diff options
Diffstat (limited to 'meta/recipes-devtools/dpkg')
17 files changed, 709 insertions, 0 deletions
diff --git a/meta/recipes-devtools/dpkg/dpkg.inc b/meta/recipes-devtools/dpkg/dpkg.inc new file mode 100644 index 0000000000..0f73ddd6fe --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg.inc | |||
@@ -0,0 +1,85 @@ | |||
1 | SUMMARY = "Package maintenance system from Debian" | ||
2 | LICENSE = "GPLv2.0+" | ||
3 | SECTION = "base" | ||
4 | |||
5 | SRC_URI = "${DEBIAN_MIRROR}/main/d/dpkg/dpkg_${PV}.tar.xz \ | ||
6 | file://ignore_extra_fields.patch" | ||
7 | |||
8 | SRC_URI_append_class-native = " file://tar-error-code.patch" | ||
9 | |||
10 | DEPENDS = "zlib bzip2 perl ncurses" | ||
11 | DEPENDS_class-native = "bzip2-replacement-native zlib-native virtual/update-alternatives-native gettext-native perl-native" | ||
12 | RDEPENDS_${PN} = "${VIRTUAL-RUNTIME_update-alternatives} xz run-postinsts perl" | ||
13 | RDEPENDS_${PN}_class-native = "xz-native" | ||
14 | |||
15 | S = "${WORKDIR}/${BPN}-${PV}" | ||
16 | |||
17 | PARALLEL_MAKE = "" | ||
18 | |||
19 | inherit autotools gettext perlnative pkgconfig systemd | ||
20 | |||
21 | python () { | ||
22 | if not bb.utils.contains('DISTRO_FEATURES', 'sysvinit', True, False, d): | ||
23 | pn = d.getVar('PN', True) | ||
24 | d.setVar('SYSTEMD_SERVICE_%s' % (pn), 'dpkg-configure.service') | ||
25 | } | ||
26 | |||
27 | export PERL = "${bindir}/perl" | ||
28 | PERL_class-native = "${STAGING_BINDIR_NATIVE}/perl-native/perl" | ||
29 | |||
30 | export PERL_LIBDIR = "${libdir}/perl" | ||
31 | PERL_LIBDIR_class-native = "${libdir}/perl-native/perl" | ||
32 | |||
33 | EXTRA_OECONF = "\ | ||
34 | --disable-dselect \ | ||
35 | --enable-start-stop-daemon \ | ||
36 | --with-zlib \ | ||
37 | --with-bz2 \ | ||
38 | --without-liblzma \ | ||
39 | --without-selinux \ | ||
40 | " | ||
41 | |||
42 | EXTRA_OECONF_append_class-target = " TAR=tar" | ||
43 | |||
44 | do_configure () { | ||
45 | echo >> ${S}/m4/compiler.m4 | ||
46 | sed -i -e 's#PERL_LIBDIR=.*$#PERL_LIBDIR="${libdir}/perl"#' ${S}/configure | ||
47 | autotools_do_configure | ||
48 | } | ||
49 | |||
50 | do_install_append () { | ||
51 | if [ "${PN}" = "dpkg-native" ]; then | ||
52 | # update-alternatives doesn't have an offline mode | ||
53 | rm ${D}${bindir}/update-alternatives | ||
54 | sed -i -e 's|^#!.*${bindir}/perl-native.*/perl|#!/usr/bin/env nativeperl|' ${D}${bindir}/dpkg-* | ||
55 | else | ||
56 | mv ${D}${bindir}/update-alternatives ${D}${sbindir} | ||
57 | sed -i -e 's|^#!.*${bindir}/perl-native.*/perl|#!/usr/bin/env perl|' ${D}${bindir}/dpkg-* | ||
58 | fi | ||
59 | |||
60 | if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','false','true',d)};then | ||
61 | install -d ${D}${systemd_unitdir}/system | ||
62 | install -m 0644 ${WORKDIR}/dpkg-configure.service ${D}${systemd_unitdir}/system/ | ||
63 | sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \ | ||
64 | -e 's,@SYSCONFDIR@,${sysconfdir},g' \ | ||
65 | -e 's,@BINDIR@,${bindir},g' \ | ||
66 | -e 's,@SYSTEMD_UNITDIR@,${systemd_unitdir},g' \ | ||
67 | ${D}${systemd_unitdir}/system/dpkg-configure.service | ||
68 | fi | ||
69 | } | ||
70 | |||
71 | PROV = "virtual/update-alternatives" | ||
72 | PROV_class-native = "" | ||
73 | |||
74 | PROVIDES += "${PROV}" | ||
75 | |||
76 | PACKAGES =+ "update-alternatives-dpkg" | ||
77 | FILES_update-alternatives-dpkg = "${sbindir}/update-alternatives ${localstatedir}/lib/dpkg/alternatives ${sysconfdir}/alternatives" | ||
78 | RPROVIDES_update-alternatives-dpkg += "update-alternatives" | ||
79 | |||
80 | PACKAGES += "${PN}-perl" | ||
81 | FILES_${PN}-perl = "${libdir}/perl" | ||
82 | |||
83 | BBCLASSEXTEND = "native" | ||
84 | |||
85 | |||
diff --git a/meta/recipes-devtools/dpkg/dpkg/arch_pm.patch b/meta/recipes-devtools/dpkg/dpkg/arch_pm.patch new file mode 100644 index 0000000000..cad4c0f0a1 --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/arch_pm.patch | |||
@@ -0,0 +1,22 @@ | |||
1 | configure cannot determine the proper cpu, os, or | ||
2 | architecture for mips64, and possibly other arch's | ||
3 | because of faulty code added to Arch.pm in the latest | ||
4 | release from upstream. We remove that code. | ||
5 | |||
6 | Upstream-Status: Pending | ||
7 | |||
8 | Signed-off-by: Joe Slater <jslater@windriver.com> | ||
