From af24c40ca46eff0390408f7b4e442ec9bdcd0c1e Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Tue, 5 May 2020 15:01:13 +0200 Subject: avahi: update to 0.8 (From OE-Core rev: 520cb26ac248994a88f161b6ad92211ffcb93d9b) Signed-off-by: Alexander Kanavin Signed-off-by: Richard Purdie --- meta/recipes-connectivity/avahi/avahi_0.7.bb | 183 --------------------- meta/recipes-connectivity/avahi/avahi_0.8.bb | 181 ++++++++++++++++++++ .../avahi/files/fix-CVE-2017-6519.patch | 48 ------ 3 files changed, 181 insertions(+), 231 deletions(-) delete mode 100644 meta/recipes-connectivity/avahi/avahi_0.7.bb create mode 100644 meta/recipes-connectivity/avahi/avahi_0.8.bb delete mode 100644 meta/recipes-connectivity/avahi/files/fix-CVE-2017-6519.patch diff --git a/meta/recipes-connectivity/avahi/avahi_0.7.bb b/meta/recipes-connectivity/avahi/avahi_0.7.bb deleted file mode 100644 index b25cffa3cd..0000000000 --- a/meta/recipes-connectivity/avahi/avahi_0.7.bb +++ /dev/null @@ -1,183 +0,0 @@ -SUMMARY = "Avahi IPv4LL network address configuration daemon" -DESCRIPTION = 'Avahi is a fully LGPL framework for Multicast DNS Service Discovery. It \ -allows programs to publish and discover services and hosts running on a local network \ -with no specific configuration. This tool implements IPv4LL, "Dynamic Configuration of \ -IPv4 Link-Local Addresses" (IETF RFC3927), a protocol for automatic IP address \ -configuration from the link-local 169.254.0.0/16 range without the need for a central \ -server.' -AUTHOR = "Lennart Poettering " -HOMEPAGE = "http://avahi.org" -BUGTRACKER = "https://github.com/lathiat/avahi/issues" -SECTION = "network" - -# major part is under LGPLv2.1+, but several .dtd, .xsl, initscripts and -# python scripts are under GPLv2+ -LICENSE = "GPLv2+ & LGPLv2.1+" -LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \ - file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \ - file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \ - file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \ - file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf" - -SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV}.tar.gz \ - file://fix-CVE-2017-6519.patch \ - " - -UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/" -SRC_URI[md5sum] = "d76c59d0882ac6c256d70a2a585362a6" -SRC_URI[sha256sum] = "57a99b5dfe7fdae794e3d1ee7a62973a368e91e414bd0dfa5d84434de5b14804" - -DEPENDS = "expat libcap libdaemon glib-2.0 intltool-native" - -# For gtk related PACKAGECONFIGs: gtk, gtk3 -AVAHI_GTK ?= "gtk3" - -PACKAGECONFIG ??= "dbus ${AVAHI_GTK}" -PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus" -PACKAGECONFIG[gtk] = "--enable-gtk,--disable-gtk,gtk+" -PACKAGECONFIG[gtk3] = "--enable-gtk3,--disable-gtk3,gtk+3" -PACKAGECONFIG[libdns_sd] = "--enable-compat-libdns_sd --enable-dbus,,dbus" - -inherit autotools pkgconfig gettext gobject-introspection - -EXTRA_OECONF = "--with-avahi-priv-access-group=adm \ - --disable-stack-protector \ - --disable-gdbm \ - --disable-mono \ - --disable-monodoc \ - --disable-qt3 \ - --disable-qt4 \ - --disable-python \ - --disable-doxygen-doc \ - --enable-manpages \ - ${EXTRA_OECONF_SYSVINIT} \ - ${EXTRA_OECONF_SYSTEMD} \ - " - -# The distro choice determines what init scripts are installed -EXTRA_OECONF_SYSVINIT = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','--with-distro=debian','--with-distro=none',d)}" -EXTRA_OECONF_SYSTEMD = "${@bb.utils.contains('DISTRO_FEATURES','systemd','--with-systemdsystemunitdir=${systemd_unitdir}/system/','--without-systemdsystemunitdir',d)}" - -do_configure_prepend() { - sed 