summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
Commit message (Collapse)AuthorAgeFilesLines
* openssl: force soft link to avoid rare raceRandy MacLeod2017-12-042-0/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch works around a rare parallel build race condition using the force option when soft linking. The error seen is: ln: failed to create symbolic link 'libssl.so': File exists make[4]: *** [Makefile.shared:171: link_a.gnu] Error 1 make[4]: Leaving directory '/.../build/tmp-glibc/work/x86_64-linux/openssl-native/1.0.2k-r0/openssl-1.0.2k' Just add the -f flag to the platform independent soft link code to avoid the collision. This is reasonable since this Makefile removes the link target before creating a new soft link. The Makefile was written this way to support platforms that don't allow forcing a softlink to overwrite an existing link. Only builds on Linux are supported so that's not a requirement for oe-core recipes. The openssl team is rewriting their build files so it's not appropriate for openssl upstream and fixing the root cause of the race condition was also not pursued. (From OE-Core rev: f6be81b1dddc7adc2e97fefb2bd6c296d4dce8c6) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit c60288aba70635238094c6b813228b31e0715db9) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa_supplicant: fix WPA2 key replay security bugRoss Burton2017-10-162-0/+1026
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | WPA2 is vulnerable to replay attacks which result in unauthenticated users having access to the network. * CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake * CVE-2017-13078: reinstallation of the group key in the Four-way handshake * CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake * CVE-2017-13080: reinstallation of the group key in the Group Key handshake * CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake * CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it * CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake * CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame * CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame Backport patches from upstream to resolve these CVEs. (From OE-Core rev: 1c46e201ef486395ec047f29af272f8c3dfd9611) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Atomically generate host keysJoshua Watt2017-10-071-8/+34
| | | | | | | | | | | | | | Generating the host keys atomically prevents power interruptions during the first boot from leaving the key files incomplete, which often prevents users from being able to ssh into the device. [YOCTO #11671] (From OE-Core rev: 221b40f1f08ee23511ba078a1efd01686922e932) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Fix key generation with systemdJoshua Watt2017-09-254-81/+76
| | | | | | | | | | | | | | | | | | | | 106b59d9 broke SSH host key generation when systemd and a read-only root file system are in use because there isn't a way for systemd to get the optional weak assigment of SYSCONFDIR from /etc/default/sshd and still provide a default value if it is not specified. Instead, move the logic for determining if keys need to be created to a helper script that both the SysV init script and the systemd unit file can reference. This does mean that the systemd unit file can't check for file existence to know if it should start the service, but it wasn't able to do that correctly anyway anymore. This should be a problem since the serivce is only run once per power cycle by systemd, and should exit quickly if the keys already exist (From OE-Core rev: 7e49c5879862253ae1b6a26535d07a2740a95798) Signed-off-by: Joshua Watt <JPEWhacker@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: Correct support for building without systemdPeter Kjellerstedt2017-09-211-1/+1
