summaryrefslogtreecommitdiffstats
path: root/poky/meta/recipes-connectivity
diff options
context:
space:
mode:
authorBrad Bishop <bradleyb@fuzziesquirrel.com>2018-12-16 17:11:34 -0800
committerBrad Bishop <bradleyb@fuzziesquirrel.com>2019-01-08 18:21:44 -0500
commit1a4b7ee28bf7413af6513fb45ad0d0736048f866 (patch)
tree79f6d8ea698cab8f2eaf4f54b793d2ca7a1451ce /poky/meta/recipes-connectivity
parent5b9ede0403237c7dace972affa65cf64a1aadd0e (diff)
downloadtalos-openbmc-1a4b7ee28bf7413af6513fb45ad0d0736048f866.tar.gz
talos-openbmc-1a4b7ee28bf7413af6513fb45ad0d0736048f866.zip
reset upstream subtrees to yocto 2.6
Reset the following subtrees on thud HEAD: poky: 87e3a9739d meta-openembedded: 6094ae18c8 meta-security: 31dc4e7532 meta-raspberrypi: a48743dc36 meta-xilinx: c42016e2e6 Also re-apply backports that didn't make it into thud: poky: 17726d0 systemd-systemctl-native: handle Install wildcards meta-openembedded: 4321a5d libtinyxml2: update to 7.0.1 042f0a3 libcereal: Add native and nativesdk classes e23284f libcereal: Allow empty package 030e8d4 rsyslog: curl-less build with fmhttp PACKAGECONFIG 179a1b9 gtest: update to 1.8.1 Squashed OpenBMC subtree compatibility updates: meta-aspeed: Brad Bishop (1): aspeed: add yocto 2.6 compatibility meta-ibm: Brad Bishop (1): ibm: prepare for yocto 2.6 meta-ingrasys: Brad Bishop (1): ingrasys: set layer compatibility to yocto 2.6 meta-openpower: Brad Bishop (1): openpower: set layer compatibility to yocto 2.6 meta-phosphor: Brad Bishop (3): phosphor: set layer compatibility to thud phosphor: libgpg-error: drop patches phosphor: react to fitimage artifact rename Ed Tanous (4): Dropbear: upgrade options for latest upgrade yocto2.6: update openssl options busybox: remove upstream watchdog patch systemd: Rebase CONFIG_CGROUP_BPF patch Change-Id: I7b1fe71cca880d0372a82d94b5fd785323e3a9e7 Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky/meta/recipes-connectivity')
-rw-r--r--poky/meta/recipes-connectivity/avahi/avahi-ui_0.7.bb16
-rw-r--r--poky/meta/recipes-connectivity/avahi/avahi.inc84
-rw-r--r--poky/meta/recipes-connectivity/avahi/avahi_0.7.bb84
-rw-r--r--poky/meta/recipes-connectivity/avahi/files/0001-Fix-opening-etc-resolv.conf-error.patch40
-rw-r--r--poky/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch27
-rw-r--r--poky/meta/recipes-connectivity/bind/bind/0001-configure.in-remove-useless-L-use_openssl-lib.patch32
-rw-r--r--poky/meta/recipes-connectivity/bind/bind/0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch13
-rw-r--r--poky/meta/recipes-connectivity/bind/bind/0001-lib-dns-gen.c-fix-too-long-error.patch13
-rw-r--r--poky/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch34
-rw-r--r--poky/meta/recipes-connectivity/bind/bind/CVE-2018-5740.patch72
-rw-r--r--poky/meta/recipes-connectivity/bind/bind/bind-confgen-build-unix.o-once.patch48
-rw-r--r--poky/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch13
-rw-r--r--poky/meta/recipes-connectivity/bind/bind/dont-test-on-host.patch17
-rw-r--r--poky/meta/recipes-connectivity/bind/bind/use-python3-and-fix-install-lib-path.patch36
-rw-r--r--poky/meta/recipes-connectivity/bind/bind_9.11.4.bb (renamed from poky/meta/recipes-connectivity/bind/bind_9.10.6.bb)90
-rw-r--r--poky/meta/recipes-connectivity/bluez5/bluez5.inc2
-rw-r--r--poky/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch45
-rw-r--r--poky/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch43
-rw-r--r--poky/meta/recipes-connectivity/bluez5/bluez5_5.50.bb (renamed from poky/meta/recipes-connectivity/bluez5/bluez5_5.48.bb)5
-rw-r--r--poky/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch8
-rw-r--r--poky/meta/recipes-connectivity/connman/connman/includes.patch14
-rw-r--r--poky/meta/recipes-connectivity/dhcp/dhcp.inc16
-rw-r--r--poky/meta/recipes-connectivity/dhcp/dhcp/0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch13
-rw-r--r--poky/meta/recipes-connectivity/dhcp/dhcp/0003-link-with-lcrypto.patch13
-rw-r--r--poky/meta/recipes-connectivity/dhcp/dhcp/0004-Fix-out-of-tree-builds.patch109
-rw-r--r--poky/meta/recipes-connectivity/dhcp/dhcp/0006-site.h-enable-gentle-shutdown.patch13
-rw-r--r--poky/meta/recipes-connectivity/dhcp/dhcp/0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch40
-rw-r--r--poky/meta/recipes-connectivity/dhcp/dhcp/0008-tweak-to-support-external-bind.patch69
-rw-r--r--poky/meta/recipes-connectivity/dhcp/dhcp/0010-build-shared-libs.patch205
-rw-r--r--poky/meta/recipes-connectivity/dhcp/dhcp/0011-Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch81
-rw-r--r--poky/meta/recipes-connectivity/dhcp/dhcp/0012-dhcp-correct-the-intention-for-xml2-lib-search.patch13
-rw-r--r--poky/meta/recipes-connectivity/dhcp/dhcp/0013-fixup_use_libbind.patch64
-rw-r--r--poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2017-3144.patch74
-rw-r--r--poky/meta/recipes-connectivity/dhcp/dhcp_4.3.6.bb35
-rw-r--r--poky/meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb21
-rw-r--r--poky/meta/recipes-connectivity/dhcp/files/dhcpd6.service2
-rw-r--r--poky/meta/recipes-connectivity/iproute2/iproute2.inc2
-rw-r--r--poky/meta/recipes-connectivity/iproute2/iproute2/0001-iproute2-de-bash-scripts.patch63
-rw-r--r--poky/meta/recipes-connectivity/iproute2/iproute2_4.18.0.bb (renamed from poky/meta/recipes-connectivity/iproute2/iproute2_4.14.1.bb)5
-rw-r--r--poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb17
-rw-r--r--poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info/multilibfix.patch18
-rw-r--r--poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb5
-rw-r--r--poky/meta/recipes-connectivity/nfs-utils/libnfsidmap/0001-include-sys-types.h-for-getting-u_-typedefs.patch27
-rw-r--r--poky/meta/recipes-connectivity/nfs-utils/libnfsidmap/Set_nobody_user_group.patch18
-rw-r--r--poky/meta/recipes-connectivity/nfs-utils/libnfsidmap/fix-ac-prereq.patch13
-rw-r--r--poky/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb27
-rw-r--r--poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-configure-Allow-to-explicitly-disable-nfsidmap.patch40
-rw-r--r--poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-include-stdint.h-for-UINT16_MAX-definition.patch27
-rw-r--r--poky/meta/recipes-connectivity/nfs-utils/nfs-utils/bugfix-adjust-statd-service-name.patch (renamed from poky/meta/recipes-connectivity/nfs-utils/files/bugfix-adjust-statd-service-name.patch)0
-rw-r--r--poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-1.2.3-sm-notify-res_init.patch37
-rw-r--r--poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-debianize-start-statd.patch (renamed from poky/meta/recipes-connectivity/nfs-utils/files/nfs-utils-debianize-start-statd.patch)0
-rw-r--r--poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-musl-limits.patch133
-rw-r--r--poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-musl-res_querydomain.patch22
-rw-r--r--poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.3.1.bb (renamed from poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.1.1.bb)15
-rw-r--r--poky/meta/recipes-connectivity/ofono/ofono_1.22.bb9
-rw-r--r--poky/meta/recipes-connectivity/ofono/ofono_1.24.bb9
-rw-r--r--poky/meta/recipes-connectivity/openssh/openssh/disable-ciphers-not-supported-by-OpenSSL-DES.patch39
-rw-r--r--poky/meta/recipes-connectivity/openssh/openssh/init12
-rw-r--r--poky/meta/recipes-connectivity/openssh/openssh/ssh_config12
-rw-r--r--poky/meta/recipes-connectivity/openssh/openssh/sshd_check_keys50
-rw-r--r--poky/meta/recipes-connectivity/openssh/openssh/sshd_config30
-rw-r--r--poky/meta/recipes-connectivity/openssh/openssh_7.8p1+git.bb (renamed from poky/meta/recipes-connectivity/openssh/openssh_7.6p1.bb)25
-rw-r--r--poky/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh (renamed from poky/meta/recipes-connectivity/openssl/openssl/environment.d-openssl.sh)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl/0001-Take-linking-flags-from-LDFLAGS-env-var.patch43
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch70
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl/0001-skip-test_symbol_presence.patch46
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl/0002-fix-CVE-2018-0734.patch108
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl/0003-fix-CVE-2018-0735.patch50
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl/run-ptest14
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/0001-Fix-build-with-clang-using-external-assembler.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/0001-Fix-build-with-clang-using-external-assembler.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/0001-allow-manpages-to-be-disabled.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/0001-allow-manpages-to-be-disabled.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/0001-fix-CVE-2018-0734.patch33
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/0001-openssl-force-soft-link-to-avoid-rare-race.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/0001-openssl-force-soft-link-to-avoid-rare-race.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/Makefiles-ptest.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/Makefiles-ptest.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/Use-SHA256-not-MD5-as-default-digest.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/Use-SHA256-not-MD5-as-default-digest.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/configure-musl-target.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/configure-musl-target.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/configure-targets.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/configure-targets.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/debian/c_rehash-compat.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/c_rehash-compat.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/debian/debian-targets.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/debian-targets.patch)4
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/debian/man-dir.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/man-dir.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/debian/man-section.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/man-section.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/debian/no-rpath.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/no-rpath.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/debian/no-symbolic.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/no-symbolic.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/debian/pic.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/pic.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/block_digicert_malaysia.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/block_digicert_malaysia.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/block_diginotar.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/block_diginotar.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/soname.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/soname.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/version-script.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/version-script.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/engines-install-in-libdir-ssl.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/engines-install-in-libdir-ssl.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/oe-ldflags.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/oe-ldflags.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/openssl-c_rehash.sh (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/openssl-c_rehash.sh)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/openssl-fix-des.pod-error.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/openssl-fix-des.pod-error.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/openssl_fix_for_x32.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/openssl_fix_for_x32.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/parallel.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/parallel.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/ptest-deps.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/ptest-deps.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/ptest_makefile_deps.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/ptest_makefile_deps.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/reproducible-cflags.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/reproducible-cflags.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/reproducible-mkbuildinf.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/reproducible-mkbuildinf.patch)0
