summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
diff options
context:
space:
mode:
authorTudor Florea <tudor.florea@enea.com>2015-10-09 20:59:03 (GMT)
committerTudor Florea <tudor.florea@enea.com>2015-10-09 20:59:03 (GMT)
commit972dcfcdbfe75dcfeb777150c136576cf1a71e99 (patch)
tree97a61cd7e293d7ae9d56ef7ed0f81253365bb026 /meta/recipes-connectivity
downloadpoky-972dcfcdbfe75dcfeb777150c136576cf1a71e99.tar.gz
initial commit for Enea Linux 5.0 arm
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Diffstat (limited to 'meta/recipes-connectivity')
-rw-r--r--meta/recipes-connectivity/avahi/avahi-ui_0.6.31.bb72
-rw-r--r--meta/recipes-connectivity/avahi/avahi.inc158
-rw-r--r--meta/recipes-connectivity/avahi/avahi_0.6.31.bb22
-rw-r--r--meta/recipes-connectivity/avahi/files/0001-avahi-fix-avahi-status-command-error-prompt.patch52
-rw-r--r--meta/recipes-connectivity/avahi/files/00avahi-autoipd10
-rw-r--r--meta/recipes-connectivity/avahi/files/99avahi-autoipd10
-rw-r--r--meta/recipes-connectivity/avahi/files/avahi_fix_install_issue.patch32
-rw-r--r--meta/recipes-connectivity/avahi/files/fix_for_automake_1.12.x.patch34
-rw-r--r--meta/recipes-connectivity/avahi/files/initscript.patch41
-rw-r--r--meta/recipes-connectivity/avahi/files/out-of-tree.patch32
-rw-r--r--meta/recipes-connectivity/avahi/files/reuseport-check.patch30
-rw-r--r--meta/recipes-connectivity/bind/bind/bind-9.8.1-CVE-2012-5166.patch119
-rw-r--r--meta/recipes-connectivity/bind/bind/bind-CVE-2011-4313.patch89
-rw-r--r--meta/recipes-connectivity/bind/bind/bind-CVE-2012-1667.patch92
-rw-r--r--meta/recipes-connectivity/bind/bind/bind-CVE-2012-3817.patch40
-rw-r--r--meta/recipes-connectivity/bind/bind/bind-CVE-2013-2266.patch41
-rw-r--r--meta/recipes-connectivity/bind/bind/bind-Fix-CVE-2012-4244.patch141
-rw-r--r--meta/recipes-connectivity/bind/bind/bind92
-rw-r--r--meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2014-8500.patch990
-rw-r--r--meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2015-5477.patch45
-rw-r--r--meta/recipes-connectivity/bind/bind/conf.patch314
-rw-r--r--meta/recipes-connectivity/bind/bind/cross-build-fix.patch21
-rw-r--r--meta/recipes-connectivity/bind/bind/dont-test-on-host.patch17
-rw-r--r--meta/recipes-connectivity/bind/bind/generate-rndc-key.sh7
-rw-r--r--meta/recipes-connectivity/bind/bind/init.d-add-support-for-read-only-rootfs.patch65
-rw-r--r--meta/recipes-connectivity/bind/bind/make-etc-initd-bind-stop-work.patch42
-rw-r--r--meta/recipes-connectivity/bind/bind/mips1-not-support-opcode.diff104
-rw-r--r--meta/recipes-connectivity/bind/bind/named.service22
-rw-r--r--meta/recipes-connectivity/bind/bind_9.9.5.bb99
-rw-r--r--meta/recipes-connectivity/bluez/bluez-hcidump-2.5/obsolete_automake_macros.patch14
-rw-r--r--meta/recipes-connectivity/bluez/bluez-hcidump_2.5.bb22
-rw-r--r--meta/recipes-connectivity/bluez/bluez4-4.101/bluetooth.conf16
-rw-r--r--meta/recipes-connectivity/bluez/bluez4-4.101/fix-udev-paths.patch37
-rw-r--r--meta/recipes-connectivity/bluez/bluez4-4.101/install-test-script.patch26
-rw-r--r--meta/recipes-connectivity/bluez/bluez4-4.101/network-fix-network-Connect-method-parameters.patch30
-rw-r--r--meta/recipes-connectivity/bluez/bluez4-4.101/obsolete_automake_macros.patch14
-rw-r--r--meta/recipes-connectivity/bluez/bluez4-4.101/sbc_mmx.patch24
-rw-r--r--meta/recipes-connectivity/bluez/bluez4-4.101/use-legacy-pygobject-instead-ofgobject-introspection.patch27
-rw-r--r--meta/recipes-connectivity/bluez/bluez4.inc46
-rw-r--r--meta/recipes-connectivity/bluez/bluez4_4.101.bb46
-rw-r--r--meta/recipes-connectivity/bluez/gst-plugin-bluetooth_4.101.bb38
-rw-r--r--meta/recipes-connectivity/bluez5/bluez5.inc79
-rw-r--r--meta/recipes-connectivity/bluez5/bluez5/bluetooth.conf17
-rw-r--r--meta/recipes-connectivity/bluez5/bluez5_5.22.bb3
-rw-r--r--meta/recipes-connectivity/connman/connman-conf.bb24
-rw-r--r--meta/recipes-connectivity/connman/connman-conf/qemuall/wired-setup16
-rw-r--r--meta/recipes-connectivity/connman/connman-conf/qemuall/wired.config9
-rw-r--r--meta/recipes-connectivity/connman/connman-gnome/0001-Removed-icon-from-connman-gnome-about-applet.patch35
-rw-r--r--meta/recipes-connectivity/connman/connman-gnome/connman-gnome-fix-dbus-interface-name.patch186
-rw-r--r--meta/recipes-connectivity/connman/connman-gnome/images/connman-signal-01.pngbin0 -> 490 bytes
-rw-r--r--meta/recipes-connectivity/connman/connman-gnome/images/connman-signal-02.pngbin0 -> 496 bytes
-rw-r--r--meta/recipes-connectivity/connman/connman-gnome/images/connman-signal-03.pngbin0 -> 492 bytes
-rw-r--r--meta/recipes-connectivity/connman/connman-gnome/images/connman-signal-04.pngbin0 -> 470 bytes
-rw-r--r--meta/recipes-connectivity/connman/connman-gnome/images/connman-signal-05.pngbin0 -> 419 bytes
-rw-r--r--meta/recipes-connectivity/connman/connman-gnome/null_check_for_ipv4_config.patch36
-rw-r--r--meta/recipes-connectivity/connman/connman-gnome_0.7.bb28
-rw-r--r--meta/recipes-connectivity/connman/connman.inc215
-rw-r--r--meta/recipes-connectivity/connman/connman/0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch35
-rw-r--r--meta/recipes-connectivity/connman/connman/add_xuser_dbus_permission.patch21
-rw-r--r--meta/recipes-connectivity/connman/connman/connman83
-rw-r--r--meta/recipes-connectivity/connman/connman_1.25.bb11
-rw-r--r--meta/recipes-connectivity/dhcp/dhcp.inc115
-rw-r--r--meta/recipes-connectivity/dhcp/dhcp/dhclient-script-drop-resolv.conf.dhclient.patch70
-rw-r--r--meta/recipes-connectivity/dhcp/dhcp/dhcp-3.0.3-dhclient-dbus.patch86
-rw-r--r--meta/recipes-connectivity/dhcp/dhcp/fix-external-bind.patch112
-rw-r--r--meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch90
-rw-r--r--meta/recipes-connectivity/dhcp/dhcp/link-with-lcrypto.patch25
-rw-r--r--meta/recipes-connectivity/dhcp/dhcp/replace-ifconfig-route.patch176
-rw-r--r--meta/recipes-connectivity/dhcp/dhcp/site.h21
-rw-r--r--meta/recipes-connectivity/dhcp/dhcp_4.3.0.bb12
-rw-r--r--meta/recipes-connectivity/dhcp/files/default-relay12
-rw-r--r--meta/recipes-connectivity/dhcp/files/default-server7
-rw-r--r--meta/recipes-connectivity/dhcp/files/dhclient.conf50
-rw-r--r--meta/recipes-connectivity/dhcp/files/dhcpd.conf108
-rw-r--r--meta/recipes-connectivity/dhcp/files/dhcpd.service11
-rw-r--r--meta/recipes-connectivity/dhcp/files/dhcrelay.service9
-rw-r--r--meta/recipes-connectivity/dhcp/files/init-relay44
-rw-r--r--meta/recipes-connectivity/dhcp/files/init-server44
-rw-r--r--meta/recipes-connectivity/iproute2/iproute2.inc38
-rw-r--r--meta/recipes-connectivity/iproute2/iproute2/0001-ip-link-Remove-unnecessary-device-checking.patch34
-rw-r--r--meta/recipes-connectivity/iproute2/iproute2/0001-iproute2-de-bash-scripts.patch64
-rw-r--r--meta/recipes-connectivity/iproute2/iproute2/configure-cross.patch32
-rw-r--r--meta/recipes-connectivity/iproute2/iproute2_3.16.0.bb13
-rwxr-xr-xmeta/recipes-connectivity/irda-utils/irda-utils-0.9.18/init78
-rw-r--r--meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/ldflags.patch75
-rw-r--r--meta/recipes-connectivity/irda-utils/irda-utils_0.9.18.bb47
-rw-r--r--meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb38
-rw-r--r--meta/recipes-connectivity/libpcap/libpcap.inc41
-rw-r--r--meta/recipes-connectivity/libpcap/libpcap/aclocal.patch167
-rw-r--r--meta/recipes-connectivity/libpcap/libpcap_1.6.1.bb22
-rw-r--r--meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb12
-rw-r--r--meta/recipes-connectivity/neard/neard.inc59
-rw-r--r--meta/recipes-connectivity/neard/neard/Makefile.am-fix-parallel-issue.patch33
-rw-r--r--meta/recipes-connectivity/neard/neard/neard.in54
-rw-r--r--meta/recipes-connectivity/neard/neard/neard.service.in13
-rw-r--r--meta/recipes-connectivity/neard/neard/parallel-build.patch40
-rw-r--r--meta/recipes-connectivity/neard/neard_0.14.bb11
-rw-r--r--meta/recipes-connectivity/nfs-utils/files/Set_nobody_user_group.patch18
-rw-r--r--meta/recipes-connectivity/nfs-utils/files/fix-ac-prereq.patch13
-rw-r--r--meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb24
-rw-r--r--meta/recipes-connectivity/nfs-utils/nfs-utils/0001-configure-Allow-to-explicitly-disable-nfsidmap.patch43
-rw-r--r--meta/recipes-connectivity/nfs-utils/nfs-utils/0001-statd-fixed-the-with-statdpath-flag.patch41
-rw-r--r--meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-mountd.service11
-rw-r--r--meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-server.service18
-rw-r--r--meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-statd.service12
-rw-r--r--meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-1.0.6-uclibc.patch27
-rw-r--r--meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-1.2.3-sm-notify-res_init.patch36
-rw-r--r--meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-Do-not-pass-CFLAGS-to-gcc-while-building.patch42
-rw-r--r--meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils.conf35
-rw-r--r--meta/recipes-connectivity/nfs-utils/nfs-utils/nfscommon63
-rw-r--r--meta/recipes-connectivity/nfs-utils/nfs-utils/nfsserver129
-rw-r--r--meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.0.bb116
-rw-r--r--meta/recipes-connectivity/ofono/ofono.inc33
-rw-r--r--meta/recipes-connectivity/ofono/ofono/Revert-test-Convert-to-Python-3.patch1270
-rw-r--r--meta/recipes-connectivity/ofono/ofono/ofono42
-rw-r--r--meta/recipes-connectivity/ofono/ofono_1.15.bb12
-rw-r--r--meta/recipes-connectivity/ofono/ofono_git.bb14
-rw-r--r--meta/recipes-connectivity/openssh/files/add-test-support-for-busybox.patch61
-rwxr-xr-xmeta/recipes-connectivity/openssh/files/run-ptest7
-rw-r--r--meta/recipes-connectivity/openssh/openssh/add-test-support-for-busybox.patch61
-rw-r--r--meta/recipes-connectivity/openssh/openssh/auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch30
-rw-r--r--meta/recipes-connectivity/openssh/openssh/init115
-rw-r--r--meta/recipes-connectivity/openssh/openssh/nostrip.patch20
-rw-r--r--meta/recipes-connectivity/openssh/openssh/openssh-CVE-2011-4327.patch29
-rw-r--r--meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2532.patch22
-rw-r--r--meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2653.patch114
-rw-r--r--meta/recipes-connectivity/openssh/openssh/openssh-ptest-fix-sshconnect.patch57
-rwxr-xr-xmeta/recipes-connectivity/openssh/openssh/run-ptest7
-rw-r--r--meta/recipes-connectivity/openssh/openssh/ssh_config46
-rw-r--r--meta/recipes-connectivity/openssh/openssh/sshd10
-rw-r--r--meta/recipes-connectivity/openssh/openssh/sshd.socket10
-rw-r--r--meta/recipes-connectivity/openssh/openssh/sshd@.service11
-rw-r--r--meta/recipes-connectivity/openssh/openssh/sshd_config119
-rw-r--r--meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service10
-rw-r--r--meta/recipes-connectivity/openssh/openssh/volatiles.99_sshd2
-rw-r--r--meta/recipes-connectivity/openssh/openssh_6.6p1.bb151
-rw-r--r--meta/recipes-connectivity/openssl/openssl.inc204
-rw-r--r--meta/recipes-connectivity/openssl/openssl/Makefiles-ptest.patch75
-rw-r--r--meta/recipes-connectivity/openssl/openssl/configure-targets.patch34
-rw-r--r--meta/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch45
-rw-r--r--meta/recipes-connectivity/openssl/openssl/debian/ca.patch22
-rw-r--r--meta/recipes-connectivity/openssl/openssl/debian/debian-targets.patch66
-rw-r--r--meta/recipes-connectivity/openssl/openssl/debian/make-targets.patch15
-rw-r--r--meta/recipes-connectivity/openssl/openssl/debian/man-dir.patch15
-rw-r--r--meta/recipes-connectivity/openssl/openssl/debian/man-section.patch34
-rw-r--r--meta/recipes-connectivity/openssl/openssl/debian/no-rpath.patch15
-rw-r--r--meta/recipes-connectivity/openssl/openssl/debian/no-symbolic.patch15
-rw-r--r--meta/recipes-connectivity/openssl/openssl/debian/pic.patch177
-rw-r--r--meta/recipes-connectivity/openssl/openssl/debian/version-script.patch4670
-rw-r--r--meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch56
-rw-r--r--meta/recipes-connectivity/openssl/openssl/find.pl54
-rw-r--r--meta/recipes-connectivity/openssl/openssl/fix-cipher-des-ede3-cfb1.patch25
-rw-r--r--meta/recipes-connectivity/openssl/openssl/initial-aarch64-bits.patch141
-rw-r--r--meta/recipes-connectivity/openssl/openssl/oe-ldflags.patch24
-rw-r--r--meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch24
-rw-r--r--meta/recipes-connectivity/openssl/openssl/openssl-fix-des.pod-error.patch19
-rw-r--r--meta/recipes-connectivity/openssl/openssl/openssl_fix_for_x32.patch97
-rw-r--r--meta/recipes-connectivity/openssl/openssl/ptest-deps.patch30
-rw-r--r--meta/recipes-connectivity/openssl/openssl/run-ptest2
-rw-r--r--meta/recipes-connectivity/openssl/openssl/shared-libs.patch41
-rw-r--r--meta/recipes-connectivity/openssl/openssl_1.0.1p.bb55
-rw-r--r--meta/recipes-connectivity/portmap/portmap-6.0/destdir-no-strip.patch46
-rw-r--r--meta/recipes-connectivity/portmap/portmap-6.0/tcpd-config.patch30
-rw-r--r--meta/recipes-connectivity/portmap/portmap.inc34
-rwxr-xr-xmeta/recipes-connectivity/portmap/portmap/portmap.init67
-rw-r--r--meta/recipes-connectivity/portmap/portmap/portmap.service10
-rw-r--r--meta/recipes-connectivity/portmap/portmap_6.0.bb31
-rw-r--r--meta/recipes-connectivity/ppp-dialin/files/host-peer11
-rw-r--r--meta/recipes-connectivity/ppp-dialin/files/ppp-dialin3
-rw-r--r--meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb26
-rw-r--r--meta/recipes-connectivity/ppp/ppp/0001-ppp-Fix-compilation-errors-in-Makefile.patch75
-rw-r--r--meta/recipes-connectivity/ppp/ppp/08setupdns12
-rw-r--r--meta/recipes-connectivity/ppp/ppp/92removedns5
-rw-r--r--meta/recipes-connectivity/ppp/ppp/cifdefroute.patch292
-rw-r--r--meta/recipes-connectivity/ppp/ppp/copts.patch21
-rw-r--r--meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch29
-rwxr-xr-xmeta/recipes-connectivity/ppp/ppp/init57
-rwxr-xr-xmeta/recipes-connectivity/ppp/ppp/ip-down43
-rwxr-xr-xmeta/recipes-connectivity/ppp/ppp/ip-up44
-rw-r--r--meta/recipes-connectivity/ppp/ppp/makefile-remove-hard-usr-reference.patch37
-rw-r--r--meta/recipes-connectivity/ppp/ppp/makefile.patch95
-rw-r--r--meta/recipes-connectivity/ppp/ppp/pap22
-rw-r--r--meta/recipes-connectivity/ppp/ppp/poff26
-rw-r--r--meta/recipes-connectivity/ppp/ppp/pon9
-rw-r--r--meta/recipes-connectivity/ppp/ppp/ppp@.service9
-rw-r--r--meta/recipes-connectivity/ppp/ppp/ppp_on_boot21
-rw-r--r--meta/recipes-connectivity/ppp/ppp/pppd-resolv-varrun.patch45
-rw-r--r--meta/recipes-connectivity/ppp/ppp/provider35
-rw-r--r--meta/recipes-connectivity/ppp/ppp_2.4.6.bb93
-rw-r--r--meta/recipes-connectivity/resolvconf/resolvconf/99_resolvconf4
-rw-r--r--meta/recipes-connectivity/resolvconf/resolvconf/fix-path-for-busybox.patch19
-rw-r--r--meta/recipes-connectivity/resolvconf/resolvconf_1.75.bb64
-rw-r--r--meta/recipes-connectivity/socat/socat/fix-cross-compiling-failed.patch36
-rw-r--r--meta/recipes-connectivity/socat/socat_1.7.2.4.bb38
-rw-r--r--meta/recipes-connectivity/telepathy/libtelepathy/doublefix.patch18
-rw-r--r--meta/recipes-connectivity/telepathy/libtelepathy/prefer_python_2.5.patch15
-rw-r--r--meta/recipes-connectivity/telepathy/libtelepathy_0.3.3.bb23
-rw-r--r--meta/recipes-connectivity/telepathy/telepathy-glib_0.24.0.bb16
-rw-r--r--meta/recipes-connectivity/telepathy/telepathy-idle/fix-svc-gtk-doc.h-target.patch15
-rw-r--r--meta/recipes-connectivity/telepathy/telepathy-idle_0.2.0.bb17
-rw-r--r--meta/recipes-connectivity/telepathy/telepathy-mission-control/tmc-Makefile-fix-race.patch76
-rw-r--r--meta/recipes-connectivity/telepathy/telepathy-mission-control_5.16.1.bb51
-rw-r--r--meta/recipes-connectivity/telepathy/telepathy-python-0.15.19/parallel_make.patch43
-rw-r--r--meta/recipes-connectivity/telepathy/telepathy-python-0.15.19/remove_duplicate_install.patch26
-rw-r--r--meta/recipes-connectivity/telepathy/telepathy-python-0.15.19/telepathy-python_fix_for_automake_1.12.patch26
-rw-r--r--meta/recipes-connectivity/telepathy/telepathy-python_0.15.19.bb32
-rw-r--r--meta/recipes-connectivity/wireless-tools/wireless-tools/avoid_strip.patch21
-rw-r--r--meta/recipes-connectivity/wireless-tools/wireless-tools/ldflags.patch22
-rw-r--r--meta/recipes-connectivity/wireless-tools/wireless-tools/man.patch15
-rw-r--r--meta/recipes-connectivity/wireless-tools/wireless-tools/remove.ldconfig.call.patch19
-rwxr-xr-xmeta/recipes-connectivity/wireless-tools/wireless-tools/wireless-tools.if-pre-up122
-rw-r--r--meta/recipes-connectivity/wireless-tools/wireless-tools/zzz-wireless.if-pre-up34
-rw-r--r--meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb56
-rw-r--r--meta/recipes-connectivity/wpa-supplicant/wpa-supplicant.inc107
-rw-r--r--meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/99_wpa_supplicant1
-rw-r--r--meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/defconfig552
-rw-r--r--meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/fix-libnl3-host-contamination.patch42
-rw-r--r--meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/wpa-supplicant.sh85
-rw-r--r--meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/wpa_supplicant.conf690
-rw-r--r--meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/wpa_supplicant.conf-sane7
-rw-r--r--meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.2.bb2
221 files changed, 18102 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/avahi/avahi-ui_0.6.31.bb b/meta/recipes-connectivity/avahi/avahi-ui_0.6.31.bb
new file mode 100644
index 0000000..eea4d70
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/avahi-ui_0.6.31.bb
@@ -0,0 +1,72 @@
1LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \
2 file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \
3 file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \
4 file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \
5 file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf"
6
7require avahi.inc
8
9inherit python-dir pythonnative
10
11PACKAGECONFIG ??= "python"
12PACKAGECONFIG[python] = "--enable-python,--disable-python,python-native python"
13
14PR = "${INC_PR}.0"
15
16SRC_URI[md5sum] = "2f22745b8f7368ad5a0a3fddac343f2d"
17SRC_URI[sha256sum] = "8372719b24e2dd75de6f59bb1315e600db4fd092805bd1201ed0cb651a2dab48"
18
19DEPENDS += "avahi gtk+ libglade"
20
21AVAHI_GTK = "--enable-gtk --disable-gtk3"
22
23S = "${WORKDIR}/avahi-${PV}"
24
25PACKAGES = "${PN} ${PN}-utils ${PN}-dbg ${PN}-dev ${PN}-staticdev ${PN}-doc python-avahi avahi-discover avahi-discover-standalone"
26
27FILES_${PN} = "${libdir}/libavahi-ui*.so.*"
28FILES_${PN}-dbg += "${libdir}/.debug/libavah-ui*"
29FILES_${PN}-dev += "${libdir}/libavahi-ui${SOLIBSDEV}"
30FILES_${PN}-staticdev += "${libdir}/libavahi-ui.a"
31
32FILES_${PN}-utils = "${bindir}/b* ${datadir}/applications/b*"
33
34FILES_python-avahi = "${PYTHON_SITEPACKAGES_DIR}/avahi ${PYTHON_SITEPACKAGES_DIR}/avahi_discover"
35FILES_avahi-discover = "${bindir}/avahi-discover \
36 ${datadir}/applications/avahi-discover.desktop \
37 ${datadir}/avahi/interfaces/avahi-discover*"
38FILES_avahi-discover-standalone = "${bindir}/avahi-discover-standalone \
39 ${datadir}/avahi/interfaces/avahi-discover.glade"
40
41RDEPENDS_avahi-discover = "python-avahi python-pygtk"
42RDEPENDS_python-avahi = "python-core python-dbus"
43
44
45do_install_append () {
46 rm ${D}${sysconfdir} -rf
47 rm ${D}${base_libdir} -rf
48 rm ${D}${systemd_unitdir} -rf
49 # The ${systemd_unitdir} is /lib/systemd, so we need rmdir /lib,
50 # but not ${base_libdir} here. And the /lib may not exist
51 # whithout systemd.
