summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
Commit message (Collapse)AuthorAgeFilesLines
* openssl: prevent ABI break from earlier fido releasesJoshua Lock2016-05-121-9/+22
| | | | | | | | | | | | | | The backported upgrade to 1.0.2h included an updated GNU LD version-script which results in an ABI change. In order to try and respect ABI for existing binaries built against fido this commit partially reverts the version-script to maintain the existing ABI and instead only add the new symbols required by 1.0.2h. Suggested-by: Martin Jansa <martin.jansa@gmail.com> (From OE-Core rev: 480db6be99f9a53d8657b31b846f0079ee1a124f) Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: 1.0.2d -> 1.0.2h (mainly for CVEs)Robert Yang2016-05-1115-1950/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * CVEs: - CVE-2016-0705 - CVE-2016-0798 - CVE-2016-0797 - CVE-2016-0799 - CVE-2016-0702 - CVE-2016-0703 - CVE-2016-0704 - CVE-2016-2105 - CVE-2016-2106 - CVE-2016-2109 - CVE-2016-2176 * The LICENSE's checksum is changed because of date changes (2011 -> 2016), the contents are the same. * Remove backport patches - 0001-Add-test-for-CVE-2015-3194.patch - CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch - CVE-2015-3194-1-Add-PSS-parameter-check.patch - CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch - CVE-2015-3197.patch - CVE-2016-0701_1.patch - CVE-2016-0701_2.patch - CVE-2016-0800.patch - CVE-2016-0800_2.patch - CVE-2016-0800_3.patch * Update crypto_use_bigint_in_x86-64_perl.patch * Add version-script.patch and update block_diginotar.patch (From master branch) * Update openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch (From Armin) (From OE-Core master rev: bca156013af0a98cb18d8156626b9acc8f9883e3) (From OE-Core rev: 6ed7c8a9f82bc173ae0cc8b494af5a2c838f08fc) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: CVE-2016-1285 CVE-2016-1286Sona Sarmadi2016-05-095-0/+572
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CVE-2016-1285 bind: malformed packet sent to rndc can trigger assertion failure CVE-2016-1286 bind: malformed signature records for DNAME records can trigger assertion failure [YOCTO #9400] External References: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1285 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1286 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1285 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1286 References to the Upstream commits and Security Advisories: CVE-2016-1285: https://kb.isc.org/article/AA-01352 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=31e4657cf246e41d4c5c890315cb6cf89a0db25a CVE-2016-1286_1: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=76c3c9fe9f3f1353b47214b8f98b3d7f53e10bc7 CVE-2016-1286_2: https://kb.isc.org/article/AA-01353 https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch; h=ce3cd91caee698cb144e1350c6c78292c6be6339 (From OE-Core rev: e289df4daa4b90fb95ae3602c244cba9d56a8c2f) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: CVE-2015-8605Mariano Lopez2016-05-093-0/+234
| | | | | | | | | | | | ISC DHCP allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet. (From OE-Core rev: 43f2cfdf63fb70e3c2da0224221dae63b05477df) Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix CVE-2016-0800Armin Kuster2016-03-034-0/+1296
| | | | | | | | | | | | | | | CVE-2016-0800 SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN) https://www.openssl.org/news/secadv/20160301.txt (From OE-Core rev: 6c06c42594539bec4c360c8cc28ebee8a338e6b4) Signed-off-by: Armin Kuster <akuster@mvista.com> Not required for master, an update to 1.0.2g has been submitted. Backport from jethro. Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: Fix CVE-2015-8041Hongxu Jia2016-03-032-0/+65
| | | | | | | | | | | | | Backport patch from http://w1.fi/security/2015-5/ and rebase for wpa-supplicant 2.4 (From OE-Core rev: 12520d7f729fe3d07c2f94b813994718edb2d987) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Not needed in master since the upgrade to 2.5 Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Security fix CVE-2015-8461Armin Kuster2016-03-032-1/+47
| | | | | | | | | | | | | | | | CVE-2015-8461 bind: race condition when handling socket errors can lead to an assertion failure in resolver.c\ (From OE-Core master rev: 1656eaa722952861ec73362776bd0c4826aec3da) Hand applied Changelog changes. (From OE-Core rev: 104d050d420ee4aa14b772850742699b15d127d6) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Security fix CVE-2015-8704Armin Kuster2016-02-072-0/+30
