diff options
Diffstat (limited to 'meta/recipes-connectivity')
66 files changed, 1787 insertions, 946 deletions
diff --git a/meta/recipes-connectivity/bind/bind/bind-add-crosscripts-search-path-for-xml2-config.patch b/meta/recipes-connectivity/bind/bind/bind-add-crosscripts-search-path-for-xml2-config.patch new file mode 100644 index 0000000000..4f1a3f8e89 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/bind-add-crosscripts-search-path-for-xml2-config.patch @@ -0,0 +1,35 @@ +From 8fa549fe5390875d56f75e20d364394cd5ccf388 Mon Sep 17 00:00:00 2001 +From: Joe MacDonald <joe_macdonald@mentor.com> +Date: Mon, 3 Nov 2014 21:52:02 -0500 +Subject: [PATCH] bind: add crosscripts search path for xml2-config + +The configure script was testing xml2-config from bin but in openembedded +bin folder is not copied to sysroot so the test was failing. Added another +condition to test libxml-2.0.pc which is present in lib folder. Used pkg-config +to get libs and cflags information. + +Upstream-Status: Inappropriate [ openembedded specific ] + +Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> +Signed-off-by: Noor Ahsan <noor_ahsan@mentor.com> +--- + configure.in | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/configure.in b/configure.in +index 3d04f4c..6032f67 100644 +--- a/configure.in ++++ b/configure.in +@@ -1433,6 +1433,9 @@ case "$use_libxml2" in + if test -f "$use_libxml2/bin/xml2-config" ; then + libxml2_libs=`$use_libxml2/bin/xml2-config --libs` + libxml2_cflags=`$use_libxml2/bin/xml2-config --cflags` ++ elif test -f "$use_libxml2/lib/pkgconfig/libxml-2.0.pc" ; then ++ libxml2_libs=`pkg-config libxml-2.0 --libs` ++ libxml2_cflags=`pkg-config libxml-2.0 --cflags` + fi + ;; + esac +-- +1.9.1 + diff --git a/meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2014-8500.patch b/meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2014-8500.patch new file mode 100644 index 0000000000..62142d2313 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind/bind9_9_5-CVE-2014-8500.patch @@ -0,0 +1,990 @@ +From 603a0e2637b35a2da820bc807f69bcf09c682dce Mon Sep 17 00:00:00 2001 +From: Evan Hunt <each@isc.org> +Date: Mon, 17 Nov 2014 23:49:07 -0800 +Subject: [PATCH] [v9_9] limit recursion depth and iterative queries + +4006. [security] A flaw in delegation handling could be exploited + to put named into an infinite loop. This has + been addressed by placing limits on the number + of levels of recursion named will allow (default 7), + and the number of iterative queries that it will + send (default 50) before terminating a recursive + query (CVE-2014-8500). + + The recursion depth limit is configured via the + "max-recursion-depth" option. [RT #35780] + +Upstream-Status: Backport + +Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> +--- + bin/named/config.c | 3 +- + bin/named/include/named/query.h | 2 - + bin/named/query.c | 7 ++- + bin/named/server.c | 5 ++ + bin/tests/system/many/clean.sh | 7 +++ + bin/tests/system/many/ns1/named.conf | 33 +++++++++++++ + bin/tests/system/many/ns2/named.conf | 30 ++++++++++++ + bin/tests/system/many/ns3/named.conf | 32 +++++++++++++ + bin/tests/system/many/ns4/named.conf | 30 ++++++++++++ + bin/tests/system/many/ns5/hints.db | 2 + + bin/tests/system/many/ns5/named.conf | 29 ++++++++++++ + bin/tests/system/many/setup.sh | 75 ++++++++++++++++++++++++++++++ + bin/tests/system/many/tests.sh | 48 +++++++++++++++++++ + doc/arm/Bv9ARM-book.xml | 12 +++++ + lib/dns/adb.c | 58 ++++++++++++++++------- + lib/dns/include/dns/adb.h | 8 ++++ + lib/dns/include/dns/resolver.h | 25 ++++++++++ + lib/dns/resolver.c | 90 ++++++++++++++++++++++++++++++------ + lib/isccfg/namedconf.c | 1 + + 20 files changed, 471 insertions(+), 37 deletions(-) + create mode 100644 bin/tests/system/many/clean.sh + create mode 100644 bin/tests/system/many/ns1/named.conf + create mode 100644 bin/tests/system/many/ns2/named.conf + create mode 100644 bin/tests/system/many/ns3/named.conf + create mode 100644 bin/tests/system/many/ns4/named.conf + create mode 100644 bin/tests/system/many/ns5/hints.db + create mode 100644 bin/tests/system/many/ns5/named.conf + create mode 100644 bin/tests/system/many/setup.sh + create mode 100644 bin/tests/system/many/tests.sh + +diff --git a/bin/named/config.c b/bin/named/config.c +index 2782720..5ee8c4e 100644 +--- a/bin/named/config.c ++++ b/bin/named/config.c +@@ -15,8 +15,6 @@ + * PERFORMANCE OF THIS SOFTWARE. + */ + +-/* $Id: config.c,v 1.123 2012/01/06 23:46:41 tbox Exp $ */ +- + /*! \file */ + + #include <config.h> +@@ -160,6 +158,7 @@ options {\n\ + dnssec-accept-expired no;\n\ + clients-per-query 10;\n\ + max-clients-per-query 100;\n\ ++ max-recursion-depth 7;\n\ + zero-no-soa-ttl-cache no;\n\ + nsec3-test-zone no;\n\ + allow-new-zones no;\n\ +diff --git a/bin/named/include/named/query.h b/bin/named/include/named/query.h +index 3beabb8..b5e3900 100644 +--- a/bin/named/include/named/query.h ++++ b/bin/named/include/named/query.h +@@ -15,8 +15,6 @@ + * PERFORMANCE OF THIS SOFTWARE. + */ + +-/* $Id: query.h,v 1.45 2011/01/13 04:59:24 tbox Exp $ */ +- + #ifndef NAMED_QUERY_H + #define NAMED_QUERY_H 1 + +diff --git a/bin/named/query.c b/bin/named/query.c +index 982f76d..47bfc6a 100644 +--- a/bin/named/query.c ++++ b/bin/named/query.c +@@ -3877,12 +3877,11 @@ query_recurse(ns_client_t *client, dns_rdatatype_t qtype, dns_name_t *qname, + peeraddr = &client->peeraddr; + else + peeraddr = NULL; +- result = dns_resolver_createfetch2(client->view->resolver, ++ result = dns_resolver_createfetch3(client->view->resolver, + qname, qtype, qdomain, nameservers, + NULL, peeraddr, client->message->id, +- client->query.fetchoptions, +- client->task, +- query_resume, client, ++ client->query.fetchoptions, 0, ++ client->task, query_resume, client, + rdataset, sigrdataset, + &client->query.fetch); + +diff --git a/bin/named/server.c b/bin/named/server.c +index ac015a4..0559977 100644 +--- a/bin/named/server.c ++++ b/bin/named/server.c +@@ -3161,6 +3161,11 @@ configure_view(dns_view_t *view, cfg_obj_t *config, cfg_obj_t *vconfig, + cfg_obj_asuint32(obj), + max_clients_per_query); + ++ obj = NULL; ++ result = ns_config_get(maps, "max-recursion-depth", &obj); ++ INSIST(result == ISC_R_SUCCESS); ++ dns_resolver_setmaxdepth(view->resolver, cfg_obj_asuint32(obj)); ++ + #ifdef ALLOW_FILTER_AAAA_ON_V4 + obj = NULL; + result = ns_config_get(maps, "filter-aaaa-on-v4", &obj); +diff --git a/bin/tests/system/many/clean.sh b/bin/tests/system/many/clean.sh +new file mode 100644 +index 0000000..119b1f5 +--- /dev/null ++++ b/bin/tests/system/many/clean.sh +@@ -0,0 +1,7 @@ ++rm -f ns1/[1-9]*example.tld?.db ++rm -f ns2/[1-9]*example.tld?.db ++rm -f ns1/zones.conf ++rm -f ns2/zones.conf ++rm -f */root.db ++rm -f ns3/tld1.db ++rm -f ns4/tld2.db +diff --git a/bin/tests/system/many/ns1/named.conf b/bin/tests/system/many/ns1/named.conf +new file mode 100644 +index 0000000..abc9dca +--- /dev/null ++++ b/bin/tests/system/many/ns1/named.conf +@@ -0,0 +1,33 @@ ++/* ++ * Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC") ++ * ++ * Permission to use, copy, modify, and/or distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH ++ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY ++ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, ++ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM ++ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE ++ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ++ * PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++controls { /* empty */ }; ++ ++options { ++ query-source address 10.53.0.1; ++ notify-source 10.53.0.1; ++ transfer-source 10.53.0.1; ++ port 5300; ++ pid-file "named.pid"; ++ listen-on { 10.53.0.1; }; ++ listen-on-v6 { none; }; ++ recursion no; ++}; ++ ++include "zones.conf"; ++ ++// zone "tld1" { type master; file "tld1.db"; }; ++// zone "tld2" { type master; file "tld2.db"; }; +diff --git a/bin/tests/system/many/ns2/named.conf b/bin/tests/system/many/ns2/named.conf +new file mode 100644 +index 0000000..16266e2 +--- /dev/null ++++ b/bin/tests/system/many/ns2/named.conf +@@ -0,0 +1,30 @@ ++/* ++ * Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC") ++ * ++ * Permission to use, copy, modify, and/or distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH ++ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY ++ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, ++ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM ++ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE ++ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ++ * PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++controls { /* empty */ }; ++ ++options { ++ query-source address 10.53.0.2; ++ notify-source 10.53.0.2; ++ transfer-source 10.53.0.2; ++ port 5300; ++ pid-file "named.pid"; ++ listen-on { 10.53.0.2; }; ++ listen-on-v6 { none; }; ++ recursion no; ++}; ++ ++include "zones.conf"; +diff --git a/bin/tests/system/many/ns3/named.conf b/bin/tests/system/many/ns3/named.conf +new file mode 100644 +index 0000000..b950afe +--- /dev/null ++++ b/bin/tests/system/many/ns3/named.conf +@@ -0,0 +1,32 @@ ++/* ++ * Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC") ++ * ++ * Permission to use, copy, modify, and/or distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH ++ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY ++ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, ++ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM ++ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE ++ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ++ * PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++controls { /* empty */ }; ++ ++options { ++ query-source address 10.53.0.3; ++ notify-source 10.53.0.3; ++ transfer-source 10.53.0.3; ++ port 5300; ++ pid-file "named.pid"; ++ listen-on { 10.53.0.3; }; ++ listen-on-v6 { none; }; ++ recursion no; ++}; ++ ++zone "." { type master; file "root.db"; }; ++ ++zone "tld1" { type master; file "tld1.db"; }; +diff --git a/bin/tests/system/many/ns4/named.conf b/bin/tests/system/many/ns4/named.conf +new file mode 100644 +index 0000000..ca9aa6a +--- /dev/null ++++ b/bin/tests/system/many/ns4/named.conf +@@ -0,0 +1,30 @@ ++/* ++ * Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC") ++ * ++ * Permission to use, copy, modify, and/or distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH ++ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY ++ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, ++ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM ++ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE ++ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ++ * PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++controls { /* empty */ }; ++ ++options { ++ query-source address 10.53.0.4; ++ notify-source 10.53.0.4; ++ transfer-source 10.53.0.4; ++ port 5300; ++ pid-file "named.pid"; ++ listen-on { 10.53.0.4; }; ++ listen-on-v6 { none; }; ++ recursion no; ++}; ++ ++zone "tld2" { type master; file "tld2.db"; }; +diff --git a/bin/tests/system/many/ns5/hints.db b/bin/tests/system/many/ns5/hints.db +new file mode 100644 +index 0000000..c05809b +--- /dev/null ++++ b/bin/tests/system/many/ns5/hints.db +@@ -0,0 +1,2 @@ ++. 60 in ns ns.nil. ++ns.nil. 60 in A 10.53.0.3 +diff --git a/bin/tests/system/many/ns5/named.conf b/bin/tests/system/many/ns5/named.conf +new file mode 100644 +index 0000000..fce7d59 +--- /dev/null ++++ b/bin/tests/system/many/ns5/named.conf +@@ -0,0 +1,29 @@ ++/* ++ * Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC") ++ * ++ * Permission to use, copy, modify, and/or distribute this software for any ++ * purpose with or without fee is hereby granted, provided that the above ++ * copyright notice and this permission notice appear in all copies. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH ++ * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY ++ * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, ++ * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM ++ * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE ++ * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ++ * PERFORMANCE OF THIS SOFTWARE. ++ */ ++ ++controls { /* empty */ }; ++ ++options { ++ query-source address 10.53.0.5; ++ notify-source 10.53.0.5; ++ transfer-source 10.53.0.5; ++ port 5300; ++ pid-file "named.pid"; ++ listen-on { 10.53.0.5; }; ++ listen-on-v6 { none; }; ++}; ++ ++zone "." { type hint; file "hints.db"; }; +diff --git a/bin/tests/system/many/setup.sh b/bin/tests/system/many/setup.sh +new file mode 100644 +index 0000000..80695b5 +--- /dev/null ++++ b/bin/tests/system/many/setup.sh +@@ -0,0 +1,75 @@ ++i=1 ++ ++cat > ns3/root.db << EOF ++. 60 in soa ns.nil. hostmaster.ns.nil. 1 0 0 0 0 ++. 60 in ns ns.nil. ++ns.nil. 60 in a 10.53.0.3 ++tld1. 60 in ns ns.tld1. ++ns.tld1. 60 in a 10.53.0.3 ++tld2. 60 in ns ns.tld2. ++ns.tld2. 60 in a 10.53.0.4 ++EOF ++ ++cat > ns3/tld1.db << EOF ++tld1. 60 in soa ns.tld1. hostmaster.ns.tld1. 1 0 0 0 0 ++tld1. 60 in ns ns.tld1. ++ns.tld1. 60 in a 10.53.0.1 ++EOF ++ ++cat > ns4/tld2.db << EOF ++tld2. 60 in soa ns.tld2. hostmaster.ns.tld4. 1 0 0 0 0 ++tld2. 60 in ns ns.tld2. ++ns.tld2. 60 in a 10.53.0.1 ++EOF ++ ++: > ns1/zones.conf ++: > ns2/zones.conf ++ ++while [ $i -lt 1000 ] ++do ++j=`expr $i + 1` ++s=`expr $j % 2 + 1` ++n=`expr $i % 2 + 1` ++t=`expr $s + 2` ++ ++# i=1 j=2 s=1 n=2 ++# i=2 j=3 s=1 n=2 ++# i=3 j=4 s=1 n=2 ++ ++cat > ns1/${i}example.tld${s}.db << EOF ++${i}example.tld${s}. 60 in soa ns.${j}example.tld${n}. hostmaster 1 0 0 0 0 ++${i}example.tld${s}. 60 in ns ns.${j}example.tld${n}. ++ns.${i}example.tld${s}. 60 in a 10.53.0.1 ++EOF ++ ++cat >> ns1/zones.conf << EOF ++zone "${i}example.tld${s}" { type master; file "${i}example.tld${s}.db"; }; ++EOF ++ ++cat >> ns${t}/tld${s}.db << EOF ++${i}example.tld${s}. 60 in ns ns.${j}example.tld${n}. ++EOF ++ ++i=$j ++ ++done ++ ++j=`expr $i + 1` ++s=`expr $j % 2 + 1` ++n=`expr $s % 2 + 1` ++t=`expr $s + 2` ++ ++cat > ns1/${i}example.tld${s}.db << EOF ++${i}example.tld${s}. 60 in soa ns.${i}example.tld${s}. hostmaster 1 0 0 0 0 ++${i}example.tld${s}. 60 in ns ns.${i}example.tld${s}. ++ns.${i}example.tld${s}. 60 in a 10.53.0.1 ++EOF ++ ++cat >> ns1/zones.conf << EOF ++zone "${i}example.tld${s}" { type master; file "${i}example.tld${s}.db"; }; ++EOF ++ ++cat >> ns${t}/tld${s}.db << EOF ++${i}example.tld${s}. 60 in ns ns.${i}example.tld${s}. ++ns.${i}example.tld${s}. 60 in a 10.53.0.1 ++EOF +diff --git a/bin/tests/system/many/tests.sh b/bin/tests/system/many/tests.sh +new file mode 100644 +index 0000000..37964e2 +--- /dev/null ++++ b/bin/tests/system/many/tests.sh +@@ -0,0 +1,48 @@ ++#!