52 [ ! -d ${D}/lib ] || rmdir ${D}/lib --ignore-fail-on-non-empty
53 rm ${D}${bindir}/avahi-b*
54 rm ${D}${bindir}/avahi-p*
55 rm ${D}${bindir}/avahi-r*
56 rm ${D}${bindir}/avahi-s*
57 rm ${D}${includedir}/avahi-c* -rf
58 rm ${D}${includedir}/avahi-g* -rf
59 rm ${D}${libdir}/libavahi-c*
60 rm ${D}${libdir}/libavahi-g*
61 rm ${D}${libdir}/pkgconfig/avahi-c*
62 rm ${D}${libdir}/pkgconfig/avahi-g*
63 rm ${D}${sbindir} -rf
64 rm ${D}${datadir}/avahi/a*
65 rm ${D}${datadir}/avahi/s*
66 rm ${D}${datadir}/locale/ -rf
67 rm ${D}${datadir}/dbus* -rf
68 rm ${D}${mandir}/man1/a*
69 rm ${D}${mandir}/man5 -rf
70 rm ${D}${mandir}/man8 -rf
71}
72
diff --git a/meta/recipes-connectivity/avahi/avahi.inc b/meta/recipes-connectivity/avahi/avahi.inc
new file mode 100644
index 0000000..b060437
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/avahi.inc
@@ -0,0 +1,158 @@
1SUMMARY = "Avahi IPv4LL network address configuration daemon"
2DESCRIPTION = 'Avahi is a fully LGPL framework for Multicast DNS Service Discovery. It \
3allows programs to publish and discover services and hosts running on a local network \
4with no specific configuration. This tool implements IPv4LL, "Dynamic Configuration of \
5IPv4 Link-Local Addresses" (IETF RFC3927), a protocol for automatic IP address \
6configuration from the link-local 169.254.0.0/16 range without the need for a central \
7server.'
8AUTHOR = "Lennart Poettering <lennart@poettering.net>"
9HOMEPAGE = "http://avahi.org"
10BUGTRACKER = "http://avahi.org/report"
11SECTION = "network"
12
13# major part is under LGPLv2.1+, but several .dtd, .xsl, initscripts and
14# python scripts are under GPLv2+
15LICENSE = "GPLv2+ & LGPLv2.1+"
16
17INC_PR = "r11"
18
19DEPENDS = "expat libcap libdaemon dbus glib-2.0"
20
21SRC_URI = "http://avahi.org/download/avahi-${PV}.tar.gz \
22 file://00avahi-autoipd \
23 file://99avahi-autoipd \
24 file://initscript.patch \
25 file://avahi_fix_install_issue.patch \
26 file://fix_for_automake_1.12.x.patch \
27 file://out-of-tree.patch \
28 file://0001-avahi-fix-avahi-status-command-error-prompt.patch \
29 file://reuseport-check.patch \
30 "
31
32USERADD_PACKAGES = "avahi-daemon avahi-autoipd"
33USERADD_PARAM_avahi-daemon = "--system --home /var/run/avahi-daemon \
34 --no-create-home --shell /bin/false \
35 --user-group avahi"
36
37USERADD_PARAM_avahi-autoipd = "--system --home /var/run/avahi-autoipd \
38 --no-create-home --shell /bin/false \
39 --user-group \
40 -c \"Avahi autoip daemon\" \
41 avahi-autoipd"
42
43inherit autotools pkgconfig update-rc.d gettext useradd
44
45EXTRA_OECONF = "--disable-introspection \
46 --with-avahi-priv-access-group=adm \
47 --disable-stack-protector \
48 --disable-gdbm \
49 --disable-mono \
50 --disable-monodoc \
51 --disable-qt3 \
52 --disable-qt4 \
53 --disable-python \
54 --disable-doxygen-doc \
55 ${EXTRA_OECONF_SYSVINIT} \
56 ${EXTRA_OECONF_SYSTEMD} \
57 ${AVAHI_GTK} \
58 "
59
60# The distro choice determines what init scripts are installed
61EXTRA_OECONF_SYSVINIT = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','--with-distro=debian','--with-distro=none',d)}"
62EXTRA_OECONF_SYSTEMD = "${@bb.utils.contains('DISTRO_FEATURES','systemd','--with-systemdsystemunitdir=${systemd_unitdir}/system/','--without-systemdsystemunitdir',d)}"
63
64AVAHI_GTK ?= "--disable-gtk --disable-gtk3"
65
66LDFLAGS_append_libc-uclibc = " -lintl"
67LDFLAGS_append_uclinux-uclibc = " -lintl"
68
69do_configure_prepend() {
70 sed 's:AM_CHECK_PYMOD:echo "no pymod" #AM_CHECK_PYMOD:g' -i ${S}/configure.ac
71}
72
73
74PACKAGES =+ "avahi-daemon libavahi-common libavahi-core libavahi-client avahi-dnsconfd libavahi-glib libavahi-ui avahi-autoipd avahi-utils"
75
76# As avahi doesn't put any files into PN, clear the files list to avoid problems
77# if extra libraries appear.
78FILES_avahi = ""
79FILES_avahi-autoipd = "${sbindir}/avahi-autoipd \
80 ${sysconfdir}/avahi/avahi-autoipd.action \
81 ${sysconfdir}/dhcp/*/avahi-autoipd \
82 ${sysconfdir}/udhcpc.d/00avahi-autoipd \
83 ${sysconfdir}/udhcpc.d/99avahi-autoipd"
84FILES_libavahi-common = "${libdir}/libavahi-common.so.*"
85FILES_libavahi-core = "${libdir}/libavahi-core.so.*"
86FILES_avahi-daemon = "${sbindir}/avahi-daemon \
87 ${sysconfdir}/avahi/avahi-daemon.conf \
88 ${sysconfdir}/avahi/hosts \
89 ${sysconfdir}/avahi/services \
90 ${sysconfdir}/dbus-1 \
91 ${sysconfdir}/init.d/avahi-daemon \
92 ${datadir}/avahi/introspection/*.introspect \
93 ${datadir}/avahi/avahi-service.dtd \
94 ${datadir}/avahi/service-types \
95 ${datadir}/dbus-1/system-services"
96FILES_libavahi-client = "${libdir}/libavahi-client.so.*"
97FILES_libavahi-ui = "${libdir}/libavahi-ui.so.*"
98FILES_avahi-dnsconfd = "${sbindir}/avahi-dnsconfd \
99 ${sysconfdir}/avahi/avahi-dnsconfd.action \
100 ${sysconfdir}/init.d/avahi-dnsconfd"
101FILES_libavahi-glib = "${libdir}/libavahi-glib.so.*"
102FILES_libavahi-gobject = "${libdir}/libavahi-gobject.so.*"
103FILES_avahi-utils = "${bindir}/avahi-*"
104
105RDEPENDS_${PN}-dev = "avahi-daemon (= ${EXTENDPKGV}) libavahi-core (= ${EXTENDPKGV}) libavahi-client (= ${EXTENDPKGV})"
106
107# uclibc has no nss
108RRECOMMENDS_avahi-daemon_append_libc-glibc = " libnss-mdns"
109RRECOMMENDS_${PN}_append_libc-glibc = " libnss-mdns"
110
111RRECOMMENDS_avahi-dev = "expat-dev libcap-dev libdaemon-dev dbus-dev glib-2.0-dev update-rc.d-dev"
112RRECOMMENDS_avahi-dev_append_libc-glibc = " gettext-dev"
113
114RRECOMMENDS_avahi-dev[nodeprrecs] = "1"
115
116CONFFILES_avahi-daemon = "${sysconfdir}/avahi/avahi-daemon.conf"
117
118INITSCRIPT_PACKAGES = "avahi-daemon avahi-dnsconfd"
119INITSCRIPT_NAME_avahi-daemon = "avahi-daemon"
120INITSCRIPT_PARAMS_avahi-daemon = "defaults 21 19"
121INITSCRIPT_NAME_avahi-dnsconfd = "avahi-dnsconfd"
122INITSCRIPT_PARAMS_avahi-dnsconfd = "defaults 22 19"
123
124do_install() {
125 autotools_do_install
126
127 # don't install /var/run when populating rootfs. Do it through volatile
128 # /var/run of current version is empty, so just remove it.
129 # if /var/run become non-empty in the future, need to install it via volatile
130 rm -rf ${D}${localstatedir}/run
131 rmdir --ignore-fail-on-non-empty ${D}${localstatedir}
132 rm -rf ${D}${datadir}/dbus-1/interfaces
133 rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1
134 rm -rf ${D}${libdir}/avahi
135
136 install -d ${D}${sysconfdir}/udhcpc.d
137 install ${WORKDIR}/00avahi-autoipd ${D}${sysconfdir}/udhcpc.d
138 install ${WORKDIR}/99avahi-autoipd ${D}${sysconfdir}/udhcpc.d
139}
140
141# At the time the postinst runs, dbus might not be setup so only restart if running
142# Don't exit early, because update-rc.d needs to run subsequently.
143
144pkg_postinst_avahi-daemon () {
145if [ -z "$D" ]; then
146 killall -q -HUP dbus-daemon || true
147fi
148}
149
150pkg_postrm_avahi-daemon () {
151 deluser avahi || true
152 delgroup avahi || true
153}
154
155pkg_postrm_avahi-autoipd () {
156 deluser avahi-autoipd || true
157 delgroup avahi-autoipd || true
158}
diff --git a/meta/recipes-connectivity/avahi/avahi_0.6.31.bb b/meta/recipes-connectivity/avahi/avahi_0.6.31.bb
new file mode 100644
index 0000000..5d796a2
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/avahi_0.6.31.bb
@@ -0,0 +1,22 @@
1require avahi.inc
2
3inherit systemd
4
5SYSTEMD_PACKAGES = "${PN}-daemon ${PN}-dnsconfd"
6SYSTEMD_SERVICE_${PN}-daemon = "avahi-daemon.service"
7SYSTEMD_SERVICE_${PN}-dnsconfd = "avahi-dnsconfd.service"
8
9LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \
10 file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \
11 file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \
12 file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \
13 file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf"
14
15PR = "${INC_PR}.1"
16
17SRC_URI[md5sum] = "2f22745b8f7368ad5a0a3fddac343f2d"
18SRC_URI[sha256sum] = "8372719b24e2dd75de6f59bb1315e600db4fd092805bd1201ed0cb651a2dab48"
19
20DEPENDS += "intltool-native"
21
22PACKAGES =+ "libavahi-gobject"
diff --git a/meta/recipes-connectivity/avahi/files/0001-avahi-fix-avahi-status-command-error-prompt.patch b/meta/recipes-connectivity/avahi/files/0001-avahi-fix-avahi-status-command-error-prompt.patch
new file mode 100644
index 0000000..7590df7
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/files/0001-avahi-fix-avahi-status-command-error-prompt.patch
@@ -0,0 +1,52 @@
1From f774ac25f436a782ccccc4dbe68378a684596799 Mon Sep 17 00:00:00 2001
2From: Lu Chong <Chong.Lu@windriver.com>
3Date: Thu, 7 Nov 2013 14:36:28 +0800
4Subject: [PATCH] avahi: fix avahi status command error prompt
5
6service --status-all command will display wrong status for avahi-daemon.
7This commit fix this error prompt and make service display right status
8for avahi-daemon.
9
10Upstream-Status: Pending
11
12Signed-off-by: Lu Chong <Chong.Lu@windriver.com>
13---
14 initscript/debian/avahi-daemon.in | 14 +++++++++++---
15 1 file changed, 11 insertions(+), 3 deletions(-)
16
17diff --git a/initscript/debian/avahi-daemon.in b/initscript/debian/avahi-daemon.in
18index 4793b46..49ec358 100755
19--- a/initscript/debian/avahi-daemon.in
20+++ b/initscript/debian/avahi-daemon.in
21@@ -153,7 +153,15 @@ d_reload() {
22 # Function that check the status of the daemon/service.
23 #
24 d_status() {
25- $DAEMON -c && echo "$DESC is running" || echo "$DESC is not running"
26+ $DAEMON -c
27+ status=$?
28+ if [ $status = 0 ]; then
29+ echo "$DESC is running"
30+ return 0
31+ else
32+ echo "$DESC is not running"
33+ return 3
34+ fi
35 }
36
37 case "$1" in
38@@ -182,9 +190,9 @@ case "$1" in
39 d_status
40 ;;
41 *)
42- echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|reload}" >&2
43+ echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|reload|status}" >&2
44 exit 1
45 ;;
46 esac
47
48-exit 0
49+exit $?
50--
511.7.9.5
52
diff --git a/meta/recipes-connectivity/avahi/files/00avahi-autoipd b/meta/recipes-connectivity/avahi/files/00avahi-autoipd
new file mode 100644
index 0000000..a0ab814
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/files/00avahi-autoipd
@@ -0,0 +1,10 @@
1#!/bin/sh
2
3[ -z "$1" ] && echo "Error: should be called from udhcpc" && exit 1
4
5case "$1" in
6
7 deconfig|renew|bound)
8 /usr/sbin/avahi-autoipd -k $interface 2> /dev/null
9 ;;
10esac
diff --git a/meta/recipes-connectivity/avahi/files/99avahi-autoipd b/meta/recipes-connectivity/avahi/files/99avahi-autoipd
new file mode 100644
index 0000000..234cdaa
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/files/99avahi-autoipd
@@ -0,0 +1,10 @@
1#!/bin/sh
2
3[ -z "$1" ] && echo "Error: should be called from udhcpc" && exit 1
4
5case "$1" in
6
7 leasefail)
8 /usr/sbin/avahi-autoipd -wD $interface 2> /dev/null
9 ;;
10esac
diff --git a/meta/recipes-connectivity/avahi/files/avahi_fix_install_issue.patch b/meta/recipes-connectivity/avahi/files/avahi_fix_install_issue.patch
new file mode 100644
index 0000000..32f20ec
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/files/avahi_fix_install_issue.patch
@@ -0,0 +1,32 @@
1Upstream-Status: Pending
2
3Fixes this install issue
4#| /bin/sh: line 0: cd: /srv/home/nitin/builds/build-gcc47/tmp/work/i586-poky-linux/avahi-0.6.31-r3.0/image//usr/bin: No such file or directory
5
6Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com>
72012/05/03
8
9Index: avahi-0.6.31/avahi-utils/Makefile.am
10===================================================================
11--- avahi-0.6.31.orig/avahi-utils/Makefile.am
12+++ avahi-0.6.31/avahi-utils/Makefile.am
13@@ -54,6 +54,7 @@ avahi_set_host_name_CFLAGS = $(AM_CFLAGS
14 avahi_set_host_name_LDADD = $(AM_LDADD) ../avahi-client/libavahi-client.la ../avahi-common/libavahi-common.la
15
16 install-exec-local:
17+ $(MKDIR_P) $(DESTDIR)/$(bindir) && \
18 cd $(DESTDIR)/$(bindir) && \
19 rm -f avahi-resolve-host-name avahi-resolve-address avahi-browse-domains avahi-publish-address avahi-publish-service && \
20 $(LN_S) avahi-resolve avahi-resolve-host-name && \
21Index: avahi-0.6.31/avahi-utils/Makefile.in
22===================================================================
23--- avahi-0.6.31.orig/avahi-utils/Makefile.in
24+++ avahi-0.6.31/avahi-utils/Makefile.in
25@@ -906,6 +906,7 @@ uninstall-am: uninstall-binPROGRAMS
26
27
28 @HAVE_DBUS_TRUE@install-exec-local:
29+@HAVE_DBUS_TRUE@ $(MKDIR_P) $(DESTDIR)/$(bindir) && \
30 @HAVE_DBUS_TRUE@ cd $(DESTDIR)/$(bindir) && \
31 @HAVE_DBUS_TRUE@ rm -f avahi-resolve-host-name avahi-resolve-address avahi-browse-domains avahi-publish-address avahi-publish-service && \
32 @HAVE_DBUS_TRUE@ $(LN_S) avahi-resolve avahi-resolve-host-name && \
diff --git a/meta/recipes-connectivity/avahi/files/fix_for_automake_1.12.x.patch b/meta/recipes-connectivity/avahi/files/fix_for_automake_1.12.x.patch
new file mode 100644
index 0000000..0fc4c29
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/files/fix_for_automake_1.12.x.patch
@@ -0,0 +1,34 @@
1Upstream-Status: Pending
2
3autoamke 1.12.x has depricated use of mkdir_p , and recommends use of MKDIR_P
4instead. Fixed the automake files accordingly to avoid warning-errors.
5Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com>
62012/07/09
7
8
9Index: avahi-0.6.31/avahi-daemon/Makefile.am
10===================================================================
11--- avahi-0.6.31.orig/avahi-daemon/Makefile.am
12+++ avahi-0.6.31/avahi-daemon/Makefile.am
13@@ -169,7 +169,7 @@ xmllint:
14 done
15
16 install-data-local:
17- test -z "$(localstatedir)/run" || $(mkdir_p) "$(DESTDIR)$(localstatedir)/run"
18+ test -z "$(localstatedir)/run" || $(MKDIR_P) "$(DESTDIR)$(localstatedir)/run"
19
20 update-systemd:
21 curl http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.c > sd-daemon.c
22Index: avahi-0.6.31/avahi-autoipd/Makefile.am
23===================================================================
24--- avahi-0.6.31.orig/avahi-autoipd/Makefile.am
25+++ avahi-0.6.31/avahi-autoipd/Makefile.am
26@@ -76,7 +76,7 @@ dhcliententerdir = $(sysconfdir)/dhcp/dh
27 dhclientexitdir = $(sysconfdir)/dhcp/dhclient-exit-hooks.d
28
29 install-exec-hook: dhclient-exit-hook dhclient-enter-hook
30- $(mkdir_p) $(DESTDIR)$(dhcliententerdir) $(DESTDIR)$(dhclientexitdir)
31+ $(MKDIR_P) $(DESTDIR)$(dhcliententerdir) $(DESTDIR)$(dhclientexitdir)
32 $(INSTALL) dhclient-enter-hook $(DESTDIR)$(dhcliententerdir)/avahi-autoipd
33 $(INSTALL) dhclient-exit-hook $(DESTDIR)$(dhclientexitdir)/avahi-autoipd
34
diff --git a/meta/recipes-connectivity/avahi/files/initscript.patch b/meta/recipes-connectivity/avahi/files/initscript.patch
new file mode 100644
index 0000000..193889e
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/files/initscript.patch
@@ -0,0 +1,41 @@
1Upstream-Status: Pending
2
3diff --git a/initscript/debian/avahi-daemon.in b/initscript/debian/avahi-daemon.in
4index 30a2c2f..b5848a8 100755
5--- a/initscript/debian/avahi-daemon.in
6+++ b/initscript/debian/avahi-daemon.in
7@@ -1,2 +1,14 @@
8 #!/bin/sh
9-
10+### BEGIN INIT INFO
11+# Provides: avahi
12+# Required-Start: $remote_fs dbus
13+# Required-Stop: $remote_fs dbus
14+# Should-Start: $syslog
15+# Should-Stop: $syslog
16+# Default-Start: 2 3 4 5
17+# Default-Stop: 0 1 6
18+# Short-Description: Avahi mDNS/DNS-SD Daemon
19+# Description: Zeroconf daemon for configuring your network
20+# automatically
21+### END INIT INFO
22+#
23diff --git a/initscript/debian/avahi-dnsconfd.in b/initscript/debian/avahi-dnsconfd.in
24index ac34804..f95c340 100755
25--- a/initscript/debian/avahi-dnsconfd.in
26+++ b/initscript/debian/avahi-dnsconfd.in
27@@ -1,1 +1,14 @@
28 #!/bin/sh
29+### BEGIN INIT INFO
30+# Provides: avahi-dnsconfd
31+# Required-Start: $remote_fs avahi
32+# Required-Stop: $remote_fs avahi
33+# Should-Start: $syslog
34+# Should-Stop: $syslog
35+# Default-Start: 2 3 4 5
36+# Default-Stop: 0 1 6
37+# Short-Description: Avahi mDNS/DNS-SD DNS configuration
38+# Description: Zeroconf daemon for configuring your network
39+# automatically
40+### END INIT INFO
41+#
diff --git a/meta/recipes-connectivity/avahi/files/out-of-tree.patch b/meta/recipes-connectivity/avahi/files/out-of-tree.patch
new file mode 100644
index 0000000..43476cd
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/files/out-of-tree.patch
@@ -0,0 +1,32 @@
1Upstream-Status: Pending
2Signed-off-by: Ross Burton <ross.burton@intel.com>
3
4From a62dc95d75691ea4aefa86d8bbe54c62afd78ff6 Mon Sep 17 00:00:00 2001
5From: Ross Burton <ross.burton@intel.com>
6Date: Tue, 17 Sep 2013 12:27:36 +0100
7Subject: [PATCH] build-sys: fix out-of-tree builds without xmltoman
8
9If manpages are enabled but xmltoman isn't present, out-of-tree builds fail
10because it checks inside the build directory for the pre-generated manpages.
11
12Fix this by using $srcdir when looking for files inside the source directory.
13---
14 configure.ac | 2 +-
15 1 file changed, 1 insertion(+), 1 deletion(-)
16
17diff --git a/configure.ac b/configure.ac
18index 9debce2..047c7ae 100644
19--- a/configure.ac
20+++ b/configure.ac
21@@ -1021,7 +1021,7 @@ if test x$manpages = xyes ; then
22 fi
23
24 if test x$have_xmltoman = xno -o x$xmltoman = xno; then
25- if ! test -e man/avahi-daemon.8 ; then
26+ if ! test -e $srcdir/man/avahi-daemon.8 ; then
27 AC_MSG_ERROR([*** xmltoman was not found or was disabled, it is required to build the manpages as they have not been pre-built, install xmltoman, pass --disable-manpages or dont pass --disable-xmltoman])
28 exit 1
29 fi
30--
311.7.10.4
32
diff --git a/meta/recipes-connectivity/avahi/files/reuseport-check.patch b/meta/recipes-connectivity/avahi/files/reuseport-check.patch
new file mode 100644
index 0000000..bb81c2c
--- /dev/null
+++ b/meta/recipes-connectivity/avahi/files/reuseport-check.patch
@@ -0,0 +1,30 @@
1Fix avahi-daemon when running on kernel < 3.9 (patch taken from Ubuntu).
2
3Upstream-Status: Pending (unmaintained upstream)
4Signed-off-by: Ross Burton <ross.burton@intel.com>
5
6Description: SO_REUSEPORT may not exist in running kernel
7 When userspace defines SO_REUSEPORT we will attempt to enable socket
8 port number reuse. However if the running kernel does not support
9 this call it will fail preventing daemon startup. If this call is
10 present but fails ENOPROTOOPT then we know that actually the kernel
11 does not support it and we should continue as if we did not have the
12 call at all. (LP: #1228204)
13 .
14 This patch could be removed from the debian package after jessie release.
15Author: Andy Whitcroft <apw@canonical.com>
16
17Index: avahi-0.6.31/avahi-core/socket.c
18===================================================================
19--- avahi-0.6.31.orig/avahi-core/socket.c 2013-09-20 16:36:50.000000000 +0100
20+++ avahi-0.6.31/avahi-core/socket.c 2013-09-20 16:38:23.781863644 +0100
21@@ -177,7 +177,8 @@
22 yes = 1;
23 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &yes, sizeof(yes)) < 0) {
24 avahi_log_warn("SO_REUSEPORT failed: %s", strerror(errno));
25- return -1;
26+ if (errno != ENOPROTOOPT)
27+ return -1;
28 }
29 #endif
30
diff --git a/meta/recipes-connectivity/bind/bind/bind-9.8.1-CVE-2012-5166.patch b/meta/recipes-connectivity/bind/bind/bind-9.8.1-CVE-2012-5166.patch
new file mode 100644
index 0000000..0abb475
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind-9.8.1-CVE-2012-5166.patch
@@ -0,0 +1,119 @@
1bind_Fix_for_CVE-2012-5166
2
3Upstream-Status: Backport
4
5Reference:http://launchpadlibrarian.net/119212498/bind9_1%3A9.7.3.dfsOBg
6-1ubuntu2.6_1%3A9.7.3.dfsg-1ubuntu2.7.diff.gz
7
8ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before
99.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows
10remote attackers to cause a denial of service (named daemon hang)
11via unspecified combinations of resource records.
12
13http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5166
14
15Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
16diff -urpN a/bin/named/query.c b/bin/named/query.c
17--- a/bin/named/query.c 2012-10-22 13:24:27.000000000 +0800
18+++ b/bin/named/query.c 2012-10-22 13:17:04.000000000 +0800
19@@ -1137,13 +1137,6 @@ query_isduplicate(ns_client_t *client, d
20 mname = NULL;
21 }
22
23- /*
24- * If the dns_name_t we're looking up is already in the message,
25- * we don't want to trigger the caller's name replacement logic.
26- */
27- if (name == mname)
28- mname = NULL;
29-
30 *mnamep = mname;
31
32 CTRACE("query_isduplicate: false: done");
33@@ -1341,6 +1334,7 @@ query_addadditional(void *arg, dns_name_
34 if (dns_rdataset_isassociated(rdataset) &&
35 !query_isduplicate(client, fname, type, &mname)) {
36 if (mname != NULL) {
37+ INSIST(mname != fname);
38 query_releasename(client, &fname);
39 fname = mname;
40 } else
41@@ -1401,11 +1395,13 @@ query_addadditional(void *arg, dns_name_
42 mname = NULL;
43 if (!query_isduplicate(client, fname,
44 dns_rdatatype_a, &mname)) {
45- if (mname != NULL) {
46- query_releasename(client, &fname);
47- fname = mname;
48- } else
49- need_addname = ISC_TRUE;
50+ if (mname != fname) {
51+ if (mname != NULL) {
52+ query_releasename(client, &fname);
53+ fname = mname;
54+ } else
55+ need_addname = ISC_TRUE;
56+ }
57 ISC_LIST_APPEND(fname->list, rdataset, link);
58 added_something = ISC_TRUE;
59 if (sigrdataset != NULL &&
60@@ -1444,11 +1440,13 @@ query_addadditional(void *arg, dns_name_
61 mname = NULL;
62 if (!query_isduplicate(client, fname,
63 dns_rdatatype_aaaa, &mname)) {
64- if (mname != NULL) {
65- query_releasename(client, &fname);
66- fname = mname;
67- } else
68- need_addname = ISC_TRUE;
69+ if (mname != fname) {
70+ if (mname != NULL) {
71+ query_releasename(client, &fname);
72+ fname = mname;
73+ } else
74+ need_addname = ISC_TRUE;
75+ }
76 ISC_LIST_APPEND(fname->list, rdataset, link);
77 added_something = ISC_TRUE;
78 if (sigrdataset != NULL &&
79@@ -1960,22 +1958,24 @@ query_addadditional2(void *arg, dns_name
80 crdataset->type == dns_rdatatype_aaaa) {
81 if (!query_isduplicate(client, fname, crdataset->type,
82 &mname)) {
83- if (mname != NULL) {
84- /*
85- * A different type of this name is
86- * already stored in the additional
87- * section. We'll reuse the name.
88- * Note that this should happen at most
89- * once. Otherwise, fname->link could
90- * leak below.
91- */
92- INSIST(mname0 == NULL);
93-
94- query_releasename(client, &fname);
95- fname = mname;
96- mname0 = mname;
97- } else
98- need_addname = ISC_TRUE;
99+ if (mname != fname) {
100+ if (mname != NULL) {
101+ /*
102+ * A different type of this name is
103+ * already stored in the additional
104+ * section. We'll reuse the name.
105+ * Note that this should happen at most
106+ * once. Otherwise, fname->link could
107+ * leak below.
108+ */
109+ INSIST(mname0 == NULL);
110+
111+ query_releasename(client, &fname);
112+ fname = mname;
113+ mname0 = mname;
114+ } else
115+ need_addname = ISC_TRUE;
116+ }
117 ISC_LIST_UNLINK(cfname.list, crdataset, link);
118 ISC_LIST_APPEND(fname->list, crdataset, link);
119 added_something = ISC_TRUE;
diff --git a/meta/recipes-connectivity/bind/bind/bind-CVE-2011-4313.patch b/meta/recipes-connectivity/bind/bind/bind-CVE-2011-4313.patch
new file mode 100644
index 0000000..19d8df1
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind-CVE-2011-4313.patch
@@ -0,0 +1,89 @@
1The patch to fix CVE-2011-4313
2
3Upstream-Status: Backport
4
5Reference: https://www.redhat.com/security/data/cve/CVE-2011-4313.html
6
7query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV
8through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1
9through 9.9.0b1 allows remote attackers to cause a denial of service
10(assertion failure and named exit) via unknown vectors related to recursive DNS
11queries, error logging, and the caching of an invalid record by the resolver.
12
13Signed-off-by Ming Liu <ming.liu@windriver.com>
14---
15 bin/named/query.c | 19 ++++++++-----------
16 lib/dns/rbtdb.c | 4 ++--
17 2 files changed, 10 insertions(+), 13 deletions(-)
18
19--- a/bin/named/query.c
20+++ b/bin/named/query.c
21@@ -1393,11 +1393,9 @@ query_addadditional(void *arg, dns_name_
22 goto addname;
23 if (result == DNS_R_NCACHENXRRSET) {
24 dns_rdataset_disassociate(rdataset);
25- /*
26- * Negative cache entries don't have sigrdatasets.
27- */
28- INSIST(sigrdataset == NULL ||
29- ! dns_rdataset_isassociated(sigrdataset));
30+ if (sigrdataset != NULL &&
31+ dns_rdataset_isassociated(sigrdataset))
32+ dns_rdataset_disassociate(sigrdataset);
33 }
34 if (result == ISC_R_SUCCESS) {
35 mname = NULL;
36@@ -1438,8 +1436,9 @@ query_addadditional(void *arg, dns_name_
37 goto addname;
38 if (result == DNS_R_NCACHENXRRSET) {
39 dns_rdataset_disassociate(rdataset);
40- INSIST(sigrdataset == NULL ||
41- ! dns_rdataset_isassociated(sigrdataset));
42+ if (sigrdataset != NULL &&
43+ dns_rdataset_isassociated(sigrdataset))
44+ dns_rdataset_disassociate(sigrdataset);
45 }
46 if (result == ISC_R_SUCCESS) {
47 mname = NULL;
48@@ -1889,10 +1888,8 @@ query_addadditional2(void *arg, dns_name
49 goto setcache;
50 if (result == DNS_R_NCACHENXRRSET) {
51 dns_rdataset_disassociate(rdataset);
52- /*
53- * Negative cache entries don't have sigrdatasets.
54- */
55- INSIST(! dns_rdataset_isassociated(sigrdataset));
56+ if (dns_rdataset_isassociated(sigrdataset))
57+ dns_rdataset_disassociate(sigrdataset);
58 }
59 if (result == ISC_R_SUCCESS) {
60 /* Remember the result as a cache */
61--- a/lib/dns/rbtdb.c
62+++ b/lib/dns/rbtdb.c
63@@ -5053,7 +5053,7 @@ cache_find(dns_db_t *db, dns_name_t *nam
64 rdataset);
65 if (need_headerupdate(found, search.now))
66 update = found;
67- if (foundsig != NULL) {
68+ if (!NEGATIVE(found) && foundsig != NULL) {
69 bind_rdataset(search.rbtdb, node, foundsig, search.now,
70 sigrdataset);
71 if (need_headerupdate(foundsig, search.now))
72@@ -5596,7 +5596,7 @@ zone_findrdataset(dns_db_t *db, dns_dbno
73 }
74 if (found != NULL) {
75 bind_rdataset(rbtdb, rbtnode, found, now, rdataset);
76- if (foundsig != NULL)
77+ if (!NEGATIVE(found) && foundsig != NULL)
78 bind_rdataset(rbtdb, rbtnode, foundsig, now,
79 sigrdataset);
80 }
81@@ -5685,7 +5685,7 @@ cache_findrdataset(dns_db_t *db, dns_dbn
82 }
83 if (found != NULL) {
84 bind_rdataset(rbtdb, rbtnode, found, now, rdataset);
85- if (foundsig != NULL)
86+ if (!NEGATIVE(found) && foundsig != NULL)
87 bind_rdataset(rbtdb, rbtnode, foundsig, now,
88 sigrdataset);
89 }
diff --git a/meta/recipes-connectivity/bind/bind/bind-CVE-2012-1667.patch b/meta/recipes-connectivity/bind/bind/bind-CVE-2012-1667.patch
new file mode 100644
index 0000000..c441eab
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind-CVE-2012-1667.patch
@@ -0,0 +1,92 @@
1bind CVE-2012-1667
2
3Upstream-Status: Backport
4
5ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1,
6and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource
7records with a zero-length RDATA section, which allows remote DNS servers to
8cause a denial of service (daemon crash or data corruption) or obtain
9sensitive information from process memory via a crafted record.
10
11http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1667
12
13The cve patch comes from bind97-9.7.0-10.P2.el5_8.1.src.rpm package.
14
15Signed-off-by: Li Wang <li.wang@windriver.com>
16---
17 lib/dns/rdata.c | 8 ++++----
18 lib/dns/rdataslab.c | 11 ++++++++---
19 2 files changed, 12 insertions(+), 7 deletions(-)
20
21diff --git a/lib/dns/rdata.c b/lib/dns/rdata.c
22index 063b1f6..9337a80 100644
23--- a/lib/dns/rdata.c
24+++ b/lib/dns/rdata.c
25@@ -325,8 +325,8 @@ dns_rdata_compare(const dns_rdata_t *rdata1, const dns_rdata_t *rdata2) {
26
27 REQUIRE(rdata1 != NULL);
28 REQUIRE(rdata2 != NULL);
29- REQUIRE(rdata1->data != NULL);
30- REQUIRE(rdata2->data != NULL);
31+ REQUIRE(rdata1->length == 0 || rdata1->data != NULL);
32+ REQUIRE(rdata2->length == 0 || rdata2->data != NULL);
33 REQUIRE(DNS_RDATA_VALIDFLAGS(rdata1));
34 REQUIRE(DNS_RDATA_VALIDFLAGS(rdata2));
35
36@@ -356,8 +356,8 @@ dns_rdata_casecompare(const dns_rdata_t *rdata1, const dns_rdata_t *rdata2) {
37
38 REQUIRE(rdata1 != NULL);
39 REQUIRE(rdata2 != NULL);
40- REQUIRE(rdata1->data != NULL);
41- REQUIRE(rdata2->data != NULL);
42+ REQUIRE(rdata1->length == 0 || rdata1->data != NULL);
43+ REQUIRE(rdata2->length == 0 || rdata2->data != NULL);
44 REQUIRE(DNS_RDATA_VALIDFLAGS(rdata1));
45 REQUIRE(DNS_RDATA_VALIDFLAGS(rdata2));
46
47diff --git a/lib/dns/rdataslab.c b/lib/dns/rdataslab.c
48index a41f16f..ed13b30 100644
49--- a/lib/dns/rdataslab.c
50+++ b/lib/dns/rdataslab.c
51@@ -125,6 +125,11 @@ isc_result_t
52 dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,
53 isc_region_t *region, unsigned int reservelen)
54 {
55+ /*
56+ * Use &removed as a sentinal pointer for duplicate
57+ * rdata as rdata.data == NULL is valid.