-rwxr-xr-xpoky/meta/recipes-connectivity/openssl/openssl10/run-ptest (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/run-ptest)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10/shared-libs.patch (renamed from poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/shared-libs.patch)0
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl10_1.0.2p.bb (renamed from poky/meta/recipes-connectivity/openssl/openssl_1.0.2p.bb)95
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl_1.1.0i.bb170
-rw-r--r--poky/meta/recipes-connectivity/openssl/openssl_1.1.1.bb205
-rw-r--r--poky/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch84
-rw-r--r--poky/meta/recipes-connectivity/ppp/ppp_2.4.7.bb9
-rw-r--r--poky/meta/recipes-connectivity/socat/socat_1.7.3.2.bb19
-rw-r--r--poky/meta/recipes-connectivity/wireless-tools/wireless-tools/avoid_strip.patch21
-rw-r--r--poky/meta/recipes-connectivity/wireless-tools/wireless-tools/ldflags.patch22
-rw-r--r--poky/meta/recipes-connectivity/wireless-tools/wireless-tools/man.patch15
-rw-r--r--poky/meta/recipes-connectivity/wireless-tools/wireless-tools/remove.ldconfig.call.patch19
-rw-r--r--poky/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb50
111 files changed, 1614 insertions, 1622 deletions
diff --git a/poky/meta/recipes-connectivity/avahi/avahi-ui_0.7.bb b/poky/meta/recipes-connectivity/avahi/avahi-ui_0.7.bb
index 5648e386b..a77653bf5 100644
--- a/poky/meta/recipes-connectivity/avahi/avahi-ui_0.7.bb
+++ b/poky/meta/recipes-connectivity/avahi/avahi-ui_0.7.bb
@@ -1,31 +1,18 @@
-LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \
- file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \
- file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \
- file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \
- file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf"
-
require avahi.inc
inherit distro_features_check
ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}"
-SRC_URI[md5sum] = "d76c59d0882ac6c256d70a2a585362a6"
-SRC_URI[sha256sum] = "57a99b5dfe7fdae794e3d1ee7a62973a368e91e414bd0dfa5d84434de5b14804"
-
DEPENDS += "avahi"
AVAHI_GTK = "gtk3"
S = "${WORKDIR}/avahi-${PV}"
-PACKAGES = "${PN} ${PN}-utils ${PN}-dbg ${PN}-dev ${PN}-staticdev ${PN}-doc avahi-discover"
+PACKAGES += "${PN}-utils avahi-discover"
FILES_${PN} = "${libdir}/libavahi-ui*.so.*"
-FILES_${PN}-dev += "${libdir}/libavahi-ui${SOLIBSDEV}"
-FILES_${PN}-staticdev += "${libdir}/libavahi-ui.a"
-
FILES_${PN}-utils = "${bindir}/b* ${datadir}/applications/b*"
-
FILES_avahi-discover = "${datadir}/applications/avahi-discover.desktop \
${datadir}/avahi/interfaces/avahi-discover.ui \
${bindir}/avahi-discover-standalone \
@@ -59,4 +46,3 @@ do_install_append () {
rm ${D}${libdir}/girepository-1.0/ -rf
rm ${D}${datadir}/gir-1.0/ -rf
}
-
diff --git a/poky/meta/recipes-connectivity/avahi/avahi.inc b/poky/meta/recipes-connectivity/avahi/avahi.inc
index ec368de4f..11846849f 100644
--- a/poky/meta/recipes-connectivity/avahi/avahi.inc
+++ b/poky/meta/recipes-connectivity/avahi/avahi.inc
@@ -13,15 +13,19 @@ SECTION = "network"
# major part is under LGPLv2.1+, but several .dtd, .xsl, initscripts and
# python scripts are under GPLv2+
LICENSE = "GPLv2+ & LGPLv2.1+"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \
+ file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \
+ file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \
+ file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \
+ file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf"
-DEPENDS = "expat libcap libdaemon glib-2.0 intltool-native"
+SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV}.tar.gz"
-SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV}.tar.gz \
- file://00avahi-autoipd \
- file://99avahi-autoipd \
- file://initscript.patch \
- "
UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/"
+SRC_URI[md5sum] = "d76c59d0882ac6c256d70a2a585362a6"
+SRC_URI[sha256sum] = "57a99b5dfe7fdae794e3d1ee7a62973a368e91e414bd0dfa5d84434de5b14804"
+
+DEPENDS = "expat libcap libdaemon glib-2.0 intltool-native"
# For gtk related PACKAGECONFIGs: gtk, gtk3
AVAHI_GTK ?= ""
@@ -31,18 +35,7 @@ PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus"
PACKAGECONFIG[gtk] = "--enable-gtk,--disable-gtk,gtk+"
PACKAGECONFIG[gtk3] = "--enable-gtk3,--disable-gtk3,gtk+3"
-USERADD_PACKAGES = "avahi-daemon avahi-autoipd"
-USERADD_PARAM_avahi-daemon = "--system --home /run/avahi-daemon \
- --no-create-home --shell /bin/false \
- --user-group avahi"
-
-USERADD_PARAM_avahi-autoipd = "--system --home /run/avahi-autoipd \
- --no-create-home --shell /bin/false \
- --user-group \
- -c \"Avahi autoip daemon\" \
- avahi-autoipd"
-
-inherit autotools pkgconfig update-rc.d gettext useradd gobject-introspection
+inherit autotools pkgconfig gettext gobject-introspection
EXTRA_OECONF = "--with-avahi-priv-access-group=adm \
--disable-stack-protector \
@@ -73,67 +66,12 @@ do_compile_prepend() {
export GIR_EXTRA_LIBS_PATH="${B}/avahi-gobject/.libs:${B}/avahi-common/.libs:${B}/avahi-client/.libs:${B}/avahi-glib/.libs"
}
-PACKAGES =+ "avahi-daemon libavahi-common libavahi-core libavahi-client avahi-dnsconfd libavahi-glib libavahi-ui avahi-autoipd avahi-utils"
-
-# As avahi doesn't put any files into PN, clear the files list to avoid problems
-# if extra libraries appear.
-FILES_${PN} = ""
-FILES_avahi-autoipd = "${sbindir}/avahi-autoipd \
- ${sysconfdir}/avahi/avahi-autoipd.action \
- ${sysconfdir}/dhcp/*/avahi-autoipd \
- ${sysconfdir}/udhcpc.d/00avahi-autoipd \
- ${sysconfdir}/udhcpc.d/99avahi-autoipd"
-FILES_libavahi-common = "${libdir}/libavahi-common.so.*"
-FILES_libavahi-core = "${libdir}/libavahi-core.so.* ${libdir}/girepository-1.0/AvahiCore*.typelib"
-FILES_avahi-daemon = "${sbindir}/avahi-daemon \
- ${sysconfdir}/avahi/avahi-daemon.conf \
- ${sysconfdir}/avahi/hosts \
- ${sysconfdir}/avahi/services \
- ${sysconfdir}/dbus-1 \
- ${sysconfdir}/init.d/avahi-daemon \
- ${datadir}/avahi/introspection/*.introspect \
- ${datadir}/avahi/avahi-service.dtd \
- ${datadir}/avahi/service-types \
- ${datadir}/dbus-1/system-services"
-FILES_libavahi-client = "${libdir}/libavahi-client.so.*"
-FILES_libavahi-ui = "${libdir}/libavahi-ui.so.*"
-FILES_avahi-dnsconfd = "${sbindir}/avahi-dnsconfd \
- ${sysconfdir}/avahi/avahi-dnsconfd.action \
- ${sysconfdir}/init.d/avahi-dnsconfd"
-FILES_libavahi-glib = "${libdir}/libavahi-glib.so.*"
-FILES_libavahi-gobject = "${libdir}/libavahi-gobject.so.* ${libdir}/girepository-1.0/Avahi*.typelib"
-FILES_avahi-utils = "${bindir}/avahi-*"
-
-RDEPENDS_${PN}-dev = "avahi-daemon (= ${EXTENDPKGV}) libavahi-core (= ${EXTENDPKGV}) libavahi-client (= ${EXTENDPKGV})"
-
-RRECOMMENDS_avahi-daemon_append_libc-glibc = " libnss-mdns"
RRECOMMENDS_${PN}_append_libc-glibc = " libnss-mdns"
-CONFFILES_avahi-daemon = "${sysconfdir}/avahi/avahi-daemon.conf"
-
-INITSCRIPT_PACKAGES = "avahi-daemon avahi-dnsconfd"
-INITSCRIPT_NAME_avahi-daemon = "avahi-daemon"
-INITSCRIPT_PARAMS_avahi-daemon = "defaults 21 19"
-INITSCRIPT_NAME_avahi-dnsconfd = "avahi-dnsconfd"
-INITSCRIPT_PARAMS_avahi-dnsconfd = "defaults 22 19"
-
do_install() {
autotools_do_install
rm -rf ${D}/run
rm -rf ${D}${datadir}/dbus-1/interfaces
test -d ${D}${datadir}/dbus-1 && rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1
rm -rf ${D}${libdir}/avahi
-
- install -d ${D}${sysconfdir}/udhcpc.d
- install ${WORKDIR}/00avahi-autoipd ${D}${sysconfdir}/udhcpc.d
- install ${WORKDIR}/99avahi-autoipd ${D}${sysconfdir}/udhcpc.d
-}
-
-# At the time the postinst runs, dbus might not be setup so only restart if running
-# Don't exit early, because update-rc.d needs to run subsequently.
-
-pkg_postinst_avahi-daemon () {
-if [ -z "$D" ]; then
- killall -q -HUP dbus-daemon || true
-fi
}
diff --git a/poky/meta/recipes-connectivity/avahi/avahi_0.7.bb b/poky/meta/recipes-connectivity/avahi/avahi_0.7.bb
index 7c91f10f1..3d5f334a8 100644
--- a/poky/meta/recipes-connectivity/avahi/avahi_0.7.bb
+++ b/poky/meta/recipes-connectivity/avahi/avahi_0.7.bb
@@ -1,20 +1,80 @@
require avahi.inc
-inherit systemd
+SRC_URI += "file://00avahi-autoipd \
+ file://99avahi-autoipd \
+ file://initscript.patch \
+ file://0001-Fix-opening-etc-resolv.conf-error.patch \
+ "
+
+inherit update-rc.d systemd useradd
+
+PACKAGES =+ "libavahi-gobject avahi-daemon libavahi-common libavahi-core libavahi-client avahi-dnsconfd libavahi-glib avahi-autoipd avahi-utils"
+
+# As avahi doesn't put any files into PN, clear the files list to avoid problems
+# if extra libraries appear.
+FILES_${PN} = ""
+FILES_avahi-autoipd = "${sbindir}/avahi-autoipd \
+ ${sysconfdir}/avahi/avahi-autoipd.action \
+ ${sysconfdir}/dhcp/*/avahi-autoipd \
+ ${sysconfdir}/udhcpc.d/00avahi-autoipd \
+ ${sysconfdir}/udhcpc.d/99avahi-autoipd"
+FILES_libavahi-common = "${libdir}/libavahi-common.so.*"
+FILES_libavahi-core = "${libdir}/libavahi-core.so.* ${libdir}/girepository-1.0/AvahiCore*.typelib"
+FILES_avahi-daemon = "${sbindir}/avahi-daemon \
+ ${sysconfdir}/avahi/avahi-daemon.conf \
+ ${sysconfdir}/avahi/hosts \
+ ${sysconfdir}/avahi/services \
+ ${sysconfdir}/dbus-1 \
+ ${sysconfdir}/init.d/avahi-daemon \
+ ${datadir}/avahi/introspection/*.introspect \
+ ${datadir}/avahi/avahi-service.dtd \
+ ${datadir}/avahi/service-types \
+ ${datadir}/dbus-1/system-services"
+FILES_libavahi-client = "${libdir}/libavahi-client.so.*"
+FILES_avahi-dnsconfd = "${sbindir}/avahi-dnsconfd \
+ ${sysconfdir}/avahi/avahi-dnsconfd.action \
+ ${sysconfdir}/init.d/avahi-dnsconfd"
+FILES_libavahi-glib = "${libdir}/libavahi-glib.so.*"
+FILES_libavahi-gobject = "${libdir}/libavahi-gobject.so.* ${libdir}/girepository-1.0/Avahi*.typelib"
+FILES_avahi-utils = "${bindir}/avahi-*"
+
+RDEPENDS_${PN}-dev = "avahi-daemon (= ${EXTENDPKGV}) libavahi-core (= ${EXTENDPKGV}) libavahi-client (= ${EXTENDPKGV})"
+
+RRECOMMENDS_avahi-daemon_append_libc-glibc = " libnss-mdns"
+
+CONFFILES_avahi-daemon = "${sysconfdir}/avahi/avahi-daemon.conf"
+
+USERADD_PACKAGES = "avahi-daemon avahi-autoipd"
+USERADD_PARAM_avahi-daemon = "--system --home /run/avahi-daemon \
+ --no-create-home --shell /bin/false \
+ --user-group avahi"
+
+USERADD_PARAM_avahi-autoipd = "--system --home /run/avahi-autoipd \
+ --no-create-home --shell /bin/false \
+ --user-group \
+ -c \"Avahi autoip daemon\" \
+ avahi-autoipd"
+
+INITSCRIPT_PACKAGES = "avahi-daemon avahi-dnsconfd"
+INITSCRIPT_NAME_avahi-daemon = "avahi-daemon"
+INITSCRIPT_PARAMS_avahi-daemon = "defaults 21 19"
+INITSCRIPT_NAME_avahi-dnsconfd = "avahi-dnsconfd"
+INITSCRIPT_PARAMS_avahi-dnsconfd = "defaults 22 19"
SYSTEMD_PACKAGES = "${PN}-daemon ${PN}-dnsconfd"
SYSTEMD_SERVICE_${PN}-daemon = "avahi-daemon.service"
SYSTEMD_SERVICE_${PN}-dnsconfd = "avahi-dnsconfd.service"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \
- file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \
- file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \
- file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \
- file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf"
-
-SRC_URI[md5sum] = "d76c59d0882ac6c256d70a2a585362a6"
-SRC_URI[sha256sum] = "57a99b5dfe7fdae794e3d1ee7a62973a368e91e414bd0dfa5d84434de5b14804"
-
-DEPENDS += "intltool-native"
+do_install_append() {
+ install -d ${D}${sysconfdir}/udhcpc.d
+ install ${WORKDIR}/00avahi-autoipd ${D}${sysconfdir}/udhcpc.d
+ install ${WORKDIR}/99avahi-autoipd ${D}${sysconfdir}/udhcpc.d
+}
-PACKAGES =+ "libavahi-gobject"
+# At the time the postinst runs, dbus might not be setup so only restart if running
+# Don't exit early, because update-rc.d needs to run subsequently.
