From 1bbdc674aef8abada28d130a23752c1d8a4620b9 Mon Sep 17 00:00:00 2001 From: Tom Rini Date: Wed, 3 Jan 2024 10:11:47 -0500 Subject: inetutils: Update to the 2.5 release The update from 2.4 to 2.5 was almost something AUH could take care of. However, we had backported two patches to address CVE-2023-40303 and that threw off AUH. These changes are confirmed to be in 2.5, so drop them and update to 2.5. (From OE-Core rev: e1bffeab27b062884f6366cde24ce1c67e7ec03e) Signed-off-by: Tom Rini Signed-off-by: Richard Purdie --- ...303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch | 279 --------------------- ...3-40303-Indent-changes-in-previous-commit.patch | 253 ------------------- .../inetutils/inetutils_2.4.bb | 220 ---------------- .../inetutils/inetutils_2.5.bb | 218 ++++++++++++++++ 4 files changed, 218 insertions(+), 752 deletions(-) delete mode 100644 meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch delete mode 100644 meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch delete mode 100644 meta/recipes-connectivity/inetutils/inetutils_2.4.bb create mode 100644 meta/recipes-connectivity/inetutils/inetutils_2.5.bb diff --git a/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch b/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch deleted file mode 100644 index 70bd98897d..0000000000 --- a/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch +++ /dev/null @@ -1,279 +0,0 @@ -From 703418fe9d2e3b1e8d594df5788d8001a8116265 Mon Sep 17 00:00:00 2001 -From: Jeffrey Bencteux -Date: Fri, 30 Jun 2023 19:02:45 +0200 -Subject: [PATCH] CVE-2023-40303: ftpd,rcp,rlogin,rsh,rshd,uucpd: fix: check - set*id() return values - -Several setuid(), setgid(), seteuid() and setguid() return values -were not checked in ftpd/rcp/rlogin/rsh/rshd/uucpd code potentially -leading to potential security issues. - -CVE: CVE-2023-40303 -Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=e4e65c03f4c11292a3e40ef72ca3f194c8bffdd6] -Signed-off-by: Jeffrey Bencteux -Signed-off-by: Simon Josefsson -Signed-off-by: Khem Raj ---- - ftpd/ftpd.c | 10 +++++++--- - src/rcp.c | 39 +++++++++++++++++++++++++++++++++------ - src/rlogin.c | 11 +++++++++-- - src/rsh.c | 25 +++++++++++++++++++++---- - src/rshd.c | 20 +++++++++++++++++--- - src/uucpd.c | 15 +++++++++++++-- - 6 files changed, 100 insertions(+), 20 deletions(-) - -diff --git a/ftpd/ftpd.c b/ftpd/ftpd.c -index 92b2cca5..28dd523f 100644 ---- a/ftpd/ftpd.c -+++ b/ftpd/ftpd.c -@@ -862,7 +862,9 @@ end_login (struct credentials *pcred) - char *remotehost = pcred->remotehost; - int atype = pcred->auth_type; - -- seteuid ((uid_t) 0); -+ if (seteuid ((uid_t) 0) == -1) -+ _exit (EXIT_FAILURE); -+ - if (pcred->logged_in) - { - logwtmp_keep_open (ttyline, "", ""); -@@ -1151,7 +1153,8 @@ getdatasock (const char *mode) - - if (data >= 0) - return fdopen (data, mode); -- seteuid ((uid_t) 0); -+ if (seteuid ((uid_t) 0) == -1) -+ _exit (EXIT_FAILURE); - s = socket (ctrl_addr.ss_family, SOCK_STREAM, 0); - if (s < 0) - goto bad; -@@ -1978,7 +1981,8 @@ passive (int epsv, int af) - else /* !AF_INET6 */ - ((struct sockaddr_in *) &pasv_addr)->sin_port = 0; - -- seteuid ((uid_t) 0); -+ if (seteuid ((uid_t) 0) == -1) -+ _exit (EXIT_FAILURE); - if (bind (pdata, (struct sockaddr *) &pasv_addr, pasv_addrlen) < 0) - { - if (seteuid ((uid_t) cred.uid)) -diff --git a/src/rcp.c b/src/rcp.c -index 75adb253..cdcf8500 100644 ---- a/src/rcp.c -+++ b/src/rcp.c -@@ -345,14 +345,23 @@ main (int argc, char *argv[]) - if (from_option) - { /* Follow "protocol", send data. */ - response (); -- setuid (userid); -+ -+ if (setuid (userid) == -1) -+ { -+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); -+ } -+ - source (argc, argv); - exit (errs); - } - - if (to_option) - { /* Receive data. */ -- setuid (userid); -+ if (setuid (userid) == -1) -+ { -+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); -+ } -+ - sink (argc, argv); - exit (errs); - } -@@ -537,7 +546,11 @@ toremote (char *targ, int argc, char *argv[]) - if (response () < 0) - exit (EXIT_FAILURE); - free (bp); -- setuid (userid); -+ -+ if (setuid (userid) == -1) -+ { -+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); -+ } - } - source (1, argv + i); - close (rem); -@@ -630,7 +643,12 @@ tolocal (int argc, char *argv[]) - ++errs; - continue; - } -- seteuid (userid); -+ -+ if (seteuid (userid) == -1) -+ { -+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); -+ } -+ - #if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT - sslen = sizeof (ss); - (void) getpeername (rem, (struct sockaddr *) &ss, &sslen); -@@ -643,7 +661,12 @@ tolocal (int argc, char *argv[]) - #endif - vect[0] = target; - sink (1, vect); -- seteuid (effuid); -+ -+ if (seteuid (effuid) == -1) -+ { -+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); -+ } -+ - close (rem); - rem = -1; - #ifdef SHISHI -@@ -1441,7 +1464,11 @@ susystem (char *s, int userid) - return (127); - - case 0: -- setuid (userid); -+ if (setuid (userid) == -1) -+ { -+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); -+ } -+ - execl (PATH_BSHELL, "sh", "-c", s, NULL); - _exit (127); - } -diff --git a/src/rlogin.c b/src/rlogin.c -index aa6426fb..c543de0c 100644 ---- a/src/rlogin.c -+++ b/src/rlogin.c -@@ -647,8 +647,15 @@ try_connect: - /* Now change to the real user ID. We have to be set-user-ID root - to get the privileged port that rcmd () uses. We now want, however, - to run as the real user who invoked us. */ -- seteuid (uid); -- setuid (uid); -+ if (seteuid (uid) == -1) -+ { -+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); -+ } -+ -+ if (setuid (uid) == -1) -+ { -+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); -+ } - - doit (&osmask); /* The old mask will activate SIGURG and SIGUSR1! */ - -diff --git a/src/rsh.c b/src/rsh.c -index 2d622ca4..6f60667d 100644 ---- a/src/rsh.c -+++ b/src/rsh.c -@@ -276,8 +276,17 @@ main (int argc, char **argv) - { - if (asrsh) - *argv = (char *) "rlogin"; -- seteuid (getuid ()); -- setuid (getuid ()); -+ -+ if (seteuid (getuid ()) == -1) -+ { -+ error (EXIT_FAILURE, errno, "seteuid() failed"); -+ } -+ -+ if (setuid (getuid ()) == -1) -+ { -+ error (EXIT_FAILURE, errno, "setuid() failed"); -+ } -+ - execv (PATH_RLOGIN, argv); - error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN); - } -@@ -541,8 +550,16 @@ try_connect: - error (0, errno, "setsockopt DEBUG (ignored)"); - } - -- seteuid (uid); -- setuid (uid); -+ if (seteuid (uid) == -1) -+ { -+ error (EXIT_FAILURE, errno, "seteuid() failed"); -+ } -+ -+ if (setuid (uid) == -1) -+ { -+ error (EXIT_FAILURE, errno, "setuid() failed"); -+ } -+ - #ifdef HAVE_SIGACTION - sigemptyset (&sigs); - sigaddset (&sigs, SIGINT); -diff --git a/src/rshd.c b/src/rshd.c -index d1c0d0cd..707790e7 100644 ---- a/src/rshd.c -+++ b/src/rshd.c -@@ -1847,8 +1847,18 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen) - pwd->pw_shell = PATH_BSHELL; - - /* Set the gid, then uid to become the user specified by "locuser" */ -- setegid ((gid_t) pwd->pw_gid); -- setgid ((gid_t) pwd->pw_gid); -+ if (setegid ((gid_t) pwd->pw_gid) == -1) -+ { -+ rshd_error ("Cannot drop privileges (setegid() failed)\n"); -+ exit (EXIT_FAILURE); -+ } -+ -+ if (setgid ((gid_t) pwd->pw_gid) == -1) -+ { -+ rshd_error ("Cannot drop privileges (setgid() failed)\n"); -+ exit (EXIT_FAILURE); -+ } -+ - #ifdef HAVE_INITGROUPS - initgroups (pwd->pw_name, pwd->pw_gid); /* BSD groups */ - #endif -@@ -1870,7 +1880,11 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen) - } - #endif /* WITH_PAM */ - -- setuid ((uid_t) pwd->pw_uid); -+ if (setuid ((uid_t) pwd->pw_uid) == -1) -+ { -+ rshd_error ("Cannot drop privileges (setuid() failed)\n"); -+ exit (EXIT_FAILURE); -+ } - - /* We'll execute the client's command in the home directory - * of locuser. Note, that the chdir must be executed after -diff --git a/src/uucpd.c b/src/uucpd.c -index 107589e1..29cfce35 100644 ---- a/src/uucpd.c -+++ b/src/uucpd.c -@@ -252,7 +252,12 @@ doit (struct sockaddr *sap, socklen_t salen) - snprintf (Username, sizeof (Username), "USER=%s", user); - snprintf (Logname, sizeof (Logname), "LOGNAME=%s", user); - dologin (pw, sap, salen); -- setgid (pw->pw_gid); -+ -+ if (setgid (pw->pw_gid) == -1) -+ { -+ fprintf (stderr, "setgid() failed"); -+ return; -+ } - #ifdef HAVE_INITGROUPS - initgroups (pw->pw_name, pw->pw_gid); - #endif -@@ -261,7 +266,13 @@ doit (struct sockaddr *sap, socklen_t salen) - fprintf (stderr, "Login incorrect."); - return; - } -- setuid (pw->pw_uid); -+ -+ if (setuid (pw->pw_uid) == -1) -+ { -+ fprintf (stderr, "setuid() failed"); -+ return; -+ } -+ - execl (uucico_location, "uucico", NULL); - perror ("uucico server: execl"); - } diff --git a/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch b/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch deleted file mode 100644 index 1b972aac29..0000000000 --- a/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch +++ /dev/null @@ -1,253 +0,0 @@ -From 70fe022f9dac760eaece0228cad17e3d29a57fb8 Mon Sep 17 00:00:00 2001 -From: Simon Josefsson -Date: Mon, 31 Jul 2023 13:59:05 +0200 -Subject: [PATCH] CVE-2023-40303: Indent changes in previous commit. - -CVE: CVE-2023-40303 -Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=9122999252c7e21eb7774de11d539748e7bdf46d] -Signed-off-by: Khem Raj ---- - src/rcp.c | 42 ++++++++++++++++++++++++------------------ - src/rlogin.c | 12 ++++++------ - src/rsh.c | 24 ++++++++++++------------ - src/rshd.c | 24 ++++++++++++------------ - src/uucpd.c | 16 ++++++++-------- - 5 files changed, 62 insertions(+), 56 deletions(-) - -diff --git a/src/rcp.c b/src/rcp.c -index cdcf8500..652f22e6 100644 ---- a/src/rcp.c -+++ b/src/rcp.c -@@ -347,9 +347,10 @@ main (int argc, char *argv[]) - response (); - - if (setuid (userid) == -1) -- { -- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); -- } -+ { -+ error (EXIT_FAILURE, 0, -+ "Could not drop privileges (setuid() failed)"); -+ } - - source (argc, argv); - exit (errs); -@@ -358,9 +359,10 @@ main (int argc, char *argv[]) - if (to_option) - { /* Receive data. */ - if (setuid (userid) == -1) -- { -- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); -- } -+ { -+ error (EXIT_FAILURE, 0, -+ "Could not drop privileges (setuid() failed)"); -+ } - - sink (argc, argv); - exit (errs); -@@ -548,9 +550,10 @@ toremote (char *targ, int argc, char *argv[]) - free (bp); - - if (setuid (userid) == -1) -- { -- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); -- } -+ { -+ error (EXIT_FAILURE, 0, -+ "Could not drop privileges (setuid() failed)"); -+ } - } - source (1, argv + i); - close (rem); -@@ -645,9 +648,10 @@ tolocal (int argc, char *argv[]) - } - - if (seteuid (userid) == -1) -- { -- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); -- } -+ { -+ error (EXIT_FAILURE, 0, -+ "Could not drop privileges (seteuid() failed)"); -+ } - - #if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT - sslen = sizeof (ss); -@@ -663,9 +667,10 @@ tolocal (int argc, char *argv[]) - sink (1, vect); - - if (seteuid (effuid) == -1) -- { -- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); -- } -+ { -+ error (EXIT_FAILURE, 0, -+ "Could not drop privileges (seteuid() failed)"); -+ } - - close (rem); - rem = -1; -@@ -1465,9 +1470,10 @@ susystem (char *s, int userid) - - case 0: - if (setuid (userid) == -1) -- { -- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); -- } -+ { -+ error (EXIT_FAILURE, 0, -+ "Could not drop privileges (setuid() failed)"); -+ } - - execl (PATH_BSHELL, "sh", "-c", s, NULL); - _exit (127); -diff --git a/src/rlogin.c b/src/rlogin.c -index c543de0c..4360202f 100644 ---- a/src/rlogin.c -+++ b/src/rlogin.c -@@ -648,14 +648,14 @@ try_connect: - to get the privileged port that rcmd () uses. We now want, however, - to run as the real user who invoked us. */ - if (seteuid (uid) == -1) -- { -- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); -- } -+ { -+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)"); -+ } - - if (setuid (uid) == -1) -- { -- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); -- } -+ { -+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)"); -+ } - - doit (&osmask); /* The old mask will activate SIGURG and SIGUSR1! */ - -diff --git a/src/rsh.c b/src/rsh.c -index 6f60667d..179b47cd 100644 ---- a/src/rsh.c -+++ b/src/rsh.c -@@ -278,14 +278,14 @@ main (int argc, char **argv) - *argv = (char *) "rlogin"; - - if (seteuid (getuid ()) == -1) -- { -- error (EXIT_FAILURE, errno, "seteuid() failed"); -- } -+ { -+ error (EXIT_FAILURE, errno, "seteuid() failed"); -+ } - - if (setuid (getuid ()) == -1) -- { -- error (EXIT_FAILURE, errno, "setuid() failed"); -- } -+ { -+ error (EXIT_FAILURE, errno, "setuid() failed"); -+ } - - execv (PATH_RLOGIN, argv); - error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN); -@@ -551,14 +551,14 @@ try_connect: - } - - if (seteuid (uid) == -1) -- { -- error (EXIT_FAILURE, errno, "seteuid() failed"); -- } -+ { -+ error (EXIT_FAILURE, errno, "seteuid() failed"); -+ } - - if (setuid (uid) == -1) -- { -- error (EXIT_FAILURE, errno, "setuid() failed"); -- } -+ { -+ error (EXIT_FAILURE, errno, "setuid() failed"); -+ } - - #ifdef HAVE_SIGACTION - sigemptyset (&sigs); -diff --git a/src/rshd.c b/src/rshd.c -index 707790e7..3a153a18 100644 ---- a/src/rshd.c -+++ b/src/rshd.c -@@ -1848,16 +1848,16 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen) - - /* Set the gid, then uid to become the user specified by "locuser" */ - if (setegid ((gid_t) pwd->pw_gid) == -1) -- { -- rshd_error ("Cannot drop privileges (setegid() failed)\n"); -- exit (EXIT_FAILURE); -- } -+ { -+ rshd_error ("Cannot drop privileges (setegid() failed)\n"); -+ exit (EXIT_FAILURE); -+ } - - if (setgid ((gid_t) pwd->pw_gid) == -1) -- { -- rshd_error ("Cannot drop privileges (setgid() failed)\n"); -- exit (EXIT_FAILURE); -- } -+ { -+ rshd_error ("Cannot drop privileges (setgid() failed)\n"); -+ exit (EXIT_FAILURE); -+ } - - #ifdef HAVE_INITGROUPS - initgroups (pwd->pw_name, pwd->pw_gid); /* BSD groups */ -@@ -1881,10 +1881,10 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen) - #endif /* WITH_PAM */ - - if (setuid ((uid_t) pwd->pw_uid) == -1) -- { -- rshd_error ("Cannot drop privileges (setuid() failed)\n"); -- exit (EXIT_FAILURE); -- } -+ { -+ rshd_error ("Cannot drop privileges (setuid() failed)\n"); -+ exit (EXIT_FAILURE); -+ } - - /* We'll execute the client's command in the home directory - * of locuser. Note, that the chdir must be executed after -diff --git a/src/uucpd.c b/src/uucpd.c -index 29cfce35..fde7b9c9 100644 ---- a/src/uucpd.c -+++ b/src/uucpd.c -@@ -254,10 +254,10 @@ doit (struct sockaddr *sap, socklen_t salen) - dologin (pw, sap, salen); - - if (setgid (pw->pw_gid) == -1) -- { -- fprintf (stderr, "setgid() failed"); -- return; -- } -+ { -+ fprintf (stderr, "setgid() failed"); -+ return; -+ } - #ifdef HAVE_INITGROUPS - initgroups (pw->pw_name, pw->pw_gid); - #endif -@@ -268,10 +268,10 @@ doit (struct sockaddr *sap, socklen_t salen) - } - - if (setuid (pw->pw_uid) == -1) -- { -- fprintf (stderr, "setuid() failed"); -- return; -- } -+ { -+ fprintf (stderr, "setuid() failed"); -+ return; -+ } - - execl (uucico_location, "uucico", NULL); - perror ("uucico server: execl"); diff --git a/meta/recipes-connectivity/inetutils/inetutils_2.4.bb b/meta/recipes-connectivity/inetutils/inetutils_2.4.bb deleted file mode 100644 index 957f1feac6..0000000000 --- a/meta/recipes-connectivity/inetutils/inetutils_2.4.bb +++ /dev/null @@ -1,220 +0,0 @@ -SUMMARY = "The GNU inetutils are a collection of common networking utilities and servers." -DESCRIPTION = "The GNU inetutils are a collection of common \ -networking utilities and servers including ftp, ftpd, rcp, \ -rexec, rlogin, rlogind, rsh, rshd, syslog, syslogd, talk, \ -talkd, telnet, telnetd, tftp, tftpd, and uucpd." -HOMEPAGE = "http://www.gnu.org/software/inetutils" -SECTION = "net" -DEPENDS = "ncurses netbase readline virtual/crypt" - -LICENSE = "GPL-3.0-only" - -LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7" - -SRC_URI[sha256sum] = "1789d6b1b1a57dfe2a7ab7b533ee9f5dfd9cbf5b59bb1bb3c2612ed08d0f68b2" -SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \ - file://rexec.xinetd.inetutils \ - file://rlogin.xinetd.inetutils \ - file://rsh.xinetd.inetutils \ - file://telnet.xinetd.inetutils \ - file://tftpd.xinetd.inetutils \ - file://0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch \ - file://0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch \ - " - -inherit autotools gettext update-alternatives texinfo - -acpaths = "-I ./m4" - -PACKAGECONFIG ??