_options(opt):
+ help='disable new LMDB backend for LDB',
+ action='store_true', dest='without_ldb_lmdb', default=False)
+
++ opt.add_option('--with-valgrind',
++ help=("enable use of valgrind"),
++ action="store_true", dest='enable_valgrind')
++ opt.add_option('--without-valgrind',
++ help=("disable use of valgrind"),
++ action="store_false", dest='enable_valgrind', default=False)
+
+ def configure(conf):
+ conf.RECURSE('lib/tdb')
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb_1.3.1.bb b/meta-openembedded/meta-networking/recipes-support/libldb/libldb_1.3.1.bb
deleted file mode 100644
index 7e14cde35..000000000
--- a/meta-openembedded/meta-networking/recipes-support/libldb/libldb_1.3.1.bb
+++ /dev/null
@@ -1,63 +0,0 @@
-SUMMARY = "Hierarchical, reference counted memory pool system with destructors"
-HOMEPAGE = "http://ldb.samba.org"
-SECTION = "libs"
-LICENSE = "LGPL-3.0+ & LGPL-2.1+ & GPL-3.0+"
-
-DEPENDS += "libtdb libtalloc libtevent popt"
-RDEPENDS_pyldb += "python"
-
-SRC_URI = "http://samba.org/ftp/ldb/ldb-${PV}.tar.gz \
- file://do-not-import-target-module-while-cross-compile.patch \
- file://options-1.3.1.patch \
- "
-
-PACKAGECONFIG ??= "\
- ${@bb.utils.filter('DISTRO_FEATURES', 'acl', d)} \
- ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)} \
-"
-PACKAGECONFIG[acl] = "--with-acl,--without-acl,acl"
-PACKAGECONFIG[attr] = "--with-attr,--without-attr,attr"
-PACKAGECONFIG[ldap] = ",,openldap"
-PACKAGECONFIG[libaio] = "--with-libaio,--without-libaio,libaio"
-PACKAGECONFIG[libbsd] = "--with-libbsd,--without-libbsd,libbsd"
-PACKAGECONFIG[libcap] = "--with-libcap,--without-libcap,libcap"
-PACKAGECONFIG[valgrind] = "--with-valgrind,--without-valgrind,valgrind"
-
-SRC_URI += "${@bb.utils.contains('PACKAGECONFIG', 'ldap', '', 'file://avoid-openldap-unless-wanted.patch', d)}"
-
-LIC_FILES_CHKSUM = "file://pyldb.h;endline=24;md5=dfbd238cecad76957f7f860fbe9adade \
- file://man/ldb.3.xml;beginline=261;endline=262;md5=137f9fd61040c1505d1aa1019663fd08 \
- file://tools/ldbdump.c;endline=19;md5=a7d4fc5d1f75676b49df491575a86a42"
-
-SRC_URI[md5sum] = "e5233f202bca27f6ce8474fb8ae65983"
-SRC_URI[sha256sum] = "b19f2c9f55ae0f46aa5ebaea0bf1a47ec1ac135e1d78af0f6318cf50bf62cbd2"
-
-inherit waf-samba
-
-S = "${WORKDIR}/ldb-${PV}"
-
-EXTRA_OECONF += "--disable-rpath \
- --disable-rpath-install \
- --bundled-libraries=cmocka \
- --builtin-libraries=replace \
- --with-modulesdir=${libdir}/ldb/modules \
- --with-privatelibdir=${libdir}/ldb \
- --with-libiconv=${STAGING_DIR_HOST}${prefix}\
- "
-
-PACKAGES =+ "pyldb pyldb-dbg pyldb-dev"
-
-NOAUTOPACKAGEDEBUG = "1"
-
-FILES_${PN} += "${libdir}/ldb/*"
-FILES_${PN}-dbg += "${bindir}/.debug/* \
- ${libdir}/.debug/* \
- ${libdir}/ldb/.debug/* \
- ${libdir}/ldb/modules/ldb/.debug/*"
-
-FILES_pyldb = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/* \
- ${libdir}/libpyldb-util.so.* \
- "
-FILES_pyldb-dbg = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug \
- ${libdir}/.debug/libpyldb-util.so.*"
-FILES_pyldb-dev = "${libdir}/libpyldb-util.so"
diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb_1.4.1.bb b/meta-openembedded/meta-networking/recipes-support/libldb/libldb_1.4.1.bb
new file mode 100644
index 000000000..3c7e5455e
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb_1.4.1.bb
@@ -0,0 +1,68 @@
+SUMMARY = "Hierarchical, reference counted memory pool system with destructors"
+HOMEPAGE = "http://ldb.samba.org"
+SECTION = "libs"
+LICENSE = "LGPL-3.0+ & LGPL-2.1+ & GPL-3.0+"
+
+DEPENDS += "libtdb libtalloc libtevent popt"
+RDEPENDS_pyldb += "python samba"
+
+SRC_URI = "http://samba.org/ftp/ldb/ldb-${PV}.tar.gz \
+ file://do-not-import-target-module-while-cross-compile.patch \
+ file://options-1.4.1.patch \
+ file://0001-libldb-fix-config-error.patch \
+ file://libldb-fix-musl-libc-unkown-type-error.patch \
+ file://libldb-fix-musl-libc-conflict-type-error.patch \
+ "
+
+PACKAGECONFIG ??= "\
+ ${@bb.utils.filter('DISTRO_FEATURES', 'acl', d)} \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)} \
+"
+PACKAGECONFIG[acl] = "--with-acl,--without-acl,acl"
+PACKAGECONFIG[attr] = "--with-attr,--without-attr,attr"
+PACKAGECONFIG[ldap] = ",,openldap"
+PACKAGECONFIG[libaio] = "--with-libaio,--without-libaio,libaio"
+PACKAGECONFIG[libbsd] = "--with-libbsd,--without-libbsd,libbsd"
+PACKAGECONFIG[libcap] = "--with-libcap,--without-libcap,libcap"
+PACKAGECONFIG[valgrind] = "--with-valgrind,--without-valgrind,valgrind"
+
+SRC_URI += "${@bb.utils.contains('PACKAGECONFIG', 'ldap', '', 'file://avoid-openldap-unless-wanted.patch', d)}"
+
+LIC_FILES_CHKSUM = "file://pyldb.h;endline=24;md5=dfbd238cecad76957f7f860fbe9adade \
+ file://man/ldb.3.xml;beginline=261;endline=262;md5=137f9fd61040c1505d1aa1019663fd08 \
+ file://tools/ldbdump.c;endline=19;md5=a7d4fc5d1f75676b49df491575a86a42"
+
+SRC_URI[md5sum] = "159a1b1a56dcccf410d1bba911be6076"
+SRC_URI[sha256sum] = "2df13aa25b376b314ce24182c37691959019523de3cc5356c40c1a333b0890a2"
+
+inherit waf-samba distro_features_check
+REQUIRED_DISTRO_FEATURES = "pam"
+
+S = "${WORKDIR}/ldb-${PV}"
+
+EXTRA_OECONF += "--disable-rpath \
+ --disable-rpath-install \
+ --bundled-libraries=cmocka \
+ --builtin-libraries=replace \
+ --with-modulesdir=${libdir}/ldb/modules \
+ --with-privatelibdir=${libdir}/ldb \
+ --with-libiconv=${STAGING_DIR_HOST}${prefix}\
+ --without-ldb-lmdb \
+ "
+
+PACKAGES =+ "pyldb pyldb-dbg pyldb-dev"
+
+NOAUTOPACKAGEDEBUG = "1"
+
+FILES_${PN} += "${libdir}/ldb/*"
+FILES_${PN}-dbg += "${bindir}/.debug/* \
+ ${libdir}/.debug/* \
+ ${libdir}/ldb/.debug/* \
+ ${libdir}/ldb/modules/ldb/.debug/*"
+
+FILES_pyldb = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/* \
+ ${libdir}/libpyldb-util.so.* \
+ "
+FILES_pyldb-dbg = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug \
+ ${libdir}/.debug/libpyldb-util.so.*"
+FILES_pyldb-dev = "${libdir}/libpyldb-util.so"
diff --git a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/avoid-attr-unless-wanted.patch b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/avoid-attr-unless-wanted.patch
index a3ee9ccd9..db3ddce2c 100644
--- a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/avoid-attr-unless-wanted.patch
+++ b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/avoid-attr-unless-wanted.patch
@@ -1,20 +1,20 @@
--- a/lib/replace/wscript 2015-11-13 16:04:04.000000000 +0100
+++ b/lib/replace/wscript 2015-11-13 16:23:20.000000000 +0100
-@@ -636,8 +636,6 @@
+@@ -837,8 +837,6 @@ def build(bld):
if not bld.CONFIG_SET('HAVE_INET_ATON'): REPLACE_SOURCE += ' inet_aton.c'
if not bld.CONFIG_SET('HAVE_INET_NTOP'): REPLACE_SOURCE += ' inet_ntop.c'
if not bld.CONFIG_SET('HAVE_INET_PTON'): REPLACE_SOURCE += ' inet_pton.c'
- if not bld.CONFIG_SET('HAVE_GETXATTR') or bld.CONFIG_SET('XATTR_ADDITIONAL_OPTIONS'):
- REPLACE_SOURCE += ' xattr.c'
- bld.SAMBA_LIBRARY('replace',
- source=REPLACE_SOURCE,
-@@ -648,7 +646,7 @@
+ if not bld.CONFIG_SET('HAVE_CLOSEFROM'):
+ REPLACE_SOURCE += ' closefrom.c'
+@@ -852,7 +850,7 @@ def build(bld):
# at the moment:
# hide_symbols=bld.BUILTIN_LIBRARY('replace'),
private_library=True,
- deps='crypt dl nsl socket rt attr' + extra_libs)
+ deps='crypt dl nsl socket rt ' + extra_libs)
- bld.SAMBA_SUBSYSTEM('replace-test',
- source='''test/testsuite.c test/strptime.c
+ replace_test_cflags="-Wno-format-zero-length"
+ if bld.CONFIG_SET('HAVE_WNO_FORMAT_TRUNCATION'):
diff --git a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/options-2.1.10.patch b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/options-2.1.10.patch
deleted file mode 100644
index 63f21e775..000000000
--- a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/options-2.1.10.patch
+++ /dev/null
@@ -1,184 +0,0 @@
-From efc1b02144f23fdf84dbc5ff15307815e0f2a425 Mon Sep 17 00:00:00 2001
-From: Jackie Huang
-Date: Wed, 14 Sep 2016 11:11:35 +0800
-Subject: [PATCH] talloc: Add configure options for packages
-
-Add configure options for the following packages:
- - acl
- - attr
- - libaio
- - libbsd
- - libcap
- - valgrind
-
-Upstream-Status: Inappropriate [oe deterministic build specific]
-
-Signed-off-by: Jackie Huang
-
-Modified to apply to version 2.1.10.
-
-Signed-off-by: Joe Slater
-
----
- lib/replace/system/wscript_configure | 6 ++-
- lib/replace/wscript | 85 ++++++++++++++++++++++++++++--------
- wscript | 7 ++-
- 3 files changed, 79 insertions(+), 19 deletions(-)
-
-Index: talloc-2.1.11/lib/replace/system/wscript_configure
-===================================================================
---- talloc-2.1.11.orig/lib/replace/system/wscript_configure
-+++ talloc-2.1.11/lib/replace/system/wscript_configure
-@@ -1,6 +1,10 @@
- #!/usr/bin/env python
-
--conf.CHECK_HEADERS('sys/capability.h')
-+import Options
-+
-+if Options.options.enable_libcap:
-+ conf.CHECK_HEADERS('sys/capability.h')
-+
- conf.CHECK_FUNCS('getpwnam_r getpwuid_r getpwent_r')
-
- # solaris varients of getXXent_r
-Index: talloc-2.1.11/lib/replace/wscript
-===================================================================
---- talloc-2.1.11.orig/lib/replace/wscript
-+++ talloc-2.1.11/lib/replace/wscript
-@@ -23,6 +23,41 @@ def set_options(opt):
- opt.PRIVATE_EXTENSION_DEFAULT('')
- opt.RECURSE('buildtools/wafsamba')
-
-+ opt.add_option('--with-acl',
-+ help=("Enable use of acl"),
-+ action="store_true", dest='enable_acl')
-+ opt.add_option('--without-acl',
-+ help=("Disable use of acl"),
-+ action="store_false", dest='enable_acl', default=False)
-+
-+ opt.add_option('--with-attr',
-+ help=("Enable use of attr"),
-+ action="store_true", dest='enable_attr')
-+ opt.add_option('--without-attr',
-+ help=("Disable use of attr"),
-+ action="store_false", dest='enable_attr', default=False)
-+
-+ opt.add_option('--with-libaio',
-+ help=("Enable use of libaio"),
-+ action="store_true", dest='enable_libaio')
-+ opt.add_option('--without-libaio',
-+ help=("Disable use of libaio"),
-+ action="store_false", dest='enable_libaio', default=False)
-+
-+ opt.add_option('--with-libbsd',
-+ help=("Enable use of libbsd"),
-+ action="store_true", dest='enable_libbsd')
-+ opt.add_option('--without-libbsd',
-+ help=("Disable use of libbsd"),
-+ action="store_false", dest='enable_libbsd', default=False)
-+
-+ opt.add_option('--with-libcap',
-+ help=("Enable use of libcap"),
-+ action="store_true", dest='enable_libcap')
-+ opt.add_option('--without-libcap',
-+ help=("Disable use of libcap"),
-+ action="store_false", dest='enable_libcap', default=False)
-+
- @Utils.run_once
- def configure(conf):
- conf.RECURSE('buildtools/wafsamba')
-@@ -32,12 +67,25 @@ def configure(conf):
- conf.DEFINE('HAVE_LIBREPLACE', 1)
- conf.DEFINE('LIBREPLACE_NETWORK_CHECKS', 1)
-
-- conf.CHECK_HEADERS('linux/types.h crypt.h locale.h acl/libacl.h compat.h')
-- conf.CHECK_HEADERS('acl/libacl.h attr/xattr.h compat.h ctype.h dustat.h')
-+ conf.CHECK_HEADERS('linux/types.h crypt.h locale.h compat.h')
-+ conf.CHECK_HEADERS('compat.h ctype.h dustat.h')
- conf.CHECK_HEADERS('fcntl.h fnmatch.h glob.h history.h krb5.h langinfo.h')
-- conf.CHECK_HEADERS('libaio.h locale.h ndir.h pwd.h')
-- conf.CHECK_HEADERS('shadow.h sys/acl.h')
-- conf.CHECK_HEADERS('sys/attributes.h attr/attributes.h sys/capability.h sys/dir.h sys/epoll.h')
-+ conf.CHECK_HEADERS('locale.h ndir.h pwd.h')
-+ conf.CHECK_HEADERS('shadow.h')
-+ conf.CHECK_HEADERS('sys/attributes.h sys/dir.h sys/epoll.h')
-+
-+ if Options.options.enable_acl:
-+ conf.CHECK_HEADERS('acl/libacl.h sys/acl.h')
-+
-+ if Options.options.enable_attr:
-+ conf.CHECK_HEADERS('attr/attributes.h attr/xattr.h')
-+
-+ if Options.options.enable_libaio:
-+ conf.CHECK_HEADERS('libaio.h')
-+
-+ if Options.options.enable_libcap:
-+ conf.CHECK_HEADERS('sys/capability.h')
-+
- conf.CHECK_HEADERS('port.h')
- conf.CHECK_HEADERS('sys/fcntl.h sys/filio.h sys/filsys.h sys/fs/s5param.h sys/fs/vx/quota.h')
- conf.CHECK_HEADERS('sys/id.h sys/ioctl.h sys/ipc.h sys/mman.h sys/mode.h sys/ndir.h sys/priv.h')
-@@ -73,7 +121,9 @@ def configure(conf):
-
- conf.CHECK_CODE('', headers='rpc/rpc.h rpcsvc/yp_prot.h', define='HAVE_RPCSVC_YP_PROT_H')
-
-- conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h')
-+ if Options.options.enable_valgrind:
-+ conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h')
-+
- conf.CHECK_HEADERS('nss_common.h nsswitch.h ns_api.h')
- conf.CHECK_HEADERS('sys/extattr.h sys/ea.h sys/proplist.h sys/cdefs.h')
- conf.CHECK_HEADERS('utmp.h utmpx.h lastlog.h')
-@@ -267,21 +317,21 @@ def configure(conf):
- conf.CHECK_FUNCS('prctl dirname basename')
-
- strlcpy_in_bsd = False
--
-- # libbsd on some platforms provides strlcpy and strlcat
-- if not conf.CHECK_FUNCS('strlcpy strlcat'):
-- if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
-+ if Options.options.enable_libbsd:
-+ # libbsd on some platforms provides strlcpy and strlcat
-+ if not conf.CHECK_FUNCS('strlcpy strlcat'):
-+ if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
- checklibc=True):
-- strlcpy_in_bsd = True
-- if not conf.CHECK_FUNCS('getpeereid'):
-- conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
-- if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
-- conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
-- if not conf.CHECK_FUNCS('setproctitle_init'):
-- conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
-+ strlcpy_in_bsd = True
-+ if not conf.CHECK_FUNCS('getpeereid'):
-+ conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
-+ if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
-+ conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
-+ if not conf.CHECK_FUNCS('setproctitle_init'):
-+ conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
-
-- if not conf.CHECK_FUNCS('closefrom'):
-- conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
-+ if not conf.CHECK_FUNCS('closefrom'):
-+ conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
-
- conf.CHECK_CODE('''
- struct ucred cred;
-Index: talloc-2.1.11/wscript
-===================================================================
---- talloc-2.1.11.orig/wscript
-+++ talloc-2.1.11/wscript
-@@ -32,7 +32,12 @@ def set_options(opt):
- opt.add_option('--enable-talloc-compat1',
- help=("Build talloc 1.x.x compat library [False]"),
- action="store_true", dest='TALLOC_COMPAT1', default=False)
--
-+ opt.add_option('--with-valgrind',
-+ help=("enable use of valgrind"),
-+ action="store_true", dest='enable_valgrind')
-+ opt.add_option('--without-valgrind',
-+ help=("disable use of valgrind"),
-+ action="store_false", dest='enable_valgrind', default=False)
-
- def configure(conf):
- conf.RECURSE('lib/replace')
diff --git a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/options-2.1.14.patch b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/options-2.1.14.patch
new file mode 100644
index 000000000..df45d36e9
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc/options-2.1.14.patch
@@ -0,0 +1,172 @@
+From 319a2a1bb46ae35fa9d66878cb08285035f0bd5f Mon Sep 17 00:00:00 2001
+From: Jackie Huang
+Date: Thu, 19 Jul 2018 15:41:31 +0800
+Subject: [PATCH] talloc: Add configure options for packages
+
+Add configure options for the following packages:
+ - acl
+ - attr
+ - libaio
+ - libbsd
+ - libcap
+ - valgrind
+
+Upstream-Status: Inappropriate [oe deterministic build specific]
+
+Signed-off-by: Jackie Huang
+
+Modified to apply to version 2.1.10.
+
+Signed-off-by: Joe Slater
+
+Modified tp apply to version 2.1.14
+Signed-off-by: Changqing Li
+---
+ lib/replace/wscript | 90 +++++++++++++++++++++++++++++++++++++++++------------
+ wscript | 7 +++++
+ 2 files changed, 77 insertions(+), 20 deletions(-)
+
+diff --git a/lib/replace/wscript b/lib/replace/wscript
+index fd00a42..a77c058 100644
+--- a/lib/replace/wscript
++++ b/lib/replace/wscript
+@@ -22,6 +22,41 @@ def set_options(opt):
+ opt.BUILTIN_DEFAULT('NONE')
+ opt.PRIVATE_EXTENSION_DEFAULT('')
+ opt.RECURSE('buildtools/wafsamba')
++
++ opt.add_option('--with-acl',
++ help=("Enable use of acl"),
++ action="store_true", dest='enable_acl')
++ opt.add_option('--without-acl',
++ help=("Disable use of acl"),
++ action="store_false", dest='enable_acl', default=False)
++
++ opt.add_option('--with-attr',
++ help=("Enable use of attr"),
++ action="store_true", dest='enable_attr')
++ opt.add_option('--without-attr',
++ help=("Disable use of attr"),
++ action="store_false", dest='enable_attr', default=False)
++
++ opt.add_option('--with-libaio',
++ help=("Enable use of libaio"),
++ action="store_true", dest='enable_libaio')
++ opt.add_option('--without-libaio',
++ help=("Disable use of libaio"),
++ action="store_false", dest='enable_libaio', default=False)
++
++ opt.add_option('--with-libbsd',
++ help=("Enable use of libbsd"),
++ action="store_true", dest='enable_libbsd')
++ opt.add_option('--without-libbsd',
++ help=("Disable use of libbsd"),
++ action="store_false", dest='enable_libbsd', default=False)
++
++ opt.add_option('--with-libcap',
++ help=("Enable use of libcap"),
++ action="store_true", dest='enable_libcap')
++ opt.add_option('--without-libcap',
++ help=("Disable use of libcap"),
++ action="store_false", dest='enable_libcap', default=False)
+
+ @Utils.run_once
+ def configure(conf):
+@@ -32,12 +67,25 @@ def configure(conf):
+ conf.DEFINE('HAVE_LIBREPLACE', 1)
+ conf.DEFINE('LIBREPLACE_NETWORK_CHECKS', 1)
+
+- conf.CHECK_HEADERS('linux/types.h crypt.h locale.h acl/libacl.h compat.h')
+- conf.CHECK_HEADERS('acl/libacl.h attr/xattr.h compat.h ctype.h dustat.h')
++ conf.CHECK_HEADERS('linux/types.h crypt.h locale.h compat.h')
++ conf.CHECK_HEADERS('attr/xattr.h compat.h ctype.h dustat.h')
+ conf.CHECK_HEADERS('fcntl.h fnmatch.h glob.h history.h krb5.h langinfo.h')
+- conf.CHECK_HEADERS('libaio.h locale.h ndir.h pwd.h')
+- conf.CHECK_HEADERS('shadow.h sys/acl.h')
+- conf.CHECK_HEADERS('sys/attributes.h attr/attributes.h sys/capability.h sys/dir.h sys/epoll.h')
++ conf.CHECK_HEADERS('locale.h ndir.h pwd.h')
++ conf.CHECK_HEADERS('shadow.h')
++ conf.CHECK_HEADERS('sys/attributes.h sys/dir.h sys/epoll.h')
++
++ if Options.options.enable_acl:
++ conf.CHECK_HEADERS('acl/libacl.h sys/acl.h')
++
++ if Options.options.enable_attr:
++ conf.CHECK_HEADERS('attr/attributes.h attr/xattr.h')
++
++ if Options.options.enable_libaio:
++ conf.CHECK_HEADERS('libaio.h')
++
++ if Options.options.enable_libcap:
++ conf.CHECK_HEADERS('sys/capability.h')
++
+ conf.CHECK_HEADERS('port.h')
+ conf.CHECK_HEADERS('sys/fcntl.h sys/filio.h sys/filsys.h sys/fs/s5param.h sys/fs/vx/quota.h')
+ conf.CHECK_HEADERS('sys/id.h sys/ioctl.h sys/ipc.h sys/mman.h sys/mode.h sys/ndir.h sys/priv.h')
+@@ -108,7 +156,9 @@ def configure(conf):
+ conf.CHECK_HEADERS('sys/fileio.h sys/filesys.h sys/dustat.h sys/sysmacros.h')
+ conf.CHECK_HEADERS('xfs/libxfs.h netgroup.h')
+
+- conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h')
++ if Options.options.enable_valgrind:
++ conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h')
++
+ conf.CHECK_HEADERS('nss_common.h nsswitch.h ns_api.h')
+ conf.CHECK_HEADERS('sys/extattr.h sys/ea.h sys/proplist.h sys/cdefs.h')
+ conf.CHECK_HEADERS('utmp.h utmpx.h lastlog.h')
+@@ -342,20 +392,20 @@ def configure(conf):
+
+ strlcpy_in_bsd = False
+
+- # libbsd on some platforms provides strlcpy and strlcat
+- if not conf.CHECK_FUNCS('strlcpy strlcat'):
+- if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
+- checklibc=True):
+- strlcpy_in_bsd = True
+- if not conf.CHECK_FUNCS('getpeereid'):
+- conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
+- if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
+- conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
+- if not conf.CHECK_FUNCS('setproctitle_init'):
+- conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
+-
+- if not conf.CHECK_FUNCS('closefrom'):
+- conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
++ if Options.options.enable_libbsd:
++ # libbsd on some platforms provides strlcpy and strlcat
++ if not conf.CHECK_FUNCS('strlcpy strlcat'):
++ if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
++ checklibc=True):
++ strlcpy_in_bsd = True
++ if not conf.CHECK_FUNCS('getpeereid'):
++ conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
++ if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
++ conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
++ if not conf.CHECK_FUNCS('setproctitle_init'):
++ conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
++ if not conf.CHECK_FUNCS('closefrom'):
++ conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
+
+ conf.CHECK_CODE('''
+ struct ucred cred;
+diff --git a/wscript b/wscript
+index 18f726e..fed8ab9 100644
+--- a/wscript
++++ b/wscript
+@@ -32,6 +32,13 @@ def set_options(opt):
+ opt.add_option('--enable-talloc-compat1',
+ help=("Build talloc 1.x.x compat library [False]"),
+ action="store_true", dest='TALLOC_COMPAT1', default=False)
++ opt.add_option('--with-valgrind',
++ help=("enable use of valgrind"),
++ action="store_true", dest='enable_valgrind')
++ opt.add_option('--without-valgrind',
++ help=("disable use of valgrind"),
++ action="store_false", dest='enable_valgrind', default=False)
++
+
+
+ def configure(conf):
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.1.11.bb b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.1.11.bb
deleted file mode 100644
index 848cf4d99..000000000
--- a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.1.11.bb
+++ /dev/null
@@ -1,49 +0,0 @@
-SUMMARY = "Hierarchical, reference counted memory pool system with destructors"
-HOMEPAGE = "http://talloc.samba.org"
-SECTION = "libs"
-LICENSE = "LGPL-3.0+ & GPL-3.0+"
-LIC_FILES_CHKSUM = "file://talloc.h;beginline=3;endline=27;md5=a301712782cad6dd6d5228bfa7825249 \
- file://pytalloc.h;beginline=1;endline=18;md5=2c498cc6f2263672483237b20f46b43d"
-
-
-SRC_URI = "https://samba.org/ftp/talloc/talloc-${PV}.tar.gz \
- file://options-2.1.10.patch \
-"
-SRC_URI[md5sum] = "452596f904ca2b10322bdaabf147a721"
-SRC_URI[sha256sum] = "639eb35556a0af999123c4d883e79be05ff9f00ab4f9e4ac2e5775f9c5eeeed3"
-
-inherit waf-samba
-
-PACKAGECONFIG ??= "\
- ${@bb.utils.filter('DISTRO_FEATURES', 'acl', d)} \
- ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)} \
-"
-PACKAGECONFIG[acl] = "--with-acl,--without-acl,acl"
-PACKAGECONFIG[attr] = "--with-attr,--without-attr,attr"
-PACKAGECONFIG[libaio] = "--with-libaio,--without-libaio,libaio"
-PACKAGECONFIG[libbsd] = "--with-libbsd,--without-libbsd,libbsd"
-PACKAGECONFIG[libcap] = "--with-libcap,--without-libcap,libcap"
-PACKAGECONFIG[valgrind] = "--with-valgrind,--without-valgrind,valgrind"
-
-SRC_URI += "${@bb.utils.contains('PACKAGECONFIG', 'attr', '', 'file://avoid-attr-unless-wanted.patch', d)}"
-
-S = "${WORKDIR}/talloc-${PV}"
-
-EXTRA_OECONF += "--disable-rpath \
- --disable-rpath-install \
- --bundled-libraries=NONE \
- --builtin-libraries=replace \
- --disable-silent-rules \
- --with-libiconv=${STAGING_DIR_HOST}${prefix}\
- "
-
-PACKAGES += "pytalloc pytalloc-dbg pytalloc-dev"
-
-FILES_pytalloc = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/* \
- ${libdir}/libpytalloc-util.so.2 \
- ${libdir}/libpytalloc-util.so.2.1.1 \
- "
-FILES_pytalloc-dbg = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug \
- ${libdir}/.debug/libpytalloc-util.so.2.1.1"
-FILES_pytalloc-dev = "${libdir}/libpytalloc-util.so"
-RDEPENDS_pytalloc = "python"
diff --git a/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.1.14.bb b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.1.14.bb
new file mode 100644
index 000000000..9a463a6dc
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/libtalloc/libtalloc_2.1.14.bb
@@ -0,0 +1,49 @@
+SUMMARY = "Hierarchical, reference counted memory pool system with destructors"
+HOMEPAGE = "http://talloc.samba.org"
+SECTION = "libs"
+LICENSE = "LGPL-3.0+ & GPL-3.0+"
+LIC_FILES_CHKSUM = "file://talloc.h;beginline=3;endline=27;md5=a301712782cad6dd6d5228bfa7825249 \
+ file://pytalloc.h;beginline=1;endline=18;md5=2c498cc6f2263672483237b20f46b43d"
+
+
+SRC_URI = "https://samba.org/ftp/talloc/talloc-${PV}.tar.gz \
+ file://options-2.1.14.patch \
+"
+SRC_URI[md5sum] = "7478da02e309316231a497a9f17a980d"
+SRC_URI[sha256sum] = "b185602756a628bac507fa8af8b9df92ace69d27c0add5dab93190ad7c3367ce"
+
+inherit waf-samba
+
+PACKAGECONFIG ??= "\
+ ${@bb.utils.filter('DISTRO_FEATURES', 'acl', d)} \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)} \
+"
+PACKAGECONFIG[acl] = "--with-acl,--without-acl,acl"
+PACKAGECONFIG[attr] = "--with-attr,--without-attr,attr"
+PACKAGECONFIG[libaio] = "--with-libaio,--without-libaio,libaio"
+PACKAGECONFIG[libbsd] = "--with-libbsd,--without-libbsd,libbsd"
+PACKAGECONFIG[libcap] = "--with-libcap,--without-libcap,libcap"
+PACKAGECONFIG[valgrind] = "--with-valgrind,--without-valgrind,valgrind"
+
+SRC_URI += "${@bb.utils.contains('PACKAGECONFIG', 'attr', '', 'file://avoid-attr-unless-wanted.patch', d)}"
+
+S = "${WORKDIR}/talloc-${PV}"
+
+EXTRA_OECONF += "--disable-rpath \
+ --disable-rpath-install \
+ --bundled-libraries=NONE \
+ --builtin-libraries=replace \
+ --disable-silent-rules \
+ --with-libiconv=${STAGING_DIR_HOST}${prefix}\
+ "
+
+PACKAGES += "pytalloc pytalloc-dev"
+
+RPROVIDES_${PN}-dbg += "pytalloc-dbg"
+
+FILES_pytalloc = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/* \
+ ${libdir}/libpytalloc-util.so.2 \
+ ${libdir}/libpytalloc-util.so.2.1.1 \
+ "
+FILES_pytalloc-dev = "${libdir}/libpytalloc-util.so"
+RDEPENDS_pytalloc = "python"
diff --git a/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb/tdb-Add-configure-options-for-packages.patch b/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb/tdb-Add-configure-options-for-packages.patch
index 272921e56..365b92da2 100644
--- a/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb/tdb-Add-configure-options-for-packages.patch
+++ b/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb/tdb-Add-configure-options-for-packages.patch
@@ -1,10 +1,7 @@
-From 24911f36bcb00412e5dc4cd11fda139e09d58798 Mon Sep 17 00:00:00 2001
-From: Huang Qiyu
-Date: Tue, 1 Aug 2017 03:12:09 +0900
-Subject: [PATCH] From 10ac5e5fdda44adcc2a159b6f9a2d51a51361057 Mon Sep 17
- 00:00:00 2001 From: Jackie Huang Date: Wed, 21
- Sep 2016 10:46:19 +0800 Subject: [PATCH] tdb: Add configure options for
- packages
+From 6de1affddde4003a956523c330ecf24e22e094ac Mon Sep 17 00:00:00 2001
+From: Changqing Li
+Date: Thu, 19 Jul 2018 16:20:32 +0800
+Subject: [PATCH] tdb: Add configure options for packages
Add configure options for the following packages:
- acl
@@ -21,30 +18,16 @@ Signed-off-by: Jackie Huang
Update for libtdb_1.3.14.