+pkg_postinst_avahi-daemon () {
+if [ -z "$D" ]; then
+ killall -q -HUP dbus-daemon || true
+fi
+}
diff --git a/poky/meta/recipes-connectivity/avahi/files/0001-Fix-opening-etc-resolv.conf-error.patch b/poky/meta/recipes-connectivity/avahi/files/0001-Fix-opening-etc-resolv.conf-error.patch
new file mode 100644
index 000000000..11e7e8a9b
--- /dev/null
+++ b/poky/meta/recipes-connectivity/avahi/files/0001-Fix-opening-etc-resolv.conf-error.patch
@@ -0,0 +1,40 @@
+From 78967814f5c37ed67f4cf64d70c9f76a03ee89bc Mon Sep 17 00:00:00 2001
+From: Chen Qi <Qi.Chen@windriver.com>
+Date: Wed, 20 Jun 2018 13:57:35 +0800
+Subject: [PATCH] Fix opening /etc/resolv.conf error
+
+Fix to start avahi-daemon after systemd-resolved.service. This is because
+/etc/resolv.conf is a link to /etc/resolv-conf.systemd which in turn is
+a symlink to /run/systemd/resolve/resolv.conf. And /run/systemd/resolve/resolv.conf
+is created by systemd-resolved.service by default in current OE's systemd
+based systems.
+
+This fixes errro like below.
+
+ Failed to open /etc/resolv.conf: Invalid argument
+
+In fact, handling of /etc/resolv.conf is quite distro specific. So this patch
+is marked as OE specific.
+
+Upstream-Status: Inappropriate [OE Specific]
+
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ avahi-daemon/avahi-daemon.service.in | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/avahi-daemon/avahi-daemon.service.in b/avahi-daemon/avahi-daemon.service.in
+index 548c834..63e28e4 100644
+--- a/avahi-daemon/avahi-daemon.service.in
++++ b/avahi-daemon/avahi-daemon.service.in
+@@ -18,6 +18,7 @@
+ [Unit]
+ Description=Avahi mDNS/DNS-SD Stack
+ Requires=avahi-daemon.socket
++After=systemd-resolved.service
+
+ [Service]
+ Type=dbus
+--
+2.11.0
+
diff --git a/poky/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch b/poky/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch
new file mode 100644
index 000000000..8db96ec04
--- /dev/null
+++ b/poky/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch
@@ -0,0 +1,27 @@
+From 31dde3562f287429eea94b77250d184818b49063 Mon Sep 17 00:00:00 2001
+From: Chen Qi <Qi.Chen@windriver.com>
+Date: Mon, 15 Oct 2018 16:55:09 +0800
+Subject: [PATCH] avoid start failure with bind user
+
+Upstream-Status: Pending
+
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ init.d | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/init.d b/init.d
+index b2eec60..6e03936 100644
+--- a/init.d
++++ b/init.d
+@@ -57,6 +57,7 @@ case "$1" in
+ modprobe capability >/dev/null 2>&1 || true
+ if [ ! -f /etc/bind/rndc.key ]; then
+ /usr/sbin/rndc-confgen -a -b 512 -r /dev/urandom
++ chown root:bind /etc/bind/rndc.key >/dev/null 2>&1 || true
+ chmod 0640 /etc/bind/rndc.key
+ fi
+ if [ -f /var/run/named/named.pid ]; then
+--
+2.7.4
+
diff --git a/poky/meta/recipes-connectivity/bind/bind/0001-configure.in-remove-useless-L-use_openssl-lib.patch b/poky/meta/recipes-connectivity/bind/bind/0001-configure.in-remove-useless-L-use_openssl-lib.patch
new file mode 100644
index 000000000..871bb2a5f
--- /dev/null
+++ b/poky/meta/recipes-connectivity/bind/bind/0001-configure.in-remove-useless-L-use_openssl-lib.patch
@@ -0,0 +1,32 @@
+From 950867d9fd3f690e271c8c807b6eed144b2935b2 Mon Sep 17 00:00:00 2001
+From: Hongxu Jia <hongxu.jia@windriver.com>
+Date: Mon, 27 Aug 2018 15:00:51 +0800
+Subject: [PATCH] configure.in: remove useless `-L$use_openssl/lib'
+
+Since `--with-openssl=${STAGING_DIR_HOST}${prefix}' is used in bind recipe,
+the `-L$use_openssl/lib' has a hardcoded suffix, removing it is harmless
+and helpful for clean up host build path in isc-config.sh
+
+Upstream-Status: Inappropriate [oe-core specific]
+
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ configure.in | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure.in b/configure.in
+index 54efc55..76ac0eb 100644
+--- a/configure.in
++++ b/configure.in
+@@ -1691,7 +1691,7 @@ If you don't want OpenSSL, use --without-openssl])
+ fi
+ ;;
+ *)
+- DST_OPENSSL_LIBS="-L$use_openssl/lib -lcrypto"
++ DST_OPENSSL_LIBS="-lcrypto"
+ ;;
+ esac
+ fi
+--
+2.7.4
+
diff --git a/poky/meta/recipes-connectivity/bind/bind/0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch b/poky/meta/recipes-connectivity/bind/bind/0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch
index 121509371..a8d601dca 100644
--- a/poky/meta/recipes-connectivity/bind/bind/0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch
+++ b/poky/meta/recipes-connectivity/bind/bind/0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch
@@ -7,11 +7,11 @@ Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
lib/dns/gen.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/lib/dns/gen.c b/lib/dns/gen.c
-index 7a7dafb..51a0435 100644
---- a/lib/dns/gen.c
-+++ b/lib/dns/gen.c
-@@ -148,7 +148,7 @@ static const char copyright[] =
+Index: bind-9.11.3/lib/dns/gen.c
+===================================================================
+--- bind-9.11.3.orig/lib/dns/gen.c
++++ bind-9.11.3/lib/dns/gen.c
+@@ -130,7 +130,7 @@ static const char copyright[] =
#define TYPECLASSBUF (TYPECLASSLEN + 1)
#define TYPECLASSFMT "%" STR(TYPECLASSLEN) "[-0-9a-z]_%d"
#define ATTRIBUTESIZE 256
@@ -20,6 +20,3 @@ index 7a7dafb..51a0435 100644
static struct cc {
struct cc *next;
---
-1.9.1
-
diff --git a/poky/meta/recipes-connectivity/bind/bind/0001-lib-dns-gen.c-fix-too-long-error.patch b/poky/meta/recipes-connectivity/bind/bind/0001-lib-dns-gen.c-fix-too-long-error.patch
index 1ed858cd3..01874a440 100644
--- a/poky/meta/recipes-connectivity/bind/bind/0001-lib-dns-gen.c-fix-too-long-error.patch
+++ b/poky/meta/recipes-connectivity/bind/bind/0001-lib-dns-gen.c-fix-too-long-error.patch
@@ -13,11 +13,11 @@ Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
lib/dns/gen.c | 4 ++++
1 file changed, 4 insertions(+)
-diff --git a/lib/dns/gen.c b/lib/dns/gen.c
-index 51a0435..3d7214f 100644
---- a/lib/dns/gen.c
-+++ b/lib/dns/gen.c
-@@ -148,7 +148,11 @@ static const char copyright[] =
+Index: bind-9.11.3/lib/dns/gen.c
+===================================================================
+--- bind-9.11.3.orig/lib/dns/gen.c
++++ bind-9.11.3/lib/dns/gen.c
+@@ -130,7 +130,11 @@ static const char copyright[] =
#define TYPECLASSBUF (TYPECLASSLEN + 1)
#define TYPECLASSFMT "%" STR(TYPECLASSLEN) "[-0-9a-z]_%d"
#define ATTRIBUTESIZE 256
@@ -29,6 +29,3 @@ index 51a0435..3d7214f 100644
static struct cc {
struct cc *next;
---
-1.7.9.5
-
diff --git a/poky/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch b/poky/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch
new file mode 100644
index 000000000..75908aa63
--- /dev/null
+++ b/poky/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch
@@ -0,0 +1,34 @@
+From a3af4a405baf5ff582e82aaba392dd9667d94bdc Mon Sep 17 00:00:00 2001
+From: Hongxu Jia <hongxu.jia@windriver.com>
+Date: Mon, 27 Aug 2018 21:24:20 +0800
+Subject: [PATCH] `named/lwresd -V' and start log hide build options
+
+The build options expose build path directories, so hide them.
