From 61585632868fd487c3ce73fe76f7633676e30ab7 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Tue, 9 May 2023 19:23:22 +0200 Subject: ppp: upgrade 2.4.9 -> 2.5.0 Convert the build from handcrafted makefiles to autotools; this makes all custom tweaks in the recipe unnecessary, and allows removing all patches. (From OE-Core rev: 5512bf4dfd299b8d5d474d9f26c2146b3e53514a) Signed-off-by: Alexander Kanavin Signed-off-by: Alexandre Belloni Signed-off-by: Richard Purdie --- .../0001-ppp-fix-build-against-5.15-headers.patch | 36 ---------------- .../ppp/ppp/CVE-2022-4603.patch | 48 ---------------------- meta/recipes-connectivity/ppp/ppp/makefix.patch | 40 ------------------ 3 files changed, 124 deletions(-) delete mode 100644 meta/recipes-connectivity/ppp/ppp/0001-ppp-fix-build-against-5.15-headers.patch delete mode 100644 meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch delete mode 100644 meta/recipes-connectivity/ppp/ppp/makefix.patch (limited to 'meta/recipes-connectivity/ppp/ppp') diff --git a/meta/recipes-connectivity/ppp/ppp/0001-ppp-fix-build-against-5.15-headers.patch b/meta/recipes-connectivity/ppp/ppp/0001-ppp-fix-build-against-5.15-headers.patch deleted file mode 100644 index c91246dbf5..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/0001-ppp-fix-build-against-5.15-headers.patch +++ /dev/null @@ -1,36 +0,0 @@ -From aba3273273e826c6dc90f197ca9a3e800e826891 Mon Sep 17 00:00:00 2001 -From: Bruce Ashfield -Date: Fri, 5 Nov 2021 12:41:35 -0400 -Subject: [PATCH] ppp: fix build against 5.15 headers - -The 5.15 kernel has removed ipx support, along with the userspace -visible header. - -This support wasn't used previously (as it hasn't been very well -maintained in the kernel for several years), so we can simply -disable it in our build and wait for upstream to do a release that -drops the support. - -Upstream-Status: Inappropriate [OE-specific configuration/headers] - -Signed-off-by: Bruce Ashfield ---- - pppd/Makefile.linux | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux -index 22837c5..23b9b22 100644 ---- a/pppd/Makefile.linux -+++ b/pppd/Makefile.linux -@@ -91,7 +91,7 @@ MAXOCTETS=y - - INCLUDE_DIRS= -I../include - --COMPILE_FLAGS= -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP -pipe -+COMPILE_FLAGS= -DHAVE_PATHS_H -DHAVE_MMAP -pipe - - CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) '-DDESTDIR="@DESTDIR@"' - --- -2.25.1 - diff --git a/meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch b/meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch deleted file mode 100644 index 4325b1d6b0..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/CVE-2022-4603.patch +++ /dev/null @@ -1,48 +0,0 @@ -From a75fb7b198eed50d769c80c36629f38346882cbf Mon Sep 17 00:00:00 2001 -From: Paul Mackerras -Date: Thu, 4 Aug 2022 12:23:08 +1000 -Subject: [PATCH] pppdump: Avoid out-of-range access to packet buffer - -This fixes a potential vulnerability where data is written to spkt.buf -and rpkt.buf without a check on the array index. To fix this, we -check the array index (pkt->cnt) before storing the byte or -incrementing the count. This also means we no longer have a potential -signed integer overflow on the increment of pkt->cnt. - -Fortunately, pppdump is not used in the normal process of setting up a -PPP connection, is not installed setuid-root, and is not invoked -automatically in any scenario that I am aware of. - -Signed-off-by: Paul Mackerras - -Upstream-Status: Backport -Signed-off-by: Ross Burton ---- - pppdump/pppdump.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/pppdump/pppdump.c b/pppdump/pppdump.c -index 2b815fc9..b85a8627 100644 ---- a/pppdump/pppdump.c -+++ b/pppdump/pppdump.c -@@ -297,6 +297,10 @@ dumpppp(f) - printf("%s aborted packet:\n ", dir); - q = " "; - } -+ if (pkt->cnt >= sizeof(pkt->buf)) { -+ printf("%s over-long packet truncated:\n ", dir); -+ q = " "; -+ } - nb = pkt->cnt; - p = pkt->buf; - pkt->cnt = 0; -@@ -400,7 +404,8 @@ dumpppp(f) - c ^= 0x20; - pkt->esc = 0; - } -- pkt->buf[pkt->cnt++] = c; -+ if (pkt->cnt < sizeof(pkt->buf)) -+ pkt->buf[pkt->cnt++] = c; - break; - } - } diff --git a/meta/recipes-connectivity/ppp/ppp/makefix.patch b/meta/recipes-connectivity/ppp/ppp/makefix.patch deleted file mode 100644 index fce068cae0..0000000000 --- a/meta/recipes-connectivity/ppp/ppp/makefix.patch +++ /dev/null @@ -1,40 +0,0 @@ -We were seeing reproducibility issues where one host would use the internal -logwtmp wrapper, another would use the one in libutil. The issue was that in -some cases the "\#include" was making it to CC, in others, "#include". The -issue seems to be related to shell escaping. - -The root cause looks to be: -http://git.savannah.gnu.org/cgit/make.git/commit/?id=c6966b323811c37acedff05b576b907b06aea5f4 - -Instead of relying on shell quoting, use make to indirect the variable -and avoid the problem. - -See https://github.com/paulusmack/ppp/issues/233 - -Upstream-Status: Backport [https://github.com/paulusmack/ppp/commit/b4430f7092ececdff2504d5f3393a4c6528c3686] -Signed-off-by: Richard Purdie - -Index: ppp-2.4.9/pppd/Makefile.linux -=================================================================== ---- ppp-2.4.9.orig/pppd/Makefile.linux -+++ ppp-2.4.9/pppd/Makefile.linux -@@ -80,7 +80,8 @@ PLUGIN=y - #USE_SRP=y - - # Use libutil; test if logwtmp is declared in to detect --ifeq ($(shell echo '\#include ' | $(CC) -E - 2>/dev/null | grep -q logwtmp && echo yes),yes) -+UTMPHEADER = "\#include " -+ifeq ($(shell echo $(UTMPHEADER) | $(CC) -E - 2>/dev/null | grep -q logwtmp && echo yes),yes) - USE_LIBUTIL=y - endif - -@@ -143,7 +144,8 @@ CFLAGS += -DHAS_SHADOW - #LIBS += -lshadow $(LIBS) - endif - --ifeq ($(shell echo '\#include ' | $(CC) -E - >/dev/null 2>&1 && echo yes),yes) -+CRYPTHEADER = "\#include " -+ifeq ($(shell echo $(CRYPTHEADER) | $(CC) -E - >/dev/null 2>&1 && echo yes),yes) - CFLAGS += -DHAVE_CRYPT_H=1 - LIBS += -lcrypt - endif -- cgit v1.2.3-54-g00ecf