Signed-off-by: Huang Qiyu
+
+Update for libtdb_1.3.16
+Signed-off-by: Changqing Li
---
- lib/replace/system/wscript_configure | 6 ++-
- lib/replace/wscript | 85 ++++++++++++++++++++++++++++--------
- wscript | 7 ++-
- 3 files changed, 79 insertions(+), 19 deletions(-)
+ lib/replace/wscript | 89 +++++++++++++++++++++++++++++++++++++++++------------
+ wscript | 6 ++++
+ 2 files changed, 75 insertions(+), 20 deletions(-)
-diff --git a/lib/replace/system/wscript_configure b/lib/replace/system/wscript_configure
-index 2035474..10f9ae7 100644
---- a/lib/replace/system/wscript_configure
-+++ b/lib/replace/system/wscript_configure
-@@ -1,6 +1,10 @@
- #!/usr/bin/env python
-
--conf.CHECK_HEADERS('sys/capability.h')
-+import Options
-+
-+if Options.options.enable_libcap:
-+ conf.CHECK_HEADERS('sys/capability.h')
-+
- conf.CHECK_FUNCS('getpwnam_r getpwuid_r getpwent_r')
-
- # solaris varients of getXXent_r
diff --git a/lib/replace/wscript b/lib/replace/wscript
-index 7c50e1d..15df5c3 100644
+index fd00a42..2df83cd 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -23,6 +23,41 @@ def set_options(opt):
@@ -96,7 +79,7 @@ index 7c50e1d..15df5c3 100644
- conf.CHECK_HEADERS('linux/types.h crypt.h locale.h acl/libacl.h compat.h')
- conf.CHECK_HEADERS('acl/libacl.h attr/xattr.h compat.h ctype.h dustat.h')
+ conf.CHECK_HEADERS('linux/types.h crypt.h locale.h compat.h')
-+ conf.CHECK_HEADERS('compat.h ctype.h dustat.h')
++ conf.CHECK_HEADERS('attr/xattr.h compat.h ctype.h dustat.h')
conf.CHECK_HEADERS('fcntl.h fnmatch.h glob.h history.h krb5.h langinfo.h')
- conf.CHECK_HEADERS('libaio.h locale.h ndir.h pwd.h')
- conf.CHECK_HEADERS('shadow.h sys/acl.h')
@@ -120,9 +103,9 @@ index 7c50e1d..15df5c3 100644
conf.CHECK_HEADERS('port.h')
conf.CHECK_HEADERS('sys/fcntl.h sys/filio.h sys/filsys.h sys/fs/s5param.h sys/fs/vx/quota.h')
conf.CHECK_HEADERS('sys/id.h sys/ioctl.h sys/ipc.h sys/mman.h sys/mode.h sys/ndir.h sys/priv.h')
-@@ -73,7 +121,9 @@ def configure(conf):
-
- conf.CHECK_CODE('', headers='rpc/rpc.h rpcsvc/yp_prot.h', define='HAVE_RPCSVC_YP_PROT_H')
+@@ -108,7 +156,9 @@ def configure(conf):
+ conf.CHECK_HEADERS('sys/fileio.h sys/filesys.h sys/dustat.h sys/sysmacros.h')
+ conf.CHECK_HEADERS('xfs/libxfs.h netgroup.h')
- conf.CHECK_HEADERS('valgrind.h valgrind/valgrind.h valgrind/memcheck.h')
+ if Options.options.enable_valgrind:
@@ -131,18 +114,21 @@ index 7c50e1d..15df5c3 100644
conf.CHECK_HEADERS('nss_common.h nsswitch.h ns_api.h')
conf.CHECK_HEADERS('sys/extattr.h sys/ea.h sys/proplist.h sys/cdefs.h')
conf.CHECK_HEADERS('utmp.h utmpx.h lastlog.h')
-@@ -251,17 +301,18 @@ def configure(conf):
+@@ -342,20 +392,19 @@ def configure(conf):
- conf.CHECK_FUNCS('prctl dirname basename')
+ strlcpy_in_bsd = False
- # libbsd on some platforms provides strlcpy and strlcat
- if not conf.CHECK_FUNCS('strlcpy strlcat'):
-- conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
-- checklibc=True)
+- if conf.CHECK_FUNCS_IN('strlcpy strlcat', 'bsd', headers='bsd/string.h',
+- checklibc=True):
+- strlcpy_in_bsd = True
- if not conf.CHECK_FUNCS('getpeereid'):
- conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
- if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
- conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
+- if not conf.CHECK_FUNCS('setproctitle_init'):
+- conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
-
- if not conf.CHECK_FUNCS('closefrom'):
- conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
@@ -158,18 +144,18 @@ index 7c50e1d..15df5c3 100644
+
+ if not conf.CHECK_FUNCS('closefrom'):
+ conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
++
conf.CHECK_CODE('''
struct ucred cred;
diff --git a/wscript b/wscript
-index 1c9655a..8c20d3b 100644
+index 6505648..6608481 100644
--- a/wscript
+++ b/wscript
-@@ -62,7 +62,12 @@ def set_options(opt):
- help=("Disable the use of pthread robust mutexes"),
+@@ -63,6 +63,12 @@ def set_options(opt):
action="store_true", dest='disable_tdb_mutex_locking',
default=False)
--
+
+ opt.add_option('--with-valgrind',
+ help=("enable use of valgrind"),
+ action="store_true", dest='enable_valgrind')
diff --git a/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb_1.3.15.bb b/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb_1.3.15.bb
deleted file mode 100644
index 302a306b3..000000000
--- a/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb_1.3.15.bb
+++ /dev/null
@@ -1,44 +0,0 @@
-SUMMARY = "The tdb library"
-HOMEPAGE = "http://tdb.samba.org/"
-SECTION = "libs"
-LICENSE = "LGPL-3.0+ & GPL-3.0+"
-
-LIC_FILES_CHKSUM = "file://tools/tdbdump.c;endline=18;md5=b59cd45aa8624578126a8c98f48018c4 \
- file://include/tdb.h;endline=27;md5=f5bb544641d3081821bcc1dd58310be6"
-
-SRC_URI = "https://samba.org/ftp/tdb/tdb-${PV}.tar.gz \
- file://do-not-check-xsltproc-manpages.patch \
- file://tdb-Add-configure-options-for-packages.patch \
-"
-
-SRC_URI[md5sum] = "60ece3996acc8d85b6f713199da971a6"
-SRC_URI[sha256sum] = "b4a1bf3833601bd9f10aff363cb750860aef9ce5b4617989239923192f946728"
-
-PACKAGECONFIG ??= "\
- ${@bb.utils.filter('DISTRO_FEATURES', 'acl', d)} \
- ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)} \
-"
-PACKAGECONFIG[acl] = "--with-acl,--without-acl,acl"
-PACKAGECONFIG[attr] = "--with-attr,--without-attr,attr"
-PACKAGECONFIG[libaio] = "--with-libaio,--without-libaio,libaio"
-PACKAGECONFIG[libbsd] = "--with-libbsd,--without-libbsd,libbsd"
-PACKAGECONFIG[libcap] = "--with-libcap,--without-libcap,libcap"
-PACKAGECONFIG[valgrind] = "--with-valgrind,--without-valgrind,valgrind"
-
-S = "${WORKDIR}/tdb-${PV}"
-
-inherit waf-samba
-
-EXTRA_OECONF += "--disable-rpath \
- --bundled-libraries=NONE \
- --builtin-libraries=replace \
- --with-libiconv=${STAGING_DIR_HOST}${prefix}\
- "
-
-PACKAGES += "tdb-tools python-tdb python-tdb-dbg"
-
-FILES_${PN} = "${libdir}/*.so.*"
-FILES_tdb-tools = "${bindir}/*"
-FILES_python-tdb = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/*"
-FILES_python-tdb-dbg = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug/*"
-RDEPENDS_python-tdb = "python"
diff --git a/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb_1.3.16.bb b/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb_1.3.16.bb
new file mode 100644
index 000000000..0579ed6e3
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/libtdb/libtdb_1.3.16.bb
@@ -0,0 +1,45 @@
+SUMMARY = "The tdb library"
+HOMEPAGE = "http://tdb.samba.org/"
+SECTION = "libs"
+LICENSE = "LGPL-3.0+ & GPL-3.0+"
+
+LIC_FILES_CHKSUM = "file://tools/tdbdump.c;endline=18;md5=b59cd45aa8624578126a8c98f48018c4 \
+ file://include/tdb.h;endline=27;md5=f5bb544641d3081821bcc1dd58310be6"
+
+SRC_URI = "https://samba.org/ftp/tdb/tdb-${PV}.tar.gz \
+ file://do-not-check-xsltproc-manpages.patch \
+ file://tdb-Add-configure-options-for-packages.patch \
+"
+
+SRC_URI[md5sum] = "7d06d8709188e07df853d9e91db88927"
+SRC_URI[sha256sum] = "6a3fc2616567f23993984ada3cea97d953a27669ffd1bfbbe961f26e0cf96cc5"
+
+PACKAGECONFIG ??= "\
+ ${@bb.utils.filter('DISTRO_FEATURES', 'acl', d)} \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)} \
+"
+PACKAGECONFIG[acl] = "--with-acl,--without-acl,acl"
+PACKAGECONFIG[attr] = "--with-attr,--without-attr,attr"
+PACKAGECONFIG[libaio] = "--with-libaio,--without-libaio,libaio"
+PACKAGECONFIG[libbsd] = "--with-libbsd,--without-libbsd,libbsd"
+PACKAGECONFIG[libcap] = "--with-libcap,--without-libcap,libcap"
+PACKAGECONFIG[valgrind] = "--with-valgrind,--without-valgrind,valgrind"
+
+S = "${WORKDIR}/tdb-${PV}"
+
+inherit waf-samba
+
+EXTRA_OECONF += "--disable-rpath \
+ --bundled-libraries=NONE \
+ --builtin-libraries=replace \
+ --with-libiconv=${STAGING_DIR_HOST}${prefix}\
+ "
+
+PACKAGES += "tdb-tools python-tdb"
+
+RPROVIDES_${PN}-dbg += "python-tdb-dbg"
+
+FILES_${PN} = "${libdir}/*.so.*"
+FILES_tdb-tools = "${bindir}/*"
+FILES_python-tdb = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/*"
+RDEPENDS_python-tdb = "python"
diff --git a/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent/0001-libtevent-fix-musl-libc-compile-error.patch b/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent/0001-libtevent-fix-musl-libc-compile-error.patch
new file mode 100644
index 000000000..e3aeda9c3
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent/0001-libtevent-fix-musl-libc-compile-error.patch
@@ -0,0 +1,32 @@
+From 7ba1de909c587b6773a39ba9f6f9890987f35b24 Mon Sep 17 00:00:00 2001
+From: Changqing Li
+Date: Tue, 24 Jul 2018 11:30:53 +0800
+Subject: [PATCH] libtevent: fix musl libc compile error
+
+libldb depend on libtevent, build libldb with musl libc,
+will report error:
+tevent.h:1440:8: error: unknown type name 'pid_t'; did you mean 'div_t'?
+
+add missing headers to fix it.
+
+Signed-off-by: Changqing Li
+---
+ tevent.h | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/tevent.h b/tevent.h
+index aa6fe0d..2572696 100644
+--- a/tevent.h
++++ b/tevent.h
+@@ -32,6 +32,8 @@
+ #include
+ #include
+ #include
++#include
++#include
+
+ struct tevent_context;
+ struct tevent_ops;
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent_0.9.36.bb b/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent_0.9.36.bb
deleted file mode 100644
index c91b221b1..000000000
--- a/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent_0.9.36.bb
+++ /dev/null
@@ -1,44 +0,0 @@
-SUMMARY = "Hierarchical, reference counted memory pool system with destructors"
-HOMEPAGE = "http://tevent.samba.org"
-SECTION = "libs"
-LICENSE = "LGPLv3+"
-
-DEPENDS += "libtalloc libtirpc"
-RDEPENDS_python-tevent = "python"
-
-SRC_URI = "https://samba.org/ftp/tevent/tevent-${PV}.tar.gz \
- file://options-0.9.36.patch \
-"
-LIC_FILES_CHKSUM = "file://tevent.h;endline=26;md5=4e458d658cb25e21efc16f720e78b85a"
-
-SRC_URI[md5sum] = "87d67bca75b231814435c47bec0aff8a"
-SRC_URI[sha256sum] = "bd2b6be3fd1601ed7f176e99111e322c57d58e425cc149ee80c7dd4fed263b4c"
-
-inherit waf-samba
-
-PACKAGECONFIG ??= "\
- ${@bb.utils.filter('DISTRO_FEATURES', 'acl', d)} \
- ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)} \
-"
-PACKAGECONFIG[acl] = "--with-acl,--without-acl,acl"
-PACKAGECONFIG[attr] = "--with-attr,--without-attr,attr"
-PACKAGECONFIG[libaio] = "--with-libaio,--without-libaio,libaio"
-PACKAGECONFIG[libbsd] = "--with-libbsd,--without-libbsd,libbsd"
-PACKAGECONFIG[libcap] = "--with-libcap,--without-libcap,libcap"
-PACKAGECONFIG[valgrind] = "--with-valgrind,--without-valgrind,valgrind"
-
-SRC_URI += "${@bb.utils.contains('PACKAGECONFIG', 'attr', '', 'file://avoid-attr-unless-wanted.patch', d)}"
-
-S = "${WORKDIR}/tevent-${PV}"
-
-EXTRA_OECONF += "--disable-rpath \
- --bundled-libraries=NONE \
- --builtin-libraries=replace \
- --with-libiconv=${STAGING_DIR_HOST}${prefix}\
- --without-gettext \
- "
-
-PACKAGES += "python-tevent python-tevent-dbg"
-
-FILES_python-tevent = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/*"
-FILES_python-tevent-dbg = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug"
diff --git a/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent_0.9.37.bb b/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent_0.9.37.bb
new file mode 100644
index 000000000..4df251c7f
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/libtevent/libtevent_0.9.37.bb
@@ -0,0 +1,46 @@
+SUMMARY = "Hierarchical, reference counted memory pool system with destructors"
+HOMEPAGE = "http://tevent.samba.org"
+SECTION = "libs"
+LICENSE = "LGPLv3+"
+
+DEPENDS += "libtalloc libtirpc"
+RDEPENDS_python-tevent = "python"
+
+SRC_URI = "https://samba.org/ftp/tevent/tevent-${PV}.tar.gz \
+ file://options-0.9.36.patch \
+ file://0001-libtevent-fix-musl-libc-compile-error.patch \
+"
+LIC_FILES_CHKSUM = "file://tevent.h;endline=26;md5=4e458d658cb25e21efc16f720e78b85a"
+
+SRC_URI[md5sum] = "6859cd4081fdb2a76b1cb4bf1c803a59"
+SRC_URI[sha256sum] = "168345ed65eac03785cf77b95238e7dc66cbb473a42811693a6b0916e5dae7e0"
+
+inherit waf-samba
+
+PACKAGECONFIG ??= "\
+ ${@bb.utils.filter('DISTRO_FEATURES', 'acl', d)} \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)} \
+"
+PACKAGECONFIG[acl] = "--with-acl,--without-acl,acl"
+PACKAGECONFIG[attr] = "--with-attr,--without-attr,attr"
+PACKAGECONFIG[libaio] = "--with-libaio,--without-libaio,libaio"
+PACKAGECONFIG[libbsd] = "--with-libbsd,--without-libbsd,libbsd"
+PACKAGECONFIG[libcap] = "--with-libcap,--without-libcap,libcap"
+PACKAGECONFIG[valgrind] = "--with-valgrind,--without-valgrind,valgrind"
+
+SRC_URI += "${@bb.utils.contains('PACKAGECONFIG', 'attr', '', 'file://avoid-attr-unless-wanted.patch', d)}"
+
+S = "${WORKDIR}/tevent-${PV}"
+
+EXTRA_OECONF += "--disable-rpath \
+ --bundled-libraries=NONE \
+ --builtin-libraries=replace \
+ --with-libiconv=${STAGING_DIR_HOST}${prefix}\
+ --without-gettext \
+ "
+
+PACKAGES += "python-tevent"
+
+RPROVIDES_${PN}-dbg += "python-tevent-dbg"
+
+FILES_python-tevent = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/*"
diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-0b0dce7a36fb-actually-belongs-to-v4.19.patch b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-0b0dce7a36fb-actually-belongs-to-v4.19.patch
new file mode 100644
index 000000000..7599b1bcf
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-0b0dce7a36fb-actually-belongs-to-v4.19.patch
@@ -0,0 +1,31 @@
+From e5952a0cdfa8b1b56a5823574835f1f771f14ae0 Mon Sep 17 00:00:00 2001
+From: Marcelo Ricardo Leitner
+Date: Fri, 24 Aug 2018 09:53:00 -0300
+Subject: [PATCH] build: 0b0dce7a36fb actually belongs to v4.19
+
+Typo or not, this commit actually belongs to v4.19 and made me wonder why
+on v4.18 it didn't find this feature.
+
+Fixes: 817f0bfa248f ("build: add two defines for Peer Address Parameters extensions on sctp_paddrparams")
+Signed-off-by: Marcelo Ricardo Leitner
+Reviewed-by: Xin Long
+---
+ configure.ac | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index f55775a..5de5c76 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -101,7 +101,7 @@ LKSCTP_CHECK_TYPE([struct sctp_prinfo], [HAVE_SCTP_SENDV])
+ # added on v4.16, 30f6ebf65bc4
+ LKSCTP_CHECK_DECL([SCTP_AUTH_NO_AUTH], [HAVE_SCTP_AUTH_NO_AUTH])
+
+-# New members to sctp_paddrparams, added on v4.18, 0b0dce7a36fb
++# New members to sctp_paddrparams, added on v4.19, 0b0dce7a36fb
+ LKSCTP_CHECK_MEMBER([struct sctp_paddrparams.spp_ipv6_flowlabel],
+ [HAVE_SCTP_SPP_IPV6_FLOWLABEL])
+ LKSCTP_CHECK_MEMBER([struct sctp_paddrparams.spp_dscp],
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-fix-netinet-sctp.h-not-to-be-installed.patch b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-fix-netinet-sctp.h-not-to-be-installed.patch
new file mode 100644
index 000000000..03c6c4f73
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-fix-netinet-sctp.h-not-to-be-installed.patch
@@ -0,0 +1,35 @@
+From 378560050a8f93786c590cc99a55461666205b61 Mon Sep 17 00:00:00 2001
+From: Xin Long
+Date: Fri, 24 Aug 2018 01:13:32 +0800
+Subject: [PATCH] build: fix netinet/sctp.h not to be installed
+
+After libcnetinet_HEADERS was set to sctp.h.in, netinet/sctp.h can
+no longer be installed into ${includedir}.
+
+Since "AC_CONFIG_HEADERS([src/include/netinet/sctp.h])" is already
+added into configure.ac, there's no need to generate sctp.h by
+automake.
+
+So we simply set libcnetinet_HEADERS back to sctp.h.
+
+Fixes: 9607dd85e70a ("netinet/sctp.h: dynamically build based on system setup")
+Signed-off-by: Xin Long
+Signed-off-by: Marcelo Ricardo Leitner
+---
+ src/include/netinet/Makefile.am | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/src/include/netinet/Makefile.am b/src/include/netinet/Makefile.am
+index ca0aac2..965db8c 100644
+--- a/src/include/netinet/Makefile.am
++++ b/src/include/netinet/Makefile.am
+@@ -11,5 +11,4 @@ libcnetinetdir = $(includedir)/netinet
+ # API.
+ include_HEADERS =
+
+-libcnetinet_HEADERS = sctp.h.in
+-BUILT_SOURCES = sctp.h
++libcnetinet_HEADERS = sctp.h
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-fix-probing-for-HAVE_SCTP_SENDV.patch b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-fix-probing-for-HAVE_SCTP_SENDV.patch
new file mode 100644
index 000000000..89c89835d
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-fix-probing-for-HAVE_SCTP_SENDV.patch
@@ -0,0 +1,35 @@
+From 596efd6631b83069d41782fb0ee2d6cf76a50dfa Mon Sep 17 00:00:00 2001
+From: Marcelo Ricardo Leitner
+Date: Fri, 24 Aug 2018 09:52:59 -0300
+Subject: [PATCH] build: fix probing for HAVE_SCTP_SENDV
+
+Somehow it was using a type that is non-existent. The right one is
+sctp_prinfo, introduced on ed63afb8a318 ("sctp: add support for PR-SCTP
+Information for sendmsg"), present on v4.17.
+
+Fixes: 1b798f1ca3b5 ("build: add define HAVE_SCTP_AUTH_NO_AUTH")
+Signed-off-by: Marcelo Ricardo Leitner
+Reviewed-by: Xin Long
+---
+ configure.ac | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index dad658c..f55775a 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -94,9 +94,8 @@ LKSCTP_CHECK_MEMBER([struct sctp_pdapi_event.pdapi_stream],
+ LKSCTP_CHECK_MEMBER([struct sctp_pdapi_event.pdapi_seq],
+ [HAVE_SCTP_PDAPI_EVENT_PDAPI_SEQ])
+
+-# PR-SCTP field used to probe for sendv/recvv support, added on v4.17
+-LKSCTP_CHECK_MEMBER([struct sendv_prinfo.sctp_prinfo],
+- [HAVE_SCTP_SENDV])
++# PR-SCTP struct used to probe for sendv/recvv support, added on v4.17
++LKSCTP_CHECK_TYPE([struct sctp_prinfo], [HAVE_SCTP_SENDV])
+
+ # This event indicates that the peer does not support SCTP authentication,
+ # added on v4.16, 30f6ebf65bc4
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-remove-v4.12-secondary-defines-in-favor-of-HAV.patch b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-remove-v4.12-secondary-defines-in-favor-of-HAV.patch
new file mode 100644
index 000000000..d22cda681
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-build-remove-v4.12-secondary-defines-in-favor-of-HAV.patch
@@ -0,0 +1,52 @@
+From db6d15bf12a0123e4320e5fd7cb688331dea1bdc Mon Sep 17 00:00:00 2001
+From: Marcelo Ricardo Leitner
+Date: Fri, 24 Aug 2018 09:52:58 -0300
+Subject: [PATCH] build: remove v4.12 secondary defines in favor of
+ HAVE_SCTP_STREAM_RECONFIG
+
+These were backups, commented out since beginning.
+HAVE_SCTP_STREAM_RECONFIG is enough to identify that these are there, so
+lets use only one.
+
+Signed-off-by: Marcelo Ricardo Leitner
+Reviewed-by: Xin Long
+---
+ configure.ac | 8 --------
+ src/include/netinet/sctp.h.in | 2 --
+ 2 files changed, 10 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 2ae36ec..dad658c 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -82,14 +82,6 @@ AC_CHECK_FUNCS([bzero gethostbyname gettimeofday memmove memset select socket \
+ LKSCTP_CHECK_MEMBER([struct sctp_event_subscribe.sctp_stream_reset_event],
+ [HAVE_SCTP_STREAM_RESET_EVENT])
+
+-# Support for assoc reset event, added on v4.12, c95129d127c6
+-#LKSCTP_CHECK_MEMBER([struct sctp_event_subscribe.sctp_assoc_reset_event], \
+-# [HAVE_SCTP_ASSOC_RESET_EVENT])
+-
+-# Support for stream change event, added on v4.12, b444153fb5a6
+-#LKSCTP_CHECK_MEMBER([struct sctp_event_subscribe.sctp_stream_change_event], \
+-# [HAVE_SCTP_STREAM_CHANGE_EVENT])
+-
+ # RFC 6525 (Stream Reconf), finished on v4.12, c0d8bab6ae51
+ LKSCTP_CHECK_DECL([SCTP_RECONFIG_SUPPORTED], [HAVE_SCTP_STREAM_RECONFIG])
+
+diff --git a/src/include/netinet/sctp.h.in b/src/include/netinet/sctp.h.in
+index c049077..2009f1c 100644
+--- a/src/include/netinet/sctp.h.in
++++ b/src/include/netinet/sctp.h.in
+@@ -61,8 +61,6 @@ extern "C" {
+ #define HAVE_SCTP_CANSET_PRIMARY
+
+ #undef HAVE_SCTP_STREAM_RESET_EVENT
+-#undef HAVE_SCTP_ASSOC_RESET_EVENT
+-#undef HAVE_SCTP_STREAM_CHANGE_EVENT
+ #undef HAVE_SCTP_STREAM_RECONFIG
+ #undef HAVE_SCTP_PEELOFF_FLAGS
+ #undef HAVE_SCTP_PDAPI_EVENT_PDAPI_STREAM
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-configure.ac-add-CURRENT-REVISION-and-AGE-for-libsct.patch b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-configure.ac-add-CURRENT-REVISION-and-AGE-for-libsct.patch
new file mode 100644
index 000000000..bec9bf0d1
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-configure.ac-add-CURRENT-REVISION-and-AGE-for-libsct.patch
@@ -0,0 +1,71 @@
+From 7de2bd7e769f10521e3d0c2cb42c6f6b9b505dd0 Mon Sep 17 00:00:00 2001
+From: Xin Long
+Date: Thu, 16 Aug 2018 14:12:30 +0800
+Subject: [PATCH] configure.ac: add CURRENT REVISION and AGE for libsctp and
+ libwithsctp
+
+Add CURRENT REVISION and AGE for libsctp and libwithsctp in
+configure.ac to update these 2 library version information.
+
+Compatible with before, they will start from 1:18:0. But each
+will get updated according to their definitions in the future.
+
+Signed-off-by: Xin Long
+Acked-by: Neil Horman
+Signed-off-by: Marcelo Ricardo Leitner
+---
+ configure.ac | 7 +++++++
+ src/lib/Makefile.am | 7 +++++--
+ src/withsctp/Makefile.am | 3 ++-
+ 3 files changed, 14 insertions(+), 3 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 275ef4e..2ae36ec 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -14,6 +14,13 @@ dnl reduce clutter in the root; if we put it below AM_INIT_AUTOMAKE,
+ dnl configure will fail ...)
+
+ AC_INIT([lksctp-tools], [1.0.18], [], [], [http://www.lksctp.org/])
++AC_SUBST(LIBSCTP_CURRENT, 1)
++AC_SUBST(LIBSCTP_REVISION, 18)
++AC_SUBST(LIBSCTP_AGE, 0)
++AC_SUBST(LIBWITHSCTP_CURRENT, 1)
++AC_SUBST(LIBWITHSCTP_REVISION, 18)
++AC_SUBST(LIBWITHSCTP_AGE, 0)
++
+ AC_CONFIG_AUX_DIR(bin)
+ AC_CONFIG_SRCDIR([src/apps/sctp_darn.c])
+ AC_CONFIG_HEADERS([config.h])
+diff --git a/src/lib/Makefile.am b/src/lib/Makefile.am
+index 6100c56..1d62175 100644
+--- a/src/lib/Makefile.am
++++ b/src/lib/Makefile.am
+@@ -8,5 +8,8 @@ AM_CPPFLAGS = -I$(top_srcdir)/src/include
+
+ lib_LTLIBRARIES = libsctp.la
+
+-libsctp_la_SOURCES = bindx.c connectx.c peeloff.c opt_info.c addrs.c sendmsg.c recvmsg.c Versions.map
+-libsctp_la_LDFLAGS = -version-info 1:17:0 -Wl,--version-script=$(srcdir)/Versions.map
++libsctp_la_SOURCES = bindx.c connectx.c peeloff.c opt_info.c \
++ addrs.c sendmsg.c recvmsg.c Versions.map
++libsctp_la_LDFLAGS = -version-info \
++ @LIBSCTP_CURRENT@:@LIBSCTP_REVISION@:@LIBSCTP_AGE@ \
++ -Wl,--version-script=$(srcdir)/Versions.map
+diff --git a/src/withsctp/Makefile.am b/src/withsctp/Makefile.am
+index 70b1cca..1f6ca37 100644
+--- a/src/withsctp/Makefile.am
++++ b/src/withsctp/Makefile.am
+@@ -14,7 +14,8 @@ AM_CPPFLAGS=-I$(top_srcdir)/src/include
+ pkglib_LTLIBRARIES = libwithsctp.la
+ libwithsctp_la_SOURCES = sctp_load_libs.c sctp_socket.c sctp_bind.c \
+ sctp_sockopt.c sctp_socket.h
+-libwithsctp_la_LDFLAGS = -version-info 1:17:0 -ldl
++libwithsctp_la_LDFLAGS = -version-info \
++ @LIBWITHSCTP_CURRENT@:@LIBWITHSCTP_REVISION@:@LIBWITHSCTP_AGE@ -ldl
+
+ pkgdoc_DATA = sctp_load_libs.c sctp_socket.c sctp_bind.c \
+ sctp_sockopt.c sctp_socket.h checksctp.c
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-test_1_to_1_events.c-initialize-event-properly.patch b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-test_1_to_1_events.c-initialize-event-properly.patch
new file mode 100644
index 000000000..621e6f469
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-test_1_to_1_events.c-initialize-event-properly.patch
@@ -0,0 +1,44 @@
+From e1e670defb84d51efdd124e5f3fa166a1a4b7c1d Mon Sep 17 00:00:00 2001
+From: Mingli Yu
+Date: Tue, 25 Sep 2018 11:39:43 +0800
+Subject: [PATCH] test_1_to_1_events.c: initialize event properly
+
+Initialize event properly to avoid below
+Segmentation fault when run below test
+related to AUTH_NO_AUTH.