+[snip]
+$ named -V
+|built by make with *** (options are hidden)
+[snip]
+
+Upstream-Status: Inappropriate [oe-core specific]
+
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ bin/named/include/named/globals.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/bin/named/include/named/globals.h b/bin/named/include/named/globals.h
+index ba3457e..7741da7 100644
+--- a/bin/named/include/named/globals.h
++++ b/bin/named/include/named/globals.h
+@@ -68,7 +68,7 @@ EXTERN const char * ns_g_version INIT(VERSION);
+ EXTERN const char * ns_g_product INIT(PRODUCT);
+ EXTERN const char * ns_g_description INIT(DESCRIPTION);
+ EXTERN const char * ns_g_srcid INIT(SRCID);
+-EXTERN const char * ns_g_configargs INIT(CONFIGARGS);
++EXTERN const char * ns_g_configargs INIT("*** (options are hidden)");
+ EXTERN const char * ns_g_builder INIT(BUILDER);
+ EXTERN in_port_t ns_g_port INIT(0);
+ EXTERN isc_dscp_t ns_g_dscp INIT(-1);
+--
+2.7.4
+
diff --git a/poky/meta/recipes-connectivity/bind/bind/CVE-2018-5740.patch b/poky/meta/recipes-connectivity/bind/bind/CVE-2018-5740.patch
new file mode 100644
index 000000000..7a2ba7eab
--- /dev/null
+++ b/poky/meta/recipes-connectivity/bind/bind/CVE-2018-5740.patch
@@ -0,0 +1,72 @@
+Upstream-Status: Backport [https://ftp.isc.org/isc/bind9/9.11.4-P1/patches/CVE-2018-5740]
+
+CVE: CVE-2018-5740
+
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+
+diff --git a/CHANGES b/CHANGES
+index 750b600..3d8d655 100644
+--- a/CHANGES
++++ b/CHANGES
+@@ -1,3 +1,9 @@
++ --- 9.11.4-P1 released ---
++
++4997. [security] named could crash during recursive processing
++ of DNAME records when "deny-answer-aliases" was
++ in use. (CVE-2018-5740) [GL #387]
++
+ --- 9.11.4 released ---
+
+ --- 9.11.4rc2 released ---
+diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
+index 8f674a2..41d1385 100644
+--- a/lib/dns/resolver.c
++++ b/lib/dns/resolver.c
+@@ -6318,6 +6318,7 @@ is_answertarget_allowed(fetchctx_t *fctx, dns_name_t *qname, dns_name_t *rname,
+ unsigned int nlabels;
+ dns_fixedname_t fixed;
+ dns_name_t prefix;
++ int order;
+
+ REQUIRE(rdataset != NULL);
+ REQUIRE(rdataset->type == dns_rdatatype_cname ||
+@@ -6340,17 +6341,25 @@ is_answertarget_allowed(fetchctx_t *fctx, dns_name_t *qname, dns_name_t *rname,
+ tname = &cname.cname;
+ break;
+ case dns_rdatatype_dname:
++ if (dns_name_fullcompare(qname, rname, &order, &nlabels) !=
++ dns_namereln_subdomain)
++ {
++ return (ISC_TRUE);
++ }
+ result = dns_rdata_tostruct(&rdata, &dname, NULL);
+ RUNTIME_CHECK(result == ISC_R_SUCCESS);
+ dns_name_init(&prefix, NULL);
+ tname = dns_fixedname_initname(&fixed);
+- nlabels = dns_name_countlabels(qname) -
+- dns_name_countlabels(rname);
++ nlabels = dns_name_countlabels(rname);
+ dns_name_split(qname, nlabels, &prefix, NULL);
+ result = dns_name_concatenate(&prefix, &dname.dname, tname,
+ NULL);
+- if (result == DNS_R_NAMETOOLONG)
++ if (result == DNS_R_NAMETOOLONG) {
++ if (chainingp != NULL) {
++ *chainingp = ISC_TRUE;
++ }
+ return (ISC_TRUE);
++ }
+ RUNTIME_CHECK(result == ISC_R_SUCCESS);
+ break;
+ default:
+@@ -7071,7 +7080,9 @@ answer_response(fetchctx_t *fctx) {
+ }
+ if ((ardataset->type == dns_rdatatype_cname ||
+ ardataset->type == dns_rdatatype_dname) &&
+- !is_answertarget_allowed(fctx, qname, aname, ardataset,
++ type != ardataset->type &&
++ type != dns_rdatatype_any &&
++ !is_answertarget_allowed(fctx, qname, aname, ardataset,
+ NULL))
+ {
+ return (DNS_R_SERVFAIL);
diff --git a/poky/meta/recipes-connectivity/bind/bind/bind-confgen-build-unix.o-once.patch b/poky/meta/recipes-connectivity/bind/bind/bind-confgen-build-unix.o-once.patch
deleted file mode 100644
index 8bc4ea30f..000000000
--- a/poky/meta/recipes-connectivity/bind/bind/bind-confgen-build-unix.o-once.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From 9b40619ff6fddfef2758ba797789f8487f412df3 Mon Sep 17 00:00:00 2001
-From: Robert Yang <liezhi.yang@windriver.com>
-Date: Mon, 16 Feb 2015 00:50:01 -0800
-Subject: [PATCH] confgen: don't build unix.o twice
-
-Fixed:
-unix/os.o: file not recognized: File truncated
-collect2: error: ld returned 1 exit status
-
-This is because os.o was built twice:
-* The implicity rule (depends on unix/os.o)
-* The "make all" in unix subdir (depends on unix/os.o)
-
-Depend on subdirs which is unix only rather than unix/os.o will fix the
-problem.
-
-Upstream-Status: Pending
-
-Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
-
-Update context(trailing whitespace) for version 9.10.5-P3.
-
-Signed-off-by: Kai Kang <kai.kang@windriver.com>
----
- bin/confgen/Makefile.in | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/bin/confgen/Makefile.in b/bin/confgen/Makefile.in
-index dca272f..02becce 100644
---- a/bin/confgen/Makefile.in
-+++ b/bin/confgen/Makefile.in
-@@ -74,11 +74,11 @@ rndc-confgen.@O@: rndc-confgen.c
- ddns-confgen.@O@: ddns-confgen.c
- ${LIBTOOL_MODE_COMPILE} ${CC} ${ALL_CFLAGS} -c ${srcdir}/ddns-confgen.c
-
--rndc-confgen@EXEEXT@: rndc-confgen.@O@ util.@O@ keygen.@O@ ${UOBJS} ${CONFDEPLIBS}
-+rndc-confgen@EXEEXT@: rndc-confgen.@O@ util.@O@ keygen.@O@ ${CONFDEPLIBS} $(SUBDIRS)
- export BASEOBJS="rndc-confgen.@O@ util.@O@ keygen.@O@ ${UOBJS}"; \
- ${FINALBUILDCMD}
-
--ddns-confgen@EXEEXT@: ddns-confgen.@O@ util.@O@ keygen.@O@ ${UOBJS} ${CONFDEPLIBS}
-+ddns-confgen@EXEEXT@: ddns-confgen.@O@ util.@O@ keygen.@O@ ${CONFDEPLIBS} $(SUBDIRS)
- export BASEOBJS="ddns-confgen.@O@ util.@O@ keygen.@O@ ${UOBJS}"; \
- ${FINALBUILDCMD}
-
---
-1.7.9.5
-
diff --git a/poky/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch b/poky/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch
index 13df3bb0e..37e210e6d 100644
--- a/poky/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch
+++ b/poky/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch
@@ -31,11 +31,11 @@ Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
configure.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/configure.in b/configure.in
-index c9ef3a601343..17a1f613e9ac 100644
---- a/configure.in
-+++ b/configure.in
-@@ -2139,7 +2139,7 @@ case "$use_libjson" in
+Index: bind-9.11.3/configure.in
+===================================================================
+--- bind-9.11.3.orig/configure.in
++++ bind-9.11.3/configure.in
+@@ -2574,7 +2574,7 @@ case "$use_libjson" in
libjson_libs=""
;;
auto|yes)
@@ -44,6 +44,3 @@ index c9ef3a601343..17a1f613e9ac 100644
do
if test -f "${d}/include/json/json.h"
then
---
-2.4.2
-
diff --git a/poky/meta/recipes-connectivity/bind/bind/dont-test-on-host.patch b/poky/meta/recipes-connectivity/bind/bind/dont-test-on-host.patch
deleted file mode 100644
index b02ecb106..000000000
--- a/poky/meta/recipes-connectivity/bind/bind/dont-test-on-host.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-Upstream-Status: Pending
-
-Signed-off-by: Saul Wold <sgw@linux.intel.com>
-
-Index: bind-9.9.5/bin/Makefile.in
-===================================================================
---- bind-9.9.5.orig/bin/Makefile.in
-+++ bind-9.9.5/bin/Makefile.in
-@@ -19,7 +19,7 @@ srcdir = @srcdir@
- VPATH = @srcdir@
- top_srcdir = @top_srcdir@
-
--SUBDIRS = named rndc dig delv dnssec tools tests nsupdate \
-+SUBDIRS = named rndc dig delv dnssec tools nsupdate \
- check confgen @PYTHON_TOOLS@ @PKCS11_TOOLS@
- TARGETS =
-
diff --git a/poky/meta/recipes-connectivity/bind/bind/use-python3-and-fix-install-lib-path.patch b/poky/meta/recipes-connectivity/bind/bind/use-python3-and-fix-install-lib-path.patch
deleted file mode 100644
index 9829f1588..000000000
--- a/poky/meta/recipes-connectivity/bind/bind/use-python3-and-fix-install-lib-path.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-Use python3 rather default python which maybe links to python2 for oe. And add
-option for setup.py to install files to right directory.
-
-Upstream-Status: Inappropriate [OE specific]
-
-Signed-off-by: Kai Kang <kai.kang@windriver.com>
----
-diff --git a/bin/python/Makefile.in b/bin/python/Makefile.in
-index a43a3c1..2e727f2 100644
---- a/bin/python/Makefile.in
-+++ b/bin/python/Makefile.in
-@@ -55,9 +55,9 @@ install:: ${TARGETS} installdirs
- ${INSTALL_DATA} ${srcdir}/dnssec-coverage.8 ${DESTDIR}${mandir}/man8
- if test -n "${PYTHON}" ; then \
- if test -n "${DESTDIR}" ; then \
-- ${PYTHON} ${srcdir}/setup.py install --root=${DESTDIR} --prefix=${prefix} ; \
-+ ${PYTHON} ${srcdir}/setup.py install --root=${DESTDIR} --prefix=${prefix} --install-lib=${PYTHON_SITEPACKAGES_DIR} ; \
- else \
-- ${PYTHON} ${srcdir}/setup.py install --prefix=${prefix} ; \
-+ ${PYTHON} ${srcdir}/setup.py install --prefix=${prefix} --install-lib=${PYTHON_SITEPACKAGES_DIR} ; \
- fi \
- fi
-
-diff --git a/configure.in b/configure.in
-index 314bb90..867923e 100644
---- a/configure.in
-+++ b/configure.in
-@@ -227,7 +227,7 @@ AC_ARG_WITH(python,
- [ --with-python=PATH specify path to python interpreter],
- use_python="$withval", use_python="unspec")
-
--python="python python3 python3.5 python3.4 python3.3 python3.2 python2 python2.7"
-+python="python3 python3.5 python3.4 python3.3 python3.2 python2 python2.7"
-
- testargparse='try: import argparse
- except: exit(1)'
diff --git a/poky/meta/recipes-connectivity/bind/bind_9.10.6.bb b/poky/meta/recipes-connectivity/bind/bind_9.11.4.bb
index 8b8835ba8..cb4a21a9a 100644
--- a/poky/meta/recipes-connectivity/bind/bind_9.10.6.bb
+++ b/poky/meta/recipes-connectivity/bind/bind_9.11.4.bb
@@ -3,51 +3,57 @@ HOMEPAGE = "http://www.isc.org/sw/bind/"
SECTION = "console/network"
LICENSE = "ISC & BSD"
-LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=dba46507446198119bcde32a4feaab43"
+LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=6ba7c9fe0c888a943c79c93e6de744fb"
-DEPENDS = "openssl libcap"
+DEPENDS = "openssl libcap zlib"
SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
file://conf.patch \
- file://make-etc-initd-bind-stop-work.patch \
- file://dont-test-on-host.patch \
- file://generate-rndc-key.sh \
file://named.service \
file://bind9 \
+ file://generate-rndc-key.sh \
+ file://make-etc-initd-bind-stop-work.patch \
file://init.d-add-support-for-read-only-rootfs.patch \
- file://bind-confgen-build-unix.o-once.patch \
- file://0001-build-use-pkg-config-to-find-libxml2.patch \
file://bind-ensure-searching-for-json-headers-searches-sysr.patch \
file://0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch \
file://0001-lib-dns-gen.c-fix-too-long-error.patch \
- file://use-python3-and-fix-install-lib-path.patch \
- "
+ file://0001-configure.in-remove-useless-L-use_openssl-lib.patch \
+ file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \
+ file://0001-avoid-start-failure-with-bind-user.patch \
+ file://CVE-2018-5740.patch \
+"
-SRC_URI[md5sum] = "84e663284b17aee0df1ce6f248b137d7"
-SRC_URI[sha256sum] = "17bbcd2bd7b1d32f5ba4b30d5dbe8a39bce200079048073d1e0d050fdf47e69d"
+SRC_URI[md5sum] = "9b4834d78f30cdb796ce437262272a36"
+SRC_URI[sha256sum] = "595070b031f869f8939656b5a5d11b121211967f15f6afeafa895df745279617"
UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/"
UPSTREAM_CHECK_REGEX = "(?P<pver>9(\.\d+)+(-P\d+)*)/"
+inherit autotools update-rc.d systemd useradd pkgconfig multilib_script
+
+MULTILIB_SCRIPTS = "${PN}:${bindir}/bind9-config ${PN}:${bindir}/isc-config.sh"
+
+# PACKAGECONFIGs readline and libedit should NOT be set at same time