/bin/sh ++# ++# Copyright (C) 2014 Internet Systems Consortium, Inc. ("ISC") ++# ++# Permission to use, copy, modify, and/or distribute this software for any ++# purpose with or without fee is hereby granted, provided that the above ++# copyright notice and this permission notice appear in all copies. ++# ++# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH ++# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY ++# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, ++# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM ++# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE ++# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR ++# PERFORMANCE OF THIS SOFTWARE. ++ ++SYSTEMTESTTOP=.. ++. $SYSTEMTESTTOP/conf.sh ++ ++status=0 ++n=0 ++ ++n=`expr $n + 1` ++echo "I: attempt lookup 1example.tld2 soa ($n)" ++ret=0 ++$DIG +tcp 1example.tld1 soa @10.53.0.5 -p 5300 > dig.out.test$n ++grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 ++if [ $ret != 0 ]; then echo "I:failed"; fi ++status=`expr $status + $ret` ++ ++n=`expr $n + 1` ++echo "I: attempt lookup 992example.tld2 soa ($n)" ++ret=0 ++$DIG +tcp 992example.tld2 soa @10.53.0.5 -p 5300 > dig.out.test$n ++grep "status: SERVFAIL" dig.out.test$n > /dev/null || ret=1 ++if [ $ret != 0 ]; then echo "I:failed"; fi ++status=`expr $status + $ret` ++ ++n=`expr $n + 1` ++echo "I: attempt lookup 993example.tld1 soa ($n)" ++ret=0 ++$DIG +tcp 993example.tld1 soa @10.53.0.5 -p 5300 > dig.out.test$n ++grep "status: NOERROR" dig.out.test$n > /dev/null || ret=1 ++if [ $ret != 0 ]; then echo "I:failed"; fi ++status=`expr $status + $ret` ++ ++echo "I:exit status: $status" ++exit $status +diff --git a/doc/arm/Bv9ARM-book.xml b/doc/arm/Bv9ARM-book.xml +index 9f7bd38..fff4249 100644 +--- a/doc/arm/Bv9ARM-book.xml ++++ b/doc/arm/Bv9ARM-book.xml +@@ -4861,6 +4861,7 @@ badresp:1,adberr:0,findfail:0,valfail:0] + <optional> max-acache-size <replaceable>size_spec</replaceable> ; </optional> + <optional> clients-per-query <replaceable>number</replaceable> ; </optional> + <optional> max-clients-per-query <replaceable>number</replaceable> ; </optional> ++ <optional> max-recursion-depth <replaceable>number</replaceable> ; </optional> + <optional> masterfile-format (<constant>text</constant>|<constant>raw</constant>) ; </optional> + <optional> empty-server <replaceable>name</replaceable> ; </optional> + <optional> empty-contact <replaceable>name</replaceable> ; </optional> +@@ -8680,6 +8681,17 @@ avoid-v6-udp-ports { 40000; range 50000 60000; }; + </listitem> + </varlistentry> + ++ <varlistentry id="max-recursion-depth"> ++ <term><command>max-recursion-depth</command></term> ++ <listitem> ++ <para> ++ Sets the maximum number of levels of recursion ++ permitted at any one time while resolving a name. ++ The default is 7. ++ </para> ++ </listitem> ++ </varlistentry> ++ + <varlistentry> + <term><command>notify-delay</command></term> + <listitem> +diff --git a/lib/dns/adb.c b/lib/dns/adb.c +index 2ccb51e..fe9b3f7 100644 +--- a/lib/dns/adb.c ++++ b/lib/dns/adb.c +@@ -199,6 +199,7 @@ struct dns_adbfetch { + unsigned int magic; + dns_fetch_t *fetch; + dns_rdataset_t rdataset; ++ unsigned int depth; + }; + + /*% +@@ -300,7 +301,7 @@ static inline void violate_locking_hierarchy(isc_mutex_t *, isc_mutex_t *); + static isc_boolean_t clean_namehooks(dns_adb_t *, dns_adbnamehooklist_t *); + static void clean_target(dns_adb_t *, dns_name_t *); + static void clean_finds_at_name(dns_adbname_t *, isc_eventtype_t, +- unsigned int); ++ isc_uint32_t, unsigned int); + static isc_boolean_t check_expire_namehooks(dns_adbname_t *, isc_stdtime_t); + static isc_boolean_t check_expire_entry(dns_adb_t *, dns_adbentry_t **, + isc_stdtime_t); +@@ -308,7 +309,7 @@ static void cancel_fetches_at_name(dns_adbname_t *); + static isc_result_t dbfind_name(dns_adbname_t *, isc_stdtime_t, + dns_rdatatype_t); + static isc_result_t fetch_name(dns_adbname_t *, isc_boolean_t, +- dns_rdatatype_t); ++ unsigned int, dns_rdatatype_t); + static inline void check_exit(dns_adb_t *); + static void destroy(dns_adb_t *); + static isc_boolean_t shutdown_names(dns_adb_t *); +@@ -984,7 +985,7 @@ kill_name(dns_adbname_t **n, isc_eventtype_t ev) { + * Clean up the name's various lists. These two are destructive + * in that they will always empty the list. + */ +- clean_finds_at_name(name, ev, DNS_ADBFIND_ADDRESSMASK); ++ clean_finds_at_name(name, ev, 0, DNS_ADBFIND_ADDRESSMASK); + result4 = clean_namehooks(adb, &name->v4); + result6 = clean_namehooks(adb, &name->v6); + clean_target(adb, &name->target); +@@ -1409,7 +1410,7 @@ event_free(isc_event_t *event) { + */ + static void + clean_finds_at_name(dns_adbname_t *name, isc_eventtype_t evtype, +- unsigned int addrs) ++ isc_uint32_t qtotal, unsigned int addrs) + { + isc_event_t *ev; + isc_task_t *task; +@@ -1469,6 +1470,7 @@ clean_finds_at_name(dns_adbname_t *name, isc_eventtype_t evtype, + ev->ev_sender = find; + find->result_v4 = find_err_map[name->fetch_err]; + find->result_v6 = find_err_map[name->fetch6_err]; ++ find->qtotal += qtotal; + ev->ev_type = evtype; + ev->ev_destroy = event_free; + ev->ev_destroy_arg = find; +@@ -1827,6 +1829,7 @@ new_adbfind(dns_adb_t *adb) { + h->flags = 0; + h->result_v4 = ISC_R_UNEXPECTED; + h->result_v6 = ISC_R_UNEXPECTED; ++ h->qtotal = 0; + ISC_LINK_INIT(h, publink); + ISC_LINK_INIT(h, plink); + ISC_LIST_INIT(h->list); +@@ -2799,6 +2802,19 @@ dns_adb_createfind(dns_adb_t *adb, isc_task_t *task, isc_taskaction_t action, + isc_stdtime_t now, dns_name_t *target, + in_port_t port, dns_adbfind_t **findp) + { ++ return (dns_adb_createfind2(adb, task, action, arg, name, ++ qname, qtype, options, now, ++ target, port, 0, findp)); ++} ++ ++isc_result_t ++dns_adb_createfind2(dns_adb_t *adb, isc_task_t *task, isc_taskaction_t action, ++ void *arg, dns_name_t *name, dns_name_t *qname, ++ dns_rdatatype_t qtype, unsigned int options, ++ isc_stdtime_t now, dns_name_t *target, ++ in_port_t port, unsigned int depth, ++ dns_adbfind_t **findp) ++{ + dns_adbfind_t *find; + dns_adbname_t *adbname; + int bucket; +@@ -3029,7 +3045,7 @@ dns_adb_createfind(dns_adb_t *adb, isc_task_t *task, isc_taskaction_t action, + * Start V4. + */ + if (WANT_INET(wanted_fetches) && +- fetch_name(adbname, start_at_zone, ++ fetch_name(adbname, start_at_zone, depth, + dns_rdatatype_a) == ISC_R_SUCCESS) { + DP(DEF_LEVEL, + "dns_adb_createfind: started A fetch for name %p", +@@ -3040,7 +3056,7 @@ dns_adb_createfind(dns_adb_t *adb, isc_task_t *task, isc_taskaction_t action, + * Start V6. + */ + if (WANT_INET6(wanted_fetches) && +- fetch_name(adbname, start_at_zone, ++ fetch_name(adbname, start_at_zone, depth, + dns_rdatatype_aaaa) == ISC_R_SUCCESS) { + DP(DEF_LEVEL, + "dns_adb_createfind: " +@@ -3656,6 +3672,7 @@ fetch_callback(isc_task_t *task, isc_event_t *ev) { + isc_result_t result; + unsigned int address_type; + isc_boolean_t want_check_exit = ISC_FALSE; ++ isc_uint32_t qtotal = 0; + + UNUSED(task); + +@@ -3666,6 +3683,8 @@ fetch_callback(isc_task_t *task, isc_event_t *ev) { + adb = name->adb; + INSIST(DNS_ADB_VALID(adb)); + ++ qtotal = dev->qtotal; ++ + bucket = name->lock_bucket; + LOCK(&adb->namelocks[bucket]); + +@@ -3783,6 +3802,12 @@ fetch_callback(isc_task_t *task, isc_event_t *ev) { + DP(DEF_LEVEL, "adb: fetch of '%s' %s failed: %s", + buf, address_type == DNS_ADBFIND_INET ? "A" : "AAAA", + dns_result_totext(dev->result)); ++ /* ++ * Don't record a failure unless this is the initial ++ * fetch of a chain. ++ */ ++ if (fetch->depth > 1) ++ goto out; + /* XXXMLG Don't pound on bad servers. */ + if (address_type == DNS_ADBFIND_INET) { + name->expire_v4 = ISC_MIN(name->expire_v4, now + 300); +@@ -3814,15 +3839,14 @@ fetch_callback(isc_task_t *task, isc_event_t *ev) { + free_adbfetch(adb, &fetch); + isc_event_free(&ev); + +- clean_finds_at_name(name, ev_status, address_type); ++ clean_finds_at_name(name, ev_status, qtotal, address_type); + + UNLOCK(&adb->namelocks[bucket]); + } + + static isc_result_t +-fetch_name(dns_adbname_t *adbname, +- isc_boolean_t start_at_zone, +- dns_rdatatype_t type) ++fetch_name(dns_adbname_t *adbname, isc_boolean_t start_at_zone, ++ unsigned int depth, dns_rdatatype_t type) + { + isc_result_t result; + dns_adbfetch_t *fetch = NULL; +@@ -3867,12 +3891,14 @@ fetch_name(dns_adbname_t *adbname, + result = ISC_R_NOMEMORY; + goto cleanup; + } +- +- result = dns_resolver_createfetch(adb->view->resolver, &adbname->name, +- type, name, nameservers, NULL, +- options, adb->task, fetch_callback, +- adbname, &fetch->rdataset, NULL, +- &fetch->fetch); ++ fetch->depth = depth; ++ ++ result = dns_resolver_createfetch3(adb->view->resolver, &adbname->name, ++ type, name, nameservers, NULL, ++ NULL, 0, options, depth, adb->task, ++ fetch_callback, adbname, ++ &fetch->rdataset, NULL, ++ &fetch->fetch); + if (result != ISC_R_SUCCESS) + goto cleanup; + +diff --git a/lib/dns/include/dns/adb.h b/lib/dns/include/dns/adb.h +index 35350ff..7501f01 100644 +--- a/lib/dns/include/dns/adb.h ++++ b/lib/dns/include/dns/adb.h +@@ -118,6 +118,8 @@ struct dns_adbfind { + isc_result_t result_v6; /*%< RO: v6 result */ + ISC_LINK(dns_adbfind_t) publink; /*%< RW: client use */ + ++ isc_uint32_t qtotal; ++ + /* Private */ + isc_mutex_t lock; /* locks all below */ + in_port_t port; +@@ -334,6 +336,12 @@ dns_adb_createfind(dns_adb_t *adb, isc_task_t *task, isc_taskaction_t action, + dns_rdatatype_t qtype, unsigned int options, + isc_stdtime_t now, dns_name_t *target, + in_port_t port, dns_adbfind_t **find); ++isc_result_t ++dns_adb_createfind2(dns_adb_t *adb, isc_task_t *task, isc_taskaction_t action, ++ void *arg, dns_name_t *name, dns_name_t *qname, ++ dns_rdatatype_t qtype, unsigned int options, ++ isc_stdtime_t now, dns_name_t *target, in_port_t port, ++ unsigned int depth, dns_adbfind_t **find); + /*%< + * Main interface for clients. The adb will look up the name given in + * "name" and will build up a list of found addresses, and perhaps start +diff --git a/lib/dns/include/dns/resolver.h b/lib/dns/include/dns/resolver.h +index 4e20eb6..c256049 100644 +--- a/lib/dns/include/dns/resolver.h ++++ b/lib/dns/include/dns/resolver.h +@@ -82,6 +82,7 @@ typedef struct dns_fetchevent { + isc_sockaddr_t * client; + dns_messageid_t id; + isc_result_t vresult; ++ isc_uint32_t qtotal; + } dns_fetchevent_t; + + /* +@@ -275,6 +276,18 @@ dns_resolver_createfetch2(dns_resolver_t *res, dns_name_t *name, + dns_rdataset_t *rdataset, + dns_rdataset_t *sigrdataset, + dns_fetch_t **fetchp); ++isc_result_t ++dns_resolver_createfetch3(dns_resolver_t *res, dns_name_t *name, ++ dns_rdatatype_t type, ++ dns_name_t *domain, dns_rdataset_t *nameservers, ++ dns_forwarders_t *forwarders, ++ isc_sockaddr_t *client, isc_uint16_t id, ++ unsigned int options, unsigned int depth, ++ isc_task_t *task, ++ isc_taskaction_t action, void *arg, ++ dns_rdataset_t *rdataset, ++ dns_rdataset_t *sigrdataset, ++ dns_fetch_t **fetchp); + /*%< + * Recurse to answer a question. + * +@@ -576,6 +589,18 @@ dns_resolver_printbadcache(dns_resolver_t *resolver, FILE *fp); + * \li resolver to be valid. + */ + ++void ++dns_resolver_setmaxdepth(dns_resolver_t *resolver, unsigned int maxdepth); ++unsigned int ++dns_resolver_getmaxdepth(dns_resolver_t *resolver); ++/*% ++ * Get and set how many NS indirections will be followed when looking for ++ * nameserver addresses. ++ * ++ * Requires: ++ * \li resolver to be valid. ++ */ ++ + ISC_LANG_ENDDECLS + + #endif /* DNS_RESOLVER_H */ +diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c +index e517dad..6a635b2 100644 +--- a/lib/dns/resolver.c ++++ b/lib/dns/resolver.c +@@ -131,6 +131,16 @@ + #define MAXIMUM_QUERY_TIMEOUT 30 /* The maximum time in seconds for the whole query to live. */ + #endif + ++/* The default maximum number of recursions to follow before giving up. */ ++#ifndef DEFAULT_RECURSION_DEPTH ++#define DEFAULT_RECURSION_DEPTH 7 ++#endif ++ ++/* The default maximum number of iterative queries to allow before giving up. */ ++#ifndef DEFAULT_MAX_QUERIES ++#define DEFAULT_MAX_QUERIES 50 ++#endif ++ + /*% + * Maximum EDNS0 input packet size. + */ +@@ -297,6 +307,7 @@ struct fetchctx { + isc_uint64_t duration; + isc_boolean_t logged; + unsigned int querysent; ++ unsigned int totalqueries; + unsigned int referrals; + unsigned int lamecount; + unsigned int neterr; +@@ -307,6 +318,7 @@ struct fetchctx { + isc_boolean_t timeout; + dns_adbaddrinfo_t *addrinfo; + isc_sockaddr_t *client; ++ unsigned int depth; + }; + + #define FCTX_MAGIC ISC_MAGIC('F', '!', '!', '!') +@@ -419,6 +431,7 @@ struct dns_resolver { + isc_timer_t * spillattimer; + isc_boolean_t zero_no_soa_ttl; + unsigned int query_timeout; ++ unsigned int maxdepth; + + /* Locked by lock. */ + unsigned int references; +@@ -1097,6 +1110,7 @@ fctx_sendevents(fetchctx_t *fctx, isc_result_t result, int line) { + event->result == DNS_R_NCACHENXRRSET); + } + ++ event->qtotal = fctx->totalqueries; + isc_task_sendanddetach(&task, ISC_EVENT_PTR(&event)); + count++; + } +@@ -1537,7 +1551,9 @@ fctx_query(fetchctx_t *fctx, dns_adbaddrinfo_t *addrinfo, + if (result != ISC_R_SUCCESS) + goto cleanup_dispatch; + } ++ + fctx->querysent++; ++ fctx->totalqueries++; + + ISC_LIST_APPEND(fctx->queries, query, link); + query->fctx->nqueries++; +@@ -2194,9 +2210,10 @@ fctx_finddone(isc_task_t *task, isc_event_t *event) { + */ + INSIST(!SHUTTINGDOWN(fctx)); + fctx->attributes &= ~FCTX_ATTR_ADDRWAIT; +- if (event->ev_type == DNS_EVENT_ADBMOREADDRESSES) ++ if (event->ev_type == DNS_EVENT_ADBMOREADDRESSES) { + want_try = ISC_TRUE; +- else { ++ fctx->totalqueries += find->qtotal; ++ } else { + fctx->findfail++; + if (fctx->pending == 0) { + /* +@@ -2479,12 +2496,13 @@ findname(fetchctx_t *fctx, dns_name_t *name, in_port_t port, + * See what we know about this address. + */ + find = NULL; +- result = dns_adb_createfind(fctx->adb, +- res->buckets[fctx->bucketnum].task, +- fctx_finddone, fctx, name, +- &fctx->name, fctx->type, +- options, now, NULL, +- res->view->dstport, &find); ++ result = dns_adb_createfind2(fctx->adb, ++ res->buckets[fctx->bucketnum].task, ++ fctx_finddone, fctx, name, ++ &fctx->name, fctx->type, ++ options, now, NULL, ++ res->view->dstport, ++ fctx->depth + 1, &find); + if (result != ISC_R_SUCCESS) { + if (result == DNS_R_ALIAS) { + /* +@@ -2592,6 +2610,11 @@ fctx_getaddresses(fetchctx_t *fctx, isc_boolean_t badcache) { + + res = fctx->res; + ++ if (fctx->depth > res->maxdepth) { ++ FCTXTRACE("too much NS indirection"); ++ return (DNS_R_SERVFAIL); ++ } ++ + /* + * Forwarders. + */ +@@ -3030,6 +3053,9 @@ fctx_try(fetchctx_t *fctx, isc_boolean_t retrying, isc_boolean_t badcache) { + + REQUIRE(!ADDRWAIT(fctx)); + ++ if (fctx->totalqueries > DEFAULT_MAX_QUERIES) ++ fctx_done(fctx, DNS_R_SERVFAIL, __LINE__); ++ + addrinfo = fctx_nextaddress(fctx); + if (addrinfo == NULL) { + /* +@@ -3388,6 +3414,7 @@ fctx_start(isc_task_t *task, isc_event_t *event) { + * Normal fctx startup. + */ + fctx->state = fetchstate_active; ++ fctx->totalqueries = 0; + /* + * Reset the control event for later use in shutting down + * the fctx. +@@ -3457,6 +3484,7 @@ fctx_join(fetchctx_t *fctx, isc_task_t *task, isc_sockaddr_t *client, + event->fetch = fetch; + event->client = client; + event->id = id; ++ event->qtotal = 0; + dns_fixedname_init(&event->foundname); + + /* +@@ -3493,7 +3521,8 @@ log_ns_ttl(fetchctx_t *fctx, const char *where) { + static isc_result_t + fctx_create(dns_resolver_t *res, dns_name_t *name, dns_rdatatype_t type, + dns_name_t *domain, dns_rdataset_t *nameservers, +- unsigned int options, unsigned int bucketnum, fetchctx_t **fctxp) ++ unsigned int options, unsigned int bucketnum, unsigned int depth, ++ fetchctx_t **fctxp) + { + fetchctx_t *fctx; + isc_result_t result; +@@ -3545,6 +3574,7 @@ fctx_create(dns_resolver_t *res, dns_name_t *name, dns_rdatatype_t type, + fctx->state = fetchstate_init; + fctx->want_shutdown = ISC_FALSE; + fctx->cloned = ISC_FALSE; ++ fctx->depth = depth; + ISC_LIST_INIT(fctx->queries); + ISC_LIST_INIT(fctx->finds); + ISC_LIST_INIT(fctx->altfinds); +@@ -3563,6 +3593,7 @@ fctx_create(dns_resolver_t *res, dns_name_t *name, dns_rdatatype_t type, + fctx->pending = 0; + fctx->restarts = 0; + fctx->querysent = 0; ++ fctx->totalqueries = 0; + fctx->referrals = 0; + TIME_NOW(&fctx->start); + fctx->timeouts = 0; +@@ -7781,6 +7812,7 @@ dns_resolver_create(dns_view_t *view, + res->spillattimer = NULL; + res->zero_no_soa_ttl = ISC_FALSE; + res->query_timeout = DEFAULT_QUERY_TIMEOUT; ++ res->maxdepth = DEFAULT_RECURSION_DEPTH; + res->nbuckets = ntasks; + res->activebuckets = ntasks; + res->buckets = isc_mem_get(view->mctx, +@@ -8219,9 +8251,9 @@ dns_resolver_createfetch(dns_resolver_t *res, dns_name_t *name, + dns_rdataset_t *sigrdataset, + dns_fetch_t **fetchp) + { +- return (dns_resolver_createfetch2(res, name, type, domain, ++ return (dns_resolver_createfetch3(res, name, type, domain, + nameservers, forwarders, NULL, 0, +- options, task, action, arg, ++ options, 0, task, action, arg, + rdataset, sigrdataset, fetchp)); + } + +@@ -8237,6 +8269,25 @@ dns_resolver_createfetch2(dns_resolver_t *res, dns_name_t *name, + dns_rdataset_t *sigrdataset, + dns_fetch_t **fetchp) + { ++ return (dns_resolver_createfetch3(res, name, type, domain, ++ nameservers, forwarders, client, id, ++ options, 0, task, action, arg, ++ rdataset, sigrdataset, fetchp)); ++} ++ ++isc_result_t ++dns_resolver_createfetch3(dns_resolver_t *res, dns_name_t *name, ++ dns_rdatatype_t type, ++ dns_name_t *domain, dns_rdataset_t *nameservers, ++ dns_forwarders_t *forwarders, ++ isc_sockaddr_t *client, dns_messageid_t id, ++ unsigned int options, unsigned int depth, ++ isc_task_t *task, ++ isc_taskaction_t action, void *arg, ++ dns_rdataset_t *rdataset, ++ dns_rdataset_t *sigrdataset, ++ dns_fetch_t **fetchp) ++{ + dns_fetch_t *fetch; + fetchctx_t *fctx = NULL; + isc_result_t result = ISC_R_SUCCESS; +@@ -8325,11 +8376,12 @@ dns_resolver_createfetch2(dns_resolver_t *res, dns_name_t *name, + + if (fctx == NULL) { + result = fctx_create(res, name, type, domain, nameservers, +- options, bucketnum, &fctx); ++ options, bucketnum, depth, &fctx); + if (result != ISC_R_SUCCESS) + goto unlock; + new_fctx = ISC_TRUE; +- } ++ } else if (fctx->depth > depth) ++ fctx->depth = depth; + + result = fctx_join(fctx, task, client, id, action, arg, + rdataset, sigrdataset, fetch); +@@ -9101,3 +9153,15 @@ dns_resolver_settimeout(dns_resolver_t *resolver, unsigned int seconds) { + + resolver->query_timeout = seconds; + } ++ ++void ++dns_resolver_setmaxdepth(dns_resolver_t *resolver, unsigned int maxdepth) { ++ REQUIRE(VALID_RESOLVER(resolver)); ++ resolver->maxdepth = maxdepth; ++} ++ ++unsigned int ++dns_resolver_getmaxdepth(dns_resolver_t *resolver) { ++ REQUIRE(VALID_RESOLVER(resolver)); ++ return (resolver->maxdepth); ++} +diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c +index bfd4bab..5f8b037 100644 +--- a/lib/isccfg/namedconf.c ++++ b/lib/isccfg/namedconf.c +@@ -1393,6 +1393,7 @@ view_clauses[] = { + { "max-cache-ttl", &cfg_type_uint32, 0 }, + { "max-clients-per-query", &cfg_type_uint32, 0 }, + { "max-ncache-ttl", &cfg_type_uint32, 0 }, ++ { "max-recursion-depth", &cfg_type_uint32, 0 }, + { "max-udp-size", &cfg_type_uint32, 0 }, + { "min-roots", &cfg_type_uint32, CFG_CLAUSEFLAG_NOTIMP }, + { "minimal-responses", &cfg_type_boolean, 0 }, +-- +1.9.1 + diff --git a/meta/recipes-connectivity/bind/bind/conf.patch b/meta/recipes-connectivity/bind/bind/conf.patch index 2785c6a22f..aad345f9fc 100644 --- a/meta/recipes-connectivity/bind/bind/conf.patch +++ b/meta/recipes-connectivity/bind/bind/conf.patch @@ -55,6 +55,22 @@ diff -urN bind-9.3.1.orig/conf/db.empty bind-9.3.1/conf/db.empty + 86400 ) ; Negative Cache TTL +; +@ IN NS localhost. +diff -urN bind-9.3.1.orig/conf/db.255 bind-9.3.1/conf/db.255 +--- bind-9.3.1.orig/conf/db.255 1970-01-01 01:00:00.000000000 +0100 ++++ bind-9.3.1/conf/db.255 2005-07-10 22:14:00.000000000 +0200 +@@ -0,0 +1,12 @@ ++; ++; BIND reserve data file for broadcast zone ++; ++$TTL 604800 ++@ IN SOA localhost. root.localhost. ( ++ 1 ; Serial ++ 604800 ; Refresh ++ 86400 ; Retry ++ 2419200 ; Expire ++ 604800 ) ; Negative Cache TTL ++; ++@ IN NS localhost. diff -urN bind-9.3.1.orig/conf/db.local bind-9.3.1/conf/db.local --- bind-9.3.1.orig/conf/db.local 1970-01-01 01:00:00.000000000 +0100 +++ bind-9.3.1/conf/db.local 2005-07-10 22:14:00.000000000 +0200 @@ -261,7 +277,7 @@ diff -urN bind-9.3.1.orig/init.d bind-9.3.1/init.d + modprobe capability >/dev/null 2>&1 || true + if [ ! -f /etc/bind/rndc.key ]; then + /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom -+ chown 0640 /etc/bind/rndc.key ++ chmod 0640 /etc/bind/rndc.key + fi + if [ -f /var/run/named/named.pid ]; then + ps `cat /var/run/named/named.pid` > /dev/null && exit 1 diff --git a/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh b/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh index c2e88bf127..db201270fa 100644 --- a/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh +++ b/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh @@ -3,5 +3,5 @@ if [ ! -s /etc/bind/rndc.key ]; then echo -n "Generating /etc/bind/rndc.key:" /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom - chown 0640 /etc/bind/rndc.key + chmod 0640 /etc/bind/rndc.key fi diff --git a/meta/recipes-connectivity/bind/bind_9.9.5.bb b/meta/recipes-connectivity/bind/bind_9.9.5.bb index 635d27732b..eacb23ffb8 100644 --- a/meta/recipes-connectivity/bind/bind_9.9.5.bb +++ b/meta/recipes-connectivity/bind/bind_9.9.5.bb @@ -17,6 +17,8 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ file://named.service \ file://bind9 \ file://init.d-add-support-for-read-only-rootfs.patch \ + file://bind9_9_5-CVE-2014-8500.patch \ + file://bind-add-crosscripts-search-path-for-xml2-config.patch \ " SRC_URI[md5sum] = "e676c65cad5234617ee22f48e328c24e" @@ -28,10 +30,14 @@ EXTRA_OECONF = " ${ENABLE_IPV6} --with-randomdev=/dev/random --disable-threads \ --disable-devpoll --disable-epoll --with-gost=no \ --with-gssapi=no --with-ecdsa=yes \ --sysconfdir=${sysconfdir}/bind \ - --with-openssl=${STAGING_LIBDIR}/.. --with-libxml2=${STAGING_LIBDIR}/.. \ + --with-openssl=${STAGING_LIBDIR}/.. \ --enable-exportlib --with-export-includedir=${includedir} --with-export-libdir=${libdir} \ " -inherit autotools-brokensep update-rc.d systemd useradd +inherit autotools-brokensep update-rc.d systemd useradd pkgconfig + +PACKAGECONFIG ?= "libxml2" + +PACKAGECONFIG[libxml2] = "--with-libxml2=${STAGING_LIBDIR}/..,--with-libxml2=no,libxml2" USERADD_PACKAGES = "${PN}" USERADD_PARAM_${PN} = "--system --home /var/cache/bind --no-create-home \ diff --git a/meta/recipes-connectivity/bluez/gst-plugin-bluetooth_4.101.bb b/meta/recipes-connectivity/bluez/gst-plugin-bluetooth_4.101.bb index f2dc0da06c..c71d61253a 100644 --- a/meta/recipes-connectivity/bluez/gst-plugin-bluetooth_4.101.bb +++ b/meta/recipes-connectivity/bluez/gst-plugin-bluetooth_4.101.bb @@ -25,6 +25,7 @@ do_install_append() { rm -rf ${D}${libdir}/alsa-lib rm -rf ${D}${datadir} rm -rf ${D}${includedir} + rm -rf ${D}${nonarch_base_libdir} } FILES_${PN} = "${libdir}/gstreamer-0.10/lib*.so" diff --git a/meta/recipes-connectivity/bluez5/bluez5.inc b/meta/recipes-connectivity/bluez5/bluez5.inc index b385a916ef..67aafbbd6f 100644 --- a/meta/recipes-connectivity/bluez5/bluez5.inc +++ b/meta/recipes-connectivity/bluez5/bluez5.inc @@ -14,6 +14,7 @@ RCONFLICTS_${PN} = "bluez4" PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'alsa', 'alsa', '', d)} obex-profiles" PACKAGECONFIG[obex-profiles] = "--enable-obex,--disable-obex,libical" +PACKAGECONFIG[experimental] = "--enable-experimental,--disable-experimental," SRC_URI = "\ ${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \ @@ -28,10 +29,19 @@ EXTRA_OECONF = "\ --disable-cups \ --enable-test \ --enable-datafiles \ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--with-systemdunitdir=${systemd_unitdir}/system/', '--disable-systemd', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--enable-systemd', '--disable-systemd', d)} \ --enable-library \ " +# bluez5 builds a large number of useful utilities but does not +# install them. Specify which ones we want put into ${PN}-noinst-tools. +NOINST_TOOLS_READLINE ??= "" +NOINST_TOOLS_EXPERIMENTAL ??= "" +NOINST_TOOLS = " \ + ${NOINST_TOOLS_READLINE} \ + ${@bb.utils.contains('PACKAGECONFIG', 'experimental', '${NOINST_TOOLS_EXPERIMENTAL}', '', d)} \ +" + do_install_append() { install -d ${D}${sysconfdir}/bluetooth/ if [ -f ${S}/profiles/audio/audio.conf ]; then @@ -45,10 +55,15 @@ do_install_append() { fi # at_console doesn't really work with the current state of OE, so punch some more holes so people can actually use BT install -m 0644 ${WORKDIR}/bluetooth.conf ${D}/${sysconfdir}/dbus-1/system.d/ + + # Install desired tools that upstream leaves in build area + for f in ${NOINST_TOOLS} ; do + install -m 755 ${B}/$f ${D}/${bindir} + done } ALLOW_EMPTY_libasound-module-bluez = "1" -PACKAGES =+ "libasound-module-bluez ${PN}-testtools ${PN}-obex" +PACKAGES =+ "libasound-module-bluez ${PN}-testtools ${PN}-obex ${PN}-noinst-tools" FILES_libasound-module-bluez = "${libdir}/alsa-lib/lib*.so ${datadir}/alsa" FILES_${PN} += "${libdir}/bluetooth/plugins ${libdir}/bluetooth/plugins/*.so ${base_libdir}/udev/ ${nonarch_base_libdir}/udev/ ${systemd_unitdir}/ ${datadir}/dbus-1" @@ -65,6 +80,16 @@ SYSTEMD_SERVICE_${PN}-obex = "obex.service" FILES_${PN}-testtools = "${libdir}/bluez/test/*" +def get_noinst_tools_paths (d, bb, tools): + s = list() + bindir = d.getVar("bindir", True) + for bdp in tools.split(): + f = os.path.basename(bdp) + s.append("%s/%s" % (bindir, f)) + return "\n".join(s) + +FILES_${PN}-noinst-tools = "${@get_noinst_tools_paths(d, bb, d.getVar('NOINST_TOOLS', True))}" + FILES_${PN}-dbg += "\ ${libdir}/${BPN}/bluetooth/.debug \ ${libdir}/bluetooth/plugins/.debug \ diff --git a/meta/recipes-connectivity/bluez5/bluez5_5.22.bb b/meta/recipes-connectivity/bluez5/bluez5_5.22.bb deleted file mode 100644 index 04116ed9d0..0000000000 --- a/meta/recipes-connectivity/bluez5/bluez5_5.22.bb +++ /dev/null @@ -1,3 +0,0 @@ -require bluez5.inc -SRC_URI[md5sum] = "fd0783c8bc524bc9b26514aad1f85814" -SRC_URI[sha256sum] = "e8b866515a18116c7048a55081be9238a51447c9448ed20997b0432b13ba0882" diff --git a/meta/recipes-connectivity/bluez5/bluez5_5.28.bb b/meta/recipes-connectivity/bluez5/bluez5_5.28.bb new file mode 100644 index 0000000000..e816998b63 --- /dev/null +++ b/meta/recipes-connectivity/bluez5/bluez5_5.28.bb @@ -0,0 +1,52 @@ +require bluez5.inc +SRC_URI[md5sum] = "bc20a8285530758c68f6a60e4ca62a15" +SRC_URI[sha256sum] = "85bab48f4b47a158739028682c1e09cf30099c8ea9dfe63360055f8e06fc18a9" + +# noinst programs in Makefile.tools that are conditional on READLINE +# support +NOINST_TOOLS_READLINE ?= " \ + attrib/gatttool \ + tools/obex-client-tool \ + tools/obex-server-tool \ + tools/bluetooth-player \ + tools/obexctl \ +" + +# noinst programs in Makefile.tools that are conditional on EXPERIMENTAL +# support +NOINST_TOOLS_EXPERIMENTAL ?= " \ + emulator/btvirt \ + emulator/b1ee \ + emulator/hfp \ + tools/3dsp \ + tools/mgmt-tester \ + tools/gap-tester \ + tools/l2cap-tester \ + tools/sco-tester \ + tools/smp-tester \ + tools/hci-tester \ + tools/rfcomm-tester \ + tools/bdaddr \ + tools/avinfo \ + tools/avtest \ + tools/scotest \ + tools/amptest \ + tools/hwdb \ + tools/hcieventmask \ + tools/hcisecfilter \ + tools/btmgmt \ + tools/btinfo \ + tools/btattach \ + tools/btsnoop \ + tools/btproxy \ + tools/btiotest \ + tools/mcaptest \ + tools/cltest \ + tools/oobtest \ + tools/seq2bseq \ + tools/ibeacon \ + tools/btgatt-client \ + tools/btgatt-server \ + tools/gatt-service \ + profiles/iap/iapd \ +" diff --git a/meta/recipes-connectivity/connman/connman-conf.bb b/meta/recipes-connectivity/connman/connman-conf.bb index af726401e2..2358d9df09 100644 --- a/meta/recipes-connectivity/connman/connman-conf.bb +++ b/meta/recipes-connectivity/connman/connman-conf.bb @@ -9,6 +9,8 @@ SRC_URI_append_qemuall = "file://wired.config \ " PR = "r2" +S = "${WORKDIR}" + PACKAGE_ARCH = "${MACHINE_ARCH}" FILES_${PN} = "${localstatedir}/* ${libdir}/*" diff --git a/meta/recipes-connectivity/connman/connman-gnome/connman-gnome-fix-dbus-interface-name.patch b/meta/recipes-connectivity/connman/connman-gnome/connman-gnome-fix-dbus-interface-name.patch index 0be516f054..f4049fa3e2 100644 --- a/meta/recipes-connectivity/connman/connman-gnome/connman-gnome-fix-dbus-interface-name.patch +++ b/meta/recipes-connectivity/connman/connman-gnome/connman-gnome-fix-dbus-interface-name.patch @@ -21,110 +21,110 @@ index c55e25c..9d818b2 100644 --- a/common/connman-client.c +++ b/common/connman-client.c @@ -289,7 +289,7 @@ gboolean connman_client_set_ipv4(ConnmanClient *client, const gchar *device, - - g_value_init(&value, DBUS_TYPE_G_DICTIONARY); - g_value_set_boxed(&value, ipv4); + + g_value_init(&value, DBUS_TYPE_G_DICTIONARY); + g_value_set_boxed(&value, ipv4); - ret = connman_set_property(proxy, "IPv4.Configuration", &value, NULL); + ret = net_connman_set_property(proxy, "IPv4.Configuration", &value, NULL); - - g_object_unref(proxy); - + + g_object_unref(proxy); + @@ -317,7 +317,7 @@ void connman_client_set_powered(ConnmanClient *client, const gchar *device, - g_value_set_boolean(&value, powered); - - error = NULL; + g_value_set_boolean(&value, powered); + + error = NULL; - connman_set_property(proxy, "Powered", &value, &error); + net_connman_set_property(proxy, "Powered", &value, &error); - if( error ) - fprintf (stderr, "error: %s\n", error->message); - + if( error ) + fprintf (stderr, "error: %s\n", error->message); + @@ -325,7 +325,7 @@ void connman_client_set_powered(ConnmanClient *client, const gchar *device, } - + void connman_client_scan(ConnmanClient *client, const gchar *device, - connman_scan_reply callback, gpointer user_data) + net_connman_scan_reply callback, gpointer user_data) { - ConnmanClientPrivate *priv = CONNMAN_CLIENT_GET_PRIVATE(client); - DBusGProxy *proxy; + ConnmanClientPrivate *priv = CONNMAN_CLIENT_GET_PRIVATE(client); + DBusGProxy *proxy; @@ -339,7 +339,7 @@ void connman_client_scan(ConnmanClient *client, const gchar *device, - if (proxy == NULL) - return; - + if (proxy == NULL) + return; + - connman_scan_async(proxy, callback, user_data); + net_connman_scan_async(proxy, callback, user_data); - - g_object_unref(proxy); + + g_object_unref(proxy); } @@ -353,7 +353,7 @@ gboolean connman_client_get_offline_status(ConnmanClient *client) - - DBG("client %p", client); - + + DBG("client %p", client); + - ret = connman_get_properties(priv->manager, &hash, NULL); + ret = net_connman_get_properties(priv->manager, &hash, NULL); - - if (ret == FALSE) - goto done; + + if (ret == FALSE) + goto done; @@ -375,7 +375,7 @@ void connman_client_set_offlinemode(ConnmanClient *client, gboolean status) - g_value_init(&value, G_TYPE_BOOLEAN); - g_value_set_boolean(&value, status); - + g_value_init(&value, G_TYPE_BOOLEAN); + g_value_set_boolean(&value, status); + - connman_set_property(priv->manager, "OfflineMode", &value, NULL); + net_connman_set_property(priv->manager, "OfflineMode", &value, NULL); } - + static gboolean network_disconnect(GtkTreeModel *model, GtkTreePath *path, @@ -398,7 +398,7 @@ static gboolean network_disconnect(GtkTreeModel *model, GtkTreePath *path, - return TRUE; - - if (type == CONNMAN_TYPE_WIFI) + return TRUE; + + if (type == CONNMAN_TYPE_WIFI) - connman_disconnect(proxy, NULL); + net_connman_disconnect(proxy, NULL); - - g_object_unref(proxy); - + + g_object_unref(proxy); + @@ -422,13 +422,13 @@ void connman_client_connect(ConnmanClient *client, const gchar *network) - if (proxy == NULL) - return; - + if (proxy == NULL) + return; + - connman_connect(proxy, NULL); + net_connman_connect(proxy, NULL); - - g_object_unref(proxy); + + g_object_unref(proxy); } - + void connman_client_connect_async(ConnmanClient *client, const gchar *network, - connman_connect_reply callback, gpointer userdata) + net_connman_connect_reply callback, gpointer userdata) { - ConnmanClientPrivate *priv = CONNMAN_CLIENT_GET_PRIVATE(client); - DBusGProxy *proxy; + ConnmanClientPrivate *priv = CONNMAN_CLIENT_GET_PRIVATE(client); + DBusGProxy *proxy; @@ -446,7 +446,7 @@ void connman_client_connect_async(ConnmanClient *client, const gchar *network, - if (proxy == NULL) - goto done; - + if (proxy == NULL) + goto done; + - connman_connect_async(proxy, callback, userdata); + net_connman_connect_async(proxy, callback, userdata); - + done: - return; + return; @@ -476,7 +476,7 @@ void connman_client_disconnect(ConnmanClient *client, const gchar *network) - if (proxy == NULL) - return; - + if (proxy == NULL) + return; + - connman_disconnect(proxy, NULL); + net_connman_disconnect(proxy, NULL); - - g_object_unref(proxy); + + g_object_unref(proxy); } @@ -532,7 +532,7 @@ void connman_client_remove(ConnmanClient *client, const gchar *network) - if (proxy == NULL) - return; - + if (proxy == NULL) + return; + - connman_remove(proxy, NULL); + net_connman_remove(proxy, NULL); - - g_object_unref(proxy); + + g_object_unref(proxy); } diff --git a/common/connman-client.h b/common/connman-client.h index 9e2e6d5..98241de 100644 @@ -132,11 +132,11 @@ index 9e2e6d5..98241de 100644 +++ b/common/connman-client.h @@ -70,13 +70,13 @@ void connman_client_set_powered(ConnmanClient *client, const gchar *device, gboolean connman_client_set_ipv4(ConnmanClient *client, const gchar *device, - struct ipv4_config *ipv4_config); + struct ipv4_config *ipv4_config); void connman_client_scan(ConnmanClient *client, const gchar *device, - connman_scan_reply callback, gpointer user_data); + net_connman_scan_reply callback, gpointer user_data); - + void connman_client_connect(ConnmanClient *client, const gchar *network); void connman_client_disconnect(ConnmanClient *client, const gchar *network); gchar *connman_client_get_security(ConnmanClient *client, const gchar *network); @@ -144,30 +144,30 @@ index 9e2e6d5..98241de 100644 - connman_connect_reply callback, gpointer userdata); + net_connman_connect_reply callback, gpointer userdata); void connman_client_set_remember(ConnmanClient *client, const gchar *network, - gboolean remember); - + gboolean remember); + diff --git a/common/connman-dbus.c b/common/connman-dbus.c index b82b3e1..543eb43 100644 --- a/common/connman-dbus.c +++ b/common/connman-dbus.c @@ -655,15 +655,15 @@ DBusGProxy *connman_dbus_create_manager(DBusGConnection *conn, - - DBG("getting manager properties"); - + + DBG("getting manager properties"); + - connman_get_properties_async(proxy, manager_properties, store); + net_connman_get_properties_async(proxy, manager_properties, store); - - DBG("getting technologies"); - + + DBG("getting technologies"); + - connman_get_technologies_async(proxy, manager_technologies, store); + net_connman_get_technologies_async(proxy, manager_technologies, store); - - DBG("getting services"); - + + DBG("getting services"); + - connman_get_services_async(proxy, manager_services, store); + net_connman_get_services_async(proxy, manager_services, store); - - return proxy; + + return proxy; } diff --git a/common/connman-dbus.xml b/common/connman-dbus.xml index 56b9582..0199d52 100644 @@ -175,12 +175,13 @@ index 56b9582..0199d52 100644 +++ b/common/connman-dbus.xml @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8" ?