58+ */
59+ static unsigned char removed;
60 struct xrdata *x;
61 unsigned char *rawbuf;
62 #if DNS_RDATASET_FIXED
63@@ -168,6 +173,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,
64 INSIST(result == ISC_R_SUCCESS);
65 dns_rdata_init(&x[i].rdata);
66 dns_rdataset_current(rdataset, &x[i].rdata);
67+ INSIST(x[i].rdata.data != &removed);
68 #if DNS_RDATASET_FIXED
69 x[i].order = i;
70 #endif
71@@ -200,8 +206,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,
72 */
73 for (i = 1; i < nalloc; i++) {
74 if (compare_rdata(&x[i-1].rdata, &x[i].rdata) == 0) {
75- x[i-1].rdata.data = NULL;
76- x[i-1].rdata.length = 0;
77+ x[i-1].rdata.data = &removed;
78 #if DNS_RDATASET_FIXED
79 /*
80 * Preserve the least order so A, B, A -> A, B
81@@ -291,7 +296,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_t *rdataset, isc_mem_t *mctx,
82 #endif
83
84 for (i = 0; i < nalloc; i++) {
85- if (x[i].rdata.data == NULL)
86+ if (x[i].rdata.data == &removed)
87 continue;
88 #if DNS_RDATASET_FIXED
89 offsettable[x[i].order] = rawbuf - offsetbase;
90--
911.7.0.5
92
diff --git a/meta/recipes-connectivity/bind/bind/bind-CVE-2012-3817.patch b/meta/recipes-connectivity/bind/bind/bind-CVE-2012-3817.patch
new file mode 100644
index 0000000..1e159bd
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind-CVE-2012-3817.patch
@@ -0,0 +1,40 @@
1bind: fix for CVE-2012-3817
2
3Upstream-Status: Backport
4
5ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2;
69.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation
7is enabled, does not properly initialize the failing-query cache, which allows
8remote attackers to cause a denial of service (assertion failure and daemon exit)
9by sending many queries.
10
11http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3817
12
13This patch is back-ported from bind-9.3.6-20.P1.el5_8.2.src.rpm package.
14
15Signed-off-by: Ming Liu <ming.liu@windriver.com>
16---
17 resolver.c | 5 +++--
18 1 file changed, 3 insertions(+), 2 deletions(-)
19
20--- a/lib/dns/resolver.c
21+++ b/lib/dns/resolver.c
22@@ -8318,6 +8318,7 @@ dns_resolver_addbadcache(dns_resolver_t
23 goto cleanup;
24 bad->type = type;
25 bad->hashval = hashval;
26+ bad->expire = *expire;
27 isc_buffer_init(&buffer, bad + 1, name->length);
28 dns_name_init(&bad->name, NULL);
29 dns_name_copy(name, &bad->name, &buffer);
30@@ -8329,8 +8330,8 @@ dns_resolver_addbadcache(dns_resolver_t
31 if (resolver->badcount < resolver->badhash * 2 &&
32 resolver->badhash > DNS_BADCACHE_SIZE)
33 resizehash(resolver, &now, ISC_FALSE);
34- }
35- bad->expire = *expire;
36+ } else
37+ bad->expire = *expire;
38 cleanup:
39 UNLOCK(&resolver->lock);
40 }
diff --git a/meta/recipes-connectivity/bind/bind/bind-CVE-2013-2266.patch b/meta/recipes-connectivity/bind/bind/bind-CVE-2013-2266.patch
new file mode 100644
index 0000000..7ec6deb
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind-CVE-2013-2266.patch
@@ -0,0 +1,41 @@
1bind: fix for CVE-2013-2266
2
3Upstream-Status: Backport
4
5libdns in ISC BIND 9.7.x and 9.8.x before 9.8.4-P2, 9.8.5 before 9.8.5b2,
69.9.x before 9.9.2-P2, and 9.9.3 before 9.9.3b2 on UNIX platforms allows
7remote attackers to cause a denial of service (memory consumption) via a
8crafted regular expression, as demonstrated by a memory-exhaustion attack
9against a machine running a named process.
10
11http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2266
12
13Signed-off-by Ming Liu <ming.liu@windriver.com>
14---
15 config.h.in | 3 ---
16 configure.in | 2 +-
17 2 files changed, 1 insertion(+), 4 deletions(-)
18
19--- a/config.h.in
20+++ b/config.h.in
21@@ -277,9 +277,6 @@ int sigwait(const unsigned int *set, int
22 /* Define if your OpenSSL version supports GOST. */
23 #undef HAVE_OPENSSL_GOST
24
25-/* Define to 1 if you have the <regex.h> header file. */
26-#undef HAVE_REGEX_H
27-
28 /* Define to 1 if you have the `setegid' function. */
29 #undef HAVE_SETEGID
30
31--- a/configure.in
32+++ b/configure.in
33@@ -279,7 +279,7 @@ esac
34
35 AC_HEADER_STDC
36
37-AC_CHECK_HEADERS(fcntl.h regex.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,,
38+AC_CHECK_HEADERS(fcntl.h sys/time.h unistd.h sys/sockio.h sys/select.h sys/param.h sys/sysctl.h net/if6.h,,,
39 [$ac_includes_default
40 #ifdef HAVE_SYS_PARAM_H
41 # include <sys/param.h>
diff --git a/meta/recipes-connectivity/bind/bind/bind-Fix-CVE-2012-4244.patch b/meta/recipes-connectivity/bind/bind/bind-Fix-CVE-2012-4244.patch
new file mode 100644
index 0000000..5dd6f69
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind-Fix-CVE-2012-4244.patch
@@ -0,0 +1,141 @@
1bind_Fix_for_CVE-2012-4244
2
3Upstream-Status: Backport
4
5Reference:https://bugzilla.novell.com/attachment.cgi?id=505661&action=edit
6
7ISC BIND 9.x before 9.7.6-P3, 9.8.x before 9.8.3-P3, 9.9.x before 9.9.1-P3,
8 and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P3 allows remote attackers to
9cause a denial of service (assertion failure and named daemon exit) via
10a query for a long resource record.
11
12Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
13
14diff -urpN a/lib/dns/include/dns/rdata.h b/lib/dns/include/dns/rdata.h
15--- a/lib/dns/include/dns/rdata.h 2012-10-08 12:19:42.000000000 +0800
16+++ b/lib/dns/include/dns/rdata.h 2012-10-08 11:26:43.000000000 +0800
17@@ -147,6 +147,17 @@ struct dns_rdata {
18 (((rdata)->flags & ~(DNS_RDATA_UPDATE|DNS_RDATA_OFFLINE)) == 0)
19
20 /*
21+ * The maximum length of a RDATA that can be sent on the wire.
22+ * Max packet size (65535) less header (12), less name (1), type (2),
23+ * class (2), ttl(4), length (2).
24+ *
25+ * None of the defined types that support name compression can exceed
26+ * this and all new types are to be sent uncompressed.
27+ */
28+
29+#define DNS_RDATA_MAXLENGTH 65512U
30+
31+/*
32 * Flags affecting rdata formatting style. Flags 0xFFFF0000
33 * are used by masterfile-level formatting and defined elsewhere.
34 * See additional comments at dns_rdata_tofmttext().
35diff -urpN a/lib/dns/master.c b/lib/dns/master.c
36--- a/lib/dns/master.c 2012-10-08 12:19:42.000000000 +0800
37+++ b/lib/dns/master.c 2012-10-08 11:27:06.000000000 +0800
38@@ -75,7 +75,7 @@
39 /*%
40 * max message size - header - root - type - class - ttl - rdlen
41 */
42-#define MINTSIZ (65535 - 12 - 1 - 2 - 2 - 4 - 2)
43+#define MINTSIZ DNS_RDATA_MAXLENGTH
44 /*%
45 * Size for tokens in the presentation format,
46 * The largest tokens are the base64 blocks in KEY and CERT records,
47diff -urpN a/lib/dns/rdata.c b/lib/dns/rdata.c
48--- a/lib/dns/rdata.c 2012-10-08 12:19:42.000000000 +0800
49+++ b/lib/dns/rdata.c 2012-10-08 11:27:27.000000000 +0800
50@@ -425,6 +425,7 @@ dns_rdata_fromwire(dns_rdata_t *rdata, d
51 isc_buffer_t st;
52 isc_boolean_t use_default = ISC_FALSE;
53 isc_uint32_t activelength;
54+ size_t length;
55
56 REQUIRE(dctx != NULL);
57 if (rdata != NULL) {
58@@ -455,6 +456,14 @@ dns_rdata_fromwire(dns_rdata_t *rdata, d
59 }
60
61 /*
62+ * Reject any rdata that expands out to more than DNS_RDATA_MAXLENGTH
63+ * as we cannot transmit it.
64+ */
65+ length = isc_buffer_usedlength(target) - isc_buffer_usedlength(&st);
66+ if (result == ISC_R_SUCCESS && length > DNS_RDATA_MAXLENGTH)
67+ result = DNS_R_FORMERR;
68+
69+ /*
70 * We should have consumed all of our buffer.
71 */
72 if (result == ISC_R_SUCCESS && !buffer_empty(source))
73@@ -462,8 +471,7 @@ dns_rdata_fromwire(dns_rdata_t *rdata, d
74
75 if (rdata != NULL && result == ISC_R_SUCCESS) {
76 region.base = isc_buffer_used(&st);
77- region.length = isc_buffer_usedlength(target) -
78- isc_buffer_usedlength(&st);
79+ region.length = length;
80 dns_rdata_fromregion(rdata, rdclass, type, &region);
81 }
82
83@@ -598,6 +606,7 @@ dns_rdata_fromtext(dns_rdata_t *rdata, d
84 unsigned long line;
85 void (*callback)(dns_rdatacallbacks_t *, const char *, ...);
86 isc_result_t tresult;
87+ size_t length;
88
89 REQUIRE(origin == NULL || dns_name_isabsolute(origin) == ISC_TRUE);
90 if (rdata != NULL) {
91@@ -670,10 +679,13 @@ dns_rdata_fromtext(dns_rdata_t *rdata, d
92 }
93 } while (1);
94
95+ length = isc_buffer_usedlength(target) - isc_buffer_usedlength(&st);
96+ if (result == ISC_R_SUCCESS && length > DNS_RDATA_MAXLENGTH)
97+ result = ISC_R_NOSPACE;
98+
99 if (rdata != NULL && result == ISC_R_SUCCESS) {
100 region.base = isc_buffer_used(&st);
101- region.length = isc_buffer_usedlength(target) -
102- isc_buffer_usedlength(&st);
103+ region.length = length;
104 dns_rdata_fromregion(rdata, rdclass, type, &region);
105 }
106 if (result != ISC_R_SUCCESS) {
107@@ -781,6 +793,7 @@ dns_rdata_fromstruct(dns_rdata_t *rdata,
108 isc_buffer_t st;
109 isc_region_t region;
110 isc_boolean_t use_default = ISC_FALSE;
111+ size_t length;
112
113 REQUIRE(source != NULL);
114 if (rdata != NULL) {
115@@ -795,10 +808,13 @@ dns_rdata_fromstruct(dns_rdata_t *rdata,
116 if (use_default)
117 (void)NULL;
118
119+ length = isc_buffer_usedlength(target) - isc_buffer_usedlength(&st);
120+ if (result == ISC_R_SUCCESS && length > DNS_RDATA_MAXLENGTH)
121+ result = ISC_R_NOSPACE;
122+
123 if (rdata != NULL && result == ISC_R_SUCCESS) {
124 region.base = isc_buffer_used(&st);
125- region.length = isc_buffer_usedlength(target) -
126- isc_buffer_usedlength(&st);
127+ region.length = length;
128 dns_rdata_fromregion(rdata, rdclass, type, &region);
129 }
130 if (result != ISC_R_SUCCESS)
131diff -urpN a/lib/dns/rdataslab.c b/lib/dns/rdataslab.c
132--- a/lib/dns/rdataslab.c 2012-10-08 12:19:42.000000000 +0800
133+++ b/lib/dns/rdataslab.c 2012-10-08 11:27:54.000000000 +0800
134@@ -304,6 +304,7 @@ dns_rdataslab_fromrdataset(dns_rdataset_
135 length = x[i].rdata.length;
136 if (rdataset->type == dns_rdatatype_rrsig)
137 length++;
138+ INSIST(length <= 0xffff);
139 *rawbuf++ = (length & 0xff00) >> 8;
140 *rawbuf++ = (length & 0x00ff);
141 #if DNS_RDATASET_FIXED
diff --git a/meta/recipes-connectivity/bind/bind/bind9 b/meta/recipes-connectivity/bind/bind/bind9
new file mode 100644
index 0000000..968679f
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind9
@@ -0,0 +1,2 @@
1# startup options for the server
2OPTIONS="-u bind"
diff --git a/meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2014-8500.patch b/meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2014-8500.patch
new file mode 100644
index 0000000..62142d2
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2014-8500.patch
@@ -0,0 +1,990 @@
1From 603a0e2637b35a2da820bc807f69bcf09c682dce Mon Sep 17 00:00:00 2001
2From: Evan Hunt <each@isc.org>
3Date: Mon, 17 Nov 2014 23:49:07 -0800
4Subject: [PATCH] [v9_9] limit recursion depth and iterative queries
5
64006. [security] A flaw in delegation handling could be exploited
7 to put named into an infinite loop. This has
8 been addressed by placing limits on the number
9 of levels of recursion named will allow (default 7),
10 and the number of iterative queries that it will
11 send (default 50) before terminating a recursive
12 query (CVE-2014-8500).
13
14 The recursion depth limit is configured via the
15 "max-recursion-depth" option. [RT #35780]
16
17Upstream-Status: Backport
18
19Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
20---
21 bin/named/config.c | 3 +-
22 bin/named/include/named/query.h | 2 -
23 bin/named/query.c | 7 ++-
24 bin/named/server.c | 5 ++
25 bin/tests/system/many/clean.sh | 7 +++
26 bin/tests/system/many/ns1/named.conf | 33 +++++++++++++
27 bin/tests/system/many/ns2/named.conf | 30 ++++++++++++
28 bin/tests/system/many/ns3/named.conf | 32 +++++++++++++
29 bin/tests/system/many/ns4/named.conf | 30 ++++++++++++
30 bin/tests/system/many/ns5/hints.db | 2 +
31 bin/tests/system/many/ns5/named.conf | 29 ++++++++++++
32 bin/tests/system/many/setup.sh | 75 ++++++++++++++++++++++++++++++
33 bin/tests/system/many/tests.sh | 48 +++++++++++++++++++
34 doc/arm/Bv9ARM-book.xml | 12 +++++
35 lib/dns/adb.c | 58 ++++++++++++++++-------
36 lib/dns/include/dns/adb.h | 8 ++++
37 lib/dns/include/dns/resolver.h | 25 ++++++++++
38 lib/dns/resolver.c | 90 ++++++++++++++++++++++++++++++------
39 lib/isccfg/namedconf.c | 1 +
40 20 files changed, 471 insertions(+), 37 deletions(-)
41 create mode 100644 bin/tests/system/many/clean.sh
42 create mode 100644 bin/tests/system/many/ns1/named.conf
43 create mode 100644 bin/tests/system/many/ns2/named.conf
44 create mode 100644 bin/tests/system/many/ns3/named.conf
45 create mode 100644 bin/tests/system/many/ns4/named.conf
46 create mode 100644 bin/tests/system/many/ns5/hints.db
47 create mode 100644 bin/tests/system/many/ns5/named.conf
48 create mode 100644 bin/tests/system/many/setup.sh
49 create mode 100644 bin/tests/system/many/tests.sh
50
51diff --git a/bin/named/config.c b/bin/named/config.c
52index 2782720..5ee8c4e 100644
53--- a/bin/named/config.c
54+++ b/bin/named/config.c
55@@ -15,8 +15,6 @@
56 * PERFORMANCE OF THIS SOFTWARE.
57 */
58
59-/* $Id: config.c,v 1.123 2012/01/06 23:46:41 tbox Exp $ */
60-
61 /*! \file */
62
63 #include <config.h>
64@@ -160,6 +158,7 @@ options {\n\
65 dnssec-accept-expired no;\n\
66 clients-per-query 10;\n\
67 max-clients-per-query 100;\n\
68+ max-recursion-depth 7;\n\
69 zero-no-soa-ttl-cache no;\n\
70 nsec3-test-zone no;\n\
71 allow-new-zones no;\n\
72diff --git a/bin/named/include/named/query.h b/bin/named/include/named/query.h
73index 3beabb8..b5e3900 100644
74--- a/bin/named/include/named/query.h
75+++ b/bin/named/include/named/query.h
76@@ -15,8 +15,6 @@
77 * PERFORMANCE OF THIS SOFTWARE.
78 */
79
80-/* $Id: query.h,v 1.45 2011/01/13 04:59:24 tbox Exp $ */
81-
82 #ifndef NAMED_QUERY_H
83 #define NAMED_QUERY_H 1
84
85diff --git a/bin/named/query.c b/bin/named/query.c
86index 982f76d..47bfc6a 100644
87--- a/bin/named/query.c
88+++ b/bin/named/query.c
89@@ -3877,12 +3877,11 @@ query_recurse(ns_client_t *client, dns_rdatatype_t qtype, dns_name_t *qname,
90 peeraddr = &client->peeraddr;
91 else
92 peeraddr = NULL;
93- result = dns_resolver_createfetch2(client->view->resolver,
94+ result = dns_resolver_createfetch3(client->view->resolver,
95 qname, qtype, qdomain, nameservers,
96 NULL, peeraddr, client->message->id,
97- client->query.fetchoptions,
98- client->task,
99- query_resume, client,
100+ client->query.fetchoptions, 0,
101+ client->task, query_resume, client,
102 rdataset, sigrdataset,
103 &client->query.fetch);
104
105diff --git a/bin/named/server.c b/bin/named/server.c
106index ac015a4..0559977 100644
107--- a/bin/named/server.c
108+++ b/bin/named/server.c
109@@ -3161,6 +3161,11 @@ configure_view(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig,
110 cfg_obj_asuint32(obj),
111 max_clients_per_query);
112
113+ obj = NULL;
114+ result = ns_config_get(maps, "max-recursion-depth", &obj);
115+ INSIST(result == ISC_R_SUCCESS);
116+ dns_resolver_setmaxdepth(view->resolver, cfg_obj_asuint32(obj));
117+
118 #ifdef ALLOW_FILTER_AAAA_ON_V4
119 obj = NULL;
120 result = ns_config_get(maps, "filter-aaaa-on-v4", &obj);
121diff --git a/bin/tests/system/many/clean.sh b/bin/tests/system/many/clean.sh
122new file mode 100644
123index 0000000..119b1f5
124--- /dev/null
125+++ b/bin/tests/system/many/clean.sh
126@@ -0,0 +1,7 @@
127+rm -f ns1/[1-9]*example.tld?.db
128+rm -f ns2/[1-9]*example.tld?.db
129+rm -f ns1/zones.conf
130+rm -f ns2/zones.conf
131+rm -f */root.db
132+rm -f ns3/tld1.db
133+rm -f ns4/tld2.db
134diff --git a/bin/tests/system/many/ns1/named.conf b/bin/tests/system/many/ns1/named.conf
135new file mode 100644
136index 0000000..abc9dca
137--- /dev/null
138+++ b/bin/tests/system/many/ns1/named.conf
139@@ -0,0 +1,33 @@
140+/*
141+ * Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
142+ *
143+ * Permission to use, copy, modify, and/or distribute this software for any
144+ * purpose with or without fee is hereby granted, provided that the above
145+ * copyright notice and this permission notice appear in all copies.
146+ *
147+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
148+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
149+ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
150+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
151+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
152+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
153+ * PERFORMANCE OF THIS SOFTWARE.
154+ */
155+
156+controls { /* empty */ };
157+
158+options {
159+ query-source address 10.53.0.1;
160+ notify-source 10.53.0.1;
161+ transfer-source 10.53.0.1;
162+ port 5300;
163+ pid-file "named.pid";
164+ listen-on { 10.53.0.1; };
165+ listen-on-v6 { none; };
166+ recursion no;
167+};
168+
169+include "zones.conf";
170+
171+// zone "tld1" { type master; file "tld1.db"; };
172+// zone "tld2" { type master; file "tld2.db"; };
173diff --git a/bin/tests/system/many/ns2/named.conf b/bin/tests/system/many/ns2/named.conf
174new file mode 100644
175index 0000000..16266e2
176--- /dev/null
177+++ b/bin/tests/system/many/ns2/named.conf
178@@ -0,0 +1,30 @@
179+/*
180+ * Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
181+ *
182+ * Permission to use, copy, modify, and/or distribute this software for any
183+ * purpose with or without fee is hereby granted, provided that the above
184+ * copyright notice and this permission notice appear in all copies.