= "ftp uucpd \ - ${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ipv6 ping6', '', d)} \ - " -PACKAGECONFIG[ftp] = "--enable-ftp,--disable-ftp,readline" -PACKAGECONFIG[uucpd] = "--enable-uucpd,--disable-uucpd,readline" -PACKAGECONFIG[pam] = "--with-pam,--without-pam,libpam" -PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6 gl_cv_socket_ipv6=no," -PACKAGECONFIG[ping6] = "--enable-ping6,--disable-ping6," - -EXTRA_OECONF = "--with-ncurses-include-dir=${STAGING_INCDIR} \ - --with-libreadline-prefix=${STAGING_LIBDIR} \ - --enable-rpath=no \ - --with-path-login=${base_bindir}/login \ - --with-path-cp=${base_bindir}/cp \ - --with-path-uucico=${libexecdir}/uuico \ - --with-path-procnet-dev=/proc/net/dev \ - " - -EXTRA_OECONF:append:libc-musl = " --with-path-utmpx=/dev/null/utmpx --with-path-wtmpx=/dev/null/wtmpx" - -# These are horrible for security, disable them -EXTRA_OECONF:append = " --disable-rsh --disable-rshd --disable-rcp \ - --disable-rlogin --disable-rlogind --disable-rexec --disable-rexecd" - -# The configure script guesses many paths in cross builds, check for this happening -do_configure_cross_check() { - if grep "may be incorrect because of cross-compilation" ${B}/config.log; then - bberror Default path values used, these must be set explicitly - fi -} -do_configure[postfuncs] += "do_configure_cross_check" - -# The --with-path options are not actually options, so this check needs to be silenced -ERROR_QA:remove = "unknown-configure-option" - -do_configure:prepend () { - export HELP2MAN='true' -} - -do_install:append () { - install -m 0755 -d ${D}${base_sbindir} - install -m 0755 -d ${D}${sbindir} - install -m 0755 -d ${D}${sysconfdir}/xinetd.d - if [ "${base_bindir}" != "${bindir}" ] ; then - install -m 0755 -d ${D}${base_bindir} - mv ${D}${bindir}/ping* ${D}${base_bindir}/ - mv ${D}${bindir}/hostname ${D}${base_bindir}/ - mv ${D}${bindir}/dnsdomainname ${D}${base_bindir}/ - fi - mv ${D}${bindir}/ifconfig ${D}${base_sbindir}/ - mv ${D}${libexecdir}/syslogd ${D}${base_sbindir}/ - mv ${D}${libexecdir}/tftpd ${D}${sbindir}/in.tftpd - mv ${D}${libexecdir}/telnetd ${D}${sbindir}/in.telnetd - if [ -e ${D}${libexecdir}/rexecd ]; then - mv ${D}${libexecdir}/rexecd ${D}${sbindir}/in.rexecd - cp ${WORKDIR}/rexec.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rexec - fi - if [ -e ${D}${libexecdir}/rlogind ]; then - mv ${D}${libexecdir}/rlogind ${D}${sbindir}/in.rlogind - cp ${WORKDIR}/rlogin.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rlogin - fi - if [ -e ${D}${libexecdir}/rshd ]; then - mv ${D}${libexecdir}/rshd ${D}${sbindir}/in.rshd - cp ${WORKDIR}/rsh.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rsh - fi - if [ -e ${D}${libexecdir}/talkd ]; then - mv ${D}${libexecdir}/talkd ${D}${sbindir}/in.talkd - fi - mv ${D}${libexecdir}/uucpd ${D}${sbindir}/in.uucpd - mv ${D}${libexecdir}/* ${D}${bindir}/ - cp ${WORKDIR}/telnet.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/telnet - cp ${WORKDIR}/tftpd.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/tftpd - - sed -e 's,@SBINDIR@,${sbindir},g' -i ${D}/${sysconfdir}/xinetd.d/* - if [ -e ${D}${libdir}/charset.alias ]; then - rm -rf ${D}${libdir}/charset.alias - fi - rm -rf ${D}${libexecdir}/ - # remove usr/lib if empty - rmdir ${D}${libdir} || true -} - -PACKAGES =+ "${PN}-ping ${PN}-ping6 ${PN}-hostname ${PN}-ifconfig \ -${PN}-tftp ${PN}-logger ${PN}-traceroute ${PN}-syslogd \ -${PN}-ftp ${PN}-ftpd ${PN}-tftpd ${PN}-telnet ${PN}-telnetd ${PN}-inetd \ -${PN}-rsh ${PN}-rshd" - -# The packages tftpd, telnetd and rshd conflict with the ones -# provided by netkit, so add the corresponding -dbg packages -# for them to avoid the confliction between the dbg package -# of inetutils and netkit. -PACKAGES =+ "${PN}-tftpd-dbg ${PN}-telnetd-dbg ${PN}-rshd-dbg" -NOAUTOPACKAGEDEBUG = "1" - -ALTERNATIVE_PRIORITY = "79" -ALTERNATIVE:${PN} = "whois dnsdomainname" -ALTERNATIVE_LINK_NAME[uucpd] = "${sbindir}/in.uucpd" -ALTERNATIVE_LINK_NAME[dnsdomainname] = "${base_bindir}/dnsdomainname" - -ALTERNATIVE_PRIORITY_${PN}-logger = "60" -ALTERNATIVE:${PN}-logger = "logger" -ALTERNATIVE:${PN}-syslogd = "syslogd" -ALTERNATIVE_LINK_NAME[syslogd] = "${base_sbindir}/syslogd" - -ALTERNATIVE:${PN}-ftp = "ftp" -ALTERNATIVE:${PN}-ftpd = "ftpd" -ALTERNATIVE:${PN}-tftp = "tftp" -ALTERNATIVE:${PN}-tftpd = "tftpd" -ALTERNATIVE_LINK_NAME[tftpd] = "${sbindir}/tftpd" -ALTERNATIVE_TARGET[tftpd] = "${sbindir}/in.tftpd" - -ALTERNATIVE:${PN}-telnet = "telnet" -ALTERNATIVE:${PN}-telnetd = "telnetd" -ALTERNATIVE_LINK_NAME[telnetd] = "${sbindir}/telnetd" -ALTERNATIVE_TARGET[telnetd] = "${sbindir}/in.telnetd" - -ALTERNATIVE:${PN}-inetd= "inetd" -ALTERNATIVE:${PN}-traceroute = "traceroute" - -ALTERNATIVE:${PN}-hostname = "hostname" -ALTERNATIVE_LINK_NAME[hostname] = "${base_bindir}/hostname" - -ALTERNATIVE:${PN}-doc = "hostname.1 dnsdomainname.1 logger.1 syslogd.8 \ - tftpd.8 tftp.1 telnetd.8" -ALTERNATIVE_LINK_NAME[hostname.1] = "${mandir}/man1/hostname.1" -ALTERNATIVE_LINK_NAME[dnsdomainname.1] = "${mandir}/man1/dnsdomainname.1" -ALTERNATIVE_LINK_NAME[logger.1] = "${mandir}/man1/logger.1" -ALTERNATIVE_LINK_NAME[syslogd.8] = "${mandir}/man8/syslogd.8" -ALTERNATIVE_LINK_NAME[telnetd.8] = "${mandir}/man8/telnetd.8" -ALTERNATIVE_LINK_NAME[tftpd.8] = "${mandir}/man8/tftpd.8" -ALTERNATIVE_LINK_NAME[tftp.1] = "${mandir}/man1/tftp.1" - -ALTERNATIVE:${PN}-ifconfig = "ifconfig" -ALTERNATIVE_LINK_NAME[ifconfig] = "${base_sbindir}/ifconfig" - -ALTERNATIVE:${PN}-ping = "ping" -ALTERNATIVE_LINK_NAME[ping] = "${base_bindir}/ping" - -ALTERNATIVE:${PN}-ping6 = "${@bb.utils.filter('PACKAGECONFIG', 'ping6', d)}" -ALTERNATIVE_LINK_NAME[ping6] = "${base_bindir}/ping6" - - -FILES:${PN}-dbg += "${base_bindir}/.debug ${base_sbindir}/.debug ${bindir}/.debug ${sbindir}/.debug" -FILES:${PN}-ping = "${base_bindir}/ping.${BPN}" -FILES:${PN}-ping6 = "${base_bindir}/ping6.${BPN}" -FILES:${PN}-hostname = "${base_bindir}/hostname.${BPN}" -FILES:${PN}-ifconfig = "${base_sbindir}/ifconfig.${BPN}" -FILES:${PN}-traceroute = "${bindir}/traceroute.${BPN}" -FILES:${PN}-logger = "${bindir}/logger.${BPN}" - -FILES:${PN}-syslogd = "${base_sbindir}/syslogd.${BPN}" -RCONFLICTS:${PN}-syslogd = "rsyslog busybox-syslog sysklogd syslog-ng" - -FILES:${PN}-ftp = "${bindir}/ftp.${BPN}" - -FILES:${PN}-tftp = "${bindir}/tftp.${BPN}" -FILES:${PN}-telnet = "${bindir}/telnet.${BPN}" - -# We make us of RCONFLICTS / RPROVIDES here rather than using the normal -# alternatives method as this leads to packaging QA issues when using -# musl as that library does not provide what these applications need to -# build. -FILES:${PN}-rsh = "${bindir}/rsh ${bindir}/rlogin ${bindir}/rexec ${bindir}/rcp" -RCONFLICTS:${PN}-rsh += "netkit-rsh-client" -RPROVIDES:${PN}-rsh = "rsh" - -FILES:${PN}-rshd = "${sbindir}/in.rshd ${sbindir}/in.rlogind ${sbindir}/in.rexecd \ - ${sysconfdir}/xinetd.d/rsh ${sysconfdir}/xinetd.d/rlogin ${sysconfdir}/xinetd.d/rexec" -FILES:${PN}-rshd-dbg = "${sbindir}/.debug/in.rshd ${sbindir}/.debug/in.rlogind ${sbindir}/.debug/in.rexecd" -RDEPENDS:${PN}-rshd += "xinetd tcp-wrappers" -RCONFLICTS:${PN}-rshd += "netkit-rshd-server" -RPROVIDES:${PN}-rshd = "rshd" - -FILES:${PN}-ftpd = "${bindir}/ftpd.${BPN}" -FILES:${PN}-ftpd-dbg = "${bindir}/.debug/ftpd.${BPN}" -RDEPENDS:${PN}-ftpd += "xinetd" - -FILES:${PN}-tftpd = "${sbindir}/in.tftpd ${sysconfdir}/xinetd.d/tftpd" -FILES:${PN}-tftpd-dbg = "${sbindir}/.debug/in.tftpd" -RCONFLICTS:${PN}-tftpd += "netkit-tftpd" -RDEPENDS:${PN}-tftpd += "xinetd" - -FILES:${PN}-telnetd = "${sbindir}/in.telnetd ${sysconfdir}/xinetd.d/telnet" -FILES:${PN}-telnetd-dbg = "${sbindir}/.debug/in.telnetd" -RCONFLICTS:${PN}-telnetd += "netkit-telnet" -RPROVIDES:${PN}-telnetd = "telnetd" -RDEPENDS:${PN}-telnetd += "xinetd" - -FILES:${PN}-inetd = "${bindir}/inetd.${BPN}" - -RDEPENDS:${PN} = "xinetd" diff --git a/meta/recipes-connectivity/inetutils/inetutils_2.5.bb b/meta/recipes-connectivity/inetutils/inetutils_2.5.bb new file mode 100644 index 0000000000..0f1a0736bd --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils_2.5.bb @@ -0,0 +1,218 @@ +SUMMARY = "The GNU inetutils are a collection of common networking utilities and servers." +DESCRIPTION = "The GNU inetutils are a collection of common \ +networking utilities and servers including ftp, ftpd, rcp, \ +rexec, rlogin, rlogind, rsh, rshd, syslog, syslogd, talk, \ +talkd, telnet, telnetd, tftp, tftpd, and uucpd." +HOMEPAGE = "http://www.gnu.org/software/inetutils" +SECTION = "net" +DEPENDS = "ncurses netbase readline virtual/crypt" + +LICENSE = "GPL-3.0-only" + +LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7" + +SRC_URI[sha256sum] = "87697d60a31e10b5cb86a9f0651e1ec7bee98320d048c0739431aac3d5764fb6" +SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \ + file://rexec.xinetd.inetutils \ + file://rlogin.xinetd.inetutils \ + file://rsh.xinetd.inetutils \ + file://telnet.xinetd.inetutils \ + file://tftpd.xinetd.inetutils \ + " + +inherit autotools gettext update-alternatives texinfo + +acpaths = "-I ./m4" + +PACKAGECONFIG ??