+PACKAGECONFIG ?= "readline"
+PACKAGECONFIG[httpstats] = "--with-libxml2=${STAGING_DIR_HOST}${prefix},--without-libxml2,libxml2"
+PACKAGECONFIG[readline] = "--with-readline=-lreadline,,readline"
+PACKAGECONFIG[libedit] = "--with-readline=-ledit,,libedit"
+PACKAGECONFIG[urandom] = "--with-randomdev=/dev/urandom,--with-randomdev=/dev/random,,"
+PACKAGECONFIG[python3] = "--with-python=${PYTHON} --with-python-install-dir=${D}/${PYTHON_SITEPACKAGES_DIR} , --without-python, python3-ply-native,"
ENABLE_IPV6 = "--enable-ipv6=${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'yes', 'no', d)}"
EXTRA_OECONF = " ${ENABLE_IPV6} --with-libtool --enable-threads \
--disable-devpoll --enable-epoll --with-gost=no \
- --with-gssapi=no --with-ecdsa=yes \
+ --with-gssapi=no --with-ecdsa=yes --with-eddsa=no \
+ --with-lmdb=no \
--sysconfdir=${sysconfdir}/bind \
- --with-openssl=${STAGING_LIBDIR}/.. \
+ --with-openssl=${STAGING_DIR_HOST}${prefix} \
"
-inherit autotools update-rc.d systemd useradd pkgconfig python3-dir
+inherit ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3native distutils3-base', '', d)}
-export PYTHON_SITEPACKAGES_DIR
-
-# PACKAGECONFIGs readline and libedit should NOT be set at same time
-PACKAGECONFIG ?= "readline"
-PACKAGECONFIG[httpstats] = "--with-libxml2,--without-libxml2,libxml2"
-PACKAGECONFIG[readline] = "--with-readline=-lreadline,,readline"
-PACKAGECONFIG[libedit] = "--with-readline=-ledit,,libedit"
-PACKAGECONFIG[urandom] = "--with-randomdev=/dev/urandom,--with-randomdev=/dev/random,,"
+# dhcp needs .la so keep them
+REMOVE_LIBTOOL_LA = "0"
USERADD_PACKAGES = "${PN}"
USERADD_PARAM_${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \
@@ -58,19 +64,6 @@ INITSCRIPT_PARAMS = "defaults"
SYSTEMD_SERVICE_${PN} = "named.service"
-PARALLEL_MAKE = ""
-
-RDEPENDS_${PN} = "python3-core"
-RDEPENDS_${PN}-dev = ""
-
-PACKAGE_BEFORE_PN += "${PN}-utils"
-FILES_${PN}-utils = "${bindir}/host ${bindir}/dig"
-FILES_${PN}-dev += "${bindir}/isc-config.h"
-FILES_${PN} += "${sbindir}/generate-rndc-key.sh ${PYTHON_SITEPACKAGES_DIR}"
-
-PACKAGE_BEFORE_PN += "${PN}-libs"
-FILES_${PN}-libs = "${libdir}/*.so*"
-
do_install_prepend() {
# clean host path in isc-config.sh before the hardlink created
# by "make install":
@@ -79,6 +72,7 @@ do_install_prepend() {
}
do_install_append() {
+
rm "${D}${bindir}/nslookup"
rm "${D}${mandir}/man1/nslookup.1"
rmdir "${D}${localstatedir}/run"
@@ -88,7 +82,12 @@ do_install_append() {
install -d "${D}${sysconfdir}/init.d"
install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/"
install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind"
- sed -i -e '1s,#!.*python3,#! /usr/bin/python3,' ${D}${sbindir}/dnssec-coverage ${D}${sbindir}/dnssec-checkds
+ if ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'true', 'false', d)}; then
+ sed -i -e '1s,#!.*python3,#! /usr/bin/python3,' \
+ ${D}${sbindir}/dnssec-coverage \
+ ${D}${sbindir}/dnssec-checkds \
+ ${D}${sbindir}/dnssec-keymgr
+ fi
# Install systemd related files
install -d ${D}${sbindir}
@@ -106,8 +105,6 @@ do_install_append() {
install -d ${D}${sysconfdir}/tmpfiles.d
echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf
fi
-
- rm -f ${D}${PYTHON_SITEPACKAGES_DIR}/isc/*.pyc
}
CONFFILES_${PN} = " \
@@ -121,3 +118,20 @@ CONFFILES_${PN} = " \
${sysconfdir}/bind/db.root \
"
+PACKAGE_BEFORE_PN += "${PN}-utils"
+FILES_${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig"
+FILES_${PN}-dev += "${bindir}/isc-config.h"
+FILES_${PN} += "${sbindir}/generate-rndc-key.sh"
+
+PACKAGE_BEFORE_PN += "${PN}-libs"
+FILES_${PN}-libs = "${libdir}/*.so*"
+FILES_${PN}-staticdev += "${libdir}/*.la"
+
+PACKAGE_BEFORE_PN += "${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3-bind', '', d)}"
+FILES_python3-bind = "${sbindir}/dnssec-coverage ${sbindir}/dnssec-checkds \
+ ${sbindir}/dnssec-keymgr ${PYTHON_SITEPACKAGES_DIR}"
+
+RDEPENDS_${PN} = "bash"
+RDEPENDS_${PN}-utils = "bash"
+RDEPENDS_${PN}-dev = ""
+RDEPENDS_python3-bind = "python3-core python3-ply"
diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5.inc b/poky/meta/recipes-connectivity/bluez5/bluez5.inc
index ae2a833c0..9d9739e95 100644
--- a/poky/meta/recipes-connectivity/bluez5/bluez5.inc
+++ b/poky/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -42,6 +42,7 @@ PACKAGECONFIG[tools] = "--enable-tools,--disable-tools"
PACKAGECONFIG[threads] = "--enable-threads,--disable-threads"
PACKAGECONFIG[deprecated] = "--enable-deprecated,--disable-deprecated"
PACKAGECONFIG[mesh] = "--enable-mesh,--disable-mesh, json-c"
+PACKAGECONFIG[btpclient] = "--enable-btpclient,--disable-btpclient, ell"
SRC_URI = "\
${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \
@@ -50,6 +51,7 @@ SRC_URI = "\
file://run-ptest \
${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \
file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \
+ file://0001-test-gatt-Fix-hung-issue.patch \
"
S = "${WORKDIR}/bluez-${PV}"
diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch b/poky/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch
index 2fde7bc06..da7140922 100644
--- a/poky/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch
+++ b/poky/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch
@@ -1,3 +1,4 @@
+From 99ccdbe155028c4c789803a429072675b87d0c3a Mon Sep 17 00:00:00 2001
From: Giovanni Campagna <gcampagna-cNUdlRotFMnNLxjTenLetw@public.gmane.org>
Date: Sat, 12 Oct 2013 17:45:25 +0200
Subject: [PATCH] Allow using obexd without systemd in the user session
@@ -14,19 +15,18 @@ configuration. See thread:
http://thread.gmane.org/gmane.linux.bluez.kernel/38725/focus=38843
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
+
---
- Makefile.obexd | 4 ++--
- obexd/src/org.bluez.obex.service | 4 ----
- obexd/src/org.bluez.obex.service.in | 4 ++++
- 3 files changed, 6 insertions(+), 6 deletions(-)
- delete mode 100644 obexd/src/org.bluez.obex.service
- create mode 100644 obexd/src/org.bluez.obex.service.in
+ Makefile.obexd | 4 ++--
+ obexd/src/{org.bluez.obex.service => org.bluez.obex.service.in} | 2 +-
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+ rename obexd/src/{org.bluez.obex.service => org.bluez.obex.service.in} (76%)
diff --git a/Makefile.obexd b/Makefile.obexd
-index 2e33cbc72f2b..d5d858c857b4 100644
+index c462692..0325f66 100644
--- a/Makefile.obexd
+++ b/Makefile.obexd
-@@ -2,12 +2,12 @@
+@@ -1,12 +1,12 @@
if SYSTEMD
systemduserunitdir = @SYSTEMD_USERUNITDIR@
systemduserunit_DATA = obexd/src/obex.service
@@ -39,25 +39,18 @@ index 2e33cbc72f2b..d5d858c857b4 100644
-EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service
+EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service.in
- obex_plugindir = $(libdir)/obex/plugins
+ if OBEX
-diff --git a/obexd/src/org.bluez.obex.service b/obexd/src/org.bluez.obex.service
-deleted file mode 100644
-index a53808884554..000000000000
+diff --git a/obexd/src/org.bluez.obex.service b/obexd/src/org.bluez.obex.service.in
+similarity index 76%
+rename from obexd/src/org.bluez.obex.service
+rename to obexd/src/org.bluez.obex.service.in
+index a538088..9c815f2 100644
--- a/obexd/src/org.bluez.obex.service
-+++ /dev/null
-@@ -1,4 +0,0 @@
--[D-BUS Service]
--Name=org.bluez.obex
--Exec=/bin/false
--SystemdService=dbus-org.bluez.obex.service
-diff --git a/obexd/src/org.bluez.obex.service.in b/obexd/src/org.bluez.obex.service.in
-new file mode 100644
-index 000000000000..9c815f246b77
---- /dev/null
+++ b/obexd/src/org.bluez.obex.service.in
-@@ -0,0 +1,4 @@
-+[D-BUS Service]
-+Name=org.bluez.obex
+@@ -1,4 +1,4 @@
+ [D-BUS Service]
+ Name=org.bluez.obex
+-Exec=/bin/false
+Exec=@libexecdir@/obexd
-+SystemdService=dbus-org.bluez.obex.service
+ SystemdService=dbus-org.bluez.obex.service
diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch b/poky/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch
new file mode 100644
index 000000000..e90b6a546
--- /dev/null
+++ b/poky/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch
@@ -0,0 +1,43 @@
+From 61e741654cc2eb167bca212a3bb2ba8f3ba280c1 Mon Sep 17 00:00:00 2001
+From: Mingli Yu <Mingli.Yu@windriver.com>
+Date: Fri, 24 Aug 2018 12:04:03 +0800
+Subject: [PATCH] test-gatt: Fix hung issue
+
+The below test hangs infinitely
+$ unit/test-gatt -p /robustness/unkown-request -d
+/robustness/unkown-request - init
+/robustness/unkown-request - setup
+/robustness/unkown-request - setup complete
+/robustness/unkown-request - run
+ GATT: < 02 17 00 ...
+ bt_gatt_server:MTU exchange complete, with MTU: 23
+ GATT: > 03 00 02 ...
+ PDU: = 03 00 02 ...
+ GATT: < bf 00
+
+Actually, the /robustness/unkown-request test does
+no action.
+
+Upstream-Status: Submitted [https://marc.info/?l=linux-bluetooth&m=153508881804635&w=2]
+
+Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
+---
+ unit/test-gatt.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/unit/test-gatt.c b/unit/test-gatt.c
+index c7e28f8..b57373b 100644
+--- a/unit/test-gatt.c
++++ b/unit/test-gatt.c
+@@ -4463,7 +4463,7 @@ int main(int argc, char *argv[])
+ test_server, service_db_1, NULL,
+ raw_pdu(0x03, 0x00, 0x02),
+ raw_pdu(0xbf, 0x00),
+- raw_pdu(0x01, 0xbf, 0x00, 0x00, 0x06));
++ raw_pdu());
+
+ define_test_server("/robustness/unkown-command",
+ test_server, service_db_1, NULL,
+--
+2.7.4
+
diff --git a/poky/meta/recipes-connectivity/bluez5/bluez5_5.48.bb b/poky/meta/recipes-connectivity/bluez5/bluez5_5.50.bb
index 84a6cd22d..66271432f 100644
--- a/poky/meta/recipes-connectivity/bluez5/bluez5_5.48.bb
+++ b/poky/meta/recipes-connectivity/bluez5/bluez5_5.50.bb
@@ -2,8 +2,8 @@ require bluez5.inc
REQUIRED_DISTRO_FEATURES = "bluez5"
-SRC_URI[md5sum] = "c9c853f3c90564cabec75ab35106c355"
-SRC_URI[sha256sum] = "b9a8723072ef66bae7ec301c774902ebcb444c9c5b149b5a199e60a1ba970e90"
+SRC_URI[md5sum] = "8e35c67c81a55d3ad4c9f22280dae178"
+SRC_URI[sha256sum] = "5ffcaae18bbb6155f1591be8c24898dc12f062075a40b538b745bfd477481911"
# noinst programs in Makefile.tools that are conditional on READLINE
# support
@@ -66,4 +66,5 @@ NOINST_TOOLS_BT ?= " \
tools/check-selftest \
tools/gatt-service \
profiles/iap/iapd \
+ ${@bb.utils.contains('PACKAGECONFIG', 'btpclient', 'tools/btpclient', '', d)} \
"
diff --git a/poky/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch b/poky/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch
index 059342771..639ccfa2a 100644
--- a/poky/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch
+++ b/poky/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch
@@ -17,6 +17,14 @@ diff --git a/gweb/gresolv.c b/gweb/gresolv.c
index 5cf7a9a..3ad8e70 100644
--- a/gweb/gresolv.c
+++ b/gweb/gresolv.c
+@@ -36,6 +36,7 @@
+ #include <arpa/inet.h>
+ #include <arpa/nameser.h>
+ #include <net/if.h>
++#include <ctype.h>
+
+ #include "gresolv.h"
+
@@ -875,8 +875,6 @@ GResolv *g_resolv_new(int index)
resolv->index = index;
resolv->nameserver_list = NULL;
diff --git a/poky/meta/recipes-connectivity/connman/connman/includes.patch b/poky/meta/recipes-connectivity/connman/connman/includes.patch
index 55cb18793..9f7395cbb 100644
--- a/poky/meta/recipes-connectivity/connman/connman/includes.patch
+++ b/poky/meta/recipes-connectivity/connman/connman/includes.patch
@@ -1,6 +1,6 @@
Fix various issues which cause problems under musl.