9 | |||
10 | |||
11 | --- a/scripts/Dpkg/Arch.pm | ||
12 | +++ b/scripts/Dpkg/Arch.pm | ||
13 | @@ -233,9 +233,6 @@ sub read_triplettable() | ||
14 | (my $dt = $debtriplet) =~ s/<cpu>/$_cpu/; | ||
15 | (my $da = $debarch) =~ s/<cpu>/$_cpu/; | ||
16 | |||
17 | - next if exists $debarch_to_debtriplet{$da} | ||
18 | - or exists $debtriplet_to_debarch{$dt}; | ||
19 | - | ||
20 | $debarch_to_debtriplet{$da} = $dt; | ||
21 | $debtriplet_to_debarch{$dt} = $da; | ||
22 | } | ||
diff --git a/meta/recipes-devtools/dpkg/dpkg/check_snprintf.patch b/meta/recipes-devtools/dpkg/dpkg/check_snprintf.patch new file mode 100644 index 0000000000..56eb0ca5be --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/check_snprintf.patch | |||
@@ -0,0 +1,34 @@ | |||
1 | Upstream-Status: Inappropriate [configuration] | ||
2 | |||
3 | diff -ruN dpkg-1.15.8.5-orig/m4/dpkg-funcs.m4 dpkg-1.15.8.5/m4/dpkg-funcs.m4 | ||
4 | --- dpkg-1.15.8.5-orig/m4/dpkg-funcs.m4 2010-10-08 12:27:15.082131611 +0800 | ||
5 | +++ dpkg-1.15.8.5/m4/dpkg-funcs.m4 2010-10-08 13:56:50.074284346 +0800 | ||
6 | @@ -27,7 +27,7 @@ | ||
7 | # ----------------------- | ||
8 | # Define HAVE_C99_SNPRINTF if we have C99 snprintf family semantics | ||
9 | AC_DEFUN([DPKG_FUNC_C99_SNPRINTF], | ||
10 | -[AC_CACHE_CHECK([for C99 snprintf functions], [dpkg_cv_c99_snprintf], | ||
11 | +[AC_CACHE_CHECK([for C99 snprintf functions], [ac_cv_func_snprintf_c99], | ||
12 | [AC_RUN_IFELSE([AC_LANG_SOURCE([[ | ||
13 | #include <stdarg.h> | ||
14 | #include <stdio.h> | ||
15 | @@ -58,14 +58,14 @@ | ||
16 | return 0; | ||
17 | } | ||
18 | ]])], | ||
19 | - [dpkg_cv_c99_snprintf=yes], | ||
20 | - [dpkg_cv_c99_snprintf=no], | ||
21 | - [dpkg_cv_c99_snprintf=no])]) | ||
22 | -AS_IF([test "x$dpkg_cv_c99_snprintf" = "xyes"], | ||
23 | + [ac_cv_func_snprintf_c99=yes], | ||
24 | + [ac_cv_func_snprintf_c99=no], | ||
25 | + [ac_cv_func_snprintf_c99=no])]) | ||
26 | +AS_IF([test "x$ac_cv_func_snprintf_c99" = "xyes"], | ||
27 | [AC_DEFINE([HAVE_C99_SNPRINTF], 1, | ||
28 | [Define to 1 if the 'snprintf' family is C99 conformant])], | ||
29 | ) | ||
30 | -AM_CONDITIONAL(HAVE_C99_SNPRINTF, [test "x$dpkg_cv_c99_snprintf" = "xyes"]) | ||
31 | +AM_CONDITIONAL(HAVE_C99_SNPRINTF, [test "x$ac_cv_func_snprintf_c99" = "xyes"]) | ||
32 | ])# DPKG_FUNC_C99_SNPRINTF | ||
33 | |||
34 | # DPKG_MMAP | ||
diff --git a/meta/recipes-devtools/dpkg/dpkg/check_version.patch b/meta/recipes-devtools/dpkg/dpkg/check_version.patch new file mode 100644 index 0000000000..3175731522 --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/check_version.patch | |||
@@ -0,0 +1,28 @@ | |||
1 | Adapt to linux-wrs kernel version, which has character '_' inside. | ||
2 | Remove the first-char-digit-check (as the 1.15.8.5 version does). | ||
3 | |||
4 | Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com> | ||
5 | Signed-off-by: Constantin Musca <constantinx.musca@intel.com> | ||
6 | |||
7 | Upstream-Status: Inappropriate [embedded specific] | ||
8 | |||
9 | Index: dpkg-1.16.8/lib/dpkg/parsehelp.c | ||
10 | =================================================================== | ||
11 | --- dpkg-1.16.8.orig/lib/dpkg/parsehelp.c | ||
12 | +++ dpkg-1.16.8/lib/dpkg/parsehelp.c | ||
13 | @@ -258,14 +258,12 @@ parseversion(struct dpkg_version *rversi | ||
14 | |||
15 | /* XXX: Would be faster to use something like cisversion and cisrevision. */ | ||
16 | ptr = rversion->version; | ||
17 | - if (*ptr && !cisdigit(*ptr++)) | ||
18 | - return dpkg_put_warn(err, _("version number does not start with digit")); | ||
19 | for (; *ptr; ptr++) { | ||
20 | - if (!cisdigit(*ptr) && !cisalpha(*ptr) && strchr(".-+~:", *ptr) == NULL) | ||
21 | + if (!cisdigit(*ptr) && !cisalpha(*ptr) && strchr(".-+~:_", *ptr) == NULL) | ||
22 | return dpkg_put_warn(err, _("invalid character in version number")); | ||
23 | } | ||
24 | for (ptr = rversion->revision; *ptr; ptr++) { | ||
25 | - if (!cisdigit(*ptr) && !cisalpha(*ptr) && strchr(".+~", *ptr) == NULL) | ||
26 | + if (!cisdigit(*ptr) && !cisalpha(*ptr) && strchr(".-+~_", *ptr) == NULL) | ||
27 | return dpkg_put_warn(err, _("invalid character in revision number")); | ||
28 | } | ||