| | | | | | | | | | | | | | This avoids the following error when the systemd DISTRO_FEATURE is enabled, but the systemd PACKAGECONFIG is not: ERROR: bluez5-5.46-r0 do_package: SYSTEMD_SERVICE_bluez5 value bluetooth.service does not exist (From OE-Core rev: a751a1f4ab0625cbfedb6445b0da080fc455848f) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mobile-broadband-provider-info: Add HOMEPAGE info into recipe file.Huang Qiyu2017-09-211-0/+1
| | | | | | | | (From OE-Core rev: d29b4a1167d27c466727e8f4183fd99d0dd05a6f) Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: fix out-of-bounds access in SDP server (CVE-2017-1000250)Ross Burton2017-09-142-0/+35
| | | | | | | | | | | | All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests. (From OE-Core rev: 7351e0b260876b9bbc8660c2bb4173ab4c130f8b) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: Default to tipc enabled, and include libmnl dependencyMark Hatle2017-09-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | iproute2 has the ability to include a tipc tool. When enabled this requires the libmnl package (formerly supplied by meta-openembedded). So both are needed at the same time. The change itself is needed because of the tipc-utils package (in meta-openembedded) which RDEPENDS on iproute2-tipc. Without this package the yocto-compat-layer script indicates there is no way for me to have meta-openembedded pass the checker. This is because meta-openembedded is not allowed to just enable 'tipc' on it's own. (A layer may not make distro wide changes without a user saying to do it.) The checker script invokes bitbake -S none world, which will fail on dependency resolution due to there being no iproute2-tipc package. The tipc-utils package does not have a way to check the PACKAGECONFIG of the iproute2 package so disable itself if the dependency can not be met. So the default system behavior needs to be: iproute2 w/ tipc enabled tipc-utils RDEPENDS on iproute2-tipc (From OE-Core rev: b40f42e69de47af4f627432e284038c645efbaec) Signed-off-by: Mark Hatle <mark.hatle@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: set right target for ilp32 buildVishal Bhoj2017-08-311-1/+1
| | | | | | | | (From OE-Core rev: b6a1c7ed0a5955fb15dcd9e14431cb11a5e2e3a0) Signed-off-by: Vishal Bhoj <vishal.bhoj@linaro.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: cosmetic fixes to bluetooth bootscriptJavier Viguera2017-08-301-9/+6
| | | | | | | | | | | | | | | | | Fix booting messages wrapped over two different lines: Starting bluetooth bluetoothd Stopping bluetooth /usr/libexec/bluetooth/bluetoothd Also reworked whitespace (removed some empty lines). (From OE-Core rev: 62f1122ef166eba56441d669c6b3b3fe5f367418) Signed-off-by: Javier Viguera <javier.viguera@digi.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Fix syntax error on x32sweeaun2017-08-302-0/+34
| | | | | | | | | Fix compilation error during openssh x32 build due to syntax error. (From OE-Core rev: 74d41b4870bec88015c079444daad0a68f69abe9) Signed-off-by: sweeaun <swee.aun.khor@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: Fix for CVE-2017-12865Sona Sarmadi2017-08-232-0/+88
| | | | | | | | | | | | | dnsproxy: Fix crash on malformed DNS response If the response query string is malformed, we might access memory pass the end of "name" variable in parse_response(). [YOCTO #11959] (From OE-Core rev: fb3e30e45eea2042fdb0b667cbc2c79ae3f5a1a9) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: rename back to openssl and make it the default via PREFERRED_VERSIONAlexander Kanavin2017-08-1933-11/+2
| | | | | | | | | | | | | | | | openssl 1.1 broke 3rd party layers a lot more than was expected; let's flip the switch at the start of next development cycle. Add a PROVIDES = "openssl10" to openssl 1.0 recipe; any dependency that is not compatible with 1.1 should use that in its DEPENDS, as the 1.0 recipe will later be renamed back to openssl10. This does not always work: http://lists.openembedded.org/pipermail/openembedded-core/2017-August/140957.html but for many recipes it does. (From OE-Core rev: 5585103c195104e85ed7ac1455bef91b2e88a04d) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: modified the define cryptodevHuang Qiyu2017-08-182-1/+2