| | | | | | | | | CVE-2015-8704 bind: specific APL data could trigger an INSIST in apl_42.c (From OE-Core rev: 600c1d2beb64e23123e478051537b917f5d4a8a7) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix CVE-2016-0701Armin Kuster2016-02-073-0/+260
| | | | | | | | | | | | | CVE-2016-0701 OpenSSL: DH small subgroups (From OE-Core rev: c5868a7cd0a28c5800dfa4be1c9d98d3de08cd12) (From OE-Core rev: 5e73d0e88c28ca1e948f5c463b9d9d1001251a42) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Security fix CVE-2015-3197Armin Kuster2016-02-072-0/+64
| | | | | | | | | | | | | CVE-2015-3197 OpenSSL: SSLv2 doesn't block disabled ciphers (From OE-Core rev: b387d9b8dff8e2c572ca14f9628ab8298347fd4f) (From OE-Core rev: c037cbdac6a0e871a60077703432c08be6d29677) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: CVE-2016-077xArmin Kuster2016-01-202-0/+57
| | | | | | | | | | this address two CVE's. CVE-2016-0777 and CVE-2016-0778 (From OE-Core rev: 1c05115a906499989d2159683195ed6d2cda75ba) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix for CVE-2015-3195Armin Kuster2016-01-202-0/+67
| | | | | | | | (From OE-Core rev: 55d09d4e2dad9d1f80e50348d44177e47e6e33e1) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix for CVE-2015-3194Armin Kuster2016-01-203-0/+113
| | | | | | | | (From OE-Core rev: edff5fc629c8f70191bd33c731084e8217780a38) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix for CVE-2015-3193Armin Kuster2016-01-202-0/+102
| | | | | | | | (From OE-Core rev: ee47f6ca78d15ec56556d5c078bf20315af457b8) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix SRC_URIThomas PERROT2016-01-151-1/+1
| | | | | | | | | | | Corrects the URI of the openssl's recipe from fido. The sources were moved to a new subdirectory. (From OE-Core rev: 685e861f085736a4b0bae09bab86c3d456ec84ae) Signed-off-by: Thomas Perrot <thomas.perrot@tupi.fr> Signed-off-by: Joshua Lock <joshua.g.lock@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: CVE-2015-8000Sona Sarmadi2016-01-152-0/+195
| | | | | | | | | | | | | | | | | | | | | | | Fixes a denial of service in BIND. An error in the parsing of incoming responses allows some records with an incorrect class to be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. [YOCTO #8838] References: http://www.openwall.com/lists/oss-security/2015/12/15/14 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000 https://bugzilla.redhat.com/attachment.cgi?id=1105581 (From OE-Core rev: 5e1c3942a02564904ee2b2e24004b9679d649b4e) Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Backport CVE-2015-5600 fixHaris Okanovic2015-12-082-0/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | | only query each keyboard-interactive device once per authentication request regardless of how many times it is listed Source: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth2-chall.c?f=h#rev1.43 http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth2-chall.c.diff?r2=1.43&r1=1.42&f=u Bug report: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5600 https://bugzilla.redhat.com/show_bug.cgi?id=1245969 Testing: Built in Fido and installed to x86_64 test system. Verified both 'keyboard-interactive' and 'publickey' logon works with root and a regular user from an openssh 7.1p1-1 client on Arch. (From OE-Core rev: 433f66ba6c79cf49e29251af0985baf5c4b79e23) Signed-off-by: Haris Okanovic <haris.okanovic@ni.com> Reviewed-by: Rich Tollerton <rich.tollerton@ni.com> Reviewed-by: Ken Sharp <ken.sharp@ni.com> Natinst-ReviewBoard-ID: 115602 Natinst-CAR-ID: 541263 Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: CVE-2015-6563 CVE-2015-6564 CVE-2015-6565Armin Kuster2015-09-184-1/+110
| | | | | | | | | | | | | three security fixes. CVE-2015-6563 (Low) openssh: Privilege separation weakness related to PAM support CVE-2015-6564 (medium) openssh: Use-after-free bug related to PAM support CVE-2015-6565 (High) openssh: Incorrectly set TTYs to be world-writable (From OE-Core rev: 259df232b513367a0a18b17e3e377260a770288f) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: CVE-2015-1349 CVE-2015-4620 CVE-2015-5722Armin Kuster2015-09-184-0/+589
| | | | | | | | | three security fixes. (From OE-Core rev: 16e80afe187c173e00b734c757a05157855ed504) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: backport patch for CVE-2015-5477Joshua Lock2015-09-012-0/+25
| | | | | | | (From OE-Core rev: ba84c727b9c8c743e7ac87e6c84456f679118af8) Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: backport a patch to fix CVE-2015-1863Joshua Lock2015-09-012-0/+48