-Upstream-Status: Submitted
+Upstream-Status: Backport [bd1326ba7d68df38c5ccaafd2403a5fb30bd452b]
Signed-off-by: Ross Burton <ross.burton@intel.com>
From 630516bcc0233b047f65665c003201ba6e77453d Mon Sep 17 00:00:00 2001
@@ -300,20 +300,14 @@ diff --git a/gweb/gresolv.c b/gweb/gresolv.c
index 8a51a9f..d55027c 100644
--- a/gweb/gresolv.c
+++ b/gweb/gresolv.c
-@@ -23,11 +23,13 @@
- #include <config.h>
- #endif
-
-+#include <ctype.h>
- #include <errno.h>
- #include <unistd.h>
- #include <stdarg.h>
+@@ -29,6 +29,7 @@
#include <string.h>
#include <stdlib.h>
-+#include <stdio.h>
#include <resolv.h>
++#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
+ #include <netdb.h>
diff --git a/plugins/wifi.c b/plugins/wifi.c
index 9d56671..148131d 100644
--- a/plugins/wifi.c
diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp.inc b/poky/meta/recipes-connectivity/dhcp/dhcp.inc
index 44e946cb2..3e65e5cf2 100644
--- a/poky/meta/recipes-connectivity/dhcp/dhcp.inc
+++ b/poky/meta/recipes-connectivity/dhcp/dhcp.inc
@@ -8,9 +8,9 @@ easier to administer devices."
HOMEPAGE = "http://www.isc.org/"
LICENSE = "ISC"
-LIC_FILES_CHKSUM = "file://LICENSE;beginline=4;md5=c5c64d696107f84b56fe337d14da1753"
+LIC_FILES_CHKSUM = "file://LICENSE;beginline=4;md5=004a4db50a1e20972e924a8618747c01"
-DEPENDS = "openssl"
+DEPENDS = "openssl bind"
SRC_URI = "http://ftp.isc.org/isc/dhcp/${PV}/dhcp-${PV}.tar.gz \
file://init-relay file://default-relay \
@@ -24,7 +24,7 @@ SRC_URI = "http://ftp.isc.org/isc/dhcp/${PV}/dhcp-${PV}.tar.gz \
UPSTREAM_CHECK_URI = "ftp://ftp.isc.org/isc/dhcp/"
UPSTREAM_CHECK_REGEX = "(?P<pver>\d+\.\d+\.(\d+?))/"
-inherit autotools systemd useradd update-rc.d
+inherit autotools-brokensep systemd useradd update-rc.d
USERADD_PACKAGES = "${PN}-server"
USERADD_PARAM_${PN}-server = "--system --no-create-home --home-dir /var/run/${BPN} --shell /bin/false --user-group ${BPN}"
@@ -50,8 +50,15 @@ EXTRA_OECONF = "--with-srv-lease-file=${localstatedir}/lib/dhcp/dhcpd.leases \
--with-cli6-lease-file=${localstatedir}/lib/dhcp/dhclient6.leases \
--enable-paranoia --disable-static \
--with-randomdev=/dev/random \
+ --with-libbind=${STAGING_DIR_HOST} \
+ --enable-libtool \
"
+#Enable shared libs per dhcp README
+do_configure_prepend () {
+ cp configure.ac+lt configure.ac
+}
+
do_install_append () {
install -d ${D}${sysconfdir}/init.d
install -d ${D}${sysconfdir}/default
@@ -95,8 +102,7 @@ PACKAGES += "dhcp-libs dhcp-server dhcp-server-config dhcp-client dhcp-relay dhc
PACKAGES_remove = "${PN}"
RDEPENDS_${PN}-dev = ""
RDEPENDS_${PN}-staticdev = ""
-
-FILES_${PN}-libs = "${libdir}/libdhcpctl.so.0* ${libdir}/libomapi.so.0*"
+FILES_${PN}-libs = "${libdir}/libdhcpctl.so.0* ${libdir}/libomapi.so.0* ${libdir}/libdhcp.so.0*"
FILES_${PN}-server = "${sbindir}/dhcpd ${sysconfdir}/init.d/dhcp-server"
RRECOMMENDS_${PN}-server = "dhcp-server-config"
diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp/0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch b/poky/meta/recipes-connectivity/dhcp/dhcp/0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch
index e5b3cf9bc..d1b57f0bb 100644
--- a/poky/meta/recipes-connectivity/dhcp/dhcp/0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch
+++ b/poky/meta/recipes-connectivity/dhcp/dhcp/0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch
@@ -11,11 +11,11 @@ Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
includes/site.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
-diff --git a/includes/site.h b/includes/site.h
-index b2f7fd7..280fbb9 100644
---- a/includes/site.h
-+++ b/includes/site.h
-@@ -149,7 +149,8 @@
+Index: dhcp-4.4.1/includes/site.h
+===================================================================
+--- dhcp-4.4.1.orig/includes/site.h
++++ dhcp-4.4.1/includes/site.h
+@@ -148,7 +148,8 @@
/* Define this if you want the dhcpd.conf file to go somewhere other than
the default location. By default, it goes in /etc/dhcpd.conf. */
@@ -25,6 +25,3 @@ index b2f7fd7..280fbb9 100644
/* Network API definitions. You do not need to choose one of these - if
you don't choose, one will be chosen for you in your system's config
---
-1.8.3.1
-
diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp/0003-link-with-lcrypto.patch b/poky/meta/recipes-connectivity/dhcp/dhcp/0003-link-with-lcrypto.patch
index 810c7b6da..5b35933a5 100644
--- a/poky/meta/recipes-connectivity/dhcp/dhcp/0003-link-with-lcrypto.patch
+++ b/poky/meta/recipes-connectivity/dhcp/dhcp/0003-link-with-lcrypto.patch
@@ -18,11 +18,11 @@ Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
configure.ac | 4 ++++
1 file changed, 4 insertions(+)
-diff --git a/configure.ac b/configure.ac
-index cdfa352..44fb57e 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -591,6 +591,10 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[void foo() __attribute__((noreturn));
+Index: dhcp-4.4.1/configure.ac
+===================================================================
+--- dhcp-4.4.1.orig/configure.ac
++++ dhcp-4.4.1/configure.ac
+@@ -612,6 +612,10 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]],
# Look for optional headers.
AC_CHECK_HEADERS(sys/socket.h net/if_dl.h net/if6.h regex.h)
@@ -33,6 +33,3 @@ index cdfa352..44fb57e 100644
# Solaris needs some libraries for functions
AC_SEARCH_LIBS(socket, [socket])
AC_SEARCH_LIBS(inet_ntoa, [nsl])
---
-1.8.3.1
-
diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp/0004-Fix-out-of-tree-builds.patch b/poky/meta/recipes-connectivity/dhcp/dhcp/0004-Fix-out-of-tree-builds.patch
index 7d1d86798..b71c93dd6 100644
--- a/poky/meta/recipes-connectivity/dhcp/dhcp/0004-Fix-out-of-tree-builds.patch
+++ b/poky/meta/recipes-connectivity/dhcp/dhcp/0004-Fix-out-of-tree-builds.patch
@@ -19,82 +19,75 @@ Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
server/Makefile.am | 2 +-
6 files changed, 9 insertions(+), 5 deletions(-)
-diff --git a/client/Makefile.am b/client/Makefile.am
-index 2cb83d8..4730bb3 100644
---- a/client/Makefile.am
-+++ b/client/Makefile.am
-@@ -7,11 +7,11 @@ SUBDIRS = . tests
- BINDLIBDIR = @BINDDIR@/lib
-
- AM_CPPFLAGS = -DCLIENT_PATH='"PATH=$(sbindir):/sbin:/bin:/usr/sbin:/usr/bin"' \
-- -DLOCALSTATEDIR='"$(localstatedir)"'
-+ -DLOCALSTATEDIR='"$(localstatedir)"' -I$(top_srcdir)/includes
-
- dist_sysconf_DATA = dhclient.conf.example
- sbin_PROGRAMS = dhclient
--dhclient_SOURCES = clparse.c dhclient.c dhc6.c \
-+dhclient_SOURCES = $(srcdir)/clparse.c $(srcdir)/dhclient.c $(srcdir)/dhc6.c \
- scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
- scripts/netbsd scripts/nextstep scripts/openbsd \
- scripts/solaris scripts/openwrt
-diff --git a/common/Makefile.am b/common/Makefile.am
-index 113aee8..0f24fbb 100644
---- a/common/Makefile.am
-+++ b/common/Makefile.am
+Index: dhcp-4.4.1/common/Makefile.am
+===================================================================
+--- dhcp-4.4.1.orig/common/Makefile.am
++++ dhcp-4.4.1/common/Makefile.am
@@ -1,4 +1,5 @@
-AM_CPPFLAGS = -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"'
+AM_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"'
+
AM_CFLAGS = $(LDAP_CFLAGS)
- noinst_LIBRARIES = libdhcp.a
-diff --git a/dhcpctl/Makefile.am b/dhcpctl/Makefile.am
-index ceb0de1..ba8dd8b 100644
---- a/dhcpctl/Makefile.am
-+++ b/dhcpctl/Makefile.am
-@@ -1,5 +1,7 @@
- BINDLIBDIR = @BINDDIR@/lib
+ lib_LIBRARIES = libdhcp.a
+Index: dhcp-4.4.1/dhcpctl/Makefile.am
+===================================================================
+--- dhcp-4.4.1.orig/dhcpctl/Makefile.am
++++ dhcp-4.4.1/dhcpctl/Makefile.am
+@@ -3,6 +3,8 @@ BINDLIBDNSDIR=@BINDLIBDNSDIR@
+ BINDLIBISCCFGDIR=@BINDLIBISCCFGDIR@
+ BINDLIBISCDIR=@BINDLIBISCDIR@
+AM_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_srcdir)
+
bin_PROGRAMS = omshell
lib_LIBRARIES = libdhcpctl.a
noinst_PROGRAMS = cltest
-diff --git a/omapip/Makefile.am b/omapip/Makefile.am
-index 446a594..dd1afa0 100644
---- a/omapip/Makefile.am
-+++ b/omapip/Makefile.am
-@@ -1,4 +1,5 @@
- BINDLIBDIR = @BINDDIR@/lib
+Index: dhcp-4.4.1/server/Makefile.am
+===================================================================
+--- dhcp-4.4.1.orig/server/Makefile.am
++++ dhcp-4.4.1/server/Makefile.am
+@@ -4,7 +4,7 @@
+ # production code. Sadly, we are not there yet.