> - + <node name="/"> - <interface name="connman"> + <interface name="net.connman"> <method name="GetProperties"> <arg type="a{sv}" direction="out"/> </method> --- +-- 1.9.1 + diff --git a/meta/recipes-connectivity/connman/connman.inc b/meta/recipes-connectivity/connman/connman.inc index f121a81f1e..736b324704 100644 --- a/meta/recipes-connectivity/connman/connman.inc +++ b/meta/recipes-connectivity/connman/connman.inc @@ -27,10 +27,10 @@ EXTRA_OECONF += "\ --enable-test \ --disable-polkit \ --enable-client \ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--with-systemdunitdir=${systemd_unitdir}/system/', '--with-systemdunitdir=', d)} \ " PACKAGECONFIG ??= "wispr \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd','systemd', '', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'wifi','wifi', '', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth','bluetooth', '', d)} \ ${@bb.utils.contains('DISTRO_FEATURES', '3g','3g', '', d)} \ @@ -40,6 +40,7 @@ PACKAGECONFIG ??= "wispr \ # local.conf or distro config # PACKAGECONFIG_append_pn-connman = " openvpn vpnc l2tp pptp" +PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/,--with-systemdunitdir=" PACKAGECONFIG[wifi] = "--enable-wifi, --disable-wifi, wpa-supplicant" PACKAGECONFIG[bluetooth] = "--enable-bluetooth, --disable-bluetooth, bluez4" PACKAGECONFIG[3g] = "--enable-ofono, --disable-ofono, ofono" @@ -66,18 +67,18 @@ SYSTEMD_SERVICE_${PN} = "connman.service" SYSTEMD_SERVICE_${PN}-vpn = "connman-vpn.service" SYSTEMD_WIRED_SETUP = "ExecStartPre=-${libdir}/connman/wired-setup" -inherit autotools-brokensep pkgconfig systemd update-rc.d +inherit autotools pkgconfig systemd update-rc.d do_configure_append () { - sed -i "s#ExecStart=#${SYSTEMD_WIRED_SETUP}\nExecStart=#" ${S}/src/connman.service + sed -i "s#ExecStart=#${SYSTEMD_WIRED_SETUP}\nExecStart=#" ${B}/src/connman.service } # This allows *everyone* to access ConnMan over DBus, without any access # control. Really the at_console flag should work, which would mean that # both this and the xuser patch can be dropped. do_compile_append() { - sed -i -e s:deny:allow:g src/connman-dbus.conf - sed -i -e s:deny:allow:g vpn/vpn-dbus.conf + sed -i -e s:deny:allow:g ${S}/src/connman-dbus.conf + sed -i -e s:deny:allow:g ${S}/vpn/vpn-dbus.conf } do_install_append() { @@ -88,9 +89,9 @@ do_install_append() { fi install -d ${D}${bindir} - install -m 0755 ${S}/tools/*-test ${D}${bindir} - if [ -e ${S}/tools/wispr ]; then - install -m 0755 ${S}/tools/wispr ${D}${bindir} + install -m 0755 ${B}/tools/*-test ${D}${bindir} + if [ -e ${B}/tools/wispr ]; then + install -m 0755 ${B}/tools/wispr ${D}${bindir} fi install -m 0755 ${B}/client/connmanctl ${D}${bindir} diff --git a/meta/recipes-connectivity/connman/connman_1.25.bb b/meta/recipes-connectivity/connman/connman_1.28.bb index 1758c95ee1..53e71fa000 100644 --- a/meta/recipes-connectivity/connman/connman_1.25.bb +++ b/meta/recipes-connectivity/connman/connman_1.28.bb @@ -5,7 +5,8 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ file://add_xuser_dbus_permission.patch \ file://connman \ " -SRC_URI[md5sum] = "a449d2e49871494506e48765747e6624" -SRC_URI[sha256sum] = "c1d266d6be18d2f66231f3537a7ed17b57637ca43c27328bc13c508cbeacce6e" +SRC_URI[md5sum] = "6e07c93877f80bb73c9d4dbfc697f3fc" +SRC_URI[sha256sum] = "b1d5e7dd2652725906e220a8b0206477e97080e835272971e3b2fd10943c5c94" RRECOMMENDS_${PN} = "connman-conf" + diff --git a/meta/recipes-connectivity/dhcp/dhcp.inc b/meta/recipes-connectivity/dhcp/dhcp.inc index 4949e0201e..6ced77500a 100644 --- a/meta/recipes-connectivity/dhcp/dhcp.inc +++ b/meta/recipes-connectivity/dhcp/dhcp.inc @@ -13,7 +13,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;beginline=4;md5=c5c64d696107f84b56fe337d14da1 DEPENDS = "openssl bind" SRC_URI = "ftp://ftp.isc.org/isc/dhcp/${PV}/dhcp-${PV}.tar.gz \ - file://site.h \ + file://define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch \ file://init-relay file://default-relay \ file://init-server file://default-server \ file://dhclient.conf file://dhcpd.conf \ @@ -36,10 +36,6 @@ EXTRA_OECONF = "--with-srv-lease-file=${localstatedir}/lib/dhcp/dhcpd.leases \ --with-libbind=${STAGING_LIBDIR}/ \ " -do_compile_prepend () { - cp -f ${WORKDIR}/site.h ${S}/includes -} - do_install_append () { install -d ${D}${sysconfdir}/init.d install -d ${D}${sysconfdir}/default diff --git a/meta/recipes-connectivity/dhcp/dhcp/define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch b/meta/recipes-connectivity/dhcp/dhcp/define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch new file mode 100644 index 0000000000..12d3c9bdbd --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch @@ -0,0 +1,26 @@ +define macro _PATH_DHCPD_CONF and _PATH_DHCLIENT_CONF + +Upstream-Status: inappropriate <oe specific> + +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + includes/site.h | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/includes/site.h b/includes/site.h +index d87b309..17bc40d 100644 +--- a/includes/site.h ++++ b/includes/site.h +@@ -139,7 +139,8 @@ + /* Define this if you want the dhcpd.conf file to go somewhere other than + the default location. By default, it goes in /etc/dhcpd.conf. */ + +-/* #define _PATH_DHCPD_CONF "/etc/dhcpd.conf" */ ++#define _PATH_DHCPD_CONF "/etc/dhcp/dhcpd.conf" ++#define _PATH_DHCLIENT_CONF "/etc/dhcp/dhclient.conf" + + /* Network API definitions. You do not need to choose one of these - if + you don't choose, one will be chosen for you in your system's config +-- +1.9.1 + diff --git a/meta/recipes-connectivity/dhcp/dhcp/dhcp-xen-checksum.patch b/meta/recipes-connectivity/dhcp/dhcp/dhcp-xen-checksum.patch new file mode 100644 index 0000000000..62c279db12 --- /dev/null +++ b/meta/recipes-connectivity/dhcp/dhcp/dhcp-xen-checksum.patch @@ -0,0 +1,307 @@ +dhcp-client: Ignore partial checksums + +dhclient will fail to get an IP address if run inside a guest when traffic is +flowing over a virtual network interface. The user will see the error +message: + + 5 bad udp checksums in 5 packets + No DHCPOFFERS received. + Unable to obtain a lease on first try. Exiting. + Failed to bring up eth0. + +This is because Linux only uses partial checksums for packets that go over +virtual network interfaces and dhclient does not like this. + + See linux kernel commit 78ea85f17b15390e30d8b47488ec7b6cf0790663 + ("net: skbuff: improve comment on checksumming") + +An application can detect this behaviour by checking for the +TP_STATUS_CSUMNOTREADY flag in the tp_status field. + + See linux kernel commit 8dc4194474159660d7f37c495e3fc3f10d0db8cc + ("Add optional checksum computation for recvmsg") + +An extra parameter is added to decode_udp_ip_header() in dhclient to indicate +whether or not dhclient should ignore partial checksums. This is used +when the TP_STATUS_CSUMNOTREADY bit is set by the guest kernel. + +This fix has been included in Fedora and Ubuntu, however it has not yet been +accepted by ISC upstream. Likely because it is specific to behaviour in Linux +and other UNIX variants do not seem to be affected. + +The patch was imported from the dhcp source RPM in Fedora 21 + (http://pkgs.fedoraproject.org/cgit/dhcp.git/tree/dhcp-xen-checksum.patch?h=f21) + +Originally contributed to fedora-cvs-commit by David Cantrell on Jan 30 2007 + (https://www.redhat.com/archives/fedora-cvs-commits/2007-January/msg01442.html) + +Submitted to dhcp-bugs@isc.org - [ISC-Bugs #22806] - by Michael S. Tsirkin + (http://comments.gmane.org/gmane.comp.emulators.kvm.devel/65236) + (https://lists.isc.org/pipermail/dhcp-hackers/2010-April/001835.html) + +Upstream-Status: Submitted [dhcp-bugs@isc.org] +Signed-off-by: Rob Woolley <rob.woolley@windriver.com> +-- + common/bpf.c | 2 - + common/dlpi.c | 2 - + common/lpf.c | 83 +++++++++++++++++++++++++++++++++++++++++-------------- + common/nit.c | 2 - + common/packet.c | 4 +- + common/upf.c | 2 - + includes/dhcpd.h | 2 - + 7 files changed, 70 insertions(+), 27 deletions(-) + +diff --git a/common/bpf.c b/common/bpf.c +--- a/common/bpf.c ++++ b/common/bpf.c +@@ -481,7 +481,7 @@ ssize_t receive_packet (interface, buf, + /* Decode the IP and UDP headers... */ + offset = decode_udp_ip_header(interface, interface->rbuf, + interface->rbuf_offset, +- from, hdr.bh_caplen, &paylen); ++ from, hdr.bh_caplen, &paylen, 0); + + /* If the IP or UDP checksum was bad, skip the packet... */ + if (offset < 0) { +diff --git a/common/dlpi.c b/common/dlpi.c +--- a/common/dlpi.c ++++ b/common/dlpi.c +@@ -691,7 +691,7 @@ ssize_t receive_packet (interface, buf, + length -= offset; + #endif + offset = decode_udp_ip_header (interface, dbuf, bufix, +- from, length, &paylen); ++ from, length, &paylen, 0); + + /* + * If the IP or UDP checksum was bad, skip the packet... +diff --git a/common/lpf.c b/common/lpf.c +--- a/common/lpf.c ++++ b/common/lpf.c +@@ -29,14 +29,15 @@ + + #include "dhcpd.h" + #if defined (USE_LPF_SEND) || defined (USE_LPF_RECEIVE) ++#include <sys/socket.h> + #include <sys/uio.h> + #include <errno.h> + + #include <asm/types.h> + #include <linux/filter.h> + #include <linux/if_ether.h> ++#include <linux/if_packet.h> + #include <netinet/in_systm.h> +-#include <net/if_packet.h> + #include "includes/netinet/ip.h" + #include "includes/netinet/udp.h" + #include "includes/netinet/if_ether.h" +@@ -51,6 +52,19 @@ + /* Reinitializes the specified interface after an address change. This + is not required for packet-filter APIs. */ + ++#ifndef PACKET_AUXDATA ++#define PACKET_AUXDATA 8 ++ ++struct tpacket_auxdata ++{ ++ __u32 tp_status; ++ __u32 tp_len; ++ __u32 tp_snaplen; ++ __u16 tp_mac; ++ __u16 tp_net; ++}; ++#endif ++ + #ifdef USE_LPF_SEND + void if_reinitialize_send (info) + struct interface_info *info; +@@ -73,10 +87,14 @@ int if_register_lpf (info) + struct interface_info *info; + { + int sock; +- struct sockaddr sa; ++ union { ++ struct sockaddr_ll ll; ++ struct sockaddr common; ++ } sa; ++ struct ifreq ifr; + + /* Make an LPF socket. */ +- if ((sock = socket(PF_PACKET, SOCK_PACKET, ++ if ((sock = socket(PF_PACKET, SOCK_RAW, + htons((short)ETH_P_ALL))) < 0) { + if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT || + errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT || +@@ -91,11 +109,17 @@ int if_register_lpf (info) + log_fatal ("Open a socket for LPF: %m"); + } + ++ memset (&ifr, 0, sizeof ifr); ++ strncpy (ifr.ifr_name, (const char *)info -> ifp, sizeof ifr.ifr_name); ++ ifr.ifr_name[IFNAMSIZ-1] = '\0'; ++ if (ioctl (sock, SIOCGIFINDEX, &ifr)) ++ log_fatal ("Failed to get interface index: %m"); ++ + /* Bind to the interface name */ + memset (&sa, 0, sizeof sa); +- sa.sa_family = AF_PACKET; +- strncpy (sa.sa_data, (const char *)info -> ifp, sizeof sa.sa_data); +- if (bind (sock, &sa, sizeof sa)) { ++ sa.ll.sll_family = AF_PACKET; ++ sa.ll.sll_ifindex = ifr.ifr_ifindex; ++ if (bind (sock, &sa.common, sizeof sa)) { + if (errno == ENOPROTOOPT || errno == EPROTONOSUPPORT || + errno == ESOCKTNOSUPPORT || errno == EPFNOSUPPORT || + errno == EAFNOSUPPORT || errno == EINVAL) { +@@ -177,9 +201,18 @@ static void lpf_gen_filter_setup (struct + void if_register_receive (info) + struct interface_info *info; + { ++ int val; ++ + /* Open a LPF device and hang it on this interface... */ + info -> rfdesc = if_register_lpf (info); + ++ val = 1; ++ if (setsockopt (info -> rfdesc, SOL_PACKET, PACKET_AUXDATA, &val, ++ sizeof val) < 0) { ++ if (errno != ENOPROTOOPT) ++ log_fatal ("Failed to set auxiliary packet data: %m"); ++ } ++ + #if defined (HAVE_TR_SUPPORT) + if (info -> hw_address.hbuf [0] == HTYPE_IEEE802) + lpf_tr_filter_setup (info); +@@ -301,7 +334,6 @@ ssize_t send_packet (interface, packet, + double hh [16]; + double ih [1536 / sizeof (double)]; + unsigned char *buf = (unsigned char *)ih; +- struct sockaddr_pkt sa; + int result; + int fudge; + +@@ -322,17 +354,7 @@ ssize_t send_packet (interface, packet, + (unsigned char *)raw, len); + memcpy (buf + ibufp, raw, len); + +- /* For some reason, SOCK_PACKET sockets can't be connected, +- so we have to do a sentdo every time. */ +- memset (&sa, 0, sizeof sa); +- sa.spkt_family = AF_PACKET; +- strncpy ((char *)sa.spkt_device, +- (const char *)interface -> ifp, sizeof sa.spkt_device); +- sa.spkt_protocol = htons(ETH_P_IP); +- +- result = sendto (interface -> wfdesc, +- buf + fudge, ibufp + len - fudge, 0, +- (const struct sockaddr *)&sa, sizeof sa); ++ result = write (interface -> wfdesc, buf + fudge, ibufp + len - fudge); + if (result < 0) + log_error ("send_packet: %m"); + return result; +@@ -349,14 +371,35 @@ ssize_t receive_packet (interface, buf, + { + int length = 0; + int offset = 0; ++ int nocsum = 0; + unsigned char ibuf [1536]; + unsigned bufix = 0; + unsigned paylen; ++ unsigned char cmsgbuf[CMSG_LEN(sizeof(struct tpacket_auxdata))]; ++ struct iovec iov = { ++ .iov_base = ibuf, ++ .iov_len = sizeof ibuf, ++ }; ++ struct msghdr msg = { ++ .msg_iov = &iov, ++ .msg_iovlen = 1, ++ .msg_control = cmsgbuf, ++ .msg_controllen = sizeof(cmsgbuf), ++ }; ++ struct cmsghdr *cmsg; + +- length = read (interface -> rfdesc, ibuf, sizeof ibuf); ++ length = recvmsg (interface -> rfdesc, &msg, 0); + if (length <= 0) + return length; + ++ for (cmsg = CMSG_FIRSTHDR(&msg); cmsg; cmsg = CMSG_NXTHDR(&msg, cmsg)) { ++ if (cmsg->cmsg_level == SOL_PACKET && ++ cmsg->cmsg_type == PACKET_AUXDATA) { ++ struct tpacket_auxdata *aux = (void *)CMSG_DATA(cmsg); ++ nocsum = aux->tp_status & TP_STATUS_CSUMNOTREADY; ++ } ++ } ++ + bufix = 0; + /* Decode the physical header... */ + offset = decode_hw_header (interface, ibuf, bufix, hfrom); +@@ -373,7 +416,7 @@ ssize_t receive_packet (interface, buf, + + /* Decode the IP and UDP headers... */ + offset = decode_udp_ip_header (interface, ibuf, bufix, from, +- (unsigned)length, &paylen); ++ (unsigned)length, &paylen, nocsum); + + /* If the IP or UDP checksum was bad, skip the packet... */ + if (offset < 0) +diff --git a/common/nit.c b/common/nit.c +--- a/common/nit.c ++++ b/common/nit.c +@@ -363,7 +363,7 @@ ssize_t receive_packet (interface, buf, + + /* Decode the IP and UDP headers... */ + offset = decode_udp_ip_header (interface, ibuf, bufix, +- from, length, &paylen); ++ from, length, &paylen, 0); + + /* If the IP or UDP checksum was bad, skip the packet... */ + if (offset < 0) +diff --git a/common/packet.c b/common/packet.c +--- a/common/packet.c ++++ b/common/packet.c +@@ -226,7 +226,7 @@ ssize_t + decode_udp_ip_header(struct interface_info *interface, + unsigned char *buf, unsigned bufix, + struct sockaddr_in *from, unsigned buflen, +- unsigned *rbuflen) ++ unsigned *rbuflen, int nocsum) + { + unsigned char *data; + struct ip ip; +@@ -337,7 +337,7 @@ decode_udp_ip_header(struct interface_in + 8, IPPROTO_UDP + ulen)))); + + udp_packets_seen++; +- if (usum && usum != sum) { ++ if (!nocsum && usum && usum != sum) { + udp_packets_bad_checksum++; + if (udp_packets_seen > 4 && + (udp_packets_seen / udp_packets_bad_checksum) < 2) { +diff --git a/common/upf.c b/common/upf.c +--- a/common/upf.c ++++ b/common/upf.c +@@ -314,7 +314,7 @@ ssize_t receive_packet (interface, buf, + + /* Decode the IP and UDP headers... */ + offset = decode_udp_ip_header (interface, ibuf, bufix, +- from, length, &paylen); ++ from, length, &paylen, 0); + + /* If the IP or UDP checksum was bad, skip the packet... */ + if (offset < 0) +diff --git