| | | | | | | | | Use PACKAGECONFIG to add cryptodev. (From OE-Core rev: dddf15804f69757278abe175543e74332a978139) Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: Remove musl patch that's no longer neededJussi Kukkonen2017-08-182-82/+1
| | | | | | | | | libc headers now have a backported patch that fixes this. (From OE-Core rev: 5dc1700ec6ff15aefb8ca540e5b7d3e89a14945b) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: 4.3.5 -> 4.3.6Hongxu Jia2017-08-1820-519/+318
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. Rebase patches to 4.3.6 - define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch -> 0001 - dhcp-3.0.3-dhclient-dbus.patch -> 0002 - link-with-lcrypto.patch -> 0003 - fixsepbuild.patch -> 0004 - dhclient-script-drop-resolv.conf.dhclient.patch -> 0005 - 0001-site.h-enable-gentle-shutdown.patch -> 0006 - libxml2-configure-argument.patch -> 0007 - tweak-to-support-external-bind.patch -> 0008 - remove-dhclient-script-bash-dependency.patch -> 0009 - build-shared-libs.patch -> 0010 - Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch -> 0011 2. Drop search-for-libxml2.patch It is overrided by libxml2-configure-argument.patch 3. Rework dhclient-script-drop-resolv.conf.dhclient.patch and Drop replace-ifconfig-route.patch. vim client/scripts/linux ... Script refresh in 2017. The aliasing code was too convoluted and needs to go away. Migrated DHCPv4 script to ip command from iproute2 suite. This is based on Debian script with some tweaks. ifconfig is no longer used. Everything is done using ip tool from ip-route2. ... (From OE-Core rev: 77878d2e6e8f36afa9a0fde8a6f0f955c84a5e5c) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Add missing bash/python rdepends for ptestRichard Purdie2017-08-181-1/+1
| | | | | | | | | ERROR: openssl-1.1.0f-r0 do_package_qa: QA Issue: /usr/lib/openssl/ptest/fuzz/helper.py contained in package openssl-ptest requires /usr/bin/python, but no providers found in RDEPENDS_openssl-ptest? [file-rdeps] ERROR: openssl-1.1.0f-r0 do_package_qa: QA Issue: /usr/lib/openssl/ptest/test/certs/mkcert.sh contained in package openssl-ptest requires /bin/bash, but no providers found in RDEPENDS_openssl-ptest? [file-rdeps] (From OE-Core rev: 7e70d0673df20669edd18b79ae065d8c2f655b8a) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Use correct python interpreter pathRichard Purdie2017-08-181-1/+1
| | | | | | | | | The scripts currently reference "python33", fix this so they reference python3. The move the python3 likely broke these. (From OE-Core rev: 1a734f037da37d14f780970a9532d1e2e3683bf8) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: Fix conflict between openssl and openssl10 man pages.Jason Wessel2017-08-171-0/+10
| | | | | | | | | | | | | | | The package resolver failes to assemble images because some of the man pages in openssl10 conflict with the openssl package. In the case where you want openssl, openssh and the documentation installed in the same system you will see the failure. The work around is to rename all the openssl10 man pages and symlinks to have a prefix of openssl10-. (From OE-Core rev: bb837cae92472b294ac886b121b2249e4314439f) Signed-off-by: Jason Wessel <jason.wessel@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: add tipc supportYi Zhao2017-08-171-2/+6
| | | | | | | | | | | | | | The tipcutils 2.2 in meta-oe removed the tipc-config tool and recommended to use the new configuration tool named "tipc" in iproute2 package for configuring the tipc, which utilizes the new tipc netlink kernel API. Add tipc support and split it out into its own package. (From OE-Core rev: 944ef0de241de77429ab0e5cb1dd4a7f355cf3fd) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: depend on openssl 1.0Alexander Kanavin2017-08-131-1/+2