+ SUBDIRS = . tests
+
+-AM_CPPFLAGS = -I.. -DLOCALSTATEDIR='"@localstatedir@"'
++AM_CPPFLAGS = -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"' -I$(top_srcdir)/includes
+
+ dist_sysconf_DATA = dhcpd.conf.example
+ sbin_PROGRAMS = dhcpd
+Index: dhcp-4.4.1/client/Makefile.am
+===================================================================
+--- dhcp-4.4.1.orig/client/Makefile.am
++++ dhcp-4.4.1/client/Makefile.am
+@@ -5,7 +5,7 @@
+ SUBDIRS = . tests
+
+ AM_CPPFLAGS = -DCLIENT_PATH='"PATH=$(sbindir):/sbin:/bin:/usr/sbin:/usr/bin"'
+-AM_CPPFLAGS += -DLOCALSTATEDIR='"$(localstatedir)"'
++AM_CPPFLAGS += -DLOCALSTATEDIR='"$(localstatedir)"' -I$(top_srcdir)/includes
+
+ dist_sysconf_DATA = dhclient.conf.example
+ sbin_PROGRAMS = dhclient
+Index: dhcp-4.4.1/omapip/Makefile.am
+===================================================================
+--- dhcp-4.4.1.orig/omapip/Makefile.am
++++ dhcp-4.4.1/omapip/Makefile.am
+@@ -2,6 +2,7 @@ BINDLIBIRSDIR=@BINDLIBIRSDIR@
+ BINDLIBDNSDIR=@BINDLIBDNSDIR@
+ BINDLIBISCCFGDIR=@BINDLIBISCCFGDIR@
+ BINDLIBISCDIR=@BINDLIBISCDIR@
+AM_CPPFLAGS = -I$(top_srcdir)/includes
lib_LIBRARIES = libomapi.a
noinst_PROGRAMS = svtest
-diff --git a/relay/Makefile.am b/relay/Makefile.am
-index 3060eca..6d652f6 100644
---- a/relay/Makefile.am
-+++ b/relay/Makefile.am
-@@ -1,6 +1,6 @@
- BINDLIBDIR = @BINDDIR@/lib
-
+Index: dhcp-4.4.1/relay/Makefile.am
+===================================================================
+--- dhcp-4.4.1.orig/relay/Makefile.am
++++ dhcp-4.4.1/relay/Makefile.am
+@@ -1,4 +1,4 @@
-AM_CPPFLAGS = -DLOCALSTATEDIR='"@localstatedir@"'
+AM_CPPFLAGS = -DLOCALSTATEDIR='"@localstatedir@"' -I$(top_srcdir)/includes
sbin_PROGRAMS = dhcrelay
dhcrelay_SOURCES = dhcrelay.c
-diff --git a/server/Makefile.am b/server/Makefile.am
-index 54feedf..3990b9c 100644
---- a/server/Makefile.am
-+++ b/server/Makefile.am
-@@ -6,7 +6,7 @@ SUBDIRS = . tests
-
- BINDLIBDIR = @BINDDIR@/lib
-
--AM_CPPFLAGS = -I.. -DLOCALSTATEDIR='"@localstatedir@"'
-+AM_CPPFLAGS = -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"' -I$(top_srcdir)/includes
-
- dist_sysconf_DATA = dhcpd.conf.example
- sbin_PROGRAMS = dhcpd
---
-1.8.3.1
-
diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp/0006-site.h-enable-gentle-shutdown.patch b/poky/meta/recipes-connectivity/dhcp/dhcp/0006-site.h-enable-gentle-shutdown.patch
index c62b283d5..6ef70ccac 100644
--- a/poky/meta/recipes-connectivity/dhcp/dhcp/0006-site.h-enable-gentle-shutdown.patch
+++ b/poky/meta/recipes-connectivity/dhcp/dhcp/0006-site.h-enable-gentle-shutdown.patch
@@ -12,11 +12,11 @@ Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
includes/site.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/includes/site.h b/includes/site.h
-index 280fbb9..e6c2972 100644
---- a/includes/site.h
-+++ b/includes/site.h
-@@ -296,7 +296,7 @@
+Index: dhcp-4.4.1/includes/site.h
+===================================================================
+--- dhcp-4.4.1.orig/includes/site.h
++++ dhcp-4.4.1/includes/site.h
+@@ -295,7 +295,7 @@
situations. We plan to revisit this feature and may
make non-backwards compatible changes including the
removal of this define. Use at your own risk. */
@@ -25,6 +25,3 @@ index 280fbb9..e6c2972 100644
/* Include old error codes. This is provided in case you
are building an external program similar to omshell for
---
-1.8.3.1
-
diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp/0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch b/poky/meta/recipes-connectivity/dhcp/dhcp/0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch
index 43c26ea21..feb0754ff 100644
--- a/poky/meta/recipes-connectivity/dhcp/dhcp/0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch
+++ b/poky/meta/recipes-connectivity/dhcp/dhcp/0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch
@@ -15,13 +15,13 @@ Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
configure.ac | 11 +++++++++++
1 file changed, 11 insertions(+)
-diff --git a/configure.ac b/configure.ac
-index 44fb57e..8e9f509 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -611,6 +611,17 @@ AC_CHECK_FUNCS(strlcat)
- # For HP/UX we need -lipv6 for if_nametoindex, perhaps others.
- AC_SEARCH_LIBS(if_nametoindex, [ipv6])
+Index: dhcp-4.4.1/configure.ac
+===================================================================
+--- dhcp-4.4.1.orig/configure.ac
++++ dhcp-4.4.1/configure.ac
+@@ -642,6 +642,17 @@ if test "$have_nanosleep" = "rt"; then
+ LIBS="-lrt $LIBS"
+ fi
+AC_ARG_WITH(libxml2,
+ AS_HELP_STRING([--with-libxml2], [link against libxml2. this is needed if bind was built with xml2 support enabled]),
@@ -37,6 +37,26 @@ index 44fb57e..8e9f509 100644
# check for /dev/random (declares HAVE_DEV_RANDOM)
AC_MSG_CHECKING(for random device)
AC_ARG_WITH(randomdev,
---
-1.8.3.1
-
+Index: dhcp-4.4.1/configure.ac+lt
+===================================================================
+--- dhcp-4.4.1.orig/configure.ac+lt
++++ dhcp-4.4.1/configure.ac+lt
+@@ -909,6 +909,18 @@ elif test "$want_libtool" = "yes" -a "$u
+ fi
+ AM_CONDITIONAL(INSTALL_BIND, test "$want_install_bind" = "yes")
+
++AC_ARG_WITH(libxml2,
++ AS_HELP_STRING([--with-libxml2], [link against libxml2. this is needed if bind was built with xml2 support enabled]),
++ with_libxml2="$withval", with_libxml2="no")
++
++if test x$with_libxml2 != xno; then
++ AC_SEARCH_LIBS(xmlTextWriterStartElement, [xml2],,
++ [if test x$with_libxml2 != xauto; then
++ AC_MSG_FAILURE([*** Cannot find xmlTextWriterStartElement with -lxml2 and libxml2 was requested])
++ fi])
++fi
++
++
+ # OpenLDAP support.
+ AC_ARG_WITH(ldap,
+ AS_HELP_STRING([--with-ldap],[enable OpenLDAP support in dhcpd (default is no)]),
diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp/0008-tweak-to-support-external-bind.patch b/poky/meta/recipes-connectivity/dhcp/dhcp/0008-tweak-to-support-external-bind.patch
index a20b5f96f..006d18ae7 100644
--- a/poky/meta/recipes-connectivity/dhcp/dhcp/0008-tweak-to-support-external-bind.patch
+++ b/poky/meta/recipes-connectivity/dhcp/dhcp/0008-tweak-to-support-external-bind.patch
@@ -20,10 +20,10 @@ Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
server/tests/Makefile.am | 2 +-
8 files changed, 8 insertions(+), 8 deletions(-)
-Index: dhcp-4.3.6/client/Makefile.am
-===================================================================
---- dhcp-4.3.6.orig/client/Makefile.am
-+++ dhcp-4.3.6/client/Makefile.am
+diff --git a/client/Makefile.am b/client/Makefile.am
+index 4730bb3..84d8131 100644
+--- a/client/Makefile.am
++++ b/client/Makefile.am
@@ -4,7 +4,7 @@
# production code. Sadly, we are not there yet.
SUBDIRS = . tests
@@ -33,10 +33,10 @@ Index: dhcp-4.3.6/client/Makefile.am
AM_CPPFLAGS = -DCLIENT_PATH='"PATH=$(sbindir):/sbin:/bin:/usr/sbin:/usr/bin"' \
-DLOCALSTATEDIR='"$(localstatedir)"' -I$(top_srcdir)/includes
-Index: dhcp-4.3.6/client/tests/Makefile.am
-===================================================================
---- dhcp-4.3.6.orig/client/tests/Makefile.am
-+++ dhcp-4.3.6/client/tests/Makefile.am
+diff --git a/client/tests/Makefile.am b/client/tests/Makefile.am
+index 5031d0c..a8dfd26 100644
+--- a/client/tests/Makefile.am
++++ b/client/tests/Makefile.am
@@ -1,6 +1,6 @@
SUBDIRS = .
@@ -45,10 +45,10 @@ Index: dhcp-4.3.6/client/tests/Makefile.am
AM_CPPFLAGS = $(ATF_CFLAGS) -DUNIT_TEST -I$(top_srcdir)/includes
AM_CPPFLAGS += -I@BINDDIR@/include -I$(top_srcdir)
-Index: dhcp-4.3.6/common/tests/Makefile.am
-===================================================================
---- dhcp-4.3.6.orig/common/tests/Makefile.am
-+++ dhcp-4.3.6/common/tests/Makefile.am
+diff --git a/common/tests/Makefile.am b/common/tests/Makefile.am
+index f6a43e4..2f98d22 100644
+--- a/common/tests/Makefile.am
++++ b/common/tests/Makefile.am
@@ -1,6 +1,6 @@
SUBDIRS = .
@@ -57,40 +57,40 @@ Index: dhcp-4.3.6/common/tests/Makefile.am
AM_CPPFLAGS = $(ATF_CFLAGS) -I$(top_srcdir)/includes
-Index: dhcp-4.3.6/dhcpctl/Makefile.am
-===================================================================
---- dhcp-4.3.6.orig/dhcpctl/Makefile.am
-+++ dhcp-4.3.6/dhcpctl/Makefile.am
+diff --git a/dhcpctl/Makefile.am b/dhcpctl/Makefile.am
+index ba8dd8b..9b2486e 100644
+--- a/dhcpctl/Makefile.am
++++ b/dhcpctl/Makefile.am
@@ -1,4 +1,4 @@
-BINDLIBDIR = @BINDDIR@/lib
+BINDLIBDIR = @BINDDIR@
AM_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_srcdir)
-Index: dhcp-4.3.6/omapip/Makefile.am
-===================================================================
---- dhcp-4.3.6.orig/omapip/Makefile.am
-+++ dhcp-4.3.6/omapip/Makefile.am
+diff --git a/omapip/Makefile.am b/omapip/Makefile.am
+index dd1afa0..e4a8599 100644
+--- a/omapip/Makefile.am
++++ b/omapip/Makefile.am
@@ -1,4 +1,4 @@
-BINDLIBDIR = @BINDDIR@/lib
+BINDLIBDIR = @BINDDIR@
AM_CPPFLAGS = -I$(top_srcdir)/includes
- lib_LTLIBRARIES = libomapi.la
-Index: dhcp-4.3.6/relay/Makefile.am
-===================================================================
---- dhcp-4.3.6.orig/relay/Makefile.am
-+++ dhcp-4.3.6/relay/Makefile.am
+ lib_LIBRARIES = libomapi.a
+diff --git a/relay/Makefile.am b/relay/Makefile.am
+index 6d652f6..b3bf578 100644
+--- a/relay/Makefile.am
++++ b/relay/Makefile.am
@@ -1,4 +1,4 @@
-BINDLIBDIR = @BINDDIR@/lib
+BINDLIBDIR = @BINDDIR@
AM_CPPFLAGS = -DLOCALSTATEDIR='"@localstatedir@"' -I$(top_srcdir)/includes
-Index: dhcp-4.3.6/server/Makefile.am
-===================================================================
---- dhcp-4.3.6.orig/server/Makefile.am
-+++ dhcp-4.3.6/server/Makefile.am
+diff --git a/server/Makefile.am b/server/Makefile.am
+index 3990b9c..b5d8c2d 100644
+--- a/server/Makefile.am
++++ b/server/Makefile.am
@@ -4,7 +4,7 @@
# production code. Sadly, we are not there yet.
SUBDIRS = . tests
@@ -100,10 +100,10 @@ Index: dhcp-4.3.6/server/Makefile.am
AM_CPPFLAGS = -I$(top_srcdir) -DLOCALSTATEDIR='"@localstatedir@"' -I$(top_srcdir)/includes
-Index: dhcp-4.3.6/server/tests/Makefile.am
-===================================================================
---- dhcp-4.3.6.orig/server/tests/Makefile.am
-+++ dhcp-4.3.6/server/tests/Makefile.am
+diff --git a/server/tests/Makefile.am b/server/tests/Makefile.am
+index a87c5e7..9821081 100644
+--- a/server/tests/Makefile.am
++++ b/server/tests/Makefile.am
@@ -1,6 +1,6 @@
SUBDIRS = .
