summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
Commit message (Collapse)AuthorAgeFilesLines
* wpa_supplicant: Changed systemd template unitsJoshua DeWeese2019-07-272-0/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I goofed up the scissor line on the last attempt. Not sure how much it matters, but here it is correct this time. Here it is, updated to work with wpa-supplicant_2.6.bb. -- >8 -- https://www.freedesktop.org/software/systemd/man/systemd.unit.html#WantedBy= When building root filesystems with any of the wpa_supplicant systemd template service files enabled (current default is to have them disabled) the systemd-native-fake script would not process the line: Alias=multi-user.target.wants/wpa_supplicant@%i.service appropriately due the the use of "%i." According to the systemd documentation "WantedBy=foo.service in a service bar.service is mostly equivalent to Alias=foo.service.wants/bar.service in the same file." However, this is not really the intended purpose of install Aliases. All lines of the form: Alias=multi-user.target.wants/*%i.service Were replaced with the following lines: WantedBy=multi-user.target (From OE-Core rev: d05e98cdccbe36be8906c31249adeb0f0bc13ac5) Signed-off-by: Joshua DeWeese <jdeweese@hennypenny.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi: fix CVE-2017-6519Kai Kang2019-05-222-1/+51
| | | | | | | | | | | | | Backport patch to fix CVE-2017-6519. CVE: CVE-2017-6519 (From OE-Core rev: cf787f8eab1c85dbafb5e74bf12eb4ddb5c5cbf7) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: fix CVE-2018-10910Ross Burton2019-05-222-0/+706
| | | | | | | | | | | | Fix this CVE (Bluetooth discoverability may be enabled with no agents to handle requests) by backporting a number of patches from upstream. (From OE-Core rev: 883726c93b4e6d64eec942e2fc9c937f7092adb0) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: Fix status subcommand of init scriptDavid Frey2019-05-221-8/+4
| | | | | | | | | | | | | | | | | Update the bluez5 init script to resolve an issue where the status subcommand would exit without printing any message if bluez was not running. The early exit was caused by the fact that the init script has "set -e". When "pidof ${DAEMON} >/dev/null" is executed, the script terminates immediately if bluez isn't running because pidof returns a non-zero result. The fixed version does not suffer from this issue and makes use of the "status" function from the functions library. (From OE-Core rev: 383425fb86fdeccad88080369078d9ac988bab2f) Signed-off-by: David Frey <dpfrey@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: add mesh dependency on ellPeter A. Bigot2019-05-221-1/+1
| | | | | | | | | | | Introduced at or before 5.50. (From OE-Core rev: 0ae5ff4c0adc5fd727e5c5c47aba8c7859d60a73) Signed-off-by: Peter A. Bigot <pab@pabigot.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: follow OE's rule for specifying CVE IDChen Qi2019-05-221-1/+1
| | | | | | | | | (From OE-Core rev: a3dd494337bbdf20d7bff651d533f944f270766e) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: Upgrade 1.0.2q -> 1.0.2rOtavio Salvador2019-05-221-2/+2
| | | | | | | | | (From OE-Core rev: 3aad3c98cf8af4929bc416bbda55ccc71879f2f2) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Upgrade 1.1.1a -> 1.1.1bOtavio Salvador2019-05-221-3/+3
| | | | | | | | | | License-Update: copyright years updated (From OE-Core rev: 5f15e883502e6f737f7cdc577f6c104e8fbeeaa9) Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix CVE-2019-1543Ross Burton2019-05-222-0/+70
| | | | | | | | | (From OE-Core rev: d8fc8bbab4bf5c34d316cc884e83fc6e66d57954) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: don't disable the AFALG engine based on host kernelRoss Burton2019-05-222-0/+32