= "ftp uucpd \ + ${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ipv6 ping6', '', d)} \ + " +PACKAGECONFIG[ftp] = "--enable-ftp,--disable-ftp,readline" +PACKAGECONFIG[uucpd] = "--enable-uucpd,--disable-uucpd,readline" +PACKAGECONFIG[pam] = "--with-pam,--without-pam,libpam" +PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6 gl_cv_socket_ipv6=no," +PACKAGECONFIG[ping6] = "--enable-ping6,--disable-ping6," + +EXTRA_OECONF = "--with-ncurses-include-dir=${STAGING_INCDIR} \ + --with-libreadline-prefix=${STAGING_LIBDIR} \ + --enable-rpath=no \ + --with-path-login=${base_bindir}/login \ + --with-path-cp=${base_bindir}/cp \ + --with-path-uucico=${libexecdir}/uuico \ + --with-path-procnet-dev=/proc/net/dev \ + " + +EXTRA_OECONF:append:libc-musl = " --with-path-utmpx=/dev/null/utmpx --with-path-wtmpx=/dev/null/wtmpx" + +# These are horrible for security, disable them +EXTRA_OECONF:append = " --disable-rsh --disable-rshd --disable-rcp \ + --disable-rlogin --disable-rlogind --disable-rexec --disable-rexecd" + +# The configure script guesses many paths in cross builds, check for this happening +do_configure_cross_check() { + if grep "may be incorrect because of cross-compilation" ${B}/config.log; then + bberror Default path values used, these must be set explicitly + fi +} +do_configure[postfuncs] += "do_configure_cross_check" + +# The --with-path options are not actually options, so this check needs to be silenced +ERROR_QA:remove = "unknown-configure-option" + +do_configure:prepend () { + export HELP2MAN='true' +} + +do_install:append () { + install -m 0755 -d ${D}${base_sbindir} + install -m 0755 -d ${D}${sbindir} + install -m 0755 -d ${D}${sysconfdir}/xinetd.d + if [ "${base_bindir}" != "${bindir}" ] ; then + install -m 0755 -d ${D}${base_bindir} + mv ${D}${bindir}/ping* ${D}${base_bindir}/ + mv ${D}${bindir}/hostname ${D}${base_bindir}/ + mv ${D}${bindir}/dnsdomainname ${D}${base_bindir}/ + fi + mv ${D}${bindir}/ifconfig ${D}${base_sbindir}/ + mv ${D}${libexecdir}/syslogd ${D}${base_sbindir}/ + mv ${D}${libexecdir}/tftpd ${D}${sbindir}/in.tftpd + mv ${D}${libexecdir}/telnetd ${D}${sbindir}/in.telnetd + if [ -e ${D}${libexecdir}/rexecd ]; then + mv ${D}${libexecdir}/rexecd ${D}${sbindir}/in.rexecd + cp ${WORKDIR}/rexec.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rexec + fi + if [ -e ${D}${libexecdir}/rlogind ]; then + mv ${D}${libexecdir}/rlogind ${D}${sbindir}/in.rlogind + cp ${WORKDIR}/rlogin.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rlogin + fi + if [ -e ${D}${libexecdir}/rshd ]; then + mv ${D}${libexecdir}/rshd ${D}${sbindir}/in.rshd + cp ${WORKDIR}/rsh.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rsh + fi + if [ -e ${D}${libexecdir}/talkd ]; then + mv ${D}${libexecdir}/talkd ${D}${sbindir}/in.talkd + fi + mv ${D}${libexecdir}/uucpd ${D}${sbindir}/in.uucpd + mv ${D}${libexecdir}/* ${D}${bindir}/ + cp ${WORKDIR}/telnet.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/telnet + cp ${WORKDIR}/tftpd.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/tftpd + + sed -e 's,@SBINDIR@,${sbindir},g' -i ${D}/${sysconfdir}/xinetd.d/* + if [ -e ${D}${libdir}/charset.alias ]; then + rm -rf ${D}${libdir}/charset.alias + fi + rm -rf ${D}${libexecdir}/ + # remove usr/lib if empty + rmdir ${D}${libdir} || true +} + +PACKAGES =+ "${PN}-ping ${PN}-ping6 ${PN}-hostname ${PN}-ifconfig \ +${PN}-tftp ${PN}-logger ${PN}-traceroute ${PN}-syslogd \ +${PN}-ftp ${PN}-ftpd ${PN}-tftpd ${PN}-telnet ${PN}-telnetd ${PN}-inetd \ +${PN}-rsh ${PN}-rshd" + +# The packages tftpd, telnetd and rshd conflict with the ones +# provided by netkit, so add the corresponding -dbg packages +# for them to avoid the confliction