| | | | | | | | | | | | | | | | The proposed openssl 1.1 patches are here: https://github.com/openssh/openssh-portable/pull/48 Openssl maintainers are not in a hurry to get 1.1 support in; if it doesn't show up within reasonable time, we can take a patch from Fedora: http://lists.mindrot.org/pipermail/openssh-unix-dev/2016-November/035454.html (From OE-Core rev: 5ccf4a9786fc607a5838edb3bf409f83d7483ba6) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: add a 1.1 versionAlexander Kanavin2017-08-1337-5/+488
| | | | | | | | | | | | | | | | Existing openssl 1.0 recipe is renamed to openssl10; it will continue to be provided for as long as upstream supports it (and there are still several recipes which do not work with openssl 1.1 due to API differences). A few files (such as openssl binary) are no longer installed by openssl 1.0, because they clash with openssl 1.1. (From OE-Core rev: da1183f9fa5e06fbe66b5b31eb3313d5d35d11e3) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Support musl-x32 buildsweeaun2017-08-131-2/+4
| | | | | | | | | | Support musl-x32 build which to build openssl with 32 bits. (From OE-Core rev: a072d4620db462c5d3459441d5684cfd99938400) Signed-off-by: sweeaun <swee.aun.khor@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant_2.6.bb: set CVE_PRODUCT to wpa_supplicantMikko Rapeli2017-07-241-0/+2
| | | | | | | | | | | | It is used in NVD database CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2015-1863 (From OE-Core rev: cc3882ca2fea2c5a8830311eeb7840ae98da9b3c) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5.inc: set CVE_PRODUCT to bluezMikko Rapeli2017-07-241-0/+2
| | | | | | | | | | | | bluez is the product name in NVD database for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2016-7837 (From OE-Core rev: aade84aa54bb2f958572623ed6464184efd19862) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: add dhclient.serviceChen Qi2017-07-243-3/+70
| | | | | | | | | | | | | | Add dhclient.service. This service file mainly comes from meta-systemd, with modifications to take nfs boot into consideration. While using eth0 as the nfsboot interface, we'd like dhclient service to skip it like what ifup and connman do in sysvinit. (From OE-Core rev: faa8d0f5e8db4a99367d42ba8c8de5b2e339d8d2) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: upgrade to 5.46Maxin B. John2017-07-211-2/+3
| | | | | | | | | | | | 5.45 -> 5.46 This includes the new testing utility "advtest" (From OE-Core rev: 514e9be6b00cd39bb8b2eaf117125109fba17910) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: update patch statusMaxin B. John2017-07-211-1/+1
| | | | | | | | | | Update the status of following patch from Pending to Accepted: a) 0001-hciattach-bcm43xx-fix-the-delay-timer-for-firmware-d.patch (From OE-Core rev: f9ccac5dd359e9b874a39cd879ea23c841085eab) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: fix shutdown not work by SIGTERM while bind9 enable threadsHongxu Jia2017-07-172-0/+82
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | In https://source.isc.org/git/bind9.git, since the following commit applied: ... commit b99bfa184bc9375421b5df915eea7dfac6a68a99 Author: Evan Hunt <each@isc.org> Date: Wed Apr 10 13:49:57 2013 -0700 [master] unify internal and export libraries 3550. [func] Unified the internal and export versions of the BIND libraries, allowing external clients to use the same libraries as BIND. [RT #33131] ... (git show b99bfa184bc9375421b5df915eea7dfac6a68a99 -- ./lib/isc/unix/app.c) In this commit, if bind9 enable threads(ISC_PLATFORM_USETHREADS), it blocks signal SIGHUP, SIGINT and SIGTERM in isc__app_ctxstart. Which caused dhclient/dhcpd could not be stopped by SIGTERM. It caused systemd's reboot hung which send SIGTERM by default. (From OE-Core rev: 7d3e734481e5d400d03ffd0a12669913fd264c5f) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: 9.10.3-P3 -> 9.10.5-P3Kai Kang2017-07-1713-2443/+61
| | | | | | | | | | | | | | | Upgrade bind from 9.10.3-P3 to 9.10.5-P3 * Update md5sum of LIC_FILES_CHKSUM that it update year in file COPYRIGHT * Remvoe mips1-not-support-opcode.diff which has been merged * Remove CVE patches that there are backported from upstream * Use python3 for build and make sure install .py files to right directory (From OE-Core rev: 9ee6a0a6599d081767b63382a576e67aed12cf4d) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi-ui: reduce local pending patchesDengke Du2017-07-061-4/+5