's:AM_CHECK_PYMOD:echo "no pymod" #AM_CHECK_PYMOD:g' -i ${S}/configure.ac - - # This m4 file will get in the way of our introspection.m4 with special cross-compilation fixes - rm "${S}/common/introspection.m4" || true -} - -do_compile_prepend() { - export GIR_EXTRA_LIBS_PATH="${B}/avahi-gobject/.libs:${B}/avahi-common/.libs:${B}/avahi-client/.libs:${B}/avahi-glib/.libs" -} - -RRECOMMENDS_${PN}_append_libc-glibc = " libnss-mdns" - -do_install() { - autotools_do_install - rm -rf ${D}/run - rm -rf ${D}${datadir}/dbus-1/interfaces - test -d ${D}${datadir}/dbus-1 && rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1 - rm -rf ${D}${libdir}/avahi -} - -PACKAGES =+ "${@bb.utils.contains("PACKAGECONFIG", "libdns_sd", "libavahi-compat-libdnssd", "", d)}" - -FILES_libavahi-compat-libdnssd = "${libdir}/libdns_sd.so.*" - -RPROVIDES_libavahi-compat-libdnssd = "libdns-sd" - -SRC_URI += "file://00avahi-autoipd \ - file://99avahi-autoipd \ - file://initscript.patch \ - file://0001-Fix-opening-etc-resolv.conf-error.patch \ - " - -inherit update-rc.d systemd useradd - -PACKAGES =+ "libavahi-gobject avahi-daemon libavahi-common libavahi-core libavahi-client avahi-dnsconfd libavahi-glib avahi-autoipd avahi-utils avahi-discover avahi-ui" - -FILES_avahi-ui = "${libdir}/libavahi-ui*.so.*" -FILES_avahi-discover = "${datadir}/applications/avahi-discover.desktop \ - ${datadir}/avahi/interfaces/avahi-discover.ui \ - ${bindir}/avahi-discover-standalone \ - " - -LICENSE_libavahi-gobject = "LGPLv2.1+" -LICENSE_avahi-daemon = "LGPLv2.1+" -LICENSE_libavahi-common = "LGPLv2.1+" -LICENSE_libavahi-core = "LGPLv2.1+" -LICENSE_avahi-client = "LGPLv2.1+" -LICENSE_avahi-dnsconfd = "LGPLv2.1+" -LICENSE_libavahi-glib = "LGPLv2.1+" -LICENSE_avahi-autoipd = "LGPLv2.1+" -LICENSE_avahi-utils = "LGPLv2.1+" - -# As avahi doesn't put any files into PN, clear the files list to avoid problems -# if extra libraries appear. -FILES_${PN} = "" -FILES_avahi-autoipd = "${sbindir}/avahi-autoipd \ - ${sysconfdir}/avahi/avahi-autoipd.action \ - ${sysconfdir}/dhcp/*/avahi-autoipd \ - ${sysconfdir}/udhcpc.d/00avahi-autoipd \ - ${sysconfdir}/udhcpc.d/99avahi-autoipd" -FILES_libavahi-common = "${libdir}/libavahi-common.so.*" -FILES_libavahi-core = "${libdir}/libavahi-core.so.* ${libdir}/girepository-1.0/AvahiCore*.typelib" -FILES_avahi-daemon = "${sbindir}/avahi-daemon \ - ${sysconfdir}/avahi/avahi-daemon.conf \ - ${sysconfdir}/avahi/hosts \ - ${sysconfdir}/avahi/services \ - ${sysconfdir}/dbus-1 \ - ${sysconfdir}/init.d/avahi-daemon \ - ${datadir}/avahi/introspection/*.introspect \ - ${datadir}/avahi/avahi-service.dtd \ - ${datadir}/avahi/service-types \ - ${datadir}/dbus-1/system-services" -FILES_libavahi-client = "${libdir}/libavahi-client.so.*" -FILES_avahi-dnsconfd = "${sbindir}/avahi-dnsconfd \ - ${sysconfdir}/avahi/avahi-dnsconfd.action \ - ${sysconfdir}/init.d/avahi-dnsconfd" -FILES_libavahi-glib = "${libdir}/libavahi-glib.so.*" -FILES_libavahi-gobject = "${libdir}/libavahi-gobject.so.