subtree updates

meta-openembedded: 9a52bfc4a6..af11f6ce73: Andreas Müller (4): nautilus: Add a packageconfig for libportal - disabled by default gtk4: upgrade 4.4.0 -> 4.6.2 libadwaita: initial add 1.1.0 gtksourceview5: upgrade 5.2.0 -> 5.4.0 Carlos Rafael Giani (3): libopenmpt: Remove unnecessary python code block pipewire: Upgrade to version 0.3.49 wireplumber: Upgrade to version 0.4.9 Kai Kang (4): wxwidgets: 3.1.4 -> 3.1.5 python3-wxgtk4: add recipe wxwidgets: fix typo mcelog: fix compile error Khem Raj (1): python3-wxgtk4: Use cross prefix with native wx-config Matthias Klein (1): paho-mqtt-c: upgrade 1.3.9 -> 1.3.10 Mingli Yu (1): mariadb: increase MY_AES_CTX_SIZE Potin Lai (4): libimobiledevice-glue: add recipe libimobiledevice-glue: fix undefined bswap error libirecovery: add recipe idevicerestore: add recipe S. Lockwood-Childs (1): python3-evdev: fix host header contamination Yi Zhao (2): strongswan: 5.9.4 -> 5.9.5 libnetfilter-conntrack: upgrade 1.0.8 -> 1.0.9 meta-raspberrypi: c06ae5eacf..31c33d155c: Khem Raj (3): linux-raspberrypi_5.15.bb: Upgrade to 5.15.32 raspberrypi-firmware: Update to match 5.15.32 armstubs: Upgrade to 20211101 poky: 5fe3689f4f..1976521190: Chen Qi (1): gobject-introspection: fix default search path for girdir Daniel Ammann (2): overview-manual: Fix reference ref-manual: Add vfat in list of filesystems supported by kickstart Jagadeesh Krishnanjanappa (1): cmake: support to create per-toolchain cmake file in SDK Khem Raj (2): weston: Add a knob to control simple clients meson: Robustify compiler detection logic Marta Rybczynska (1): doc: migration-3.5: extend the section on inclusive language Michael Halstead (1): releases: update to include 3.4.3 Michael Opdenacker (4): overview-manual: add missing upper case docs: add poky.yaml and sphinx-static/switchers.js to "make clean" manuals: fix quoting of double dashes migration-guides: preliminary description for 3.5 Oleksandr Kravchuk (1): python3: update to 3.10.4 Peter Kjellerstedt (1): ref-manual: Remove references to AVAILABLE_LICENSES Rasmus Villemoes (1): git: make expat and curl into PACKAGECONFIG items Richard Purdie (11): set_versions/switchers: Drop versions shown to the active releases mirrors: Add missing gitsm entries for yocto/oe mirrors base: Don't add duplicates to sys.path base: Clean up module import compatibility code modutils-initscripts: Change license PD -> MIT keymaps: Clean up license handling initscripts: Clean up license handling/identifiers bitbake: cooker: Further fixes to inotify to fix memres bitbake issues bitbake: cooker: Restore sys.path and sys.modules between parses bitbake: cooker: Ensure any existing hashserv connection is closed bitbake: cooker: Avoid error if siggen wasn't setup Ross Burton (24): ref-manual: update Python class documentation buildtools-tarball: include nativesdk-python3-pyyaml image_types: hddimg and iso only work on x86 oeqa/selftest/devtool: ensure Git username is set before upgrade tests oeqa/selftest/wic: use os.rename instead of bb.utils.rename oeqa/selftest/wic: remove redundant asserts oeqa/selftest/wic: clean up only_for_arch decorator oeqa/selftest/wic: don't hardcode kernel image type in test_wic_rm oeqa/selftest/wic: add more arch-specific annotations oeqa/selftest/buildoptions: set PACKAGE_CLASSES in test_arch_work_dir_and_export_source oeqa/runtime/decorator/package.py: remove use of strToSet oeqa/core/decorator: remove