From 88bc5439bdf711aa56eedca15e6f0253a390a3ac Mon Sep 17 00:00:00 2001 From: Wang Mingyu Date: Fri, 13 Oct 2023 16:56:31 +0800 Subject: dhcpcd: upgrade 10.0.2 -> 10.0.3 0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch removed since it's included in 10.0.3 Changelog: =========== Do not crash on dhcpcd test run Add automated CI builds for Ubuntu, OpenBSD, FreeBSD and NetBSD dhcpcd: Fix off-by-one overflow when read() writes full BUFSIZ privsep: fix strlcpy overflow in psp_ifname ci: execute tests after successful build compat: update arc4random() to newer chacha20 based version from OpenBSD Support libcrypto for hmac and sha256 Use a local variable instead of the optind Send correct amount of used buffer for prefix exclude option compat: use OpenSSL RAND_priv_bytes() for entropy (From OE-Core rev: fcb9ac0f1c6cac0841d7b7a29b7180c4c580920f) Signed-off-by: Wang Mingyu Signed-off-by: Luca Ceresoli Signed-off-by: Richard Purdie --- meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb | 62 ---------------------- meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.3.bb | 61 +++++++++++++++++++++ ...ep-fix-strlcpy-overflow-in-psp_ifname-239.patch | 33 ------------ 3 files changed, 61 insertions(+), 95 deletions(-) delete mode 100644 meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb create mode 100644 meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.3.bb delete mode 100644 meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch (limited to 'meta/recipes-connectivity') diff --git a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb deleted file mode 100644 index 0966edd1b8..0000000000 --- a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.2.bb +++ /dev/null @@ -1,62 +0,0 @@ -SECTION = "console/network" -SUMMARY = "dhcpcd - a DHCP client" -DESCRIPTION = "dhcpcd runs on your machine and silently configures your \ - computer to work on the attached networks without trouble \ - and mostly without configuration." - -HOMEPAGE = "http://roy.marples.name/projects/dhcpcd/" - -LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=ba9c7e534853aaf3de76c905b2410ffd" - -SRC_URI = "git://github.com/NetworkConfiguration/dhcpcd;protocol=https;branch=master \ - file://0001-remove-INCLUDEDIR-to-prevent-build-issues.patch \ - file://0001-20-resolv.conf-improve-the-sitation-of-working-with-.patch \ - file://dhcpcd.service \ - file://dhcpcd@.service \ - file://0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch \ - file://0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch \ - " - -SRCREV = "d2fbde99cf2d0072016af9dfe6a77032a5a9fc30" -S = "${WORKDIR}/git" - -inherit pkgconfig autotools-brokensep systemd useradd - -SYSTEMD_SERVICE:${PN} = "dhcpcd.service" - -PACKAGECONFIG ?= "udev ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" - -PACKAGECONFIG[udev] = "--with-udev,--without-udev,udev,udev" -PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6" -# ntp conflicts with chrony -PACKAGECONFIG[ntp] = "--with-hook=ntp, , ,ntp" -PACKAGECONFIG[chrony] = "--with-hook=ntp, , ,chrony" -PACKAGECONFIG[ypbind] = "--with-eghook=yp, , ,ypbind-mt" - -# add option to override DBDIR location -DBDIR ?= "${localstatedir}/lib/${BPN}" - -EXTRA_OECONF = "--enable-ipv4 \ - --dbdir=${DBDIR} \ - --sbindir=${base_sbindir} \ - --runstatedir=/run \ - --enable-privsep \ - --privsepuser=dhcpcd \ - --with-hooks \ - --with-eghooks \ - " - -USERADD_PACKAGES = "${PN}" -USERADD_PARAM:${PN} = "--system -d ${DBDIR} -M -s /bin/false -U dhcpcd" - -do_install:append () { - # install systemd unit files - install -d ${D}${systemd_system_unitdir} - install -m 0644 ${WORKDIR}/dhcpcd*.service ${D}${systemd_system_unitdir} - - chmod 700 ${D}${DBDIR} - chown dhcpcd:dhcpcd ${D}${DBDIR} -} - -FILES:${PN}-dbg += "${libdir}/dhcpcd/dev/.debug" diff --git a/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.3.bb b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.3.bb new file mode 100644 index 0000000000..cc0fb382df --- /dev/null +++ b/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.3.bb @@ -0,0 +1,61 @@ +SECTION = "console/network" +SUMMARY = "dhcpcd - a DHCP client" +DESCRIPTION = "dhcpcd runs on your machine and silently configures your \ + computer to work on the attached networks without trouble \ + and mostly without configuration." + +HOMEPAGE = "http://roy.marples.name/projects/dhcpcd/" + +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://LICENSE;md5=ba9c7e534853aaf3de76c905b2410ffd" + +SRC_URI = "git://github.com/NetworkConfiguration/dhcpcd;protocol=https;branch=master \ + file://0001-remove-INCLUDEDIR-to-prevent-build-issues.patch \ + file://0001-20-resolv.conf-improve-the-sitation-of-working-with-.patch \ + file://dhcpcd.service \ + file://dhcpcd@.service \ + file://0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch \ + " + +SRCREV = "45fb8fd8dd281d2228c7abaddff7877d27e67146" +S = "${WORKDIR}/git" + +inherit pkgconfig autotools-brokensep systemd useradd + +SYSTEMD_SERVICE:${PN} = "dhcpcd.service" + +PACKAGECONFIG ?= "udev ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" + +PACKAGECONFIG[udev] = "--with-udev,--without-udev,udev,udev" +PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6" +# ntp conflicts with chrony +PACKAGECONFIG[ntp] = "--with-hook=ntp, , ,ntp" +PACKAGECONFIG[chrony] = "--with-hook=ntp, , ,chrony" +PACKAGECONFIG[ypbind] = "--with-eghook=yp, , ,ypbind-mt" + +# add option to override DBDIR location +DBDIR ?= "${localstatedir}/lib/${BPN}" + +EXTRA_OECONF = "--enable-ipv4 \ + --dbdir=${DBDIR} \ + --sbindir=${base_sbindir} \ + --runstatedir=/run \ + --enable-privsep \ + --privsepuser=dhcpcd \ + --with-hooks \ + --with-eghooks \ + " + +USERADD_PACKAGES = "${PN}" +USERADD_PARAM:${PN} = "--system -d ${DBDIR} -M -s /bin/false -U dhcpcd" + +do_install:append () { + # install systemd unit files + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/dhcpcd*.service ${D}${systemd_system_unitdir} + + chmod 700 ${D}${DBDIR} + chown dhcpcd:dhcpcd ${D}${DBDIR} +} + +FILES:${PN}-dbg += "${libdir}/dhcpcd/dev/.debug" diff --git a/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch b/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch deleted file mode 100644 index d4fb1737a6..0000000000 --- a/meta/recipes-connectivity/dhcpcd/files/0001-privsep-fix-strlcpy-overflow-in-psp_ifname-239.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 1bd8fc7d4b34f752a32709d277a897e5ad202d97 Mon Sep 17 00:00:00 2001 -From: Tobias Heider -Date: Tue, 15 Aug 2023 18:06:48 +0200 -Subject: [PATCH] privsep: fix strlcpy overflow in psp_ifname (#239) - -When running our Ubuntu tests with libc6 and strlcpy overflow checks -enabled we found that the wrong size is passed to strlcpy resulting -in a crash because of an overflow. - -Upstream-Status: Backport -[https://github.com/NetworkConfiguration/dhcpcd/commit/1bd8fc7d4b34f752a32709d277a897e5ad202d97] - -Signed-off-by: Yi Zhao ---- - src/privsep.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/privsep.c b/src/privsep.c -index b11c0351..cfe54742 100644 ---- a/src/privsep.c -+++ b/src/privsep.c -@@ -1200,7 +1200,7 @@ ps_newprocess(struct dhcpcd_ctx *ctx, struct ps_id *psid) - #endif - - if (!(ctx->options & DHCPCD_MANAGER)) -- strlcpy(psp->psp_ifname, ctx->ifv[0], sizeof(psp->psp_name)); -+ strlcpy(psp->psp_ifname, ctx->ifv[0], sizeof(psp->psp_ifname)); - TAILQ_INSERT_TAIL(&ctx->ps_processes, psp, next); - return psp; - } --- -2.25.1 - -- cgit v1.2.3-54-g00ecf