OpenPOWER buildroot sources https://git.raptorcs.com/git/buildroot/atom?h=2017.08 2017-07-29T13:52:19+00:00 2017-07-29T13:52:19+00:00 Baruch Siach baruch@tkos.co.il 2017-07-28T04:28:13+00:00 urn:sha1:908960d98ff0c88b93a916b857daf84e39182581 The --without-libgcrypt configure parameter is not enough to disable the libgcrypt back-end. This breaks the build when mbedtls (default backend) is enabled, and libgcrypt builds before libssh2. Seed ac_cv_libgcrypt to really disable libgcrypt when it is not the selected crypto back-end. Fixes: http://autobuild.buildroot.net/results/b4e/b4e39890e003e9e590a5bf17c9300c653020d88c/ http://autobuild.buildroot.net/results/45a/45a9b3559ceea4e1399794f9612f717f7c57a4a3/ http://autobuild.buildroot.net/results/ae4/ae4afec62ca297df1cd02350601f1d62fc3cd1b7/ Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2017-07-11T19:34:56+00:00 Baruch Siach baruch@tkos.co.il 2017-07-10T17:35:54+00:00 urn:sha1:714df4cfed026cee2949131062e499b6c0fadd5d libssh2 support mbedtls as crypto back-end library since version 1.8.0. Default to mbedtls since it's smaller than either libgcrypt or openssl. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2017-07-09T21:10:22+00:00 Baruch Siach baruch@tkos.co.il 2017-07-09T19:05:24+00:00 urn:sha1:816ba1cee50e9808702304f137de688ce2908d62 libssh2 uses the implicit 'yes' argument of the --with-libgcrypt parameter as a library path prefix, which breaks the build. Pass the library path as --with-libgcrypt argument to fix that. Drop the unneeded --with-libgcrypt-prefix. Fixes: http://autobuild.buildroot.net/results/ac3/ac3a3f5871a6c20f5407a468809682ce491b9cb3/ http://autobuild.buildroot.net/results/ba3/ba31fa11b2ce2875649414dd9093e039dfc129e8/ http://autobuild.buildroot.net/results/b07/b07bbbf7fe164ba6dc435de6d8b41fadff7a3b08/ Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2017-07-09T09:12:22+00:00 Baruch Siach baruch@tkos.co.il 2017-07-09T01:35:51+00:00 urn:sha1:0dcf75eb7dfc545ddf47a156b76bedb2a2d86526 Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-09-11T20:49:04+00:00 Yann E. MORIN yann.morin.1998@free.fr 2016-09-08T21:11:48+00:00 urn:sha1:d8a2955a2b82d75f3684e846b0c2411294233eea Since 2f89476 (package/libgpg-error: bump to version 1.23), libssh2 has inherited the dependency from libgcrypt (propagated from libgpg-error). However, since libssh2 can use either openssl or libgcrypt as a backend, the dependency should be relaxed when openssl is available. But the test is broken and inverted: it will make libssh unavailable as soon as openssl is enabled. Fix this dependenc byt doing what other similar packages do: select openssl if the other crypto backend (here libgcrypt) is not enabled. This also allows us to drop the propagated dependency on the arch condition. Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Arnout Vandecappelle <arnout@mind.be> Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Cc: Jörg Krause <joerg.krause@embedded.rocks> Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com> Cc: Romain Naour <romain.naour@openwide.fr> Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2016-02-24T16:36:35+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-02-24T12:01:44+00:00 urn:sha1:229ea8a18cf0f57e24fb13783a2fdf2e3ae7af13 Fixes: CVE-2016-0787 - diffie_hellman_sha256: convert bytes to bits. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2016-01-08T17:46:24+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2016-01-07T20:33:20+00:00 urn:sha1:18df1fd08813093402daf854dfbb9219d762efbf Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2015-07-14T22:42:01+00:00 Arnout Vandecappelle arnout@mind.be 2015-07-12T14:35:26+00:00 urn:sha1:7d69a79624b1f338950cd6cc650e029dd4d4b91a It is often difficult to know exactly when make will expand the variable, and usually it can only be expanded after the dependencies have been built (e.g. pkg-config or the .pc file). Using a backtick instead makes it very clear that it will be expanded only while executing the command. This change is useful for two cases: 1. The per-package staging (and host) directory will be created as part of the configure step, so any $(shell ...) variable that is used in the configure step will fail because the directory doesn't exist yet. 2. 'make printvars' evaluates the variables it prints. It will therefore trigger a lot of errors from missing .pc files and others. The backticks, on the other hand, are not expanded, so with this change the output of 'make printvars' becomes clean again. This commit contains only the easy changes: replace $(shell ...) with `...`, and also replace ' with " where needed. Follow-up commits will tackle the more complicated cases that need additional explanation. After this change, the following instances of $(shell ...) will remain: - All assignments that use := - All variables that are used in make conditionals (which don't expand the backticks). - All variables that only refer to system executables and make variables that don't change. - The calls to check-host-* in dependencies.mk, because it is eval'ed. [Original patch by Fabio Porcedda, but extended quite a bit by Arnout.] Signed-off-by: Fabio Porcedda <fabio.porcedda@gmail.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2015-03-11T16:09:59+00:00 Gustavo Zacarias gustavo@zacarias.com.ar 2015-03-11T14:09:51+00:00 urn:sha1:0df6ad5ddb5036dcc7400d79e83a803e1cac9908 Fixes CVE-2015-1782 - kex: bail out on rubbish in the incoming packet. Also add hash file. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2015-02-14T21:01:49+00:00 Romain Naour romain.naour@openwide.fr 2015-02-14T17:38:28+00:00 urn:sha1:3f335ed5508abe3a19e5e2106eb5339531cb4a82 Like for lingcrypt and openssl, help the configure script to find zlib installed in STAGING_DIR. Otherwise, It might find the one installed on the host: checking how to link with libz... /usr/lib/libz.so -Wl,-rpath -Wl,/usr/lib Fixes: http://autobuild.buildroot.net/results/93b/93b43e114f21a22f0f8b7d7dd6774c089c426cd1 Signed-off-by: Romain Naour <romain.naour@openwide.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>