summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
Commit message (Collapse)AuthorAgeFilesLines
* wpa-supplicant: upgrade to 2.2Cristian Iorga2014-06-172-2/+2
| | | | | | | | | | | | | - P2P enhancements/fixes; - Interworking/Hotspot 2.0 enhancements; - Internal TLS implementation enhancements/fixes; - D-Bus interface extensions/fixes; - various bug fixes. (From OE-Core rev: 790362b41c83ab90ffaf7c43112602821f212892) Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: upgrade to 1.24Cristian Iorga2014-06-171-2/+2
| | | | | | | | | Bug fix release (From OE-Core rev: 71c7bc9902e801fb16fa16dcf654995b04f86b23) Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* binconfig-disabled: Add class and useRichard Purdie2014-06-161-1/+3
| | | | | | | | | | | | | | | | | | | | | | This adds a binconfig-disabled class which can be used by recipes where a -config file is installed but we wish to disable it and just rely on the .pc files instead. Rather than simply deleting it, we make the script "exit 1" so that it can be found in PATH and raise a build error rather than something silently falling back to the build system for example. Rather than randomly finding -config files, this adds in the specification of a list of binconfig scripts which is more deterministic and maintainable moving forward. This patch converts various users in OE-Core to use this, a world build of OE-Core tests out ok with this change. There will likely be issues in other layers however, hence this being a RFT. (From OE-Core rev: 5870bd272b0b077d0826fb900b251884c1c05061) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* neard: fix more parallel build issuesRoss Burton2014-06-143-32/+41
| | | | | | | | | | | | One fix, another appears... root-cause to a magic dependency hiding at the bottom of the Makefile, and add all binaries to it. [ YOCTO #6416 ] (From OE-Core rev: 4625eb0793ff59e4414017df0371ee9b89f47b38) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: Force obex.service in /usr/libDrew Moseley2014-06-131-1/+1
| | | | | | | | | | | Upstream bluez installs the obex.service file into /usr/lib regardless of the multilib settings as does the current systemd recipe. Make sure it gets packaged properly. (From OE-Core rev: 8b66eccc05a62f1e2267c1bdf1086d8328bb962c) Signed-off-by: Drew Moseley <drew_moseley@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: Do not pass CFLAGS to gcc while buildingChong Lu2014-06-133-32/+43
| | | | | | | | | | | Do not pass CFLAGS/LDFLAGS to gcc while building, The needed flags has been passed by xxx_CFLAGS=$(CFLAGS_FOR_BUILD). (From OE-Core rev: e4b01d651cf94185cfb285a7b64292b26b74c6bb) Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: unset CFLAGS for testlk buildChong Lu2014-06-102-1/+34
| | | | | | | | | | | | testlk is built with host gcc at do_compile stage, which leads to unrecognized some flags for special architecture. So unset CFLAGS for testlk to make sure it passed. (From OE-Core rev: 2461336b9432cf8379bda19d425ba00e542fbab7) Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix ptestsPaul Eggleton2014-06-103-1/+33
| | | | | | | | | | | | | | Add some missing dependencies and fix the Makefile in order to get most of the ptest tests working (specifically test_bn, test_verify, test_cms, test_srp and test_heartbeat). test_verify still fails for unknown reasons (perhaps some of the now expired certificates weren't meant to have expired as far as the test is concerned?) but at least it has the certificates to run now. (From OE-Core rev: c679ec81c19dd2b5e366b713801785ce0ba5b49a) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: upgrade to 1.0.1hPaul Eggleton2014-06-105-453/+48
| | | | | | | | | | | | | | | | | | | | | | Fixes the following security issues: * CVE-2014-0224 * CVE-2014-0221 * CVE-2014-0195 * CVE-2014-3470 The patch for CVE-2010-5298, CVE-2014-0198 and a fix for building the documentation are integrated upstream in this release and so were dropped. Additionally, a patch from upstream was added in order to fix a failure during do_compile_ptest_base. A similar upgrade was also submitted by Yao Xinpan <yaoxp@cn.fujitsu.com> and Lei Maohui <leimaohui@cn.fujitsu.com>. (From OE-Core rev: a3e80de6d423c272a287bf3538196b48ac5ddec1) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* neard: fix for parallel buildRichard Purdie2014-06-062-0/+32