diff --git a/meta/recipes-devtools/dpkg/dpkg/dpkg-1.17.4-CVE-2014-0471-CVE-2014-3127.patch b/meta/recipes-devtools/dpkg/dpkg/dpkg-1.17.4-CVE-2014-0471-CVE-2014-3127.patch new file mode 100644 index 0000000000..e59c6661ea --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/dpkg-1.17.4-CVE-2014-0471-CVE-2014-3127.patch | |||
@@ -0,0 +1,68 @@ | |||
1 | dpkg: Security Advisory - CVE-2014-3127 | ||
2 | |||
3 | commit a12eb58959d0a10584a428f4a3103a49204c410f upstream | ||
4 | |||
5 | dpkg 1.15.9 on Debian squeeze introduces support for the "C-style | ||
6 | encoded filenames" feature without recognizing that the squeeze patch | ||
7 | program lacks this feature, which triggers an interaction error that | ||
8 | allows remote attackers to conduct directory traversal attacks and | ||
9 | modify files outside of the intended directories via a crafted source | ||
10 | package. | ||
11 | |||
12 | NOTE: this can be considered a release engineering problem in the | ||
13 | effort to fix CVE-2014-0471. | ||
14 | |||
15 | Upstream-Status: Backport | ||
16 | |||
17 | Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> | ||
18 | Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> | ||
19 | ===================================================== | ||
20 | diff -uarN dpkg-1.17.1-org/scripts/Dpkg/Source/Patch.pm dpkg-1.17.1/scripts/Dpkg/Source/Patch.pm | ||
21 | --- dpkg-1.17.1-org/scripts/Dpkg/Source/Patch.pm 2014-06-05 16:32:41.765446564 +0800 | ||
22 | +++ dpkg-1.17.1/scripts/Dpkg/Source/Patch.pm 2014-06-05 16:37:21.461446359 +0800 | ||
23 | @@ -324,31 +324,6 @@ | ||
24 | return $line; | ||
25 | } | ||
26 | |||
27 | -my %ESCAPE = (( | ||
28 | - 'a' => "\a", | ||
29 | - 'b' => "\b", | ||
30 | - 'f' => "\f", | ||
31 | - 'n' => "\n", | ||
32 | - 'r' => "\r", | ||
33 | - 't' => "\t", | ||
34 | - 'v' => "\cK", | ||
35 | - '\\' => '\\', | ||
36 | - '"' => '"', | ||
37 | -), ( | ||
38 | - map { sprintf('%03o', $_) => chr($_) } (0..255) | ||
39 | -)); | ||
40 | - | ||
41 | -sub _unescape { | ||
42 | - my ($diff, $str) = @_; | ||
43 | - | ||
44 | - if (exists $ESCAPE{$str}) { | ||
45 | - return $ESCAPE{$str}; | ||
46 | - } else { | ||
47 | - error(_g('diff %s patches file with unknown escape sequence \\%s'), | ||
48 | - $diff, $str); | ||
49 | - } | ||
50 | -} | ||
51 | - | ||
52 | # Fetch the header filename ignoring the optional timestamp | ||
53 | sub _fetch_filename { | ||
54 | my ($diff, $header) = @_; | ||
55 | @@ -358,12 +333,7 @@ | ||
56 | |||
57 | # Is it a C-style string? | ||
58 | if ($header =~ m/^"/) { | ||
59 | - $header =~ m/^"((?:[^\\"]|\\.)*)"/; | ||
60 | - error(_g('diff %s patches file with unbalanced quote'), $diff) | ||
61 | - unless defined $1; | ||
62 | - | ||
63 | - $header = $1; | ||
64 | - $header =~ s/\\([0-3][0-7]{2}|.)/_unescape($diff, $1)/eg; | ||
65 | + error(_g('diff %s patches file with C-style encoded filename'), $diff); | ||
66 | } else { | ||
67 | # Tab is the official separator, it's always used when | ||
68 | # filename contain spaces. Try it first, otherwise strip on space | ||
diff --git a/meta/recipes-devtools/dpkg/dpkg/dpkg-1.17.4-CVE-2014-0471.patch b/meta/recipes-devtools/dpkg/dpkg/dpkg-1.17.4-CVE-2014-0471.patch new file mode 100644 index 0000000000..195d309506 --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/dpkg-1.17.4-CVE-2014-0471.patch | |||
@@ -0,0 +1,97 @@ | |||
1 | dpkg: Security Advisory - CVE-2014-0471 | ||
2 | |||
3 | commit a82651188476841d190c58693f95827d61959b51 upstream | ||
4 | |||
5 | Directory traversal vulnerability in the unpacking functionality in | ||
6 | dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 | ||
7 | allows remote attackers to write arbitrary files via a crafted source | ||
8 | package, related to "C-style filename quoting." | ||
9 | |||
10 | Upstream-Status: Backport | ||
11 | |||
12 | Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> | ||
13 | Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> | ||
14 | =================================================== | ||
15 | diff -uarN dpkg-1.17.1-org/scripts/Dpkg/Source/Patch.pm dpkg-1.17.1/scripts/Dpkg/Source/Patch.pm | ||
16 | --- dpkg-1.17.1-org/scripts/Dpkg/Source/Patch.pm 2014-06-05 15:24:07.422446284 +0800 | ||
17 | +++ dpkg-1.17.1/scripts/Dpkg/Source/Patch.pm 2014-06-05 15:41:37.746446314 +0800 | ||
18 | @@ -324,14 +324,53 @@ | ||
19 | return $line; | ||
20 | } | ||
21 | |||
22 | -# Strip timestamp | ||
23 | -sub _strip_ts { | ||