185+ *
186+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
187+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
188+ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
189+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
190+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
191+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
192+ * PERFORMANCE OF THIS SOFTWARE.
193+ */
194+
195+controls { /* empty */ };
196+
197+options {
198+ query-source address 10.53.0.2;
199+ notify-source 10.53.0.2;
200+ transfer-source 10.53.0.2;
201+ port 5300;
202+ pid-file "named.pid";
203+ listen-on { 10.53.0.2; };
204+ listen-on-v6 { none; };
205+ recursion no;
206+};
207+
208+include "zones.conf";
209diff --git a/bin/tests/system/many/ns3/named.conf b/bin/tests/system/many/ns3/named.conf
210new file mode 100644
211index 0000000..b950afe
212--- /dev/null
213+++ b/bin/tests/system/many/ns3/named.conf
214@@ -0,0 +1,32 @@
215+/*
216+ * Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
217+ *
218+ * Permission to use, copy, modify, and/or distribute this software for any
219+ * purpose with or without fee is hereby granted, provided that the above
220+ * copyright notice and this permission notice appear in all copies.
221+ *
222+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
223+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
224+ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
225+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
226+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
227+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
228+ * PERFORMANCE OF THIS SOFTWARE.
229+ */
230+
231+controls { /* empty */ };
232+
233+options {
234+ query-source address 10.53.0.3;
235+ notify-source 10.53.0.3;
236+ transfer-source 10.53.0.3;
237+ port 5300;
238+ pid-file "named.pid";
239+ listen-on { 10.53.0.3; };
240+ listen-on-v6 { none; };
241+ recursion no;
242+};
243+
244+zone "." { type master; file "root.db"; };
245+
246+zone "tld1" { type master; file "tld1.db"; };
247diff --git a/bin/tests/system/many/ns4/named.conf b/bin/tests/system/many/ns4/named.conf
248new file mode 100644
249index 0000000..ca9aa6a
250--- /dev/null
251+++ b/bin/tests/system/many/ns4/named.conf
252@@ -0,0 +1,30 @@
253+/*
254+ * Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
255+ *
256+ * Permission to use, copy, modify, and/or distribute this software for any
257+ * purpose with or without fee is hereby granted, provided that the above
258+ * copyright notice and this permission notice appear in all copies.
259+ *
260+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
261+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
262+ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
263+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
264+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
265+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
266+ * PERFORMANCE OF THIS SOFTWARE.
267+ */
268+
269+controls { /* empty */ };
270+
271+options {
272+ query-source address 10.53.0.4;
273+ notify-source 10.53.0.4;
274+ transfer-source 10.53.0.4;
275+ port 5300;
276+ pid-file "named.pid";
277+ listen-on { 10.53.0.4; };
278+ listen-on-v6 { none; };
279+ recursion no;
280+};
281+
282+zone "tld2" { type master; file "tld2.db"; };
283diff --git a/bin/tests/system/many/ns5/hints.db b/bin/tests/system/many/ns5/hints.db
284new file mode 100644
285index 0000000..c05809b
286--- /dev/null
287+++ b/bin/tests/system/many/ns5/hints.db
288@@ -0,0 +1,2 @@
289+. 60 in ns ns.nil.
290+ns.nil. 60 in A 10.53.0.3
291diff --git a/bin/tests/system/many/ns5/named.conf b/bin/tests/system/many/ns5/named.conf
292new file mode 100644
293index 0000000..fce7d59
294--- /dev/null
295+++ b/bin/tests/system/many/ns5/named.conf
296@@ -0,0 +1,29 @@
297+/*
298+ * Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
299+ *
300+ * Permission to use, copy, modify, and/or distribute this software for any
301+ * purpose with or without fee is hereby granted, provided that the above
302+ * copyright notice and this permission notice appear in all copies.
303+ *
304+ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
305+ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
306+ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
307+ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
308+ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
309+ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
310+ * PERFORMANCE OF THIS SOFTWARE.
311+ */
312+
313+controls { /* empty */ };
314+
315+options {
316+ query-source address 10.53.0.5;
317+ notify-source 10.53.0.5;
318+ transfer-source 10.53.0.5;
319+ port 5300;
320+ pid-file "named.pid";
321+ listen-on { 10.53.0.5; };
322+ listen-on-v6 { none; };
323+};
324+
325+zone "." { type hint; file "hints.db"; };
326diff --git a/bin/tests/system/many/setup.sh b/bin/tests/system/many/setup.sh
327new file mode 100644
328index 0000000..80695b5
329--- /dev/null
330+++ b/bin/tests/system/many/setup.sh
331@@ -0,0 +1,75 @@
332+i=1
333+
334+cat > ns3/root.db << EOF
335+. 60 in soa ns.nil. hostmaster.ns.nil. 1 0 0 0 0
336+. 60 in ns ns.nil.
337+ns.nil. 60 in a 10.53.0.3
338+tld1. 60 in ns ns.tld1.
339+ns.tld1. 60 in a 10.53.0.3
340+tld2. 60 in ns ns.tld2.
341+ns.tld2. 60 in a 10.53.0.4
342+EOF
343+
344+cat > ns3/tld1.db << EOF
345+tld1. 60 in soa ns.tld1. hostmaster.ns.tld1. 1 0 0 0 0
346+tld1. 60 in ns ns.tld1.
347+ns.tld1. 60 in a 10.53.0.1
348+EOF
349+
350+cat > ns4/tld2.db << EOF
351+tld2. 60 in soa ns.tld2. hostmaster.ns.tld4. 1 0 0 0 0
352+tld2. 60 in ns ns.tld2.
353+ns.tld2. 60 in a 10.53.0.1
354+EOF
355+
356+: > ns1/zones.conf
357+: > ns2/zones.conf
358+
359+while [ $i -lt 1000 ]
360+do
361+j=`expr $i + 1`
362+s=`expr $j % 2 + 1`
363+n=`expr $i % 2 + 1`
364+t=`expr $s + 2`
365+
366+# i=1 j=2 s=1 n=2
367+# i=2 j=3 s=1 n=2
368+# i=3 j=4 s=1 n=2
369+
370+cat > ns1/${i}example.tld${s}.db << EOF
371+${i}example.tld${s}. 60 in soa ns.${j}example.tld${n}. hostmaster 1 0 0 0 0
372+${i}example.tld${s}. 60 in ns ns.${j}example.tld${n}.
373+ns.${i}example.tld${s}. 60 in a 10.53.0.1
374+EOF
375+
376+cat >> ns1/zones.conf << EOF
377+zone "${i}example.tld${s}" { type master; file "${i}example.tld${s}.db"; };
378+EOF
379+
380+cat >> ns${t}/tld${s}.db << EOF
381+${i}example.tld${s}. 60 in ns ns.${j}example.tld${n}.
382+EOF
383+
384+i=$j
385+
386+done
387+
388+j=`expr $i + 1`
389+s=`expr $j % 2 + 1`
390+n=`expr $s % 2 + 1`
391+t=`expr $s + 2`
392+
393+cat > ns1/${i}example.tld${s}.db << EOF
394+${i}example.tld${s}. 60 in soa ns.${i}example.tld${s}. hostmaster 1 0 0 0 0
395+${i}example.tld${s}. 60 in ns ns.${i}example.tld${s}.
396+ns.${i}example.tld${s}. 60 in a 10.53.0.1
397+EOF
398+
399+cat >> ns1/zones.conf << EOF
400+zone "${i}example.tld${s}" { type master; file "${i}example.tld${s}.db"; };
401+EOF
402+
403+cat >> ns${t}/tld${s}.db << EOF
404+${i}example.tld${s}. 60 in ns ns.${i}example.tld${s}.
405+ns.${i}example.tld${s}. 60 in a 10.53.0.1
406+EOF
407diff --git a/bin/tests/system/many/tests.sh b/bin/tests/system/many/tests.sh
408new file mode 100644
409index 0000000..37964e2
410--- /dev/null
411+++ b/bin/tests/system/many/tests.sh
412@@ -0,0 +1,48 @@
413+#!/bin/sh
414+#
415+# Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC")
416+#
417+# Permission to use, copy, modify, and/or distribute this software for any
418+# purpose with or without fee is hereby granted, provided that the above
419+# copyright notice and this permission notice appear in all copies.
420+#
421+# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
422+# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
423+# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
424+# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
425+# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
426+# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
427+# PERFORMANCE OF THIS SOFTWARE.
428+
429+SYSTEMTESTTOP=..
430+. $SYSTEMTESTTOP/conf.sh
431+
432+status=0
433+n=0
434+
435+n=`expr $n + 1`
436+echo "I: attempt lookup 1example.tld2 soa ($n)"
437+ret=0
438+$DIG +tcp 1example.tld1 soa @10.53.0.5 -p 5300 > dig.out.test$n
439+grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1
440+if [ $ret != 0 ]; then echo "I:failed"; fi
441+status=`expr $status + $ret`
442+
443+n=`expr $n + 1`
444+echo "I: attempt lookup 992example.tld2 soa ($n)"
445+ret=0
446+$DIG +tcp 992example.tld2 soa @10.53.0.5 -p 5300 > dig.out.test$n
447+grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1
448+if [ $ret != 0 ]; then echo "I:failed"; fi
449+status=`expr $status + $ret`
450+
451+n=`expr $n + 1`
452+echo "I: attempt lookup 993example.tld1 soa ($n)"
453+ret=0
454+$DIG +tcp 993example.tld1 soa @10.53.0.5 -p 5300 > dig.out.test$n
455+grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1
456+if [ $ret != 0 ]; then echo "I:failed"; fi
457+status=`expr $status + $ret`
458+
459+echo "I:exit status: $status"
460+exit $status
461diff --git a/doc/arm/Bv9ARM-book.xml b/doc/arm/Bv9ARM-book.xml
462index 9f7bd38..fff4249 100644
463--- a/doc/arm/Bv9ARM-book.xml
464+++ b/doc/arm/Bv9ARM-book.xml
465@@ -4861,6 +4861,7 @@ badresp:1,adberr:0,findfail:0,valfail:0]
466 <optional> max-acache-size <replaceable>size_spec</replaceable> ; </optional>
467 <optional> clients-per-query <replaceable>number</replaceable> ; </optional>
468 <optional> max-clients-per-query <replaceable>number</replaceable> ; </optional>
469+ <optional> max-recursion-depth <replaceable>number</replaceable> ; </optional>
470 <optional> masterfile-format (<constant>text</constant>|<constant>raw</constant>) ; </optional>
471 <optional> empty-server <replaceable>name</replaceable> ; </optional>
472 <optional> empty-contact <replaceable>name</replaceable> ; </optional>
473@@ -8680,6 +8681,17 @@ avoid-v6-udp-ports { 40000; range 50000 60000; };
474 </listitem>
475 </varlistentry>
476
477+ <varlistentry id="max-recursion-depth">
478+ <term><command>max-recursion-depth</command></term>
479+ <listitem>
480+ <para>
481+ Sets the maximum number of levels of recursion
482+ permitted at any one time while resolving a name.
483+ The default is 7.
484+ </para>
485+ </listitem>
486+ </varlistentry>
487+
488 <varlistentry>
489 <term><command>notify-delay</command></term>
490 <listitem>
491diff --git a/lib/dns/adb.c b/lib/dns/adb.c
492index 2ccb51e..fe9b3f7 100644
493--- a/lib/dns/adb.c
494+++ b/lib/dns/adb.c
495@@ -199,6 +199,7 @@ struct dns_adbfetch {
496 unsigned int magic;
497 dns_fetch_t *fetch;
498 dns_rdataset_t rdataset;
499+ unsigned int depth;
500 };
501
502 /*%
503@@ -300,7 +301,7 @@ static inline void violate_locking_hierarchy(isc_mutex_t *, isc_mutex_t *);
504 static isc_boolean_t clean_namehooks(dns_adb_t *, dns_adbnamehooklist_t *);
505 static void clean_target(dns_adb_t *, dns_name_t *);
506 static void clean_finds_at_name(dns_adbname_t *, isc_eventtype_t,
507- unsigned int);
508+ isc_uint32_t, unsigned int);
509 static isc_boolean_t check_expire_namehooks(dns_adbname_t *, isc_stdtime_t);
510 static isc_boolean_t check_expire_entry(dns_adb_t *, dns_adbentry_t **,
511 isc_stdtime_t);
512@@ -308,7 +309,7 @@ static void cancel_fetches_at_name(dns_adbname_t *);
513 static isc_result_t dbfind_name(dns_adbname_t *, isc_stdtime_t,
514 dns_rdatatype_t);
515 static isc_result_t fetch_name(dns_adbname_t *, isc_boolean_t,
516- dns_rdatatype_t);
517+ unsigned int, dns_rdatatype_t);
518 static inline void check_exit(dns_adb_t *);
519 static void destroy(dns_adb_t *);
520 static isc_boolean_t shutdown_names(dns_adb_t *);
521@@ -984,7 +985,7 @@ kill_name(dns_adbname_t **n, isc_eventtype_t ev) {
522 * Clean up the name's various lists. These two are destructive
523 * in that they will always empty the list.
524 */
525- clean_finds_at_name(name, ev, DNS_ADBFIND_ADDRESSMASK);
526+ clean_finds_at_name(name, ev, 0, DNS_ADBFIND_ADDRESSMASK);
527 result4 = clean_namehooks(adb, &name->v4);
528 result6 = clean_namehooks(adb, &name->v6);
529 clean_target(adb, &name->target);
530@@ -1409,7 +1410,7 @@ event_free(isc_event_t *event) {
531 */
532 static void
533 clean_finds_at_name(dns_adbname_t *name, isc_eventtype_t evtype,
534- unsigned int addrs)
535+ isc_uint32_t qtotal, unsigned int addrs)
536 {
537 isc_event_t *ev;
538 isc_task_t *task;
539@@ -1469,6 +1470,7 @@ clean_finds_at_name(dns_adbname_t *name, isc_eventtype_t evtype,
540 ev->ev_sender = find;
541 find->result_v4 = find_err_map[name->fetch_err];
542 find->result_v6 = find_err_map[name->fetch6_err];
543+ find->qtotal += qtotal;
544 ev->ev_type = evtype;
545 ev->ev_destroy = event_free;
546 ev->ev_destroy_arg = find;
547@@ -1827,6 +1829,7 @@ new_adbfind(dns_adb_t *adb) {
548 h->flags = 0;
549 h->result_v4 = ISC_R_UNEXPECTED;
550 h->result_v6 = ISC_R_UNEXPECTED;
551+ h->qtotal = 0;
552 ISC_LINK_INIT(h, publink);
553 ISC_LINK_INIT(h, plink);
554 ISC_LIST_INIT(h->list);
555@@ -2799,6 +2802,19 @@ dns_adb_createfind(dns_adb_t *adb, isc_task_t *task, isc_taskaction_t action,
556 isc_stdtime_t now, dns_name_t *target,
557 in_port_t port, dns_adbfind_t **findp)
558 {
559+ return (dns_adb_createfind2(adb, task, action, arg, name,
560+ qname, qtype, options, now,
561+ target, port, 0, findp));
562+}
563+
564+isc_result_t
565+dns_adb_createfind2(dns_adb_t *adb, isc_task_t *task, isc_taskaction_t action,
566+ void *arg, dns_name_t *name, dns_name_t *qname,
567+ dns_rdatatype_t qtype, unsigned int options,
568+ isc_stdtime_t now, dns_name_t *target,
569+ in_port_t port, unsigned int depth,
570+ dns_adbfind_t **findp)
571+{
572 dns_adbfind_t *find;
573 dns_adbname_t *adbname;
574 int bucket;
575@@ -3029,7 +3045,7 @@ dns_adb_createfind(dns_adb_t *adb, isc_task_t *task, isc_taskaction_t action,
576 * Start V4.
577 */
578 if (WANT_INET(wanted_fetches) &&
579- fetch_name(adbname, start_at_zone,
580+ fetch_name(adbname, start_at_zone, depth,
581 dns_rdatatype_a) == ISC_R_SUCCESS) {
582 DP(DEF_LEVEL,
583 "dns_adb_createfind: started A fetch for name %p",
584@@ -3040,7 +3056,7 @@ dns_adb_createfind(dns_adb_t *adb, isc_task_t *task, isc_taskaction_t action,
585 * Start V6.
586 */
587 if (WANT_INET6(wanted_fetches) &&
588- fetch_name(adbname, start_at_zone,
589+ fetch_name(adbname, start_at_zone, depth,
590 dns_rdatatype_aaaa) == ISC_R_SUCCESS) {
591 DP(DEF_LEVEL,
592 "dns_adb_createfind: "
593@@ -3656,6 +3672,7 @@ fetch_callback(isc_task_t *task, isc_event_t *ev) {
594 isc_result_t result;
595 unsigned int address_type;
596 isc_boolean_t want_check_exit = ISC_FALSE;
597+ isc_uint32_t qtotal = 0;
598
599 UNUSED(task);
600
601@@ -3666,6 +3683,8 @@ fetch_callback(isc_task_t *task, isc_event_t *ev) {
602 adb = name->adb;
603 INSIST(DNS_ADB_VALID(adb));
604
605+ qtotal = dev->qtotal;
606+
607 bucket = name->lock_bucket;
608 LOCK(&adb->namelocks[bucket]);
609
610@@ -3783,6 +3802,12 @@ fetch_callback(isc_task_t *task, isc_event_t *ev) {
611 DP(DEF_LEVEL, "adb: fetch of '%s' %s failed: %s",
612 buf, address_type == DNS_ADBFIND_INET ? "A" : "AAAA",
613 dns_result_totext(dev->result));
614+ /*
615+ * Don't record a failure unless this is the initial
616+ * fetch of a chain.