| | | | | | | | | | | This fix was included in the master branch with the upgrade to 2.4, backport it to fido as the vulnerability was already present in 2.3. (From OE-Core rev: 12fc04731d26597bfb9d9f1713c96b11c8186c43) Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: Fix CVE-2015-4141, CVE-2015-4143, CVE-2015-4144, ↵Fan Xin2015-09-017-0/+352
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CVE-2015-4145, CVE-2015-4146 wpa-supplicant: backport patch to fix CVE-2015-4141, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146 Backport patch to fix CVE-2015-4141, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146. This patch is originally from: For CVE-2015-4141: http://w1.fi/security/2015-2/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch For CVE-2015-4143: http://w1.fi/security/2015-4/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch http://w1.fi/security/2015-4/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch For CVE-2015-4144 and CVE-2015-4145: http://w1.fi/security/2015-4/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch http://w1.fi/security/2015-4/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch For CVE-2015-4146: http://w1.fi/security/2015-4/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch (From OE-Core master rev: ce16e95de05db24e4e4132660d793cc7b1d890b9) (From OE-Core rev: b236c0882d62d8aa722117a54c1ff9edec7f5a6d) Signed-off-by: Fan Xin <fan.xin at jp.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: fix installed not shipped warning for lib32Zhixiong Chi2015-08-091-7/+7
| | | | | | | | | | | | | Modify the dhcp.inc with using the variable ${PN} instead of direct packagename, so that the content will not be override after expanding while we build the lib32-dhcp package with FILES_${PN}-xxxx_append. (From OE-Core rev: c758dcc3109a5b491d13373073214bf526943497) (From OE-Core rev: 7436d12c9b40502a5e1ec670d76cc9ab755cbaba) Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman-conf: fix SRC_URI_appendMartin Jansa2015-08-091-3/+3
| | | | | | | | | | | | | * add leading space so that it works even with some .bbappend adding additional files to SRC_URI without trailing space (From OE-Core rev: 0f282f1d4946ac6e81959c66172c115405632a26) (From OE-Core rev: a8dd5d64c2ff2fe8bb4d39260ed82f6bf0d0277f) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: fix to start nfs-server correctly in systemdChen Qi2015-08-092-0/+18
| | | | | | | | | | | | | | | | | Add /etc/modules-load.d/nfsd.conf so that the system loads nfsd at start-up. Add proc-fs-nfsd.mount systemd unit file because it's needed for nfs server to start correctly. After this change, in a systemd based image, we can use `systemctl start nfs-server' to start the nfs server and things would work correctly. (From OE-Core rev: 3d4380bb36eb108dc75fee7215b615f7800b0990) (From OE-Core rev: 27633405aa3509c207d986b434d430f2cd380541) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: Apply fix CVE-2015-4142Joshua Lock2015-08-091-0/+1
| | | | | | | | | | The cherry-pick from the master branch added the patch file but didn't apply it in the recipe. (From OE-Core rev: 375674fa5f2534198036be60972d39e1e6793d3a) Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: upgrade to 1.0.2dJan Wetter2015-07-152-38/+2
| | | | | | | | | | | | | | This upgrade fixes CVE-2015-1793 Removed openssl-fix-link.patch. The linking issue has been fixed in openssl. (From OE-Core master rev: 631632addbc81b06b7accfca8f8a9871d6b09111) (From OE-Core rev: 7b151426fb8a69cfdd25b7f1de2b506cbcffcac6) Signed-off-by: Jan Wetter <jan.wetter@mikrom.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: upgrade to 1.0.2cRoy Li2015-07-152-15/+11
| | | | | | | | | | | | | | | upgrade to fix the CVE: CVE-2015-1788..CVE-2015-1792 and CVE-2014-8176 remove a backport patch update the c_rehash-compat.patch (From OE-Core master rev: 5a70e45b8c6cb0fa7ea4fe1b326ad604508d00cb) (From OE-Core rev: 7bc77f508a6ba6a409568be818a1795770261dc6) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: Fix CVE-2015-4142fan.xin2015-07-081-0/+45
| | | | | | | | | | | | | | | wpa-supplicant: backport patch to fix CVE-2015-4142 Backport patch to fix CVE-2015-4142. This patch is originally from: http://w1.fi/security/2015-3/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch (From OE-Core rev: 61f2a6a18dcda22d7b0e236f9150674bff2764a7) (From OE-Core rev: 844eecf6fdb6c1a835e5c85ba5496ac9182f503b) Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ppp: Security Advisory - CVE-2015-3310Roy Li2015-06-282-0/+30
| | | | | | | | | | | | | | | | | | | | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3310 Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial of service (crash) via a start accounting message to the RADIUS server. oe-core is using ppp 2.4.7, and this CVE say ppp 2.4.7 was not effected, but I found this buggy codes are same between 2.4.6 and 2.4.7, and 2.4.7 should have this issue. (From OE-Core rev: 5b549c6d73e91fdbd0b618a752d618deb1449ef9) (From OE-Core rev: 5450caccd45a2ee35ee227cdd64e66a304909a0e) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: drop the padlock_conf.patchRoy Li2015-06-282-32/+0
| | | | | | | | | | | | | | padlock_conf.patch will enable the padlock engine by default, but this engine does not work on some 32bit machine, and lead to openssl unable to work (From OE-Core rev: f7d186abca6ed9b48ae7393b8f244e1bfb46cb41) (From OE-Core rev: bbc41bc086009726f307edeedbd380c68b1be6a7) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: remove 5 backport patchesRobert Yang2015-06-285-482/+0
| | | | | | | | | | | | They are backport patches, and verified that the patches are in the source. (From OE-Core rev: 6e4a10ab030c192e2437592538e4713b1ee2032b) (From OE-Core rev: fd5115556a12c8c2d95c02f077dc38ea4c9253f5) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: remove 3 patchesRobert Yang2015-06-283-107/+0
| | | | | | | | | | | | | | | | | Removed: - openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch - upgate-vegsion-script-for-1.0.2.patch Since they are already in the source. - make-targets.patch It removed test dir from DIRS, which is not needed any more since we need build it. (From OE-Core rev: 5fa533c69f92f2dd46c795509b0830b36413b814) (From OE-Core rev: 2635d1dbe0ef0b43c7505d9c43494eac0f2e6760) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* crypto: use bigint in x86-64 perlArmin Kuster2015-05-152-0/+36
| | | | | | | | | | | | | | | | on some hosts openssl fails to build with this error: ghash-x86_64.s: Assembler messages: ghash-x86_64.s:890: Error: junk '.15473355479995e+19' after expression backported fix from community. (From OE-Core master rev: 8230f873921d5c16106e3ebf57053a646bc6ad78) (From OE-Core rev: b981717484c70c6c9bcd6dacb736c2844fa863ed) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ppp: Add extra include dirsKhem Raj2015-05-151-1/+5
| | | | | | | | | | | | | | | | Just run configure, the configure script is not really a autoconf generated script so just run it Include path is needed to be there since the headers from it are used during build in subcomponents Change-Id: Ib1f24fd18bc8564e3c74ab834b7cf0fdf955d0e1 (From OE-Core master rev: c64c9f7ffc88018404afdde373dfd7ef2bdf7ae8) (From OE-Core rev: a11ebe122bc31127bae59a65dbabe9ce5c3f568c) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: Create connman.service at proper momentJukka Rissanen2015-05-151-4/+2
| | | | | | | | | | | | | | | | | | | ConnMan commit ac332c5d01b0737c18cb58c8ccc67cf6b0427e1d changes how the connman.service file is created from .in file. After that commit, the file is created by Makefile instead of configure. This means that we need to tweak the service file in compile time instead of configure time because the generated file will not be there after the configuration. This commit can be used even with older ConnMan version as the connman.service file is there when the compilation happens. (From OE-Core master rev: 32839103727d92a6580f916b6dd8e4439b2347c8) (From OE-Core rev: 66d8cec7225cae7269c539d9372a1364c9cefc0d) Signed-off-by: Jukka Rissanen <jukka.rissanen@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpcap.inc: remove obsolete libnl1 PACKAGECONFIGAndre McCurdy2015-05-151-1/+0
| | | | | | | | | | | | | | | | There's no libnl1 recipe in oe-core (or any other layer in the layer index). Keeping the libnl1 PACKAGECONFIG is likely to cause problems for the libnl PACKAGECONFIG since libnl and libnl1 both use --with-libnl and --without-libnl. (From OE-Core master rev: 4c820481147e9c11160b00f7df7ca8c329b23eac) (From OE-Core rev: c914254e9ec218d590fc77b921dbddf31b2d41c7) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez4: Fix encrypt symbol namespace collisionKhem Raj2015-05-152-0/+111
| | | | | | | | | | | | | | | | | | | | Makefile:3352: recipe for target 'test/l2test.o' failed | make[1]: *** [test/l2test.o] Error 1 | make[1]: *** Waiting for unfinished jobs.... | test/rctest.c:82:12: error: 'encrypt' redeclared as different kind of symbol | static int encrypt = 0; | ^ | In file included from test/rctest.c:33:0: Change-Id: Iaf2f644ef3cef6f96c6e4bc421c9e78a0e23e674 (From OE-Core master rev: 795a409919774f3a2a4c859799de36f1064efd83) (From OE-Core rev: 899a6f213eb350334987e818094c8acd7ab513ab) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: Make SystemD D-Bus config conditionalOtavio Salvador2015-03-311-2/+3
