summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/connman/connman
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-connectivity/connman/connman')
-rw-r--r--meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-networkd-when-using-con.patch29
-rw-r--r--meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch29
-rw-r--r--meta/recipes-connectivity/connman/connman/0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch35
-rw-r--r--meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch112
-rw-r--r--meta/recipes-connectivity/connman/connman/CVE-2025-32366.patch41
-rw-r--r--meta/recipes-connectivity/connman/connman/CVE-2025-32743.patch48
-rw-r--r--meta/recipes-connectivity/connman/connman/connman42
-rw-r--r--meta/recipes-connectivity/connman/connman/no-version-scripts.patch27
8 files changed, 148 insertions, 215 deletions
diff --git a/meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-networkd-when-using-con.patch b/meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-networkd-when-using-con.patch
deleted file mode 100644
index dd012750a4..0000000000
--- a/meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-networkd-when-using-con.patch
+++ /dev/null
@@ -1,29 +0,0 @@
1From 9fea099d0a3ece37d80ad70d32ebb8a93f8f3280 Mon Sep 17 00:00:00 2001
2From: Yi Zhao <yi.zhao@windriver.com>
3Date: Fri, 30 Oct 2020 13:48:45 +0800
4Subject: [PATCH] connman.service: stop systemd-networkd when using connman
5
6Stop systemd-networkd service when we use connman as network manager.
7
8Upstream-Status: Inappropriate [configuration]
9
10Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
11---
12 src/connman.service.in | 1 +
13 1 file changed, 1 insertion(+)
14
15diff --git a/src/connman.service.in b/src/connman.service.in
16index 79e75d6..014eafe 100644
17--- a/src/connman.service.in
18+++ b/src/connman.service.in
19@@ -6,6 +6,7 @@ RequiresMountsFor=@localstatedir@/lib/connman
20 After=dbus.service network-pre.target systemd-sysusers.service
21 Before=network.target multi-user.target shutdown.target
22 Wants=network.target
23+Conflicts=systemd-networkd.service systemd-networkd.socket
24 Conflicts=systemd-resolved.service
25
26 [Service]
27--
282.17.1
29
diff --git a/meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch b/meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch
deleted file mode 100644
index 8e2e0bd02d..0000000000
--- a/meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch
+++ /dev/null
@@ -1,29 +0,0 @@
1From 9f70b94ebf18f52c115634642652830fa77f27a1 Mon Sep 17 00:00:00 2001
2From: "Maxin B. John" <maxin.john@intel.com>
3Date: Mon, 12 Jun 2017 16:52:39 +0300
4Subject: [PATCH] connman.service: stop systemd-resolved when we use connman
5
6Stop systemd-resolved service when we use connman as network manager.
7
8Upstream-Status: Inappropriate [configuration]
9
10Signed-off-by: Maxin B. John <maxin.john@intel.com>
11---
12 src/connman.service.in | 1 +
13 1 file changed, 1 insertion(+)
14
15diff --git a/src/connman.service.in b/src/connman.service.in
16index 9f5c10f..dab48bc 100644
17--- a/src/connman.service.in
18+++ b/src/connman.service.in
19@@ -6,6 +6,7 @@ RequiresMountsFor=@localstatedir@/lib/connman
20 After=dbus.service network-pre.target systemd-sysusers.service
21 Before=network.target multi-user.target shutdown.target
22 Wants=network.target
23+Conflicts=systemd-resolved.service
24
25 [Service]
26 Type=dbus
27--
282.4.0
29
diff --git a/meta/recipes-connectivity/connman/connman/0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch b/meta/recipes-connectivity/connman/connman/0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch
deleted file mode 100644
index e6f03e632e..0000000000
