summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
Commit message (Collapse)AuthorAgeFilesLines
* openssl10: Add CVE_PRODUCTAdrian Bunk2020-04-091-0/+2
| | | | | | | | (From OE-Core rev: 718294820ddfaf408a70b9005e05829371d9c93d) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ppp: Security fix CVE-2020-8597Yi Zhao2020-04-092-0/+48
| | | | | | | | | | | | | | | | | | | CVE-2020-8597: eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. References: https://nvd.nist.gov/vuln/detail/CVE-2020-8597 Patch from: https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426 (From OE-Core rev: 4ea1d88702d422d4eff5c78698a123563bda4138) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: backport patch to fix "cert not yet valid" testAnuj Mittal2020-04-092-0/+47
| | | | | | | | | | | | Fixes [YOCTO #13796] (From OE-Core rev: f830a6df31b4232e2a481c2c27148ff70ebb0a13) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> [Fix up for warrior context] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix CVE-2019-1551Anuj Mittal2020-01-282-0/+759
| | | | | | | | | | (From OE-Core rev: 392e0299fae170995229d30036ebe8e8a494f7dc) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Whitelist CVE-2019-0190Adrian Bunk2020-01-281-0/+4
| | | | | | | | | | | This is only a problem with older Apache versions. (From OE-Core rev: 8e76d2508da411a1a67f3226465c83fec85dfe97) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Enable os option for with-rand-seed as wellKhem Raj2020-01-281-3/+3
| | | | | | | | | | | | | | | | | | | | | | with openSSL 1.1.1d we start seeing errors like Error Generating Key 139979727451584:error:2406C06E:random number generator:RAND_DRBG_instantiate:error retrieving entropy:../openssl-1.1.1d/crypto/rand/drbg_lib.c:342: when using openssl from openssl-native on build hosts, this is due to limiting the random seed to devrandom, to support older hosts, since the option allows to have a comma separated list of methods to try, we can try the default first and if that fails then fallback to devrandom, this will ensure that it keeps working with build systems which dont support getrandom() (From OE-Core rev: b9fb2913c72ec771e4da2931528f6f5425c14913) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Upgrade 1.1.1c -> 1.1.1dAdrian Bunk2020-01-281-2/+2
| | | | | | | | | (From OE-Core rev: d9f1bfe681f51f4cb2ad9515454162480993aadf) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Upgrade 1.1.1b -> 1.1.1cAdrian Bunk2020-01-283-75/+5
| | | | | | | | | | | Backported patch removed. (From OE-Core rev: 3402c001bc585bacb6e00495a7c3c66c75d16e7c) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Whitelist CVE-2019-6470Adrian Bunk2020-01-281-0/+4
| | | | | | | (From OE-Core rev: a45f9d2047d7d1156fafc44554c4908a0c7d2647) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: fix CVE-2019-16275Ross Burton2020-01-282-0/+83
| | | | | | | | | (From OE-Core rev: 4b764c25d7396cba41c28c66a78a7a8f0ea3a5be) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpcap: upgrade 1.9.0 -> 1.9.1Zang Ruochen2020-01-162-32/+2
| | | | | | | | | | | | | | -libpcap/0001-pcap-usb-linux.c-add-missing-limits.h-for-musl-syste.patch Removed since this is included in 1.9.1. (From OE-Core rev: d0e3d1f9437b2e2c6284d9fad51bb11ebe72a46c) Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [CVE-2018-16301 CVE-2019-15161 CVE-2019-15162 CVE-2019-15163 CVE-2019-15164 CVE-2019-15165] Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: set CVE vendor to opensslAnuj Mittal2020-01-161-0/+2
| | | | | | | | | | | | Differentiate it from openssl gem for Ruby. (From OE-Core rev: 925482bef72e80622e904ce437c5ebe8e78be338) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix CVE-2019-6471 and CVE-2018-5743Kai Kang2020-01-169-0/+2723
| | | | | | | | | | | | | | | | | Backport patches to fix CVE-2019-6471 and CVE-2018-5743 for bind. CVE-2019-6471 is fixed by 0001-bind-fix-CVE-2019-6471.patch and the other 6 patches are for CVE-2018-5743. And backport one more patch to fix compile error on arm caused by these 6 commits. (From OE-Core rev: 3c39d4158677b97253df63f23b74c3a9dd5539f6) (From OE-Core rev: 230a96ddecf940a7caee9e9268b21aa5f65a7f14) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: make OPENSSL_ENGINES match install pathGeorge McCollister2019-10-301-1/+1