| | | | | | | | | | | | | | | | | for neard tools/snep-send object might cause a parallel build failure,due to undetected dependency on dbus.h header file. Patch will be submitted upstream. Fixes [YOCTO #6389]. (From OE-Core rev: ae55abd60ef217ad1a957102d80b06857ea8ebcd) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* resolvconf: Update to 1.75Saul Wold2014-06-031-3/+3
| | | | | | | | | Archive compression changed to xz (From OE-Core rev: 1a6ee66aa48e024fc5d112e940488157b74b5fe0) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Add missing pkgconfig class inheritsRichard Purdie2014-06-033-3/+3
| | | | | | | | | These recipes all use pkg-config in some way but were missing dependencies on the tool, this patch adds them. (From OE-Core rev: 2543b14dd0ca13005be0df027543431fc8e882ae) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* socat: upgrade to 1.7.2.4Ross Burton2014-06-014-1000/+47
| | | | | | | | | | | | | | | | socat manually maintains config.h.in instead of using autoheader, so exclude autoheader from autoreconf and remove all patches that are intended to enable use of autoheader. The license checksum changed, because the company address changed. Based on a upgrade by Hongxu Jia <hongxu.jia@windriver.com>, with cleanup after noticing that config.h.in was hand-maintained. (From OE-Core rev: ea3ec30c19af23f6b62ce3d4d9d42c1fcb23a215) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: add openssl-CVE-2010-5298.patch SRC_URIRoy Li2014-05-292-0/+1
| | | | | | | | | | make openssl-CVE-2010-5298.patch truely work (From OE-Core rev: eab33442480cc27a5cd00b3f46984fea74b7c0f9) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: upgrade to 5.19Cristian Iorga2014-05-272-3/+3
| | | | | | | | | | | | - Fixes to OBEX, AVRCP browsing, HID over GATT and handling of device unpaired events for dual-mode devices. - New features: user space based HID host implementation (for BR/EDR). (From OE-Core rev: 5dce15e6623748ce3c1456f12d5cde6edc1be939) Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix for CVE-2010-5298Yue Tao2014-05-211-0/+24
| | | | | | | | | | | | | | | | | Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is enabled, allows remote attackers to inject data across sessions or cause a denial of service (use-after-free and parsing error) via an SSL connection in a multithreaded environment. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-5298 (From OE-Core rev: 751f81ed8dc488c500837aeb3eb41ebf3237e10b) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: upgrade to 1.3.0Paul Eggleton2014-05-151-4/+3
| | | | | | | | (From OE-Core rev: 67787c97438f365564a91eb926900570bc979e41) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: move packaging definitions to the endPaul Eggleton2014-05-151-7/+7
| | | | | | | | (From OE-Core rev: 19efeb598c5fb527bd5bc473d7a7d78242ec05a0) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: update to 6.6p1Paul Eggleton2014-05-151-2/+2
| | | | | | | | (From OE-Core rev: f091dbd6324a89682d29cac0bd0ba40899c8bdd5) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: Update the bluetooth.confYasir-Khan2014-05-151-1/+1
| | | | | | | | | | | | | | | In bluez5, agent interface has been renamed from org.bluez.Agent to org.bluez.Agent1. Reflect this change in bluetooth.conf to allow sending of dbus messages to agent interface. *Resolves no PIN prompt bug while pairing *Resolves bluetooth keyboard connection problem (From OE-Core rev: c53c9ba05a5f38c047f3f928a9496f952843f467) Signed-off-by: Yasir-Khan <yasir_khan@mentor.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: fix for CVE-2014-2653Chen Qi2014-05-132-1/+116
| | | | | | | | | | | The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate. (From OE-Core rev: 7b2fff61b3d1c0566429793ee348fa8978ef0cba) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: fix for CVE-2014-2532Chen Qi2014-05-132-1/+24
| | | | | | | | | | | | sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character. (From OE-Core rev: a8d3b8979c27a8dc87971b66a1d9d9282f660596) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: add /var/log/lastlog to volatile listSaul Wold2014-05-081-0/+1
| | | | | | | | | | | | The /var/log/messages reports /var/log/lastlog as missing, since openssh needs this file, create it as a volatile. [YOCTO #6172] (From OE-Core rev: a29af8c20187a65fbdbbedd0b7158c07d3e713cf) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: update upstream status for a patchCristiana Voicu2014-05-081-0/+1
| | | | | | | | | | | The patch is not included in 1.0.1g, but it is included on 1.0.2 branch. (From OE-Core rev: f99ca886da274fafa212e354f9e4871eb7e59e87) Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix CVE-2014-0198Maxin B. John2014-05-082-0/+24