24 | - my $header = shift; | ||
25 | - | ||
26 | - # Tab is the official separator, it's always used when | ||
27 | - # filename contain spaces. Try it first, otherwise strip on space | ||
28 | - # if there's no tab | ||
29 | - $header =~ s/\s.*// unless ($header =~ s/\t.*//); | ||
30 | +my %ESCAPE = (( | ||
31 | + 'a' => "\a", | ||
32 | + 'b' => "\b", | ||
33 | + 'f' => "\f", | ||
34 | + 'n' => "\n", | ||
35 | + 'r' => "\r", | ||
36 | + 't' => "\t", | ||
37 | + 'v' => "\cK", | ||
38 | + '\\' => '\\', | ||
39 | + '"' => '"', | ||
40 | +), ( | ||
41 | + map { sprintf('%03o', $_) => chr($_) } (0..255) | ||
42 | +)); | ||
43 | + | ||
44 | +sub _unescape { | ||
45 | + my ($diff, $str) = @_; | ||
46 | + | ||
47 | + if (exists $ESCAPE{$str}) { | ||
48 | + return $ESCAPE{$str}; | ||
49 | + } else { | ||
50 | + error(_g('diff %s patches file with unknown escape sequence \\%s'), | ||
51 | + $diff, $str); | ||
52 | + } | ||
53 | +} | ||
54 | + | ||
55 | +# Fetch the header filename ignoring the optional timestamp | ||
56 | +sub _fetch_filename { | ||
57 | + my ($diff, $header) = @_; | ||
58 | + | ||
59 | + # Strip any leading spaces. | ||
60 | + $header =~ s/^\s+//; | ||
61 | + | ||
62 | + # Is it a C-style string? | ||
63 | + if ($header =~ m/^"/) { | ||
64 | + $header =~ m/^"((?:[^\\"]|\\.)*)"/; | ||
65 | + error(_g('diff %s patches file with unbalanced quote'), $diff) | ||
66 | + unless defined $1; | ||
67 | + | ||
68 | + $header = $1; | ||
69 | + $header =~ s/\\([0-3][0-7]{2}|.)/_unescape($diff, $1)/eg; | ||
70 | + } else { | ||
71 | + # Tab is the official separator, it's always used when | ||
72 | + # filename contain spaces. Try it first, otherwise strip on space | ||
73 | + # if there's no tab | ||
74 | + $header =~ s/\s.*// unless $header =~ s/\t.*//; | ||
75 | + } | ||
76 | + | ||
77 | return $header; | ||
78 | } | ||
79 | |||
80 | @@ -400,7 +439,7 @@ | ||
81 | unless(s/^--- //) { | ||
82 | error(_g("expected ^--- in line %d of diff `%s'"), $., $diff); | ||
83 | } | ||
84 | - $path{old} = $_ = _strip_ts($_); | ||
85 | + $path{old} = $_ = _fetch_filename($diff, $_); | ||
86 | $fn{old} = $_ if $_ ne '/dev/null' and s{^[^/]*/+}{$destdir/}; | ||
87 | if (/\.dpkg-orig$/) { | ||
88 | error(_g("diff `%s' patches file with name ending .dpkg-orig"), $diff); | ||
89 | @@ -412,7 +451,7 @@ | ||
90 | unless (s/^\+\+\+ //) { | ||
91 | error(_g("line after --- isn't as expected in diff `%s' (line %d)"), $diff, $.); | ||
92 | } | ||
93 | - $path{new} = $_ = _strip_ts($_); | ||
94 | + $path{new} = $_ = _fetch_filename($diff, $_); | ||
95 | $fn{new} = $_ if $_ ne '/dev/null' and s{^[^/]*/+}{$destdir/}; | ||
96 | |||
97 | unless (defined $fn{old} or defined $fn{new}) { | ||
diff --git a/meta/recipes-devtools/dpkg/dpkg/dpkg-configure.service b/meta/recipes-devtools/dpkg/dpkg/dpkg-configure.service new file mode 100644 index 0000000000..f0b0789e4e --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/dpkg-configure.service | |||
@@ -0,0 +1,17 @@ | |||
1 | [Unit] | ||
2 | Description=dpkg first boot configure | ||
3 | DefaultDependencies=no | ||
4 | After=systemd-remount-fs.service systemd-tmpfiles-setup.service tmp.mount | ||
5 | Before=sysinit.target | ||
6 | |||
7 | [Service] | ||
8 | Type=oneshot | ||
9 | EnvironmentFile=-@SYSCONFDIR@/default/postinst | ||
10 | ExecStart=-@BASE_BINDIR@/sh -c " if [ $POSTINST_LOGGING = '1' ]; then @BINDIR@/dpkg --configure -a > $LOGFILE 2>&1; else @BINDIR@/dpkg --configure -a; fi" | ||
11 | ExecStartPost=@BASE_BINDIR@/systemctl disable dpkg-configure.service | ||
12 | StandardOutput=syslog | ||
13 | RemainAfterExit=No | ||
14 | |||
15 | [Install] | ||
16 | WantedBy=basic.target | ||
17 | WantedBy=sysinit.target | ||
diff --git a/meta/recipes-devtools/dpkg/dpkg/fix-abs-redefine.patch b/meta/recipes-devtools/dpkg/dpkg/fix-abs-redefine.patch new file mode 100644 index 0000000000..e73311c294 --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/fix-abs-redefine.patch | |||
@@ -0,0 +1,40 @@ | |||
1 | Upstream-Status: Pending | ||
2 | |||
3 | dpkg defines: | ||
4 | #define DPKG_BEGIN_DECLS extern "C" { | ||
5 | |||
6 | That makes header cstdlib included in a extern "C" block which is not supported | ||
7 | by gcc 4.8. It fails on Fedora 19: | ||
8 | |||