* ${libdir}/girepository-1.0/Avahi*.typelib" -FILES_avahi-utils = "${bindir}/avahi-* ${bindir}/b* ${datadir}/applications/b*" - -RDEPENDS_${PN}-dev = "avahi-daemon (= ${EXTENDPKGV}) libavahi-core (= ${EXTENDPKGV})" -RDEPENDS_${PN}-dev += "${@["", " libavahi-client (= ${EXTENDPKGV})"][bb.utils.contains('PACKAGECONFIG', 'dbus', 1, 0, d)]}" - -RRECOMMENDS_avahi-daemon_append_libc-glibc = " libnss-mdns" - -CONFFILES_avahi-daemon = "${sysconfdir}/avahi/avahi-daemon.conf" - -USERADD_PACKAGES = "avahi-daemon avahi-autoipd" -USERADD_PARAM_avahi-daemon = "--system --home /run/avahi-daemon \ - --no-create-home --shell /bin/false \ - --user-group avahi" - -USERADD_PARAM_avahi-autoipd = "--system --home /run/avahi-autoipd \ - --no-create-home --shell /bin/false \ - --user-group \ - -c \"Avahi autoip daemon\" \ - avahi-autoipd" - -INITSCRIPT_PACKAGES = "avahi-daemon avahi-dnsconfd" -INITSCRIPT_NAME_avahi-daemon = "avahi-daemon" -INITSCRIPT_PARAMS_avahi-daemon = "defaults 21 19" -INITSCRIPT_NAME_avahi-dnsconfd = "avahi-dnsconfd" -INITSCRIPT_PARAMS_avahi-dnsconfd = "defaults 22 19" - -SYSTEMD_PACKAGES = "${PN}-daemon ${PN}-dnsconfd" -SYSTEMD_SERVICE_${PN}-daemon = "avahi-daemon.service" -SYSTEMD_SERVICE_${PN}-dnsconfd = "avahi-dnsconfd.service" - -do_install_append() { - install -d ${D}${sysconfdir}/udhcpc.d - install ${WORKDIR}/00avahi-autoipd ${D}${sysconfdir}/udhcpc.d - install ${WORKDIR}/99avahi-autoipd ${D}${sysconfdir}/udhcpc.d -} - -# At the time the postinst runs, dbus might not be setup so only restart if running -# Don't exit early, because update-rc.d needs to run subsequently. -pkg_postinst_avahi-daemon () { -if [ -z "$D" ]; then - killall -q -HUP dbus-daemon || true -fi -} - diff --git a/meta/recipes-connectivity/avahi/avahi_0.8.bb b/meta/recipes-connectivity/avahi/avahi_0.8.bb new file mode 100644 index 0000000000..f4924fa1cb --- /dev/null +++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb @@ -0,0 +1,181 @@ +SUMMARY = "Avahi IPv4LL network address configuration daemon" +DESCRIPTION = 'Avahi is a fully LGPL framework for Multicast DNS Service Discovery. It \ +allows programs to publish and discover services and hosts running on a local network \ +with no specific configuration. This tool implements IPv4LL, "Dynamic Configuration of \ +IPv4 Link-Local Addresses" (IETF RFC3927), a protocol for automatic IP address \ +configuration from the link-local 169.254.0.0/16 range without the need for a central \ +server.' +AUTHOR = "Lennart Poettering " +HOMEPAGE = "http://avahi.org" +BUGTRACKER = "https://github.com/lathiat/avahi/issues" +SECTION = "network" + +# major part is under LGPLv2.1+, but several .dtd, .xsl, initscripts and +# python scripts are under GPLv2+ +LICENSE = "GPLv2+ & LGPLv2.1+" +LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \ + file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \ + file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \ + file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \ + file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf" + +SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV}.tar.gz \ + file://00avahi-autoipd \ + file://99avahi-autoipd \ + file://initscript.patch \ + file://0001-Fix-opening-etc-resolv.conf-error.patch \ + " + +UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/" +SRC_URI[md5sum] = "229c6aa30674fc43c202b22c5f8c2be7" +SRC_URI[sha256sum] = "060309d7a333d38d951bc27598c677af1796934dbd98e1024e7ad8de798fedda" + +DEPENDS = "expat libcap libdaemon glib-2.0 intltool-native" + +# For gtk related PACKAGECONFIGs: gtk, gtk3 +AVAHI_GTK ?= "gtk3" + +PACKAGECONFIG ??