a/includes/dhcpd.h b/includes/dhcpd.h +--- a/includes/dhcpd.h ++++ b/includes/dhcpd.h +@@ -2857,7 +2857,7 @@ ssize_t decode_hw_header (struct interfa + unsigned, struct hardware *); + ssize_t decode_udp_ip_header (struct interface_info *, unsigned char *, + unsigned, struct sockaddr_in *, +- unsigned, unsigned *); ++ unsigned, unsigned *, int); + + /* ethernet.c */ + void assemble_ethernet_header (struct interface_info *, unsigned char *, +-- +1.8.1.2 + diff --git a/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch b/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch index e686afd2d2..14e75a37ea 100644 --- a/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch +++ b/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch @@ -4,47 +4,32 @@ Upstream-Status: Pending RP 2013/03/21 -Index: dhcp-4.2.5/common/Makefile.am -=================================================================== ---- dhcp-4.2.5.orig/common/Makefile.am 2013-03-21 12:54:11.345063519 +0000 -+++ dhcp-4.2.5/common/Makefile.am 2013-03-21 12:54:11.805063510 +0000 -@@ -1,4 +1,4 @@ --AM_CPPFLAGS = -I.. -DLOCALSTATEDIR='"@localstatedir@"' -+AM_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"' - AM_CFLAGS = $(LDAP_CFLAGS) - - noinst_LIBRARIES = libdhcp.a -Index: dhcp-4.2.5/dst/Makefile.am -=================================================================== ---- dhcp-4.2.5.orig/dst/Makefile.am 2013-03-21 12:54:11.345063519 +0000 -+++ dhcp-4.2.5/dst/Makefile.am 2013-03-21 12:54:11.805063510 +0000 -@@ -1,4 +1,4 @@ --AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5 -+AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5 -I$(top_srcdir)/includes - - lib_LIBRARIES = libdst.a - -Index: dhcp-4.2.5/omapip/Makefile.am -=================================================================== ---- dhcp-4.2.5.orig/omapip/Makefile.am 2013-03-21 12:54:11.677063511 +0000 -+++ dhcp-4.2.5/omapip/Makefile.am 2013-03-21 12:54:11.809063510 +0000 -@@ -1,3 +1,5 @@ -+AM_CPPFLAGS = -I$(top_srcdir)/includes -+ - lib_LIBRARIES = libomapi.a - noinst_PROGRAMS = svtest +Rebase to 4.3.1 +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + client/Makefile.am | 6 ++++-- + common/Makefile.am | 2 +- + dhcpctl/Makefile.am | 2 ++ + dst/Makefile.am | 2 +- + omapip/Makefile.am | 2 ++ + relay/Makefile.am | 2 +- + server/Makefile.am | 2 +- + 7 files changed, 12 insertions(+), 6 deletions(-) + +diff --git a/client/Makefile.am b/client/Makefile.am +index 8411960..1740f72 100644 +--- a/client/Makefile.am ++++ b/client/Makefile.am +@@ -4,6 +4,8 @@ + # production code. Sadly, we are not there yet. + SUBDIRS = . tests -Index: dhcp-4.2.5/client/Makefile.am -=================================================================== ---- dhcp-4.2.5.orig/client/Makefile.am 2013-03-21 12:54:11.677063511 +0000 -+++ dhcp-4.2.5/client/Makefile.am 2013-03-21 12:54:11.809063510 +0000 -@@ -1,3 +1,5 @@ +AM_CPPFLAGS = -I$(top_srcdir)/includes + dist_sysconf_DATA = dhclient.conf.example sbin_PROGRAMS = dhclient dhclient_SOURCES = clparse.c dhclient.c dhc6.c \ -@@ -11,8 +13,8 @@ +@@ -17,8 +19,8 @@ EXTRA_DIST = $(man_MANS) dhclient.o: dhclient.c $(COMPILE) -DCLIENT_PATH='"PATH=$(sbindir):/sbin:/bin:/usr/sbin:/usr/bin"' \ @@ -55,30 +40,60 @@ Index: dhcp-4.2.5/client/Makefile.am $(COMPILE) -DCLIENT_PATH='"PATH=$(sbindir):/sbin:/bin:/usr/sbin:/usr/bin"' \ - -DLOCALSTATEDIR='"$(localstatedir)"' -c dhc6.c + -DLOCALSTATEDIR='"$(localstatedir)"' -c $(srcdir)/dhc6.c -Index: dhcp-4.2.5/dhcpctl/Makefile.am -=================================================================== ---- dhcp-4.2.5.orig/dhcpctl/Makefile.am 2013-03-21 12:54:11.677063511 +0000 -+++ dhcp-4.2.5/dhcpctl/Makefile.am 2013-03-21 12:54:11.809063510 +0000 +diff --git a/common/Makefile.am b/common/Makefile.am +index eddef05..5ce045f 100644 +--- a/common/Makefile.am ++++ b/common/Makefile.am +@@ -1,4 +1,4 @@ +-AM_CPPFLAGS = -I.. -DLOCALSTATEDIR='"@localstatedir@"' ++AM_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"' + AM_CFLAGS = $(LDAP_CFLAGS) + + noinst_LIBRARIES = libdhcp.a +diff --git a/dhcpctl/Makefile.am b/dhcpctl/Makefile.am +index 2987a53..cd72d75 100644 +--- a/dhcpctl/Makefile.am ++++ b/dhcpctl/Makefile.am @@ -1,3 +1,5 @@ +AM_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_srcdir) + bin_PROGRAMS = omshell lib_LIBRARIES = libdhcpctl.a noinst_PROGRAMS = cltest -Index: dhcp-4.2.5/relay/Makefile.am -=================================================================== ---- dhcp-4.2.5.orig/relay/Makefile.am 2013-03-21 12:54:11.677063511 +0000 -+++ dhcp-4.2.5/relay/Makefile.am 2013-03-21 12:54:11.809063510 +0000 +diff --git a/dst/Makefile.am b/dst/Makefile.am +index 8937fe8..a14798b 100644 +--- a/dst/Makefile.am ++++ b/dst/Makefile.am +@@ -1,4 +1,4 @@ +-AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5 ++AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5 -I$(top_srcdir)/includes + + lib_LIBRARIES = libdst.a + +diff --git a/omapip/Makefile.am b/omapip/Makefile.am +index 5074479..9c0fab3 100644 +--- a/omapip/Makefile.am ++++ b/omapip/Makefile.am +@@ -1,3 +1,5 @@ ++AM_CPPFLAGS = -I$(top_srcdir)/includes ++ + lib_LIBRARIES = libomapi.a + noinst_PROGRAMS = svtest + +diff --git a/relay/Makefile.am b/relay/Makefile.am +index ec72a31..f842071 100644 +--- a/relay/Makefile.am ++++ b/relay/Makefile.am @@ -1,4 +1,4 @@ -AM_CPPFLAGS = -DLOCALSTATEDIR='"@localstatedir@"' +AM_CPPFLAGS = -DLOCALSTATEDIR='"@localstatedir@"' -I$(top_srcdir)/includes sbin_PROGRAMS = dhcrelay dhcrelay_SOURCES = dhcrelay.c -Index: dhcp-4.2.5/server/Makefile.am -=================================================================== ---- dhcp-4.2.5.orig/server/Makefile.am 2013-03-21 12:54:11.677063511 +0000 -+++ dhcp-4.2.5/server/Makefile.am 2013-03-21 12:55:01.509062081 +0000 +diff --git a/server/Makefile.am b/server/Makefile.am +index a446f0b..d0b873a 100644 +--- a/server/Makefile.am ++++ b/server/Makefile.am @@ -4,7 +4,7 @@ # production code. Sadly, we are not there yet. SUBDIRS = . tests @@ -88,3 +103,6 @@ Index: dhcp-4.2.5/server/Makefile.am dist_sysconf_DATA = dhcpd.conf.example sbin_PROGRAMS = dhcpd +-- +1.9.1 + diff --git a/meta/recipes-connectivity/dhcp/dhcp/site.h b/meta/recipes-connectivity/dhcp/dhcp/site.h deleted file mode 100644 index 2289554ef3..0000000000 --- a/meta/recipes-connectivity/dhcp/dhcp/site.h +++ /dev/null @@ -1,21 +0,0 @@ -/* - * define config file location in ${S}/includes/site.h - * still need to take care of installation path (${sysconfdir}/dhcpd.conf) - * - * 7/22/2010 - qhe - */ - -/* Define this if you want DNS update functionality to be available. */ - -#define NSUPDATE - -/* Define this if you aren't debugging and you want to save memory - (potentially a _lot_ of memory) by allocating leases in chunks rather - than one at a time. */ - -#define COMPACT_LEASES - - -/* local */ -#define _PATH_DHCPD_CONF "/etc/dhcp/dhcpd.conf" -#define _PATH_DHCLIENT_CONF "/etc/dhcp/dhclient.conf" diff --git a/meta/recipes-connectivity/dhcp/dhcp_4.3.0.bb b/meta/recipes-connectivity/dhcp/dhcp_4.3.1.bb index 13bcceb5a8..d4414cc347 100644 --- a/meta/recipes-connectivity/dhcp/dhcp_4.3.0.bb +++ b/meta/recipes-connectivity/dhcp/dhcp_4.3.1.bb @@ -6,7 +6,8 @@ SRC_URI += "file://dhcp-3.0.3-dhclient-dbus.patch;striplevel=0 \ file://fixsepbuild.patch \ file://dhclient-script-drop-resolv.conf.dhclient.patch \ file://replace-ifconfig-route.patch \ + file://dhcp-xen-checksum.patch \ " -SRC_URI[md5sum] = "1020d77e1a4c1f01b76279caff9beb80" -SRC_URI[sha256sum] = "a7b6517d5cf32c5e49d2323a63de00efe5391df7cb0045dfa0ec8f6ee46ebe8a" +SRC_URI[md5sum] = "b3a42ece3c7f2cd2e74a3e12ca881d20" +SRC_URI[sha256sum] = "266cbca8a7a6bb8f9ccc5765da0d2b04099329314a54a4fc1022d510ad3e9af0" diff --git a/meta/recipes-connectivity/iproute2/iproute2/0001-ip-link-Remove-unnecessary-device-checking.patch b/meta/recipes-connectivity/iproute2/iproute2/0001-ip-link-Remove-unnecessary-device-checking.patch deleted file mode 100644 index 640accefb0..0000000000 --- a/meta/recipes-connectivity/iproute2/iproute2/0001-ip-link-Remove-unnecessary-device-checking.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 38790ccf7bd0e6eab78024ec381fd98d7c6a2782 Mon Sep 17 00:00:00 2001 -From: vadimk <vadim4j@gmail.com> -Date: Sat, 30 Aug 2014 15:06:00 +0300 -Subject: [PATCH] ip link: Remove unnecessary device checking - -The real checking is performed later in iplink_modify(..) func which -checks device existence if NLM_F_CREATE flag is set. - -Also it fixes the case when impossible to add veth link which was -caused by 9a02651a87 (ip: check for missing dev arg when doing VF rate) -because these devices are not exist yet. - -Signed-off-by: Vadim Kochan <vadim4j@gmail.com> -Acked-by: Oliver Hartkopp <socketcan@hartkopp.net> -Signed-off-by: Stephen Hemminger <stephen@networkplumber.org> ---- - ip/iplink.c | 2 -- - 1 file changed, 2 deletions(-) - -diff --git a/ip/iplink.c b/ip/iplink.c -index 1a907d9..ea06871 100644 ---- a/ip/iplink.c -+++ b/ip/iplink.c -@@ -593,8 +593,6 @@ int iplink_parse(int argc, char **argv, struct iplink_req *req, - duparg2("dev", *argv); - *dev = *argv; - dev_index = ll_name_to_index(*dev); -- if (dev_index == 0) -- invarg("Unknown device", *argv); - } - argc--; argv++; - } --- -1.7.10.4 diff --git a/meta/recipes-connectivity/iproute2/iproute2_3.16.0.bb b/meta/recipes-connectivity/iproute2/iproute2_3.17.0.bb index 39fe9c83b8..d12b33fbd1 100644 --- a/meta/recipes-connectivity/iproute2/iproute2_3.16.0.bb +++ b/meta/recipes-connectivity/iproute2/iproute2_3.17.0.bb @@ -3,10 +3,9 @@ require iproute2.inc SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz \ file://configure-cross.patch \ file://0001-iproute2-de-bash-scripts.patch \ - file://0001-ip-link-Remove-unnecessary-device-checking.patch \ " -SRC_URI[md5sum] = "6c823b40fdcfa7b8120743349a52ac18" -SRC_URI[sha256sum] = "1f0a8a6c0e872166f75433f5cbf9766f3002b5c2f13501b3bb8c51846a127b79" +SRC_URI[md5sum] = "b741a02c6dda5818d18011d572874493" +SRC_URI[sha256sum] = "09e406636e7598e46d5d4f7b928bf5db57049d65dbeb9a496005957ee16f6000" # CFLAGS are computed in Makefile and reference CCOPTS # diff --git a/meta/recipes-connectivity/libpcap/libpcap_1.6.1.bb b/meta/recipes-connectivity/libpcap/libpcap_1.6.2.bb index f570ebba95..a2d5ef46d7 100644 --- a/meta/recipes-connectivity/libpcap/libpcap_1.6.1.bb +++ b/meta/recipes-connectivity/libpcap/libpcap_1.6.2.bb @@ -1,8 +1,8 @@ require libpcap.inc SRC_URI += "file://aclocal.patch" -SRC_URI[md5sum] = "5eb05edf6b6c6e63d536d1c9fbfb2f7c" -SRC_URI[sha256sum] = "116cbb3ac9e96d5dd7b39638a2f894a67fa3dcf06d794e6dae2b9a942ad13476" +SRC_URI[md5sum] = "5f14191c1a684a75532c739c2c4059fa" +SRC_URI[sha256sum] = "5db3e2998f1eeba2c76da55da5d474248fe19c44f49e15cac8a796a2c7e19690" # # make install doesn't cover the shared lib diff --git a/meta/recipes-connectivity/neard/neard.inc b/meta/recipes-connectivity/neard/neard.inc index e714cadc2b..31bc6ddb66 100644 --- a/meta/recipes-connectivity/neard/neard.inc +++ b/meta/recipes-connectivity/neard/neard.inc @@ -9,7 +9,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \ file://src/near.h;beginline=1;endline=20;md5=358e4deefef251a4761e1ffacc965d13 \ " -inherit autotools-brokensep pkgconfig systemd update-rc.d +inherit autotools pkgconfig systemd update-rc.d + +PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}" + +PACKAGECONFIG[systemd] = "--enable-systemd --with-systemdsystemunitdir=${systemd_unitdir}/system/ --with-systemduserunitdir=${systemd_unitdir}/user/,--disable-systemd" EXTRA_OECONF += "--enable-tools" @@ -26,16 +30,10 @@ do_install_append() { chmod 0755 ${D}${sysconfdir}/init.d/neard fi - if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - install -d ${D}${systemd_unitdir}/system - sed "s:@installpath@:${libexecdir}:" ${WORKDIR}/neard.service.in \ - > ${D}${systemd_unitdir}/system/neard.service - fi - # Install the tests for neard-tests install -d ${D}${libdir}/neard install -m 0755 ${S}/test/* ${D}${libdir}/${BPN}/ - install -m 0755 ${S}/tools/nfctool/nfctool ${D}${libdir}/${BPN}/ + install -m 0755 ${B}/tools/nfctool/nfctool ${D}${libdir}/${BPN}/ } PACKAGES =+ "${PN}-tests" diff --git a/meta/recipes-connectivity/neard/neard/Makefile.am-fix-parallel-issue.patch b/meta/recipes-connectivity/neard/neard/Makefile.am-fix-parallel-issue.patch new file mode 100644 index 0000000000..466067693d --- /dev/null +++ b/meta/recipes-connectivity/neard/neard/Makefile.am-fix-parallel-issue.patch @@ -0,0 +1,33 @@ +From 43acc56d5506c7e318f717fb3634bc16e3438913 Mon Sep 17 00:00:00 2001 +From: Robert Yang <liezhi.yang@windriver.com> +Date: Thu, 15 Jan 2015 18:12:07 -0800 +Subject: [PATCH] Makefile.am: fix parallel issue + +There might be no src dir if src/builtin.h runs earlier, create it to +fix the race issue: + +src/genbuiltin nfctype1 nfctype2 nfctype3 nfctype4 p2p > src/builtin.h +/bin/sh: src/builtin.h: No such file or directory + +Upstream-Status: Pending + +Signed-off-by: Robert Yang <liezhi.yang@windriver.com> +--- + Makefile.am | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/Makefile.am b/Makefile.am +index 3241311..a43eaa2 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -164,6 +164,7 @@ MAINTAINERCLEANFILES = Makefile.in \ + src/plugin.$(OBJEXT): src/builtin.h + + src/builtin.h: src/genbuiltin $(builtin_sources) ++ $(AM_V_at)$(MKDIR_P) src + $(AM_V_GEN)$(srcdir)/src/genbuiltin $(builtin_modules) > $@ + + $(src_neard_OBJECTS) \ +-- +1.7.9.5 + diff --git a/meta/recipes-connectivity/neard/neard/parallel-build.patch b/meta/recipes-connectivity/neard/neard/parallel-build.patch deleted file mode 100644 index 56247495e5..0000000000 --- a/meta/recipes-connectivity/neard/neard/parallel-build.patch +++ /dev/null @@ -1,40 +0,0 @@ -Upstream-Status: Pending -Signed-off-by: Ross Burton <ross.burton@intel.com> - -From 488e898300f7a4ab9ba73307967ae9e02b7a6511 Mon Sep 17 00:00:00 2001 -From: Ross Burton <ross.burton@intel.com> -Date: Fri, 13 Jun 2014 17:49:45 +0100 -Subject: [PATCH] Makefile: add missing binaries to dependency on - local_headers - -seeld and snap_send were missing from the rule that generates the header symlink -farm, resulting in headers not being available in highly parallel builds. - -Signed-off-by: Ross Burton <ross.burton@intel.com> ---- - Makefile.am | 9 ++++++++- - 1 file changed, 8 insertions(+), 1 deletion(-) - -diff --git a/Makefile.am b/Makefile.am -index c51351f..8e58ac1 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -254,7 +254,14 @@ se/plugin.$(OBJEXT): se/builtin.h - se/builtin.h: src/genbuiltin $(builtin_se_sources) - $(AM_V_GEN)$(srcdir)/src/genbuiltin $(builtin_se_modules) > $@ - --$(src_neard_OBJECTS) $(tools_nfctool_nfctool_OBJECTS) $(plugin_objects): $(local_headers) -+$(src_neard_OBJECTS) \ -+$(tools_nfctool_nfctool_OBJECTS) \ -+$(plugin_objects) \ -+$(se_seeld_OBJECTS) \ -+$(unit_test_ndef_parse_OBJECTS) \ -+$(unit_test_ndef_build_OBJECTS) \ -+$(unit_test_snep_read_OBJECTS) \ -+$(tools_snep_send_OBJECTS): $(local_headers) - - include/near/version.h: include/version.h - $(AM_V_at)$(MKDIR_P) include/near --- -1.7.10.4 - diff --git a/meta/recipes-connectivity/neard/neard_0.14.bb b/meta/recipes-connectivity/neard/neard_0.14.bb deleted file mode 100644 index daf3a4b7d1..0000000000 --- a/meta/recipes-connectivity/neard/neard_0.14.bb +++ /dev/null @@ -1,10 +0,0 @@ -require neard.inc - -SRC_URI = "${KERNELORG_MIRROR}/linux/network/nfc/${BPN}-${PV}.tar.xz \ - file://parallel-build.patch \ - file://neard.in \ - file://neard.service.in \ - " -SRC_URI[md5sum] = "692ba2653d60155255244c87396c486b" -SRC_URI[sha256sum] = "6ea724b443d39d679168fc7776a965d1f64727c3735391df2c01469ee7cd8cca" - diff --git a/meta/recipes-connectivity/neard/neard_0.15.bb b/meta/recipes-connectivity/neard/neard_0.15.bb new file mode 100644 index 0000000000..c92a171301 --- /dev/null +++ b/meta/recipes-connectivity/neard/neard_0.15.bb @@ -0,0 +1,9 @@ +require neard.inc + +SRC_URI = "${KERNELORG_MIRROR}/linux/network/nfc/${BP}.tar.xz \ + file://neard.in \ + file://Makefile.am-fix-parallel-issue.patch \ + " +SRC_URI[md5sum] = "b746ce62eeef88e8de90765e00a75a1c" +SRC_URI[sha256sum] = "651f6513d32cdaf8a426255d03aff38a6620a89b0567ec2b36606c6330a93353" + diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-statd-fixed-the-with-statdpath-flag.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-statd-fixed-the-with-statdpath-flag.patch deleted file mode 100644 index 2ce824cf9e..0000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-statd-fixed-the-with-statdpath-flag.