9 | /usr/include/c++/4.8.1/cstdlib: In function ‘long long int std::abs(long long int)’: | ||
10 | /usr/include/c++/4.8.1/cstdlib:174:20: error: declaration of C function ‘long long int std::abs(long long int)’ conflicts with | ||
11 | abs(long long __x) { return __builtin_llabs (__x); } | ||
12 | ^ | ||
13 | /usr/include/c++/4.8.1/cstdlib:166:3: error: previous declaration ‘long int std::abs(long int)’ here | ||
14 | abs(long __i) { return __builtin_labs(__i); } | ||
15 | ^ | ||
16 | |||
17 | Move include gettext.h out of the extern "C" block to fix this issue. | ||
18 | |||
19 | Signed-off-by: Kai Kang <kai.kang@windriver.com> | ||
20 | |||
21 | --- dpkg-1.17.1/lib/dpkg/i18n.h.orig 2013-08-13 17:31:28.870935573 +0800 | ||
22 | +++ dpkg-1.17.1/lib/dpkg/i18n.h 2013-08-13 17:31:37.893065249 +0800 | ||
23 | @@ -23,8 +23,6 @@ | ||
24 | |||
25 | #include <dpkg/macros.h> | ||
26 | |||
27 | -DPKG_BEGIN_DECLS | ||
28 | - | ||
29 | /** | ||
30 | * @defgroup i18n Internationalization support | ||
31 | * @ingroup dpkg-internal | ||
32 | @@ -33,6 +31,8 @@ | ||
33 | |||
34 | #include <gettext.h> | ||
35 | |||
36 | +DPKG_BEGIN_DECLS | ||
37 | + | ||
38 | /* We need to include this because pgettext() uses LC_MESSAGES, but libintl.h | ||
39 | * which gets pulled by gettext.h only includes it if building optimized. */ | ||
40 | #include <locale.h> | ||
diff --git a/meta/recipes-devtools/dpkg/dpkg/fix-timestamps.patch b/meta/recipes-devtools/dpkg/dpkg/fix-timestamps.patch new file mode 100644 index 0000000000..d2cabbe065 --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/fix-timestamps.patch | |||
@@ -0,0 +1,21 @@ | |||
1 | The lutimes function doesn't work properly for all systems. | ||
2 | |||
3 | Signed-off-by: Constantin Musca <constantinx.musca@intel.com> | ||
4 | |||
5 | Upstream-Status: Inappropriate [embedded specific] | ||
6 | |||
7 | Index: dpkg-1.16.8/src/archives.c | ||
8 | =================================================================== | ||
9 | --- dpkg-1.16.8.orig/src/archives.c | ||
10 | +++ dpkg-1.16.8/src/archives.c | ||
11 | @@ -440,8 +440,10 @@ tarobject_set_mtime(struct tar_entry *te | ||
12 | |||
13 | if (te->type == tar_filetype_symlink) { | ||
14 | #ifdef HAVE_LUTIMES | ||
15 | +/* | ||
16 | if (lutimes(path, tv) && errno != ENOSYS) | ||
17 | ohshite(_("error setting timestamps of `%.255s'"), path); | ||
18 | +*/ | ||
19 | #endif | ||
20 | } else { | ||
21 | if (utimes(path, tv)) | ||
diff --git a/meta/recipes-devtools/dpkg/dpkg/glibc2.5-sync_file_range.patch b/meta/recipes-devtools/dpkg/dpkg/glibc2.5-sync_file_range.patch new file mode 100644 index 0000000000..d56b8a69a3 --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/glibc2.5-sync_file_range.patch | |||
@@ -0,0 +1,86 @@ | |||
1 | CentOS 5.8 kernels and headers support the sync_file_range() system call, | ||
2 | but glibc 2.5 doesn't provide the syscall stub. It appears that this | ||
3 | problem is known but will never be fixed: | ||
4 | |||
5 | https://bugzilla.redhat.com/show_bug.cgi?id=518581 | ||
6 | |||
7 | Bug 518581 - [RHEL5] glibc misses sync_file_range syscall interface | ||
8 | |||
9 | Status: CLOSED CANTFIX | ||
10 | Last Closed: 2009-11-22 22:19:55 | ||
11 | |||
12 | Kirby Zhou 2009-08-20 23:37:55 EDT | ||
13 | |||
14 | Description of problem: | ||
15 | |||
16 | glibc misses sync_file_range syscall interface. The header file and | ||
17 | man page both say 'sync_file_range' should exist. From man page, | ||
18 | sync_file_range should exist sinc kernel-2.6.17 | ||
19 | |||
20 | Andreas Schwab 2009-08-21 03:24:24 EDT | ||
21 | |||
22 | It has only been added to glibc 2.6, and cannot be backported due to | ||
23 | ABI breakage. You can always fall back to syscall(3). | ||
24 | |||
25 | Ulrich Drepper 2009-11-22 22:19:55 EST | ||
26 | |||
27 | As comment #1 says, no chance to backport this. | ||
28 | |||
29 | See the syscall man page for instructions. | ||
30 | |||
31 | Jon E 2010-03-19 10:32:37 EDT | ||
32 | |||
33 | then why document it if it's broken and you're not going to fix it? | ||
34 | .. might want to FTFM over at sync_file_range(2) - in the meantime - | ||
35 | borrowing from glibc 2.6 .. any thoughts on this implementation for a | ||
36 | hacky workaround for those still on your "ancient releases" .. (eg: | ||
37 | RHEL5.3)?: | ||
38 | |||
39 | #ifdef ULI_WONT_FIX_THIS_IN_GLIBC2.5 | ||