| | | | | | | | | | | | | | | Whether the AFALG engine (use of hardware crypto via AF_ALG) is enable or disable depends on whether the host kernel is 4.1 or above, which has no bearing on whether the target system supports it. Remove the complicated logic and simply enable/disable as requested. (From OE-Core rev: 6998a3d7d0ecd27014053fe40c9fb4e0ec970880) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Add cryptodev-linux PACKAGECONFIGOvidiu Panait2019-05-221-0/+6
| | | | | | | | | | | | | | | | The old bsd cryptodev engine was removed in https://github.com/openssl/openssl/pull/3699 and the new one added in: https://github.com/openssl/openssl/pull/3744 It can be enabled by configuring with "enable-devcryptoeng". (From OE-Core rev: 89dc69464b9ec1c2cac5d2420dfe6928da50d384) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: drop Python 2.x dependency in -ptestAlexander Kanavin2019-05-221-1/+1
| | | | | | | | | | | | | | It is only needed by 95-test_external_pyca_data which is actually skipped on the target. [YOCTO #13204] (From OE-Core rev: ba193703ccda16c0ed834248d8c9fda0d6ad2302) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Fix ptest test output translationRichard Purdie2019-05-221-1/+1
| | | | | | | | | | | openssl-ptest was recording now results, despite most tests passing. Fix so that the successes/skips/failures are reported correctly. (From OE-Core rev: 87728d921cfa5997b454ebc5074d2c1aee2def89) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: Fix mutliple include assumptions for des.h in opensslconf.hDenys Dmytriyenko2019-03-052-0/+36
| | | | | | | | | | | | | | | | The fix is heavily based on Khem's previous fix for bn.h/BN_LLONG breakage: https://git.openembedded.org/openembedded-core/commit/?id=f787b0bb9b0626ddbf2ac94cb206c76716a3773d (From OE-Core rev: 914e1520bf9c45e14bce9993c9131a2c0702b9c9) (From OE-Core rev: 266e73a99b54f741bdbe5d689933c46b2b4731fd) Signed-off-by: Denys Dmytriyenko <denys@ti.com> Cc: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Denys Dmytriyenko <denys@ti.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: Fix mutliple include assumptions for bn.h in opensslconf.hKhem Raj2019-02-252-0/+34
| | | | | | | | | | | | | | | | After adding #pragma once to wrapper header ( opensslconf.h ) this latent issue got to bite us, where it expect bn.h to be including openssl.h to define BN_* defines, which is fragile. This patch removes the contraints for nested includes for bn.h (From OE-Core rev: f787b0bb9b0626ddbf2ac94cb206c76716a3773d) (From OE-Core rev: 19d5bffafb17ea0d5e8060716205cab6ab64f302) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: update to 1.0.2qAlexander Kanavin2019-02-252-36/+2
| | | | | | | | | | | (From OE-Core rev: 03149ca307282c22dd9ceb6fe3224bf586b03f6d) (From OE-Core rev: 572865e0d0a61e2096083edc622366e4ac9a8ad0) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix multilib file install conflictsXulin Sun2019-02-251-0/+4
| | | | | | | | | | | | | | | | | | | | To avoid issue like below if run "bitbake lib32-core-image-minimal" with series userspace packages(LAMP,krb5...) added. Add multilib_script support for openssl's c_rehash which is a perl script. Error: Transaction check error: file /usr/bin/c_rehash conflicts between attempted installs of lib32-openssl-bin-1.1.1-r0.armv7at2hf_neon and openssl-bin-1.1.1-r0.aarch64 (From OE-Core rev: a4032f3cc5de451f0e97eca1f0cbe4a310e1560b) (From OE-Core rev: eb875a7ecb74a9a63d81c64ec770ec65ed5d0211) Signed-off-by: Xulin Sun <xulin.sun@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iw: fix parsing of WEP keysLiu Haitao2019-02-252-0/+195
| | | | | | | | | | | | | | | The current iw4.14 has a fatal bug that could casue a Segmentation fault when parsing WEP keys. The issue has been fixed by upstream. [https://git.kernel.org/pub/scm/linux/kernel/git/jberg/iw.git/commit/?id=0e39f109c4b8155697a12ef090b59cdb304c8c44] (From OE-Core rev: 6de9eb72f679dd8d8e4de972b1da978522cff8b4) (From OE-Core rev: fcc56a2e2689a1574b9b928f8cd53e28721e4b9f) Signed-off-by: Liu Haitao <haitao.liu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: Fix a race issue for toolsRobert Yang2019-02-252-0/+33