--- a/meta/recipes-connectivity/connman/connman/0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch
+++ /dev/null
@@ -1,35 +0,0 @@
1From 4ddaf78dad5a9ee4a0658235f71b75132192123e Mon Sep 17 00:00:00 2001
2From: Khem Raj <raj.khem@gmail.com>
3Date: Sat, 7 Apr 2012 18:52:12 -0700
4Subject: [PATCH] plugin.h: Change visibility to default for debug symbols
5
6gold refuses to link in undefined weak symbols which
7have hidden visibility
8
9Signed-off-by: Khem Raj <raj.khem@gmail.com>
10
11
12Upstream-Status: Pending
13---
14 include/plugin.h | 4 ++--
15 1 files changed, 2 insertions(+), 2 deletions(-)
16
17diff --git a/include/plugin.h b/include/plugin.h
18index 692a4e5..a9361c3 100644
19--- a/include/plugin.h
20+++ b/include/plugin.h
21@@ -89,9 +89,9 @@ struct connman_plugin_desc {
22 #else
23 #define CONNMAN_PLUGIN_DEFINE(name, description, version, priority, init, exit) \
24 extern struct connman_debug_desc __start___debug[] \
25- __attribute__ ((weak, visibility("hidden"))); \
26+ __attribute__ ((weak, visibility("default"))); \
27 extern struct connman_debug_desc __stop___debug[] \
28- __attribute__ ((weak, visibility("hidden"))); \
29+ __attribute__ ((weak, visibility("default"))); \
30 extern struct connman_plugin_desc connman_plugin_desc \
31 __attribute__ ((visibility("default"))); \
32 struct connman_plugin_desc connman_plugin_desc = { \
33--
341.7.5.4
35
diff --git a/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch b/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch
index 942b9c97b6..2c612039ee 100644
--- a/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch
+++ b/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch
@@ -1,83 +1,85 @@
1From c7734e1547db967eccf242fe4b9e8a30b9ff141c Mon Sep 17 00:00:00 2001 1From 4e726a5aaa75d60fab6a56bc37dbec48be53ff79 Mon Sep 17 00:00:00 2001
2From: Khem Raj <raj.khem@gmail.com> 2From: Khem Raj <raj.khem@gmail.com>
3Date: Mon, 6 Apr 2015 23:02:21 -0700 3Date: Mon, 6 Apr 2015 23:02:21 -0700
4Subject: [PATCH] resolve: musl does not implement res_ninit 4Subject: [PATCH] gweb/gresolv.c: make use of res_ninit optional and subject to
5 __RES
5 6
6ported from 7Not all libc implementation have those functions, and the way to determine
8if they do is to check __RES which is explained in resolv.h thusly:
9
10/*
11 * Revision information. This is the release date in YYYYMMDD format.
12 * It can change every day so the right thing to do with it is use it
13 * in preprocessor commands such as "#if (__RES > 19931104)". Do not
14 * compare for equality; rather, use it to determine whether your resolver
15 * is new enough to contain a certain feature.
16 */
17
18Indeed, it needs to be at least 19991006.
19
20The portion of the patch that implements a fallback is ported from
21Alpine Linux:
7http://git.alpinelinux.org/cgit/aports/plain/testing/connman/libresolv.patch 22http://git.alpinelinux.org/cgit/aports/plain/testing/connman/libresolv.patch
8 23
9Upstream-Status: Pending 24Upstream-Status: Submitted [to connman@lists.linux.dev,marcel@holtmann.org]
10 25
11Signed-off-by: Khem Raj <raj.khem@gmail.com> 26Signed-off-by: Khem Raj <raj.khem@gmail.com>
12
13--- 27---
14 gweb/gresolv.c | 34 +++++++++++++--------------------- 28 gweb/gresolv.c | 21 +++++++++++++++++++++
15 1 file changed, 13 insertions(+), 21 deletions(-) 29 1 file changed, 21 insertions(+)
16 30
17diff --git a/gweb/gresolv.c b/gweb/gresolv.c 31diff --git a/gweb/gresolv.c b/gweb/gresolv.c
18index 38a554e..a9e8740 100644 32index 8101d71..9f1477c 100644
19--- a/gweb/gresolv.c 33--- a/gweb/gresolv.c
20+++ b/gweb/gresolv.c 34+++ b/gweb/gresolv.c
21@@ -36,6 +36,7 @@ 35@@ -879,7 +879,9 @@ GResolv *g_resolv_new(int index)
22 #include <arpa/inet.h>
23 #include <arpa/nameser.h>