| | | | | | | | | | [Yocto #11548] (From OE-Core rev: 9e18fc1aa4aa0ead854bb4e02eb3af2e7909f597) Signed-off-by: Dengke Du <dengke.du@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez: Correct the timer count for bcm43xx firmware downloadJun Zhu2017-07-062-0/+37
| | | | | | | | | | | | bcm43xx failed as time out for firmware downloading. The root cause is that it need wait 50ms to download firmware, but the value of 50us is set to the timer. (From OE-Core rev: bb8bc17ab8d71e3a30e2f0b655c42434dd968ea4) Signed-off-by: Jun Zhu <junzhu@nxp.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Upgrade 1.0.2k -> 1.0.2lChanghyeok Bae2017-07-064-49/+8
| | | | | | | | | | | | | | | 1. Dropped obsolete patches, because the new version contains them: - fix-cipher-des-ede3-cfb1.patch - openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch 2. LICENSE checksum change due to copyright years and wording tweak. 3. Test binaries (x86-64) are included in source code. So remove those only for ptest. (From OE-Core rev: 64ec18d7e13d310e5e44080a04b3f2181ea96ae3) Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: fix nftables dependencyAndré Draszik2017-06-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | When building with nftables support, connman doesn't ever depend on the nftables command line tool. connman will depend on libmnl and libnftnl at build and run time. In addition, the nftables rules it creates depend on various kernel modules being present. Update the PACKAGECONFIG to reflect this. We use the just introduced RRECOMMENDS field so as to make the build still succeed if those kernel modules have been linked statically into the kernel, i.e. when the packages haven't actually been created. (From OE-Core rev: ed6c92d62be1c98ec9dbf92317d850499d127631) Signed-off-by: André Draszik <adraszik@tycoint.com> Acked-by: Sylvain Lemieux <slemieux@tycoint.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Remove deprecated sshd optionGary Thomas2017-06-281-1/+0
| | | | | | | | | | | | | The UsePrivilegeSeparation is no longer supported (recent SSHD always runs with previlege separation), so remove this option from the default config file to avoid this warning: /etc/ssh/sshd_config line 110: Deprecated option UsePrivilegeSeparation (From OE-Core rev: 8ee1c567b67ec55be0fa2fbcef3d5e8fb4e82709) Signed-off-by: Gary Thomas <gary@mlbassoc.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: fix build-time warning with sysvinitMaxin B. John2017-06-281-3/+3
| | | | | | | | | | | | | | | | Due to recent modifications related to systemd, sysvinit builds began to show this warning: WARNING: connman-1.34-r0 do_package: connman: NOT adding alternative provide /etc/resolv.conf: /etc/resolv-conf.connman does not exist Fix this warning by making those updates specific to systemd. (From OE-Core rev: 2a0afa9682d6119f403626ca31cd8c9854637312) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: remove PN from PACKAGESRoss Burton2017-06-281-1/+1
| | | | | | | (From OE-Core rev: 09960ac22d78d65cf840140bf6458f4fc1ff556f) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Add/fix missing Upstream-Status to patchesRichard Purdie2017-06-273-0/+7
| | | | | | | | | This adds or fixes the Upstream-Status for all remaining patches missing it in OE-Core. (From OE-Core rev: 563cab8e823c3fde8ae4785ceaf4d68a5d3e25df) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Fix malformed Upstream-Status tagsRoss Burton2017-06-271-1/+1
| | | | | | | | | | Fix a variety of spelling and format mistakes to improve the ease of reading the tags programatically. (From OE-Core rev: 6e1aaf80b0d951b48cd25cb7161ec19448295094) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpcap: apply fix from upstream to fix build raceRoss Burton2017-06-232-0/+30