+
+ # ./test_1_to_1_events
+test_1_to_1_events.c 1 PASS : COMM_UP notification on client socket - SUCCESS
+test_1_to_1_events.c 2 PASS : COMM_UP notification on server socket - SUCCESS
+test_1_to_1_events.c 3 BROK : Got a datamsg, expecting notification
+DUMP_CORE sctputil.c: 187
+[ 1468.733938] test_1_to_1_eve[2376]: segfault at 0 ip 0000561a4a3d5079 sp 00007ffd49101580 error 6 in test_1_to_1_events[561a4a3d4000+2000]
+[ 1468.734479] Code: ff bf 0a 00 00 00 e8 e6 ef ff ff b9 c9 00 00 00 48 8d 15 61 13 00 00 bf 01 00 00 00 31 c0 48 8d 35 c7 0f 00 00 e8 97 f0
+Segmentation fault
+
+Upstream-Status: Pending
+
+Signed-off-by: Mingli Yu
+---
+ src/func_tests/test_1_to_1_events.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/func_tests/test_1_to_1_events.c b/src/func_tests/test_1_to_1_events.c
+index 46439bf..a086832 100644
+--- a/src/func_tests/test_1_to_1_events.c
++++ b/src/func_tests/test_1_to_1_events.c
+@@ -92,9 +92,11 @@ main(int argc, char *argv[])
+ /* Create the client socket. */
+ clt_sk = test_socket(AF_INET, SOCK_STREAM, IPPROTO_SCTP);
+
++ memset(&event, 0, sizeof(event));
+ event.sctp_data_io_event = 1;
+ event.sctp_association_event = 1;
+ event.sctp_shutdown_event = 1;
++ event.sctp_authentication_event = 1;
+ len = sizeof(struct sctp_event_subscribe);
+ test_setsockopt(svr_sk, SCTP_EVENTS, &event, len);
+ test_setsockopt(clt_sk, SCTP_EVENTS, &event, len);
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-withsctp-use-PACKAGE_VERSION-in-withsctp.h.patch b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-withsctp-use-PACKAGE_VERSION-in-withsctp.h.patch
new file mode 100644
index 000000000..2537bb976
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools/0001-withsctp-use-PACKAGE_VERSION-in-withsctp.h.patch
@@ -0,0 +1,43 @@
+From 7c0ef4d441b3833e721df58f56e2cb8c81b34df4 Mon Sep 17 00:00:00 2001
+From: Xin Long
+Date: Thu, 16 Aug 2018 14:12:01 +0800
+Subject: [PATCH] withsctp: use @PACKAGE_VERSION@ in withsctp.h
+
+use @PACKAGE_VERSION@ to replace the hardcode version.
+
+Signed-off-by: Xin Long
+Acked-by: Neil Horman
+Signed-off-by: Marcelo Ricardo Leitner
+---
+ Makefile.rules | 3 ++-
+ src/withsctp/withsctp.in | 3 ++-
+ 2 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/Makefile.rules b/Makefile.rules
+index 83f5f0c..d3693fa 100644
+--- a/Makefile.rules
++++ b/Makefile.rules
+@@ -15,4 +15,5 @@
+ edit = @sed \
+ -e "s|\@bindir\@|$(bindir)|" \
+ -e "s|\@libdir\@|$(libdir)|" \
+- -e "s|\@PACKAGE\@|$(PACKAGE)|"
++ -e "s|\@PACKAGE\@|$(PACKAGE)|" \
++ -e "s|\@PACKAGE_VERSION\@|$(PACKAGE_VERSION)|"
+diff --git a/src/withsctp/withsctp.in b/src/withsctp/withsctp.in
+index 7f182ba..fda5ebc 100644
+--- a/src/withsctp/withsctp.in
++++ b/src/withsctp/withsctp.in
+@@ -2,7 +2,8 @@
+ # -*- sh -*-
+ LIBDIR=@libdir@/@PACKAGE@
+ BINDIR=@bindir@
+-export LD_PRELOAD=${LIBDIR}/libwithsctp.so.1.0.17
++LIBVER=@PACKAGE_VERSION@
++export LD_PRELOAD=${LIBDIR}/libwithsctp.so.${LIBVER}
+ if ! ${BINDIR}/checksctp 2> /dev/null
+ then
+ ${BINDIR}/checksctp;
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.17.bb b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.17.bb
deleted file mode 100644
index 121cc9945..000000000
--- a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.17.bb
+++ /dev/null
@@ -1,62 +0,0 @@
-SUMMARY = "The Linux Kernel Stream Control Transmission Protocol (lksctp) project"
-HOMEPAGE = "http://lksctp.org"
-SECTION = "net"
-LICENSE = "LGPLv2.1 & GPLv2"
-
-LIC_FILES_CHKSUM = " \
- file://COPYING.lib;md5=0a1b79af951c42a9c8573533fbba9a92 \
- file://COPYING;md5=0c56db0143f4f80c369ee3af7425af6e \
-"
-
-SRCREV = "736b91d340e3f2519714f2930ed63b164d363511"
-
-PV .= "+git${SRCPV}"
-LK_REL = "1.0.17"
-
-SRC_URI = " \
- git://github.com/sctp/lksctp-tools.git \
- file://run-ptest \
- file://v4test.sh \
- file://v6test.sh \
-"
-
-S = "${WORKDIR}/git"
-
-BBCLASSEXTEND = "native"
-
-inherit autotools pkgconfig binconfig ptest
-
-do_install_ptest () {
- install -m 0755 ${WORKDIR}/v4test.sh ${D}${PTEST_PATH}
- install -m 0755 ${WORKDIR}/v6test.sh ${D}${PTEST_PATH}
- for testcase in `find ${B}/src/apps/.libs ${B}/src/func_tests/.libs -maxdepth 1 -type f -executable`; do
- install $testcase ${D}${PTEST_PATH}
- done
-}
-
-SOLIBVERSION="${LK_REL}"
-SOLIBMAJORVERSION="1"
-
-PACKAGES =+ "${PN}-withsctp ${PN}-utils"
-
-FILES_${PN} = " \
- ${libdir}/libsctp.so.${SOLIBVERSION} \
- ${libdir}/libsctp.so.${SOLIBMAJORVERSION} \
-"
-
-FILES_${PN}-withsctp = " \
- ${libdir}/lksctp-tools/libwithsctp.so.${SOLIBVERSION} \
- ${libdir}/lksctp-tools/libwithsctp.so.${SOLIBMAJORVERSION} \
-"
-
-FILES_${PN}-dev += " \
- ${libdir}/libsctp.so \
- ${libdir}/lksctp-tools/libwithsctp.so \
- ${datadir}/lksctp-tools/*.c \
- ${datadir}/lksctp-tools/*.h \
-"
-
-FILES_${PN}-utils = "${bindir}/*"
-
-RRECOMMENDS_${PN}-utils += "kernel-module-sctp"
-RRECOMMENDS_${PN}-ptest += "kernel-module-sctp"
diff --git a/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.18.bb b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.18.bb
new file mode 100644
index 000000000..70cea6c7b
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.18.bb
@@ -0,0 +1,69 @@
+SUMMARY = "The Linux Kernel Stream Control Transmission Protocol (lksctp) project"
+HOMEPAGE = "http://lksctp.org"
+SECTION = "net"
+LICENSE = "LGPLv2.1 & GPLv2"
+
+LIC_FILES_CHKSUM = " \
+ file://COPYING.lib;md5=0a1b79af951c42a9c8573533fbba9a92 \
+ file://COPYING;md5=0c56db0143f4f80c369ee3af7425af6e \
+"
+
+SRCREV = "1b077af62d83d53c34b1bde8bad6648149d5edf9"
+
+PV .= "+git${SRCPV}"
+LK_REL = "1.0.18"
+
+SRC_URI = " \
+ git://github.com/sctp/lksctp-tools.git \
+ file://0001-withsctp-use-PACKAGE_VERSION-in-withsctp.h.patch \
+ file://0001-configure.ac-add-CURRENT-REVISION-and-AGE-for-libsct.patch \
+ file://0001-build-fix-netinet-sctp.h-not-to-be-installed.patch \
+ file://0001-build-remove-v4.12-secondary-defines-in-favor-of-HAV.patch \
+ file://0001-build-fix-probing-for-HAVE_SCTP_SENDV.patch \
+ file://0001-build-0b0dce7a36fb-actually-belongs-to-v4.19.patch \
+ file://0001-test_1_to_1_events.c-initialize-event-properly.patch \
+ file://run-ptest \
+ file://v4test.sh \
+ file://v6test.sh \
+"
+
+S = "${WORKDIR}/git"
+
+BBCLASSEXTEND = "native"
+
+inherit autotools-brokensep pkgconfig binconfig ptest
+
+do_install_ptest () {
+ install -m 0755 ${WORKDIR}/v4test.sh ${D}${PTEST_PATH}
+ install -m 0755 ${WORKDIR}/v6test.sh ${D}${PTEST_PATH}
+ for testcase in `find ${B}/src/apps/.libs ${B}/src/func_tests/.libs -maxdepth 1 -type f -executable`; do
+ install $testcase ${D}${PTEST_PATH}
+ done
+}
+
+SOLIBVERSION="${LK_REL}"
+SOLIBMAJORVERSION="1"
+
+PACKAGES =+ "${PN}-withsctp ${PN}-utils"
+
+FILES_${PN} = " \
+ ${libdir}/libsctp.so.${SOLIBVERSION} \
+ ${libdir}/libsctp.so.${SOLIBMAJORVERSION} \
+"
+
+FILES_${PN}-withsctp = " \
+ ${libdir}/lksctp-tools/libwithsctp.so.${SOLIBVERSION} \
+ ${libdir}/lksctp-tools/libwithsctp.so.${SOLIBMAJORVERSION} \
+"
+
+FILES_${PN}-dev += " \
+ ${libdir}/libsctp.so \
+ ${libdir}/lksctp-tools/libwithsctp.so \
+ ${datadir}/lksctp-tools/*.c \
+ ${datadir}/lksctp-tools/*.h \
+"
+
+FILES_${PN}-utils = "${bindir}/*"
+
+RRECOMMENDS_${PN}-utils += "kernel-module-sctp"
+RRECOMMENDS_${PN}-ptest += "kernel-module-sctp"
diff --git a/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools/0001-Fix-potential-string-truncation-in-strncpy.patch b/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools/0001-Fix-potential-string-truncation-in-strncpy.patch
new file mode 100644
index 000000000..e621d8f2a
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools/0001-Fix-potential-string-truncation-in-strncpy.patch
@@ -0,0 +1,139 @@
+From 58b6d9a2efe101e5b80fd708e6f84c7ca779ce93 Mon Sep 17 00:00:00 2001
+From: Khem Raj
+Date: Thu, 31 May 2018 20:27:43 -0700
+Subject: [PATCH] Fix potential string truncation in strncpy()
+
+GCC 8 complains about the string truncation during copy
+
+error: 'strncpy' specified bound 16 equals destination size
+
+Upstream-Status: Inappropriate [depricated component]
+
+Signed-off-by: Khem Raj
+---
+ tests/listen-packet.c | 3 ++-
+ tests/listen.c | 3 ++-
+ tests/test2.c | 4 ++--
+ tests/test3.c | 3 ++-
+ tests/test4.c | 3 ++-
+ tests/test5.c | 3 ++-
+ tests/test6.c | 3 ++-
+ tests/test7.c | 3 ++-
+ 8 files changed, 16 insertions(+), 9 deletions(-)
+
+diff --git a/tests/listen-packet.c b/tests/listen-packet.c
+index e40af81..eae0c71 100644
+--- a/tests/listen-packet.c
++++ b/tests/listen-packet.c
+@@ -50,7 +50,8 @@ int main(int argc, char **argv) {
+ return 1;
+ }
+
+- strncpy(req.ifr_name, iface, IF_NAMESIZE);
++ strncpy(req.ifr_name, iface, IF_NAMESIZE - 1);
++ req.ifr_name[IF_NAMESIZE - 1] = '\0';
+ ret = ioctl(sd, SIOCGIFINDEX, &req);
+ if (ret < 0)
+ perror("ioctl: SIOCGIFINDEX");
+diff --git a/tests/listen.c b/tests/listen.c
+index 75c320b..5ce1ed9 100644
+--- a/tests/listen.c
++++ b/tests/listen.c
+@@ -47,7 +47,8 @@ int main(int argc, char **argv) {
+ return 1;
+ }
+
+- strncpy(req.ifr_name, iface, IFNAMSIZ);
++ strncpy(req.ifr_name, iface, IFNAMSIZ - 1);
++ req.ifr_name[IF_NAMESIZE - 1] = '\0';
+ ret = ioctl(sd, SIOCGIFHWADDR, &req);
+ if (ret < 0)
+ perror("ioctl: SIOCGIFHWADDR");
+diff --git a/tests/test2.c b/tests/test2.c
+index 58eb74b..5d02838 100644
+--- a/tests/test2.c
++++ b/tests/test2.c
+@@ -45,8 +45,8 @@ int main(int argc, char **argv) {
+ perror("socket");
+ return 1;
+ }
+-
+- strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE);
++ strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE - 1);
++ req.ifr_name[IF_NAMESIZE - 1] = '\0';
+ ret = ioctl(sd, SIOCGIFHWADDR, &req);
+ if (ret < 0)
+ perror("ioctl: SIOCGIFHWADDR");
+diff --git a/tests/test3.c b/tests/test3.c
+index fb36627..2f50a5a 100644
+--- a/tests/test3.c
++++ b/tests/test3.c
+@@ -46,7 +46,8 @@ int main(int argc, char **argv) {
+ return 1;
+ }
+
+- strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE);
++ strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE - 1);
++ req.ifr_name[IF_NAMESIZE - 1] = '\0';
+ ret = ioctl(sd, SIOCGIFHWADDR, &req);
+ if (ret < 0)
+ perror("ioctl: SIOCGIFHWADDR");
+diff --git a/tests/test4.c b/tests/test4.c
+index 33c274c..8737149 100644
+--- a/tests/test4.c
++++ b/tests/test4.c
+@@ -46,7 +46,8 @@ int main(int argc, char **argv) {
+ return 1;
+ }
+
+- strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE);
++ strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE - 1);
++ req.ifr_name[IF_NAMESIZE - 1] = '\0';
+ ret = ioctl(sd, SIOCGIFHWADDR, &req);
+ if (ret < 0)
+ perror("ioctl: SIOCGIFHWADDR");
+diff --git a/tests/test5.c b/tests/test5.c
+index 4439dfa..28db562 100644
+--- a/tests/test5.c
++++ b/tests/test5.c
+@@ -45,7 +45,8 @@ int main(int argc, char **argv) {
+ return 1;
+ }
+
+- strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE);
++ strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE - 1);
++ req.ifr_name[IF_NAMESIZE - 1] = '\0';
+ ret = ioctl(sd, SIOCGIFADDR, &req);
+ if (ret < 0) {
+ perror("ioctl: SIOCGIFADDR");
+diff --git a/tests/test6.c b/tests/test6.c
+index e375bfb..ce7de59 100644
+--- a/tests/test6.c
++++ b/tests/test6.c
+@@ -45,7 +45,8 @@ int main(int argc, char **argv) {
+ return 1;
+ }
+
+- strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE);
++ strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE - 1);
++ req.ifr_name[IF_NAMESIZE - 1] = '\0';
+ ret = ioctl(sd, SIOCGIFADDR, &req);
+ if (ret < 0) {
+ perror("ioctl: SIOCGIFADDR");
+diff --git a/tests/test7.c b/tests/test7.c
+index e9a5a55..37da22d 100644
+--- a/tests/test7.c
++++ b/tests/test7.c
+@@ -58,7 +58,8 @@ int main(int argc, char **argv) {
+ if (ret)
+ perror("setsockopt");
+
+- strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE);
++ strncpy(req.ifr_name, argv[1] ?: "wpan0", IF_NAMESIZE - 1);
++ req.ifr_name[IF_NAMESIZE - 1] = '\0';
+ ret = ioctl(sd, SIOCGIFHWADDR, &req);
+ if (ret < 0)
+ perror("ioctl: SIOCGIFHWADDR");
+--
+2.17.1
+
diff --git a/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb b/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb
index d0fe59c98..b70c43f15 100644
--- a/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb
+++ b/meta-openembedded/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb
@@ -15,6 +15,7 @@ SRC_URI = "git://github.com/linux-wpan/lowpan-tools \
file://0001-src-iz.c-Undef-dprintf-before-redefining.patch \
file://0001-Remove-newline-from-format-line.patch \
file://0001-coordinator-Fix-strncpy-range-warning.patch \
+ file://0001-Fix-potential-string-truncation-in-strncpy.patch \
"
SRCREV = "1c2d8674cc6f4b1166a066e8822e295c105ae7a2"
diff --git a/meta-openembedded/meta-networking/recipes-support/memcached/memcached_1.5.0.bb b/meta-openembedded/meta-networking/recipes-support/memcached/memcached_1.5.0.bb
deleted file mode 100644
index fd3d171f0..000000000
--- a/meta-openembedded/meta-networking/recipes-support/memcached/memcached_1.5.0.bb
+++ /dev/null
@@ -1,52 +0,0 @@
-SUMMARY = "A high-performance memory object caching system"
-DESCRIPTION = "\
- memcached optimizes specific high-load serving applications that are designed \
- to take advantage of its versatile no-locking memory access system. Clients \
- are available in several different programming languages, to suit the needs \
- of the specific application. Traditionally this has been used in mod_perl \
- apps to avoid storing large chunks of data in Apache memory, and to share \
- this burden across several machines."
-SECTION = "web"
-HOMEPAGE = "http://memcached.org/"
-LICENSE = "BSD-3-Clause"
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=7e5ded7363d335e1bb18013ca08046ff"
-
-inherit autotools
-
-DEPENDS += "libevent"
-RDEPENDS_${PN} += "perl perl-module-posix perl-module-autoloader \
- perl-module-tie-hash bash \
- "
-
-SRC_URI = "http://www.memcached.org/files/${BP}.tar.gz \
- file://memcached-add-hugetlbfs-check.patch \
- "
-SRC_URI[md5sum] = "81326513f60d7ba482f8131975cd55ae"
-SRC_URI[sha256sum] = "c001f812024bb461b5e4d7d0506daab63dff9614eea26f46536c3b7e1e601c32"
-
-# set the same COMPATIBLE_HOST as libhugetlbfs
-COMPATIBLE_HOST = '(i.86|x86_64|powerpc|powerpc64|arm).*-linux'
-
-python __anonymous () {
- endianness = d.getVar('SITEINFO_ENDIANNESS')
- if endianness == 'le':
- d.appendVar('EXTRA_OECONF', " ac_cv_c_endian=little")
- else:
- d.appendVar('EXTRA_OECONF', " ac_cv_c_endian=big")
-}
-
-PACKAGECONFIG ??= ""
-PACKAGECONFIG[hugetlbfs] = "--enable-hugetlbfs, --disable-hugetlbfs, libhugetlbfs"
-
-inherit update-rc.d
-
-INITSCRIPT_NAME = "memcached"
-INITSCRIPT_PARAMS = "defaults"
-
-do_install_append() {
- install -D -m 755 ${S}/scripts/memcached-init ${D}${sysconfdir}/init.d/memcached
- mkdir -p ${D}/usr/share/memcached/scripts
- install -m 755 ${S}/scripts/memcached-tool ${D}/usr/share/memcached/scripts
- install -m 755 ${S}/scripts/start-memcached ${D}/usr/share/memcached/scripts
-}
diff --git a/meta-openembedded/meta-networking/recipes-support/memcached/memcached_1.5.10.bb b/meta-openembedded/meta-networking/recipes-support/memcached/memcached_1.5.10.bb
new file mode 100644
index 000000000..d2cafc9f6
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/memcached/memcached_1.5.10.bb
@@ -0,0 +1,52 @@
+SUMMARY = "A high-performance memory object caching system"
+DESCRIPTION = "\
+ memcached optimizes specific high-load serving applications that are designed \
+ to take advantage of its versatile no-locking memory access system. Clients \
+ are available in several different programming languages, to suit the needs \
+ of the specific application. Traditionally this has been used in mod_perl \
+ apps to avoid storing large chunks of data in Apache memory, and to share \
+ this burden across several machines."
+SECTION = "web"
+HOMEPAGE = "http://memcached.org/"
+LICENSE = "BSD-3-Clause"
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=7e5ded7363d335e1bb18013ca08046ff"
+
+inherit autotools
+
+DEPENDS += "libevent"
+RDEPENDS_${PN} += "perl perl-module-posix perl-module-autoloader \
+ perl-module-tie-hash bash \
+ "
+
+SRC_URI = "http://www.memcached.org/files/${BP}.tar.gz \
+ file://memcached-add-hugetlbfs-check.patch \
+ "
+SRC_URI[md5sum] = "8462616b554183a75845b03c56837cca"
+SRC_URI[sha256sum] = "494c060dbd96d546c74ab85a3cc3984d009b4423767ac33e05dd2340c01f1c4b"
+
+# set the same COMPATIBLE_HOST as libhugetlbfs
+COMPATIBLE_HOST = '(i.86|x86_64|powerpc|powerpc64|arm).*-linux'
+
+python __anonymous () {
+ endianness = d.getVar('SITEINFO_ENDIANNESS')
+ if endianness == 'le':
+ d.appendVar('EXTRA_OECONF', " ac_cv_c_endian=little")
+ else:
+ d.appendVar('EXTRA_OECONF', " ac_cv_c_endian=big")
+}
+
+PACKAGECONFIG ??= ""
+PACKAGECONFIG[hugetlbfs] = "--enable-hugetlbfs, --disable-hugetlbfs, libhugetlbfs"
+
+inherit update-rc.d
+
+INITSCRIPT_NAME = "memcached"
+INITSCRIPT_PARAMS = "defaults"
+
+do_install_append() {
+ install -D -m 755 ${S}/scripts/memcached-init ${D}${sysconfdir}/init.d/memcached
+ mkdir -p ${D}/usr/share/memcached/scripts
+ install -m 755 ${S}/scripts/memcached-tool ${D}/usr/share/memcached/scripts
+ install -m 755 ${S}/scripts/start-memcached ${D}/usr/share/memcached/scripts
+}
diff --git a/meta-openembedded/meta-networking/recipes-support/nbd/nbd_3.11.bb b/meta-openembedded/meta-networking/recipes-support/nbd/nbd_3.11.bb
deleted file mode 100644
index 2ad75bda6..000000000
--- a/meta-openembedded/meta-networking/recipes-support/nbd/nbd_3.11.bb
+++ /dev/null
@@ -1,19 +0,0 @@
-DESCRIPTION = "Network Block Device"
-HOMEPAGE = "http://nbd.sourceforge.net"
-SECTION = "net"
-LICENSE = "GPLv2"
-LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
-
-DEPENDS = "glib-2.0"
-
-SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.xz"
-SRC_URI[md5sum] = "73d11644a28b9f335292cdb3bdc4b74b"
-SRC_URI[sha256sum] = "14420f74cb16dc609a9302ed1efd653064bed7a8357e9d73daabc33608e3f2a0"
-
-inherit autotools pkgconfig
-
-PACKAGES = "${PN}-client ${PN}-server ${PN}-dbg ${PN}-trdump ${PN}-doc"
-
-FILES_${PN}-client = "${sbindir}/${BPN}-client"
-FILES_${PN}-server = "${bindir}/${BPN}-server"
-FILES_${PN}-trdump = "${bindir}/${BPN}-trdump"
diff --git a/meta-openembedded/meta-networking/recipes-support/nbd/nbd_3.17.bb b/meta-openembedded/meta-networking/recipes-support/nbd/nbd_3.17.bb
new file mode 100644
index 000000000..356023681
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/nbd/nbd_3.17.bb
@@ -0,0 +1,19 @@
+DESCRIPTION = "Network Block Device"
+HOMEPAGE = "http://nbd.sourceforge.net"
+SECTION = "net"
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
+
+DEPENDS = "glib-2.0"
+
+SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.xz"
+SRC_URI[md5sum] = "98b74c655ed94a66686c5ba19480d98e"
+SRC_URI[sha256sum] = "d95c6bb1a3ab33b953af99b73fb4833e123bd25433513b32d57dbeb1a0a0d189"
+
+inherit autotools pkgconfig
+
+PACKAGES = "${PN}-client ${PN}-server ${PN}-dbg ${PN}-trdump ${PN}-doc"
+
+FILES_${PN}-client = "${sbindir}/${BPN}-client"
+FILES_${PN}-server = "${bindir}/${BPN}-server"
+FILES_${PN}-trdump = "${bindir}/${BPN}-trdump"
diff --git a/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_git.bb b/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_git.bb
index cebc1d9cd..ec4879752 100644
--- a/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_git.bb
+++ b/meta-openembedded/meta-networking/recipes-support/ndisc6/ndisc6_git.bb
@@ -19,13 +19,10 @@ inherit autotools gettext
EXTRA_OECONF += "PERL=${USRBINPATH}/perl"
-LDFLAGS += "-fuse-ld=gold"
-LDFLAGS_remove_riscv64 = "-fuse-ld=gold"
-
-TOOLCHAIN = "gcc"
-
USE_NLS = "yes"
+EXTRA_OECONF += "--disable-rpath"
+
do_configure_prepend() {
cp ${STAGING_DATADIR_NATIVE}/gettext/gettext.h ${S}/include
${S}/autogen.sh
diff --git a/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd/0001-bundle-own-base64-encode-decode-functions.patch b/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd/0001-bundle-own-base64-encode-decode-functions.patch
index 0966b6580..929f63f4a 100644
--- a/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd/0001-bundle-own-base64-encode-decode-functions.patch
+++ b/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd/0001-bundle-own-base64-encode-decode-functions.patch
@@ -1,40 +1,47 @@
-From ccd166b73eaae4dd1e1785c63ceb9b303568ed46 Mon Sep 17 00:00:00 2001
-From: Khem Raj
-Date: Tue, 21 Mar 2017 11:30:49 -0700
+From 3da48ec13a44b71ca51adbc803b42c1b29a43f57 Mon Sep 17 00:00:00 2001
+From: Changqing Li
+Date: Tue, 24 Jul 2018 14:03:51 +0800
Subject: [PATCH] bundle own base64 encode/decode functions
Not all libc implementations provide it.
as an aside libresolv is no longer needed
+Upstream-Status: Pending
+
Signed-off-by: Khem Raj
+
+Update to version 1.190-2
+Signed-off-by: Changqing Li
---
Makefile | 4 +-
base64.c | 313 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- netcat.c | 2 +
+ netcat.c | 3 +
socks.c | 3 +
- 4 files changed, 320 insertions(+), 2 deletions(-)
+ 4 files changed, 321 insertions(+), 2 deletions(-)
create mode 100644 base64.c
-Index: netcat-openbsd-1.105/Makefile
-===================================================================
---- netcat-openbsd-1.105.orig/Makefile
-+++ netcat-openbsd-1.105/Makefile
-@@ -1,9 +1,9 @@
- # $OpenBSD: Makefile,v 1.6 2001/09/02 18:45:41 jakob Exp $
+diff --git a/Makefile b/Makefile
+index 8247cfd..b8d8547 100644
+--- a/Makefile
++++ b/Makefile
+@@ -1,10 +1,10 @@
+ # $OpenBSD: Makefile,v 1.7 2015/09/11 21:07:01 beck Exp $
PROG= nc
-SRCS= netcat.c atomicio.c socks.c
+SRCS= netcat.c atomicio.c socks.c base64.c
--LIBS= `pkg-config --libs libbsd` -lresolv
-+LIBS= `pkg-config --libs libbsd`
+ PKG_CONFIG ?= pkg-config
+-LIBS= `$(PKG_CONFIG) --libs libbsd` -lresolv
++LIBS= `$(PKG_CONFIG) --libs libbsd`
OBJS= $(SRCS:.c=.o)
CFLAGS= -g -O2
LDFLAGS= -Wl,--no-add-needed
-Index: netcat-openbsd-1.105/base64.c
-===================================================================
+diff --git a/base64.c b/base64.c
+new file mode 100644
+index 0000000..b0ee6c2
--- /dev/null
-+++ netcat-openbsd-1.105/base64.c
++++ b/base64.c
@@ -0,0 +1,313 @@
+/*
+ * Copyright (c) 1996-1999 by Internet Software Consortium.