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 3b1457d219ceb1058d44bacc657581f13437ae40 Mon Sep 17 00:00:00 2001 -From: Steve Dickson <steved@redhat.com> -Date: Tue, 17 Jun 2014 13:28:53 -0400 -Subject: [PATCH] statd: fixed the --with-statdpath= flag - -Create the given path set with --with-statdpath - -Signed-off-by: chendt.fnst@cn.fujitsu.com -Reported-by: yaoxp@cn.fujitsu.com -Signed-off-by: Steve Dickson <steved@redhat.com> -Upstream-Status: Backport ---- - Makefile.am | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/Makefile.am b/Makefile.am -index ae7cd16..5824adc 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -54,13 +54,13 @@ install-data-hook: - touch $(DESTDIR)$(statedir)/xtab; chmod 644 $(DESTDIR)$(statedir)/xtab - touch $(DESTDIR)$(statedir)/etab; chmod 644 $(DESTDIR)$(statedir)/etab - touch $(DESTDIR)$(statedir)/rmtab; chmod 644 $(DESTDIR)$(statedir)/rmtab -- mkdir -p $(DESTDIR)$(statedir)/sm $(DESTDIR)$(statedir)/sm.bak -- touch $(DESTDIR)$(statedir)/state -- chmod go-rwx $(DESTDIR)$(statedir)/sm $(DESTDIR)$(statedir)/sm.bak $(DESTDIR)$(statedir)/state -- -chown $(statduser) $(DESTDIR)$(statedir)/sm $(DESTDIR)$(statedir)/sm.bak $(DESTDIR)$(statedir)/state -+ mkdir -p $(DESTDIR)$(statdpath)/sm $(DESTDIR)$(statdpath)/sm.bak -+ touch $(DESTDIR)$(statdpath)/state -+ chmod go-rwx $(DESTDIR)$(statdpath)/sm $(DESTDIR)$(statdpath)/sm.bak $(DESTDIR)$(statdpath)/state -+ -chown $(statduser) $(DESTDIR)$(statdpath)/sm $(DESTDIR)$(statdpath)/sm.bak $(DESTDIR)$(statdpath)/state - - uninstall-hook: - rm $(DESTDIR)$(statedir)/xtab - rm $(DESTDIR)$(statedir)/etab - rm $(DESTDIR)$(statedir)/rmtab -- rm $(DESTDIR)$(statedir)/state -+ rm $(DESTDIR)$(statdpath)/state --- -1.8.4.2 - diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-1.0.6-uclibc.patch b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-1.0.6-uclibc.patch deleted file mode 100644 index c3442380e1..0000000000 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-1.0.6-uclibc.patch +++ /dev/null @@ -1,27 +0,0 @@ -Signed-off-by: Khem Raj <raj.khem@gmail.com> - -Upstream-Status: Inappropriate [embedded specific] - -Index: nfs-utils-1.2.6/support/nfs/svc_socket.c -=================================================================== ---- nfs-utils-1.2.6.orig/support/nfs/svc_socket.c 2012-05-14 07:40:52.000000000 -0700 -+++ nfs-utils-1.2.6/support/nfs/svc_socket.c 2012-10-28 02:42:50.179222457 -0700 -@@ -40,8 +40,9 @@ - char rpcdata[1024], servdata[1024]; - struct rpcent rpcbuf, *rpcp; - struct servent servbuf, *servp = NULL; -- int ret; -+ int ret = 0; - -+#ifndef __UCLIBC__ /* neither getrpcbynumber() nor getrpcbynumber_r() is SuSv3 */ - ret = getrpcbynumber_r(number, &rpcbuf, rpcdata, sizeof rpcdata, - &rpcp); - if (ret == 0 && rpcp != NULL) { -@@ -60,6 +61,7 @@ - } - } - } -+#endif /* __UCLIBC__ */ - - if (ret == 0 && servp != NULL) - return ntohs(servp->s_port); diff --git a/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.0.bb b/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.1.bb index 6e6d09bf42..d312349fe4 100644 --- a/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.0.bb +++ b/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.1.bb @@ -21,7 +21,6 @@ USERADD_PARAM_${PN}-client = "--system --home-dir /var/lib/nfs \ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.xz \ file://0001-configure-Allow-to-explicitly-disable-nfsidmap.patch \ - file://nfs-utils-1.0.6-uclibc.patch \ file://nfs-utils-1.2.3-sm-notify-res_init.patch \ file://nfsserver \ file://nfscommon \ @@ -30,11 +29,10 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.x file://nfs-mountd.service \ file://nfs-statd.service \ file://nfs-utils-Do-not-pass-CFLAGS-to-gcc-while-building.patch \ - file://0001-statd-fixed-the-with-statdpath-flag.patch \ " -SRC_URI[md5sum] = "6e93a7997ca3a1eac56bf219adab72a8" -SRC_URI[sha256sum] = "ab8384d0e487ed6a18c5380d5df28015f7dd98680bf08f3247c97d9f7d99e56f" +SRC_URI[md5sum] = "8de676b9ff34b8f9addc1d0800fabdf8" +SRC_URI[sha256sum] = "ff79d70b7b58b2c8f9b798c58721127e82bb96022adc04a5c4cb251630e696b8" PARALLEL_MAKE = "" diff --git a/meta/recipes-connectivity/ofono/ofono.inc b/meta/recipes-connectivity/ofono/ofono.inc index 9f65f4f144..bf44fcae08 100644 --- a/meta/recipes-connectivity/ofono/ofono.inc +++ b/meta/recipes-connectivity/ofono/ofono.inc @@ -7,16 +7,20 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a \ inherit autotools pkgconfig update-rc.d systemd -DEPENDS = "dbus glib-2.0 udev mobile-broadband-provider-info ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth','bluez4', '', d)}" +DEPENDS = "dbus glib-2.0 udev mobile-broadband-provider-info" INITSCRIPT_NAME = "ofono" INITSCRIPT_PARAMS = "defaults 22" -EXTRA_OECONF += "\ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--with-systemdunitdir=${systemd_unitdir}/system/', '--with-systemdunitdir=', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth','--enable-bluetooth', '--disable-bluetooth', d)} \ - --enable-test \ -" +PACKAGECONFIG ??= "\ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth','bluetooth', '', d)} \ + " +PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/,--with-systemdunitdir=" +PACKAGECONFIG[bluetooth] = "--enable-bluetooth,--disable-bluetooth,bluez4" + +EXTRA_OECONF += "--enable-test" + SYSTEMD_SERVICE_${PN} = "ofono.service" do_install_append() { diff --git a/meta/recipes-connectivity/ofono/ofono_1.15.bb b/meta/recipes-connectivity/ofono/ofono_1.16.bb index bee2b4745c..712fc5c805 100644 --- a/meta/recipes-connectivity/ofono/ofono_1.15.bb +++ b/meta/recipes-connectivity/ofono/ofono_1.16.bb @@ -5,8 +5,7 @@ SRC_URI = "\ file://ofono \ file://Revert-test-Convert-to-Python-3.patch \ " - -SRC_URI[md5sum] = "4d03de85239d8100dc7721bf0dad2bd2" -SRC_URI[sha256sum] = "978807a05e8904eb4e57d6533ed71e75676a55fa3819a39fe2c878f45dbf7af6" +SRC_URI[md5sum] = "c31b5b55a1d68354bff771d3edf02829" +SRC_URI[sha256sum] = "403b98dadece8bc804c0bd16b96d3db5a3bb0f84af64b3d67924da2d1a754b07" CFLAGS_append_libc-uclibc = " -D_GNU_SOURCE" diff --git a/meta/recipes-connectivity/openssh/openssh/nostrip.patch b/meta/recipes-connectivity/openssh/openssh/nostrip.patch deleted file mode 100644 index 33111f5494..0000000000 --- a/meta/recipes-connectivity/openssh/openssh/nostrip.patch +++ /dev/null @@ -1,20 +0,0 @@ -Disable stripping binaries during make install. - -Upstream-Status: Inappropriate [configuration] - -Build system specific. - -Signed-off-by: Scott Garman <scott.a.garman@intel.com> - -diff -ur openssh-5.6p1.orig/Makefile.in openssh-5.6p1/Makefile.in ---- openssh-5.6p1.orig/Makefile.in 2010-05-11 23:51:39.000000000 -0700 -+++ openssh-5.6p1/Makefile.in 2010-08-30 16:49:54.000000000 -0700 -@@ -29,7 +29,7 @@ - RAND_HELPER=$(libexecdir)/ssh-rand-helper - PRIVSEP_PATH=@PRIVSEP_PATH@ - SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@ --STRIP_OPT=@STRIP_OPT@ -+STRIP_OPT= - - PATHS= -DSSHDIR=\"$(sysconfdir)\" \ - -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ diff --git a/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2011-4327.patch b/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2011-4327.patch deleted file mode 100644 index 30c11cf432..0000000000 --- a/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2011-4327.patch +++ /dev/null @@ -1,29 +0,0 @@ -openssh-CVE-2011-4327 - -A security flaw was found in the way ssh-keysign, -a ssh helper program for host based authentication, -attempted to retrieve enough entropy information on configurations that -lacked a built-in entropy pool in OpenSSL (a ssh-rand-helper program would -be executed to retrieve the entropy from the system environment). -A local attacker could use this flaw to obtain unauthorized access to host keys -via ptrace(2) process trace attached to the 'ssh-rand-helper' program. - -https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-4327 -http://www.openssh.com/txt/portable-keysign-rand-helper.adv - -Upstream-Status: Pending - -Signed-off-by: Li Wang <li.wang@windriver.com> ---- a/ssh-keysign.c -+++ b/ssh-keysign.c -@@ -170,6 +170,10 @@ - key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY); - key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY); - key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY); -+ if (fcntl(key_fd[0], F_SETFD, FD_CLOEXEC) != 0 || -+ fcntl(key_fd[1], F_SETFD, FD_CLOEXEC) != 0 || -+ fcntl(key_fd[2], F_SETFD, FD_CLOEXEC) != 0) -+ fatal("fcntl failed"); - - original_real_uid = getuid(); /* XXX readconf.c needs this */ - if ((pw = getpwuid(original_real_uid)) == NULL) diff --git a/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2532.patch b/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2532.patch deleted file mode 100644 index 3deaf3f0e9..0000000000 --- a/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2532.patch +++ /dev/null @@ -1,22 +0,0 @@ -Upstream-Status: Backport - -Fix for CVE-2014-2532 - -Backported from openssh-6.6p1.tar.gz - -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> ---- ---- a/session.c -+++ b/session.c -@@ -955,6 +955,11 @@ - u_int envsize; - u_int i, namelen; - -+ if (strchr(name, '=') != NULL) { -+ error("Invalid environment variable \"%.100s\"", name); -+ return; -+ } -+ - /* - * If we're passed an uninitialized list, allocate a single null - * entry before continuing. diff --git a/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2653.patch b/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2653.patch deleted file mode 100644 index 674d186044..0000000000 --- a/meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2653.patch +++ /dev/null @@ -1,114 +0,0 @@ -Upstream-Status: Backport - -This CVE could be removed if openssh is upgrade to 6.6 or higher. -Below are some details. - -Attempt SSHFP lookup even if server presents a certificate - -Reference: -https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742513 - -If an ssh server presents a certificate to the client, then the client -does not check the DNS for SSHFP records. This means that a malicious -server can essentially disable DNS-host-key-checking, which means the -client will fall back to asking the user (who will just say "yes" to -the fingerprint, sadly). - -This patch means that the ssh client will, if necessary, extract the -server key from the proffered certificate, and attempt to verify it -against the DNS. The patch was written by Mark Wooding -<mdw@distorted.org.uk>. I modified it to add one debug2 call, reviewed -it, and tested it. - -Signed-off-by: Matthew Vernon <matthew@debian.org> -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> ---- ---- a/sshconnect.c -+++ b/sshconnect.c -@@ -1210,36 +1210,63 @@ fail: - return -1; - } - -+static int -+check_host_key_sshfp(char *host, struct sockaddr *hostaddr, Key *host_key) -+{ -+ int rc = -1; -+ int flags = 0; -+ Key *raw_key = NULL; -+ -+ if (!options.verify_host_key_dns) -+ goto done; -+ -+ /* XXX certs are not yet supported for DNS; try looking the raw key -+ * up in the DNS anyway. -+ */ -+ if (key_is_cert(host_key)) { -+ debug2("Extracting key from cert for SSHFP lookup"); -+ raw_key = key_from_private(host_key); -+ if (key_drop_cert(raw_key)) -+ fatal("Couldn't drop certificate"); -+ host_key = raw_key; -+ } -+ -+ if (verify_host_key_dns(host, hostaddr, host_key, &flags)) -+ goto done; -+ -+ if (flags & DNS_VERIFY_FOUND) { -+ -+ if (options.verify_host_key_dns == 1 && -+ flags & DNS_VERIFY_MATCH && -+ flags & DNS_VERIFY_SECURE) { -+ rc = 0; -+ } else if (flags & DNS_VERIFY_MATCH) { -+ matching_host_key_dns = 1; -+ } else { -+ warn_changed_key(host_key); -+ error("Update the SSHFP RR in DNS with the new " -+ "host key to get rid of this message."); -+ } -+ } -+ -+done: -+ if (raw_key) -+ key_free(raw_key); -+ return rc; -+} -+ - /* returns 0 if key verifies or -1 if key does NOT verify */ - int - verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key) - { -- int flags = 0; - char *fp; - - fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); - debug("Server host key: %s %s", key_type(host_key), fp); - free(fp); - -- /* XXX certs are not yet supported for DNS */ -- if (!key_is_cert(host_key) && options.verify_host_key_dns && -- verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) { -- if (flags & DNS_VERIFY_FOUND) { -- -- if (options.verify_host_key_dns == 1 && -- flags & DNS_VERIFY_MATCH && -- flags & DNS_VERIFY_SECURE) -- return 0; -- -- if (flags & DNS_VERIFY_MATCH) { -- matching_host_key_dns = 1; -- } else { -- warn_changed_key(host_key); -- error("Update the SSHFP RR in DNS with the new " -- "host key to get rid of this message."); -- } -- } -- } -+ if (check_host_key_sshfp(host, hostaddr, host_key) == 0) -+ return 0; - - return check_host_key(host, hostaddr, options.port, host_key, RDRW, - options.user_hostfiles, options.num_user_hostfiles, --- -1.7.9.5 - diff --git a/meta/recipes-connectivity/openssh/openssh/ssh_config b/meta/recipes-connectivity/openssh/openssh/ssh_config index 4a4a649ba8..9e919156d3 100644 --- a/meta/recipes-connectivity/openssh/openssh/ssh_config +++ b/meta/recipes-connectivity/openssh/openssh/ssh_config @@ -1,4 +1,4 @@ -# $OpenBSD: ssh_config,v 1.25 2009/02/17 01:28:32 djm Exp $ +# $OpenBSD: ssh_config,v 1.28 2013/09/16 11:35:43 sthen Exp $ # This is the ssh client system-wide configuration file. See # ssh_config(5) for more information. This file provides defaults for @@ -44,3 +44,5 @@ Host * # TunnelDevice any:any # PermitLocalCommand no # VisualHostKey no +# ProxyCommand ssh -q -W %h:%p gateway.example.com +# RekeyLimit 1G 1h diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_config b/meta/recipes-connectivity/openssh/openssh/sshd_config index 4f9b626fbd..3553669aa0 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd_config +++ b/meta/recipes-connectivity/openssh/openssh/sshd_config @@ -15,9 +15,7 @@ #ListenAddress 0.0.0.0 #ListenAddress :: -# Disable legacy (protocol version 1) support in the server for new -# installations. In future the default will change to require explicit -# activation of protocol 1 +# The default requires explicit activation of protocol 1 Protocol 2 # HostKey for protocol version 1 @@ -25,11 +23,16 @@ Protocol 2 # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key +#HostKey /etc/ssh/ssh_host_ed25519_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 1024 +# Ciphers and keying +#RekeyLimit default none + # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH @@ -45,7 +48,15 @@ Protocol 2 #RSAAuthentication yes #PubkeyAuthentication yes -#AuthorizedKeysFile .ssh/authorized_keys + +# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 +# but this is overridden so installations will only check .ssh/authorized_keys +AuthorizedKeysFile .ssh/authorized_keys + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no @@ -74,8 +85,8 @@ Protocol 2 #GSSAPIAuthentication no #GSSAPICleanupCredentials yes -# Set this to 'yes' to enable PAM authentication, account processing, -# and session processing. If this is enabled, PAM authentication will +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass @@ -91,20 +102,22 @@ Protocol 2 #X11Forwarding no #X11DisplayOffset 10 #X11UseLocalhost yes +#PermitTTY yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no -UsePrivilegeSeparation yes +UsePrivilegeSeparation sandbox # Default for new installations. #PermitUserEnvironment no Compression no ClientAliveInterval 15 ClientAliveCountMax 4 #UseDNS yes #PidFile /var/run/sshd.pid -#MaxStartups 10 +#MaxStartups 10:30:100 #PermitTunnel no #ChrootDirectory none +#VersionAddendum none # no default banner path #Banner none @@ -116,4 +129,5 @@ Subsystem sftp /usr/libexec/sftp-server #Match User anoncvs # X11Forwarding no # AllowTcpForwarding no +# PermitTTY no # ForceCommand cvs server diff --git a/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service b/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service index c21d70baf0..d65086fc8a 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service +++ b/meta/recipes-connectivity/openssh/openssh/sshdgenkeys.service @@ -3,6 +3,7 @@ Description=OpenSSH Key Generation ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key +ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key [Service] ExecStart=@BINDIR@/ssh-keygen -A diff --git a/meta/recipes-connectivity/openssh/openssh_6.6p1.bb b/meta/recipes-connectivity/openssh/openssh_6.7p1.bb index e4468c17c3..a2726291fe 100644 --- a/meta/recipes-connectivity/openssh/openssh_6.6p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_6.7p1.bb @@ -11,11 +11,9 @@ DEPENDS = "zlib openssl" DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}" SRC_URI = "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.gz \ - file://nostrip.patch \ file://sshd_config \ file://ssh_config \ file://init \ - file://openssh-CVE-2011-4327.patch \ ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ file://sshd.socket \ file://sshd@.service \ @@ -23,14 +21,12 @@ SRC_URI = "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar. file://volatiles.99_sshd \ file://add-test-support-for-busybox.patch \ file://run-ptest \ - file://openssh-CVE-2014-2532.patch \ - file://openssh-CVE-2014-2653.patch \ file://auth2-none.c-avoid-authenticate-empty-passwords-to-m.patch" PAM_SRC_URI = "file://sshd" -SRC_URI[md5sum] = "3e9800e6bca1fbac0eea4d41baa7f239" -SRC_URI[sha256sum] = "48c1f0664b4534875038004cc4f3555b8329c2a81c1df48db5c517800de203bb" +SRC_URI[md5sum] = "3246aa79317b1d23cae783a3bf8275d6" +SRC_URI[sha256sum] = "b2f8394eae858dabbdef7dac10b99aec00c95462753e80342e530bbb6f725507" inherit useradd update-rc.d update-alternatives systemd @@ -43,14 +39,10 @@ INITSCRIPT_PARAMS_${PN}-sshd = "defaults 9" SYSTEMD_PACKAGES = "${PN}-sshd" SYSTEMD_SERVICE_${PN}-sshd = "sshd.socket" -PACKAGECONFIG ??