| | | | | | | | | | | | | | Set OPENSSL_ENGINES to the path where engines are actually installed. (From OE-Core rev: 041fb2743a94d7fb065b073efbe5fe5cf46cde53) Signed-off-by: George McCollister <george.mccollister@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> (cherry picked from commit 59565fec0b3f3e24eb01c03b671913599cd3134d) Signed-off-by: Armin Kuster <akuster808@gmail.com> (cherry picked from commit 578f41124565a7cda738c7fe3d25702ee41b08ed) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: Fix CVE-2019-9494 CVE-2019-9495 CVE-2019-9496 CVE-2019-9497 ↵Adrian Bunk2019-06-3017-0/+2146
| | | | | | | | | | CVE-2019-9498 CVE-2019-9499 CVE-2019-11555 (From OE-Core rev: ae8e0440fc1177bf44e46804e1f5927cb86f8324) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix failure of ptest test_shlibloadKai Kang2019-06-301-2/+2
| | | | | | | | | | | | It fails to run ptest case test_shlibload which requires libcrypto.so and libssl.so with version numbers now. (From OE-Core rev: 8b7f9583b360d5f524f32532aba2e41c2212c778) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Add sudo dependency for ptestRichard Purdie2019-06-071-1/+1
| | | | | | | | | | Without this we see test failures due to the sudo binary being missing. (From OE-Core rev: e9ec74e10b9c65ac4c014bce57b2d28806766df1) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Avoid PROVIDES warning from rng-tools dependencyRichard Purdie2019-06-071-1/+1
| | | | | | | | | | | | Avoid the warning: WARNING: Nothing RPROVIDES 'nativesdk-rng-tools' (but virtual:nativesdk:/home/pokybuild/yocto-worker/build-appliance/build/meta/recipes-connectivity/openssh/openssh_7.9p1.bb RDEPENDS on or otherwise requires it) (From OE-Core rev: 5d70ab1ba3570ff24d5d118805ed0d9bafad022d) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: recommend rng-tools with sshdMikko Rapeli2019-06-071-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since openssl 1.1.1 and openssh which uses it, sshd startup is delayed. The delays range from few seconds to minutes and even to hours. The delays are visible in host keys generation and when sshd process is started in response to incoming TCP connection but is failing to provide SSH version string and clients or tests time out. In all cases traces show that sshd is waiting for getentropy() system call to return from Linux kernel, which returns only after kernel side random number pool is initialized. The pool is initialized via various entropy source which may be missing on embedded development boards or via rngd from rng-tools package from userspace. HW random number generation and kernel support help but rngd is till needed to feed that data back to the Linux kernel. Example from an NXP imx8 board shows that kernel random number pool initialization can take over 400 seconds without rngd, and with rngd it is initialized at around 4 seconds after boot. The completion of initialization is visible in kernel dmesg with line "random: crng init done". More details are available from: * https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912087 * https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897572 * https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=43838a23a05fbd13e47d750d3dfd77001536dd33 * http://www.man7.org/linux/man-pages/man2/getrandom.2.html (From OE-Core rev: 24d9e370e88a775486f9d6569bf1ba9c3b9e3b8a) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Cc: Mark Hatle <mark.hatle@windriver.com> Cc: Rasmus Villemoes <rasmus.villemoes@prevas.dk> Cc: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: fix CVE-2018-20685, CVE-2019-6109, CVE-2019-6111Anuj Mittal2019-05-125-0/+627
| | | | | | | | | | | Also backport a patch to fix issues introduced by fix for CVE-2019-6109. (From OE-Core rev: b4068ea6887299cddada1f8842d8323b8aca2acc) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: Replace OE specific patch for compatibility with latest bind with ↵Adrian Bunk2019-05-123-2883/+80