| | | | | | | | | | | | | | A null pointer dereference bug was discovered in do_ssl3_write(). An attacker could possibly use this to cause OpenSSL to crash, resulting in a denial of service. https://access.redhat.com/security/cve/CVE-2014-0198 (From OE-Core rev: 580033721abbbb4302bc803ebc70c90e331e4587) Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* wpa-supplicant: add libgcrypt as a dependencieValentin Popa2014-05-061-1/+1
| | | | | | | | | | | gnutls doesn't depend on libgcrypt anymore but wpa-supplicant does. So add it as a dependencie. (From OE-Core rev: b5e0e0589dba0e3eb6fa070594c904fec6e6c3a8) Signed-off-by: Valentin Popa <valentin.popa@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* telepathy-glib: upgrade to 0.24.0Cristian Iorga2014-04-301-2/+2
| | | | | | | | (From OE-Core rev: e54421af3c670e24e12971714233571b9d996e0c) Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: enable ptest supportMaxin B. John2014-04-294-1/+97
| | | | | | | | | | Install openssl test suite and run it as ptest. (From OE-Core rev: c48981d2d24a20978a17866fa478dde21bd96b91) Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Upstream-Status CleanupsSaul Wold2014-04-251-0/+4
| | | | | | | (From OE-Core rev: ea438b58c9a90e4c3147f99d63a9afc66963c5a1) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: add support for read-only rootfsChen Qi2014-04-252-0/+67
| | | | | | | | | | | | This patch adds support for read-only rootfs to the bind service. Basically it just bind mounts several directories so that the bind service could start correctly without reporting any error. (From OE-Core rev: 99cc96eaee28bfde89096689b1296d28937ead88) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Globally replace 'base_contains' calls with 'bb.utils.contains'Otavio Salvador2014-04-2513-40/+40
| | | | | | | | | | | The base_contains is kept as a compatibility method and we ought to not use it in OE-Core so we can remove it from base metadata in future. (From OE-Core rev: d83b16dbf0862be387f84228710cb165c6d2b03b) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: enable ptest supportMaxin B. John2014-04-253-2/+78
| | | | | | | | | Install openssh test-suite and run it as ptest. (From OE-Core rev: 4d0ecccae671bffb40c870a6e33d20be869b89bc) Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: upgrade to 3.14Cristian Iorga2014-04-252-6/+3
| | | | | | | | | | - switched to ${BP} variable; - removed parallel make restriction; (From OE-Core rev: c27e1c8961e438f2c354ce3cd7682eaf98231776) Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: upgrade to 5.18Cristian Iorga2014-04-252-4/+3
| | | | | | | (From OE-Core rev: 9713a7ce28669db2456400f280ea19b67401e3f9) Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: upgrade to 1.23Cristian Iorga2014-04-252-3/+3
| | | | | | | | | - License file copyright years updated; (From OE-Core rev: 4c6b7634c21261f13b40036998b8204f8e3dee13) Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cryptodev-linux: move to recipes-kernel to be shared with module and testsDenys Dmytriyenko2014-04-241-22/+0
| | | | | | | (From OE-Core rev: e7aace7658fabe41839a3ec1b596bf28c6a4c02e) Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ppp: add systemd supportChen Qi2014-04-242-2/+16
| | | | | | | | | | Add systemd support for ppp. The unit file mostly comes from ArchLinux. (From OE-Core rev: e84f7ea24b08e3127b70731908b819fbdc1cbfd5) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: add systemd supportChen Qi2014-04-243-1/+45
| | | | | | | | | Add systemd support for bind. (From OE-Core rev: 812f69fee5fceef853c42960f3d90491bda8378a) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* PR bumps to remove PRINC use in meta-openpliMike Looijmans2014-04-243-1/+4
| | | | | | | | | Resolves warnings of this kind in the OpenPLi layer: WARNING: Use of PRINC * was detected in the recipe * (From OE-Core rev: 5ffb38d6ace7faae839c8cac7327b5b1c2daae1a) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh-sshd: host contamination fixMatthieu Crapet2014-04-231-5/+7
| | | | | | | | | | | | | If you do a readelf -x .rodata /path/.../to/openssh/6.5p1-r0/packages-split/openssh-sshd/usr/sbin/sshd You'll see two references to OE's sysroots/${BUILD_SYS} login and passwd binaries. First one can be overridden with LOGIN_PROGRAM environment variable (see configure.ac), second needs a cached variable definition. (From OE-Core rev: 2127c80d0cc2a3a4d676bd3c0890454a175fba8e) Signed-off-by: Matthieu Crapet <Matthieu.Crapet@ingenico.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: fix sshd_config_readonly creationJonathan Liu2014-04-101-1/+1