= "dbus ${AVAHI_GTK}" +PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus" +PACKAGECONFIG[gtk] = "--enable-gtk,--disable-gtk,gtk+" +PACKAGECONFIG[gtk3] = "--enable-gtk3,--disable-gtk3,gtk+3" +PACKAGECONFIG[libdns_sd] = "--enable-compat-libdns_sd --enable-dbus,,dbus" +PACKAGECONFIG[libevent] = "--enable-libevent,--disable-libevent,libevent" +PACKAGECONFIG[qt5] = "--enable-qt5,--disable-qt5,qtbase" + +inherit autotools pkgconfig gettext gobject-introspection + +EXTRA_OECONF = "--with-avahi-priv-access-group=adm \ + --disable-stack-protector \ + --disable-gdbm \ + --disable-dbm \ + --disable-mono \ + --disable-monodoc \ + --disable-qt3 \ + --disable-qt4 \ + --disable-python \ + --disable-doxygen-doc \ + --enable-manpages \ + ${EXTRA_OECONF_SYSVINIT} \ + ${EXTRA_OECONF_SYSTEMD} \ + " + +# The distro choice determines what init scripts are installed +EXTRA_OECONF_SYSVINIT = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','--with-distro=debian','--with-distro=none',d)}" +EXTRA_OECONF_SYSTEMD = "${@bb.utils.contains('DISTRO_FEATURES','systemd','--with-systemdsystemunitdir=${systemd_unitdir}/system/','--without-systemdsystemunitdir',d)}" + +do_configure_prepend() { + # This m4 file will get in the way of our introspection.m4 with special cross-compilation fixes + rm "${S}/common/introspection.m4" || true +} + +do_compile_prepend() { + export GIR_EXTRA_LIBS_PATH="${B}/avahi-gobject/.libs:${B}/avahi-common/.libs:${B}/avahi-client/.libs:${B}/avahi-glib/.libs" +} + +RRECOMMENDS_${PN}_append_libc-glibc = " libnss-mdns" + +do_install() { + autotools_do_install + rm -rf ${D}/run + rm -rf ${D}${datadir}/dbus-1/interfaces + test -d ${D}${datadir}/dbus-1 && rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1 + rm -rf ${D}${libdir}/avahi +} + +PACKAGES =+ "${@bb.utils.contains("PACKAGECONFIG", "libdns_sd", "libavahi-compat-libdnssd", "", d)}" + +FILES_libavahi-compat-libdnssd = "${libdir}/libdns_sd.so.*" + +RPROVIDES_libavahi-compat-libdnssd = "libdns-sd" + +inherit update-rc.d systemd useradd + +PACKAGES =+ "libavahi-gobject avahi-daemon libavahi-common libavahi-core libavahi-client avahi-dnsconfd libavahi-glib avahi-autoipd avahi-utils avahi-discover avahi-ui" + +FILES_avahi-ui = "${libdir}/libavahi-ui*.so.*" +FILES_avahi-discover = "${datadir}/applications/avahi-discover.desktop \ + ${datadir}/avahi/interfaces/avahi-discover.ui \ + ${bindir}/avahi-discover-standalone \ + " + +LICENSE_libavahi-gobject = "LGPLv2.1+" +LICENSE_avahi-daemon = "LGPLv2.1+" +LICENSE_libavahi-common = "LGPLv2.1+" +LICENSE_libavahi-core = "LGPLv2.1+" +LICENSE_avahi-client = "LGPLv2.1+" +LICENSE_avahi-dnsconfd = "LGPLv2.1+" +LICENSE_libavahi-glib = "LGPLv2.1+" +LICENSE_avahi-autoipd = "LGPLv2.1+" +LICENSE_avahi-utils = "LGPLv2.1+" + +# As avahi doesn't put any files into PN, clear the files list to avoid problems +# if extra libraries appear. +FILES_${PN} = "" +FILES_avahi-autoipd = "${sbindir}/avahi-autoipd \ + ${sysconfdir}/avahi/avahi-autoipd.action \ + ${sysconfdir}/dhcp/*/avahi-autoipd \ + ${sysconfdir}/udhcpc.d/00avahi-autoipd \ + ${sysconfdir}/udhcpc.d/99avahi-autoipd" +FILES_libavahi-common = "${libdir}/libavahi-common.so.*" +FILES_libavahi-core = "${libdir}/libavahi-core.so.* ${libdir}/girepository-1.0/AvahiCore*.typelib" +FILES_avahi-daemon = "${sbindir}/avahi-daemon \ + ${sysconfdir}/avahi/avahi-daemon.conf \ + ${sysconfdir}/avahi/hosts \ + ${sysconfdir}/avahi/services \ + ${sysconfdir}/dbus-1 \ + ${sysconfdir}/init.d/avahi-daemon \ + ${datadir}/avahi/introspection/*.introspect \ + ${datadir}/avahi/avahi-service.dtd \ + ${datadir}/avahi/service-types \ + ${datadir}/dbus-1/system-services" +FILES_libavahi-client = "${libdir}/libavahi-client.so.*" +FILES_avahi-dnsconfd = "${sbindir}/avahi-dnsconfd \ + ${sysconfdir}/avahi/avahi-dnsconfd.action \ + ${sysconfdir}/init.d/avahi-dnsconfd" +FILES_libavahi-glib = "${libdir}/libavahi-glib.so.*" +FILES_libavahi-gobject = "${libdir}/libavahi-gobject.so.