@@ -349,31 +356,34 @@ Index: netcat-openbsd-1.105/base64.c
+
+ return (tarindex);
+}
-Index: netcat-openbsd-1.105/netcat.c
-===================================================================
---- netcat-openbsd-1.105.orig/netcat.c
-+++ netcat-openbsd-1.105/netcat.c
-@@ -169,6 +169,9 @@ static int connect_with_timeout(int fd,
- socklen_t salen, int ctimeout);
+diff --git a/netcat.c b/netcat.c
+index a0fb51b..9c4ed23 100644
+--- a/netcat.c
++++ b/netcat.c
+@@ -240,6 +240,9 @@ static int connect_with_timeout(int fd, const struct sockaddr *sa,
+
static void quit();
-+int b64_ntop(u_char const *src, size_t srclength, char *target, size_t targsize);
-+int b64_pton(char const *src, u_char *target, size_t targsize);
++int b64_ntop(u_char const *src, size_t srclength, char *target, size_t targsize);
++int b64_pton(char const *src, u_char *target, size_t targsize);
+
int
main(int argc, char *argv[])
{
-Index: netcat-openbsd-1.105/socks.c
-===================================================================
---- netcat-openbsd-1.105.orig/socks.c
-+++ netcat-openbsd-1.105/socks.c
+diff --git a/socks.c b/socks.c
+index 9068f39..c576f6b 100644
+--- a/socks.c
++++ b/socks.c
@@ -53,6 +53,9 @@
#define SOCKS_DOMAIN 3
#define SOCKS_IPV6 4
-+int b64_ntop(u_char const *src, size_t srclength, char *target, size_t targsize);
-+int b64_pton(char const *src, u_char *target, size_t targsize);
++int b64_ntop(u_char const *src, size_t srclength, char *target, size_t targsize);
++int b64_pton(char const *src, u_char *target, size_t targsize);
+
int remote_connect(const char *, const char *, struct addrinfo);
int socks_connect(const char *, const char *, struct addrinfo,
const char *, const char *, struct addrinfo, int,
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd_1.105.bb b/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd_1.105.bb
deleted file mode 100644
index 9d7420f8c..000000000
--- a/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd_1.105.bb
+++ /dev/null
@@ -1,56 +0,0 @@
-require netcat.inc
-SUMMARY = "OpenBSD Netcat"
-HOMEPAGE = "http://ftp.debian.org"
-LICENSE = "BSD-3-Clause"
-LIC_FILES_CHKSUM = "file://debian/copyright;md5=ee6bbaacb5db5f2973818f0902c3ae6f"
-
-DEPENDS += "glib-2.0 libbsd"
-do_patch[depends] = "quilt-native:do_populate_sysroot"
-
-SRC_URI = "${DEBIAN_MIRROR}/main/n/netcat-openbsd/netcat-openbsd_${PV}.orig.tar.gz;name=netcat \
- ${DEBIAN_MIRROR}/main/n/netcat-openbsd/netcat-openbsd_${PV}-7.debian.tar.gz;name=netcat-patch;subdir=${BP} \
- file://0001-bundle-own-base64-encode-decode-functions.patch \
- "
-
-SRC_URI[netcat.md5sum] = "7e67b22f1ad41a1b7effbb59ff28fca1"
-SRC_URI[netcat.sha256sum] = "40653fe66c1516876b61b07e093d826e2a5463c5d994f1b7e6ce328f3edb211e"
-SRC_URI[netcat-patch.md5sum] = "e914f8eb7eda5c75c679dd77787ac76b"
-SRC_URI[netcat-patch.sha256sum] = "eee759327ffea293e81d0dde67921b7fcfcad279ffd7a2c9d037bbc8f882b363"
-
-inherit pkgconfig
-
-EXTRA_OEMAKE += "'LDFLAGS=${LDFLAGS}'"
-
-do_configure[noexec] = "1"
-
-netcat_do_patch() {
- cd ${S}
- quilt pop -a || true
- if [ -d ${S}/.pc-netcat ]; then
- rm -rf ${S}/.pc
- mv ${S}/.pc-netcat ${S}/.pc
- QUILT_PATCHES=${S}/debian/patches quilt pop -a
- rm -rf ${S}/.pc ${S}/debian
- fi
- QUILT_PATCHES=${S}/debian/patches quilt push -a
- mv ${S}/.pc ${S}/.pc-netcat
-}
-
-do_unpack[cleandirs] += "${S}"
-
-python do_patch() {
- bb.build.exec_func('netcat_do_patch', d)
- bb.build.exec_func('patch_do_patch', d)
-}
-
-do_compile() {
- cd ${S}
- pkgrel=4
- oe_runmake CFLAGS="$CFLAGS -DDEBIAN_VERSION=\"\\\"${pkgrel}\\\"\""
-}
-
-do_install() {
- install -d ${D}${bindir}
- install -m 755 ${S}/nc ${D}${bindir}/nc.${BPN}
-}
-ALTERNATIVE_PRIORITY = "60"
diff --git a/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd_1.190.bb b/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd_1.190.bb
new file mode 100644
index 000000000..defc05cd1
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/netcat/netcat-openbsd_1.190.bb
@@ -0,0 +1,56 @@
+require netcat.inc
+SUMMARY = "OpenBSD Netcat"
+HOMEPAGE = "http://ftp.debian.org"
+LICENSE = "BSD-2-Clause"
+LIC_FILES_CHKSUM = "file://debian/copyright;md5=f39e60ae4ea9fdb559c833be2e59de99"
+
+DEPENDS += "glib-2.0 libbsd"
+do_patch[depends] = "quilt-native:do_populate_sysroot"
+
+SRC_URI = "https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/netcat-openbsd/1.190-2/netcat-openbsd_${PV}.orig.tar.gz;name=netcat \
+ https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/netcat-openbsd/1.190-2/netcat-openbsd_${PV}-2.debian.tar.xz;name=netcat-patch;subdir=${BP} \
+ file://0001-bundle-own-base64-encode-decode-functions.patch \
+ "
+
+SRC_URI[netcat.md5sum] = "dd32fd1d7903b541ad8709794539b959"
+SRC_URI[netcat.sha256sum] = "68ccc448392c05ec51baed0167a72b8c650454f990b895d6e6877d416a38e536"
+SRC_URI[netcat-patch.md5sum] = "78058b7af0170654b877b02c37716cdf"
+SRC_URI[netcat-patch.sha256sum] = "88088af3f520c7825e59bc133d65e70fc4a30139d451c6faabbd9f240bc78374"
+
+inherit pkgconfig
+
+EXTRA_OEMAKE += "'LDFLAGS=${LDFLAGS}'"
+
+do_configure[noexec] = "1"
+
+netcat_do_patch() {
+ cd ${S}
+ quilt pop -a || true
+ if [ -d ${S}/.pc-netcat ]; then
+ rm -rf ${S}/.pc
+ mv ${S}/.pc-netcat ${S}/.pc
+ QUILT_PATCHES=${S}/debian/patches quilt pop -a
+ rm -rf ${S}/.pc
+ fi
+ QUILT_PATCHES=${S}/debian/patches quilt push -a
+ mv ${S}/.pc ${S}/.pc-netcat
+}
+
+do_unpack[cleandirs] += "${S}"
+
+python do_patch() {
+ bb.build.exec_func('netcat_do_patch', d)
+ bb.build.exec_func('patch_do_patch', d)
+}
+
+do_compile() {
+ cd ${S}
+ pkgrel=4
+ oe_runmake CFLAGS="$CFLAGS -DDEBIAN_VERSION=\"\\\"${pkgrel}\\\"\""
+}
+
+do_install() {
+ install -d ${D}${bindir}
+ install -m 755 ${S}/nc ${D}${bindir}/nc.${BPN}
+}
+ALTERNATIVE_PRIORITY = "60"
diff --git a/meta-openembedded/meta-networking/recipes-support/netcf/netcf_0.2.8.bb b/meta-openembedded/meta-networking/recipes-support/netcf/netcf_0.2.8.bb
index 9a6f60ea2..a4a9c91c6 100644
--- a/meta-openembedded/meta-networking/recipes-support/netcf/netcf_0.2.8.bb
+++ b/meta-openembedded/meta-networking/recipes-support/netcf/netcf_0.2.8.bb
@@ -12,6 +12,8 @@ PV .= "+git${SRCPV}"
SRC_URI = "git://pagure.io/netcf.git;protocol=https \
"
+UPSTREAM_CHECK_GITTAGREGEX = "release-(?P(\d+(\.\d+)+))"
+
DEPENDS += "augeas libnl libxslt libxml2 gnulib"
S = "${WORKDIR}/git"
diff --git a/meta-openembedded/meta-networking/recipes-support/netperf/files/0001-netlib.c-Move-including-sched.h-out-og-function.patch b/meta-openembedded/meta-networking/recipes-support/netperf/files/0001-netlib.c-Move-including-sched.h-out-og-function.patch
new file mode 100644
index 000000000..515737c8e
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/netperf/files/0001-netlib.c-Move-including-sched.h-out-og-function.patch
@@ -0,0 +1,50 @@
+From 51a092ebb36dcc6180ceb93a9777258e826d9990 Mon Sep 17 00:00:00 2001
+From: Khem Raj
+Date: Wed, 26 Sep 2018 18:11:10 -0700
+Subject: [PATCH] netlib.c: Move including sched.h out og function
+
+The shutdown_control() has this code where system headers are being
+included inside function body and this results in compile errors on musl
+especially when sched.h is included because sched.h defines a macro
+which defines a static function. This means it ends up being a static
+function inside another function and compiler calls it out
+
+In function 'bind_to_specific_processor':
+|
+/mnt/a/yoe/build/tmp/work/i586-yoe-linux-musl/netperf/2.7.0+git999-r0/recipe-sysroot/usr/include/sched.h:102:1:
+error: invalid storage class for function '__CPU_AND_S'
+| __CPU_op_func_S(AND, &)
+| ^~~~~~~~~~~~~~~
+
+Moving the definition out of function definition fixes the problem
+
+Upstream-Status: Pending
+
+Signed-off-by: Khem Raj
+---
+ src/netlib.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/netlib.c b/src/netlib.c
+index 9258424..60b032d 100644
+--- a/src/netlib.c
++++ b/src/netlib.c
+@@ -2262,6 +2262,10 @@ shutdown_control()
+
+ }
+
++#if HAVE_SCHED_SETAFFINITY
++#include
++#endif
++
+ /*
+ bind_to_specific_processor will bind the calling process to the
+ processor in "processor" It has lots of ugly ifdefs to deal with
+@@ -2308,7 +2312,6 @@ bind_to_specific_processor(int processor_affinity, int use_cpu_map)
+ value will not tell you if you are bound vs unbound. */
+ bindprocessor(BINDPROCESS,getpid(),(cpu_t)mapped_affinity);
+ #elif HAVE_SCHED_SETAFFINITY
+-#include
+ /* in theory this should cover systems with more CPUs than bits in a
+ long, without having to specify __USE_GNU. we "cheat" by taking
+ defines from /usr/include/bits/sched.h, which we ass-u-me is
diff --git a/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb b/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb
index f0e0f9cf1..8921ea746 100644
--- a/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb
+++ b/meta-openembedded/meta-networking/recipes-support/netperf/netperf_git.bb
@@ -8,10 +8,12 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=a0ab17253e7a3f318da85382c7d5d5d6"
PV = "2.7.0+git${SRCPV}"
-SRC_URI="git://github.com/HewlettPackard/netperf.git \
- file://cpu_set.patch \
- file://vfork.patch \
- file://init"
+SRC_URI = "git://github.com/HewlettPackard/netperf.git \
+ file://cpu_set.patch \
+ file://vfork.patch \
+ file://init \
+ file://0001-netlib.c-Move-including-sched.h-out-og-function.patch \
+ "
SRCREV = "f482bab49fcedee46fc5b755da127f608325cd13"
diff --git a/meta-openembedded/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb b/meta-openembedded/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb
index 4e27e32d4..bb401666c 100644
--- a/meta-openembedded/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb
+++ b/meta-openembedded/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb
@@ -20,7 +20,7 @@ SRC_URI = "git://github.com/thkukuk/yp-tools \
S = "${WORKDIR}/git"
-DEPENDS = "libtirpc libnsl2"
+DEPENDS = "libtirpc libnsl2 virtual/crypt"
inherit autotools systemd
SYSTEMD_SERVICE_${PN} = "domainname.service"
diff --git a/meta-openembedded/meta-networking/recipes-support/ntop/ntop/0001-plugins-Makefile.am-fix-for-automake-1.16.1.patch b/meta-openembedded/meta-networking/recipes-support/ntop/ntop/0001-plugins-Makefile.am-fix-for-automake-1.16.1.patch
new file mode 100644
index 000000000..d6f7eb555
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/ntop/ntop/0001-plugins-Makefile.am-fix-for-automake-1.16.1.patch
@@ -0,0 +1,74 @@
+From d22ddc73f00ed056032a635ee8379305ec83bf81 Mon Sep 17 00:00:00 2001
+From: Robert Yang
+Date: Wed, 11 Jul 2018 12:02:50 +0800
+Subject: [PATCH] plugins/Makefile.am: fix for automake 1.16.1
+
+Fixed:
+| i586-poky-linux-gcc: error: netflowPlugin.o: No such file or directory
+| i586-poky-linux-gcc: error: unrecognized command line option '-flat_namespace'; did you mean '-Wnamespaces'?
+| i586-poky-linux-gcc: fatal error: no input files
+
+The previous code make things complicated, but we don't have to, let libtool do
+most of the things can fix the problem.
+
+Upstream-Status: Pending [ntop is not longer maintained any more, we need consider moving to ntopng]
+
+Signed-off-by: Robert Yang
+---
+ plugins/Makefile.am | 34 ++++++----------------------------
+ 1 file changed, 6 insertions(+), 28 deletions(-)
+
+diff --git a/plugins/Makefile.am b/plugins/Makefile.am
+index 64492e0..bcd0c10 100644
+--- a/plugins/Makefile.am
++++ b/plugins/Makefile.am
+@@ -69,40 +69,18 @@ libsflowPlugin_la_CFLAGS = $(AM_CFLAGS)
+ # by default ntop looks for plugins in the plugins/ subdirectory
+ #
+
+-
+-.libs/libnetflowPlugin.so@SO_VERSION_PATCH@:
+- @if test -f libnetflowPlugin_la-netflowPlugin.o; then \
+- $(CC) @MAKE_SHARED_LIBRARY_PARM@ -o .libs/libnetflowPlugin.so@SO_VERSION_PATCH@ libnetflowPlugin_la-netflowPlugin.o; \
+- else \
+- $(CC) @MAKE_SHARED_LIBRARY_PARM@ -o .libs/libnetflowPlugin.so@SO_VERSION_PATCH@ netflowPlugin.o; \
+- fi
+-
+-netflowPlugin.so$(EXEEXT): .libs/libnetflowPlugin.so@SO_VERSION_PATCH@
+- @$(LN_S) .libs/libnetflowPlugin.so netflowPlugin.so
++netflowPlugin.so$(EXEEXT): libnetflowPlugin.la
++ @$(LN_S) -f .libs/libnetflowPlugin.so netflowPlugin.so
+
+ ###############
+
+-.libs/librrdPlugin.so@SO_VERSION_PATCH@:
+- @if test -f librrdPlugin_la-rrdPlugin.o; then \
+- $(CC) @MAKE_SHARED_LIBRARY_PARM@ -o .libs/librrdPlugin.so@SO_VERSION_PATCH@ librrdPlugin_la-rrdPlugin.o; \
+- else \
+- $(CC) @MAKE_SHARED_LIBRARY_PARM@ -o .libs/librrdPlugin.so@SO_VERSION_PATCH@ rrdPlugin.o; \
+- fi
+-
+-rrdPlugin.so$(EXEEXT): .libs/librrdPlugin.so@SO_VERSION_PATCH@
+- @$(LN_S) .libs/librrdPlugin.so rrdPlugin.so
++rrdPlugin.so$(EXEEXT): librrdPlugin.la
++ @$(LN_S) -f .libs/librrdPlugin.so rrdPlugin.so
+
+ ###############
+
+-.libs/libsflowPlugin.so@SO_VERSION_PATCH@:
+- @if test -f libsflowPlugin_la-sflowPlugin.o; then \
+- $(CC) @MAKE_SHARED_LIBRARY_PARM@ -o .libs/libsflowPlugin.so@SO_VERSION_PATCH@ libsflowPlugin_la-sflowPlugin.o; \
+- else \
+- $(CC) @MAKE_SHARED_LIBRARY_PARM@ -o .libs/libsflowPlugin.so@SO_VERSION_PATCH@ sflowPlugin.o; \
+- fi
+-
+-sflowPlugin.so$(EXEEXT): .libs/libsflowPlugin.so@SO_VERSION_PATCH@
+- @$(LN_S) .libs/libsflowPlugin.so sflowPlugin.so
++sflowPlugin.so$(EXEEXT): libsflowPlugin.la
++ @$(LN_S) -f .libs/libsflowPlugin.so sflowPlugin.so
+
+ ###############
+
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/ntop/ntop_5.0.1.bb b/meta-openembedded/meta-networking/recipes-support/ntop/ntop_5.0.1.bb
index 298fbec61..2a7a7f2cb 100644
--- a/meta-openembedded/meta-networking/recipes-support/ntop/ntop_5.0.1.bb
+++ b/meta-openembedded/meta-networking/recipes-support/ntop/ntop_5.0.1.bb
@@ -17,10 +17,13 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/ntop/ntop-${PV}.tar.gz \
file://ntop.service \
file://use-static-inline.patch \
file://0001-nDPI-Include-sys-types.h.patch \
+ file://0001-plugins-Makefile.am-fix-for-automake-1.16.1.patch \
"
SRC_URI[md5sum] = "01710b6925a8a5ffe1a41b8b512ebd69"
SRC_URI[sha256sum] = "7e8e84cb14d2173beaca4d4cb991a14d84a4bef84ec37b2276bc363f45c52ef8"
+UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/ntop/files/ntop/Stable"
+
inherit autotools-brokensep useradd pythonnative pkgconfig systemd
DEPENDS = "geoip rrdtool python zlib libpcap gdbm"
diff --git a/meta-openembedded/meta-networking/recipes-support/ntp/ntp/reproducibility-fixed-path-to-posix-shell.patch b/meta-openembedded/meta-networking/recipes-support/ntp/ntp/reproducibility-fixed-path-to-posix-shell.patch
new file mode 100644
index 000000000..571db75f7
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/ntp/ntp/reproducibility-fixed-path-to-posix-shell.patch
@@ -0,0 +1,15 @@
+--- ntp-4.2.8p12.original/sntp/libopts/m4/libopts.m4 2018-11-12 17:54:57.747220846 +1300
++++ ntp-4.2.8p12/sntp/libopts/m4/libopts.m4 2018-11-12 18:00:50.626211641 +1300
+@@ -114,12 +114,6 @@
+ AC_PROG_SED
+ [while :
+ do
+- POSIX_SHELL=`which bash`
+- test -x "$POSIX_SHELL" && break
+- POSIX_SHELL=`which dash`
+- test -x "$POSIX_SHELL" && break
+- POSIX_SHELL=/usr/xpg4/bin/sh
+- test -x "$POSIX_SHELL" && break
+ POSIX_SHELL=`/bin/sh -c '
+ exec 2>/dev/null
+ if ! true ; then exit 1 ; fi
diff --git a/meta-openembedded/meta-networking/recipes-support/ntp/ntp/reproducibility-respect-source-date-epoch.patch b/meta-openembedded/meta-networking/recipes-support/ntp/ntp/reproducibility-respect-source-date-epoch.patch
new file mode 100644
index 000000000..58e71c3b8
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/ntp/ntp/reproducibility-respect-source-date-epoch.patch
@@ -0,0 +1,16 @@
+--- ntp-4.2.8p12.original/scripts/build/mkver.in 2018-11-12 14:06:49.333020430 +1300
++++ ntp-4.2.8p12/scripts/build/mkver.in 2018-11-12 14:15:04.947480167 +1300
+@@ -15,7 +15,12 @@
+ *) ConfStr="${ConfStr}-@VER_SUFFIX@" ;;
+ esac
+
+-ConfStr="$ConfStr `LC_TIME=C TZ=UTC date`"
++if [ -n "$SOURCE_DATE_EPOCH" ]; then
++ ConfStr="$ConfStr `LC_TIME=C TZ=UTC date -d@$SOURCE_DATE_EPOCH 2>/dev/null`" ||
++ ConfStr="$ConfStr `LC_TIME=C TZ=UTC date -r $SOURCE_DATE_EPOCH`"
++else
++ ConfStr="$ConfStr `LC_TIME=C TZ=UTC date`"
++fi
+
+ if [ ! -f .version ]; then
+ echo 0 > .version
diff --git a/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p11.bb b/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p11.bb
deleted file mode 100644
index c698fa049..000000000
--- a/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p11.bb
+++ /dev/null
@@ -1,172 +0,0 @@
-SUMMARY = "Network Time Protocol daemon and utilities"
-DESCRIPTION = "The Network Time Protocol (NTP) is used to \
-synchronize the time of a computer client or server to \
-another server or reference time source, such as a radio \
-or satellite receiver or modem."
-HOMEPAGE = "http://support.ntp.org"
-SECTION = "net"
-LICENSE = "NTP"
-LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=e877a1d567a6a58996d2b66e3e387003"
-
-DEPENDS = "libevent"
-
-SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.gz \
- file://ntp-4.2.4_p6-nano.patch \
- file://ntpd \
- file://ntp.conf \
- file://ntpdate \
- file://ntpdate.default \
- file://ntpdate.service \
- file://ntpd.service \
- file://sntp.service \
- file://sntp \
- file://ntpd.list \
-"
-
-SRC_URI[md5sum] = "00950ca2855579541896513e78295361"
-SRC_URI[sha256sum] = "f14a39f753688252d683ff907035ffff106ba8d3db21309b742e09b5c3cd278e"
-
-inherit autotools update-rc.d useradd systemd pkgconfig
-
-# The ac_cv_header_readline_history is to stop ntpdc depending on either
-# readline or curses
-EXTRA_OECONF += "--with-net-snmp-config=no \
- --without-ntpsnmpd \
- ac_cv_header_readline_history_h=no \
- --with-yielding_select=yes \
- --with-locfile=redhat \
- --without-rpath \
- "
-CFLAGS_append = " -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED"
-
-USERADD_PACKAGES = "${PN}"
-NTP_USER_HOME ?= "/var/lib/ntp"
-USERADD_PARAM_${PN} = "--system --home-dir ${NTP_USER_HOME} \
- --no-create-home \
- --shell /bin/false --user-group ntp"
-
-# NB: debug is default-enabled by NTP; keep it default-enabled here.
-PACKAGECONFIG ??= "cap debug refclocks openssl \
- ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \
-"
-PACKAGECONFIG[openssl] = "--with-openssl-libdir=${STAGING_LIBDIR} \
- --with-openssl-incdir=${STAGING_INCDIR} \
- --with-crypto, \
- --without-openssl --without-crypto, \
- openssl"
-PACKAGECONFIG[cap] = "--enable-linuxcaps,--disable-linuxcaps,libcap"
-PACKAGECONFIG[readline] = "--with-lineeditlibs,--without-lineeditlibs,readline"
-PACKAGECONFIG[refclocks] = "--enable-all-clocks,--disable-all-clocks,pps-tools"
-PACKAGECONFIG[debug] = "--enable-debugging,--disable-debugging"
-PACKAGECONFIG[mdns] = "ac_cv_header_dns_sd_h=yes,ac_cv_header_dns_sd_h=no,mdns"
-PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
-
-do_install_append() {
- install -d ${D}${sysconfdir}/init.d
- install -m 644 ${WORKDIR}/ntp.conf ${D}${sysconfdir}
- install -m 755 ${WORKDIR}/ntpd ${D}${sysconfdir}/init.d
- install -d ${D}${bindir}
- install -m 755 ${WORKDIR}/ntpdate ${D}${bindir}/ntpdate-sync
-
- install -m 755 -d ${D}${NTP_USER_HOME}
- chown ntp:ntp ${D}${NTP_USER_HOME}
-
- # Fix hardcoded paths in scripts
- sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
- sed -i 's!/usr/bin/!${bindir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
- sed -i 's!/etc/!${sysconfdir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
- sed -i 's!/var/!${localstatedir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
- sed -i 's!^PATH=.*!PATH=${base_sbindir}:${base_bindir}:${sbindir}:${bindir}!' ${D}${bindir}/ntpdate-sync
- sed -i '1s,#!.*perl -w,#! ${bindir}/env perl,' ${D}${sbindir}/ntptrace
- sed -i '/use/i use warnings;' ${D}${sbindir}/ntptrace
- sed -i '1s,#!.*perl,#! ${bindir}/env perl,' ${D}${sbindir}/ntp-wait
- sed -i '/use/i use warnings;' ${D}${sbindir}/ntp-wait
- sed -i '1s,#!.*perl -w,#! ${bindir}/env perl,' ${D}${sbindir}/calc_tickadj
- sed -i '/use/i use warnings;' ${D}${sbindir}/calc_tickadj
-
- install -d ${D}/${sysconfdir}/default
- install -m 644 ${WORKDIR}/ntpdate.default ${D}${sysconfdir}/default/ntpdate
- install -m 0644 ${WORKDIR}/sntp ${D}${sysconfdir}/default/
-
- install -d ${D}/${sysconfdir}/network/if-up.d
- ln -s ${bindir}/ntpdate-sync ${D}/${sysconfdir}/network/if-up.d
-
- install -d ${D}${systemd_unitdir}/system
- install -m 0644 ${WORKDIR}/ntpdate.service ${D}${systemd_unitdir}/system/
- install -m 0644 ${WORKDIR}/ntpd.service ${D}${systemd_unitdir}/system/
- install -m 0644 ${WORKDIR}/sntp.service ${D}${systemd_unitdir}/system/
-
- install -d ${D}${systemd_unitdir}/ntp-units.d
- install -m 0644 ${WORKDIR}/ntpd.list ${D}${systemd_unitdir}/ntp-units.d/60-ntpd.list
-
- # Remove an empty libexecdir.
- rmdir --ignore-fail-on-non-empty ${D}${libexecdir}
-}
-
-PACKAGES += "ntpdate sntp ${PN}-tickadj ${PN}-utils"
-# NOTE: you don't need ntpdate, use "ntpd -q -g -x"
-
-# ntp originally includes tickadj. It's split off for inclusion in small firmware images on platforms
-# with wonky clocks (e.g. OpenSlug)
-RDEPENDS_${PN} = "${PN}-tickadj"
-# ntpd require libgcc for execution
-RDEPENDS_${PN} += "libgcc"
-# Handle move from bin to utils package
-RPROVIDES_${PN}-utils = "${PN}-bin"
-RREPLACES_${PN}-utils = "${PN}-bin"
-RCONFLICTS_${PN}-utils = "${PN}-bin"
-
-SYSTEMD_PACKAGES = "${PN} ntpdate sntp"
-SYSTEMD_SERVICE_${PN} = "ntpd.service"
-SYSTEMD_SERVICE_ntpdate = "ntpdate.service"
-SYSTEMD_SERVICE_sntp = "sntp.service"
-
-RPROVIDES_${PN} += "${PN}-systemd"
-RREPLACES_${PN} += "${PN}-systemd"
-RCONFLICTS_${PN} += "${PN}-systemd"
-
-RPROVIDES_ntpdate += "ntpdate-systemd"
-RREPLACES_ntpdate += "ntpdate-systemd"
-RCONFLICTS_ntpdate += "ntpdate-systemd"
-
-RSUGGESTS_${PN} = "iana-etc"
-
-FILES_${PN} = "${sbindir}/ntpd.ntp ${sysconfdir}/ntp.conf ${sysconfdir}/init.d/ntpd ${libdir} \
- ${NTP_USER_HOME} \
- ${systemd_unitdir}/ntp-units.d/60-ntpd.list ${libexecdir}\
-"
-FILES_${PN}-tickadj = "${sbindir}/tickadj"
-FILES_${PN}-utils = "${sbindir} ${datadir}/ntp/lib"
-RDEPENDS_${PN}-utils += "perl"
-FILES_ntpdate = "${sbindir}/ntpdate \
- ${sysconfdir}/network/if-up.d/ntpdate-sync \
- ${bindir}/ntpdate-sync \
- ${sysconfdir}/default/ntpdate \
- ${systemd_unitdir}/system/ntpdate.service \
-"
-FILES_sntp = "${sbindir}/sntp \
- ${sysconfdir}/default/sntp \
- ${systemd_unitdir}/system/sntp.service \
- "
-
-CONFFILES_${PN} = "${sysconfdir}/ntp.conf"
-CONFFILES_ntpdate = "${sysconfdir}/default/ntpdate"
-
-INITSCRIPT_NAME = "ntpd"
-# No dependencies, so just go in at the standard level (20)
-INITSCRIPT_PARAMS = "defaults"
-
-pkg_postinst_ntpdate() {
- if ! grep -q -s ntpdate $D/var/spool/cron/root; then
- echo "adding crontab"
- test -d $D/var/spool/cron || mkdir -p $D/var/spool/cron
- echo "30 * * * * ${bindir}/ntpdate-sync silent" >> $D/var/spool/cron/root
- fi
-}
-
-inherit update-alternatives
-
-ALTERNATIVE_PRIORITY = "100"
-
-ALTERNATIVE_${PN} = "ntpd"
-ALTERNATIVE_LINK_NAME[ntpd] = "${sbindir}/ntpd"
diff --git a/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p12.bb b/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p12.bb
new file mode 100644
index 000000000..53e41297a
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p12.bb
@@ -0,0 +1,175 @@
+SUMMARY = "Network Time Protocol daemon and utilities"
+DESCRIPTION = "The Network Time Protocol (NTP) is used to \
+synchronize the time of a computer client or server to \
+another server or reference time source, such as a radio \
+or satellite receiver or modem."
+HOMEPAGE = "http://support.ntp.org"
+SECTION = "net"
+LICENSE = "NTP"
+LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=e877a1d567a6a58996d2b66e3e387003"
+
+DEPENDS = "libevent"
+
+SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.gz \
+ file://ntp-4.2.4_p6-nano.patch \
+ file://reproducibility-fixed-path-to-posix-shell.patch \
+ file://reproducibility-respect-source-date-epoch.patch \
+ file://ntpd \
+ file://ntp.conf \
+ file://ntpdate \
+ file://ntpdate.default \
+ file://ntpdate.service \
+ file://ntpd.service \
+ file://sntp.service \
+ file://sntp \
+ file://ntpd.list \
+"
+
+SRC_URI[md5sum] = "1522d66574bae14abb2622746dad2bdc"
+SRC_URI[sha256sum] = "709b222b5013d77d26bfff532b5ea470a8039497ef29d09363931c036cb30454"
+
+inherit autotools update-rc.d useradd systemd pkgconfig
+
+# The ac_cv_header_readline_history is to stop ntpdc depending on either
+# readline or curses
+EXTRA_OECONF += "--with-net-snmp-config=no \
+ --without-ntpsnmpd \
+ ac_cv_header_readline_history_h=no \
+ --with-yielding_select=yes \
+ --with-locfile=redhat \
+ --without-rpath \
+ "
+CFLAGS_append = " -DPTYS_ARE_GETPT -DPTYS_ARE_SEARCHED"
+
+USERADD_PACKAGES = "${PN}"
+NTP_USER_HOME ?= "/var/lib/ntp"
+USERADD_PARAM_${PN} = "--system --home-dir ${NTP_USER_HOME} \
+ --no-create-home \
+ --shell /bin/false --user-group ntp"
+
+# NB: debug is default-enabled by NTP; keep it default-enabled here.