617+ */
618+ if (fetch->depth > 1)
619+ goto out;
620 /* XXXMLG Don't pound on bad servers. */
621 if (address_type == DNS_ADBFIND_INET) {
622 name->expire_v4 = ISC_MIN(name->expire_v4, now + 300);
623@@ -3814,15 +3839,14 @@ fetch_callback(isc_task_t *task, isc_event_t *ev) {
624 free_adbfetch(adb, &fetch);
625 isc_event_free(&ev);
626
627- clean_finds_at_name(name, ev_status, address_type);
628+ clean_finds_at_name(name, ev_status, qtotal, address_type);
629
630 UNLOCK(&adb->namelocks[bucket]);
631 }
632
633 static isc_result_t
634-fetch_name(dns_adbname_t *adbname,
635- isc_boolean_t start_at_zone,
636- dns_rdatatype_t type)
637+fetch_name(dns_adbname_t *adbname, isc_boolean_t start_at_zone,
638+ unsigned int depth, dns_rdatatype_t type)
639 {
640 isc_result_t result;
641 dns_adbfetch_t *fetch = NULL;
642@@ -3867,12 +3891,14 @@ fetch_name(dns_adbname_t *adbname,
643 result = ISC_R_NOMEMORY;
644 goto cleanup;
645 }
646-
647- result = dns_resolver_createfetch(adb->view->resolver, &adbname->name,
648- type, name, nameservers, NULL,
649- options, adb->task, fetch_callback,
650- adbname, &fetch->rdataset, NULL,
651- &fetch->fetch);
652+ fetch->depth = depth;
653+
654+ result = dns_resolver_createfetch3(adb->view->resolver, &adbname->name,
655+ type, name, nameservers, NULL,
656+ NULL, 0, options, depth, adb->task,
657+ fetch_callback, adbname,
658+ &fetch->rdataset, NULL,
659+ &fetch->fetch);
660 if (result != ISC_R_SUCCESS)
661 goto cleanup;
662
663diff --git a/lib/dns/include/dns/adb.h b/lib/dns/include/dns/adb.h
664index 35350ff..7501f01 100644
665--- a/lib/dns/include/dns/adb.h
666+++ b/lib/dns/include/dns/adb.h
667@@ -118,6 +118,8 @@ struct dns_adbfind {
668 isc_result_t result_v6; /*%< RO: v6 result */
669 ISC_LINK(dns_adbfind_t) publink; /*%< RW: client use */
670
671+ isc_uint32_t qtotal;
672+
673 /* Private */
674 isc_mutex_t lock; /* locks all below */
675 in_port_t port;
676@@ -334,6 +336,12 @@ dns_adb_createfind(dns_adb_t *adb, isc_task_t *task, isc_taskaction_t action,
677 dns_rdatatype_t qtype, unsigned int options,
678 isc_stdtime_t now, dns_name_t *target,
679 in_port_t port, dns_adbfind_t **find);
680+isc_result_t
681+dns_adb_createfind2(dns_adb_t *adb, isc_task_t *task, isc_taskaction_t action,
682+ void *arg, dns_name_t *name, dns_name_t *qname,
683+ dns_rdatatype_t qtype, unsigned int options,
684+ isc_stdtime_t now, dns_name_t *target, in_port_t port,
685+ unsigned int depth, dns_adbfind_t **find);
686 /*%<
687 * Main interface for clients. The adb will look up the name given in
688 * "name" and will build up a list of found addresses, and perhaps start
689diff --git a/lib/dns/include/dns/resolver.h b/lib/dns/include/dns/resolver.h
690index 4e20eb6..c256049 100644
691--- a/lib/dns/include/dns/resolver.h
692+++ b/lib/dns/include/dns/resolver.h
693@@ -82,6 +82,7 @@ typedef struct dns_fetchevent {
694 isc_sockaddr_t * client;
695 dns_messageid_t id;
696 isc_result_t vresult;
697+ isc_uint32_t qtotal;
698 } dns_fetchevent_t;
699
700 /*
701@@ -275,6 +276,18 @@ dns_resolver_createfetch2(dns_resolver_t *res, dns_name_t *name,
702 dns_rdataset_t *rdataset,
703 dns_rdataset_t *sigrdataset,
704 dns_fetch_t **fetchp);
705+isc_result_t
706+dns_resolver_createfetch3(dns_resolver_t *res, dns_name_t *name,
707+ dns_rdatatype_t type,
708+ dns_name_t *domain, dns_rdataset_t *nameservers,
709+ dns_forwarders_t *forwarders,
710+ isc_sockaddr_t *client, isc_uint16_t id,
711+ unsigned int options, unsigned int depth,
712+ isc_task_t *task,
713+ isc_taskaction_t action, void *arg,
714+ dns_rdataset_t *rdataset,
715+ dns_rdataset_t *sigrdataset,
716+ dns_fetch_t **fetchp);
717 /*%<
718 * Recurse to answer a question.
719 *
720@@ -576,6 +589,18 @@ dns_resolver_printbadcache(dns_resolver_t *resolver, FILE *fp);
721 * \li resolver to be valid.
722 */
723
724+void
725+dns_resolver_setmaxdepth(dns_resolver_t *resolver, unsigned int maxdepth);
726+unsigned int
727+dns_resolver_getmaxdepth(dns_resolver_t *resolver);
728+/*%
729+ * Get and set how many NS indirections will be followed when looking for
730+ * nameserver addresses.
731+ *
732+ * Requires:
733+ * \li resolver to be valid.
734+ */
735+
736 ISC_LANG_ENDDECLS
737
738 #endif /* DNS_RESOLVER_H */
739diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
740index e517dad..6a635b2 100644
741--- a/lib/dns/resolver.c
742+++ b/lib/dns/resolver.c
743@@ -131,6 +131,16 @@
744 #define MAXIMUM_QUERY_TIMEOUT 30 /* The maximum time in seconds for the whole query to live. */
745 #endif
746
747+/* The default maximum number of recursions to follow before giving up. */
748+#ifndef DEFAULT_RECURSION_DEPTH
749+#define DEFAULT_RECURSION_DEPTH 7
750+#endif
751+
752+/* The default maximum number of iterative queries to allow before giving up. */
753+#ifndef DEFAULT_MAX_QUERIES
754+#define DEFAULT_MAX_QUERIES 50
755+#endif
756+
757 /*%
758 * Maximum EDNS0 input packet size.
759 */
760@@ -297,6 +307,7 @@ struct fetchctx {
761 isc_uint64_t duration;
762 isc_boolean_t logged;
763 unsigned int querysent;
764+ unsigned int totalqueries;
765 unsigned int referrals;
766 unsigned int lamecount;
767 unsigned int neterr;
768@@ -307,6 +318,7 @@ struct fetchctx {
769 isc_boolean_t timeout;
770 dns_adbaddrinfo_t *addrinfo;
771 isc_sockaddr_t *client;
772+ unsigned int depth;
773 };
774
775 #define FCTX_MAGIC ISC_MAGIC('F', '!', '!', '!')
776@@ -419,6 +431,7 @@ struct dns_resolver {
777 isc_timer_t * spillattimer;
778 isc_boolean_t zero_no_soa_ttl;
779 unsigned int query_timeout;
780+ unsigned int maxdepth;
781
782 /* Locked by lock. */
783 unsigned int references;
784@@ -1097,6 +1110,7 @@ fctx_sendevents(fetchctx_t *fctx, isc_result_t result, int line) {
785 event->result == DNS_R_NCACHENXRRSET);
786 }
787
788+ event->qtotal = fctx->totalqueries;
789 isc_task_sendanddetach(&task, ISC_EVENT_PTR(&event));
790 count++;
791 }
792@@ -1537,7 +1551,9 @@ fctx_query(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo,
793 if (result != ISC_R_SUCCESS)
794 goto cleanup_dispatch;
795 }
796+
797 fctx->querysent++;
798+ fctx->totalqueries++;
799
800 ISC_LIST_APPEND(fctx->queries, query, link);
801 query->fctx->nqueries++;
802@@ -2194,9 +2210,10 @@ fctx_finddone(isc_task_t *task, isc_event_t *event) {
803 */
804 INSIST(!SHUTTINGDOWN(fctx));
805 fctx->attributes &= ~FCTX_ATTR_ADDRWAIT;
806- if (event->ev_type == DNS_EVENT_ADBMOREADDRESSES)
807+ if (event->ev_type == DNS_EVENT_ADBMOREADDRESSES) {
808 want_try = ISC_TRUE;
809- else {
810+ fctx->totalqueries += find->qtotal;
811+ } else {
812 fctx->findfail++;
813 if (fctx->pending == 0) {
814 /*
815@@ -2479,12 +2496,13 @@ findname(fetchctx_t *fctx, dns_name_t *name, in_port_t port,
816 * See what we know about this address.
817 */
818 find = NULL;
819- result = dns_adb_createfind(fctx->adb,
820- res->buckets[fctx->bucketnum].task,
821- fctx_finddone, fctx, name,
822- &fctx->name, fctx->type,
823- options, now, NULL,
824- res->view->dstport, &find);
825+ result = dns_adb_createfind2(fctx->adb,
826+ res->buckets[fctx->bucketnum].task,
827+ fctx_finddone, fctx, name,
828+ &fctx->name, fctx->type,
829+ options, now, NULL,
830+ res->view->dstport,
831+ fctx->depth + 1, &find);
832 if (result != ISC_R_SUCCESS) {
833 if (result == DNS_R_ALIAS) {
834 /*
835@@ -2592,6 +2610,11 @@ fctx_getaddresses(fetchctx_t *fctx, isc_boolean_t badcache) {
836
837 res = fctx->res;
838
839+ if (fctx->depth > res->maxdepth) {
840+ FCTXTRACE("too much NS indirection");
841+ return (DNS_R_SERVFAIL);
842+ }
843+
844 /*
845 * Forwarders.
846 */
847@@ -3030,6 +3053,9 @@ fctx_try(fetchctx_t *fctx, isc_boolean_t retrying, isc_boolean_t badcache) {
848
849 REQUIRE(!ADDRWAIT(fctx));
850
851+ if (fctx->totalqueries > DEFAULT_MAX_QUERIES)
852+ fctx_done(fctx, DNS_R_SERVFAIL, __LINE__);
853+
854 addrinfo = fctx_nextaddress(fctx);
855 if (addrinfo == NULL) {
856 /*
857@@ -3388,6 +3414,7 @@ fctx_start(isc_task_t *task, isc_event_t *event) {
858 * Normal fctx startup.
859 */
860 fctx->state = fetchstate_active;
861+ fctx->totalqueries = 0;
862 /*
863 * Reset the control event for later use in shutting down
864 * the fctx.
865@@ -3457,6 +3484,7 @@ fctx_join(fetchctx_t *fctx, isc_task_t *task, isc_sockaddr_t *client,
866 event->fetch = fetch;
867 event->client = client;
868 event->id = id;
869+ event->qtotal = 0;
870 dns_fixedname_init(&event->foundname);
871
872 /*
873@@ -3493,7 +3521,8 @@ log_ns_ttl(fetchctx_t *fctx, const char *where) {
874 static isc_result_t
875 fctx_create(dns_resolver_t *res, dns_name_t *name, dns_rdatatype_t type,
876 dns_name_t *domain, dns_rdataset_t *nameservers,
877- unsigned int options, unsigned int bucketnum, fetchctx_t **fctxp)
878+ unsigned int options, unsigned int bucketnum, unsigned int depth,
879+ fetchctx_t **fctxp)
880 {
881 fetchctx_t *fctx;
882 isc_result_t result;
883@@ -3545,6 +3574,7 @@ fctx_create(dns_resolver_t *res, dns_name_t *name, dns_rdatatype_t type,
884 fctx->state = fetchstate_init;
885 fctx->want_shutdown = ISC_FALSE;
886 fctx->cloned = ISC_FALSE;
887+ fctx->depth = depth;
888 ISC_LIST_INIT(fctx->queries);
889 ISC_LIST_INIT(fctx->finds);
890 ISC_LIST_INIT(fctx->altfinds);
891@@ -3563,6 +3593,7 @@ fctx_create(dns_resolver_t *res, dns_name_t *name, dns_rdatatype_t type,
892 fctx->pending = 0;
893 fctx->restarts = 0;
894 fctx->querysent = 0;
895+ fctx->totalqueries = 0;
896 fctx->referrals = 0;
897 TIME_NOW(&fctx->start);
898 fctx->timeouts = 0;
899@@ -7781,6 +7812,7 @@ dns_resolver_create(dns_view_t *view,
900 res->spillattimer = NULL;
901 res->zero_no_soa_ttl = ISC_FALSE;
902 res->query_timeout = DEFAULT_QUERY_TIMEOUT;
903+ res->maxdepth = DEFAULT_RECURSION_DEPTH;
904 res->nbuckets = ntasks;
905 res->activebuckets = ntasks;
906 res->buckets = isc_mem_get(view->mctx,
907@@ -8219,9 +8251,9 @@ dns_resolver_createfetch(dns_resolver_t *res, dns_name_t *name,
908 dns_rdataset_t *sigrdataset,
909 dns_fetch_t **fetchp)
910 {
911- return (dns_resolver_createfetch2(res, name, type, domain,
912+ return (dns_resolver_createfetch3(res, name, type, domain,
913 nameservers, forwarders, NULL, 0,
914- options, task, action, arg,
915+ options, 0, task, action, arg,
916 rdataset, sigrdataset, fetchp));
917 }
918
919@@ -8237,6 +8269,25 @@ dns_resolver_createfetch2(dns_resolver_t *res, dns_name_t *name,
920 dns_rdataset_t *sigrdataset,
921 dns_fetch_t **fetchp)
922 {
923+ return (dns_resolver_createfetch3(res, name, type, domain,
924+ nameservers, forwarders, client, id,
925+ options, 0, task, action, arg,
926+ rdataset, sigrdataset, fetchp));
927+}
928+
929+isc_result_t
930+dns_resolver_createfetch3(dns_resolver_t *res, dns_name_t *name,
931+ dns_rdatatype_t type,
932+ dns_name_t *domain, dns_rdataset_t *nameservers,
933+ dns_forwarders_t *forwarders,
934+ isc_sockaddr_t *client, dns_messageid_t id,
935+ unsigned int options, unsigned int depth,
936+ isc_task_t *task,
937+ isc_taskaction_t action, void *arg,
938+ dns_rdataset_t *rdataset,
939+ dns_rdataset_t *sigrdataset,
940+ dns_fetch_t **fetchp)
941+{
942 dns_fetch_t *fetch;
943 fetchctx_t *fctx = NULL;
944 isc_result_t result = ISC_R_SUCCESS;
945@@ -8325,11 +8376,12 @@ dns_resolver_createfetch2(dns_resolver_t *res, dns_name_t *name,
946
947 if (fctx == NULL) {
948 result = fctx_create(res, name, type, domain, nameservers,
949- options, bucketnum, &fctx);
950+ options, bucketnum, depth, &fctx);
951 if (result != ISC_R_SUCCESS)
952 goto unlock;
953 new_fctx = ISC_TRUE;
954- }
955+ } else if (fctx->depth > depth)
956+ fctx->depth = depth;
957
958 result = fctx_join(fctx, task, client, id, action, arg,
959 rdataset, sigrdataset, fetch);
960@@ -9101,3 +9153,15 @@ dns_resolver_settimeout(dns_resolver_t *resolver, unsigned int seconds) {
961
962 resolver->query_timeout = seconds;
963 }
964+
965+void
966+dns_resolver_setmaxdepth(dns_resolver_t *resolver, unsigned int maxdepth) {
967+ REQUIRE(VALID_RESOLVER(resolver));
968+ resolver->maxdepth = maxdepth;
969+}
970+
971+unsigned int
972+dns_resolver_getmaxdepth(dns_resolver_t *resolver) {
973+ REQUIRE(VALID_RESOLVER(resolver));
974+ return (resolver->maxdepth);
975+}
976diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c
977index bfd4bab..5f8b037 100644
978--- a/lib/isccfg/namedconf.c
979+++ b/lib/isccfg/namedconf.c
980@@ -1393,6 +1393,7 @@ view_clauses[] = {
981 { "max-cache-ttl", &cfg_type_uint32, 0 },
982 { "max-clients-per-query", &cfg_type_uint32, 0 },
983 { "max-ncache-ttl", &cfg_type_uint32, 0 },
984+ { "max-recursion-depth", &cfg_type_uint32, 0 },
985 { "max-udp-size", &cfg_type_uint32, 0 },
986 { "min-roots", &cfg_type_uint32, CFG_CLAUSEFLAG_NOTIMP },
987 { "minimal-responses", &cfg_type_boolean, 0 },
988--
9891.9.1
990
diff --git a/meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2015-5477.patch b/meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2015-5477.patch
new file mode 100644
index 0000000..896272a
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2015-5477.patch
@@ -0,0 +1,45 @@
1From dbb064aa7972ef918d9a235b713108a4846cbb62 Mon Sep 17 00:00:00 2001
2From: Mark Andrews <marka@isc.org>
3Date: Tue, 14 Jul 2015 14:48:42 +1000
4Subject: [PATCH] 4165. [bug] An failure to reset a value to NULL
5 in tkey.c could result in an assertion failure.
6 (CVE-2015-5477) [RT #40046]
7
8Upstream-Status: Backport
9[CHANGES file has been edited manually to add CVE-2015-5477 and
10an already applied CVE (CVE-2014-8500)].
11
12Referenc: https://kb.isc.org/article/AA-01272
13
14Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
15
16diff -ruN a/CHANGES b/CHANGES
17--- a/CHANGES 2014-01-27 19:58:24.000000000 +0100
18+++ b/CHANGES 2015-07-30 11:03:18.871670769 +0200
19@@ -1,4 +1,15 @@
20 --- 9.9.5 released ---
21+4165. [security] An failure to reset a value to NULL in tkey.c could
22+ result in an assertion failure. (CVE-2015-5477)
23+ [RT #40046]
24+
25+4006. [security] A flaw in delegation handling could be exploited
26+ to put named into an infinite loop. This has
27+ been addressed by placing limits on the number
28+ of levels of recursion named will allow (default 7),
29+ and the number of iterative queries that it will
30+ send (default 50) before terminating a recursive
31+ query (CVE-2014-8500).
32
33 --- 9.9.5rc2 released ---
34
35diff -ruN a/lib/dns/tkey.c b/lib/dns/tkey.c
36--- a/lib/dns/tkey.c 2014-01-27 19:58:24.000000000 +0100
37+++ b/lib/dns/tkey.c 2015-07-30 10:58:30.647945942 +0200
38@@ -650,6 +650,7 @@
39 * Try the answer section, since that's where Win2000
40 * puts it.
41 */
42+ name = NULL;
43 if (dns_message_findname(msg, DNS_SECTION_ANSWER, qname,
44 dns_rdatatype_tkey, 0, &name,
45 &tkeyset) != ISC_R_SUCCESS) {
diff --git a/meta/recipes-connectivity/bind/bind/conf.patch b/meta/recipes-connectivity/bind/bind/conf.patch
new file mode 100644
index 0000000..432c874
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/conf.patch
@@ -0,0 +1,314 @@
1Upstream-Status: Inappropriate [configuration]
2
3the patch is imported from openembedded project
4
511/30/2010 - Qing He <qing.he@intel.com>
6
7diff -urN bind-9.3.1.orig/conf/db.0 bind-9.3.1/conf/db.0
8--- bind-9.3.1.orig/conf/db.0 1970-01-01 01:00:00.000000000 +0100
9+++ bind-9.3.1/conf/db.0 2005-07-10 22:14:00.000000000 +0200
10@@ -0,0 +1,12 @@
11+;
12+; BIND reverse data file for broadcast zone
13+;
14+$TTL 604800
15+@ IN SOA localhost. root.localhost. (
16+ 1 ; Serial
17+ 604800 ; Refresh
18+ 86400 ; Retry
19+ 2419200 ; Expire
20+ 604800 ) ; Negative Cache TTL
21+;
22+@ IN NS localhost.
23diff -urN bind-9.3.1.orig/conf/db.127 bind-9.3.1/conf/db.127
24--- bind-9.3.1.orig/conf/db.127 1970-01-01 01:00:00.000000000 +0100
25+++ bind-9.3.1/conf/db.127 2005-07-10 22:14:00.000000000 +0200
26@@ -0,0 +1,13 @@
27+;
28+; BIND reverse data file for local loopback interface
29+;
30+$TTL 604800
31+@ IN SOA localhost. root.localhost. (
32+ 1 ; Serial
33+ 604800 ; Refresh
34+ 86400 ; Retry
35+ 2419200 ; Expire
36+ 604800 ) ; Negative Cache TTL
37+;
38+@ IN NS localhost.
39+1.0.0 IN PTR localhost.
40diff -urN bind-9.3.1.orig/conf/db.empty bind-9.3.1/conf/db.empty
41--- bind-9.3.1.orig/conf/db.empty 1970-01-01 01:00:00.000000000 +0100
42+++ bind-9.3.1/conf/db.empty 2005-07-10 22:14:00.000000000 +0200
43@@ -0,0 +1,14 @@
44+; BIND reverse data file for empty rfc1918 zone
45+;
46+; DO NOT EDIT THIS FILE - it is used for multiple zones.
47+; Instead, copy it, edit named.conf, and use that copy.
48+;
49+$TTL 86400
50+@ IN SOA localhost. root.localhost. (
51+ 1 ; Serial
52+ 604800 ; Refresh
53+ 86400 ; Retry
54+ 2419200 ; Expire
55+ 86400 ) ; Negative Cache TTL
56+;
57+@ IN NS localhost.
58diff -urN bind-9.3.1.orig/conf/db.local bind-9.3.1/conf/db.local
59--- bind-9.3.1.orig/conf/db.local 1970-01-01 01:00:00.000000000 +0100
60+++ bind-9.3.1/conf/db.local 2005-07-10 22:14:00.000000000 +0200
61@@ -0,0 +1,13 @@
62+;
63+; BIND data file for local loopback interface
64+;
65+$TTL 604800
66+@ IN SOA localhost. root.localhost. (
67+ 1 ; Serial
68+ 604800 ; Refresh
69+ 86400 ; Retry
70+ 2419200 ; Expire
71+ 604800 ) ; Negative Cache TTL
72+;
73+@ IN NS localhost.