| | | | | | | | | | | | | | | | Fixed: cp ../bluez-5.50/tools/hid2hci.rules tools/97-hid2hci.rules cp: cannot create regular file tools/97-hid2hci.rules: No such file or directory make[1]: *** [tools/97-hid2hci.rules] Error 1 (From OE-Core rev: 5cb2b165cf89a307531e199248bc98fb51541521) (From OE-Core rev: be0c94a40972618433c85fc097ede255f95e6c1d) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Skip assembler optimized code for powerpc64 with muslSerhey Popovych2019-02-252-0/+2
| | | | | | | | | | | | | | This code is written for elfv1 ABI in mind and linked as such: disable all optimizations at the moment when building for powerpc64 with musl. (From OE-Core rev: bee9e807430178426b2a5635b573ae285e889c39) (From OE-Core rev: f2513232d9adb6ec9cf6de06d577aeb6e34b69e0) Signed-off-by: Serhey Popovych <serhe.popovych@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* avahi: avoid depending on skipped packageJens Rehsack2019-02-251-1/+2
| | | | | | | | | | | | | | | | | | When built without D-Bus, libavahi-client is not build: Building libavahi-client: no (You need avahi-daemon and D-Bus!) which causes avahi-dev RDEPENDS failing when creating an image containing development-tools: * - nothing provides libavahi-client = 0.7-r0 needed by avahi-dev-0.7-r0.cortexa8hf-neon (From OE-Core rev: 319532792435be73e96c8319e90336e1298ac2a1) (From OE-Core rev: 0e65ddb5873c6d32ae3c8e86b269ada730cf6e9c) Signed-off-by: Jens Rehsack <sno@netbsd.org> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Strip perl version from installed ptest configdata.pm fileDouglas Royds2019-02-251-0/+1
| | | | | | | | | | | (From OE-Core rev: fab0f5162b930f87798be61359a5c287fb13a76c) (From OE-Core rev: d59e340dcd16b2b6a361196f867d9a31a9f36677) Signed-off-by: Douglas Royds <douglas.royds@taitradio.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl ptest: Strip build host paths from configdata.pmDouglas Royds2019-02-251-0/+1
| | | | | | | | | | | | | This file contains CC, CPP, CFLAGS, CXXFLAGS and the like. (From OE-Core rev: c423cd1070045849c3a5b4e2b53043b28e5194f7) (From OE-Core rev: a51c48feffb20a1d53dbcd3c06e3ebb5afc5ace6) Signed-off-by: Douglas Royds <douglas.royds@taitradio.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: correct bad path on package preprocessChristophe PRIOUZEAU2019-01-081-3/+3
| | | | | | | | | | | | | | | In case of SDK generation, /usr/bin/ path are not correct and must be replaced by ${bindir}. (From OE-Core rev: 0fa7d99444763192914e798d8bc9dba1d9cdae42) (From OE-Core rev: 6a1c020008d334b56b94399a61ad1dc3a4817b36) Signed-off-by: Christophe Priouzeau <christophe.priouzeau@st.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: update to 1.1.1aAlexander Kanavin2019-01-083-162/+2
| | | | | | | | | | | (From OE-Core rev: eec95f90093a6aa1d8be145e351fc9df4abef172) (From OE-Core rev: c9909ff8b5134d77d9ae5f205f863fcdab7b9fd0) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: 4.18.0 -> 4.19.0Changhyeok Bae2019-01-081-2/+2
| | | | | | | | | | | (From OE-Core rev: b5acefc041b2316c75eefae745d894412ac7bd78) (From OE-Core rev: 875ebdcaf479b38f7564d68f1530de08e50f8ba8) Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* socat: fix LICENSEPaul Eggleton2019-01-081-1/+1
| | | | | | | | | | | | | | | | According to both the README and source headers, the LICENSE value for socat is explicitly GPLv2, not v2 or later, so adjust LICENSE accordingly (leaving aside whether "GPL-2.0+-with-OpenSSL-exception" should actually be considered a valid LICENSE string or not). (From OE-Core rev: 466044a341a8b42159bd9388950c9079e0d7a2c3) (From OE-Core rev: 8d5565274545628cb0a7125b660e94f763cc7f49) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl-1.1.1: remove build path from version infoMartin Hundebøll2018-11-242-0/+71