40 | #define NR_sync_file_range 277 | ||
41 | int sync_file_range (int fd, __off64_t from, __off64_t to, unsigned int flags) | ||
42 | { | ||
43 | return syscall (NR_sync_file_range, fd, | ||
44 | __LONG_LONG_PAIR ((long) (from >> 32), (long) from), | ||
45 | __LONG_LONG_PAIR ((long) (to >> 32), (long) to), | ||
46 | flags); | ||
47 | } | ||
48 | #endif | ||
49 | |||
50 | assuming of course that you're on an x86_64 and include/asm- | ||
51 | x86_64/unistd.h has the correct entry | ||
52 | |||
53 | (fwiw - fio is starting to use this now) | ||
54 | |||
55 | Rather than attempting to provide an implementation using syscall(), | ||
56 | we take the more conservative route and ignore header support for | ||
57 | sync_file_range() flags when the glibc version is <= 2.5. | ||
58 | |||
59 | Upstream-Status: Inappropriate [everyone else builds on newer hosts :-)] | ||
60 | |||
61 | Signed-off-by: Donn Seeley <donn.seeley@windriver.com> | ||
62 | Signed-off-by: Lei Liu <lei.liu2@windriver.com> | ||
63 | --- | ||
64 | src/archives.c | 4 ++-- | ||
65 | 1 file changed, 2 insertions(+), 2 deletions(-) | ||
66 | |||
67 | --- a/src/archives.c | ||
68 | +++ b/src/archives.c | ||
69 | @@ -75,7 +75,7 @@ | ||
70 | /* Ignore the return code as it should be considered equivalent to an | ||
71 | * asynchronous hint for the kernel, we are doing an fsync() later on | ||
72 | * anyway. */ | ||
73 | -#if defined(SYNC_FILE_RANGE_WRITE) | ||
74 | +#if defined(SYNC_FILE_RANGE_WRITE) && __GLIBC_PREREQ(2, 6) | ||
75 | sync_file_range(fd, 0, 0, SYNC_FILE_RANGE_WRITE); | ||
76 | #elif defined(HAVE_POSIX_FADVISE) | ||
77 | posix_fadvise(fd, 0, 0, POSIX_FADV_DONTNEED); | ||
78 | @@ -1179,7 +1179,7 @@ | ||
79 | return 0; | ||
80 | } | ||
81 | |||
82 | -#if defined(SYNC_FILE_RANGE_WAIT_BEFORE) | ||
83 | +#if defined(SYNC_FILE_RANGE_WAIT_BEFORE) && __GLIBC_PREREQ(2, 6) | ||
84 | static void | ||
85 | tar_writeback_barrier(struct fileinlist *files, struct pkginfo *pkg) | ||
86 | { | ||
diff --git a/meta/recipes-devtools/dpkg/dpkg/ignore_extra_fields.patch b/meta/recipes-devtools/dpkg/dpkg/ignore_extra_fields.patch new file mode 100644 index 0000000000..4e3eb97ed8 --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/ignore_extra_fields.patch | |||
@@ -0,0 +1,21 @@ | |||
1 | Upstream-Status: Inappropriate [workaround] | ||
2 | |||
3 | Index: dpkg-1.16.8/dpkg-deb/build.c | ||
4 | =================================================================== | ||
5 | --- dpkg-1.16.8.orig/dpkg-deb/build.c | ||
6 | +++ dpkg-1.16.8/dpkg-deb/build.c | ||
7 | @@ -340,13 +340,13 @@ check_new_pkg(const char *dir) | ||
8 | if (pkg->priority == pri_other) | ||
9 | warning(_("'%s' contains user-defined Priority value '%s'"), | ||
10 | controlfile, pkg->otherpriority); | ||
11 | - for (field = pkg->available.arbs; field; field = field->next) { | ||
12 | + /*for (field = pkg->available.arbs; field; field = field->next) { | ||
13 | if (known_arbitrary_field(field)) | ||
14 | continue; | ||
15 | |||
16 | warning(_("'%s' contains user-defined field '%s'"), controlfile, | ||
17 | field->name); | ||
18 | - } | ||
19 | + }*/ | ||
20 | |||
21 | free(controlfile); | ||
diff --git a/meta/recipes-devtools/dpkg/dpkg/no-vla-warning.patch b/meta/recipes-devtools/dpkg/dpkg/no-vla-warning.patch new file mode 100644 index 0000000000..0e57dbc7fc --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/no-vla-warning.patch | |||
@@ -0,0 +1,32 @@ | |||
1 | From e94474d805377d67c8b09664a602f20969e12b8a Mon Sep 17 00:00:00 2001 | ||
2 | From: Robert Yang <liezhi.yang@windriver.com> | ||
3 | Date: Thu, 23 Jan 2014 04:17:23 -0500 | ||
4 | Subject: [PATCH] dpkg-compiler.m4: remove -Wvla | ||
5 | |||
6 | Remove the -Wvla flag from the set of compiler warning flags, since gcc | ||
7 | on old host systems such as CentOS 5.8 doesn't support it, and it | ||
8 | causes a build error for dpkg-native. | ||
9 | |||
10 | Upstream-Status: Pending | ||
11 | |||
12 | Signed-off-by: Donn Seeley <donn.seeley@windriver.com> | ||
13 | Signed-off-by: Robert Yang <liezhi.yang@windriver.com> | ||
14 | --- | ||
15 | m4/dpkg-compiler.m4 | 1 - | ||
16 | 1 file changed, 1 deletion(-) | ||
17 | |||
18 | diff --git a/m4/dpkg-compiler.m4 b/m4/dpkg-compiler.m4 | ||
19 | index f1c760b..500b5ad 100644 | ||