+PACKAGECONFIG ??= "cap debug refclocks openssl \
+ ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \
+"
+PACKAGECONFIG[openssl] = "--with-openssl-libdir=${STAGING_LIBDIR} \
+ --with-openssl-incdir=${STAGING_INCDIR} \
+ --with-crypto, \
+ --without-openssl --without-crypto, \
+ openssl"
+PACKAGECONFIG[cap] = "--enable-linuxcaps,--disable-linuxcaps,libcap"
+PACKAGECONFIG[readline] = "--with-lineeditlibs,--without-lineeditlibs,readline"
+PACKAGECONFIG[refclocks] = "--enable-all-clocks,--disable-all-clocks,pps-tools"
+PACKAGECONFIG[debug] = "--enable-debugging,--disable-debugging"
+PACKAGECONFIG[mdns] = "ac_cv_header_dns_sd_h=yes,ac_cv_header_dns_sd_h=no,mdns"
+PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
+
+do_install_append() {
+ install -d ${D}${sysconfdir}/init.d
+ install -m 644 ${WORKDIR}/ntp.conf ${D}${sysconfdir}
+ install -m 755 ${WORKDIR}/ntpd ${D}${sysconfdir}/init.d
+ install -d ${D}${bindir}
+ install -m 755 ${WORKDIR}/ntpdate ${D}${bindir}/ntpdate-sync
+
+ install -m 755 -d ${D}${NTP_USER_HOME}
+ chown ntp:ntp ${D}${NTP_USER_HOME}
+
+ # Fix hardcoded paths in scripts
+ sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
+ sed -i 's!/usr/bin/!${bindir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
+ sed -i 's!/etc/!${sysconfdir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
+ sed -i 's!/var/!${localstatedir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync
+ sed -i 's!^PATH=.*!PATH=${base_sbindir}:${base_bindir}:${sbindir}:${bindir}!' ${D}${bindir}/ntpdate-sync
+ sed -i '1s,#!.*perl -w,#! ${bindir}/env perl,' ${D}${sbindir}/ntptrace
+ sed -i '/use/i use warnings;' ${D}${sbindir}/ntptrace
+ sed -i '1s,#!.*perl,#! ${bindir}/env perl,' ${D}${sbindir}/ntp-wait
+ sed -i '/use/i use warnings;' ${D}${sbindir}/ntp-wait
+ sed -i '1s,#!.*perl -w,#! ${bindir}/env perl,' ${D}${sbindir}/calc_tickadj
+ sed -i '/use/i use warnings;' ${D}${sbindir}/calc_tickadj
+
+ install -d ${D}/${sysconfdir}/default
+ install -m 644 ${WORKDIR}/ntpdate.default ${D}${sysconfdir}/default/ntpdate
+ install -m 0644 ${WORKDIR}/sntp ${D}${sysconfdir}/default/
+
+ install -d ${D}/${sysconfdir}/network/if-up.d
+ ln -s ${bindir}/ntpdate-sync ${D}/${sysconfdir}/network/if-up.d
+
+ install -d ${D}${systemd_unitdir}/system
+ install -m 0644 ${WORKDIR}/ntpdate.service ${D}${systemd_unitdir}/system/
+ install -m 0644 ${WORKDIR}/ntpd.service ${D}${systemd_unitdir}/system/
+ install -m 0644 ${WORKDIR}/sntp.service ${D}${systemd_unitdir}/system/
+
+ install -d ${D}${systemd_unitdir}/ntp-units.d
+ install -m 0644 ${WORKDIR}/ntpd.list ${D}${systemd_unitdir}/ntp-units.d/60-ntpd.list
+
+ # Remove an empty libexecdir.
+ rmdir --ignore-fail-on-non-empty ${D}${libexecdir}
+}
+
+PACKAGES += "ntpdate sntp ${PN}-tickadj ${PN}-utils"
+# NOTE: you don't need ntpdate, use "ntpd -q -g -x"
+
+# ntp originally includes tickadj. It's split off for inclusion in small firmware images on platforms
+# with wonky clocks (e.g. OpenSlug)
+RDEPENDS_${PN} = "${PN}-tickadj"
+# ntpd require libgcc for execution
+RDEPENDS_${PN} += "libgcc"
+# Handle move from bin to utils package
+RPROVIDES_${PN}-utils = "${PN}-bin"
+RREPLACES_${PN}-utils = "${PN}-bin"
+RCONFLICTS_${PN}-utils = "${PN}-bin"
+
+SYSTEMD_PACKAGES = "${PN} ntpdate sntp"
+SYSTEMD_SERVICE_${PN} = "ntpd.service"
+SYSTEMD_SERVICE_ntpdate = "ntpdate.service"
+SYSTEMD_SERVICE_sntp = "sntp.service"
+SYSTEMD_AUTO_ENABLE_sntp = "disable"
+
+RPROVIDES_${PN} += "${PN}-systemd"
+RREPLACES_${PN} += "${PN}-systemd"
+RCONFLICTS_${PN} += "${PN}-systemd"
+
+RPROVIDES_ntpdate += "ntpdate-systemd"
+RREPLACES_ntpdate += "ntpdate-systemd"
+RCONFLICTS_ntpdate += "ntpdate-systemd"
+
+RSUGGESTS_${PN} = "iana-etc"
+
+FILES_${PN} = "${sbindir}/ntpd.ntp ${sysconfdir}/ntp.conf ${sysconfdir}/init.d/ntpd ${libdir} \
+ ${NTP_USER_HOME} \
+ ${systemd_unitdir}/ntp-units.d/60-ntpd.list ${libexecdir}\
+"
+FILES_${PN}-tickadj = "${sbindir}/tickadj"
+FILES_${PN}-utils = "${sbindir} ${datadir}/ntp/lib"
+RDEPENDS_${PN}-utils += "perl"
+FILES_ntpdate = "${sbindir}/ntpdate \
+ ${sysconfdir}/network/if-up.d/ntpdate-sync \
+ ${bindir}/ntpdate-sync \
+ ${sysconfdir}/default/ntpdate \
+ ${systemd_unitdir}/system/ntpdate.service \
+"
+FILES_sntp = "${sbindir}/sntp \
+ ${sysconfdir}/default/sntp \
+ ${systemd_unitdir}/system/sntp.service \
+ "
+
+CONFFILES_${PN} = "${sysconfdir}/ntp.conf"
+CONFFILES_ntpdate = "${sysconfdir}/default/ntpdate"
+
+INITSCRIPT_NAME = "ntpd"
+# No dependencies, so just go in at the standard level (20)
+INITSCRIPT_PARAMS = "defaults"
+
+pkg_postinst_ntpdate() {
+ if ! grep -q -s ntpdate $D/var/spool/cron/root; then
+ echo "adding crontab"
+ test -d $D/var/spool/cron || mkdir -p $D/var/spool/cron
+ echo "30 * * * * ${bindir}/ntpdate-sync silent" >> $D/var/spool/cron/root
+ fi
+}
+
+inherit update-alternatives
+
+ALTERNATIVE_PRIORITY = "100"
+
+ALTERNATIVE_${PN} = "ntpd"
+ALTERNATIVE_LINK_NAME[ntpd] = "${sbindir}/ntpd"
diff --git a/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns/0001-util.h-endian.h-is-available-on-musl-on-linux.patch b/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns/0001-util.h-endian.h-is-available-on-musl-on-linux.patch
index 825e2bf6a..fbdc4e911 100644
--- a/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns/0001-util.h-endian.h-is-available-on-musl-on-linux.patch
+++ b/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns/0001-util.h-endian.h-is-available-on-musl-on-linux.patch
@@ -13,10 +13,10 @@ include/libisns/util.h:114:12: fatal error: sys/endian.h: No such file or direct
# include
^~~~~~~~~~~~~~
-Signed-off-by: Khem Raj
----
Upstream-Status: Submitted
+Signed-off-by: Khem Raj
+---
include/libisns/util.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns_0.97.bb b/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns_0.97.bb
deleted file mode 100644
index abfa7510e..000000000
--- a/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns_0.97.bb
+++ /dev/null
@@ -1,40 +0,0 @@
-# Copyright (C) 2016 Joe MacDonald
-# Released under the MIT license (see COPYING.MIT for the terms)
-
-SUMMARY = "iSNS daemon and utility programs"
-DESCRIPTION = "This is a partial implementation of RFC4171, the Internet \
-Storage Name Service (iSNS). The distribution includes the iSNS server, \
-supporting persisten storage of registrations, isnsadm, a command line \
-utility for managing nodes, and isnsdd, a corresponding discovery daemon."
-HOMEPAGE = "http://github.com/gonzoleeman/open-isns/"
-LICENSE = "GPLv2+ & LGPLv2+"
-LIC_FILES_CHKSUM = "file://COPYING;md5=321bf41f280cf805086dd5a720b37785"
-SECTION = "net"
-
-DEPENDS = "openssl"
-
-SRC_URI = "git://github.com/open-iscsi/open-isns \
- file://0001-util.h-endian.h-is-available-on-musl-on-linux.patch \
- "
-
-SRCREV ?= "09954404e948e41eb0fce8e28836018b4ce3d20d"
-
-S = "${WORKDIR}/git"
-
-inherit systemd autotools-brokensep update-rc.d
-
-EXTRA_OECONF = " --prefix=${prefix} --enable-shared"
-EXTRA_OEMAKE += "SYSTEMDDIR=${D}${systemd_unitdir}/system"
-
-do_install_append () {
- oe_runmake INCDIR=${D}${includedir}/libisns/ install_hdrs
- oe_runmake LIBDIR=${D}${libdir} install_lib
-
- install -D -m 755 ${S}/etc/openisns.init ${D}${sysconfdir}/init.d/openisns
- sed -i 's|daemon isnsd|start-stop-daemon --start --quiet --oknodo --exec ${sbindir}/isnsd --|' \
- ${D}${sysconfdir}/init.d/openisns
-}
-
-FILES_${PN} += "${libdir} ${systemd_unitdir}"
-
-INITSCRIPT_NAME = "openisns"
diff --git a/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns_0.98.bb b/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns_0.98.bb
new file mode 100644
index 000000000..5e64f893e
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/open-isns/open-isns_0.98.bb
@@ -0,0 +1,40 @@
+# Copyright (C) 2016 Joe MacDonald
+# Released under the MIT license (see COPYING.MIT for the terms)
+
+SUMMARY = "iSNS daemon and utility programs"
+DESCRIPTION = "This is a partial implementation of RFC4171, the Internet \
+Storage Name Service (iSNS). The distribution includes the iSNS server, \
+supporting persisten storage of registrations, isnsadm, a command line \
+utility for managing nodes, and isnsdd, a corresponding discovery daemon."
+HOMEPAGE = "http://github.com/gonzoleeman/open-isns/"
+LICENSE = "GPLv2+ & LGPLv2+"
+LIC_FILES_CHKSUM = "file://COPYING;md5=321bf41f280cf805086dd5a720b37785"
+SECTION = "net"
+
+DEPENDS = "openssl"
+
+SRC_URI = "git://github.com/open-iscsi/open-isns \
+ file://0001-util.h-endian.h-is-available-on-musl-on-linux.patch \
+ "
+
+SRCREV = "e84374ce7d1f5fc58a4c0fc751e075b2cc752c34"
+
+S = "${WORKDIR}/git"
+
+inherit systemd autotools-brokensep update-rc.d
+
+EXTRA_OECONF = " --prefix=${prefix} --enable-shared"
+EXTRA_OEMAKE += "SYSTEMDDIR=${D}${systemd_unitdir}/system"
+
+do_install_append () {
+ oe_runmake INCDIR=${D}${includedir}/libisns/ install_hdrs
+ oe_runmake LIBDIR=${D}${libdir} install_lib
+
+ install -D -m 755 ${S}/etc/openisns.init ${D}${sysconfdir}/init.d/openisns
+ sed -i 's|daemon isnsd|start-stop-daemon --start --quiet --oknodo --exec ${sbindir}/isnsd --|' \
+ ${D}${sysconfdir}/init.d/openisns
+}
+
+FILES_${PN} += "${libdir} ${systemd_unitdir}"
+
+INITSCRIPT_NAME = "openisns"
diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/files/0001-lanserv-Rename-struct-parameter-printf-for-namespace.patch b/meta-openembedded/meta-networking/recipes-support/openipmi/files/0001-lanserv-Rename-struct-parameter-printf-for-namespace.patch
deleted file mode 100644
index 25057fbce..000000000
--- a/meta-openembedded/meta-networking/recipes-support/openipmi/files/0001-lanserv-Rename-struct-parameter-printf-for-namespace.patch
+++ /dev/null
@@ -1,618 +0,0 @@
-From 8b51a6bf5a4829d8add535a098c0c06a049a9958 Mon Sep 17 00:00:00 2001
-From: Khem Raj
-Date: Sat, 26 Aug 2017 22:50:57 -0700
-Subject: [PATCH] lanserv: Rename struct parameter printf for namespace
- collision
-
-This comes to fore when we use hardening flags where printf
-is treated as macro and gets replaced with printf_chk
-
-Fixes errors like
-
-error: no member named '__printf_chk' in 'struct emu_out_s'
-
-Signed-off-by: Khem Raj
----
- lanserv/OpenIPMI/serv.h | 2 +-
- lanserv/emu_cmd.c | 132 ++++++++++++++++++++++++------------------------
- lanserv/ipmi_sim.c | 10 ++--
- 3 files changed, 72 insertions(+), 72 deletions(-)
-
-diff --git a/lanserv/OpenIPMI/serv.h b/lanserv/OpenIPMI/serv.h
-index d12d63a..8555c85 100644
---- a/lanserv/OpenIPMI/serv.h
-+++ b/lanserv/OpenIPMI/serv.h
-@@ -522,7 +522,7 @@ uint8_t ipmb_checksum(uint8_t *data, int size, uint8_t start);
- typedef struct emu_data_s emu_data_t;
- typedef struct emu_out_s
- {
-- void (*printf)(struct emu_out_s *out, char *format, ...);
-+ void (*eprintf)(struct emu_out_s *out, char *format, ...);
- void *data;
- } emu_out_t;
-
-diff --git a/lanserv/emu_cmd.c b/lanserv/emu_cmd.c
-index ca44032..54b6f7b 100644
---- a/lanserv/emu_cmd.c
-+++ b/lanserv/emu_cmd.c
-@@ -76,7 +76,7 @@ emu_get_uchar(emu_out_t *out, char **toks, unsigned char *val, char *errstr,
- if (empty_ok)
- return ENOSPC;
- if (errstr)
-- out->printf(out, "**No %s given\n", errstr);
-+ out->eprintf(out, "**No %s given\n", errstr);
- return EINVAL;
- }
- if (str[0] == '\'') {
-@@ -86,7 +86,7 @@ emu_get_uchar(emu_out_t *out, char **toks, unsigned char *val, char *errstr,
- *val = strtoul(str, &tmpstr, 0);
- if (*tmpstr != '\0') {
- if (errstr)
-- out->printf(out, "**Invalid %s given\n", errstr);
-+ out->eprintf(out, "**Invalid %s given\n", errstr);
- return EINVAL;
- }
-
-@@ -108,7 +108,7 @@ emu_get_uchar_with_vals(emu_out_t *out, char **toks,
- if (empty_ok)
- return ENOSPC;
- if (errstr)
-- out->printf(out, "**No %s given\n", errstr);
-+ out->eprintf(out, "**No %s given\n", errstr);
- return EINVAL;
- }
- if (str[0] == '\'') {
-@@ -131,7 +131,7 @@ emu_get_uchar_with_vals(emu_out_t *out, char **toks,
- *val = strtoul(str, &tmpstr, 0);
- if (*tmpstr != '\0') {
- if (errstr)
-- out->printf(out, "**Invalid %s given\n", errstr);
-+ out->eprintf(out, "**Invalid %s given\n", errstr);
- return EINVAL;
- }
- out:
-@@ -150,12 +150,12 @@ emu_get_bitmask(emu_out_t *out, char **toks, uint16_t *val, char *errstr,
- if (empty_ok)
- return ENOSPC;
- if (errstr)
-- out->printf(out, "**No %s given\n", errstr);
-+ out->eprintf(out, "**No %s given\n", errstr);
- return EINVAL;
- }
- if (strlen(str) != size) {
- if (errstr)
-- out->printf(out, "**invalid number of bits in %s\n", errstr);
-+ out->eprintf(out, "**invalid number of bits in %s\n", errstr);
- return EINVAL;
- }
- *val = 0;
-@@ -166,7 +166,7 @@ emu_get_bitmask(emu_out_t *out, char **toks, uint16_t *val, char *errstr,
- *val |= 1 << i;
- } else {
- if (errstr)
-- out->printf(out, "**Invalid bit value '%c' in %s\n", str[j],
-+ out->eprintf(out, "**Invalid bit value '%c' in %s\n", str[j],
- errstr);
- return EINVAL;
- }
-@@ -184,13 +184,13 @@ emu_get_uint(emu_out_t *out, char **toks, unsigned int *val, char *errstr)
- str = mystrtok(NULL, " \t\n", toks);
- if (!str) {
- if (errstr)
-- out->printf(out, "**No %s given\n", errstr);
-+ out->eprintf(out, "**No %s given\n", errstr);
- return EINVAL;
- }
- *val = strtoul(str, &tmpstr, 0);
- if (*tmpstr != '\0') {
- if (errstr)
-- out->printf(out, "**Invalid %s given\n", errstr);
-+ out->eprintf(out, "**Invalid %s given\n", errstr);
- return EINVAL;
- }
-
-@@ -206,7 +206,7 @@ emu_get_bytes(emu_out_t *out, char **tokptr, unsigned char *data, char *errstr,
-
- if (!tok) {
- if (errstr)
-- out->printf(out, "**No %s given\n", errstr);
-+ out->eprintf(out, "**No %s given\n", errstr);
- return EINVAL;
- }
- if (*tok == '"') {
-@@ -215,7 +215,7 @@ emu_get_bytes(emu_out_t *out, char **tokptr, unsigned char *data, char *errstr,
- tok++;
- end = strlen(tok) - 1;
- if (tok[end] != '"') {
-- out->printf(out, "**ASCII %s doesn't end in '\"'", errstr);
-+ out->eprintf(out, "**ASCII %s doesn't end in '\"'", errstr);
- return EINVAL;
- }
- if (end > (len - 1))
-@@ -228,7 +228,7 @@ emu_get_bytes(emu_out_t *out, char **tokptr, unsigned char *data, char *errstr,
- char c[3];
- /* HEX pw */
- if (strlen(tok) != 32) {
-- out->printf(out, "**HEX %s not 32 HEX characters long", errstr);
-+ out->eprintf(out, "**HEX %s not 32 HEX characters long", errstr);
- return EINVAL;
- }
- c[2] = '\0';
-@@ -239,7 +239,7 @@ emu_get_bytes(emu_out_t *out, char **tokptr, unsigned char *data, char *errstr,
- tok++;
- data[i] = strtoul(c, &end, 16);
- if (*end != '\0') {
-- out->printf(out, "**Invalid HEX character in %s", errstr);
-+ out->eprintf(out, "**Invalid HEX character in %s", errstr);
- return -1;
- }
- }
-@@ -263,12 +263,12 @@ read_command_file(emu_out_t *out, emu_data_t *emu, const char *command_file)
-
- buffer = malloc(INPUT_BUFFER_SIZE);
- if (!buffer) {
-- out->printf(out, "Could not allocate buffer memory\n");
-+ out->eprintf(out, "Could not allocate buffer memory\n");
- rv = ENOMEM;
- goto out;
- }
- while (fgets(buffer+pos, INPUT_BUFFER_SIZE-pos, f)) {
-- out->printf(out, "%s", buffer+pos);
-+ out->eprintf(out, "%s", buffer+pos);
- if (buffer[pos] == '#')
- continue;
- pos = strlen(buffer);
-@@ -318,7 +318,7 @@ sel_enable(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
-
- rv = ipmi_mc_enable_sel(mc, max_records, flags);
- if (rv)
-- out->printf(out, "**Unable to enable sel, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to enable sel, error 0x%x\n", rv);
- return rv;
- }
-
-@@ -343,9 +343,9 @@ sel_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
-
- rv = ipmi_mc_add_to_sel(mc, record_type, data, &r);
- if (rv)
-- out->printf(out, "**Unable to add to sel, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to add to sel, error 0x%x\n", rv);
- else
-- out->printf(out, "Added record %d\n", r);
-+ out->eprintf(out, "Added record %d\n", r);
- return rv;
- }
-
-@@ -361,14 +361,14 @@ main_sdr_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
- if (rv == ENOSPC)
- break;
- if (rv) {
-- out->printf(out, "**Error 0x%x in data byte %d\n", rv, i);
-+ out->eprintf(out, "**Error 0x%x in data byte %d\n", rv, i);
- return rv;
- }
- }
-
- rv = ipmi_mc_add_main_sdr(mc, data, i);
- if (rv)
-- out->printf(out, "**Unable to add to sdr, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to add to sdr, error 0x%x\n", rv);
- return rv;
- }
-
-@@ -389,14 +389,14 @@ device_sdr_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
- if (rv == ENOSPC)
- break;
- if (rv) {
-- out->printf(out, "**Error 0x%x in data byte %d\n", rv, i);
-+ out->eprintf(out, "**Error 0x%x in data byte %d\n", rv, i);
- return rv;
- }
- }
-
- rv = ipmi_mc_add_device_sdr(mc, lun, data, i);
- if (rv)
-- out->printf(out, "**Unable to add to sdr, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to add to sdr, error 0x%x\n", rv);
- return rv;
- }
-
-@@ -439,7 +439,7 @@ sensor_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
- while (tok) {
- if (strcmp(tok, "poll") == 0) {
- if (handler) {
-- out->printf(out, "**poll given twice in sensor\n", tok);
-+ out->eprintf(out, "**poll given twice in sensor\n", tok);
- return -1;
- }
-
-@@ -449,27 +449,27 @@ sensor_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
-
- tok = mystrtok(NULL, " \t\n", toks);
- if (!tok) {
-- out->printf(out, "**No polled sensor handler given\n", tok);
-+ out->eprintf(out, "**No polled sensor handler given\n", tok);
- return -1;
- }
-
- handler = ipmi_sensor_find_handler(tok);
- if (!handler) {
-- out->printf(out, "**Invalid sensor handler: %s\n", tok);
-+ out->eprintf(out, "**Invalid sensor handler: %s\n", tok);
- return -1;
- }
-
- rv = handler->init(mc, lun, num, toks, handler->cb_data, &rcb_data,
- &errstr);
- if (rv) {
-- out->printf(out, "**Error initializing sensor handler: %s\n",
-+ out->eprintf(out, "**Error initializing sensor handler: %s\n",
- errstr);
- return rv;
- }
- } else if (strcmp(tok, "event-only") == 0) {
- event_only = 1;
- } else {
-- out->printf(out, "**Unknown sensor option: %s\n", tok);
-+ out->eprintf(out, "**Unknown sensor option: %s\n", tok);
- return -1;
- }
-
-@@ -477,7 +477,7 @@ sensor_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
- }
-
- if (handler && event_only) {
-- out->printf(out, "**An event-only sensor cannot be polled\n");
-+ out->eprintf(out, "**An event-only sensor cannot be polled\n");
- return -1;
- }
-
-@@ -488,7 +488,7 @@ sensor_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
- if (!rv && handler->postinit) {
- rv = handler->postinit(rcb_data, &errstr);
- if (rv) {
-- out->printf(out, "**Error in sensor handler postinit: %s\n",
-+ out->eprintf(out, "**Error in sensor handler postinit: %s\n",
- errstr);
- }
- }
-@@ -496,7 +496,7 @@ sensor_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
- rv = ipmi_mc_add_sensor(mc, lun, num, type, code, event_only);
- }
- if (rv)
-- out->printf(out, "**Unable to add to sensor, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to add to sensor, error 0x%x\n", rv);
- return rv;
- }
-
-@@ -532,7 +532,7 @@ sensor_set_bit(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
-
- rv = ipmi_mc_sensor_set_bit(mc, lun, num, bit, value, gen_event);
- if (rv)
-- out->printf(out, "**Unable to set sensor bit, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to set sensor bit, error 0x%x\n", rv);
- return rv;
- }
-
-@@ -563,7 +563,7 @@ sensor_set_bit_clr_rest(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **
-
- rv = ipmi_mc_sensor_set_bit_clr_rest(mc, lun, num, bit, gen_event);
- if (rv)
-- out->printf(out, "**Unable to set sensor bit, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to set sensor bit, error 0x%x\n", rv);
- return rv;
- }
-
-@@ -594,7 +594,7 @@ sensor_set_value(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
-
- rv = ipmi_mc_sensor_set_value(mc, lun, num, value, gen_event);
- if (rv)
-- out->printf(out, "**Unable to set sensor value, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to set sensor value, error 0x%x\n", rv);
- return rv;
- }
-
-@@ -637,7 +637,7 @@ sensor_set_hysteresis(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **to
- rv = ipmi_mc_sensor_set_hysteresis(mc, lun, num, support, positive,
- negative);
- if (rv)
-- out->printf(out, "**Unable to set sensor hysteresis, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to set sensor hysteresis, error 0x%x\n", rv);
- return rv;
- }
-
-@@ -682,7 +682,7 @@ sensor_set_threshold(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **tok
- rv = ipmi_mc_sensor_set_threshold(mc, lun, num, support,
- enabled, 1, thresholds);
- if (rv)
-- out->printf(out, "**Unable to set sensor thresholds, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to set sensor thresholds, error 0x%x\n", rv);
- return rv;
- }
-
-@@ -759,7 +759,7 @@ sensor_set_event_support(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char *
- assert_support, deassert_support,
- assert_enabled, deassert_enabled);
- if (rv)
-- out->printf(out, "**Unable to set sensor thresholds, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to set sensor thresholds, error 0x%x\n", rv);
- return rv;
- }
-
-@@ -819,7 +819,7 @@ mc_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
- else if (strcmp("persist_sdr", tok) == 0)
- flags |= IPMI_MC_PERSIST_SDR;
- else {
-- out->printf(out, "**Invalid MC flag: %s\n", tok);
-+ out->eprintf(out, "**Invalid MC flag: %s\n", tok);
- return -1;
- }
- }
-@@ -833,7 +833,7 @@ mc_add(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
- device_revision, major_fw_rev, minor_fw_rev,
- device_support, mfg_id, product_id, flags);
- if (rv)
-- out->printf(out, "**Unable to add the MC, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to add the MC, error 0x%x\n", rv);
- return rv;
- }
-
-@@ -890,7 +890,7 @@ mc_set_power(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
-
- rv = ipmi_mc_set_power(mc, power, gen_int);
- if (rv)
-- out->printf(out, "**Unable to set power, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to set power, error 0x%x\n", rv);
- return rv;
- }
-
-@@ -916,7 +916,7 @@ mc_add_fru_data(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
-
- tok = mystrtok(NULL, " \t\n", toks);
- if (!tok) {
-- out->printf(out, "**No FRU data type given");
-+ out->eprintf(out, "**No FRU data type given");
- return -1;
- }
- if (strcmp(tok, "file") == 0) {
-@@ -929,13 +929,13 @@ mc_add_fru_data(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
-
- rv = get_delim_str(toks, &frufn, &errstr);
- if (rv) {
-- out->printf(out, "**Error with FRU filename: %d", strerror(rv));
-+ out->eprintf(out, "**Error with FRU filename: %d", strerror(rv));
- return rv;
- }
- rv = ipmi_mc_add_fru_file(mc, devid, length, file_offset,
- (void *) frufn);
- if (rv)
-- out->printf(out, "**Unable to add FRU file, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to add FRU file, error 0x%x\n", rv);
-
- } else if (strcmp(tok, "data") == 0) {
- for (i=0; iprintf(out, "**Error 0x%x in data byte %d\n", rv, i);
-+ out->eprintf(out, "**Error 0x%x in data byte %d\n", rv, i);
- return rv;
- }
- }
-
- rv = emu_get_uchar(out, toks, &data[i], "data byte", 1);
- if (rv != ENOSPC) {
-- out->printf(out, "**Error: input data too long for FRU\n", rv, i);
-+ out->eprintf(out, "**Error: input data too long for FRU\n", rv, i);
- return EINVAL;
- }
-
-@@ -958,9 +958,9 @@ mc_add_fru_data(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
-
- rv = ipmi_mc_add_fru_data(mc, devid, length, NULL, data);
- if (rv)
-- out->printf(out, "**Unable to add FRU data, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to add FRU data, error 0x%x\n", rv);
- } else {
-- out->printf(out, "**FRU type not given, need file or data\n");
-+ out->eprintf(out, "**FRU type not given, need file or data\n");
- rv = EINVAL;
- }
- return rv;
-@@ -981,28 +981,28 @@ mc_dump_fru_data(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
-
- rv = ipmi_mc_get_fru_data_len(mc, devid, &length);
- if (rv) {
-- out->printf(out, "**Unable to dump FRU data, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to dump FRU data, error 0x%x\n", rv);
- goto out;
- }
-
- data = malloc(length);
- if (!data) {
-- out->printf(out, "**Unable to dump FRU data, out of memory\n", rv);
-+ out->eprintf(out, "**Unable to dump FRU data, out of memory\n", rv);
- goto out;
- }
-
- rv = ipmi_mc_get_fru_data(mc, devid, length, data);
- if (rv) {
-- out->printf(out, "**Unable to dump FRU data, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to dump FRU data, error 0x%x\n", rv);
- goto out;
- }
-
- for (i=0; i 0) && ((i % 8) == 0))
-- out->printf(out, "\n");
-- out->printf(out, " 0x%2.2x", data[i]);
-+ out->eprintf(out, "\n");
-+ out->eprintf(out, " 0x%2.2x", data[i]);
- }
-- out->printf(out, "\n");
-+ out->eprintf(out, "\n");
-
- out:
- if (data)
-@@ -1021,7 +1021,7 @@ mc_setbmc(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
- return rv;
- rv = ipmi_emu_set_bmc_mc(emu, ipmb);
- if (rv)
-- out->printf(out, "**Invalid IPMB address\n");
-+ out->eprintf(out, "**Invalid IPMB address\n");
- return rv;
- }
-
-@@ -1032,7 +1032,7 @@ atca_enable(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
-
- rv = ipmi_emu_atca_enable(emu);
- if (rv)
-- out->printf(out, "**Unable to enable ATCA mode, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to enable ATCA mode, error 0x%x\n", rv);
- return rv;
- }
-
-@@ -1056,7 +1056,7 @@ atca_set_site(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
-
- rv = ipmi_emu_atca_set_site(emu, hw_address, site_type, site_number);
- if (rv)
-- out->printf(out, "**Unable to set site type, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to set site type, error 0x%x\n", rv);
- return rv;
- }
-
-@@ -1072,7 +1072,7 @@ mc_set_num_leds(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
-
- rv = ipmi_mc_set_num_leds(mc, count);
- if (rv)
-- out->printf(out, "**Unable to set number of LEDs, error 0x%x\n", rv);
-+ out->eprintf(out, "**Unable to set number of LEDs, error 0x%x\n", rv);
- return rv;
- }
-
-@@ -1085,7 +1085,7 @@ read_cmds(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
-
- err = get_delim_str(toks, &filename, &errstr);
- if (err) {
-- out->printf(out, "Could not get include filename: %s\n", errstr);
-+ out->eprintf(out, "Could not get include filename: %s\n", errstr);
- return err;
- }
-
-@@ -1097,7 +1097,7 @@ read_cmds(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
- {
- char *nf = malloc(strlen(BASE_CONF_STR) + strlen(filename) + 2);
- if (!nf) {
-- out->printf(out, "Out of memory in include\n", errstr);
-+ out->eprintf(out, "Out of memory in include\n", errstr);
- goto out_err;
- }
- strcpy(nf, BASE_CONF_STR);
-@@ -1107,7 +1107,7 @@ read_cmds(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
- filename = nf;
- err = read_command_file(out, emu, filename);
- if (err) {
-- out->printf(out, "Could not read include file %s\n", filename);
-+ out->eprintf(out, "Could not read include file %s\n", filename);
- }
- }
-
-@@ -1147,7 +1147,7 @@ debug_cmd(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
- } else if (strcmp(tok, "sol") == 0) {
- level |= DEBUG_SOL;
- } else {
-- out->printf(out, "Invalid debug level '%s', options are 'raw' and 'msg'\n",
-+ out->eprintf(out, "Invalid debug level '%s', options are 'raw' and 'msg'\n",
- tok);
- return EINVAL;
- }
-@@ -1168,7 +1168,7 @@ persist_cmd(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
- } else if (strcmp(tok, "off") == 0) {
- persist_enable = 0;
- } else {
-- out->printf(out, "Invalid persist vale '%s', options are 'on' and 'off'\n",
-+ out->eprintf(out, "Invalid persist vale '%s', options are 'on' and 'off'\n",
- tok);
- return EINVAL;
- }
-@@ -1194,18 +1194,18 @@ do_define(emu_out_t *out, emu_data_t *emu, lmc_data_t *mc, char **toks)
-
- name = mystrtok(NULL, " \t\n", toks);
- if (!name) {
-- out->printf(out, "No variable name given for define\n");
-+ out->eprintf(out, "No variable name given for define\n");
- return EINVAL;
- }
- err = get_delim_str(toks, &value, &errstr);
- if (err) {
-- out->printf(out, "Could not get variable %s value: %s\n", name, errstr);
-+ out->eprintf(out, "Could not get variable %s value: %s\n", name, errstr);
- return err;
- }
- err = add_variable(name, value);
- if (err) {
- free(value);
-- out->printf(out, "Out of memory setting variable %s\n", name);
-+ out->eprintf(out, "Out of memory setting variable %s\n", name);
- return err;
- }
- return 0;
-@@ -1301,7 +1301,7 @@ ipmi_emu_cmd(emu_out_t *out, emu_data_t *emu, char *cmd_str)
- return rv;
- rv = ipmi_emu_get_mc_by_addr(emu, ipmb, &mc);
- if (rv) {
-- out->printf(out, "**Invalid MC address\n");
-+ out->eprintf(out, "**Invalid MC address\n");
- return rv;
- }
- }
-@@ -1312,7 +1312,7 @@ ipmi_emu_cmd(emu_out_t *out, emu_data_t *emu, char *cmd_str)
- }
- }
-
-- out->printf(out, "**Unknown command: %s\n", cmd);
-+ out->eprintf(out, "**Unknown command: %s\n", cmd);
-
- out:
- return rv;
-diff --git a/lanserv/ipmi_sim.c b/lanserv/ipmi_sim.c
-index 9472cce..30c4f27 100644
---- a/lanserv/ipmi_sim.c
-+++ b/lanserv/ipmi_sim.c
-@@ -607,8 +607,8 @@ isim_log(sys_data_t *sys, int logtype, msg_t *msg, const char *format,
-
- con = data->consoles;
- while (con) {
-- con->out.printf(&con->out, "%s", str);
-- con->out.printf(&con->out, "\n");
-+ con->out.eprintf(&con->out, "%s", str);
-+ con->out.eprintf(&con->out, "\n");
- con = con->next;
- }
- #if HAVE_SYSLOG
-@@ -956,7 +956,7 @@ console_bind_ready(int fd, void *cb_data, os_hnd_fd_id_t *id)
- newcon->shutdown_on_close = 0;
- newcon->telnet = 1;
- newcon->tn_pos = 0;
-- newcon->out.printf = emu_printf;
-+ newcon->out.eprintf = emu_printf;
- newcon->out.data = newcon;
-
- setsockopt(rv, IPPROTO_TCP, TCP_NODELAY, (char *)&val, sizeof(val));
-@@ -1463,10 +1463,10 @@ main(int argc, const char *argv[])
- stdio_console.telnet = 0;
- stdio_console.tn_pos = 0;
- if (nostdio) {
-- stdio_console.out.printf = dummy_printf;
-+ stdio_console.out.eprintf = dummy_printf;
- stdio_console.out.data = &stdio_console;
- } else {
-- stdio_console.out.printf = emu_printf;
-+ stdio_console.out.eprintf = emu_printf;
- stdio_console.out.data = &stdio_console;
- }
- stdio_console.next = NULL;
---
-2.14.1
-
diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmigui-not-compile-pyc-pyo.patch b/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmigui-not-compile-pyc-pyo.patch
new file mode 100644
index 000000000..389407590
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/openipmi/files/openipmigui-not-compile-pyc-pyo.patch
@@ -0,0 +1,26 @@
+openipmi load swig/python/.libs/_OpenIPMI.so to create .pyc and .pyo files.