| | | | | | | | | | | | | upstream patch This also fixes a dhcp breakage noticed by Enrico Scholz. (From OE-Core rev: 4189304701c7d3859582991c724a75e372f09395) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: upgrade 9.11.5 -> 9.11.5-P4Adrian Bunk2019-04-101-3/+3
| | | | | | | | | | | Bugfix-only compared to 9.11.5, mostly CVE fixes. COPYRIGHT checksum changed due to 2018 -> 2019. (From OE-Core rev: 5d286da0fbe1a7ded2f84eec990e49d221bdeab4) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh/util-linux/python*: Ensure ptest output is unbufferedRichard Purdie2019-04-092-2/+2
| | | | | | | | | | | | | We need to run sed with the -u option to ensure the output is unbuffered else ptest-runner may timeout thinkig things were idle. Busybox doesn't have the -u option so we need to RDEPEND on sed (which is a good thing to do if we use it anyway). Alex Kanavin should get credit for discovering the problem. (From OE-Core rev: d3ffbebf43c23faa43af81c9ecf6fcaef36d675b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi: fix CVE-2017-6519Kai Kang2019-04-032-1/+51
| | | | | | | | | | | Backport patch to fix CVE-2017-6519. CVE: CVE-2017-6519 (From OE-Core rev: 979e3f4ac1e12228d368315169a32d5ab0209e91) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: follow OE's rule for specifying CVE IDChen Qi2019-03-291-1/+1
| | | | | | | (From OE-Core rev: 7e29e7cb13ed13a7049328cd2169cd515b630fc3) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: fix CVE-2018-10910Ross Burton2019-03-262-0/+706
| | | | | | | | | | Fix this CVE (Bluetooth discoverability may be enabled with no agents to handle requests) by backporting a number of patches from upstream. (From OE-Core rev: 7bdf9581e807b978b92f29e11ab2a9e69e08410f) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: Upgrade 1.0.2q -> 1.0.2rOtavio Salvador2019-03-191-2/+2
| | | | | | | (From OE-Core rev: 31b0f25026145b81aca2b58aada2dbc7c8b0e420) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Upgrade 1.1.1a -> 1.1.1bOtavio Salvador2019-03-191-3/+3
| | | | | | | | License-Update: copyright years updated (From OE-Core rev: 5a67844a4dba03c27a5ff8bd1cf4de0b47616a4b) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Remove the c_rehash shell re-implementationOtavio Salvador2019-03-192-235/+1
| | | | | | | | | | | We had a c_rehash shell re-implementation being used for the native package however the ca-certificates now uses the openssl rehash internal application so there is no use for the c_rehash anymore. (From OE-Core rev: 672b076158247f823a518b7c33b50c82272d6388) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix CVE-2019-1543Ross Burton2019-03-182-0/+70
| | | | | | | (From OE-Core rev: 0f65b1192067a101d9a035f0ef26bae0ea13afeb) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: add tc to the alternatives listLars Persson2019-03-181-0/+4
| | | | | | | | | The tc command is provided both by busybox and iproute2. (From OE-Core rev: db83d6860aef4a0bd15fca251c994ae8d3384931) Signed-off-by: Lars Persson <larper@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* inetutils: Disable rsh, etc in the buildTom Rini2019-03-181-1/+3
| | | | | | | | | | | It is long since past time for rsh and company to be retired from the world. Disable building these now. Suggested-by: Khem Raj <raj.khem@gmail.com> (From OE-Core rev: 9e13dad6ea76dd036098ef62427804e4138bf83b) Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* inetutils: Handle rsh, etc more consistentlyTom Rini2019-03-181-16/+16