redundant code testimage: inline updateTestData() oeqa/core/utils/misc: remove redundant file oeqa/selftest: remove unused imports oeqa/core/decorators/data: improve has_* logic oeqa/selftest: tag tests that use runqemu oeqa: rationalise skipifqemu decorators oeqa/selftest/oescripts: refactor skipping logic oeqa/selftest/wic: cleanup WicTestCase.setUpLocal oeqa/selftest/wic: rearrange tests oeqa/selftest/wic: use os.path.join to join paths oeqa/selftest/wic: use self.td instead of get_bb_var to save on bitbake calls oeqa/selftest: generalise test_devtool_virtual_kernel_modify Simon Kuhnle (1): convert-variable-renames: Fix typo in description Signed-off-by: Patrick Williams <patrick@stwcx.xyz> Change-Id: Ic8359fe5772351a45a3154c6a7f5042a88ff934c
author: Patrick Williams <patrick@stwcx.xyz> 2022-04-02 16:58:32 +0300
committer: Patrick Williams <patrick@stwcx.xyz> 2022-04-04 20:54:11 +0300
commit: 45852739b8823d99a818e714b72961886759fe2e (patch)
tree: 92fc4d26b025440bff29a7b0cbf204c7f5cca151 /meta-openembedded/meta-networking/recipes-support
parent: e9c4c65544ebd9f2c5772936c9fe0552d5e6d5b0 (diff)
download: openbmc-45852739b8823d99a818e714b72961886759fe2e.tar.xz
4 files changed, 94 insertions, 124 deletions
diff --git a/meta-openembedded/meta-networking/recipes-support/strongswan/files/0001-memory.h-Include-stdint.h-for-uintptr_t.patch b/meta-openembedded/meta-networking/recipes-support/strongswan/files/0001-memory.h-Include-stdint.h-for-uintptr_t.patch
deleted file mode 100644
index 2d17507b17..0000000000
--- a/meta-openembedded/meta-networking/recipes-support/strongswan/files/0001-memory.h-Include-stdint.h-for-uintptr_t.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-From 33a53dc13fd924949a582109b45fedd8d0bed59b Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Tue, 27 Jun 2017 07:42:11 -0700
-Subject: [PATCH] memory.h: Include stdint.h for uintptr_t
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
----
- src/libstrongswan/utils/utils/memory.h | 2 ++
- 1 file changed, 2 insertions(+)
-
---- a/src/libstrongswan/utils/utils/memory.h
-+++ b/src/libstrongswan/utils/utils/memory.h
-@@ -26,6 +26,8 @@
- #include <string.h>
- #endif
- 
-+#include <stdint.h>
-+
- /**
-  * Helper function that compares two binary blobs for equality
-  */
diff --git a/meta-openembedded/meta-networking/recipes-support/strongswan/files/0001-openssl-Don-t-unload-providers.patch b/meta-openembedded/meta-networking/recipes-support/strongswan/files/0001-openssl-Don-t-unload-providers.patch
new file mode 100644
index 0000000000..7da48cd2cf
--- /dev/null
+++ b/meta-openembedded/meta-networking/recipes-support/strongswan/files/0001-openssl-Don-t-unload-providers.patch
@@ -0,0 +1,92 @@
+From 3eecd40cec6415fc033f8d9141ab652047e71524 Mon Sep 17 00:00:00 2001
+From: Tobias Brunner <tobias@strongswan.org>
+Date: Wed, 23 Feb 2022 17:29:02 +0100
+Subject: [PATCH] openssl: Don't unload providers
+
+There is a conflict between atexit() handlers registered by OpenSSL and
+some executables (e.g. swanctl or pki) to deinitialize libstrongswan.
+Because plugins are usually loaded after atexit() has been called, the
+handler registered by OpenSSL will run before our handler.  So when the
+latter destroys the plugins it's a bad idea to try to access any OpenSSL
+objects as they might already be invalid.
+
+Fixes: f556fce16b60 ("openssl: Load "legacy" provider in OpenSSL 3 for algorithms like MD4, DES etc.")