74+@ IN A 127.0.0.1
75diff -urN bind-9.3.1.orig/conf/db.root bind-9.3.1/conf/db.root
76--- bind-9.3.1.orig/conf/db.root 1970-01-01 01:00:00.000000000 +0100
77+++ bind-9.3.1/conf/db.root 2005-07-10 22:14:00.000000000 +0200
78@@ -0,0 +1,45 @@
79+
80+; <<>> DiG 9.2.3 <<>> ns . @a.root-servers.net.
81+;; global options: printcmd
82+;; Got answer:
83+;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18944
84+;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13
85+
86+;; QUESTION SECTION:
87+;. IN NS
88+
89+;; ANSWER SECTION:
90+. 518400 IN NS A.ROOT-SERVERS.NET.
91+. 518400 IN NS B.ROOT-SERVERS.NET.
92+. 518400 IN NS C.ROOT-SERVERS.NET.
93+. 518400 IN NS D.ROOT-SERVERS.NET.
94+. 518400 IN NS E.ROOT-SERVERS.NET.
95+. 518400 IN NS F.ROOT-SERVERS.NET.
96+. 518400 IN NS G.ROOT-SERVERS.NET.
97+. 518400 IN NS H.ROOT-SERVERS.NET.
98+. 518400 IN NS I.ROOT-SERVERS.NET.
99+. 518400 IN NS J.ROOT-SERVERS.NET.
100+. 518400 IN NS K.ROOT-SERVERS.NET.
101+. 518400 IN NS L.ROOT-SERVERS.NET.
102+. 518400 IN NS M.ROOT-SERVERS.NET.
103+
104+;; ADDITIONAL SECTION:
105+A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
106+B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201
107+C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12
108+D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90
109+E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10
110+F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241
111+G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4
112+H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
113+I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17
114+J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30
115+K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129
116+L.ROOT-SERVERS.NET. 3600000 IN A 198.32.64.12
117+M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33
118+
119+;; Query time: 81 msec
120+;; SERVER: 198.41.0.4#53(a.root-servers.net.)
121+;; WHEN: Sun Feb 1 11:27:14 2004
122+;; MSG SIZE rcvd: 436
123+
124diff -urN bind-9.3.1.orig/conf/named.conf bind-9.3.1/conf/named.conf
125--- bind-9.3.1.orig/conf/named.conf 1970-01-01 01:00:00.000000000 +0100
126+++ bind-9.3.1/conf/named.conf 2005-07-10 22:33:46.000000000 +0200
127@@ -0,0 +1,49 @@
128+// This is the primary configuration file for the BIND DNS server named.
129+//
130+// If you are just adding zones, please do that in /etc/bind/named.conf.local
131+
132+include "/etc/bind/named.conf.options";
133+
134+// prime the server with knowledge of the root servers
135+zone "." {
136+ type hint;
137+ file "/etc/bind/db.root";
138+};
139+
140+// be authoritative for the localhost forward and reverse zones, and for
141+// broadcast zones as per RFC 1912
142+
143+zone "localhost" {
144+ type master;
145+ file "/etc/bind/db.local";
146+};
147+
148+zone "127.in-addr.arpa" {
149+ type master;
150+ file "/etc/bind/db.127";
151+};
152+
153+zone "0.in-addr.arpa" {
154+ type master;
155+ file "/etc/bind/db.0";
156+};
157+
158+zone "255.in-addr.arpa" {
159+ type master;
160+ file "/etc/bind/db.255";
161+};
162+
163+// zone "com" { type delegation-only; };
164+// zone "net" { type delegation-only; };
165+
166+// From the release notes:
167+// Because many of our users are uncomfortable receiving undelegated answers
168+// from root or top level domains, other than a few for whom that behaviour
169+// has been trusted and expected for quite some length of time, we have now
170+// introduced the "root-delegations-only" feature which applies delegation-only
171+// logic to all top level domains, and to the root domain. An exception list
172+// should be specified, including "MUSEUM" and "DE", and any other top level
173+// domains from whom undelegated responses are expected and trusted.
174+// root-delegation-only exclude { "DE"; "MUSEUM"; };
175+
176+include "/etc/bind/named.conf.local";
177diff -urN bind-9.3.1.orig/conf/named.conf.local bind-9.3.1/conf/named.conf.local
178--- bind-9.3.1.orig/conf/named.conf.local 1970-01-01 01:00:00.000000000 +0100
179+++ bind-9.3.1/conf/named.conf.local 2005-07-10 22:14:06.000000000 +0200
180@@ -0,0 +1,8 @@
181+//
182+// Do any local configuration here
183+//
184+
185+// Consider adding the 1918 zones here, if they are not used in your
186+// organization
187+//include "/etc/bind/zones.rfc1918";
188+
189diff -urN bind-9.3.1.orig/conf/named.conf.options bind-9.3.1/conf/named.conf.options
190--- bind-9.3.1.orig/conf/named.conf.options 1970-01-01 01:00:00.000000000 +0100
191+++ bind-9.3.1/conf/named.conf.options 2005-07-10 22:14:06.000000000 +0200
192@@ -0,0 +1,24 @@
193+options {
194+ directory "/var/cache/bind";
195+
196+ // If there is a firewall between you and nameservers you want
197+ // to talk to, you might need to uncomment the query-source
198+ // directive below. Previous versions of BIND always asked
199+ // questions using port 53, but BIND 8.1 and later use an unprivileged
200+ // port by default.
201+
202+ // query-source address * port 53;
203+
204+ // If your ISP provided one or more IP addresses for stable
205+ // nameservers, you probably want to use them as forwarders.
206+ // Uncomment the following block, and insert the addresses replacing
207+ // the all-0's placeholder.
208+
209+ // forwarders {
210+ // 0.0.0.0;
211+ // };
212+
213+ auth-nxdomain no; # conform to RFC1035
214+
215+};
216+
217diff -urN bind-9.3.1.orig/conf/zones.rfc1918 bind-9.3.1/conf/zones.rfc1918
218--- bind-9.3.1.orig/conf/zones.rfc1918 1970-01-01 01:00:00.000000000 +0100
219+++ bind-9.3.1/conf/zones.rfc1918 2005-07-10 22:14:10.000000000 +0200
220@@ -0,0 +1,20 @@
221+zone "10.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
222+
223+zone "16.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
224+zone "17.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
225+zone "18.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
226+zone "19.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
227+zone "20.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
228+zone "21.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
229+zone "22.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
230+zone "23.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
231+zone "24.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
232+zone "25.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
233+zone "26.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
234+zone "27.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
235+zone "28.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
236+zone "29.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
237+zone "30.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
238+zone "31.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
239+
240+zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
241diff -urN bind-9.3.1.orig/init.d bind-9.3.1/init.d
242--- bind-9.3.1.orig/init.d 1970-01-01 01:00:00.000000000 +0100
243+++ bind-9.3.1/init.d 2005-07-10 23:09:58.000000000 +0200
244@@ -0,0 +1,70 @@
245+#!/bin/sh
246+
247+PATH=/sbin:/bin:/usr/sbin:/usr/bin
248+
249+# for a chrooted server: "-u bind -t /var/lib/named"
250+# Don't modify this line, change or create /etc/default/bind9.
251+OPTIONS=""
252+
253+test -f /etc/default/bind9 && . /etc/default/bind9
254+
255+test -x /usr/sbin/rndc || exit 0
256+
257+case "$1" in
258+ start)
259+ echo -n "Starting domain name service: named"
260+
261+ modprobe capability >/dev/null 2>&1 || true
262+ if [ ! -f /etc/bind/rndc.key ]; then
263+ /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom
264+ chmod 0640 /etc/bind/rndc.key
265+ fi
266+ if [ -f /var/run/named/named.pid ]; then
267+ ps `cat /var/run/named/named.pid` > /dev/null && exit 1
268+ fi
269+
270+ # dirs under /var/run can go away on reboots.
271+ mkdir -p /var/run/named
272+ mkdir -p /var/cache/bind
273+ chmod 775 /var/run/named
274+ chown root:bind /var/run/named >/dev/null 2>&1 || true
275+
276+ if [ ! -x /usr/sbin/named ]; then
277+ echo "named binary missing - not starting"
278+ exit 1
279+ fi
280+ if start-stop-daemon --start --quiet --exec /usr/sbin/named \
281+ --pidfile /var/run/named/named.pid -- $OPTIONS; then
282+ if [ -x /sbin/resolvconf ] ; then
283+ echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo
284+ fi
285+ fi
286+ echo "."
287+ ;;
288+
289+ stop)
290+ echo -n "Stopping domain name service: named"
291+ if [ -x /sbin/resolvconf ]; then
292+ /sbin/resolvconf -d lo
293+ fi
294+ /usr/sbin/rndc stop >/dev/null 2>&1
295+ echo "."
296+ ;;
297+
298+ reload)
299+ /usr/sbin/rndc reload
300+ ;;
301+
302+ restart|force-reload)
303+ $0 stop
304+ sleep 2
305+ $0 start
306+ ;;
307+
308+ *)
309+ echo "Usage: /etc/init.d/bind {start|stop|reload|restart|force-reload}" >&2
310+ exit 1
311+ ;;
312+esac
313+
314+exit 0
diff --git a/meta/recipes-connectivity/bind/bind/cross-build-fix.patch b/meta/recipes-connectivity/bind/bind/cross-build-fix.patch
new file mode 100644
index 0000000..4c37b6b
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/cross-build-fix.patch
@@ -0,0 +1,21 @@
1Upstream-Status: Inappropriate [configuration]
2
311/30/2010
4gen.c should be build by ${BUILD_CC}
5
6Signed-off-by: Qing He <qing.he@intel.com>
7
8diff --git a/lib/export/dns/Makefile.in b/lib/export/dns/Makefile.in
9index aeadf57..d3fae74 100644
10--- a/lib/export/dns/Makefile.in
11+++ b/lib/export/dns/Makefile.in
12@@ -166,7 +166,8 @@ code.h: gen
13 ./gen -s ${srcdir} > code.h
14
15 gen: ${srcdir}/gen.c
16- ${CC} ${ALL_CFLAGS} ${LDFLAGS} -o $@ ${srcdir}/gen.c ${LIBS}
17+ ${BUILD_CC} ${BUILD_CFLAGS} -I${top_srcdir}/lib/isc/include \
18+ ${BUILD_CPPFLAGS} ${BUILD_LDFLAGS} -o $@ ${srcdir}/gen.c ${BUILD_LIBS}
19
20 #We don't need rbtdb64 for this library
21 #rbtdb64.@O@: rbtdb.c
diff --git a/meta/recipes-connectivity/bind/bind/dont-test-on-host.patch b/meta/recipes-connectivity/bind/bind/dont-test-on-host.patch
new file mode 100644
index 0000000..288e58b
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/dont-test-on-host.patch
@@ -0,0 +1,17 @@
1Upstream-Status: Pending
2
3Signed-off-by Saul Wold <sgw@linux.intel.com>
4
5Index: bind-9.9.5/bin/Makefile.in
6===================================================================
7--- bind-9.9.5.orig/bin/Makefile.in
8+++ bind-9.9.5/bin/Makefile.in
9@@ -19,7 +19,7 @@ srcdir = @srcdir@
10 VPATH = @srcdir@
11 top_srcdir = @top_srcdir@
12
13-SUBDIRS = named rndc dig dnssec tools tests nsupdate \
14+SUBDIRS = named rndc dig dnssec tools nsupdate \
15 check confgen @PYTHON_TOOLS@ @PKCS11_TOOLS@
16 TARGETS =
17
diff --git a/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh b/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh
new file mode 100644
index 0000000..db20127
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh
@@ -0,0 +1,7 @@
1#!/bin/sh
2
3if [ ! -s /etc/bind/rndc.key ]; then
4 echo -n "Generating /etc/bind/rndc.key:"
5 /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom
6 chmod 0640 /etc/bind/rndc.key
7fi
diff --git a/meta/recipes-connectivity/bind/bind/init.d-add-support-for-read-only-rootfs.patch b/meta/recipes-connectivity/bind/bind/init.d-add-support-for-read-only-rootfs.patch
new file mode 100644
index 0000000..11db95e
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/init.d-add-support-for-read-only-rootfs.patch
@@ -0,0 +1,65 @@
1Subject: init.d: add support for read-only rootfs
2
3Upstream-Status: Inappropriate [oe specific]
4
5Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
6---
7 init.d | 40 ++++++++++++++++++++++++++++++++++++++++
8 1 file changed, 40 insertions(+)
9
10diff --git a/init.d b/init.d
11index 0111ed4..24677c8 100644
12--- a/init.d
13+++ b/init.d
14@@ -6,8 +6,48 @@ PATH=/sbin:/bin:/usr/sbin:/usr/bin
15 # Don't modify this line, change or create /etc/default/bind9.
16 OPTIONS=""
17
18+test -f /etc/default/rcS && . /etc/default/rcS
19 test -f /etc/default/bind9 && . /etc/default/bind9
20
21+# This function is here because it's possible that /var and / are on different partitions.
22+is_on_read_only_partition () {
23+ DIRECTORY=$1
24+ dir=`readlink -f $DIRECTORY`
25+ while true; do
26+ if [ ! -d "$dir" ]; then
27+ echo "ERROR: $dir is not a directory"
28+ exit 1
29+ else
30+ for flag in `awk -v dir=$dir '{ if ($2 == dir) { print "FOUND"; split($4,FLAGS,",") } }; \
31+ END { for (f in FLAGS) print FLAGS[f] }' < /proc/mounts`; do
32+ [ "$flag" = "FOUND" ] && partition="read-write"
33+ [ "$flag" = "ro" ] && { partition="read-only"; break; }
34+ done
35+ if [ "$dir" = "/" -o -n "$partition" ]; then
36+ break
37+ else
38+ dir=`dirname $dir`
39+ fi
40+ fi
41+ done
42+ [ "$partition" = "read-only" ] && echo "yes" || echo "no"
43+}
44+
45+bind_mount () {
46+ olddir=$1
47+ newdir=$2
48+ mkdir -p $olddir
49+ cp -a $newdir/* $olddir
50+ mount --bind $olddir $newdir
51+}
52+
53+# Deal with read-only rootfs
54+if [ "$ROOTFS_READ_ONLY" = "yes" ]; then
55+ [ "$VERBOSE" != "no" ] && echo "WARN: start bind service in read-only rootfs"
56+ [ `is_on_read_only_partition /etc/bind` = "yes" ] && bind_mount /var/volatile/bind/etc /etc/bind
57+ [ `is_on_read_only_partition /var/named` = "yes" ] && bind_mount /var/volatile/bind/named /var/named
58+fi
59+
60 test -x /usr/sbin/rndc || exit 0
61
62 case "$1" in
63--
641.7.9.5
65
diff --git a/meta/recipes-connectivity/bind/bind/make-etc-initd-bind-stop-work.patch b/meta/recipes-connectivity/bind/bind/make-etc-initd-bind-stop-work.patch
new file mode 100644
index 0000000..146f3e3
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/make-etc-initd-bind-stop-work.patch
@@ -0,0 +1,42 @@
1bind: make "/etc/init.d/bind stop" work
2
3Upstream-Status: Inappropriate [configuration]
4
5Add some configurations, make rndc command be able to controls
6the named daemon.