= "tcp-wrappers" -PACKAGECONFIG[tcp-wrappers] = "--with-tcp-wrappers,,tcp-wrappers" - inherit autotools-brokensep ptest # LFS support: CFLAGS += "-D__FILE_OFFSET_BITS=64" -export LD = "${CC}" # login path is hardcoded in sshd EXTRA_OECONF = "'LOGIN_PROGRAM=${base_bindir}/login' \ @@ -58,7 +50,9 @@ EXTRA_OECONF = "'LOGIN_PROGRAM=${base_bindir}/login' \ --without-zlib-version-check \ --with-privsep-path=/var/run/sshd \ --sysconfdir=${sysconfdir}/ssh \ - --with-xauth=/usr/bin/xauth" + --with-xauth=/usr/bin/xauth \ + --disable-strip \ + " # Since we do not depend on libbsd, we do not want configure to use it # just because it finds libutil.h. But, specifying --disable-libutil @@ -68,6 +62,9 @@ CACHED_CONFIGUREVARS += "ac_cv_header_bsd_libutil_h=no ac_cv_header_libutil_h=no # passwd path is hardcoded in sshd CACHED_CONFIGUREVARS += "ac_cv_path_PATH_PASSWD_PROG=${bindir}/passwd" +# We don't want to depend on libblockfile +CACHED_CONFIGUREVARS += "ac_cv_header_maillock_h=no" + # This is a workaround for uclibc because including stdio.h # pulls in pthreads.h and causes conflicts in function prototypes. # This results in compilation failure, so unless this is fixed, @@ -75,6 +72,7 @@ CACHED_CONFIGUREVARS += "ac_cv_path_PATH_PASSWD_PROG=${bindir}/passwd" EXTRA_OECONF_append_libc-uclibc=" --without-pam" do_configure_prepend () { + export LD="${CC}" install -m 0644 ${WORKDIR}/sshd_config ${B}/ install -m 0644 ${WORKDIR}/ssh_config ${B}/ if [ ! -e acinclude.m4 -a -e aclocal.m4 ]; then @@ -94,6 +92,7 @@ do_install_append () { rmdir ${D}${localstatedir}/run/sshd ${D}${localstatedir}/run ${D}${localstatedir} install -d ${D}/${sysconfdir}/default/volatiles install -m 644 ${WORKDIR}/volatiles.99_sshd ${D}/${sysconfdir}/default/volatiles/99_sshd + install -m 0755 ${S}/contrib/ssh-copy-id ${D}${bindir} # Create config files for read-only rootfs install -d ${D}${sysconfdir}/ssh diff --git a/meta/recipes-connectivity/openssl/openssl.inc b/meta/recipes-connectivity/openssl/openssl.inc index 9ec884f332..31dfd8fea7 100644 --- a/meta/recipes-connectivity/openssl/openssl.inc +++ b/meta/recipes-connectivity/openssl/openssl.inc @@ -193,5 +193,12 @@ do_install_ptest () { install util/shlib_wrap.sh ${D}${PTEST_PATH}/util } -BBCLASSEXTEND = "native nativesdk" +do_install_append_virtclass-native() { + create_wrapper ${D}${bindir}/openssl \ + OPENSSL_CONF=${libdir}/ssl/openssl.cnf \ + SSL_CERT_DIR=${libdir}/ssl/certs \ + SSL_CERT_FILE=${libdir}/ssl/cert.pem \ + OPENSSL_ENGINES=${libdir}/ssl/engines +} +BBCLASSEXTEND = "native nativesdk" diff --git a/meta/recipes-connectivity/portmap/portmap.inc b/meta/recipes-connectivity/portmap/portmap.inc index f5f7fde8be..338af33a38 100644 --- a/meta/recipes-connectivity/portmap/portmap.inc +++ b/meta/recipes-connectivity/portmap/portmap.inc @@ -4,14 +4,6 @@ SECTION = "console/network" LICENSE = "BSD" LIC_FILES_CHKSUM = "file://portmap.c;beginline=2;endline=31;md5=51ff67e66ec84b2009b017b1f94afbf4 \ file://from_local.c;beginline=9;endline=35;md5=1bec938a2268b8b423c58801ace3adc1" -DEPENDS = "virtual/fakeroot-native" - -SRC_URI = "${DEBIAN_MIRROR}/main/p/portmap/portmap_5.orig.tar.gz \ - ${DEBIAN_MIRROR}/main/p/portmap/portmap_${PV}.diff.gz \ - file://portmap.init \ - file://make.patch;apply=yes" - -S = "${WORKDIR}/portmap_5beta" INITSCRIPT_NAME = "portmap" INITSCRIPT_PARAMS = "start 10 2 3 4 5 . stop 32 0 1 6 ." @@ -20,15 +12,6 @@ inherit update-rc.d systemd SYSTEMD_SERVICE_${PN} = "portmap.service" -sbindir = "/sbin" - -fakeroot do_install() { - install -d ${D}${sysconfdir}/init.d - install -d ${D}${base_sbindir} - install -m 0755 ${WORKDIR}/portmap.init ${D}${sysconfdir}/init.d/portmap - oe_runmake 'docdir=${docdir}/portmap' 'DESTDIR=${D}' install -} - PACKAGES =+ "portmap-utils" -FILES_portmap-utils = "/sbin/pmap_set /sbin/pmap_dump" +FILES_portmap-utils = "${base_sbindir}/pmap_set ${base_sbindir}/pmap_dump" FILES_${PN}-doc += "${docdir}" diff --git a/meta/recipes-connectivity/portmap/portmap-6.0/destdir-no-strip.patch b/meta/recipes-connectivity/portmap/portmap/destdir-no-strip.patch index 2fbf784b73..2fbf784b73 100644 --- a/meta/recipes-connectivity/portmap/portmap-6.0/destdir-no-strip.patch +++ b/meta/recipes-connectivity/portmap/portmap/destdir-no-strip.patch diff --git a/meta/recipes-connectivity/portmap/portmap-6.0/tcpd-config.patch b/meta/recipes-connectivity/portmap/portmap/tcpd-config.patch index 2f25058095..2f25058095 100644 --- a/meta/recipes-connectivity/portmap/portmap-6.0/tcpd-config.patch +++ b/meta/recipes-connectivity/portmap/portmap/tcpd-config.patch diff --git a/meta/recipes-connectivity/portmap/portmap_6.0.bb b/meta/recipes-connectivity/portmap/portmap_6.0.bb index 8b65a03346..e727fe3cb9 100644 --- a/meta/recipes-connectivity/portmap/portmap_6.0.bb +++ b/meta/recipes-connectivity/portmap/portmap_6.0.bb @@ -20,7 +20,7 @@ CPPFLAGS += "-DFACILITY=LOG_DAEMON -DENABLE_DNS -DHOSTS_ACCESS" CFLAGS += "-Wall -Wstrict-prototypes -fPIC" EXTRA_OEMAKE += "'NO_TCP_WRAPPER=${@bb.utils.contains('PACKAGECONFIG', 'tcp-wrappers', '', '1', d)}'" -fakeroot do_install() { +do_install() { install -d ${D}${mandir}/man8/ ${D}${base_sbindir} ${D}${sysconfdir}/init.d install -m 0755 ${WORKDIR}/portmap.init ${D}${sysconfdir}/init.d/portmap oe_runmake install DESTDIR=${D} diff --git a/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb b/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb index 68b83d00f1..51a76b4299 100644 --- a/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb +++ b/meta/recipes-connectivity/ppp-dialin/ppp-dialin_0.1.bb @@ -12,6 +12,8 @@ SRC_URI = "file://host-peer \ inherit allarch useradd +S = "${WORKDIR}" + do_install() { install -d ${D}${sysconfdir}/ppp/peers install -m 0644 ${WORKDIR}/host-peer ${D}${sysconfdir}/ppp/peers/host diff --git a/meta/recipes-connectivity/ppp/ppp_2.4.6.bb b/meta/recipes-connectivity/ppp/ppp_2.4.7.bb index 8bc3672600..92ca0c92c6 100644 --- a/meta/recipes-connectivity/ppp/ppp_2.4.6.bb +++ b/meta/recipes-connectivity/ppp/ppp_2.4.7.bb @@ -31,8 +31,8 @@ SRC_URI = "http://ppp.samba.org/ftp/ppp/ppp-${PV}.tar.gz \ file://ppp@.service \ " -SRC_URI[md5sum] = "3434d2cc9327167a0723aaaa8670083b" -SRC_URI[sha256sum] = "1b33181a03962c8a092c055fb9980e9722728a8d98a4bb7ec7acda17c1b1b49d" +SRC_URI[md5sum] = "78818f40e6d33a1d1de68a1551f6595a" +SRC_URI[sha256sum] = "02e0a3dd3e4799e33103f70ec7df75348c8540966ee7c948e4ed8a42bbccfb30" inherit autotools-brokensep systemd diff --git a/meta/recipes-connectivity/resolvconf/resolvconf/fix-path-for-busybox.patch b/meta/recipes-connectivity/resolvconf/resolvconf/fix-path-for-busybox.patch index fc4605e94d..1aead07869 100644 --- a/meta/recipes-connectivity/resolvconf/resolvconf/fix-path-for-busybox.patch +++ b/meta/recipes-connectivity/resolvconf/resolvconf/fix-path-for-busybox.patch @@ -11,9 +11,10 @@ Index: resolvconf-1.76/etc/resolvconf/update.d/libc +++ resolvconf-1.76/etc/resolvconf/update.d/libc @@ -16,7 +16,7 @@ # - + set -e -PATH=/sbin:/bin +PATH=/sbin:/bin:/usr/bin - + [ -x /lib/resolvconf/list-records ] || exit 1 + diff --git a/meta/recipes-connectivity/resolvconf/resolvconf_1.75.bb b/meta/recipes-connectivity/resolvconf/resolvconf_1.76.bb index ee171c065e..20a2c19328 100644 --- a/meta/recipes-connectivity/resolvconf/resolvconf_1.75.bb +++ b/meta/recipes-connectivity/resolvconf/resolvconf_1.76.bb @@ -17,8 +17,8 @@ SRC_URI = "${DEBIAN_MIRROR}/main/r/resolvconf/resolvconf_${PV}.tar.xz \ " -SRC_URI[md5sum] = "4b8bc86a3cf070e3fd0e9aff7eaaba56" -SRC_URI[sha256sum] = "16167f37a77ef4bc4596dcbefece269b6a10d10fa448594ec55ed3303193086e" +SRC_URI[md5sum] = "d78ce30ea068999cd3e0523300b27255" +SRC_URI[sha256sum] = "c9f40f7405b37399ddbf29ca4205b4911ee35cb9ffd9be7671faa2385b1fa573" inherit allarch diff --git a/meta/recipes-connectivity/socat/socat/socat-1.7.2.4-linux-3.17.patch b/meta/recipes-connectivity/socat/socat/socat-1.7.2.4-linux-3.17.patch new file mode 100644 index 0000000000..9152df533f --- /dev/null +++ b/meta/recipes-connectivity/socat/socat/socat-1.7.2.4-linux-3.17.patch @@ -0,0 +1,29 @@ +socat: fix compile erorr against 3.17+ kernel headers + +With the linux 3.17 kernel socat's configure detects the wrong include for errqueue.h +which results in a compilation error. + +By backporting the gentoo patch from: + + http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/net-misc/socat/files/socat-1.7.2.4-linux-3.17.patch + +Fixes the build issue + +Upstream-status: backport + +Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com> + +--- a/configure.in ++++ b/configure.in +@@ -80,7 +80,10 @@ + AC_CHECK_HEADERS(termios.h linux/if_tun.h) + AC_CHECK_HEADERS(net/if_dl.h) + AC_CHECK_HEADERS(linux/types.h) +-AC_CHECK_HEADER(linux/errqueue.h, AC_DEFINE(HAVE_LINUX_ERRQUEUE_H), [], [#include <linux/types.h>]) ++AC_CHECK_HEADER(linux/errqueue.h, AC_DEFINE(HAVE_LINUX_ERRQUEUE_H), [], [AC_INCLUDES_DEFAULT ++ #if HAVE_LINUX_TYPES_H ++ #include <linux/types.h> ++ #endif]) + AC_CHECK_HEADERS(sys/utsname.h sys/select.h sys/file.h) + AC_CHECK_HEADERS(util.h bsd/libutil.h libutil.h sys/stropts.h regex.h) + AC_CHECK_HEADERS(linux/fs.h linux/ext2_fs.h) diff --git a/meta/recipes-connectivity/socat/socat_1.7.2.4.bb b/meta/recipes-connectivity/socat/socat_1.7.2.4.bb index efa3b91c16..9e43e160e3 100644 --- a/meta/recipes-connectivity/socat/socat_1.7.2.4.bb +++ b/meta/recipes-connectivity/socat/socat_1.7.2.4.bb @@ -14,6 +14,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ SRC_URI = "http://www.dest-unreach.org/socat/download/socat-${PV}.tar.bz2 \ file://fix-cross-compiling-failed.patch \ + file://socat-1.7.2.4-linux-3.17.patch \ " SRC_URI[md5sum] = "69b8155dd442a6f24e28ef5407d868eb" @@ -26,6 +27,7 @@ EXTRA_AUTORECONF += "--exclude=autoheader" EXTRA_OECONF += "ac_cv_have_z_modifier=yes sc_cv_sys_crdly_shift=9 \ sc_cv_sys_tabdly_shift=11 sc_cv_sys_csize_shift=4 \ ac_cv_ispeed_offset=13 \ + ac_cv_header_bsd_libutil_h=no \ " PACKAGECONFIG ??= "tcp-wrappers" diff --git a/meta/recipes-connectivity/telepathy/libtelepathy/doublefix.patch b/meta/recipes-connectivity/telepathy/libtelepathy/doublefix.patch deleted file mode 100644 index a7737fbf03..0000000000 --- a/meta/recipes-connectivity/telepathy/libtelepathy/doublefix.patch +++ /dev/null @@ -1,18 +0,0 @@ -Fix double reference to this file to work with recent autoconf+automake - -RP 1/2/10 - -Upstream-Status: Inappropriate [configuration] - -Index: libtelepathy-0.3.3/src/Makefile.am -=================================================================== ---- libtelepathy-0.3.3.orig/src/Makefile.am 2010-02-01 13:13:50.869038984 +0000 -+++ libtelepathy-0.3.3/src/Makefile.am 2010-02-01 13:14:23.267789456 +0000 -@@ -27,7 +27,6 @@ - tp-chan-type-text-gen.h \ - tp-chan-type-tubes-gen.h \ - tp-conn-iface-aliasing-gen.h \ -- tp-conn-iface-avatars-gen.h \ - tp-conn-iface-capabilities-gen.h \ - tp-conn-iface-contact-info-gen.h \ - tp-conn-iface-forwarding-gen.h \ diff --git a/meta/recipes-connectivity/telepathy/libtelepathy/prefer_python_2.5.patch b/meta/recipes-connectivity/telepathy/libtelepathy/prefer_python_2.5.patch deleted file mode 100644 index 37679ab761..0000000000 --- a/meta/recipes-connectivity/telepathy/libtelepathy/prefer_python_2.5.patch +++ /dev/null @@ -1,15 +0,0 @@ -Upstream-Status: Inappropriate [configuration] - -Index: libtelepathy-0.3.1/configure.ac -=================================================================== ---- libtelepathy-0.3.1.orig/configure.ac 2007-11-22 19:05:56.000000000 +0000 -+++ libtelepathy-0.3.1/configure.ac 2008-01-04 12:07:28.000000000 +0000 -@@ -51,7 +51,7 @@ - AC_MSG_ERROR([xsltproc (from the libxslt source package) is required]) - fi - --AC_CHECK_PROGS([PYTHON], [python2.3 python2.4 python2.5 python]) -+AC_CHECK_PROGS([PYTHON], [python2.5 python2.4 python2.3 python]) - if test -z "$PYTHON"; then - AC_MSG_ERROR([Python is required to compile this package]) - fi diff --git a/meta/recipes-connectivity/telepathy/libtelepathy_0.3.3.bb b/meta/recipes-connectivity/telepathy/libtelepathy_0.3.3.bb deleted file mode 100644 index f13e7093c8..0000000000 --- a/meta/recipes-connectivity/telepathy/libtelepathy_0.3.3.bb +++ /dev/null @@ -1,23 +0,0 @@ -SUMMARY = "Telepathy framework" -DESCRIPTION = "Telepathy is a D-Bus framework for unifying real time \ -communication, including instant messaging, voice calls and video calls. It \ -abstracts differences between protocols to provide a unified interface for \ -applications." -HOMEPAGE = "http://telepathy.freedesktop.org/wiki/" -DEPENDS = "glib-2.0 dbus dbus-glib telepathy-glib libxslt-native" -LICENSE = "LGPLv2.1+" -LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343 \ - file://src/tp-conn.c;beginline=1;endline=19;md5=4c58069f77d601cc59200bce5396c7cb" -PR = "r5" - -SRC_URI = "http://telepathy.freedesktop.org/releases/libtelepathy/libtelepathy-${PV}.tar.gz \ - file://prefer_python_2.5.patch \ - file://doublefix.patch" - -SRC_URI[md5sum] = "490ca1a0c614d4466394b72d43bf7370" -SRC_URI[sha256sum] = "e0d230be855125163579743418203c6f6be2f10f98c4f065735c1dc9ed115878" - -inherit autotools pkgconfig pythonnative - -FILES_${PN} += "${datadir}/telepathy \ - ${datadir}/dbus-1" diff --git a/meta/recipes-connectivity/telepathy/telepathy-glib_0.24.0.bb b/meta/recipes-connectivity/telepathy/telepathy-glib_0.24.0.bb deleted file mode 100644 index 6b8c20c381..0000000000 --- a/meta/recipes-connectivity/telepathy/telepathy-glib_0.24.0.bb +++ /dev/null @@ -1,16 +0,0 @@ -SUMMARY = "Telepathy Framework glib-base helper library" -DESCRIPTION = "Telepathy Framework: GLib-based helper library for connection managers" -HOMEPAGE = "http://telepathy.freedesktop.org/wiki/" -DEPENDS = "glib-2.0 dbus python-native-runtime dbus-native dbus-glib libxslt-native" -LICENSE = "LGPLv2.1+" - -SRC_URI = "http://telepathy.freedesktop.org/releases/telepathy-glib/${BP}.tar.gz" -SRC_URI[md5sum] = "93c429e37750b25dcf8de86bb514664f" -SRC_URI[sha256sum] = "ae0002134991217f42e503c43dea7817853afc18863b913744d51ffa029818cf" - -LIC_FILES_CHKSUM = "file://COPYING;md5=e413d83db6ee8f2c8e6055719096a48e" - -inherit autotools pkgconfig gettext - -FILES_${PN} += "${datadir}/telepathy \ - ${datadir}/dbus-1" diff --git a/meta/recipes-connectivity/telepathy/telepathy-idle/fix-svc-gtk-doc.h-target.patch b/meta/recipes-connectivity/telepathy/telepathy-idle/fix-svc-gtk-doc.h-target.patch deleted file mode 100644 index 2cd2c78c31..0000000000 --- a/meta/recipes-connectivity/telepathy/telepathy-idle/fix-svc-gtk-doc.h-target.patch +++ /dev/null @@ -1,15 +0,0 @@ -Upstream-Status: Pending - -Signed-off-by: Constantin Musca <constantinx.musca@intel.com> ---- a/extensions/Makefile.am -+++ b/extensions/Makefile.am -@@ -37,8 +37,8 @@ _gen/all.xml: all.xml $(wildcard $(srcdi - --xinclude $(tools_dir)/identity.xsl \ - $< > $@ - --extensions.html: _gen/all.xml $(tools_dir)/doc-generator.xsl -+extensions.html _gen/svc-gtk-doc.h: _gen/all.xml $(tools_dir)/doc-generator.xsl - $(AM_V_GEN)$(XSLTPROC) $(XSLTPROCFLAGS) \ - $(tools_dir)/doc-generator.xsl \ - $< > $@ - diff --git a/meta/recipes-connectivity/telepathy/telepathy-idle_0.2.0.bb b/meta/recipes-connectivity/telepathy/telepathy-idle_0.2.0.bb deleted file mode 100644 index ca09f6daf3..0000000000 --- a/meta/recipes-connectivity/telepathy/telepathy-idle_0.2.0.bb +++ /dev/null @@ -1,17 +0,0 @@ -SUMMARY = "Telepathy IRC connection manager" -DESCRIPTION = "Telepathy implementation of the Internet Relay Chat protocols." -HOMEPAGE = "http://telepathy.freedesktop.org/wiki/" -DEPENDS = "glib-2.0 dbus telepathy-glib openssl libxslt-native" -LICENSE = "LGPLv2.1" -LIC_FILES_CHKSUM = "file://COPYING;md5=2d5025d4aa3495befef8f17206a5b0a1 \ - file://src/idle.c;beginline=1;endline=19;md5=b06b1e2594423111a1a7910b0eefc7f9" - -SRC_URI = "http://telepathy.freedesktop.org/releases/${BPN}/${BPN}-${PV}.tar.gz \ - file://fix-svc-gtk-doc.h-target.patch" -SRC_URI[md5sum] = "92a2de5198284cbd3c430b0d1a971a86" -SRC_URI[sha256sum] = "3013ad4b38d14ee630b8cc8ada5e95ccaa849b9a6fe15d2eaf6d0717d76f2fab" - -inherit autotools pkgconfig pythonnative - -FILES_${PN} += "${datadir}/telepathy \ - ${datadir}/dbus-1" diff --git a/meta/recipes-connectivity/telepathy/telepathy-mission-control/tmc-Makefile-fix-race.patch b/meta/recipes-connectivity/telepathy/telepathy-mission-control/tmc-Makefile-fix-race.patch deleted file mode 100644 index ece1da6bc3..0000000000 --- a/meta/recipes-connectivity/telepathy/telepathy-mission-control/tmc-Makefile-fix-race.patch +++ /dev/null @@ -1,76 +0,0 @@ -From: Robert Yang <liezhi.yang@windriver.com> -Date: Sun, 22 Sep 2013 23:21:01 -0400 -Subject: [PATCH] src/Makefile.am: fix race issue for _gen/gtypes.h and _gen/gtypes-body.h - -There might be an error when parallel build: - -[snip] -Traceback (most recent call last): - File "/path/to/tools/glib-gtypes-generator.py", line 304, in <module> - GTypesGenerator(dom, argv[1], argv[2])() - File "/path/to/tools/glib-gtypes-generator.py", line 295, in __call__ - file_set_contents(self.output + '.h', ''.join(self.header)) - File "/path/to/tools/libtpcodegen.py", line 42, in file_set_contents - os.rename(filename + '.tmp', filename) -OSError: [Errno 2] No such file or directory -[snip] - -This is a race issue, the _gen/gtypes.h and _gen/gtypes-body.h may -write(remove/rename) _gen/gtypes.tmp at the same time, then there would -be the error. - -There was a similar bug in telepathy-glib which was already fixed, we use the -similar patch to fix it. - -Upstream-Status: Pending - -Signed-off-by: Robert Yang <liezhi.yang@windriver.com> ---- - src/Makefile.am | 18 +++++++++++++++--- - 1 file changed, 15 insertions(+), 3 deletions(-) - -diff --git a/src/Makefile.am b/src/Makefile.am ---- a/src/Makefile.am -+++ b/src/Makefile.am -@@ -288,7 +288,11 @@ _gen/interfaces-body.h: _gen/mcd.xml \ - $(tools_dir)/glib-interfaces-body-generator.xsl \ - $< > $@ - --_gen/gtypes.h _gen/gtypes-body.h: _gen/mcd.xml \ -+# do nothing, output as a side-effect -+_gen/gtypes.h: _gen/gtypes-body.h -+ @: -+ -+_gen/gtypes-body.h: _gen/mcd.xml \ - $(top_srcdir)/tools/glib-gtypes-generator.py - $(AM_V_GEN)$(PYTHON) $(top_srcdir)/tools/glib-gtypes-generator.py \ - $< _gen/gtypes mc -@@ -309,7 +313,11 @@ _gen/%.xml: %.xml $(wildcard $(top_srcdir)/xml/*.xml) Makefile.am - $(AM_V_GEN)$(XSLTPROC) $(XSLTPROCFLAGS) --xinclude $(tools_dir)/identity.xsl \ - $< > $@ - --_gen/cli-%-body.h _gen/cli-%.h: _gen/%.xml \ -+# do nothing, output as a side-effect -+_gen/cli-%.h: _gen/cli-%-body.h -+ @: -+ -+_gen/cli-%-body.h: _gen/%.xml \ - $(tools_dir)/glib-client-gen.py Makefile.am - $(AM_V_GEN)$(PYTHON) $(tools_dir)/glib-client-gen.py \ - --group=`echo $* | tr x- x_` \ -@@ -317,7 +325,11 @@ _gen/cli-%-body.h _gen/cli-%.h: _gen/%.xml \ - --tp-proxy-api=0.7.6 \ - $< Mc_Cli _gen/cli-$* - --_gen/svc-%.c _gen/svc-%.h: _gen/%.xml \ -+# do nothing, output as a side-effect -+_gen/svc-%.h: _gen/svc-%.c -+ @: -+ -+_gen/svc-%.c: _gen/%.xml \ - $(tools_dir)/glib-ginterface-gen.py Makefile.am - $(AM_V_GEN)$(PYTHON) $(tools_dir)/glib-ginterface-gen.py \ - --filename=_gen/svc-$* \ --- -1.7.10.4 - diff --git a/meta/recipes-connectivity/telepathy/telepathy-mission-control_5.16.1.bb b/meta/recipes-connectivity/telepathy/telepathy-mission-control_5.16.1.bb deleted file mode 100644 index 9ae68ddea9..0000000000 --- a/meta/recipes-connectivity/telepathy/telepathy-mission-control_5.16.1.bb +++ /dev/null @@ -1,51 +0,0 @@ -SUMMARY = "Central control for Telepathy IM connection managers" -HOMEPAGE = "http://telepathy.freedesktop.org/wiki/Mission_Control/" -LICENSE = "LGPLv2.1+" -LIC_FILES_CHKSUM = "file://COPYING;md5=d8045f3b8f929c1cb29a1e3fd737b499 \ - file://src/request.h;beginline=1;endline=21;md5=f80534d9af1c33291b3b79609f196eb2" -SECTION = "libs" -DEPENDS = "libtelepathy dbus-glib gconf libxslt-native" - -SRC_URI = "http://telepathy.freedesktop.org/releases/telepathy-mission-control/${BP}.tar.gz \ - file://tmc-Makefile-fix-race.patch \ - " -SRC_URI[md5sum] = "421115a35b9e427807326877f86e7f43" -SRC_URI[sha256sum] = "14ceb7d53535b43d44b8271ad11319d1d0fe6d193d154636b9e62b42799b9723" - -inherit autotools-brokensep pkgconfig pythonnative - -PACKAGECONFIG ??= "" -PACKAGECONFIG[upower] = "--enable-upower,--disable-upower,upower" - -# to select connman or nm you need to use "connectivity" and "connman" or "nm", default is to disable both -PACKAGECONFIG[connectivity] = ",--with-connectivity=no" -PACKAGECONFIG[connman] = "--with-connectivity=connman,,connman" -PACKAGECONFIG[nm] = "--with-connectivity=nm,,networkmanager" - -PACKAGES =+ " \ - libmissioncontrol \ - libmissioncontrol-config \ - libmissioncontrol-server \ - libmissioncontrol-dev \ - libmissioncontrol-config-dev \ - libmissioncontrol-server-dev \ - libmissioncontrol-dbg \ - libmissioncontrol-config-dbg \ - libmissioncontrol-server-dbg \ -" - -FILES_${PN} += "${datadir}/dbus* ${datadir}/glib-2.0/schemas" - -FILES_libmissioncontrol = "${libdir}/libmissioncontrol.so.*" -FILES_libmissioncontrol-config = "${libdir}/libmissioncontrol-config.so.*" -FILES_libmissioncontrol-server = "${libdir}/libmissioncontrol-server.so.*" - -FILES_libmissioncontrol-dev = "${libdir}/libmissioncontrol.* \ - ${includedir}/libmissioncontrol/ \ - ${libdir}/pkgconfig/libmissioncontrol.pc" -FILES_libmissioncontrol-config-dev = "${libdir}/libmissioncontrol-config.*" -FILES_libmissioncontrol-server-dev = "${libdir}/libmissioncontrol-server.*" - -FILES_libmissioncontrol-dbg = "${libdir}/.debug/libmissioncontrol.so.*" -FILES_libmissioncontrol-config-dbg = "${libdir}/.debug/libmissioncontrol-config.so.*" -FILES_libmissioncontrol-server-dbg = "${libdir}/.debug/libmissioncontrol-server.so.*" diff --git a/meta/recipes-connectivity/telepathy/telepathy-python-0.15.19/parallel_make.patch b/meta/recipes-connectivity/telepathy/telepathy-python-0.15.19/parallel_make.patch deleted file mode 100644 index 248824606e..0000000000 --- a/meta/recipes-connectivity/telepathy/telepathy-python-0.15.19/parallel_make.patch +++ /dev/null @@ -1,43 +0,0 @@ -Add dependency of __init__.py - -Tasks must be done after exec of __init__, which creates the -src/_generated directory that tasks are based on. - -Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com> - -Upstream-Status: Submitted -(However it seems that this project is out of maintanence.) - -diff -ruN telepathy-python-0.15.19-orig/src/Makefile.am telepathy-python-0.15.19/src/Makefile.am ---- telepathy-python-0.15.19-orig/src/Makefile.am 2011-03-10 08:51:49.000000000 +0800 -+++ telepathy-python-0.15.19/src/Makefile.am 2011-03-10 08:54:45.000000000 +0800 -@@ -39,17 +39,17 @@ - XSLTPROC_OPTS = --nonet --novalid --xinclude - tools_dir = $(top_srcdir)/tools - --_generated/interfaces.py: $(tools_dir)/python-interfaces-generator.xsl $(wildcard $(spec_dir)/*.xml) -+_generated/interfaces.py: _generated/__init__.py $(tools_dir)/python-interfaces-generator.xsl $(wildcard $(spec_dir)/*.xml) - $(AM_V_GEN)$(XSLTPROC) $(XSLTPROC_OPTS) -o $@ \ - $(tools_dir)/python-interfaces-generator.xsl \ - $(spec_dir)/all.xml - --_generated/constants.py: $(tools_dir)/python-constants-generator.xsl $(wildcard $(spec_dir)/*.xml) -+_generated/constants.py: _generated/__init__.py $(tools_dir)/python-constants-generator.xsl $(wildcard $(spec_dir)/*.xml) - $(AM_V_GEN)$(XSLTPROC) $(XSLTPROC_OPTS) -o $@ \ - $(tools_dir)/python-constants-generator.xsl \ - $(spec_dir)/all.xml - --_generated/errors.py: $(tools_dir)/python-errors-generator.xsl $(wildcard $(spec_dir)/*.xml) -+_generated/errors.py: _generated/__init__.py $(tools_dir)/python-errors-generator.xsl $(wildcard $(spec_dir)/*.xml) - $(AM_V_GEN)$(XSLTPROC) $(XSLTPROC_OPTS) -o $@ \ - $(tools_dir)/python-errors-generator.xsl \ - $(spec_dir)/all.xml -@@ -58,7 +58,7 @@ - $(AM_V_GEN)$(mkdir_p) $(dir $@) - @echo "# Placeholder for package" > $@ - --_generated/%.py: $(tools_dir)/spec-to-python.xsl $(spec_dir)/%.xml -+_generated/%.py: _generated/__init__.py $(tools_dir)/spec-to-python.xsl $(spec_dir)/%.xml - $(AM_V_GEN)$(XSLTPROC) $(XSLTPROC_OPTS) -o $@ \ - $(tools_dir)/spec-to-python.xsl \ - $(spec_dir)/$*.xml diff --git a/meta/recipes-connectivity/telepathy/telepathy-python-0.15.19/remove_duplicate_install.patch b/meta/recipes-connectivity/telepathy/telepathy-python-0.15.19/remove_duplicate_install.patch deleted file mode 100644 index df95a4c138..0000000000 --- a/meta/recipes-connectivity/telepathy/telepathy-python-0.15.19/remove_duplicate_install.patch +++ /dev/null @@ -1,26 +0,0 @@ -commit f6c67662145de889055a86a6b3b12c70a45fc8d5 -Author: Dongxiao Xu <dongxiao.xu@intel.com> -Date: Wed Sep 7 16:02:20 2011 +0800 - - Avoid duplicated installation of errors.py - - newer version of autotools don't seem to like listing files to install - twice. Remove one errors.py from the installation list. - - Signed-off-by: Dongxiao Xu <dongxiao.xu@intel.com> - - Upstream-Status: Inappropirate [upstream inactive] - -diff --git a/src/Makefile.am b/src/Makefile.am -index 5c27dfe..7536e43 100644 ---- a/src/Makefile.am -+++ b/src/Makefile.am -@@ -11,7 +11,7 @@ telepathy_PYTHON = \ - - # telepathy._generated.* auto-generated modules - spec_dir = $(top_srcdir)/spec --spec_files := $(patsubst $(spec_dir)%.xml,_generated%.py,$(wildcard $(spec_dir)/*.xml)) -+spec_files := $(filter-out _generated/errors.py, $(patsubst $(spec_dir)%.xml,_generated%.py,$(wildcard $(spec_dir)/*.xml))) - - BUILT_SOURCES = \ - _generated/interfaces.py \ diff --git a/meta/recipes-connectivity/telepathy/telepathy-python-0.15.19/telepathy-python_fix_for_automake_1.12.patch b/meta/recipes-connectivity/telepathy/telepathy-python-0.15.19/telepathy-python_fix_for_automake_1.12.patch deleted file mode 100644 index f613fdce4d..0000000000 --- a/meta/recipes-connectivity/telepathy/telepathy-python-0.15.19/telepathy-python_fix_for_automake_1.12.patch +++ /dev/null @@ -1,26 +0,0 @@ -Upstream-Status: Pending - -automake 1.12 has deprecated use of mkdir_p, and it recommends -use of MKDIR_P instead. Changed the code to avoid these kind -of warning-errors. - -| make[1]: _generated/: Command not found -| make[1]: *** [_generated/__init__.py] Error 127 -| make[1]: Leaving directory `/srv/home/nitin/builds2/build0/tmp/work/i586-poky-linux/telepathy-python-0.15.19-r4/telepathy-python-0.15.19/src' -| make: *** [all-recursive] Error 1 - -Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> -2012/07/10 -Index: telepathy-python-0.15.19/src/Makefile.am -=================================================================== ---- telepathy-python-0.15.19.orig/src/Makefile.am -+++ telepathy-python-0.15.19/src/Makefile.am -@@ -55,7 +55,7 @@ _generated/errors.py: _generated/__init_ - $(spec_dir)/all.xml - - _generated/__init__.py: -- $(AM_V_GEN)$(mkdir_p) $(dir $@) -+ $(AM_V_GEN)$(MKDIR_P) $(dir $@) - @echo "# Placeholder for package" > $@ - - _generated/%.py: _generated/__init__.py $(tools_dir)/spec-to-python.xsl $(spec_dir)/%.xml diff --git a/meta/recipes-connectivity/telepathy/telepathy-python_0.15.19.bb b/meta/recipes-connectivity/telepathy/telepathy-python_0.15.19.bb deleted file mode 100644 index 17167022b9..0000000000 --- a/meta/recipes-connectivity/telepathy/telepathy-python_0.15.19.bb +++ /dev/null @@ -1,32 +0,0 @@ -SUMMARY = "Telepathy IM framework - Python package" -HOMEPAGE = "http://telepathy.freedesktop.org/wiki/" -LICENSE = "LGPLv2.1+" -LIC_FILES_CHKSUM = "file://COPYING;md5=2d5025d4aa3495befef8f17206a5b0a1 \ - file://src/utils.py;beginline=1;endline=17;md5=9a07d1a9791a7429a14e7b25c6c86822" - -DEPENDS = "libxslt-native" -RDEPENDS_${PN} += "python-dbus" - -SRC_URI = "http://telepathy.freedesktop.org/releases/${BPN}/${BPN}-${PV}.tar.gz \ - file://parallel_make.patch \ - file://remove_duplicate_install.patch \ - file://telepathy-python_fix_for_automake_1.12.patch" - -PR = "r6" - -inherit autotools pythonnative - -SRC_URI[md5sum] = "f7ca25ab3c88874015b7e9728f7f3017" -SRC_URI[sha256sum] = "244c0e1bf4bbd78ae298ea659fe10bf3a73738db550156767cc2477aedf72376" - -FILES_${PN} += "\ - ${libdir}/python*/site-packages/telepathy/*.py \ - ${libdir}/python*/site-packages/telepathy/*/*.py \ - " - -do_install_append () { - rm -f ${D}${libdir}/python*/site-packages/telepathy/*.pyc - rm -f ${D}${libdir}/python*/site-packages/telepathy/*.pyo - rm -f ${D}${libdir}/python*/site-packages/telepathy/*/*.pyc - rm -f ${D}${libdir}/python*/site-packages/telepathy/*/*.pyo -} diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant.inc b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant.inc index 7923bb94a3..6f0de3cab8 100644 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant.inc +++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant.inc @@ -26,8 +26,8 @@ SRC_URI = "http://hostap.epitest.fi/releases/wpa_supplicant-${PV}.tar.gz \ file://99_wpa_supplicant \ file://fix-libnl3-host-contamination.patch \ " -SRC_URI[md5sum] = "238e8e888bbd558e1a57e3eb28d1dd07" -SRC_URI[sha256sum] = "e0d8b8fd68a659636eaba246bb2caacbf53d22d53b2b6b90eb4b4fef0993c8ed" +SRC_URI[md5sum] = "f2ed8fef72cf63d8d446a2d0a6da630a" +SRC_URI[sha256sum] = "eaaa5bf3055270e521b2dff64f2d203ec8040f71958b8588269a82c00c9d7b6a" S = "${WORKDIR}/wpa_supplicant-${PV}" @@ -38,8 +38,10 @@ FILES_${PN} += "${datadir}/dbus-1/system-services/*" CONFFILES_${PN} += "${sysconfdir}/wpa_supplicant.conf" do_configure () { + ${MAKE} -C wpa_supplicant clean install -m 0755 ${WORKDIR}/defconfig wpa_supplicant/.config echo "CFLAGS +=\"-I${STAGING_INCDIR}/libnl3\"" >> wpa_supplicant/.config + echo "DRV_CFLAGS +=\"-I${STAGING_INCDIR}/libnl3\"" >> wpa_supplicant/.config if echo "${PACKAGECONFIG}" | grep -qw "openssl"; then ssl=openssl diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/fix-libnl3-host-contamination.patch b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/fix-libnl3-host-contamination.patch index eb8036f50c..e899c1655d 100644 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/fix-libnl3-host-contamination.patch +++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/fix-libnl3-host-contamination.patch @@ -15,15 +15,15 @@ diff --git a/src/drivers/drivers.mak b/src/drivers/drivers.mak index 68ff910..1f38f57 100644 --- a/src/drivers/drivers.mak +++ b/src/drivers/drivers.mak -@@ -30,7 +30,7 @@ NEED_RFKILL=y +@@ -35,7 +35,7 @@ NEED_RFKILL=y ifdef CONFIG_LIBNL32 DRV_LIBS += -lnl-3 DRV_LIBS += -lnl-genl-3 - DRV_CFLAGS += -DCONFIG_LIBNL20 -I/usr/include/libnl3 + DRV_CFLAGS += -DCONFIG_LIBNL20 - else - ifdef CONFIG_LIBNL_TINY - DRV_LIBS += -lnl-tiny + ifdef CONFIG_LIBNL3_ROUTE + DRV_LIBS += -lnl-route-3 + DRV_CFLAGS += -DCONFIG_LIBNL3_ROUTE diff --git a/src/drivers/drivers.mk b/src/drivers/drivers.mk index db8561a..c93e88d 100644 --- a/src/drivers/drivers.mk @@ -34,9 +34,9 @@ index db8561a..c93e88d 100644 DRV_LIBS += -lnl-genl-3 - DRV_CFLAGS += -DCONFIG_LIBNL20 -I/usr/include/libnl3 + DRV_CFLAGS += -DCONFIG_LIBNL20 - else - ifdef CONFIG_LIBNL_TINY - DRV_LIBS += -lnl-tiny + ifdef CONFIG_LIBNL3_ROUTE + DRV_LIBS += -lnl-route-3 + DRV_CFLAGS += -DCONFIG_LIBNL3_ROUTE -- 1.7.10.4 diff --git a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.2.bb b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.3.bb index afd0654016..afd0654016 100644 --- a/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.2.bb +++ b/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.3.bb |