+It fails when multilib is enable:
+
+| ImportError: .../lib32-openipmi/2.0.25-r0/OpenIPMI-2.0.25/swig/python/.libs/_OpenIPMI.so: wrong ELF class: ELFCLASS32
+
+Don't compile and install .pyc and .pyo files to fix the failure.
+
+Upstream-Status: Inappropriate [OE specific]
+
+Signed-off-by: Kai Kang
+diff --git a/swig/python/openipmigui/Makefile.am b/swig/python/openipmigui/Makefile.am
+index 570e7b9..88258bf 100644
+--- a/swig/python/openipmigui/Makefile.am
++++ b/swig/python/openipmigui/Makefile.am
+@@ -34,9 +34,9 @@ localcopy:
+ fi \
+ done
+
+-all-local: localcopy $(PYC_FILES) $(PYO_FILES)
++all-local: localcopy
+
+-install-exec-local: $(EXTRA_DIST) $(PYC_FILES) $(PYO_FILES)
++install-exec-local: $(EXTRA_DIST)
+ $(INSTALL) -d $(DESTDIR)$(PYTHON_INSTALL_DIR)/openipmigui
+ $(INSTALL_DATA) $^ $(DESTDIR)$(PYTHON_INSTALL_DIR)/openipmigui
+
diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.24.bb b/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.24.bb
deleted file mode 100644
index a4f63c5f4..000000000
--- a/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.24.bb
+++ /dev/null
@@ -1,110 +0,0 @@
-SUMMARY = "IPMI (Intelligent Platform Management Interface) library and tools"
-DESCRIPTION = "OpenIPMI is an effort to create a full-function IPMI system, \
-to allow full access to all IPMI information on a server \
-and to abstract it to a level that will make it easy to use"
-
-HOMEPAGE = "http://openipmi.sourceforge.net"
-
-DEPENDS = " \
- glib-2.0 \
- ncurses \
- net-snmp \
- openssl \
- popt \
- python \
- swig-native \
- "
-
-LICENSE = "GPLv2 & LGPLv2.1 & BSD"
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \
- file://COPYING.LIB;md5=d8045f3b8f929c1cb29a1e3fd737b499 \
- file://COPYING.BSD;md5=4b318d4160eb69c8ee53452feb1b4cdf \
- "
-
-SRC_URI = "${SOURCEFORGE_MIRROR}/openipmi/OpenIPMI-${PV}.tar.gz \
- file://fix-symlink-install-error-in-cmdlang.patch \
- file://openipmi-no-openipmigui-man.patch \
- file://openipmi-remove-host-path-from-la_LDFLAGS.patch \
- file://ipmi-init-fix-the-arguments.patch \
- file://do-not-install-pyc-and-pyo.patch \
- file://include_sys_types.patch \
- file://openipmi-helper \
- file://ipmi.service \
- file://0001-lanserv-Rename-struct-parameter-printf-for-namespace.patch \
- "
-
-S = "${WORKDIR}/OpenIPMI-${PV}"
-SRC_URI[md5sum] = "58f9542cbfcb5fe250b77cf88345e1ec"
-SRC_URI[sha256sum] = "bca39a27071278a8b74610181ede8df51e155e5e9031bc8eaa3699d1720292b4"
-
-inherit autotools-brokensep pkgconfig pythonnative perlnative update-rc.d systemd
-
-EXTRA_OECONF = "--disable-static \
- --with-perl='${STAGING_BINDIR_NATIVE}/perl-native/perl' \
- --with-python='${STAGING_BINDIR_NATIVE}/python-native/python' \
- --with-pythoninstall='${PYTHON_SITEPACKAGES_DIR}' \
- --with-glibver=2.0"
-
-PACKAGECONFIG ??= "gdbm"
-PACKAGECONFIG[gdbm] = "ac_cv_header_gdbm_h=yes,ac_cv_header_gdbm_h=no,gdbm,"
-
-PACKAGES += "${PN}-perl ${PN}-python"
-
-FILES_${PN}-perl = " \
- ${libdir}/perl/vendor_perl/*/OpenIPMI.pm \
- ${libdir}/perl/vendor_perl/*/auto/OpenIPMI/OpenIPMI.so \
- "
-
-FILES_${PN}-python = "${PYTHON_SITEPACKAGES_DIR}"
-
-FILES_${PN}-dbg += " \
- ${libdir}/perl/vendor_perl/*/auto/OpenIPMI/.debug \
- ${PYTHON_SITEPACKAGES_DIR}/.debug \
- "
-
-do_configure () {
-
- # Let's perform regular configuration first then handle perl issues.
- autotools_do_configure
-
- perl_ver=`perl -V:version | cut -d\' -f 2`
-
- # Force openipmi perl bindings to be compiled using perl-native instead of
- # the host's perl. Set the proper install directory for the resulting
- # openipmi.pm and openipmi.so
- for i in ${S}/swig/Makefile ${S}/swig/perl/Makefile; do
- echo "SAL: i = $i"
- echo "SAL: STAGING_INCDIR_NATIVE = $STAGING_INCDIR_NATIVE"
- echo "SAL: libdir = $libdir"
- sed -i -e "/^PERL_CFLAGS/s:-I/usr/local/include:-I${STAGING_INCDIR_NATIVE}:g" $i
- sed -i -e "/^PERL_INSTALL_DIR/s:^PERL_INSTALL_DIR = .*:PERL_INSTALL_DIR = ${libdir}/perl/vendor_perl/$perl_ver:g" $i
- done
-}
-
-do_install_append () {
- echo "SAL: D = $D"
- echo "SAL: libdir = $libdir"
- install -m 0755 -d ${D}${sysconfdir}/sysconfig ${D}${sysconfdir}/init.d
- install -m 0755 ${S}/ipmi.init ${D}${sysconfdir}/init.d/ipmi
- install -m 0644 ${S}/ipmi.sysconf ${D}${sysconfdir}/sysconfig/ipmi
- # SAL: mv: cannot stat `/localdisk/loadbuild/slittle1/workspace/cgts_test_build/bitbake_build/tmp/work/x86_64-wrs-linux/openipmi-2.0.19-r4/image/usr/lib64/perl5': No such file or directory
- # SAL: real path to perl is /localdisk/loadbuild/slittle1/workspace/cgts_test_build/bitbake_build/tmp/work/x86_64-wrs-linux/perl-5.14.2-r8.3/package/usr/lib64/perl5 and it is a symlink to perl so no need to mv.
- if [ -d ${D}${libdir}/perl5 ]
- then
- mv ${D}${libdir}/perl5 ${D}${libdir}/perl
- fi
-
- # for systemd
- install -d ${D}${systemd_unitdir}/system
- install -m 0664 ${WORKDIR}/ipmi.service ${D}${systemd_unitdir}/system
- sed -i -e "s,@LIBEXECDIR@,${libexecdir},g" ${D}${systemd_unitdir}/system/ipmi.service
- install -d ${D}${libexecdir}
- install -m 0755 ${WORKDIR}/openipmi-helper ${D}${libexecdir}
-}
-
-INITSCRIPT_NAME = "ipmi"
-INITSCRIPT_PARAMS = "start 30 . stop 70 0 1 2 3 4 5 6 ."
-
-SYSTEMD_SERVICE_${PN} = "ipmi.service"
-SYSTEMD_AUTO_ENABLE = "disable"
diff --git a/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.25.bb b/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.25.bb
new file mode 100644
index 000000000..d28ebd484
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/openipmi/openipmi_2.0.25.bb
@@ -0,0 +1,110 @@
+SUMMARY = "IPMI (Intelligent Platform Management Interface) library and tools"
+DESCRIPTION = "OpenIPMI is an effort to create a full-function IPMI system, \
+to allow full access to all IPMI information on a server \
+and to abstract it to a level that will make it easy to use"
+
+HOMEPAGE = "http://openipmi.sourceforge.net"
+
+DEPENDS = " \
+ glib-2.0 \
+ ncurses \
+ net-snmp \
+ openssl \
+ popt \
+ python \
+ swig-native \
+ "
+
+LICENSE = "GPLv2 & LGPLv2.1 & BSD"
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \
+ file://COPYING.LIB;md5=d8045f3b8f929c1cb29a1e3fd737b499 \
+ file://COPYING.BSD;md5=4b318d4160eb69c8ee53452feb1b4cdf \
+ "
+
+SRC_URI = "${SOURCEFORGE_MIRROR}/openipmi/OpenIPMI-${PV}.tar.gz \
+ file://fix-symlink-install-error-in-cmdlang.patch \
+ file://openipmi-no-openipmigui-man.patch \
+ file://openipmi-remove-host-path-from-la_LDFLAGS.patch \
+ file://ipmi-init-fix-the-arguments.patch \
+ file://do-not-install-pyc-and-pyo.patch \
+ file://include_sys_types.patch \
+ file://openipmigui-not-compile-pyc-pyo.patch \
+ file://openipmi-helper \
+ file://ipmi.service \
+ "
+
+S = "${WORKDIR}/OpenIPMI-${PV}"
+SRC_URI[md5sum] = "1461ac4d78fc516646fd0a6e605a8b05"
+SRC_URI[sha256sum] = "f0f1a0ec732409930b7a31a6daa6cf39b585f52059b62a5f092b7ece21aa75a5"
+
+inherit autotools-brokensep pkgconfig pythonnative perlnative update-rc.d systemd
+
+EXTRA_OECONF = "--disable-static \
+ --with-perl='${STAGING_BINDIR_NATIVE}/perl-native/perl' \
+ --with-python='${STAGING_BINDIR_NATIVE}/python-native/python' \
+ --with-pythoninstall='${PYTHON_SITEPACKAGES_DIR}' \
+ --with-glibver=2.0"
+
+PACKAGECONFIG ??= "gdbm"
+PACKAGECONFIG[gdbm] = "ac_cv_header_gdbm_h=yes,ac_cv_header_gdbm_h=no,gdbm,"
+
+PACKAGES += "${PN}-perl ${PN}-python"
+
+FILES_${PN}-perl = " \
+ ${libdir}/perl/vendor_perl/*/OpenIPMI.pm \
+ ${libdir}/perl/vendor_perl/*/auto/OpenIPMI/OpenIPMI.so \
+ "
+
+FILES_${PN}-python = "${PYTHON_SITEPACKAGES_DIR}"
+
+FILES_${PN}-dbg += " \
+ ${libdir}/perl/vendor_perl/*/auto/OpenIPMI/.debug \
+ ${PYTHON_SITEPACKAGES_DIR}/.debug \
+ "
+
+do_configure () {
+
+ # Let's perform regular configuration first then handle perl issues.
+ autotools_do_configure
+
+ perl_ver=`perl -V:version | cut -d\' -f 2`
+
+ # Force openipmi perl bindings to be compiled using perl-native instead of
+ # the host's perl. Set the proper install directory for the resulting
+ # openipmi.pm and openipmi.so
+ for i in ${S}/swig/Makefile ${S}/swig/perl/Makefile; do
+ echo "SAL: i = $i"
+ echo "SAL: STAGING_INCDIR_NATIVE = $STAGING_INCDIR_NATIVE"
+ echo "SAL: libdir = $libdir"
+ sed -i -e "/^PERL_CFLAGS/s:-I/usr/local/include:-I${STAGING_INCDIR_NATIVE}:g" $i
+ sed -i -e "/^PERL_INSTALL_DIR/s:^PERL_INSTALL_DIR = .*:PERL_INSTALL_DIR = ${libdir}/perl/vendor_perl/$perl_ver:g" $i
+ done
+}
+
+do_install_append () {
+ echo "SAL: D = $D"
+ echo "SAL: libdir = $libdir"
+ install -m 0755 -d ${D}${sysconfdir}/sysconfig ${D}${sysconfdir}/init.d
+ install -m 0755 ${S}/ipmi.init ${D}${sysconfdir}/init.d/ipmi
+ install -m 0644 ${S}/ipmi.sysconf ${D}${sysconfdir}/sysconfig/ipmi
+ # SAL: mv: cannot stat `/localdisk/loadbuild/slittle1/workspace/cgts_test_build/bitbake_build/tmp/work/x86_64-wrs-linux/openipmi-2.0.19-r4/image/usr/lib64/perl5': No such file or directory
+ # SAL: real path to perl is /localdisk/loadbuild/slittle1/workspace/cgts_test_build/bitbake_build/tmp/work/x86_64-wrs-linux/perl-5.14.2-r8.3/package/usr/lib64/perl5 and it is a symlink to perl so no need to mv.
+ if [ -d ${D}${libdir}/perl5 ]
+ then
+ mv ${D}${libdir}/perl5 ${D}${libdir}/perl
+ fi
+
+ # for systemd
+ install -d ${D}${systemd_unitdir}/system
+ install -m 0664 ${WORKDIR}/ipmi.service ${D}${systemd_unitdir}/system
+ sed -i -e "s,@LIBEXECDIR@,${libexecdir},g" ${D}${systemd_unitdir}/system/ipmi.service
+ install -d ${D}${libexecdir}
+ install -m 0755 ${WORKDIR}/openipmi-helper ${D}${libexecdir}
+}
+
+INITSCRIPT_NAME = "ipmi"
+INITSCRIPT_PARAMS = "start 30 . stop 70 0 1 2 3 4 5 6 ."
+
+SYSTEMD_SERVICE_${PN} = "ipmi.service"
+SYSTEMD_AUTO_ENABLE = "disable"
diff --git a/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.4.4.bb b/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.4.4.bb
deleted file mode 100644
index 4cad99869..000000000
--- a/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.4.4.bb
+++ /dev/null
@@ -1,67 +0,0 @@
-SUMMARY = "A full-featured SSL VPN solution via tun device."
-HOMEPAGE = "http://openvpn.sourceforge.net"
-SECTION = "net"
-LICENSE = "GPLv2"
-LIC_FILES_CHKSUM = "file://COPYING;md5=e9b64491ec98eb6c6493ac5e4118f107"
-DEPENDS = "lzo openssl iproute2 ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
-
-inherit autotools systemd
-
-SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \
- file://openvpn \
- file://openvpn@.service \
- file://openvpn-volatile.conf"
-
-SRC_URI[md5sum] = "705a79d005558d94fa1e2b74e4413e97"
-SRC_URI[sha256sum] = "1ae883d9522c9fa6d189e5e4aaa058a93edd3d0b897e3c2664107c4785099fc3"
-
-SYSTEMD_SERVICE_${PN} += "openvpn@loopback-server.service openvpn@loopback-client.service"
-SYSTEMD_AUTO_ENABLE = "disable"
-
-CFLAGS += "-fno-inline"
-
-# I want openvpn to be able to read password from file (hrw)
-EXTRA_OECONF += "--enable-iproute2"
-EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '', '--disable-plugin-auth-pam', d)}"
-
-# Explicitly specify IPROUTE to bypass the configure-time check for /sbin/ip on the host.
-EXTRA_OECONF += "IPROUTE=${base_sbindir}/ip"
-
-do_install_append() {
- install -d ${D}/${sysconfdir}/init.d
- install -m 755 ${WORKDIR}/openvpn ${D}/${sysconfdir}/init.d
-
- install -d ${D}/${sysconfdir}/openvpn
- install -d ${D}/${sysconfdir}/openvpn/sample
- install -m 755 ${S}/sample/sample-config-files/loopback-server ${D}${sysconfdir}/openvpn/sample/loopback-server.conf
- install -m 755 ${S}/sample/sample-config-files/loopback-client ${D}${sysconfdir}/openvpn/sample/loopback-client.conf
- install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-keys
- install -m 644 ${S}/sample/sample-keys/* ${D}${sysconfdir}/openvpn/sample/sample-keys
-
- if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
- install -d ${D}/${systemd_unitdir}/system
- install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system
- install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system/openvpn@loopback-server.service
- install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system/openvpn@loopback-client.service
-
- install -d ${D}/${localstatedir}
- install -d ${D}/${localstatedir}/lib
- install -d -m 710 ${D}/${localstatedir}/lib/openvpn
-
- install -d ${D}${sysconfdir}/tmpfiles.d
- install -m 0644 ${WORKDIR}/openvpn-volatile.conf ${D}${sysconfdir}/tmpfiles.d/openvpn.conf
- sed -i -e 's#@LOCALSTATEDIR@#${localstatedir}#g' ${D}${sysconfdir}/tmpfiles.d/openvpn.conf
- fi
-}
-
-PACKAGES =+ " ${PN}-sample "
-
-RRECOMMENDS_${PN} = "kernel-module-tun"
-
-FILES_${PN}-dbg += "${libdir}/openvpn/plugins/.debug"
-FILES_${PN} += "${systemd_unitdir}/system/openvpn@.service \
- ${sysconfdir}/tmpfiles.d \
- "
-FILES_${PN}-sample += "${systemd_unitdir}/system/openvpn@loopback-server.service \
- ${systemd_unitdir}/system/openvpn@loopback-client.service \
- ${sysconfdir}/openvpn/sample/"
diff --git a/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.4.6.bb b/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.4.6.bb
new file mode 100644
index 000000000..84fd467c7
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.4.6.bb
@@ -0,0 +1,71 @@
+SUMMARY = "A full-featured SSL VPN solution via tun device."
+HOMEPAGE = "http://openvpn.sourceforge.net"
+SECTION = "net"
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://COPYING;md5=7aee596ed2deefe3e8a861e24292abba"
+DEPENDS = "lzo openssl iproute2 ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
+
+inherit autotools systemd update-rc.d
+
+SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \
+ file://openvpn \
+ file://openvpn@.service \
+ file://openvpn-volatile.conf"
+
+SRC_URI[md5sum] = "971d57e29b78b4b902eb2f4aae2f05a7"
+SRC_URI[sha256sum] = "738dbd37fcf8eb9382c53628db22258c41ba9550165519d9200e8bebaef4cbe2"
+
+SYSTEMD_SERVICE_${PN} += "openvpn@loopback-server.service openvpn@loopback-client.service"
+SYSTEMD_AUTO_ENABLE = "disable"
+
+INITSCRIPT_PACKAGES = "${PN}"
+INITSCRIPT_NAME_${PN} = "openvpn"
+INITSCRIPT_PARAMS_${PN} = "start 10 2 3 4 5 . stop 70 0 1 6 ."
+
+CFLAGS += "-fno-inline"
+
+# I want openvpn to be able to read password from file (hrw)
+EXTRA_OECONF += "--enable-iproute2"
+EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '', '--disable-plugin-auth-pam', d)}"
+
+# Explicitly specify IPROUTE to bypass the configure-time check for /sbin/ip on the host.
+EXTRA_OECONF += "IPROUTE=${base_sbindir}/ip"
+
+do_install_append() {
+ install -d ${D}/${sysconfdir}/init.d
+ install -m 755 ${WORKDIR}/openvpn ${D}/${sysconfdir}/init.d
+
+ install -d ${D}/${sysconfdir}/openvpn
+ install -d ${D}/${sysconfdir}/openvpn/sample
+ install -m 755 ${S}/sample/sample-config-files/loopback-server ${D}${sysconfdir}/openvpn/sample/loopback-server.conf
+ install -m 755 ${S}/sample/sample-config-files/loopback-client ${D}${sysconfdir}/openvpn/sample/loopback-client.conf
+ install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-keys
+ install -m 644 ${S}/sample/sample-keys/* ${D}${sysconfdir}/openvpn/sample/sample-keys
+
+ if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
+ install -d ${D}/${systemd_unitdir}/system
+ install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system
+ install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system/openvpn@loopback-server.service
+ install -m 644 ${WORKDIR}/openvpn@.service ${D}/${systemd_unitdir}/system/openvpn@loopback-client.service
+
+ install -d ${D}/${localstatedir}
+ install -d ${D}/${localstatedir}/lib
+ install -d -m 710 ${D}/${localstatedir}/lib/openvpn
+
+ install -d ${D}${sysconfdir}/tmpfiles.d
+ install -m 0644 ${WORKDIR}/openvpn-volatile.conf ${D}${sysconfdir}/tmpfiles.d/openvpn.conf
+ sed -i -e 's#@LOCALSTATEDIR@#${localstatedir}#g' ${D}${sysconfdir}/tmpfiles.d/openvpn.conf
+ fi
+}
+
+PACKAGES =+ " ${PN}-sample "
+
+RRECOMMENDS_${PN} = "kernel-module-tun"
+
+FILES_${PN}-dbg += "${libdir}/openvpn/plugins/.debug"
+FILES_${PN} += "${systemd_unitdir}/system/openvpn@.service \
+ ${sysconfdir}/tmpfiles.d \
+ "
+FILES_${PN}-sample += "${systemd_unitdir}/system/openvpn@loopback-server.service \
+ ${systemd_unitdir}/system/openvpn@loopback-client.service \
+ ${sysconfdir}/openvpn/sample/"
diff --git a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-Remove-man-files-which-cant-be-built.patch b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-Remove-man-files-which-cant-be-built.patch
new file mode 100644
index 000000000..4b595613f
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-Remove-man-files-which-cant-be-built.patch
@@ -0,0 +1,103 @@
+From 5a8a2f81ef8650f06d1d9d268add612ab46025f1 Mon Sep 17 00:00:00 2001
+From: Khem Raj
+Date: Tue, 12 Jun 2018 22:57:04 -0700
+Subject: [PATCH] Remove man files which cant be built
+
+Remove need for pandoc-prebuilt during cross build
+
+Fixes errors
+
+| CMake Error at libibumad/man/cmake_install.cmake:105 (file):
+| file INSTALL cannot find
+| "/mnt/a/oe/build/tmp/work/core2-64-bec-linux-musl/rdma-core/18.1-r0/git/buildlib/pandoc-prebuilt/41bbb0bed7a781be59e8c0dcd8b7278af2ce6882".
+| Call Stack (most recent call first):
+| cmake_install.cmake:48 (include)
+
+Signed-off-by: Khem Raj
+---
+ libibumad/man/CMakeLists.txt | 1 -
+ libibverbs/man/CMakeLists.txt | 15 ---------------
+ providers/mlx5/man/CMakeLists.txt | 1 -
+ 3 files changed, 17 deletions(-)
+
+diff --git a/libibumad/man/CMakeLists.txt b/libibumad/man/CMakeLists.txt
+index 185584a0..ac45a4e9 100644
+--- a/libibumad/man/CMakeLists.txt
++++ b/libibumad/man/CMakeLists.txt
+@@ -15,7 +15,6 @@ rdma_man_pages(
+ umad_get_mad_addr.3
+ umad_get_pkey.3
+ umad_get_port.3
+- umad_init.3.md
+ umad_open_port.3
+ umad_poll.3
+ umad_recv.3
+diff --git a/libibverbs/man/CMakeLists.txt b/libibverbs/man/CMakeLists.txt
+index 86dd49de..b54675be 100644
+--- a/libibverbs/man/CMakeLists.txt
++++ b/libibverbs/man/CMakeLists.txt
+@@ -5,7 +5,6 @@ rdma_man_pages(
+ ibv_alloc_pd.3
+ ibv_alloc_td.3
+ ibv_asyncwatch.1
+- ibv_attach_mcast.3.md
+ ibv_bind_mw.3
+ ibv_create_ah.3
+ ibv_create_ah_from_wc.3
+@@ -14,7 +13,6 @@ rdma_man_pages(
+ ibv_create_cq_ex.3
+ ibv_modify_cq.3
+ ibv_create_flow.3
+- ibv_create_flow_action.3.md
+ ibv_create_qp.3
+ ibv_create_qp_ex.3
+ ibv_create_rwq_ind_table.3
+@@ -23,15 +21,9 @@ rdma_man_pages(
+ ibv_create_wq.3
+ ibv_devices.1
+ ibv_devinfo.1
+- ibv_event_type_str.3.md
+- ibv_fork_init.3.md
+ ibv_get_async_event.3
+ ibv_get_cq_event.3
+- ibv_get_device_guid.3.md
+ ibv_get_device_list.3
+- ibv_get_device_name.3.md
+- ibv_get_srq_num.3.md
+- ibv_inc_rkey.3.md
+ ibv_modify_qp.3
+ ibv_modify_qp_rate_limit.3
+ ibv_modify_srq.3
+@@ -46,19 +38,12 @@ rdma_man_pages(
+ ibv_post_srq_recv.3
+ ibv_query_device.3
+ ibv_query_device_ex.3
+- ibv_query_gid.3.md
+- ibv_query_pkey.3.md
+ ibv_query_port.3
+ ibv_query_qp.3
+ ibv_query_rt_values_ex.3
+ ibv_query_srq.3
+- ibv_rate_to_mbps.3.md
+- ibv_rate_to_mult.3.md
+ ibv_rc_pingpong.1
+ ibv_reg_mr.3
+- ibv_req_notify_cq.3.md
+- ibv_rereg_mr.3.md
+- ibv_resize_cq.3.md
+ ibv_srq_pingpong.1
+ ibv_uc_pingpong.1
+ ibv_ud_pingpong.1
+diff --git a/providers/mlx5/man/CMakeLists.txt b/providers/mlx5/man/CMakeLists.txt
+index cdc7115e..876b6fcf 100644
+--- a/providers/mlx5/man/CMakeLists.txt
++++ b/providers/mlx5/man/CMakeLists.txt
+@@ -1,5 +1,4 @@
+ rdma_man_pages(
+- mlx5dv_flow_action_esp.3.md
+ mlx5dv_get_clock_info.3
+ mlx5dv_init_obj.3
+ mlx5dv_query_device.3
+--
+2.17.1
+
diff --git a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-S_IFSOCK-is-defined-in-both-glibc-musl.patch b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-S_IFSOCK-is-defined-in-both-glibc-musl.patch
new file mode 100644
index 000000000..b04c9b723
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-S_IFSOCK-is-defined-in-both-glibc-musl.patch
@@ -0,0 +1,29 @@
+From f2df1db11f3a9580774300e703b6f53dbcdb28ef Mon Sep 17 00:00:00 2001
+From: Khem Raj
+Date: Fri, 8 Jun 2018 20:17:57 -0700
+Subject: [PATCH] S_IFSOCK is defined in both glibc/musl
+
+Fixes
+
+preload.c:1183:46: error: '__S_IFSOCK' undeclared (first use in this function); did you mean 'S_IFSOCK'?