* ${libdir}/girepository-1.0/Avahi*.typelib" +FILES_avahi-utils = "${bindir}/avahi-* ${bindir}/b* ${datadir}/applications/b*" + +RDEPENDS_${PN}-dev = "avahi-daemon (= ${EXTENDPKGV}) libavahi-core (= ${EXTENDPKGV})" +RDEPENDS_${PN}-dev += "${@["", " libavahi-client (= ${EXTENDPKGV})"][bb.utils.contains('PACKAGECONFIG', 'dbus', 1, 0, d)]}" + +RRECOMMENDS_avahi-daemon_append_libc-glibc = " libnss-mdns" + +CONFFILES_avahi-daemon = "${sysconfdir}/avahi/avahi-daemon.conf" + +USERADD_PACKAGES = "avahi-daemon avahi-autoipd" +USERADD_PARAM_avahi-daemon = "--system --home /run/avahi-daemon \ + --no-create-home --shell /bin/false \ + --user-group avahi" + +USERADD_PARAM_avahi-autoipd = "--system --home /run/avahi-autoipd \ + --no-create-home --shell /bin/false \ + --user-group \ + -c \"Avahi autoip daemon\" \ + avahi-autoipd" + +INITSCRIPT_PACKAGES = "avahi-daemon avahi-dnsconfd" +INITSCRIPT_NAME_avahi-daemon = "avahi-daemon" +INITSCRIPT_PARAMS_avahi-daemon = "defaults 21 19" +INITSCRIPT_NAME_avahi-dnsconfd = "avahi-dnsconfd" +INITSCRIPT_PARAMS_avahi-dnsconfd = "defaults 22 19" + +SYSTEMD_PACKAGES = "${PN}-daemon ${PN}-dnsconfd" +SYSTEMD_SERVICE_${PN}-daemon = "avahi-daemon.service" +SYSTEMD_SERVICE_${PN}-dnsconfd = "avahi-dnsconfd.service" + +do_install_append() { + install -d ${D}${sysconfdir}/udhcpc.d + install ${WORKDIR}/00avahi-autoipd ${D}${sysconfdir}/udhcpc.d + install ${WORKDIR}/99avahi-autoipd ${D}${sysconfdir}/udhcpc.d +} + +# At the time the postinst runs, dbus might not be setup so only restart if running +# Don't exit early, because update-rc.d needs to run subsequently. +pkg_postinst_avahi-daemon () { +if [ -z "$D" ]; then + killall -q -HUP dbus-daemon || true +fi +} + diff --git a/meta/recipes-connectivity/avahi/files/fix-CVE-2017-6519.patch b/meta/recipes-connectivity/avahi/files/fix-CVE-2017-6519.patch deleted file mode 100644 index 7461fe193d..0000000000 --- a/meta/recipes-connectivity/avahi/files/fix-CVE-2017-6519.patch +++ /dev/null @@ -1,48 +0,0 @@ -Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/e111def] - -CVE: CVE-2017-6519 - -Signed-off-by: Kai Kang - -From e111def44a7df4624a4aa3f85fe98054bffb6b4f Mon Sep 17 00:00:00 2001 -From: Trent Lloyd -Date: Sat, 22 Dec 2018 09:06:07 +0800 -Subject: [PATCH] Drop legacy unicast queries from address not on local link - -When handling legacy unicast queries, ensure that the source IP is -inside a subnet on the local link, otherwise drop the packet. - -Fixes #145 -Fixes #203 -CVE-2017-6519 -CVE-2018-1000845 ---- - avahi-core/server.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/avahi-core/server.c b/avahi-core/server.c -index a2cb19a8..a2580e38 100644 ---- a/avahi-core/server.c -+++ b/avahi-core/server.c -@@ -930,6 +930,7 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres - - if (avahi_dns_packet_is_query(p)) { - int legacy_unicast = 0; -+ char t[AVAHI_ADDRESS_STR_MAX]; - - /* For queries EDNS0 might allow ARCOUNT != 0. We ignore the - * AR section completely here, so far. Until the day we add -@@ -947,6 +948,13 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres - legacy_unicast = 1; - } - -+ if (!is_mdns_mcast_address(dst_address) && -+ !avahi_interface_address_on_link(i, src_address)) { -+ -+ avahi_log_debug("Received non-local unicast query from host %s on interface '%s.%i'.", avahi_address_snprint(t, sizeof(t), src_address), i->hardware->name, i->protocol); -+ return; -+ } -+ - if (legacy_unicast) - reflect_legacy_unicast_query_packet(s, p, i, src_address, port); - -- cgit v1.2.3-54-g00ecf