| | | | | | | | | | | | | | | | | | | | - We cannot build rsh, rshd, rlogind and rcp on musl. This is handled gracefully in the configure scripts and spelled out with EXTRA_OECONF. Expand this to include rexec to cover all of the related functionality. - Rework adding in the xinetd.d files for these services to only do so when we even have the services being built. This leads to no rsh/rshd sub-packages on musl at all. - If we use the normal alternatives mechanism to allow for this or netkit-rsh to provide rsh/rshd functionality we end up with QA issues on musl as we have unused ALTERNATIVES logic. Switch to making use of RPROVIDES / RCONFLICTS logic instead and make it match the netkit-rsh packaging names. Cc: Khem Raj <raj.khem@gmail.com> (From OE-Core rev: 4bd1a09c47de49d78cc85d849e53d4661831870b) Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* inetutils: Remove talk / talkd from ALTERNATIVESTom Rini2019-03-181-2/+1
| | | | | | | | | | | | There are no alternative provides of these packages anymore. To avoid QA issues when building with musl, don't put these under an alternative at all. Cc: Khem Raj <raj.khem@gmail.com> (From OE-Core rev: 314a1b64a629cf072ceb12925518ceac8beea126) Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* inetutils: Fix build on RISC-VKhem Raj2019-03-091-0/+2
| | | | | | | (From OE-Core rev: d9561a471d9f0698c70acc86a33ee809f9f44e5a) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* inetutils: Import version 1.9.4Tom Rini2019-03-0613-0/+542
| | | | | | | | | | | | | | | | In order to have more robust stand-alone network tools in oe-core, bring in inetutils from meta-openembedded/meta-networking. This imports the recipes as of git commit: commit 408204073e6bdcd8ac586e05d5b75213417673f2 Author: Martin Jansa <martin.jansa@gmail.com> Date: Thu Aug 16 20:39:15 2018 +0000 inetutils: fix build with glibc-2.28 (From OE-Core rev: ace6911e663709f07ca73aa72f6bb4f4111b2749) Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind-utils: Install nslookupAdrian Bunk2019-03-061-3/+5
| | | | | | | | | | nslookup was undeprecated 15 years ago, and installing bind-utils should replace the busybox version. (From OE-Core rev: 6d594e2a466a75f88fe8ab454e58ae20e3bdee05) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: Remove no longer required hack for libnlAdrian Bunk2019-03-061-2/+0
| | | | | | | | | Upstream already fixed this properly by using pkg-config. (From OE-Core rev: d37396c48cd44a6036677ea47c249efbf9a91472) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Add cryptodev-linux PACKAGECONFIGOvidiu Panait2019-03-041-0/+6
| | | | | | | | | | | | | | The old bsd cryptodev engine was removed in https://github.com/openssl/openssl/pull/3699 and the new one added in: https://github.com/openssl/openssl/pull/3744 It can be enabled by configuring with "enable-devcryptoeng". (From OE-Core rev: 36f5af079e7d941b8d3969a80993805844778c19) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: Fix mutliple include assumptions for des.h in opensslconf.hDenys Dmytriyenko2019-03-032-0/+36
| | | | | | | | | | | The fix is heavily based on Khem's previous fix for bn.h/BN_LLONG breakage: https://git.openembedded.org/openembedded-core/commit/?id=f787b0bb9b0626ddbf2ac94cb206c76716a3773d (From OE-Core rev: 914e1520bf9c45e14bce9993c9131a2c0702b9c9) Signed-off-by: Denys Dmytriyenko <denys@ti.com> Cc: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: drop Python 2.x dependency in -ptestAlexander Kanavin2019-02-281-1/+1
| | | | | | | | | | | | It is only needed by 95-test_external_pyca_data which is actually skipped on the target. [YOCTO #13204] (From OE-Core rev: 3ccbce74942853fb1dd5b73378f089ad8cd428a3) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Fix ptest test output translationRichard Purdie2019-02-271-1/+1
| | | | | | | | | openssl-ptest was recording now results, despite most tests passing. Fix so that the successes/skips/failures are reported correctly. (From OE-Core rev: a4565d62297af62ff86a83685f8d55194cd4db48) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: move c_rehash pkg to avoid perl depBrad Bishop2019-02-251-2/+1
| | | | | | | | | | | | | | | | | Perl and its dependencies have a decent footprint impact. On my xz compressed filesystem: 634880: /usr/lib/libperl.so.5.24.4 Put c_rehash in the openssl-misc package so the dependency can be avoided where it isn't needed. Change-Id: Iae9bccabfb1c8cfa1401ca6785abc39713d3fdf0 (From OE-Core rev: d2b1a889ef8fb9e6a2fa3d9bfc3eaf6113db9b1f) Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: build tools with target compilerPascal Bach2019-02-163-48/+41