24 #include <net/if.h>
25+#include <ctype.h>
26
27 #include "gresolv.h"
28
29@@ -877,8 +878,6 @@ GResolv *g_resolv_new(int index)
30 resolv->index = index; 36 resolv->index = index;
31 resolv->nameserver_list = NULL; 37 resolv->nameserver_list = NULL;
32 38
33- res_ninit(&resolv->res); 39+#if (__RES >= 19991006)
34- 40 res_ninit(&resolv->res);
41+#endif
42
35 return resolv; 43 return resolv;
36 } 44 }
37 45@@ -920,7 +922,9 @@ void g_resolv_unref(GResolv *resolv)
38@@ -918,8 +917,6 @@ void g_resolv_unref(GResolv *resolv)
39 46
40 flush_nameservers(resolv); 47 flush_nameservers(resolv);
41 48
42- res_nclose(&resolv->res); 49+#if (__RES >= 19991006)
43- 50 res_nclose(&resolv->res);
51+#endif
52
44 g_free(resolv); 53 g_free(resolv);
45 } 54 }
46 55@@ -1024,6 +1028,7 @@ guint g_resolv_lookup_hostname(GResolv *resolv, const char *hostname,
47@@ -1022,24 +1019,19 @@ guint g_resolv_lookup_hostname(GResolv *resolv, const char *hostname,
48 debug(resolv, "hostname %s", hostname); 56 debug(resolv, "hostname %s", hostname);
49 57
50 if (!resolv->nameserver_list) { 58 if (!resolv->nameserver_list) {
51- int i; 59+#if (__RES >= 19991006)
52- 60 int i;
53- for (i = 0; i < resolv->res.nscount; i++) { 61
54- char buf[100]; 62 for (i = 0; i < resolv->res.nscount; i++) {
55- int family = resolv->res.nsaddr_list[i].sin_family; 63@@ -1043,6 +1048,22 @@ guint g_resolv_lookup_hostname(GResolv *resolv, const char *hostname,
56- void *sa_addr = &resolv->res.nsaddr_list[i].sin_addr; 64 if (inet_ntop(family, sa_addr, buf, sizeof(buf)))
57- 65 g_resolv_add_nameserver(resolv, buf, 53, 0);
58- if (family != AF_INET &&
59- resolv->res._u._ext.nsaddrs[i]) {
60- family = AF_INET6;
61- sa_addr = &resolv->res._u._ext.nsaddrs[i]->sin6_addr;
62+ FILE *f = fopen("/etc/resolv.conf", "r");
63+ if (f) {
64+ char line[256], *s;
65+ int i;
66+ while (fgets(line, sizeof(line), f)) {
67+ if (strncmp(line, "nameserver", 10) || !isspace(line[10]))
68+ continue;
69+ for (s = &line[11]; isspace(s[0]); s++);
70+ for (i = 0; s[i] && !isspace(s[i]); i++);
71+ s[i] = 0;
72+ g_resolv_add_nameserver(resolv, s, 53, 0);
73 }
74-
75- if (family != AF_INET && family != AF_INET6)
76- continue;
77-
78- if (inet_ntop(family, sa_addr, buf, sizeof(buf)))
79- g_resolv_add_nameserver(resolv, buf, 53, 0);
80+ fclose(f);
81 } 66 }
67+#else
68+ FILE *f = fopen("/etc/resolv.conf", "r");
69+ if (f) {
70+ char line[256], *s;
71+ int i;
72+ while (fgets(line, sizeof(line), f)) {
73+ if (strncmp(line, "nameserver", 10) || !isspace(line[10]))
74+ continue;
75+ for (s = &line[11]; isspace(s[0]); s++);
76+ for (i = 0; s[i] && !isspace(s[i]); i++);
77+ s[i] = 0;
78+ g_resolv_add_nameserver(resolv, s, 53, 0);
79+ }
80+ fclose(f);
81+ }
82+#endif
82 83
83 if (!resolv->nameserver_list) 84 if (!resolv->nameserver_list)
85 g_resolv_add_nameserver(resolv, "127.0.0.1", 53, 0);
diff --git a/meta/recipes-connectivity/connman/connman/CVE-2025-32366.patch b/meta/recipes-connectivity/connman/connman/CVE-2025-32366.patch
new file mode 100644
index 0000000000..62f07e707a
--- /dev/null
+++ b/meta/recipes-connectivity/connman/connman/CVE-2025-32366.patch
@@ -0,0 +1,41 @@
1From 8d3be0285f1d4667bfe85dba555c663eb3d704b4 Mon Sep 17 00:00:00 2001
2From: Yoonje Shin <ioerts@kookmin.ac.kr>
3Date: Mon, 12 May 2025 10:48:18 +0200
4Subject: [PATCH] dnsproxy: Address CVE-2025-32366 vulnerability
5
6In Connman parse_rr in dnsproxy.c has a memcpy length
7that depends on an RR RDLENGTH value (i.e., *rdlen=ntohs(rr->rdlen)
8and memcpy(response+offset,*end,*rdlen)). Here, rdlen may be larger
9than the amount of remaining packet data in the current state of
10parsing. As a result, values of stack memory locations may be sent
11over the network in a response.