| | | | | | | | | | | | | | | | | | The openssl build system generates buildinf.h containing the full compiler command line used to compile objects. This breaks reproducibility, as the compile command is baked into libcrypto, where it is used when running `openssl version -f`. Add stripped build variables for the compiler and cflags lines, and use those when generating buildinfo.h. This is based on a similar patch for older openssl versions: https://patchwork.openembedded.org/patch/147229/ (From OE-Core rev: 8f5b6a3789a7fcbac0a384b84b4c7ef5994023b6) Signed-off-by: Martin Hundebøll <martin@geanix.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix CVE-2018-0735 for 1.1.1Kai Kang2018-11-072-0/+51
| | | | | | | | | Backport patch to fix CVE-2018-0735 for openssl 1.1.1. (From OE-Core rev: 78e751e33d3ec4394d96391e737cc39cad960ebe) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix CVE-2018-0734 for both 1.0.2p and 1.1.1Kai Kang2018-11-074-0/+143
| | | | | | | | | | Backport patches to fix CVE-2018-0734 for both openssl 1.0.2p and 1.1.1 versions. (From OE-Core rev: 9d5c6a87eb72a8b8b8d417126a831565982ca9a6) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: do an out-of-tree buildRoss Burton2018-10-201-5/+10
| | | | | | | | | | OpenSSL supports out-of-tree builds so we should use them. This makes builds more reliable, and makes it easier to reduce the size of the ptest package. (From OE-Core rev: e028b4457781f60d8491a99a23011996fa913013) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix ptestRoss Burton2018-10-202-7/+27
| | | | | | | | | | | | | | | | | | | | Previously the ptest installation was simply a copy of the entire build tree, which is terribly ugly. Instead copy just the pieces we need, symlink to /usr as appropriate, and add missing dependencies. Remove PRIVATE_LIBS as we don't ship copies of the libraries now. Also remember to do 'set -x' in run-ptest, so if the tests fail the runner knows! [ YOCTO #12965 ] [ YOCTO #12967 ] (From OE-Core rev: 7831d2d3a1069b9d3a8d32e41f0a292e1add56ba) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: use config file dhcpd6.conf in dhcpd6.service for DHCP IPv6Yi Zhao2018-10-181-1/+1
| | | | | | | | | Use dhcpd6.conf for DHCP IPv6 and dhpcd.conf for DHCP IPv4. (From OE-Core rev: 0772ed9acf96c53b05e6ac19e1af78bbb1192a3b) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: correct license commentPaul Eggleton2018-10-161-1/+2
| | | | | | | | | | | | | | | | | The comment here stated that openssl is dual-licensed, but that would mean that either of the two licenses could be used which is *not* the case [1]. However LICENSE = "openssl" *is* correct because in OE that maps to a generic license file which includes both licenses, which makes sense because there isn't really any such thing as OpenSSL that would be covered by the "OpenSSL license" and not the "SSLeay license". Correct the comment to avoid any confusion. [1] https://www.openssl.org/source/license.html (From OE-Core rev: 6c821ce6ecae789320b31ec55c83907d6dd78359) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix startup failure in sysvinitChen Qi2018-10-162-0/+28
| | | | | | | | | | | | The generated key file should try to have bind group so that if the named daemon is started via '-u bind' option, which is the default in OE core, we will not get startup failure because of 'permission denied' error. (From OE-Core rev: fc4c4f40dbcf558a48058d944eef21e588d64aa0) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: use deterministic perl Text::Template module bundled by openssl sourceHongxu Jia2018-10-141-0/+1