| | | | | | | | | | ../libpcap-1.8.1/grammar.y:78:10: fatal error: scanner.h: No such file or directory (From OE-Core rev: aaed4e92d79919e40c896536fcb4ff6567c9a755) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: add more PACKAGECONFIG optionsMarc Ferland2017-06-232-5/+25
| | | | | | | | | | | | | | This patch adds missing PACKAGECONFIG options and allow for a more fine-grained build of bluez5. I took care of providing a default configuration that matches the previous default config. (From OE-Core rev: 2589cfb8a5b46be958ff3ee228c3a32f82dada86) Signed-off-by: Marc Ferland <ferlandm@amotus.ca> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: remove libusb dependencyMarc Ferland2017-06-231-1/+1
| | | | | | | | | | Not a dependency since version 5.9. (From OE-Core rev: 3202782d4c76653d83a90122588131e6d945a4e0) Signed-off-by: Marc Ferland <ferlandm@amotus.ca> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Remove further uclibc remnants (inc. patches and site files)Richard Purdie2017-06-223-9/+2
| | | | | | | | | | | | Some of these are clearly dead, e.g. one binutils patch reverts the effects of the earlier one. This also removes the uclibc site files. We now have mechanisms to allow these to be extended from another layer should someone ever wish to do that. (From OE-Core rev: e01e7c543a559c8926d72159b5cd55db0c661434) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Drop remnants of uclibc supportRichard Purdie2017-06-223-13/+0
| | | | | | | | | | | | | | uclibc support was removed a while ago and musl works much better. Start to remove the various overrides and patches related to uclibc which are no longer needed. uclibc support in a layer would still be possible. I have strong reasons to believe nobody is still using uclibc since patches are missing and I doubt the metadata even parses anymore. (From OE-Core rev: 653704e9cf325cb494eb23facca19e9f05132ffd) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: switch from ftp to httpMaxin B. John2017-06-141-1/+1
| | | | | | | | | | For the same reasons as Debian: https://www.debian.org/News/2017/20170425 (From OE-Core rev: 95a83b81421e07b5daa42c2311f8f5fce859c391) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: correct the systemd boot in read only rootfsMaxin B. John2017-06-143-1/+44
| | | | | | | | | | | | | | | | | connman fails to start in systemd based read-only images while creating links: Jun 08 12:53:56 qemux86-64 systemd[1]: Starting Create Volatile Files and Directories... Jun 08 12:53:56 qemux86-64 systemd-tmpfiles[366]: [[0;1;31msymlink(/var/run/connman/resolv.conf, /etc/resolv.conf) failed: Read-only file system[[0m Fix this failure and make connman co-exist with systemd-resolved. (From OE-Core rev: 732e1f74bb9f5ecc98b29197f6bcab117710adab) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: Upgrade 4.10.0 -> 4.11.0Changhyeok Bae2017-06-132-2/+33
| | | | | | | | | | 0001-ip-Remove-unneed-header.patch is to fix build error built with musl. (From OE-Core rev: 2a6fe7c6c1e113d930ddc8e06717747a779b46f1) Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: allow to override OpenSSL HostKeys when read-only-rootfsAndré Draszik2017-06-121-4/+42
| | | | | | | | | | | | | | With these changes it is possible to have a .bbappend that - sets SYSCONFDIR to some persistent storage - modifies SYSCONFDIR/sshd_config to use ssh host keys from the (writable) sysconfdir (From OE-Core rev: 106b59d9f96f70d133fa1421091ad280d27a5b6a) Signed-off-by: André Draszik <adraszik@tycoint.com> Reviewed-by: Stephane Ayotte <sayotte@tycoint.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: Fix build error due to missing stdint.h> includeKhem Raj2017-06-032-0/+28
| | | | | | | | (From OE-Core rev: 8a0af685adb5275dc39ef0cd209d03905d1db067) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: Upgrade 5.44 -> 5.45Maxin B. John2017-05-301-2/+2
| | | | | | | (From OE-Core rev: 30178fed5172d0d8039dea06c32d391eb4a530b8) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>