between the dbg package +# of inetutils and netkit. +PACKAGES =+ "${PN}-tftpd-dbg ${PN}-telnetd-dbg ${PN}-rshd-dbg" +NOAUTOPACKAGEDEBUG = "1" + +ALTERNATIVE_PRIORITY = "79" +ALTERNATIVE:${PN} = "whois dnsdomainname" +ALTERNATIVE_LINK_NAME[uucpd] = "${sbindir}/in.uucpd" +ALTERNATIVE_LINK_NAME[dnsdomainname] = "${base_bindir}/dnsdomainname" + +ALTERNATIVE_PRIORITY_${PN}-logger = "60" +ALTERNATIVE:${PN}-logger = "logger" +ALTERNATIVE:${PN}-syslogd = "syslogd" +ALTERNATIVE_LINK_NAME[syslogd] = "${base_sbindir}/syslogd" + +ALTERNATIVE:${PN}-ftp = "ftp" +ALTERNATIVE:${PN}-ftpd = "ftpd" +ALTERNATIVE:${PN}-tftp = "tftp" +ALTERNATIVE:${PN}-tftpd = "tftpd" +ALTERNATIVE_LINK_NAME[tftpd] = "${sbindir}/tftpd" +ALTERNATIVE_TARGET[tftpd] = "${sbindir}/in.tftpd" + +ALTERNATIVE:${PN}-telnet = "telnet" +ALTERNATIVE:${PN}-telnetd = "telnetd" +ALTERNATIVE_LINK_NAME[telnetd] = "${sbindir}/telnetd" +ALTERNATIVE_TARGET[telnetd] = "${sbindir}/in.telnetd" + +ALTERNATIVE:${PN}-inetd= "inetd" +ALTERNATIVE:${PN}-traceroute = "traceroute" + +ALTERNATIVE:${PN}-hostname = "hostname" +ALTERNATIVE_LINK_NAME[hostname] = "${base_bindir}/hostname" + +ALTERNATIVE:${PN}-doc = "hostname.1 dnsdomainname.1 logger.1 syslogd.8 \ + tftpd.8 tftp.1 telnetd.8" +ALTERNATIVE_LINK_NAME[hostname.1] = "${mandir}/man1/hostname.1" +ALTERNATIVE_LINK_NAME[dnsdomainname.1] = "${mandir}/man1/dnsdomainname.1" +ALTERNATIVE_LINK_NAME[logger.1] = "${mandir}/man1/logger.1" +ALTERNATIVE_LINK_NAME[syslogd.8] = "${mandir}/man8/syslogd.8" +ALTERNATIVE_LINK_NAME[telnetd.8] = "${mandir}/man8/telnetd.8" +ALTERNATIVE_LINK_NAME[tftpd.8] = "${mandir}/man8/tftpd.8" +ALTERNATIVE_LINK_NAME[tftp.1] = "${mandir}/man1/tftp.1" + +ALTERNATIVE:${PN}-ifconfig = "ifconfig" +ALTERNATIVE_LINK_NAME[ifconfig] = "${base_sbindir}/ifconfig" + +ALTERNATIVE:${PN}-ping = "ping" +ALTERNATIVE_LINK_NAME[ping] = "${base_bindir}/ping" + +ALTERNATIVE:${PN}-ping6 = "${@bb.utils.filter('PACKAGECONFIG', 'ping6', d)}" +ALTERNATIVE_LINK_NAME[ping6] = "${base_bindir}/ping6" + + +FILES:${PN}-dbg += "${base_bindir}/.debug ${base_sbindir}/.debug ${bindir}/.debug ${sbindir}/.debug" +FILES:${PN}-ping = "${base_bindir}/ping.${BPN}" +FILES:${PN}-ping6 = "${base_bindir}/ping6.${BPN}" +FILES:${PN}-hostname = "${base_bindir}/hostname.${BPN}" +FILES:${PN}-ifconfig = "${base_sbindir}/ifconfig.${BPN}" +FILES:${PN}-traceroute = "${bindir}/traceroute.${BPN}" +FILES:${PN}-logger = "${bindir}/logger.${BPN}" + +FILES:${PN}-syslogd = "${base_sbindir}/syslogd.${BPN}" +RCONFLICTS:${PN}-syslogd = "rsyslog busybox-syslog sysklogd syslog-ng" + +FILES:${PN}-ftp = "${bindir}/ftp.${BPN}" + +FILES:${PN}-tftp = "${bindir}/tftp.${BPN}" +FILES:${PN}-telnet = "${bindir}/telnet.${BPN}" + +# We make us of RCONFLICTS / RPROVIDES here rather than using the normal +# alternatives method as this leads to packaging QA issues when using +# musl as that library does not provide what these applications need to +# build. +FILES:${PN}-rsh = "${bindir}/rsh ${bindir}/rlogin ${bindir}/rexec ${bindir}/rcp" +RCONFLICTS:${PN}-rsh += "netkit-rsh-client" +RPROVIDES:${PN}-rsh = "rsh" + +FILES:${PN}-rshd = "${sbindir}/in.rshd ${sbindir}/in.rlogind ${sbindir}/in.rexecd \ + ${sysconfdir}/xinetd.d/rsh ${sysconfdir}/xinetd.d/rlogin ${sysconfdir}/xinetd.d/rexec" +FILES:${PN}-rshd-dbg = "${sbindir}/.debug/in.rshd ${sbindir}/.debug/in.rlogind ${sbindir}/.debug/in.rexecd" +RDEPENDS:${PN}-rshd += "xinetd tcp-wrappers" +RCONFLICTS:${PN}-rshd += "netkit-rshd-server" +RPROVIDES:${PN}-rshd = "rshd" + +FILES:${PN}-ftpd = "${bindir}/ftpd.${BPN}" +FILES:${PN}-ftpd-dbg = "${bindir}/.debug/ftpd.${BPN}" +RDEPENDS:${PN}-ftpd += "xinetd" + +FILES:${PN}-tftpd = "${sbindir}/in.tftpd ${sysconfdir}/xinetd.d/tftpd" +FILES:${PN}-tftpd-dbg = "${sbindir}/.debug/in.tftpd" +RCONFLICTS:${PN}-tftpd += "netkit-tftpd" +RDEPENDS:${PN}-tftpd += "xinetd" + +FILES:${PN}-telnetd = "${sbindir}/in.telnetd ${sysconfdir}/xinetd.d/telnet" +FILES:${PN}-telnetd-dbg = "${sbindir}/.debug/in.telnetd" +RCONFLICTS:${PN}-telnetd += "netkit-telnet" +RPROVIDES:${PN}-telnetd = "telnetd" +RDEPENDS:${PN}-telnetd += "xinetd" + +FILES:${PN}-inetd = "${bindir}/inetd.${BPN}" + +RDEPENDS:${PN} = "xinetd" -- cgit v1.2.3-54-g00ecf