7
8Signed-off-by: Roy Li <rongqing.li@windriver.com>
9---
10 conf/named.conf | 5 +++++
11 conf/rndc.conf | 5 +++++
12 2 files changed, 10 insertions(+), 0 deletions(-)
13 create mode 100644 conf/rndc.conf
14
15diff --git a/conf/named.conf b/conf/named.conf
16index 95829cf..c8899e7 100644
17--- a/conf/named.conf
18+++ b/conf/named.conf
19@@ -47,3 +47,8 @@ zone "255.in-addr.arpa" {
20 // root-delegation-only exclude { "DE"; "MUSEUM"; };
21
22 include "/etc/bind/named.conf.local";
23+include "/etc/bind/rndc.key" ;
24+controls {
25+ inet 127.0.0.1 allow { localhost; }
26+ keys { rndc-key; };
27+};
28diff --git a/conf/rndc.conf b/conf/rndc.conf
29new file mode 100644
30index 0000000..a0b481d
31--- /dev/null
32+++ b/conf/rndc.conf
33@@ -0,0 +1,5 @@
34+include "/etc/bind/rndc.key";
35+options {
36+ default-server localhost;
37+ default-key rndc-key;
38+};
39
40--
411.7.5.4
42
diff --git a/meta/recipes-connectivity/bind/bind/mips1-not-support-opcode.diff b/meta/recipes-connectivity/bind/bind/mips1-not-support-opcode.diff
new file mode 100644
index 0000000..2930796
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/mips1-not-support-opcode.diff
@@ -0,0 +1,104 @@
1bind: port a patch to fix a build failure
2
3mips1 does not support ll and sc instructions, and lead to below error, now
4we port a patch from debian to fix it
5[http://security.debian.org/debian-security/pool/updates/main/b/bind9/bind9_9.8.4.dfsg.P1-6+nmu2+deb7u1.diff.gz]
6
7| {standard input}: Assembler messages:
8| {standard input}:47: Error: Opcode not supported on this processor: mips1 (mips1) `ll $3,0($6)'
9| {standard input}:50: Error: Opcode not supported on this processor: mips1 (mips1) `sc $3,0($6)'
10
11Upstream-Status: Pending
12
13Signed-off-by: Roy Li <rongqing.li@windriver.com>
14
15--- bind9-9.8.4.dfsg.P1.orig/lib/isc/mips/include/isc/atomic.h
16+++ bind9-9.8.4.dfsg.P1/lib/isc/mips/include/isc/atomic.h
17@@ -31,18 +31,20 @@
18 isc_atomic_xadd(isc_int32_t *p, int val) {
19 isc_int32_t orig;
20
21- /* add is a cheat, since MIPS has no mov instruction */
22- __asm__ volatile (
23- "1:"
24- "ll $3, %1\n"
25- "add %0, $0, $3\n"
26- "add $3, $3, %2\n"
27- "sc $3, %1\n"
28- "beq $3, 0, 1b"
29- : "=&r"(orig)
30- : "m"(*p), "r"(val)
31- : "memory", "$3"
32- );
33+ __asm__ __volatile__ (
34+ " .set push \n"
35+ " .set mips2 \n"
36+ " .set noreorder \n"
37+ " .set noat \n"
38+ "1: ll $1, %1 \n"
39+ " addu %0, $1, %2 \n"
40+ " sc %0, %1 \n"
41+ " beqz %0, 1b \n"
42+ " move %0, $1 \n"
43+ " .set pop \n"
44+ : "=&r" (orig), "+R" (*p)
45+ : "r" (val)
46+ : "memory");
47
48 return (orig);
49 }
50@@ -52,16 +54,7 @@
51 */
52 static inline void
53 isc_atomic_store(isc_int32_t *p, isc_int32_t val) {
54- __asm__ volatile (
55- "1:"
56- "ll $3, %0\n"
57- "add $3, $0, %1\n"
58- "sc $3, %0\n"
59- "beq $3, 0, 1b"
60- :
61- : "m"(*p), "r"(val)
62- : "memory", "$3"
63- );
64+ *p = val;
65 }
66
67 /*
68@@ -72,20 +65,23 @@
69 static inline isc_int32_t
70 isc_atomic_cmpxchg(isc_int32_t *p, int cmpval, int val) {
71 isc_int32_t orig;
72+ isc_int32_t tmp;
73
74- __asm__ volatile(
75- "1:"
76- "ll $3, %1\n"
77- "add %0, $0, $3\n"
78- "bne $3, %2, 2f\n"
79- "add $3, $0, %3\n"
80- "sc $3, %1\n"
81- "beq $3, 0, 1b\n"
82- "2:"
83- : "=&r"(orig)
84- : "m"(*p), "r"(cmpval), "r"(val)
85- : "memory", "$3"
86- );
87+ __asm__ __volatile__ (
88+ " .set push \n"
89+ " .set mips2 \n"
90+ " .set noreorder \n"
91+ " .set noat \n"
92+ "1: ll $1, %1 \n"
93+ " bne $1, %3, 2f \n"
94+ " move %2, %4 \n"
95+ " sc %2, %1 \n"
96+ " beqz %2, 1b \n"
97+ "2: move %0, $1 \n"
98+ " .set pop \n"
99+ : "=&r"(orig), "+R" (*p), "=r" (tmp)
100+ : "r"(cmpval), "r"(val)
101+ : "memory");
102
103 return (orig);
104 }
diff --git a/meta/recipes-connectivity/bind/bind/named.service b/meta/recipes-connectivity/bind/bind/named.service
new file mode 100644
index 0000000..cda56ef
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind/named.service
@@ -0,0 +1,22 @@
1[Unit]
2Description=Berkeley Internet Name Domain (DNS)
3Wants=nss-lookup.target
4Before=nss-lookup.target
5After=network.target
6
7[Service]
8Type=forking
9EnvironmentFile=-/etc/default/bind9
10PIDFile=/run/named/named.pid
11
12ExecStartPre=@SBINDIR@/generate-rndc-key.sh
13ExecStart=@SBINDIR@/named $OPTIONS
14
15ExecReload=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc reload > /dev/null 2>&1 || @BASE_BINDIR@/kill -HUP $MAINPID'
16
17ExecStop=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc stop > /dev/null 2>&1 || @BASE_BINDIR@/kill -TERM $MAINPID'
18
19PrivateTmp=true
20
21[Install]
22WantedBy=multi-user.target
diff --git a/meta/recipes-connectivity/bind/bind_9.9.5.bb b/meta/recipes-connectivity/bind/bind_9.9.5.bb
new file mode 100644
index 0000000..e206cc4
--- /dev/null
+++ b/meta/recipes-connectivity/bind/bind_9.9.5.bb
@@ -0,0 +1,99 @@
1SUMMARY = "ISC Internet Domain Name Server"
2HOMEPAGE = "http://www.isc.org/sw/bind/"
3SECTION = "console/network"
4
5LICENSE = "ISC & BSD"
6LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=a3df5f651469919a0e6cb42f84fb6ff1"
7
8DEPENDS = "openssl libcap"
9
10SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
11 file://conf.patch \
12 file://cross-build-fix.patch \
13 file://make-etc-initd-bind-stop-work.patch \
14 file://mips1-not-support-opcode.diff \
15 file://dont-test-on-host.patch \
16 file://generate-rndc-key.sh \
17 file://named.service \
18 file://bind9 \
19 file://init.d-add-support-for-read-only-rootfs.patch \
20 file://bind9_9_5-CVE-2014-8500.patch \
21 file://bind9_9_5-CVE-2015-5477.patch \
22 "
23
24SRC_URI[md5sum] = "e676c65cad5234617ee22f48e328c24e"
25SRC_URI[sha256sum] = "d4b64c1dde442145a316679acff2df4008aa117ae52dfa3a6bc69efecc7840d1"
26
27# --enable-exportlib is necessary for building dhcp
28ENABLE_IPV6 = "--enable-ipv6=${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'yes', 'no', d)}"
29EXTRA_OECONF = " ${ENABLE_IPV6} --with-randomdev=/dev/random --disable-threads \
30 --disable-devpoll --disable-epoll --with-gost=no \
31 --with-gssapi=no --with-ecdsa=yes \
32 --sysconfdir=${sysconfdir}/bind \
33 --with-openssl=${STAGING_LIBDIR}/.. --with-libxml2=${STAGING_LIBDIR}/.. \
34 --enable-exportlib --with-export-includedir=${includedir} --with-export-libdir=${libdir} \
35 "
36inherit autotools-brokensep update-rc.d systemd useradd
37
38USERADD_PACKAGES = "${PN}"
39USERADD_PARAM_${PN} = "--system --home /var/cache/bind --no-create-home \
40 --user-group bind"
41
42INITSCRIPT_NAME = "bind"
43INITSCRIPT_PARAMS = "defaults"
44
45SYSTEMD_SERVICE_${PN} = "named.service"
46
47PARALLEL_MAKE = ""
48
49RDEPENDS_${PN} = "python-core"
50
51PACKAGE_BEFORE_PN += "${PN}-utils"
52FILES_${PN}-utils = "${bindir}/host ${bindir}/dig"
53FILES_${PN}-dev += "${bindir}/isc-config.h"
54FILES_${PN} += "${sbindir}/generate-rndc-key.sh"
55
56do_install_prepend() {
57 # clean host path in isc-config.sh before the hardlink created
58 # by "make install":
59 # bind9-config -> isc-config.sh
60 sed -i -e "s,${STAGING_LIBDIR},${libdir}," ${S}/isc-config.sh
61}
62
63do_install_append() {
64 rm "${D}${bindir}/nslookup"
65 rm "${D}${mandir}/man1/nslookup.1"
66 rmdir "${D}${localstatedir}/run"
67 rmdir --ignore-fail-on-non-empty "${D}${localstatedir}"
68 install -d "${D}${localstatedir}/cache/bind"
69 install -d "${D}${sysconfdir}/bind"
70 install -d "${D}${sysconfdir}/init.d"
71 install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/"
72 install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind"
73 sed -i -e '1s,#!.*python,#! /usr/bin/env python,' ${D}${sbindir}/dnssec-coverage ${D}${sbindir}/dnssec-checkds
74
75 # Install systemd related files
76 install -d ${D}${localstatedir}/cache/bind
77 install -d ${D}${sbindir}
78 install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir}
79 install -d ${D}${systemd_unitdir}/system
80 install -m 0644 ${WORKDIR}/named.service ${D}${systemd_unitdir}/system
81 sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \
82 -e 's,@SBINDIR@,${sbindir},g' \
83 ${D}${systemd_unitdir}/system/named.service
84
85 install -d ${D}${sysconfdir}/default
86 install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default
87}
88
89CONFFILES_${PN} = " \
90 ${sysconfdir}/bind/named.conf \
91 ${sysconfdir}/bind/named.conf.local \
92 ${sysconfdir}/bind/named.conf.options \
93 ${sysconfdir}/bind/db.0 \
94 ${sysconfdir}/bind/db.127 \
95 ${sysconfdir}/bind/db.empty \
96 ${sysconfdir}/bind/db.local \
97 ${sysconfdir}/bind/db.root \
98 "
99
diff --git a/meta/recipes-connectivity/bluez/bluez-hcidump-2.5/obsolete_automake_macros.patch b/meta/recipes-connectivity/bluez/bluez-hcidump-2.5/obsolete_automake_macros.patch
new file mode 100644
index 0000000..0c77f1a
--- /dev/null
+++ b/meta/recipes-connectivity/bluez/bluez-hcidump-2.5/obsolete_automake_macros.patch
@@ -0,0 +1,14 @@
1Upstream-Status: Pending [package obsolete/not maintained by upstream]
2
3Signed-off-by: Marko Lindqvist <cazfi74@gmail.com>
4diff -Nurd bluez-hcidump-2.5/configure.ac bluez-hcidump-2.5/configure.ac
5--- bluez-hcidump-2.5/configure.ac 2012-11-30 10:29:41.000000000 +0200
6+++ bluez-hcidump-2.5/configure.ac 2013-01-12 10:02:10.609511463 +0200
7@@ -2,7 +2,7 @@
8 AC_INIT(bluez-hcidump, 2.5)
9
10 AM_INIT_AUTOMAKE([foreign subdir-objects])
11-AM_CONFIG_HEADER(config.h)
12+AC_CONFIG_HEADERS(config.h)
13
14 m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
diff --git a/meta/recipes-connectivity/bluez/bluez-hcidump_2.5.bb b/meta/recipes-connectivity/bluez/bluez-hcidump_2.5.bb
new file mode 100644
index 0000000..3950630
--- /dev/null
+++ b/meta/recipes-connectivity/bluez/bluez-hcidump_2.5.bb
@@ -0,0 +1,22 @@
1SUMMARY = "Linux Bluetooth Stack HCI Debugger Tool"
2DESCRIPTION = "The hcidump tool reads raw HCI data coming from and going to a Bluetooth device \
3and displays the commands, events and data in a human-readable form."
4
5SECTION = "console"
6# hcidump was integrated into bluez5
7DEPENDS = "bluez4"
8RCONFLICTS_${PN} = "bluez5"
9LICENSE = "GPLv2+"
10LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a \
11 file://src/hcidump.c;beginline=1;endline=23;md5=3bee3a162dff43a5be7470710b99fbcf"
12PR = "r1"
13
14SRC_URI = "http://www.kernel.org/pub/linux/bluetooth/bluez-hcidump-${PV}.tar.gz \
15 file://obsolete_automake_macros.patch \
16"
17
18SRC_URI[md5sum] = "2eab54bbd2b59a2ed4274ebb9390cf18"
19SRC_URI[sha256sum] = "9b7c52b375081883738cf049ecabc103b97d094b19c6544fb241267905d88881"
20S = "${WORKDIR}/bluez-hcidump-${PV}"
21
22inherit autotools
diff --git a/meta/recipes-connectivity/bluez/bluez4-4.101/bluetooth.conf b/meta/recipes-connectivity/bluez/bluez4-4.101/bluetooth.conf
new file mode 100644
index 0000000..ca5e9e4
--- /dev/null
+++ b/meta/recipes-connectivity/bluez/bluez4-4.101/bluetooth.conf
@@ -0,0 +1,16 @@
1<!-- This configuration file specifies the required security policies
2 for Bluetooth core daemon to work. -->
3
4<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
5 "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
6<busconfig>
7
8 <!-- ../system.conf have denied everything, so we just punch some holes -->
9
10 <policy context="default">
11 <allow own="org.bluez"/>
12 <allow send_destination="org.bluez"/>
13 <allow send_interface="org.bluez.Agent"/>
14 </policy>
15
16</busconfig>
diff --git a/meta/recipes-connectivity/bluez/bluez4-4.101/fix-udev-paths.patch b/meta/recipes-connectivity/bluez/bluez4-4.101/fix-udev-paths.patch
new file mode 100644
index 0000000..8089914
--- /dev/null
+++ b/meta/recipes-connectivity/bluez/bluez4-4.101/fix-udev-paths.patch
@@ -0,0 +1,37 @@
1Add udevdir/udevrulesdir options
2
3Upstream-Status: Inappropriate [configuration]
4Signed-off-by: Constantin Musca <constantinx.musca@intel.com>
5
6Index: bluez-4.101/Makefile.am
7===================================================================
8--- bluez-4.101.orig/Makefile.am
9+++ bluez-4.101/Makefile.am
10@@ -395,7 +395,7 @@ EXTRA_DIST += audio/bluetooth.conf
11 include Makefile.tools
12
13 if DATAFILES
14-rulesdir = @UDEV_DIR@/rules.d
15+rulesdir = @UDEV_RULES_DIR@
16
17 udev_files =
18
19Index: bluez-4.101/configure.ac
20===================================================================
21--- bluez-4.101.orig/configure.ac
22+++ bluez-4.101/configure.ac
23@@ -61,4 +61,14 @@ if (test -n "${path_systemdunit}"); then
24 fi
25 AM_CONDITIONAL(SYSTEMD, test -n "${path_systemdunit}")
26
27+AC_ARG_WITH([udevdir],
28+ AS_HELP_STRING([--with-udevdir=DIR], [udev directory]),
29+ [], [with_udevdir=/lib/udev/])
30+AC_SUBST([UDEV_DIR], [$with_udevdir])
31+
32+AC_ARG_WITH([udevrulesdir],
33+ AS_HELP_STRING([--with-udevrulesdir=DIR], [udev rules directory]),
34+ [], [with_udevrulesdir=/lib/udev/rules.d])
35+AC_SUBST([UDEV_RULES_DIR], [$with_udevrulesdir])
36+
37 AC_OUTPUT(Makefile doc/version.xml src/bluetoothd.8 src/bluetooth.service bluez.pc)
diff --git a/meta/recipes-connectivity/bluez/bluez4-4.101/install-test-script.patch b/meta/recipes-connectivity/bluez/bluez4-4.101/install-test-script.patch
new file mode 100644
index 0000000..23f7d99
--- /dev/null
+++ b/meta/recipes-connectivity/bluez/bluez4-4.101/install-test-script.patch
@@ -0,0 +1,26 @@
1Upstream-Status: Inappropriate
2
3Install the bluez's test scripts
4
5Signed-off-by: Zhong Hongbo <hongbo.zhong@windriver.com>
6diff -Nurd bluez-4.101.orig/Makefile.tools bluez-4.101/Makefile.tools
7--- bluez-4.101.orig/Makefile.tools 2013-11-19 15:49:07.688838000 +0800
8+++ bluez-4.101/Makefile.tools 2013-11-19 15:50:09.256837848 +0800
9@@ -227,6 +227,17 @@
10 test/service-spp.xml test/service-opp.xml test/service-ftp.xml \
11 test/simple-player test/test-nap
12
13+bluez4_testdir = $(libdir)/bluez4/test/
14+dist_bluez4_test_SCRIPTS = test/sap-client test/hsplay test/hsmicro \
15+ test/monitor-bluetooth test/list-devices \
16+ test/test-discovery test/test-manager test/test-adapter \
17+ test/test-device test/test-service test/test-serial \
18+ test/test-telephony test/test-network test/simple-agent \
19+ test/simple-service test/simple-endpoint test/test-audio \
20+ test/test-input test/test-sap-server test/test-oob \
21+ test/test-attrib test/test-proximity test/test-thermometer \
22+ test/test-serial-proxy test/test-health test/test-health-sink \
23+ test/simple-player test/test-nap
24 if HIDD
25 bin_PROGRAMS += compat/hidd
26
diff --git a/meta/recipes-connectivity/bluez/bluez4-4.101/network-fix-network-Connect-method-parameters.patch b/meta/recipes-connectivity/bluez/bluez4-4.101/network-fix-network-Connect-method-parameters.patch
new file mode 100644
index 0000000..37f9199
--- /dev/null
+++ b/meta/recipes-connectivity/bluez/bluez4-4.101/network-fix-network-Connect-method-parameters.patch
@@ -0,0 +1,30 @@
1Upstream-Status: Backport
2Signed-off-by: Peter A. Bigot <pab@pabigot.com>
3
4From 57170b311f1468330f4a9961dc0b3ac45f97bc13 Mon Sep 17 00:00:00 2001
5From: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
6Date: Sat, 30 Jun 2012 00:39:05 -0300
7Subject: [PATCH] network: fix network Connect() method parameters
8
9---
10 network/connection.c | 4 +++-
11 1 file changed, 3 insertions(+), 1 deletion(-)
12
13diff --git a/network/connection.c b/network/connection.c
14index 544ec3a..59423a9 100644
15--- a/network/connection.c
16+++ b/network/connection.c
17@@ -554,7 +554,9 @@ static void path_unregister(void *data)
18
19 static const GDBusMethodTable connection_methods[] = {
20 { GDBUS_ASYNC_METHOD("Connect",
21- NULL, NULL, connection_connect) },
22+ GDBUS_ARGS({"uuid", "s"}),
23+ GDBUS_ARGS({"interface", "s"}),
24+ connection_connect) },
25 { GDBUS_METHOD("Disconnect",
26 NULL, NULL, connection_disconnect) },
27 { GDBUS_METHOD("GetProperties",
28--
291.7.9.5
30
diff --git a/meta/recipes-connectivity/bluez/bluez4-4.101/obsolete_automake_macros.patch b/meta/recipes-connectivity/bluez/bluez4-4.101/obsolete_automake_macros.patch
new file mode 100644
index 0000000..1068f24
--- /dev/null
+++ b/meta/recipes-connectivity/bluez/bluez4-4.101/obsolete_automake_macros.patch
@@ -0,0 +1,14 @@
1Upstream-Status: Backport
2
3Signed-off-by: Marko Lindqvist <cazfi74@gmail.com>
4diff -Nurd bluez-4.101/configure.ac bluez-4.101/configure.ac
5--- bluez-4.101/configure.ac 2012-06-22 19:36:49.000000000 +0300
6+++ bluez-4.101/configure.ac 2013-01-07 06:13:18.385888966 +0200
7@@ -2,7 +2,7 @@
8 AC_INIT(bluez, 4.101)
9
10 AM_INIT_AUTOMAKE([foreign subdir-objects color-tests])
11-AM_CONFIG_HEADER(config.h)
12+AC_CONFIG_HEADERS(config.h)
13
14 m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])])
diff --git a/meta/recipes-connectivity/bluez/bluez4-4.101/sbc_mmx.patch b/meta/recipes-connectivity/bluez/bluez4-4.101/sbc_mmx.patch
new file mode 100644
index 0000000..98fab45
--- /dev/null
+++ b/meta/recipes-connectivity/bluez/bluez4-4.101/sbc_mmx.patch
@@ -0,0 +1,24 @@
1on x86 and x86_64 gcc 4.7 complains
2
3sbc/sbc_primitives_mmx.c: In function 'sbc_calc_scalefactors_mmx':
4sbc/sbc_primitives_mmx.c:294:4: warning: asm operand 2 probably doesn't match constraints [enabled by default]
5sbc/sbc_primitives_mmx.c:294:4: error: impossible constraint in 'asm'
6
7This patch is taken from https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/911871
8
9Signed-off-by: Khem Raj <raj.khem@gmail.com>
10
11Upstream-Status: Pending
12Index: bluez-4.98/sbc/sbc_primitives_mmx.c
13===================================================================
14--- bluez-4.98.orig/sbc/sbc_primitives_mmx.c 2011-12-21 14:53:54.000000000 -0800
15+++ bluez-4.98/sbc/sbc_primitives_mmx.c 2012-02-24 10:07:03.422073800 -0800
16@@ -318,7 +318,7 @@
17 "movl %k0, 4(%3)\n"
18 : "+r" (blk)
19 : "r" (&sb_sample_f[0][ch][sb]),
20- "i" ((char *) &sb_sample_f[1][0][0] -
21+ "r" ((char *) &sb_sample_f[1][0][0] -
22 (char *) &sb_sample_f[0][0][0]),
23 "r" (&scale_factor[ch][sb]),
24 "r" (&consts),
diff --git a/meta/recipes-connectivity/bluez/bluez4-4.101/use-legacy-pygobject-instead-ofgobject-introspection.patch b/meta/recipes-connectivity/bluez/bluez4-4.101/use-legacy-pygobject-instead-ofgobject-introspection.patch
new file mode 100644
index 0000000..37037f5
--- /dev/null
+++ b/meta/recipes-connectivity/bluez/bluez4-4.101/use-legacy-pygobject-instead-ofgobject-introspection.patch
@@ -0,0 +1,27 @@
1Upstream-Status: Inappropriate
2
3use legacy pygobject instead of gobject-introspection
4
5Signed-off-by: Zhong Hongbo <hongbo.zhong@windriver.com>
6---
7diff -Nurd bluez-4.101.orig/test/simple-agent bluez-4.101/test/simple-agent
8--- bluez-4.101.orig/test/simple-agent 2013-11-13 17:14:08.138118159 +0800
9+++ bluez-4.101/test/simple-agent 2013-11-13 17:14:29.034118107 +0800
10@@ -2,7 +2,7 @@
11
12 from __future__ import absolute_import, print_function, unicode_literals
13
14-from gi.repository import GObject
15+import gobject
16
17 import sys
18 import dbus
19@@ -122,7 +122,7 @@
20 path = "/test/agent"
21 agent = Agent(bus, path)
22
23- mainloop = GObject.MainLoop()
24+ mainloop = gobject.MainLoop()
25
26 if len(args) > 1:
27 if len(args) > 2:
diff --git a/meta/recipes-connectivity/bluez/bluez4.inc b/meta/recipes-connectivity/bluez/bluez4.inc
new file mode 100644
index 0000000..11c9616
--- /dev/null
+++ b/meta/recipes-connectivity/bluez/bluez4.inc
@@ -0,0 +1,46 @@