20 | --- a/m4/dpkg-compiler.m4 | ||
21 | +++ b/m4/dpkg-compiler.m4 | ||
22 | @@ -72,7 +72,6 @@ if test "x$enable_compiler_warnings" = "xyes"; then | ||
23 | DPKG_WARNING_ALL([-Wformat-security]) | ||
24 | DPKG_WARNING_ALL([-Wpointer-arith]) | ||
25 | DPKG_WARNING_ALL([-Wlogical-op]) | ||
26 | - DPKG_WARNING_ALL([-Wvla]) | ||
27 | DPKG_WARNING_ALL([-Winit-self]) | ||
28 | DPKG_WARNING_ALL([-Wwrite-strings]) | ||
29 | DPKG_WARNING_ALL([-Wcast-align]) | ||
30 | -- | ||
31 | 1.7.10.4 | ||
32 | |||
diff --git a/meta/recipes-devtools/dpkg/dpkg/noman.patch b/meta/recipes-devtools/dpkg/dpkg/noman.patch new file mode 100644 index 0000000000..d30c15018a --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/noman.patch | |||
@@ -0,0 +1,14 @@ | |||
1 | Upstream-Status: Inappropriate [disable feature] | ||
2 | |||
3 | diff -ruN dpkg-1.15.8.5-orig/Makefile.am dpkg-1.15.8.5/Makefile.am | ||
4 | --- dpkg-1.15.8.5-orig/Makefile.am 2010-10-08 12:27:15.042083703 +0800 | ||
5 | +++ dpkg-1.15.8.5/Makefile.am 2010-10-08 12:27:27.755148228 +0800 | ||
6 | @@ -12,8 +12,7 @@ | ||
7 | utils \ | ||
8 | $(MAYBE_DSELECT) \ | ||
9 | scripts \ | ||
10 | - po \ | ||
11 | - man | ||
12 | + po | ||
13 | |||
14 | ACLOCAL_AMFLAGS = -I m4 | ||
diff --git a/meta/recipes-devtools/dpkg/dpkg/preinst.patch b/meta/recipes-devtools/dpkg/dpkg/preinst.patch new file mode 100644 index 0000000000..0549121ef1 --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/preinst.patch | |||
@@ -0,0 +1,51 @@ | |||
1 | Our pre/postinsts expect $D to be set when running in a sysroot and | ||
2 | don't expect a chroot. This matches up our system expectations with | ||
3 | what dpkg does. | ||
4 | |||
5 | Upstream-Status: Inappropriate [OE Specific] | ||
6 | |||
7 | RP 2011/12/07 | ||
8 | |||
9 | Index: dpkg-1.17.1/src/script.c | ||
10 | =================================================================== | ||
11 | --- dpkg-1.17.1.orig/src/script.c | ||
12 | +++ dpkg-1.17.1/src/script.c | ||
13 | @@ -111,36 +111,9 @@ preexecscript(struct command *cmd) | ||
14 | size_t instdirl = strlen(instdir); | ||
15 | |||
16 | if (*instdir) { | ||
17 | - if (strncmp(admindir, instdir, instdirl) != 0) | ||
18 | - ohshit(_("admindir must be inside instdir for dpkg to work properly")); | ||
19 | - if (setenv("DPKG_ADMINDIR", admindir + instdirl, 1) < 0) | ||
20 | - ohshite(_("unable to setenv for subprocesses")); | ||
21 | - | ||
22 | - if (chroot(instdir)) | ||
23 | - ohshite(_("failed to chroot to `%.250s'"), instdir); | ||
24 | - } | ||
25 | - /* Switch to a known good directory to give the maintainer script | ||
26 | - * a saner environment, also needed after the chroot(). */ | ||
27 | - if (chdir("/")) | ||
28 | - ohshite(_("failed to chdir to `%.255s'"), "/"); | ||
29 | - if (debug_has_flag(dbg_scripts)) { | ||
30 | - struct varbuf args = VARBUF_INIT; | ||
31 | - const char **argv = cmd->argv; | ||
32 | - | ||
33 | - while (*++argv) { | ||
34 | - varbuf_add_char(&args, ' '); | ||
35 | - varbuf_add_str(&args, *argv); | ||
36 | - } | ||
37 | - varbuf_end_str(&args); | ||
38 | - debug(dbg_scripts, "fork/exec %s (%s )", cmd->filename, | ||
39 | - args.buf); | ||
40 | - varbuf_destroy(&args); | ||
41 | + setenv("D", instdir, 1); | ||
42 | } | ||
43 | - if (!instdirl) | ||
44 | - return cmd->filename; | ||
45 | - | ||
46 | - assert(strlen(cmd->filename) >= instdirl); | ||
47 | - return cmd->filename + instdirl; | ||
48 | + return cmd->filename; | ||
49 | } | ||
50 | |||
51 | /** | ||
diff --git a/meta/recipes-devtools/dpkg/dpkg/remove-tar-no-timestamp.patch b/meta/recipes-devtools/dpkg/dpkg/remove-tar-no-timestamp.patch new file mode 100644 index 0000000000..4f408ff777 --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/remove-tar-no-timestamp.patch | |||
@@ -0,0 +1,17 @@ | |||
1 | busybox-1.19.4 tar utility doesn't support --warning=no-timestamp | ||
2 | |||
3 | Signed-off-by: Constantin Musca <constantinx.musca@intel.com> | ||
4 | |||
5 | Upstream-Status: Inappropriate [configuration] | ||
6 | Index: dpkg-1.17.1/dpkg-deb/extract.c | ||
7 | =================================================================== | ||
8 | --- dpkg-1.17.1.orig/dpkg-deb/extract.c | ||
9 | +++ dpkg-1.17.1/dpkg-deb/extract.c | ||
10 | @@ -318,7 +318,6 @@ extracthalf(const char *debar, const cha | ||
11 | |||