| | | | | | | | | | | | | | | | | | | Some tools were built with CC_FOR_BUILD which points to the target compiler. The current patch avoided issues by deleting some of the binaries during install. This patch replaces the CC_FOR_BUILD with CC so the tools are built with the target compiler. This means the binaries no longer need to be deleted. I stumbled upon this by trying to globally add "--ffile-prefix-map", which is not supported by my host GCC, to get rid of some "buildpaths" QA Warnings. Cc: Robert Yang <liezhi.yang@windriver.com> (From OE-Core rev: ea98fd17ae38efca13ce97c2e0eaacb8cfde597d) Signed-off-by: Pascal Bach <pascal.bach@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: update patch to fix buildpaths qa issue for -fmacro-prefix-mapKai Kang2019-02-151-1/+7
| | | | | | | | | | | | Gcc option '-fmacro-prefix-map' is added to DEBUG_PREFIX_MAP. It has a patch to deal option '-fdebug-prefix-map' already. Update the patch 0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch to fix buildpaths qa issue for '-fmacro-prefix-map' too. (From OE-Core rev: 0851e03daebeeb7e0579baa3aa195c228652d97b) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Move nsupdate to bind-utilsAdrian Bunk2019-02-151-1/+1
| | | | | | | | | | This is a client tool that is usually not used one the same machine as the DNS server. (From OE-Core rev: 3f114fb51ca315db0f7cb73b450a508a0477ab88) Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: update to 2.7Changhyeok Bae2019-02-0810-1202/+5
| | | | | | | | | CVE patches is already applied in v2.7 (From OE-Core rev: 2c3a905061b501b1c79e191a1f275fdb9768a2d6) Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa_supplicant: Changed systemd template unitsJoshua DeWeese2019-02-082-0/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I goofed up the scissor line on the last attempt. Not sure how much it matters, but here it is correct this time. Here it is, updated to work with wpa-supplicant_2.6.bb. -- >8 -- https://www.freedesktop.org/software/systemd/man/systemd.unit.html#WantedBy= When building root filesystems with any of the wpa_supplicant systemd template service files enabled (current default is to have them disabled) the systemd-native-fake script would not process the line: Alias=multi-user.target.wants/wpa_supplicant@%i.service appropriately due the the use of "%i." According to the systemd documentation "WantedBy=foo.service in a service bar.service is mostly equivalent to Alias=foo.service.wants/bar.service in the same file." However, this is not really the intended purpose of install Aliases. All lines of the form: Alias=multi-user.target.wants/*%i.service Were replaced with the following lines: WantedBy=multi-user.target (From OE-Core rev: 85f82e94849f1c1b5e150c2e38c03eae19a2b370) Signed-off-by: Joshua DeWeese <jdeweese@hennypenny.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: Fix mutliple include assumptions for bn.h in opensslconf.hKhem Raj2019-02-082-0/+34
| | | | | | | | | | | | After adding #pragma once to wrapper header ( opensslconf.h ) this latent issue got to bite us, where it expect bn.h to be including openssl.h to define BN_* defines, which is fragile. This patch removes the contraints for nested includes for bn.h (From OE-Core rev: f787b0bb9b0626ddbf2ac94cb206c76716a3773d) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix multilib file install conflictsXulin Sun2019-01-311-0/+4
| | | | | | | | | | | | | | | | To avoid issue like below if run "bitbake lib32-core-image-minimal" with series userspace packages(LAMP,krb5...) added. Add multilib_script support for openssl's c_rehash which is a perl script. Error: Transaction check error: file /usr/bin/c_rehash conflicts between attempted installs of lib32-openssl-bin-1.1.1-r0.armv7at2hf_neon and openssl-bin-1.1.1-r0.aarch64 (From OE-Core rev: a4032f3cc5de451f0e97eca1f0cbe4a310e1560b) Signed-off-by: Xulin Sun <xulin.sun@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-14 11:59:18 +0000