+Closes strongswan/strongswan#921
+
+Upstream-Status: Backport
+[https://github.com/strongswan/strongswan/commit/3eecd40cec6415fc033f8d9141ab652047e71524]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ .../plugins/openssl/openssl_plugin.c          | 27 +++----------------
+ 1 file changed, 3 insertions(+), 24 deletions(-)
+
+diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
+index 6b4923649..1491d5cf8 100644
+--- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
++++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
+@@ -16,7 +16,6 @@
+ 
+ #include <library.h>
+ #include <utils/debug.h>
+-#include <collections/array.h>
+ #include <threading/thread.h>
+ #include <threading/mutex.h>
+ #include <threading/thread_value.h>
+@@ -74,13 +73,6 @@ struct private_openssl_plugin_t {
+ 	 * public functions
+ 	 */
+ 	openssl_plugin_t public;
+-
+-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+-	/**
+-	 * Loaded providers
+-	 */
+-	array_t *providers;
+-#endif
+ };
+ 
+ /**
+@@ -887,15 +879,6 @@ METHOD(plugin_t, get_features, int,
+ METHOD(plugin_t, destroy, void,
+ 	private_openssl_plugin_t *this)
+ {
+-#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+-	OSSL_PROVIDER *provider;
+-	while (array_remove(this->providers, ARRAY_TAIL, &provider))
+-	{
+-		OSSL_PROVIDER_unload(provider);
+-	}
+-	array_destroy(this->providers);
+-#endif /* OPENSSL_VERSION_NUMBER */
+-
+ /* OpenSSL 1.1.0 cleans up itself at exit and while OPENSSL_cleanup() exists we
+  * can't call it as we couldn't re-initialize the library (as required by the
+  * unit tests and the Android app) */
+@@ -1009,20 +992,16 @@ plugin_t *openssl_plugin_create()
+ 			DBG1(DBG_LIB, "unable to load OpenSSL FIPS provider");
+ 			return NULL;
+ 		}
+-		array_insert_create(&this->providers, ARRAY_TAIL, fips);
+ 		/* explicitly load the base provider containing encoding functions */
+-		array_insert_create(&this->providers, ARRAY_TAIL,
+-							OSSL_PROVIDER_load(NULL, "base"));
++		OSSL_PROVIDER_load(NULL, "base");
+ 	}
+ 	else if (lib->settings->get_bool(lib->settings, "%s.plugins.openssl.load_legacy",
+ 									 TRUE, lib->ns))
+ 	{
+ 		/* load the legacy provider for algorithms like MD4, DES, BF etc. */
+-		array_insert_create(&this->providers, ARRAY_TAIL,
+-							OSSL_PROVIDER_load(NULL, "legacy"));
++		OSSL_PROVIDER_load(NULL, "legacy");
+ 		/* explicitly load the default provider, as mentioned by crypto(7) */
+-		array_insert_create(&this->providers, ARRAY_TAIL,
+-							OSSL_PROVIDER_load(NULL, "default"));
++		OSSL_PROVIDER_load(NULL, "default");
+ 	}
+ 	ossl_provider_names_t data = {};
+ 	OSSL_PROVIDER_do_all(NULL, concat_ossl_providers, &data);
+-- 
+2.25.1
+
diff --git a/meta-openembedded/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch b/meta-openembedded/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch
deleted file mode 100644
index 5945507bf1..0000000000
--- a/meta-openembedded/meta-networking/recipes-support/strongswan/files/fix-funtion-parameter.patch
+++ /dev/null
@@ -1,99 +0,0 @@
-From 9f97479373f3fceedc471074b81486d77a49618d Mon Sep 17 00:00:00 2001
-From: "Roy.Li" <rongqing.li@windriver.com>
-Date: Tue, 4 Mar 2014 14:38:42 +0800
-Subject: [PATCH] fix the function parameter
-
-Upstream-Status: Pending
-
-Original openssl_diffie_hellman_create has three parameters, but
-it is reassigned a function pointer which has one parameter, and
-is called with one parameter, which will lead to segment fault
-on PPC, Now we simply correct the number of parameters.
-
-    #0  0x484d4aa0 in __GI_raise (sig=6)
-         at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
-    #1  0x484d9930 in __GI_abort () at abort.c:91
-    #2  0x10002064 in segv_handler (signal=11) at charon.c:224
-    #3  <signal handler called>
-    #4  0x48d89630 in openssl_diffie_hellman_create (group=MODP_1024_BIT, g=...,
-         p=<error reading variable: Cannot access memory at address 0x0>)
-         at openssl_diffie_hellman.c:143
-    #5  0x482c54f8 in create_dh (this=0x11ac6e68, group=MODP_1024_BIT)
-         at crypto/crypto_factory.c:358
-    #6  0x48375884 in create_dh (this=<optimized out>, group=<optimized out>)
-         at sa/keymat.c:132
-    #7  0x483843b8 in process_payloads (this=0x51400a78, message=<optimized
-    out>)
-         at sa/tasks/ike_init.c:200
-    #8  0x483844d0 in process_r (this=0x51400a78, message=0x51500778)
-         at sa/tasks/ike_init.c:319
-    #9  0x48374c9c in process_request (message=0x51500778, this=0x51400d20)
-         at sa/task_manager.c:870
-    #10 process_message (this=0x51400d20, msg=0x51500778) at
-    sa/task_manager.c:925
-    #11 0x4836c378 in process_message (this=0x514005f0, message=0x51500778)
-         at sa/ike_sa.c:1317
-    #12 0x48362270 in execute (this=0x515008d0)
-         at processing/jobs/process_message_job.c:74
-
-Signed-off-by: Roy.Li <rongqing.li@windriver.com>
-
----
- src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c | 8 +++++++-
- src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h | 4 +++-
- src/libstrongswan/plugins/openssl/openssl_plugin.c         | 1 +
- 3 files changed, 11 insertions(+), 2 deletions(-)
-
-diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
-index 8e9c118..a73b038 100644
---- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
-+++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
-@@ -192,7 +192,7 @@ METHOD(diffie_hellman_t, destroy, void,
- /*
-  * Described in header.