| | | | | | | | | | | | | | | | | | | | | | 1. The building openssl requires to install perl Text::Template module(>=1.46), but Text::Template is a non core Perl module, openssl chooses to bundle Text::Template 1.46 into the source, for convenience. https://github.com/openssl/openssl/commit/8ff2af548303d311ce3591406111f77862875a60 2. While Text::Template < 1.46, the produced build files are gravely faulty. https://github.com/openssl/openssl/pull/6682 3. If host has installed Text::Template < 1.46 (such as CentOS-7.5 has Text:: Template 1.45). The mismatched old module was used although the right one in openssl source. So set PERL5LIB to use deterministic perl Text::Template module bundled by openssl source and ignore the one of host (From OE-Core rev: 5e7a75c226d4df0c066f04eaea014b8888c6bed2) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: update patch statusRoss Burton2018-10-081-1/+1
| | | | | | | | | These patches are all upstream now, so mark as Backport. (From OE-Core rev: 9a84114a279000329c2878a35f197a09217cd1fc) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: neaten patchesRoss Burton2018-10-042-9/+11
| | | | | | | | | | | The upstreamable include-tweaking patches contained fragments that should be in the not-upstreamable musl-specific res_ninit replacement, so move them to the right patch. (From OE-Core rev: 18fd5bc97e6b061eec4be0738f20fcbace6bdafe) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: skip ptest case `test_symbol_presence'Hongxu Jia2018-10-042-0/+47
| | | | | | | | | | | | | The case in ptest use `nm -Pg libcrypto.so' to check symbol presence, if library is stripped or debug split, the case will fail. The test case needs debug symbols then we just disable that test. (From OE-Core rev: 28d3a4cb1ffb508018faebf088eabfd14bcf3113) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: fix multilib install file conflictsKai Kang2018-10-011-1/+3
| | | | | | | | | | | | | It adds ${libdir} to linker options in scripts bind9-config and isc-config.sh. And then causes install file conflicts when install bind andl ib32-bind both. Inherit multilib_script.bbclass to fix this issue. (From OE-Core rev: d3baeaf09d5d3e7548e5b2ea1b565880ea6ce994) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: remove extra slash from libdir pathMikko Rapeli2018-09-251-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The configure script ended up creating Makefile with LIBDIR=/lib which got leaked into various places including all pkg-config .pc files where lines like (note the double slash //): libdir=${exec_prefix}//lib ... Libs: -L${libdir} -lcrypto which causes pkg-config --libs to include the full absolute path to the recipe specific sysroot. This isn't a big problem until something like CMake projects start generating their own .cmake modules using this absolute path and exposing them to sysroots of other bitbake recipes thus escaping their recipe specific sysroots. Then the fun begins when these users of the .cmake module start to randomly fail builds with error messages like: /home/builder/src/base/build/tmp/work/corei7-64-linux/package/1.0-r0/recipe-sysroot-native/usr/bin/x86_64-linux/../../libexec/x86_64-linux/gcc/x86_64-linux/7.3.0/ld: cannot find /lib/libpthread.so.0 /home/builder/src/base/build/tmp/work/corei7-64-linux/package/1.0-r0/recipe-sysroot-native/usr/bin/x86_64-linux/../../libexec/x86_64-linux/gcc/x86_64-linux/7.3.0/ld: cannot find /usr/lib/libpthread_nonshared.a collect2: error: ld returned 1 exit status ninja: build stopped: subcommand failed. WARNING: exit code 1 from a shell command. As luck has it, this problem goes away by recompiling the recipes alone but repeats with multiple recipes here and there when full images are build. A careful inspection of multi page linker command lines shows that some linker paramaters point to libraries in a different recipes sysroot than what bitbake was building when the task failed. So, fix is to remove this one extra slash from openssl library path configuration option. This changes openssl Makefile