+
+Upstream-Status: Pending
+
+Signed-off-by: Khem Raj
+---
+ librdmacm/preload.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/librdmacm/preload.c b/librdmacm/preload.c
+index 0f2aa250..d46beb1b 100644
+--- a/librdmacm/preload.c
++++ b/librdmacm/preload.c
+@@ -1180,7 +1180,7 @@ int __fxstat(int ver, int socket, struct stat *buf)
+ if (fd_get(socket, &fd) == fd_rsocket) {
+ ret = real.fxstat(ver, socket, buf);
+ if (!ret)
+- buf->st_mode = (buf->st_mode & ~S_IFMT) | __S_IFSOCK;
++ buf->st_mode = (buf->st_mode & ~S_IFMT) | S_IFSOCK;
+ } else {
+ ret = real.fxstat(ver, fd, buf);
+ }
diff --git a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-include-endian.h-for-htole32-and-friends.patch b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-include-endian.h-for-htole32-and-friends.patch
new file mode 100644
index 000000000..aa335244b
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0001-include-endian.h-for-htole32-and-friends.patch
@@ -0,0 +1,25 @@
+From 65b9a47c07be4611b4fbbcafff1993186bcb0537 Mon Sep 17 00:00:00 2001
+From: Khem Raj
+Date: Tue, 12 Jun 2018 19:15:52 -0700
+Subject: [PATCH 1/2] include endian.h for htole32 and friends
+
+Signed-off-by: Khem Raj
+---
+ providers/hns/hns_roce_u.h | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/providers/hns/hns_roce_u.h b/providers/hns/hns_roce_u.h
+index bd66c6e7..b07424db 100644
+--- a/providers/hns/hns_roce_u.h
++++ b/providers/hns/hns_roce_u.h
+@@ -34,6 +34,7 @@
+ #define _HNS_ROCE_U_H
+
+ #include
++#include
+ #include
+
+ #include
+--
+2.17.1
+
diff --git a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0002-Remove-unused-include-for-execinfo.h.patch b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0002-Remove-unused-include-for-execinfo.h.patch
new file mode 100644
index 000000000..347f964e9
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0002-Remove-unused-include-for-execinfo.h.patch
@@ -0,0 +1,27 @@
+From 3d9cae15c69c0b3260a024ad5d6802a8d85515a2 Mon Sep 17 00:00:00 2001
+From: Khem Raj
+Date: Tue, 12 Jun 2018 19:18:24 -0700
+Subject: [PATCH 2/2] Remove unused include for execinfo.h
+
+Fixes build on musl
+
+Signed-off-by: Khem Raj
+---
+ providers/qedr/qelr_verbs.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/providers/qedr/qelr_verbs.c b/providers/qedr/qelr_verbs.c
+index e3b01f28..2ee1c832 100644
+--- a/providers/qedr/qelr_verbs.c
++++ b/providers/qedr/qelr_verbs.c
+@@ -54,7 +54,6 @@
+
+ #include
+ #include
+-#include
+
+ #define QELR_SQE_ELEMENT_SIZE (sizeof(struct rdma_sq_sge))
+ #define QELR_RQE_ELEMENT_SIZE (sizeof(struct rdma_rq_sge))
+--
+2.17.1
+
diff --git a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0002-neigh.c-Do-not-include-net-if_packet.h.patch b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0002-neigh.c-Do-not-include-net-if_packet.h.patch
new file mode 100644
index 000000000..e887f222b
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core/0002-neigh.c-Do-not-include-net-if_packet.h.patch
@@ -0,0 +1,26 @@
+From 82486f7e1ee2aa07a5c12cb357834993aa8c1d20 Mon Sep 17 00:00:00 2001
+From: Khem Raj
+Date: Fri, 8 Jun 2018 20:19:13 -0700
+Subject: [PATCH] neigh.c: Do not include net/if_packet.h
+
+This header is glibc specific
+
+Upstream-Status: Pending
+
+Signed-off-by: Khem Raj
+---
+ libibverbs/neigh.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/libibverbs/neigh.c b/libibverbs/neigh.c
+index 21177db0..cfc593a0 100644
+--- a/libibverbs/neigh.c
++++ b/libibverbs/neigh.c
+@@ -2,7 +2,6 @@
+ */
+
+ #include "config.h"
+-#include
+ #include
+ #include
+ #include
diff --git a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core_18.1.bb b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core_18.1.bb
new file mode 100644
index 000000000..6ad864d1e
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core_18.1.bb
@@ -0,0 +1,30 @@
+SUMMARY = "Userspace support for InfiniBand/RDMA verbs"
+DESCRIPTION = "This is the userspace components for the Linux Kernel's drivers Infiniband/RDMA subsystem."
+SECTION = "libs"
+
+DEPENDS = "libnl"
+RDEPENDS_${PN} = "bash perl"
+
+SRC_URI = "git://github.com/linux-rdma/rdma-core.git;branch=stable-v18 \
+ file://0001-S_IFSOCK-is-defined-in-both-glibc-musl.patch \
+ file://0002-neigh.c-Do-not-include-net-if_packet.h.patch \
+ file://0001-include-endian.h-for-htole32-and-friends.patch \
+ file://0002-Remove-unused-include-for-execinfo.h.patch \
+ file://0001-Remove-man-files-which-cant-be-built.patch \
+ "
+SRCREV = "7844b3fbe5120623d63b29ecb43eb83a61129658"
+S = "${WORKDIR}/git"
+
+#Default Dual License https://github.com/linux-rdma/rdma-core/blob/master/COPYING.md
+LICENSE = "BSD-2-Clause | GPLv2"
+LIC_FILES_CHKSUM = "file://COPYING.BSD_FB;md5=0ec18bae1a9df92c8d6ae01f94a289ae \
+ file://COPYING.GPL2;md5=b234ee4d69f5fce4486a80fdaf4a4263"
+
+
+FILES_SOLIBSDEV = ""
+FILES_${PN} += "${libdir}/*"
+INSANE_SKIP_${PN} += "dev-so"
+
+inherit cmake
+
+OECMAKE_FIND_ROOT_PATH_MODE_PROGRAM = "BOTH"
diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice-protocol_git.bb b/meta-openembedded/meta-networking/recipes-support/spice/spice-protocol_git.bb
new file mode 100644
index 000000000..30d0a7675
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/spice/spice-protocol_git.bb
@@ -0,0 +1,28 @@
+#
+# Copyright (C) 2013 Wind River Systems, Inc.
+#
+
+SUMMARY = "Simple Protocol for Independent Computing Environments"
+DESCRIPTION = "SPICE (the Simple Protocol for Independent Computing \
+Environments) is a remote-display system built for virtual \
+environments which allows users to view a computing 'desktop' \
+environment - not only on its computer-server machine, but also from \
+anywhere on the Internet and using a wide variety of machine \
+architectures."
+
+LICENSE = "BSD"
+LIC_FILES_CHKSUM = "file://COPYING;md5=b37311cb5604f3e5cc2fb0fd23527e95"
+
+PV = "0.12.13+git${SRCPV}"
+
+SRCREV = "87441524f4e7b79658e42bd8f1f6c3e3c8649aa5"
+
+SRC_URI = " \
+ git://anongit.freedesktop.org/spice/spice-protocol \
+"
+
+S = "${WORKDIR}/git"
+
+inherit autotools gettext pkgconfig
+
+BBCLASSEXTEND = "native nativesdk"
diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-Convert-pthread_t-to-be-numeric.patch b/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-Convert-pthread_t-to-be-numeric.patch
new file mode 100644
index 000000000..505b7c890
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-Convert-pthread_t-to-be-numeric.patch
@@ -0,0 +1,66 @@
+From 0726ce6d6f52e135e28f15ca8392568c84909b1d Mon Sep 17 00:00:00 2001
+From: Khem Raj
+Date: Sat, 16 Jun 2018 16:21:39 -0700
+Subject: [PATCH] Convert pthread_t to be numeric
+
+typecast pthread_t to unsigned long
+pthread_t is implemented as a struct point in musl and its as per standard
+
+Signed-off-by: Khem Raj
+---
+Upstream-Status: Pending
+
+ server/red-channel.c | 5 +++--
+ server/red-client.c | 6 +++---
+ 2 files changed, 6 insertions(+), 5 deletions(-)
+
+diff --git a/server/red-channel.c b/server/red-channel.c
+index 1b38f04d..11dc667b 100644
+--- a/server/red-channel.c
++++ b/server/red-channel.c
+@@ -192,7 +192,7 @@ red_channel_constructed(GObject *object)
+ {
+ RedChannel *self = RED_CHANNEL(object);
+
+- red_channel_debug(self, "thread_id 0x%lx", self->priv->thread_id);
++ red_channel_debug(self, "thread_id 0x%lx", (unsigned long)self->priv->thread_id);
+
+ RedChannelClass *klass = RED_CHANNEL_GET_CLASS(self);
+
+@@ -475,7 +475,8 @@ void red_channel_remove_client(RedChannel *channel, RedChannelClient *rcc)
+ red_channel_warning(channel, "channel->thread_id (0x%lx) != pthread_self (0x%lx)."
+ "If one of the threads is != io-thread && != vcpu-thread, "
+ "this might be a BUG",
+- channel->priv->thread_id, pthread_self());
++ (unsigned long)channel->priv->thread_id,
++ (unsigned long)pthread_self());
+ }
+ spice_return_if_fail(channel);
+ link = g_list_find(channel->priv->clients, rcc);
+diff --git a/server/red-client.c b/server/red-client.c
+index ddfc5400..76986640 100644
+--- a/server/red-client.c
++++ b/server/red-client.c
+@@ -180,7 +180,7 @@ void red_client_migrate(RedClient *client)
+ spice_warning("client->thread_id (0x%lx) != pthread_self (0x%lx)."
+ "If one of the threads is != io-thread && != vcpu-thread,"
+ " this might be a BUG",
+- client->thread_id, pthread_self());
++ (unsigned long)client->thread_id, (unsigned long)pthread_self());
+ }
+ FOREACH_CHANNEL_CLIENT(client, rcc) {
+ if (red_channel_client_is_connected(rcc)) {
+@@ -199,8 +199,8 @@ void red_client_destroy(RedClient *client)
+ spice_warning("client->thread_id (0x%lx) != pthread_self (0x%lx)."
+ "If one of the threads is != io-thread && != vcpu-thread,"
+ " this might be a BUG",
+- client->thread_id,
+- pthread_self());
++ (unsigned long)client->thread_id,
++ (unsigned long)pthread_self());
+ }
+ red_client_set_disconnecting(client);
+ FOREACH_CHANNEL_CLIENT(client, rcc) {
+--
+2.17.1
+
diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-spice-fix-compile-fail-problem.patch b/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-spice-fix-compile-fail-problem.patch
new file mode 100644
index 000000000..1f9d5fdd7
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/spice/spice/0001-spice-fix-compile-fail-problem.patch
@@ -0,0 +1,36 @@
+From 7023732c65b4dc509c46a54fb7715da275b5597f Mon Sep 17 00:00:00 2001
+From: Changqing Li
+Date: Thu, 13 Sep 2018 12:39:44 +0800
+Subject: [PATCH] spice: fix compile fail problem
+
+compile error:
+format '%d' expects argument of type 'int', but argument 6 has
+type 'long unsigned int' [-Werror=format=]
+
+spice compile failed on 32bit system, since upstream commit
+9541cd2fe(in V0.14.1) change %ld to %PRIdPTR, %PRIdPTR is %d, but argument
+strm.total_out is uLong.
+
+Upstream-Status: Submitted[https://github.com/freedesktop/spice/pull/1]
+
+Signed-off-by: Changqing Li
+---
+ server/red-replay-qxl.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/server/red-replay-qxl.c b/server/red-replay-qxl.c
+index 1fce76c..bd33b58 100644
+--- a/server/red-replay-qxl.c
++++ b/server/red-replay-qxl.c
+@@ -266,7 +266,7 @@ static replay_t read_binary(SpiceReplay *replay, const char *prefix, size_t *siz
+ exit(1);
+ }
+ if ((ret = inflate(&strm, Z_NO_FLUSH)) != Z_STREAM_END) {
+- spice_error("inflate error %d (disc: %" PRIdPTR ")", ret, *size - strm.total_out);
++ spice_error("inflate error %d (disc: %ld)", ret, *size - strm.total_out);
+ if (ret == Z_DATA_ERROR) {
+ /* last operation may be wrong. since we do the recording
+ * in red_worker, when there is a shutdown from the vcpu/io thread
+--
+2.7.4
+
diff --git a/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb b/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb
new file mode 100644
index 000000000..1ad46c2c3
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/spice/spice_git.bb
@@ -0,0 +1,57 @@
+#
+# Copyright (C) 2013 Wind River Systems, Inc.
+#
+
+SUMMARY = "Simple Protocol for Independent Computing Environments"
+DESCRIPTION = "SPICE (the Simple Protocol for Independent Computing \
+Environments) is a remote-display system built for virtual \
+environments which allows users to view a computing 'desktop' \
+environment - not only on its computer-server machine, but also from \
+anywhere on the Internet and using a wide variety of machine \
+architectures."
+
+LICENSE = "BSD & LGPLv2.1+"
+LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c"
+
+PV = "0.14.1+git${SRCPV}"
+
+SRCREV_spice = "eaa07ef15cfc3bf57a69da2576af66f028787774"
+SRCREV_spice-common = "6b93b3fce8909b836ef1d1434d191900d8aa00be"
+
+SRCREV_FORMAT = "spice_spice-common"
+
+SRC_URI = " \
+ git://anongit.freedesktop.org/spice/spice;name=spice \
+ git://anongit.freedesktop.org/spice/spice-common;destsuffix=git/subprojects/spice-common;name=spice-common \
+ file://0001-Convert-pthread_t-to-be-numeric.patch \
+ file://0001-spice-fix-compile-fail-problem.patch \
+"
+
+S = "${WORKDIR}/git"
+
+inherit autotools gettext pythonnative python-dir pkgconfig
+
+DEPENDS += "spice-protocol jpeg pixman alsa-lib glib-2.0 python-pyparsing-native python-six-native glib-2.0-native"
+DEPENDS_append_class-nativesdk = "nativesdk-openssl"
+
+export PYTHON="${STAGING_BINDIR_NATIVE}/python-native/python"
+export PYTHONPATH="${PKG_CONFIG_SYSROOT_DIR}${libdir}/python2.7/site-packages"
+
+PACKAGECONFIG_class-native = ""
+PACKAGECONFIG_class-nativesdk = ""
+PACKAGECONFIG ?= "sasl"
+
+PACKAGECONFIG[celt051] = "--enable-celt051,--disable-celt051,celt051"
+PACKAGECONFIG[smartcard] = "--enable-smartcard,--disable-smartcard,libcacard,"
+PACKAGECONFIG[sasl] = "--with-sasl,--without-sasl,cyrus-sasl,"
+PACKAGECONFIG[client] = "--enable-client,--disable-client,,"
+PACKAGECONFIG[gui] = "--enable-gui,--disable-gui,,"
+PACKAGECONFIG[opus] = "--enable-opus,--disable-opus,libopus,"
+PACKAGECONFIG[opengl] = "--enable-opengl,--disable-opengl,,"
+PACKAGECONFIG[xinerama] = "--enable-xinerama,--disable-xinerama,libxinerama,"
+
+COMPATIBLE_HOST = '(x86_64|i.86).*-linux'
+
+BBCLASSEXTEND = "native nativesdk"
+
+EXTRA_OECONF_toolchain-clang += "--disable-werror"
diff --git a/meta-openembedded/meta-networking/recipes-support/spice/usbredir_git.bb b/meta-openembedded/meta-networking/recipes-support/spice/usbredir_git.bb
new file mode 100644
index 000000000..3fea7528e
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/spice/usbredir_git.bb
@@ -0,0 +1,21 @@
+SUMMARY = "usbredir libraries and utilities"
+
+LICENSE = "GPLv2+ & LGPLv2.1+"
+LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
+ file://COPYING.LIB;md5=4b54a1fd55a448865a0b32d41598759d \
+"
+
+DEPENDS = "libusb1"
+
+SRCREV = "39aa3c69f61bba28856a3eef3fe4ab37a3968e88"
+PV = "0.7.1+git${SRCPV}"
+
+SRC_URI = " \
+ git://anongit.freedesktop.org/spice/usbredir \
+"
+
+S = "${WORKDIR}/git"
+
+inherit autotools pkgconfig
+
+BBCLASSEXTEND = "native nativesdk"
diff --git a/meta-openembedded/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch b/meta-openembedded/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch
index be660d1fd..5945507bf 100644
--- a/meta-openembedded/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch
+++ b/meta-openembedded/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch
@@ -3,7 +3,7 @@ From: "Roy.Li"
Date: Tue, 4 Mar 2014 14:38:42 +0800
Subject: [PATCH] fix the function parameter
-Upstream-Status: pending
+Upstream-Status: Pending
Original openssl_diffie_hellman_create has three parameters, but
it is reassigned a function pointer which has one parameter, and
diff --git a/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.6.2.bb b/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.6.2.bb
deleted file mode 100644
index f2fe1f1cb..000000000
--- a/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.6.2.bb
+++ /dev/null
@@ -1,132 +0,0 @@
-DESCRIPTION = "strongSwan is an OpenSource IPsec implementation for the \
-Linux operating system."
-SUMMARY = "strongSwan is an OpenSource IPsec implementation"
-HOMEPAGE = "http://www.strongswan.org"
-SECTION = "net"
-LICENSE = "GPLv2"
-LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
-DEPENDS = "gmp openssl flex-native flex bison-native"
-
-SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2 \
- file://fix-funtion-parameter.patch \
- file://0001-memory.h-Include-stdint.h-for-uintptr_t.patch \
- "
-
-SRC_URI[md5sum] = "46aa3aa18fbc4bd528f9a0345ce79913"
-SRC_URI[sha256sum] = "e0a60a30ebf3c534c223559e1686497a21ded709a5d605c5123c2f52bcc22e92"
-
-EXTRA_OECONF = " \
- --without-lib-prefix \
-"
-
-EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--with-systemdsystemunitdir=${systemd_unitdir}/system/', '--without-systemdsystemunitdir', d)}"
-
-
-PACKAGECONFIG ??= "charon curl gmp openssl stroke sqlite3 \
- ${@bb.utils.filter('DISTRO_FEATURES', 'ldap', d)} \
-"
-PACKAGECONFIG[aesni] = "--enable-aesni,--disable-aesni,,${PN}-plugin-aesni"
-PACKAGECONFIG[charon] = "--enable-charon,--disable-charon,"
-PACKAGECONFIG[curl] = "--enable-curl,--disable-curl,curl,${PN}-plugin-curl"
-PACKAGECONFIG[gmp] = "--enable-gmp,--disable-gmp,gmp,${PN}-plugin-gmp"
-PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap,openldap,${PN}-plugin-ldap"
-PACKAGECONFIG[mysql] = "--enable-mysql,--disable-mysql,mysql5,${PN}-plugin-mysql"
-PACKAGECONFIG[openssl] = "--enable-openssl,--disable-openssl,openssl,${PN}-plugin-openssl"
-PACKAGECONFIG[scep] = "--enable-scepclient,--disable-scepclient,"
-PACKAGECONFIG[soup] = "--enable-soup,--disable-soup,libsoup-2.4,${PN}-plugin-soup"
-PACKAGECONFIG[sqlite3] = "--enable-sqlite,--disable-sqlite,sqlite3,${PN}-plugin-sqlite"
-PACKAGECONFIG[stroke] = "--enable-stroke,--disable-stroke,,${PN}-plugin-stroke"
-PACKAGECONFIG[swanctl] = "--enable-swanctl,--disable-swanctl,,libgcc"
-
-# requires swanctl
-PACKAGECONFIG[systemd-charon] = "--enable-systemd,--disable-systemd,systemd,"
-
-inherit autotools systemd pkgconfig
-
-RRECOMMENDS_${PN} = "kernel-module-ipsec"
-
-FILES_${PN} += "${libdir}/ipsec/lib*${SOLIBS}"
-FILES_${PN}-dbg += "${bindir}/.debug ${libdir}/ipsec/.debug ${libexecdir}/ipsec/.debug"
-FILES_${PN}-dev += "${libdir}/ipsec/lib*${SOLIBSDEV} ${libdir}/ipsec/*.la"
-FILES_${PN}-staticdev += "${libdir}/ipsec/*.a"
-
-CONFFILES_${PN} = "${sysconfdir}/*.conf ${sysconfdir}/ipsec.d/*.conf ${sysconfdir}/strongswan.d/*.conf"
-
-PACKAGES += "${PN}-plugins"
-ALLOW_EMPTY_${PN}-plugins = "1"
-
-PACKAGES_DYNAMIC += "^${PN}-plugin-.*$"
-NOAUTOPACKAGEDEBUG = "1"
-
-python split_strongswan_plugins () {
- sysconfdir = d.expand('${sysconfdir}/strongswan.d/charon')
- libdir = d.expand('${libdir}/ipsec/plugins')
- dbglibdir = os.path.join(libdir, '.debug')
-
- def add_plugin_conf(f, pkg, file_regex, output_pattern, modulename):
- dvar = d.getVar('PKGD', True)
- oldfiles = d.getVar('CONFFILES_' + pkg, True)
- newfile = '/' + os.path.relpath(f, dvar)
-
- if not oldfiles:
- d.setVar('CONFFILES_' + pkg, newfile)
- else:
- d.setVar('CONFFILES_' + pkg, oldfiles + " " + newfile)
-
- split_packages = do_split_packages(d, libdir, 'libstrongswan-(.*)\.so', '${PN}-plugin-%s', 'strongSwan %s plugin', prepend=True)
- do_split_packages(d, sysconfdir, '(.*)\.conf', '${PN}-plugin-%s', 'strongSwan %s plugin', prepend=True, hook=add_plugin_conf)
-
- split_dbg_packages = do_split_packages(d, dbglibdir, 'libstrongswan-(.*)\.so', '${PN}-plugin-%s-dbg', 'strongSwan %s plugin - Debugging files', prepend=True, extra_depends='${PN}-dbg')
- split_dev_packages = do_split_packages(d, libdir, 'libstrongswan-(.*)\.la', '${PN}-plugin-%s-dev', 'strongSwan %s plugin - Development files', prepend=True, extra_depends='${PN}-dev')
- split_staticdev_packages = do_split_packages(d, libdir, 'libstrongswan-(.*)\.a', '${PN}-plugin-%s-staticdev', 'strongSwan %s plugin - Development files (Static Libraries)', prepend=True, extra_depends='${PN}-staticdev')
-
- if split_packages:
- pn = d.getVar('PN', True)
- d.setVar('RRECOMMENDS_' + pn + '-plugins', ' '.join(split_packages))
- d.appendVar('RRECOMMENDS_' + pn + '-dbg', ' ' + ' '.join(split_dbg_packages))
- d.appendVar('RRECOMMENDS_' + pn + '-dev', ' ' + ' '.join(split_dev_packages))
- d.appendVar('RRECOMMENDS_' + pn + '-staticdev', ' ' + ' '.join(split_staticdev_packages))
-}
-
-PACKAGESPLITFUNCS_prepend = "split_strongswan_plugins "
-
-# Install some default plugins based on default strongSwan ./configure options
-# See https://wiki.strongswan.org/projects/strongswan/wiki/Pluginlist
-RDEPENDS_${PN} += "\
- ${PN}-plugin-aes \
- ${PN}-plugin-attr \
- ${PN}-plugin-cmac \
- ${PN}-plugin-constraints \
- ${PN}-plugin-des \
- ${PN}-plugin-dnskey \
- ${PN}-plugin-hmac \
- ${PN}-plugin-kernel-netlink \
- ${PN}-plugin-md5 \
- ${PN}-plugin-nonce \
- ${PN}-plugin-pem \
- ${PN}-plugin-pgp \
- ${PN}-plugin-pkcs1 \
- ${PN}-plugin-pkcs7 \
- ${PN}-plugin-pkcs8 \
- ${PN}-plugin-pkcs12 \
- ${PN}-plugin-pubkey \
- ${PN}-plugin-random \
- ${PN}-plugin-rc2 \
- ${PN}-plugin-resolve \
- ${PN}-plugin-revocation \
- ${PN}-plugin-sha1 \
- ${PN}-plugin-sha2 \
- ${PN}-plugin-socket-default \
- ${PN}-plugin-sshkey \
- ${PN}-plugin-updown \
- ${PN}-plugin-vici \
- ${PN}-plugin-x509 \
- ${PN}-plugin-xauth-generic \
- ${PN}-plugin-xcbc \
- ${PN}-plugin-curve25519 \
- "
-
-RPROVIDES_${PN} += "${PN}-systemd"
-RREPLACES_${PN} += "${PN}-systemd"
-RCONFLICTS_${PN} += "${PN}-systemd"
-SYSTEMD_SERVICE_${PN} = "${@bb.utils.contains('PACKAGECONFIG', 'swanctl', '${BPN}-swanctl.service', '${BPN}.service', d)}"
diff --git a/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.7.1.bb b/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.7.1.bb
new file mode 100644
index 000000000..c8bb17c5b
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.7.1.bb
@@ -0,0 +1,134 @@
+DESCRIPTION = "strongSwan is an OpenSource IPsec implementation for the \
+Linux operating system."
+SUMMARY = "strongSwan is an OpenSource IPsec implementation"
+HOMEPAGE = "http://www.strongswan.org"
+SECTION = "net"
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
+DEPENDS = "gmp openssl flex-native flex bison-native"
+
+SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2 \
+ file://fix-funtion-parameter.patch \
+ file://0001-memory.h-Include-stdint.h-for-uintptr_t.patch \
+ "
+
+SRC_URI[md5sum] = "86b7e9321cde075cf382268fd282e0b0"
+SRC_URI[sha256sum] = "006f9c9126e2a2f4e7a874b5e1bd2abec1bbbb193c8b3b3a4c6ccd8c2d454bec"
+
+UPSTREAM_CHECK_REGEX = "strongswan-(?P\d+(\.\d+)+)\.tar"
+
+EXTRA_OECONF = " \
+ --without-lib-prefix \
+"
+
+EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--with-systemdsystemunitdir=${systemd_unitdir}/system/', '--without-systemdsystemunitdir', d)}"
+
+
+PACKAGECONFIG ??= "charon curl gmp openssl stroke sqlite3 \
+ ${@bb.utils.filter('DISTRO_FEATURES', 'ldap', d)} \
+"
+PACKAGECONFIG[aesni] = "--enable-aesni,--disable-aesni,,${PN}-plugin-aesni"
+PACKAGECONFIG[charon] = "--enable-charon,--disable-charon,"
+PACKAGECONFIG[curl] = "--enable-curl,--disable-curl,curl,${PN}-plugin-curl"
+PACKAGECONFIG[gmp] = "--enable-gmp,--disable-gmp,gmp,${PN}-plugin-gmp"
+PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap,openldap,${PN}-plugin-ldap"
+PACKAGECONFIG[mysql] = "--enable-mysql,--disable-mysql,mysql5,${PN}-plugin-mysql"
+PACKAGECONFIG[openssl] = "--enable-openssl,--disable-openssl,openssl,${PN}-plugin-openssl"
+PACKAGECONFIG[scep] = "--enable-scepclient,--disable-scepclient,"
+PACKAGECONFIG[soup] = "--enable-soup,--disable-soup,libsoup-2.4,${PN}-plugin-soup"
+PACKAGECONFIG[sqlite3] = "--enable-sqlite,--disable-sqlite,sqlite3,${PN}-plugin-sqlite"
+PACKAGECONFIG[stroke] = "--enable-stroke,--disable-stroke,,${PN}-plugin-stroke"
+PACKAGECONFIG[swanctl] = "--enable-swanctl,--disable-swanctl,,libgcc"
+
+# requires swanctl
+PACKAGECONFIG[systemd-charon] = "--enable-systemd,--disable-systemd,systemd,"
+
+inherit autotools systemd pkgconfig
+
+RRECOMMENDS_${PN} = "kernel-module-ipsec"
+
+FILES_${PN} += "${libdir}/ipsec/lib*${SOLIBS}"
+FILES_${PN}-dbg += "${bindir}/.debug ${libdir}/ipsec/.debug ${libexecdir}/ipsec/.debug"
+FILES_${PN}-dev += "${libdir}/ipsec/lib*${SOLIBSDEV} ${libdir}/ipsec/*.la"
+FILES_${PN}-staticdev += "${libdir}/ipsec/*.a"
+
+CONFFILES_${PN} = "${sysconfdir}/*.conf ${sysconfdir}/ipsec.d/*.conf ${sysconfdir}/strongswan.d/*.conf"
+
+PACKAGES += "${PN}-plugins"
+ALLOW_EMPTY_${PN}-plugins = "1"
+
+PACKAGES_DYNAMIC += "^${PN}-plugin-.*$"
+NOAUTOPACKAGEDEBUG = "1"
+
+python split_strongswan_plugins () {
+ sysconfdir = d.expand('${sysconfdir}/strongswan.d/charon')
+ libdir = d.expand('${libdir}/ipsec/plugins')
+ dbglibdir = os.path.join(libdir, '.debug')
+
+ def add_plugin_conf(f, pkg, file_regex, output_pattern, modulename):
+ dvar = d.getVar('PKGD', True)
+ oldfiles = d.getVar('CONFFILES_' + pkg, True)
+ newfile = '/' + os.path.relpath(f, dvar)
+
+ if not oldfiles:
+ d.setVar('CONFFILES_' + pkg, newfile)
+ else:
+ d.setVar('CONFFILES_' + pkg, oldfiles + " " + newfile)
+
+ split_packages = do_split_packages(d, libdir, 'libstrongswan-(.*)\.so', '${PN}-plugin-%s', 'strongSwan %s plugin', prepend=True)
+ do_split_packages(d, sysconfdir, '(.*)\.conf', '${PN}-plugin-%s', 'strongSwan %s plugin', prepend=True, hook=add_plugin_conf)
+
+ split_dbg_packages = do_split_packages(d, dbglibdir, 'libstrongswan-(.*)\.so', '${PN}-plugin-%s-dbg', 'strongSwan %s plugin - Debugging files', prepend=True, extra_depends='${PN}-dbg')
+ split_dev_packages = do_split_packages(d, libdir, 'libstrongswan-(.*)\.la', '${PN}-plugin-%s-dev', 'strongSwan %s plugin - Development files', prepend=True, extra_depends='${PN}-dev')
+ split_staticdev_packages = do_split_packages(d, libdir, 'libstrongswan-(.*)\.a', '${PN}-plugin-%s-staticdev', 'strongSwan %s plugin - Development files (Static Libraries)', prepend=True, extra_depends='${PN}-staticdev')
+
+ if split_packages:
+ pn = d.getVar('PN', True)
+ d.setVar('RRECOMMENDS_' + pn + '-plugins', ' '.join(split_packages))
+ d.appendVar('RRECOMMENDS_' + pn + '-dbg', ' ' + ' '.join(split_dbg_packages))
+ d.appendVar('RRECOMMENDS_' + pn + '-dev', ' ' + ' '.join(split_dev_packages))
+ d.appendVar('RRECOMMENDS_' + pn + '-staticdev', ' ' + ' '.join(split_staticdev_packages))
+}
+
+PACKAGESPLITFUNCS_prepend = "split_strongswan_plugins "
+
+# Install some default plugins based on default strongSwan ./configure options
+# See https://wiki.strongswan.org/projects/strongswan/wiki/Pluginlist
+RDEPENDS_${PN} += "\
+ ${PN}-plugin-aes \
+ ${PN}-plugin-attr \
+ ${PN}-plugin-cmac \
+ ${PN}-plugin-constraints \
+ ${PN}-plugin-des \
+ ${PN}-plugin-dnskey \
+ ${PN}-plugin-hmac \
+ ${PN}-plugin-kernel-netlink \
+ ${PN}-plugin-md5 \
+ ${PN}-plugin-nonce \
+ ${PN}-plugin-pem \
+ ${PN}-plugin-pgp \
+ ${PN}-plugin-pkcs1 \
+ ${PN}-plugin-pkcs7 \
+ ${PN}-plugin-pkcs8 \
+ ${PN}-plugin-pkcs12 \
+ ${PN}-plugin-pubkey \
+ ${PN}-plugin-random \
+ ${PN}-plugin-rc2 \
+ ${PN}-plugin-resolve \
+ ${PN}-plugin-revocation \
+ ${PN}-plugin-sha1 \
+ ${PN}-plugin-sha2 \
+ ${PN}-plugin-socket-default \
+ ${PN}-plugin-sshkey \
+ ${PN}-plugin-updown \
+ ${PN}-plugin-vici \
+ ${PN}-plugin-x509 \
+ ${PN}-plugin-xauth-generic \
+ ${PN}-plugin-xcbc \
+ ${PN}-plugin-curve25519 \
+ "
+
+RPROVIDES_${PN} += "${PN}-systemd"
+RREPLACES_${PN} += "${PN}-systemd"
+RCONFLICTS_${PN} += "${PN}-systemd"
+SYSTEMD_SERVICE_${PN} = "${@bb.utils.contains('PACKAGECONFIG', 'swanctl', '${BPN}-swanctl.service', '${BPN}.service', d)}"
diff --git a/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.35.bb b/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.35.bb
deleted file mode 100644
index ec8478d6b..000000000
--- a/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.35.bb
+++ /dev/null
@@ -1,24 +0,0 @@
-SUMMARY = "Program for providing universal TLS/SSL tunneling service"
-HOMEPAGE = "http://www.stunnel.org/"
-DESCRIPTION = "SSL encryption wrapper between remote client and local (inetd-startable) or remote server."