12
13This patch adds a check to ensure that (*end + *rdlen) does not exceed
14the valid range. If the condition is violated, the function returns
15-EINVAL.
16
17CVE: CVE-2025-32366
18
19Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=8d3be0285f1d4667bfe85dba555c663eb3d704b4]
20
21Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
22---
23 src/dnsproxy.c | 3 +++
24 1 file changed, 3 insertions(+)
25
26diff --git a/src/dnsproxy.c b/src/dnsproxy.c
27index 7ee26d9..1dd2f7f 100644
28--- a/src/dnsproxy.c
29+++ b/src/dnsproxy.c
30@@ -998,6 +998,9 @@ static int parse_rr(const unsigned char *buf, const unsigned char *start,
31 if ((offset + *rdlen) > *response_size)
32 return -ENOBUFS;
33
34+ if ((*end + *rdlen) > max)
35+ return -EINVAL;
36+
37 memcpy(response + offset, *end, *rdlen);
38
39 *end += *rdlen;
40--
412.40.0
diff --git a/meta/recipes-connectivity/connman/connman/CVE-2025-32743.patch b/meta/recipes-connectivity/connman/connman/CVE-2025-32743.patch
new file mode 100644
index 0000000000..c114589679
--- /dev/null
+++ b/meta/recipes-connectivity/connman/connman/CVE-2025-32743.patch
@@ -0,0 +1,48 @@
1From d90b911f6760959bdf1393c39fe8d1118315490f Mon Sep 17 00:00:00 2001
2From: Praveen Kumar <praveen.kumar@windriver.com>
3Date: Thu, 24 Apr 2025 11:39:29 +0000
4Subject: [PATCH] dnsproxy: Fix NULL/empty lookup causing potential crash
5
6In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c
7can be NULL or an empty string when the TC (Truncated) bit is set in
8a DNS response. This allows attackers to cause a denial of service
9(application crash) or possibly execute arbitrary code, because those
10lookup values lead to incorrect length calculations and incorrect
11memcpy operations.
12
13This patch includes a check to make sure loookup value is valid before
14using it. This helps avoid unexpected value when the input is empty or
15incorrect.
16
17Fixes: CVE-2025-32743
18
19CVE: CVE-2025-32743
20
21Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d90b911f6760959bdf1393c39fe8d1118315490f]
22
23Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
24---
25 src/dnsproxy.c | 7 ++++++-
26 1 file changed, 6 insertions(+), 1 deletion(-)
27
28diff --git a/src/dnsproxy.c b/src/dnsproxy.c
29index f28a5d7..7ee26d9 100644
30--- a/src/dnsproxy.c
31+++ b/src/dnsproxy.c
32@@ -1685,8 +1685,13 @@ static int ns_resolv(struct server_data *server, struct request_data *req,
33 gpointer request, gpointer name)
34 {
35 int sk = -1;
36+ int err;
37 const char *lookup = (const char *)name;
38- int err = ns_try_resolv_from_cache(req, request, lookup);
39+
40+ if (!lookup || strlen(lookup) == 0)
41+ return -EINVAL;
42+
43+ err = ns_try_resolv_from_cache(req, request, lookup);
44
45 if (err > 0)
46 /* cache hit */
47--
482.40.0
diff --git a/meta/recipes-connectivity/connman/connman/connman b/meta/recipes-connectivity/connman/connman/connman
index c64fa0d715..adb5d44fed 100644