to have: LIBDIR=lib and all users of LIBDIR variable in the Makefile are already adding slashes as path separators if that is needed. With this the generated .pc files have: libdir=${exec_prefix}/lib and pkg-config --libs knows to strip the already default sysroot path away. This then fixes the generated .cmake files to not include these absolute paths and fixes the random build failures when building images. Thanks to Thomas, Michael and Ross for debugging support! (From OE-Core rev: d286e91bbdcecef16153313fe5e1e0e0cb469612) Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Cc: Thomas Witt <thomas.witt@bmw.de> Cc: Michael Ho <michael.ho@bmw.de> Cc: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Add support for ARCAlexey Brodkin2018-09-212-2/+2
| | | | | | | | (From OE-Core rev: 479d0e0d1002c025c9cbb0f03ed038c3feba44a7) Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mobile-broadband-provider: fix SRC_URIAnuj Mittal2018-09-211-1/+1
| | | | | | | | | | | Fixes build for older versions of git which don't follow redirects properly if the .git suffix is missing. (From OE-Core rev: 77c353cc9bdfbf1b6453b2579b72726db05eb69c) Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl10: fix compile error for debian-mips64Changqing Li2018-09-201-2/+2
| | | | | | | | | | | | | Current configuration for debian-mips64 is not correct, 'SIXTY_FOUR_BIT_LONG' need to be specified. otherwise, it will cause other recipe like crda compile failed since use default THIRTY_TWO_BIT mode. (From OE-Core rev: 68f82ceb289149885eb0b04547cb4f79a680183b) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libressl: remove recipeHongxu Jia2018-09-202-108/+0
| | | | | | | | | | Since openssh support oepnssl 1.1.x, there is no reason to keep libressl. (From OE-Core rev: 30121a78555574f49b321566fcab172417bdf3e3) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: upgrade 7.8p1 -> 7.8p1+git to support openssl 1.1.xHongxu Jia2018-09-201-6/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | - Convert from tarball to git repository which support openssl 1.1.x - There is no specific minor version that contains the openssl fix (it was merged to master a few days agao), rename recipe version to `7.8p1+git' - Fix regression test binaries missing In commit `1f7aaf7 openssh: build regression test binaries', it build regression test binaries, since upstream add two binaries in commits `c59aca8 Create control sockets in clean temp directories' and `1acc058 Disable tests where fs perms are incorrect', we should update do_compile_ptest. [ptest log] |/usr/lib/openssh/ptest/regress/test-exec.sh: line 330: /usr/lib/openssh/ ptest/regress/mkdtemp: No such file or directory [ptest log] (From OE-Core rev: 9d48cb3da696add33315cf129fe60102bd9756c9) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: update to 1.1.1 finalAlexander Kanavin2018-09-171-7/+3
| | | | | | | | | | | | | This is the new LTS release with support for TLS 1.3. Release announcement: https://www.openssl.org/blog/blog/2018/09/11/release111/ (From OE-Core rev: 6b0d5202002f76106ea33e4975c8ebef72a63fa1) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* socat: Cache shift value for CRDLY, TABDLY and CSIZEKhem Raj2018-09-131-2/+15
| | | | | | | | | | Match it to definitions in arch/<ARCH>/include/uapi/asm/termbits.h (From OE-Core rev: 3e222bf3e0631b385dc46b02b6ba890451c291b2) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: patch for CVE-2018-5740Changqing Li2018-09-112-0/+73
| | | | | | | | (From OE-Core rev: bf81b4e5327134e131e3198adad68c74afb5e259) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* mobile-broadband-provider-info: update patch statusRoss Burton2018-09-101-1/+2
| | | | | | | | | I pushed this upstream, so mark the patch as such. (From OE-Core rev: d1cae876c68b5b4ab666f1860d2935634a1f69dd) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>