| | | | | | | | | | | | The readonly sshd config sshd_config_readonly needs to be created from the installed sshd_config as make install will adjust the paths in the config file. This fixes the path for sftp-server being correct in sshd_config but incorrect in sshd_config_readonly. (From OE-Core rev: 400b4bce34ffb76e500e2195104cc200218aa4c3) Signed-off-by: Jonathan Liu <net147@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Upgrade to v1.0.1gCristiana Voicu2014-04-0830-701/+522
| | | | | | | | | | | | | | | | | | | | | | | | The trigger for the upgrade was the serious "heartbleed" vulnerability (CVE-2014-0160). More information: http://www.itnews.com.au/News/382068,serious-openssl-bug-renders-websites-wide-open.aspx Dropped obsolete patches, because the new version contains them: 0001-Fix-for-TLS-record-tampering-bug-CVE-2013-4353.patch 0001-Fix-DTLS-retransmission-from-previous-session.patch 0001-Use-version-in-SSL_METHOD-not-SSL-structure.patch Modified 2 patches (small changes), in order to apply properly: initial-aarch64-bits.patch openssl-fix-doc.patch Addresses CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 (From OE-Core rev: ff52836e1838590eeec7d7658e15b21d83cf8455) Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Fix pod2man des.pod error on Ubuntu 12.04Baogen Shang2014-04-012-0/+20
| | | | | | | | | | | | This is a formatting fix, '=back' is required before '=head1' on Ubuntu 12.04. (From OE-Core rev: 362d20e04e64a7437d7f61761057c721066e805f) Signed-off-by: Baogen Shang <baogen.shang@windriver.com> Signed-off-by: Jeff Polk <jeff.polk@windriver.com> Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: build without libbsdJoe Slater2014-03-311-0/+6
| | | | | | | | | | | | | We do not DEPEND on libbsd, so we do not want to build with it just because libutil.h is found by configure. As noted in the patch, specifying --disable-libutil to configure does not work, so we provide "cached" configure variables. (From OE-Core rev: 103ef2295c728e427acc27bb071e786946c459f2) Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libpcap: add PACKAGECONFIG for libnl1Hu Yadi2014-03-301-0/+1
| | | | | | | | | | | | | | Add --with-libnl autoconfig parameter and dependency between libpcap and libnl1. Disable libnl1 by default to avoid libpcap build error when libnl1 is involved. (From OE-Core rev: 52f16a5a56868137e17cf52fa7b664047ec7bcaf) Signed-off-by: Hu Yadi <Yadi.hu@windriver.com> Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ocf-linux: remove recipeKai Kang2014-03-272-30/+0
| | | | | | | | | | | | ocf-linux only provides header file and no kernel module is built. We can't use ocf-linux without its implementation. And linux-yocto uses an alternative project cryptodev-linux, so we remove ocf-linux and use cryptodev-linux instead. (From OE-Core rev: 45f1659f49edbceed0b75c0319880151161fdc8e) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: replace dependency ocf-linux with cryptodev-linuxKai Kang2014-03-271-1/+1
| | | | | | | | | | | | ocf-linux only provides header files but no implementation in kernel. And Yocto kernel linux-yocto use cryptodev-linux to implement /dev/crypto interface. So replace dependency ocf-linux with cryptodev-linux for openssl. (From OE-Core rev: b36b15cddbe52e6770b96e06af2959cea0e2436f) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* cryptodev-linux: add recipeKai Kang2014-03-271-0/+22
| | | | | | | | | | | Yocto kernel linux-yocto uses cryptodev-linux to use device /dev/crypto. So add cryptodev-linux which is one alternative of ocf-linux and then remove ocf-linux later. (From OE-Core rev: 6b6c24eccdb0030ecccadefe94c1c5b4387e46d1) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Security Advisory - openssl - CVE-2013-6449Yue Tao2014-03-272-0/+34
| | | | | | | | | | | | | The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client. (From OE-Core rev: 3e0ac7357a962e3ef6595d21ec4843b078a764dd) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Security Advisory - openssl - CVE-2013-6450Yue Tao2014-03-272-0/+82
| | | | | | | | | | | | | | The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x through 1.0.1e does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. (From OE-Core rev: 94352e694cd828aa84abd846149712535f48ab0f) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>