-SECTION = "net"
-LICENSE = "GPLv2"
-LIC_FILES_CHKSUM = "file://COPYING;md5=866cdc7459d91e092b174388fab8d283"
-DEPENDS = "openssl zlib tcp-wrappers"
-
-RDEPENDS_${PN} += "perl"
-
-SRC_URI = "ftp://ftp.stunnel.org/stunnel/archive/5.x/${BP}.tar.gz \
- file://fix-openssl-no-des.patch \
-"
-
-SRC_URI[md5sum] = "9079f5fafbccaf88b7d92b227d78249a"
-SRC_URI[sha256sum] = "ffa386ae4c825f35f35157c285e7402a6d58779ad8c3822f74a9d355b54aba1d"
-
-inherit autotools
-
-EXTRA_OECONF += "--with-ssl='${STAGING_EXECPREFIXDIR}' --disable-fips"
-
-PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 systemd', d)}"
-PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd"
-PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
diff --git a/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.49.bb b/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.49.bb
new file mode 100644
index 000000000..eca77cf84
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.49.bb
@@ -0,0 +1,37 @@
+SUMMARY = "Program for providing universal TLS/SSL tunneling service"
+DESCRIPTION = "SSL encryption wrapper between remote client and local (inetd-startable) or remote server."
+HOMEPAGE = "https://www.stunnel.org/"
+SECTION = "net"
+# Note: Linking stunnel statically or dynamically with other modules is making
+# a combined work based on stunnel. Thus, the terms and conditions of the GNU
+# General Public License cover the whole combination.
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://COPYING;md5=f6b7fe7379c9c2d7db6c80f7bd41e06d"
+
+DEPENDS = "autoconf-archive libnsl2 openssl"
+
+SRC_URI = "ftp://ftp.stunnel.org/stunnel/archive/5.x/${BP}.tar.gz \
+ file://fix-openssl-no-des.patch \
+"
+
+SRC_URI[md5sum] = "0b41240e5585ec7d55ca343feed5530f"
+SRC_URI[sha256sum] = "3d6641213a82175c19f23fde1c3d1c841738385289eb7ca1554f4a58b96d955e"
+
+inherit autotools
+
+PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 systemd', d)} libwrap"
+
+PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
+PACKAGECONFIG[libwrap] = "--enable-libwrap,--disable-libwrap,tcp-wrappers"
+PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd,systemd"
+
+EXTRA_OECONF += "--with-ssl='${STAGING_EXECPREFIXDIR}' --disable-fips"
+
+# When cross compiling, configure defaults to nobody, but provides no option to change it.
+EXTRA_OEMAKE += "DEFAULT_GROUP='nogroup'"
+
+# stunnel3 is a Perl wrapper to allow use of the legacy stunnel 3.x commandline
+# syntax with stunnel >= 4.05
+PACKAGES =+ "stunnel3"
+FILES_stunnel3 = "${bindir}/stunnel3"
+RDEPENDS_stunnel3 += "${PN} perl"
diff --git a/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/disable-documentation.patch b/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/disable-documentation.patch
index 01d0236be..91508d721 100644
--- a/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/disable-documentation.patch
+++ b/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/disable-documentation.patch
@@ -1,19 +1,40 @@
---- a/configure.ac 2016-01-01 17:42:27.000000000 +0100
-+++ b/configure.ac 2017-04-20 14:03:37.238254471 +0200
-@@ -284,24 +284,12 @@
- AC_SUBST(LIBS)
- AC_SUBST(ADDITIONAL_OBJECTS)
+From b71eb384522b5ce4629dee6e8be257fb4880fef3 Mon Sep 17 00:00:00 2001
+From: Benjamin Gaignard
+Date: Thu, 20 Apr 2017 14:25:18 +0200
+
+---
+ Makefile.am | 1 -
+ configure.ac | 9 ---------
+ 2 files changed, 10 deletions(-)
+
+diff --git a/Makefile.am b/Makefile.am
+index e9113c2..2fe3d54 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -2,7 +2,6 @@ SUBDIRS = \
+ src \
+ data \
+ etc \
+- docs \
+ m4macros \
+ tests
+
+diff --git a/configure.ac b/configure.ac
+index 48ee0b2..a1a5fa1 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -194,10 +194,6 @@ AC_SUBST(ADDITIONAL_OBJECTS)
+ AC_PATH_PROG(XSLTPROC, xsltproc, no)
+ AM_CONDITIONAL(HAVE_XSLTPROC, test "x$XSLTPROC" != "xno")
-# Check for asciidoc
-AC_PATH_PROG(A2X, a2x, no)
-AM_CONDITIONAL(HAVE_A2X, test "x$A2X" != "xno")
--if test x"$A2X" = x"no"; then
-- AC_MSG_ERROR([Test for asciidoc failed. See the file 'INSTALL' for help.])
--fi
-
- AC_CONFIG_FILES([
- Makefile
- src/Makefile
+ # checking xmllint
+ AC_PATH_PROG(XMLLINT, xmllint, no)
+ if test "x$XMLLINT" != "xno"; then
+@@ -219,11 +215,6 @@ src/Makefile
data/Makefile
data/templates/Makefile
etc/Makefile
@@ -25,13 +46,3 @@
m4macros/Makefile
tests/Makefile
tests/scripts/Makefile
---- a/Makefile.am 2016-01-01 17:42:27.000000000 +0100
-+++ b/Makefile.am 2017-04-20 14:03:53.842822997 +0200
-@@ -2,7 +2,6 @@
- src \
- data \
- etc \
-- docs \
- m4macros \
- tests
-
diff --git a/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/tinyproxy.service b/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/tinyproxy.service
index ea079f955..df4274573 100644
--- a/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/tinyproxy.service
+++ b/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy/tinyproxy.service
@@ -8,7 +8,7 @@ ExecStartPre=/bin/mkdir -p /var/log/tinyproxy
ExecStartPre=/bin/chown -R nobody.tinyproxy /var/log/tinyproxy
ExecStartPre=/bin/mkdir -p /var/run/tinyproxy
ExecStartPre=/bin/chown -R nobody.tinyproxy /var/run/tinyproxy
-ExecStart=/usr/sbin/tinyproxy -d
+ExecStart=/usr/bin/tinyproxy -d
[Install]
WantedBy=multi-user.target
diff --git a/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy_1.10.0.bb b/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy_1.10.0.bb
new file mode 100644
index 000000000..144dcf33a
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy_1.10.0.bb
@@ -0,0 +1,37 @@
+SUMMARY = "Lightweight http(s) proxy daemon"
+HOMEPAGE = "https://tinyproxy.github.io/"
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe"
+
+SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.gz \
+ file://disable-documentation.patch \
+ file://tinyproxy.service"
+
+SRC_URI[md5sum] = "423047c8dc53a15e19f78e238198549c"
+SRC_URI[sha256sum] = "6020955e6a0ef0ef898ad5bb17a448c47f9e4c003c464b4ae7c4dba063272055"
+
+EXTRA_OECONF += " \
+ --enable-filter \
+ --enable-transparent \
+ --enable-reverse \
+ --enable-upstream \
+ --enable-xtinyproxy \
+ "
+
+inherit autotools systemd useradd
+
+#User specific
+USERADD_PACKAGES = "${PN}"
+USERADD_PARAM_${PN} = "--system --home /dev/null \
+ --no-user-group --gid nogroup tinypoxy"
+
+SYSTEMD_PACKAGES += "${BPN}"
+SYSTEMD_SERVICE_${PN} = "tinyproxy.service"
+SYSTEMD_AUTO_ENABLE_${PN} = "enable"
+
+do_install_append() {
+ if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
+ install -d ${D}${systemd_system_unitdir}
+ install -m 0644 ${WORKDIR}/tinyproxy.service ${D}${systemd_system_unitdir}
+ fi
+}
diff --git a/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy_1.8.4.bb b/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy_1.8.4.bb
deleted file mode 100644
index 98192dc99..000000000
--- a/meta-openembedded/meta-networking/recipes-support/tinyproxy/tinyproxy_1.8.4.bb
+++ /dev/null
@@ -1,38 +0,0 @@
-SUMMARY = "Lightweight http(s) proxy daemon"
-HOMEPAGE = "https://tinyproxy.github.io/"
-LICENSE = "GPLv2"
-LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe"
-
-SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.gz \
- file://disable-documentation.patch \
- file://tinyproxy.service"
-
-SRC_URI[md5sum] = "3b60f7d08e0821ed1a3e2cf1e5778cac"
-SRC_URI[sha256sum] = "8234c879a129feee61efa98bac14a1a3e46e5cf08f01696a216940872aa70faf"
-
-EXTRA_OECONF += " \
- --enable-filter \
- --enable-transparent \
- --disable-regexcheck \
- --enable-reverse \
- --enable-upstream \
- --enable-xtinyproxy \
- "
-
-inherit autotools systemd useradd
-
-#User specific
-USERADD_PACKAGES = "${PN}"
-USERADD_PARAM_${PN} = "--system --home /dev/null \
- --no-user-group --gid nogroup tinypoxy"
-
-SYSTEMD_PACKAGES += "${BPN}"
-SYSTEMD_SERVICE_${PN} = "tinyproxy.service"
-SYSTEMD_AUTO_ENABLE_${PN} = "enable"
-
-do_install_append() {
- if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
- install -d ${D}${systemd_system_unitdir}
- install -m 0644 ${WORKDIR}/tinyproxy.service ${D}${systemd_system_unitdir}
- fi
-}
diff --git a/meta-openembedded/meta-networking/recipes-support/uftp/uftp_4.9.3.bb b/meta-openembedded/meta-networking/recipes-support/uftp/uftp_4.9.3.bb
deleted file mode 100644
index 1166f9a8d..000000000
--- a/meta-openembedded/meta-networking/recipes-support/uftp/uftp_4.9.3.bb
+++ /dev/null
@@ -1,16 +0,0 @@
-DESCRIPTION = "Encrypted UDP based FTP with multicast"
-HOMEPAGE = "https://sourceforge.net/projects/uftp-multicast"
-SECTION = "libs/network"
-
-LICENSE = "GPLv3"
-LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=d32239bcb673463ab874e80d47fae504"
-
-SRC_URI = "${SOURCEFORGE_MIRROR}/uftp-multicast/source-tar/uftp-${PV}.tar.gz"
-SRC_URI[md5sum] = "231d6ba7820d89a712fe7d727ab0f8e6"
-SRC_URI[sha256sum] = "9e9215af0315257c6cc4f40fbc6161057e861be1fff10a38a5564f699e99c78f"
-
-DEPENDS = "openssl"
-
-do_install () {
- oe_runmake install DESTDIR=${D}
-}
diff --git a/meta-openembedded/meta-networking/recipes-support/uftp/uftp_4.9.8.bb b/meta-openembedded/meta-networking/recipes-support/uftp/uftp_4.9.8.bb
new file mode 100644
index 000000000..0bbdd6b1d
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/uftp/uftp_4.9.8.bb
@@ -0,0 +1,16 @@
+DESCRIPTION = "Encrypted UDP based FTP with multicast"
+HOMEPAGE = "https://sourceforge.net/projects/uftp-multicast"
+SECTION = "libs/network"
+
+LICENSE = "GPLv3"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=d32239bcb673463ab874e80d47fae504"
+
+SRC_URI = "${SOURCEFORGE_MIRROR}/uftp-multicast/source-tar/uftp-${PV}.tar.gz"
+SRC_URI[md5sum] = "f7a5affd3000b5aafbb13df49719b6c0"
+SRC_URI[sha256sum] = "e98c6318e497124d777ca71eae752d213207c35de9f782c8bcaaf82ece20e599"
+
+DEPENDS = "openssl"
+
+do_install () {
+ oe_runmake install DESTDIR=${D}
+}
diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/files/libgcrypt.patch b/meta-openembedded/meta-networking/recipes-support/wireshark/files/libgcrypt.patch
deleted file mode 100644
index 2aa58f73c..000000000
--- a/meta-openembedded/meta-networking/recipes-support/wireshark/files/libgcrypt.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-use OR PKG_CONFIG scheme for libgcrypt
-
-Upstream-Status: Inappropriate OE specific
-
-Signed-off-by: Armin Kuster
-
-Index: wireshark-2.4.4/m4/libgcrypt.m4
-===================================================================
---- wireshark-2.4.4.orig/m4/libgcrypt.m4
-+++ wireshark-2.4.4/m4/libgcrypt.m4
-@@ -27,11 +27,11 @@ AC_DEFUN([AM_PATH_LIBGCRYPT],
- libgcrypt_config_prefix="$withval", libgcrypt_config_prefix="")
- if test x$libgcrypt_config_prefix != x ; then
- if test x${LIBGCRYPT_CONFIG+set} != xset ; then
-- LIBGCRYPT_CONFIG=$libgcrypt_config_prefix/bin/libgcrypt-config
-+ LIBGCRYPT_CONFIG=$libgcrypt_config_prefix/libgcrypt.pc
- fi
- fi
-
-- AC_PATH_PROG(LIBGCRYPT_CONFIG, libgcrypt-config, no)
-+ AC_PATH_PROG(LIBGCRYPT_CONFIG, libgcrypt.pc, no)
- tmp=ifelse([$1], ,1:1.2.0,$1)
- if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then
- req_libgcrypt_api=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\1/'`
-@@ -50,7 +50,7 @@ AC_DEFUN([AM_PATH_LIBGCRYPT],
- sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\2/'`
- req_micro=`echo $min_libgcrypt_version | \
- sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\3/'`
-- libgcrypt_config_version=`$LIBGCRYPT_CONFIG --version`
-+ libgcrypt_config_version=`$PKG_CONFIG --modversion libgcrypt`
- major=`echo $libgcrypt_config_version | \
- sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'`
- minor=`echo $libgcrypt_config_version | \
-@@ -82,7 +82,7 @@ AC_DEFUN([AM_PATH_LIBGCRYPT],
- # If we have a recent libgcrypt, we should also check that the
- # API is compatible
- if test "$req_libgcrypt_api" -gt 0 ; then
-- tmp=`$LIBGCRYPT_CONFIG --api-version 2>/dev/null || echo 0`
-+ tmp=`$PKG_CONFIG --api-version libgcrypt 2>/dev/null || echo 0`
- if test "$tmp" -gt 0 ; then
- AC_MSG_CHECKING([LIBGCRYPT API version])
- if test "$req_libgcrypt_api" -eq "$tmp" ; then
-@@ -95,8 +95,8 @@ AC_DEFUN([AM_PATH_LIBGCRYPT],
- fi
- fi
- if test $ok = yes; then
-- LIBGCRYPT_CFLAGS=`$LIBGCRYPT_CONFIG --cflags`
-- LIBGCRYPT_LIBS=`$LIBGCRYPT_CONFIG --libs`
-+ LIBGCRYPT_CFLAGS=`$PKG_CONFIG --cflags libgcrypt`
-+ LIBGCRYPT_LIBS=`$PKG_CONFIG --libs libgcrypt`
- ifelse([$2], , :, [$2])
- else
- LIBGCRYPT_CFLAGS=""
diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark/0001-Add-libm-to-link-for-fmod-API.patch b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark/0001-Add-libm-to-link-for-fmod-API.patch
new file mode 100644
index 000000000..e65ef9b10
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark/0001-Add-libm-to-link-for-fmod-API.patch
@@ -0,0 +1,29 @@
+From 1a6a5d2bcb1adec9ba138c2ebee7bbc994620aff Mon Sep 17 00:00:00 2001
+From: Khem Raj
+Date: Tue, 12 Jun 2018 23:23:44 -0700
+Subject: [PATCH] Add libm to link for fmod() API
+
+fixes
+ld: CMakeFiles/tshark.dir/ui/cli/tap-comparestat.c.o: undefined reference to symbol 'fmod@@GLIBC_2.2.5'
+| /mnt/a/oe/build/tmp/work/core2-64-bec-linux/wireshark/1_2.6.1-r0/recipe-sysroot/lib/libm.so.6: error adding symbols: DSO missing from command line
+
+Signed-off-by: Khem Raj
+---
+ CMakeLists.txt | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 7950e85..acee140 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -2494,6 +2494,7 @@ if(BUILD_tshark)
+ ${LIBEPAN_LIBS}
+ ${APPLE_CORE_FOUNDATION_LIBRARY}
+ ${APPLE_SYSTEM_CONFIGURATION_LIBRARY}
++ m
+ )
+ set(tshark_FILES
+ capture_opts.c
+--
+2.17.1
+
diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.4.8.bb b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.4.8.bb
deleted file mode 100644
index 51a7aa8cd..000000000
--- a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.4.8.bb
+++ /dev/null
@@ -1,73 +0,0 @@
-DESCRIPTION = "wireshark - a popular network protocol analyzer"
-HOMEPAGE = "http://www.wireshark.org"
-SECTION = "net"
-LICENSE = "GPL-2.0"
-LIC_FILES_CHKSUM = "file://COPYING;md5=6e271234ba1a13c6e512e76b94ac2f77"
-
-DEPENDS = "pcre expat glib-2.0 glib-2.0-native libgcrypt libgpg-error"
-
-SRC_URI = "https://1.as.dl.wireshark.org/src/all-versions/${BP}.tar.xz"
-SRC_URI += "file://libgcrypt.patch"
-
-UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src"
-
-SRC_URI[md5sum] = "25f93aa6a2b3fdd9d1f01a49f84d224f"
-SRC_URI[sha256sum] = "db8ed7828c157e4ffb91fb8c41fa5a2f37fd44259175951a5c37848bf641f5e8"
-
-PE = "1"
-
-inherit autotools pkgconfig perlnative upstream-version-is-even
-
-ARM_INSTRUCTION_SET = "arm"
-
-PACKAGECONFIG ?= "libpcap gnutls libnl libcap sbc"
-PACKAGECONFIG += " ${@bb.utils.contains("DISTRO_FEATURES", "x11", "gtk2 graphics", "", d)}"
-
-PACKAGECONFIG[libcap] = "--with-libcap=${STAGING_DIR_HOST}/usr, --with-libcap=no --enable-pcap-ng-default , libcap"
-PACKAGECONFIG[libpcap] = "--with-pcap=${STAGING_DIR_HOST}/usr --with-pcap-remote, --with-pcap=no --enable-pcap-ng-default , libpcap"
-PACKAGECONFIG[libsmi] = "--with-libsmi=yes, --with-libsmi=no, libsmi"
-PACKAGECONFIG[libnl] = "--with-libnl=yes, --with-libnl=no, libnl"
-PACKAGECONFIG[portaudio] = "--with-portaudio=yes, --with-portaudio=no, portaudio-v19"
-PACKAGECONFIG[gtk2] = "--with-gtk=2, , gtk+"
-PACKAGECONFIG[gtk3] = "--with-gtk=3, , gtk+3"
-PACKAGECONFIG[graphics] = "--enable-wireshark, --with-gtk=no --disable-wireshark,"
-PACKAGECONFIG[gnutls] = "--with-gnutls=yes, --with-gnutls=no, gnutls"
-PACKAGECONFIG[ssl] = "--with-ssl=yes, --with-ssl=no, openssl"
-PACKAGECONFIG[krb5] = "--with-krb5=yes, --with-krb5=no, krb5"
-PACKAGECONFIG[lua] = "--with-lua=yes, --with-lua=no, lua"
-PACKAGECONFIG[zlib] = "--with-zlib=yes, --with-zlib=no, zlib"
-PACKAGECONFIG[geoip] = "--with-geoip=yes, --with-geoip=no, geoip"
-PACKAGECONFIG[plugins] = "--with-plugins=yes, --with-plugins=no"
-PACKAGECONFIG[sbc] = "--with-sbc=yes, --with-sbc=no, sbc"
-PACKAGECONFIG[libssh] = "--with-libssh=${STAGING_DIR_HOST}/usr, --with-libssh=no, libssh2"
-PACKAGECONFIG[lz4] = "--with-lz4=${STAGING_DIR_HOST}/usr, --with-lz4=no, lz4"
-
-# these next two options require addional layers
-PACKAGECONFIG[c-ares] = "--with-c-ares=yes, --with-c-ares=no, c-ares"
-
-EXTRA_OECONF += "--with-libgcrypt-prefix=${PKG_CONFIG_DIR} --with-qt=no --enable-tshark --enable-rawshark"
-
-LDFLAGS_append = " -lgpg-error"
-
-# Currently wireshark does not install header files
-do_install_append () {
-
- install -d ${D}/${includedir}/${BPN}
- install -d ${D}/${includedir}/${BPN}/epan
- install -d ${D}/${includedir}/${BPN}/epan/crypt
- install -d ${D}/${includedir}/${BPN}/epan/dfilter
- install -d ${D}/${includedir}/${BPN}/epan/dissectors
- install -d ${D}/${includedir}/${BPN}/epan/ftypes
- install -d ${D}/${includedir}/${BPN}/epan/wmem
-
- install config.h ${D}/${includedir}/${BPN}
- install ${S}/register.h ${D}/${includedir}/${BPN}
- install -D ${S}/epan/*.h ${D}/${includedir}/${BPN}/epan
- install -D ${S}/epan/crypt/*.h ${D}/${includedir}/${BPN}/epan/crypt
- install -D ${S}/epan/dfilter/*.h ${D}/${includedir}/${BPN}/epan/dfilter
- install -D ${S}/epan/dissectors/*.h ${D}/${includedir}/${BPN}/epan/dissectors
- install -D ${S}/epan/ftypes/*.h ${D}/${includedir}/${BPN}/epan/ftypes
- install -D ${S}/epan/wmem/*.h ${D}/${includedir}/${BPN}/epan/wmem
-}
-
-FILES_${PN} += "${datadir}*"
diff --git a/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.6.4.bb b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.6.4.bb
new file mode 100644
index 000000000..595502e76
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/wireshark/wireshark_2.6.4.bb
@@ -0,0 +1,94 @@
+DESCRIPTION = "wireshark - a popular network protocol analyzer"
+HOMEPAGE = "http://www.wireshark.org"
+SECTION = "net"
+LICENSE = "GPL-2.0"
+LIC_FILES_CHKSUM = "file://COPYING;md5=6e271234ba1a13c6e512e76b94ac2f77"
+
+DEPENDS = "pcre expat glib-2.0 glib-2.0-native libgcrypt libgpg-error libxml2 bison-native"
+
+DEPENDS_append_class-target = " wireshark-native chrpath-replacement-native "
+
+SRC_URI = "https://1.as.dl.wireshark.org/src/all-versions/${BP}.tar.xz \
+ file://0001-Add-libm-to-link-for-fmod-API.patch \
+ "
+
+UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src"
+
+SRC_URI[md5sum] = "8aa7b8c8ce0b6ce4256a081493819d6f"
+SRC_URI[sha256sum] = "a06b007e6343f148b8b93443b2fcfc9bb3204311cd268565d54d1b71660bc861"
+
+PE = "1"
+
+inherit cmake pkgconfig pythonnative perlnative upstream-version-is-even
+
+ARM_INSTRUCTION_SET = "arm"
+
+# Options: gtk+, gtk+3 and qt5
+GTK = "gtk+3"
+
+PACKAGECONFIG ?= "libpcap gnutls libnl libcap sbc"
+PACKAGECONFIG_append_class-target = " ${@bb.utils.contains("DISTRO_FEATURES", "x11", " ${GTK}", "", d)}"
+
+PACKAGECONFIG_class-native = "libpcap gnutls ssl libssh"
+
+PACKAGECONFIG[libcap] = "-DENABLE_CAP=ON,-DENABLE_CAP=OFF -DENABLE_PCAP_NG_DEFAULT=ON, libcap"
+PACKAGECONFIG[libpcap] = "-DENABLE_PCAP=ON,-DENABLE_PCAP=OFF -DENABLE_PCAP_NG_DEFAULT=ON , libpcap"
+PACKAGECONFIG[libsmi] = "-DENABLE_SMI=ON,-DENABLE_SMI=OFF,libsmi"
+PACKAGECONFIG[libnl] = ",,libnl"
+PACKAGECONFIG[portaudio] = "-DENABLE_PORTAUDIO=ON,-DENABLE_PORTAUDIO=OFF, portaudio-v19"
+PACKAGECONFIG[gtk+] = "-DENABLE_GTK=ON -DBUILD_wireshark_gtk=ON, -DENABLE_GTK=OFF, gtk+"
+PACKAGECONFIG[gtk+3] = "-DENABLE_GTK3=ON -DBUILD_wireshark_gtk=ON, -DENABLE_GTK3=OFF, gtk+3"
+PACKAGECONFIG[gnutls] = "-DENABLE_GNUTLS=ON,-DENABLE_GNUTLS=OFF, gnutls"
+PACKAGECONFIG[ssl] = ",,openssl"
+PACKAGECONFIG[krb5] = "-DENABLE_KRB5=ON,-DENABLE_KRB5=OFF, krb5"
+PACKAGECONFIG[lua] = "-DENABLE_LUA=ON,-DENABLE_LUA=OFF, lua"
+PACKAGECONFIG[zlib] = "-DENABLE_ZLIB=ON,-DENABLE_ZLIB=OFF, zlib"
+PACKAGECONFIG[geoip] = ",, geoip"
+PACKAGECONFIG[plugins] = "-DENABLE_PLUGINS=ON,-DENABLE_PLUGINS=OFF"
+PACKAGECONFIG[sbc] = "-DENABLE_SBC=ON,-DENABLE_SBC=OFF, sbc"
+PACKAGECONFIG[libssh] = ",,libssh2"
+PACKAGECONFIG[lz4] = "-DENABLE_LZ4=ON,-DENABLE_LZ4=OFF, lz4"
+
+# these next two options require addional layers
+PACKAGECONFIG[c-ares] = "-DENABLE_CARES=ON,-DENABLE_CARES=OFF, c-ares"
+PACKAGECONFIG[qt5] = "-DENABLE_QT5=ON -DBUILD_wireshark=ON, -DENABLE_QT5=OFF -DBUILD_wireshark=OFF, qtbase"
+
+EXTRA_OECMAKE += "-DENABLE_NETLINK=ON \
+ -DBUILD_mmdbresolve=OFF \
+ -DBUILD_randpktdump=OFF \
+ -DBUILD_androiddump=OFF \
+ -DBUILD_dcerpcidl2wrs=OFF \
+ -DM_INCLUDE_DIR=${includedir} \
+ -DM_LIBRARY=${libdir} \
+ "
+CFLAGS_append = " -lm"
+
+do_install_append_class-native() {
+ install -d ${D}${bindir}
+ for f in lemon
+ do
+ install -m 0755 ${B}/run/$f ${D}${bindir}
+ done
+}
+
+do_install_append_class-target() {
+ for f in `find ${D}${libdir} ${D}${bindir} -type f -executable`
+ do
+ chrpath --delete $f
+ done
+}
+
+PACKAGE_BEFORE_PN += "tshark"
+PACKAGE_BEFORE_PN += "${PN}-gtk"
+
+FILES_tshark = "${bindir}/tshark ${mandir}/man1/tshark.*"
+FILES_${PN}-gtk = "${bindir}/wireshark-gtk ${datadir}/icons ${datadir}/appdata \
+ ${datadir}/applications ${datadir}/wireshark ${datadir}/mime \
+ ${mandir}/man1/wireshark.* "
+
+FILES_${PN} += "${datadir}*"
+
+RDEPENDS_tshark = "wireshark"
+RDEPENDS_${PN}-gtk = "${@bb.utils.contains("DISTRO_FEATURES", "x11", "${GTK}", "", d)} wireshark"
+
+BBCLASSEXTEND = "native"
--
cgit v1.2.3