| | | | | | | | | | The SystemD D-Bus configuration should only to be installed when SystemD support is enabled. (From OE-Core rev: e658ee16dc026b96f67a4c9666d3eb7bf7027de3) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: 1.0.2 -> 1.0.2aRichard Purdie2015-03-252-21/+23
| | | | | | | | | | | Patch updated to drop TERMIO flags since these are the default on Linux anyway (see https://git.openssl.org/?p=openssl.git;a=commit;h=64e6bf64b36136d487e2fbf907f09612e69ae911) Also drop patch merged upstream. (From OE-Core rev: 6cc1315b77bbdcc8f3a0d1e3132ad79ebbeeb2de) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: only depend on xuser-account if ROOTLESS_X is setAndreas Oberritter2015-03-251-1/+1
| | | | | | | | | * Copied from xserver-nodm-init. (From OE-Core rev: a09cfe460b6366edffacbd868af4d976bfe16520) Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* neard: fix the install path in init scriptsCristian Iorga2015-03-221-1/+1
| | | | | | | | | | | | | The neard make scripts will place the daemon executable in /usr/lib/neard/nfc/neard. Change the path accordingly in init scripts. Fixes [YOCTO #7390]. (From OE-Core rev: bd277f3a46e7fc764cc55c5354d2136fcfddc3c1) Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: Identify CONFFILESRob Woolley2015-03-161-0/+7
| | | | | | | | | | | Some package formats explicitly track which files are configuration files so that they are not overwritten on updates. We must use an explicit list instead of a wildcard as nfs-utils-client provides files under ${localstatedir}/lib/nfs that are not configuration files. Signed-off by: Rob Woolley <rob.woolley@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: Install nfsmount.confRob Woolley2015-03-161-0/+3
| | | | | | | | | | | | The file nfsmount.conf is present in nfs-utils but not installed to the filesystem. It has been added to nfs-utils-client as it seemed to be missing accidentally rather than being removed intentionally. The binary files in nfs-utils-client have a hard-coded reference to it and we already provide the manpage for it in nfs-utils-doc. Signed-off by: Rob Woolley <rob.woolley@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* resolvconf: fix SRC_URIRobert Yang2015-03-161-2/+1
| | | | | | | | | | Fixed: WARNING: Failed to fetch URL ftp://ftp.debian.org/debian/pool/main/r/resolvconf/resolvconf_1.76.tar.xz, attempting MIRRORS if available (From OE-Core rev: f4db91f5228129d5e8cf65f9c4919b4fdfc5306b) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Upgrade to 1.0.2Saul Wold2015-03-1016-467/+522
| | | | | | | | | | | | | Rebased numerous patches removed aarch64 initial work since it's part of upstream now Imported a few additional patches from Debian to support the version-script and blacklist additional bad certificates. (From OE-Core rev: 10b689033551c37d6cafa284d82bdccd43f6113e) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpcap: add pkg-config supportJoe MacDonald2015-02-273-2/+77
| | | | | | | | | | | libpcap was not previously installing a pkg-config file. Add a basic one that will allow using 'pkg-config --libs libpcap', for example, in recipes rather than 'pcap-config', which frequently returns incorrect information. (From OE-Core rev: 0f51c1260ac53aa4843e29b00cd600eb64074260) Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "bind: fix and enable parallel build"Richard Purdie2015-02-231-0/+1
| | | | | | | | | | This reverts commit b003df03358aea4e9e094ee339a9f6796866961e. We keep seeing parallel make failures on the autobuilder (From OE-Core rev: af46b9f5dd5436b3d48f2fcd7a69f32343b62442) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "openssl: fix and enable parallel build"Richard Purdie2015-02-231-0/+3
| | | | | | | | | | This reverts commit 7502fa5febdd7a2281d626f7040782fb1f9af59e. We keep seeing parallel make failures in openssl :( (From OE-Core rev: 9afc85a7be203c5a0eac1977e777a24504cb3088) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Fix parallel make issueRobert Yang2015-02-192-0/+45
| | | | | | | | | | | | | | | | | | Fixed: unix/os.o: file not recognized: File truncated collect2: error: ld returned 1 exit status This is because os.o was built twice: * The implicity rule (depends on unix/os.o) * The "make all" in unix subdir (depends on unix/os.o) Depend on subdirs which is unix only rather than unix/os.o will fix the problem. (From OE-Core rev: 1af699e1af2552659b90a1fadd8de73d780226ba) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>