-  */
--openssl_diffie_hellman_t *openssl_diffie_hellman_create(
-+openssl_diffie_hellman_t *openssl_diffie_hellman_create_custom(
- 											diffie_hellman_group_t group, ...)
- {
- 	private_openssl_diffie_hellman_t *this;
-@@ -255,5 +255,11 @@ openssl_diffie_hellman_t *openssl_diffie_hellman_create(
- 	DBG2(DBG_LIB, "size of DH secret exponent: %d bits", BN_num_bits(privkey));
- 	return &this->public;
- }
-+openssl_diffie_hellman_t *openssl_diffie_hellman_create( diffie_hellman_group_t group)
-+{
-+	chunk_t g;
-+	chunk_t p;
-+	openssl_diffie_hellman_create_custom(group, g, p);
-+}
- 
- #endif /* OPENSSL_NO_DH */
-diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h
-index 5de5520..22586e0 100644
---- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h
-+++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h
-@@ -43,8 +43,10 @@ struct openssl_diffie_hellman_t {
-  * @param ...			expects generator and prime as chunk_t if MODP_CUSTOM
-  * @return				openssl_diffie_hellman_t object, NULL if not supported
-  */
--openssl_diffie_hellman_t *openssl_diffie_hellman_create(
-+openssl_diffie_hellman_t *openssl_diffie_hellman_create_custom(
- 											diffie_hellman_group_t group, ...);
-+openssl_diffie_hellman_t *openssl_diffie_hellman_create(
-+							diffie_hellman_group_t group);
- 
- #endif /** OPENSSL_DIFFIE_HELLMAN_H_ @}*/
- 
-diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c
-index 8b0a7c5..114d575 100644
---- a/src/libstrongswan/plugins/openssl/openssl_plugin.c
-+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c
-@@ -609,6 +609,7 @@ METHOD(plugin_t, get_features, int,
- 			PLUGIN_PROVIDE(DH, MODP_1024_BIT),
- 			PLUGIN_PROVIDE(DH, MODP_1024_160),
- 			PLUGIN_PROVIDE(DH, MODP_768_BIT),
-+		PLUGIN_REGISTER(DH, openssl_diffie_hellman_create_custom),
- 			PLUGIN_PROVIDE(DH, MODP_CUSTOM),
- #endif
- #ifndef OPENSSL_NO_RSA
diff --git a/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.4.bb b/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.5.bb
index babfe17d29..cfb7b41fa4 100644
--- a/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.4.bb
+++ b/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.5.bb
@@ -9,11 +9,10 @@ DEPENDS = "flex-native flex bison-native"
 DEPENDS:append = "${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', '  tpm2-tss', '', d)}"
 
 SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2 \
-           file://fix-funtion-parameter.patch \
-           file://0001-memory.h-Include-stdint.h-for-uintptr_t.patch \
+           file://0001-openssl-Don-t-unload-providers.patch \
            "
 
-SRC_URI[sha256sum] = "45fdf1a4c2af086d8ff5b76fd7b21d3b6f0890f365f83bf4c9a75dda26887518"
+SRC_URI[sha256sum] = "983e4ef4a4c6c9d69f5fe6707c7fe0b2b9a9291943bbf4e008faab6bf91c0bdd"
 
 UPSTREAM_CHECK_REGEX = "strongswan-(?P<pver>\d+(\.\d+)+)\.tar"
author	Patrick Williams <patrick@stwcx.xyz>	2022-04-02 16:58:32 +0300
committer	Patrick Williams <patrick@stwcx.xyz>	2022-04-04 20:54:11 +0300
commit	45852739b8823d99a818e714b72961886759fe2e (patch)
tree	92fc4d26b025440bff29a7b0cbf204c7f5cca151 /meta-openembedded/meta-networking/recipes-support
parent	e9c4c65544ebd9f2c5772936c9fe0552d5e6d5b0 (diff)
download	openbmc-45852739b8823d99a818e714b72961886759fe2e.tar.xz