--- a/meta/recipes-connectivity/connman/connman/connman
+++ b/meta/recipes-connectivity/connman/connman/connman
@@ -10,53 +10,15 @@ fi
10 10
11set -e 11set -e
12 12
13nfsroot=0
14
15exec 9<&0 < /proc/mounts
16while read dev mtpt fstype rest; do
17 if test $mtpt = "/" ; then
18 case $fstype in
19 nfs | nfs4)
20 nfsroot=1
21 break
22 ;;
23 *)
24 ;;
25 esac
26 fi
27done
28
29do_start() { 13do_start() {
30 EXTRA_PARAM=""
31 if test $nfsroot -eq 1 ; then
32 NET_DEVS=`cat /proc/net/dev | sed -ne 's/^\([a-zA-Z0-9 ]*\):.*$/\1/p'`
33 NET_ADDR=`cat /proc/cmdline | sed -ne 's/^.*ip=\([^ :]*\).*$/\1/p'`
34
35 if [ ! -z "$NET_ADDR" ]; then
36 if [ "$NET_ADDR" = dhcp ]; then
37 ethn=`ifconfig | grep "^eth" | sed -e "s/\(eth[0-9]\)\(.*\)/\1/"`
38 if [ ! -z "$ethn" ]; then
39 EXTRA_PARAM="-I $ethn"
40 fi
41 else
42 for i in $NET_DEVS; do
43 ADDR=`ifconfig $i | sed 's/addr://g' | sed -ne 's/^.*inet \([0-9.]*\) .*$/\1/p'`
44 if [ "$NET_ADDR" = "$ADDR" ]; then
45 EXTRA_PARAM="-I $i"
46 break
47 fi
48 done
49 fi
50 fi
51 fi
52 if [ -f @DATADIR@/connman/wired-setup ] ; then 14 if [ -f @DATADIR@/connman/wired-setup ] ; then
53 . @DATADIR@/connman/wired-setup 15 . @DATADIR@/connman/wired-setup
54 fi 16 fi
55 $DAEMON $EXTRA_PARAM 17 $DAEMON
56} 18}
57 19
58do_stop() { 20do_stop() {
59 start-stop-daemon --stop --name connmand --quiet 21 start-stop-daemon --stop --oknodo --name connmand --quiet
60} 22}
61 23
62case "$1" in 24case "$1" in
diff --git a/meta/recipes-connectivity/connman/connman/no-version-scripts.patch b/meta/recipes-connectivity/connman/connman/no-version-scripts.patch
deleted file mode 100644
index e96e38bcf9..0000000000
--- a/meta/recipes-connectivity/connman/connman/no-version-scripts.patch
+++ /dev/null
@@ -1,27 +0,0 @@
1With binutils 2.27 on at least MIPS, connmand will crash on startup. This
2appears to be due to the symbol visibilty scripts hiding symbols that stdio
3looks up at runtime, resulting in it segfaulting.
4
5This certainly appears to be a bug in binutils 2.27 although the problem has
6been known about for some time:
7
8https://sourceware.org/bugzilla/show_bug.cgi?id=17908
9
10As the version scripts are only used to hide symbols from plugins we can safely
11remove the scripts to work around the problem until binutils is fixed.
12
13Upstream-Status: Inappropriate
14Signed-off-by: Ross Burton <ross.burton@intel.com>
15
16diff --git a/Makefile.am b/Makefile.am
17index d70725c..76ae432 100644
18--- a/Makefile.am
19+++ b/Makefile.am
20@@ -132,2 +132 @@ src_connmand_LDADD = gdbus/libgdbus-internal.la $(builtin_libadd) \
21-src_connmand_LDFLAGS = -Wl,--export-dynamic \
22- -Wl,--version-script=$(srcdir)/src/connman.ver
23+src_connmand_LDFLAGS = -Wl,--export-dynamic
24@@ -166,2 +165 @@ vpn_connman_vpnd_LDADD = gdbus/libgdbus-internal.la $(builtin_vpn_libadd) \
25-vpn_connman_vpnd_LDFLAGS = -Wl,--export-dynamic \
26- -Wl,--version-script=$(srcdir)/vpn/vpn.ver
27+vpn_connman_vpnd_LDFLAGS = -Wl,--export-dynamic