12 | command_add_arg(&cmd, "-f"); | ||
13 | command_add_arg(&cmd, "-"); | ||
14 | - command_add_arg(&cmd, "--warning=no-timestamp"); | ||
15 | |||
16 | m_dup2(p2[0],0); | ||
17 | close(p2[0]); | ||
diff --git a/meta/recipes-devtools/dpkg/dpkg/tar-error-code.patch b/meta/recipes-devtools/dpkg/dpkg/tar-error-code.patch new file mode 100644 index 0000000000..235f878aad --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg/tar-error-code.patch | |||
@@ -0,0 +1,55 @@ | |||
1 | When running do_package_write_deb, we have trees of hardlinked files | ||
2 | such as the dbg source files in ${PN}-dbg. If something makes another | ||
3 | copy of one of those files (or deletes one), the number of links a file | ||
4 | has changes and tar can notice this, e.g.: | ||
5 | |||
6 | | DEBUG: Executing python function do_package_deb | ||
7 | | dpkg-deb: building package `sed-ptest' in `/media/build1/poky/build/tmp/work/i586-poky-linux/sed/4.2.2-r0/deploy-debs/i586/sed-ptest_4.2.2-r0.3_i386.deb'. | ||
8 | | tar: ./usr/lib/sed/ptest/testsuite/tst-regex2: file changed as we read it | ||
9 | | dpkg-deb: error: subprocess tar -cf returned error exit status 1 | ||
10 | |||
11 | Tar returns an error of 1 when files 'change' and other errors codes | ||
12 | in other error cases. We tweak dpkg-deb here so that it ignores an exit | ||
13 | code of 1 from tar. The files don't really change (and we have locking in | ||
14 | place to avoid that kind of issue). | ||
15 | |||
16 | Upsteam-Status: Inappropriate | ||
17 | RP 2015/3/27 | ||
18 | |||
19 | Signed-off-by: Saul Wold <sgw@linux.intel.com> | ||
20 | |||
21 | Index: dpkg-1.17.4/dpkg-deb/build.c | ||
22 | =================================================================== | ||
23 | --- dpkg-1.17.4.orig/dpkg-deb/build.c | ||
24 | +++ dpkg-1.17.4/dpkg-deb/build.c | ||
25 | @@ -443,7 +443,7 @@ do_build(const char *const *argv) | ||
26 | bool subdir; | ||
27 | char *tfbuf; | ||
28 | int arfd; | ||
29 | - int p1[2], p2[2], gzfd; | ||
30 | + int p1[2], p2[2], gzfd, rc; | ||
31 | pid_t c1, c2; | ||
32 | |||
33 | /* Decode our arguments. */ | ||
34 | @@ -536,7 +536,9 @@ do_build(const char *const *argv) | ||
35 | } | ||
36 | close(p1[0]); | ||
37 | subproc_wait_check(c2, "gzip -9c", 0); | ||
38 | - subproc_wait_check(c1, "tar -cf", 0); | ||
39 | + rc = subproc_wait_check(c1, "tar -cf", PROCNOERR); | ||
40 | + if (rc && rc != 1) | ||
41 | + ohshite(_("subprocess %s returned error exit status %d"), "tar -cf", rc); | ||
42 | |||
43 | if (lseek(gzfd, 0, SEEK_SET)) | ||
44 | ohshite(_("failed to rewind temporary file (%s)"), _("control member")); | ||
45 | @@ -619,7 +621,9 @@ do_build(const char *const *argv) | ||
46 | /* All done, clean up wait for tar and gzip to finish their job. */ | ||
47 | close(p1[1]); | ||
48 | subproc_wait_check(c2, _("<compress> from tar -cf"), 0); | ||
49 | - subproc_wait_check(c1, "tar -cf", 0); | ||
50 | + rc = subproc_wait_check(c1, "tar -cf", PROCNOERR); | ||
51 | + if (rc && rc != 1) | ||
52 | + ohshite(_("subprocess %s returned error exit status %d"), "tar -cf", rc); | ||
53 | /* Okay, we have data.tar as well now, add it to the ar wrapper. */ | ||
54 | if (deb_format.major == 2) { | ||
55 | char datamember[16 + 1]; | ||
diff --git a/meta/recipes-devtools/dpkg/dpkg_1.17.4.bb b/meta/recipes-devtools/dpkg/dpkg_1.17.4.bb new file mode 100644 index 0000000000..83526f3c96 --- /dev/null +++ b/meta/recipes-devtools/dpkg/dpkg_1.17.4.bb | |||
@@ -0,0 +1,21 @@ | |||
1 | require dpkg.inc | ||
2 | LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" | ||
3 | |||
4 | SRC_URI += "file://noman.patch \ | ||
5 | file://check_snprintf.patch \ | ||
6 | file://check_version.patch \ | ||
7 | file://preinst.patch \ | ||
8 | file://fix-timestamps.patch \ | ||
9 | file://remove-tar-no-timestamp.patch \ | ||
10 | file://fix-abs-redefine.patch \ | ||
11 | file://arch_pm.patch \ | ||
12 | file://dpkg-configure.service \ | ||
13 | file://glibc2.5-sync_file_range.patch \ | ||
14 | file://no-vla-warning.patch \ | ||
15 | file://dpkg-1.17.4-CVE-2014-0471.patch \ | ||
16 | file://dpkg-1.17.4-CVE-2014-0471-CVE-2014-3127.patch \ | ||
17 | " | ||
18 | |||
19 | SRC_URI[md5sum] = "cc25086e1e3bd9512a95f14cfe9002e1" | ||
20 | SRC_URI[sha256sum] = "01cdc81c33e77c3d7c40df17e19171794542be7cf12e411381ffcaa8f87b1854" | ||
21 | |||