@@ -112,3 +112,6 @@ Index: dhcp-4.3.6/server/tests/Makefile.am
AM_CPPFLAGS = $(ATF_CFLAGS) -DUNIT_TEST -I$(top_srcdir)/includes
AM_CPPFLAGS += -I@BINDDIR@/include -I$(top_srcdir)
+--
+1.8.3.1
+
diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp/0010-build-shared-libs.patch b/poky/meta/recipes-connectivity/dhcp/dhcp/0010-build-shared-libs.patch
deleted file mode 100644
index 898b1fc7e..000000000
--- a/poky/meta/recipes-connectivity/dhcp/dhcp/0010-build-shared-libs.patch
+++ /dev/null
@@ -1,205 +0,0 @@
-From 76c370a929e5ab5dbc81c2fbcf4e50f4fbc08ce9 Mon Sep 17 00:00:00 2001
-From: Kai Kang <kai.kang@windriver.com>
-Date: Tue, 15 Aug 2017 15:53:37 +0800
-Subject: [PATCH 10/11] build shared libs
-
-Upstream-Status: Pending
-
-Port patches from Fedora to build shared libs rather than static libs.
-
-Signed-off-by: Kai Kang <kai.kang@windriver.com>
-
-Rebase to 4.3.6
-
-Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
----
- client/Makefile.am | 4 ++--
- common/tests/Makefile.am | 13 +++++--------
- configure.ac | 12 ++----------
- dhcpctl/Makefile.am | 14 ++++++--------
- omapip/Makefile.am | 7 +++----
- relay/Makefile.am | 5 ++---
- server/Makefile.am | 7 +++----
- server/tests/Makefile.am | 7 +++----
- 8 files changed, 26 insertions(+), 43 deletions(-)
-
-Index: dhcp-4.3.6/client/Makefile.am
-===================================================================
---- dhcp-4.3.6.orig/client/Makefile.am
-+++ dhcp-4.3.6/client/Makefile.am
-@@ -15,7 +15,7 @@ dhclient_SOURCES = $(srcdir)/clparse.c $
- scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
- scripts/netbsd scripts/nextstep scripts/openbsd \
- scripts/solaris scripts/openwrt
--dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.a $(BINDLIBDIR)/libirs.a \
-- $(BINDLIBDIR)/libdns.a $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
-+dhclient_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
-+ -L$(BINDLIBDIR) -lirs -ldns -lisccfg -lisc
- man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
- EXTRA_DIST = $(man_MANS)
-Index: dhcp-4.3.6/common/tests/Makefile.am
-===================================================================
---- dhcp-4.3.6.orig/common/tests/Makefile.am
-+++ dhcp-4.3.6/common/tests/Makefile.am
-@@ -15,26 +15,23 @@ ATF_TESTS += alloc_unittest dns_unittest
- alloc_unittest_SOURCES = test_alloc.c $(top_srcdir)/tests/t_api_dhcp.c
- alloc_unittest_LDADD = $(ATF_LDFLAGS)
- alloc_unittest_LDADD += ../libdhcp.a \
-- ../../omapip/libomapi.a $(BINDLIBDIR)/libirs.a \
-- $(BINDLIBDIR)/libdns.a $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
-+ ../../omapip/libomapi.la -L$(BINDLIBDIR) -ldns -lisccfg -lisc
-
- dns_unittest_SOURCES = dns_unittest.c $(top_srcdir)/tests/t_api_dhcp.c
- dns_unittest_LDADD = $(ATF_LDFLAGS)
- dns_unittest_LDADD += ../libdhcp.a \
-- ../../omapip/libomapi.a $(BINDLIBDIR)/libirs.a \
-- $(BINDLIBDIR)/libdns.a $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
-+ ../../omapip/libomapi.la -L$(BINDLIBDIR) -ldns -lisccfg -lisc
-
- misc_unittest_SOURCES = misc_unittest.c $(top_srcdir)/tests/t_api_dhcp.c
- misc_unittest_LDADD = $(ATF_LDFLAGS)
- misc_unittest_LDADD += ../libdhcp.a \
-- ../../omapip/libomapi.a $(BINDLIBDIR)/libirs.a \
-- $(BINDLIBDIR)/libdns.a $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
-+ ../../omapip/libomapi.la -L$(BINDLIBDIR) -ldns -lisccfg -lisc
-
- ns_name_unittest_SOURCES = ns_name_test.c $(top_srcdir)/tests/t_api_dhcp.c
- ns_name_unittest_LDADD = $(ATF_LDFLAGS)
- ns_name_unittest_LDADD += ../libdhcp.a \
-- ../../omapip/libomapi.a $(BINDLIBDIR)/libirs.a \
-- $(BINDLIBDIR)/libdns.a $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
-+ ../../omapip/libomapi.a -L$(BINDLIBDIR) \
-+ -ldns -lisccfg -lisc
-
- check: $(ATF_TESTS)
- @if test $(top_srcdir) != ${top_builddir}; then \
-Index: dhcp-4.3.6/configure.ac
-===================================================================
---- dhcp-4.3.6.orig/configure.ac
-+++ dhcp-4.3.6/configure.ac
-@@ -47,16 +47,8 @@ AM_CONDITIONAL(CROSS_COMPILING, test "$c
- # Use this to define _GNU_SOURCE to pull in the IPv6 Advanced Socket API.
- AC_USE_SYSTEM_EXTENSIONS
-
--AC_PROG_RANLIB
--
--AC_PATH_PROG(AR, ar)
--AC_SUBST(AR)
--
--if test "X$AR" = "X"; then
-- AC_MSG_ERROR([
--ar program not found. Please fix your PATH to include the directory in
--which ar resides, or set AR in the environment with the full path to ar.])
--fi
-+# Use libtool to simplify building of shared libraries
-+AC_PROG_LIBTOOL
-
- AC_CONFIG_HEADERS([includes/config.h])
-
-Index: dhcp-4.3.6/dhcpctl/Makefile.am
-===================================================================
---- dhcp-4.3.6.orig/dhcpctl/Makefile.am
-+++ dhcp-4.3.6/dhcpctl/Makefile.am
-@@ -3,19 +3,17 @@ BINDLIBDIR = @BINDDIR@/lib
- AM_CPPFLAGS = -I$(top_srcdir)/includes -I$(top_srcdir)
-
- bin_PROGRAMS = omshell
--lib_LIBRARIES = libdhcpctl.a
-+lib_LTLIBRARIES = libdhcpctl.la
- noinst_PROGRAMS = cltest
- man_MANS = omshell.1 dhcpctl.3
- EXTRA_DIST = $(man_MANS)
-
- omshell_SOURCES = omshell.c
--omshell_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
-- $(BINDLIBDIR)/libirs.a $(BINDLIBDIR)/libdns.a \
-- $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
-+omshell_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
-+ -L$(BINDLIBDIR) -lirs -ldns -lisccfg -lisc
-
--libdhcpctl_a_SOURCES = dhcpctl.c callback.c remote.c
-+libdhcpctl_la_SOURCES = dhcpctl.c callback.c remote.c
-
- cltest_SOURCES = cltest.c
--cltest_LDADD = libdhcpctl.a ../common/libdhcp.a ../omapip/libomapi.a \
-- $(BINDLIBDIR)/libirs.a $(BINDLIBDIR)/libdns.a \
-- $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
-+cltest_LDADD = libdhcpctl.la ../common/libdhcp.a ../omapip/libomapi.la \
-+ -L$(BINDLIBDIR) -lirs -ldns -lisccfg -lisc
-Index: dhcp-4.3.6/omapip/Makefile.am
-===================================================================
---- dhcp-4.3.6.orig/omapip/Makefile.am
-+++ dhcp-4.3.6/omapip/Makefile.am
-@@ -1,10 +1,10 @@
- BINDLIBDIR = @BINDDIR@/lib
- AM_CPPFLAGS = -I$(top_srcdir)/includes
-
--lib_LIBRARIES = libomapi.a
-+lib_LTLIBRARIES = libomapi.la
- noinst_PROGRAMS = svtest
-
--libomapi_a_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
-+libomapi_la_SOURCES = protocol.c buffer.c alloc.c result.c connection.c \
- errwarn.c listener.c dispatch.c generic.c support.c \
- handle.c message.c convert.c hash.c auth.c inet_addr.c \
- array.c trace.c toisc.c iscprint.c isclib.c
-@@ -13,6 +13,5 @@ man_MANS = omapi.3
- EXTRA_DIST = $(man_MANS)
-
- svtest_SOURCES = test.c
--svtest_LDADD = libomapi.a $(BINDLIBDIR)/libirs.a $(BINDLIBDIR)/libdns.a \
-- $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
-+svtest_LDADD = libomapi.la -L$(BINDLIBDIR) -lirs -ldns -lisccfg -lisc
-
-Index: dhcp-4.3.6/relay/Makefile.am
-===================================================================
---- dhcp-4.3.6.orig/relay/Makefile.am
-+++ dhcp-4.3.6/relay/Makefile.am
-@@ -4,9 +4,8 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
-
- sbin_PROGRAMS = dhcrelay
- dhcrelay_SOURCES = dhcrelay.c
--dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- $(BINDLIBDIR)/libirs.a $(BINDLIBDIR)/libdns.a \
-- $(BINDLIBDIR)/libisccfg.a $(BINDLIBDIR)/libisc.a
-+dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
-+ -L$(BINDLIBDIR) -lirs -ldns -lisccfg -lisc
- man_MANS = dhcrelay.8
- EXTRA_DIST = $(man_MANS)
-
-Index: dhcp-4.3.6/server/Makefile.am
-===================================================================
---- dhcp-4.3.6.orig/server/Makefile.am
-+++ dhcp-4.3.6/server/Makefile.am
-@@ -15,10 +15,9 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
- dhcpv6.c mdb6.c ldap.c ldap_casa.c leasechain.c ldap_krb_helper.c
-
- dhcpd_CFLAGS = $(LDAP_CFLAGS)
--dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
-- ../dhcpctl/libdhcpctl.a $(BINDLIBDIR)/libirs.a \
-- $(BINDLIBDIR)/libdns.a $(BINDLIBDIR)/libisccfg.a \
-- $(BINDLIBDIR)/libisc.a $(LDAP_LIBS)
-+dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.la \
-+ ../dhcpctl/libdhcpctl.la -L$(BINDLIBDIR) \
-+ -lirs -ldns -lisccfg -lisc $(LDAP_LIBS)
-
- man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
- EXTRA_DIST = $(man_MANS)
-Index: dhcp-4.3.6/server/tests/Makefile.am
-===================================================================
---- dhcp-4.3.6.orig/server/tests/Makefile.am
-+++ dhcp-4.3.6/server/tests/Makefile.am
-@@ -19,10 +19,9 @@ DHCPSRC = ../dhcp.c ../bootp.c ../confpa
- ../ddns.c ../dhcpleasequery.c ../dhcpv6.c ../mdb6.c \
- ../ldap.c ../ldap_casa.c ../dhcpd.c ../leasechain.c
-
--DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.a \
-- $(top_builddir)/dhcpctl/libdhcpctl.a $(BINDLIBDIR)/libirs.a \
-- $(BINDLIBDIR)/libdns.a $(BINDLIBDIR)/libisccfg.a \
-- $(BINDLIBDIR)/libisc.a
-+DHCPLIBS = $(top_builddir)/common/libdhcp.a $(top_builddir)/omapip/libomapi.la \
-+ $(top_builddir)/dhcpctl/libdhcpctl.la \
-+ -L$(BINDLIBDIR) -lirs -ldns -lisccfg -lisc
-
- ATF_TESTS =
- if HAVE_ATF
diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp/0011-Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch b/poky/meta/recipes-connectivity/dhcp/dhcp/0011-Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch
deleted file mode 100644
index 67bb4631a..000000000
--- a/poky/meta/recipes-connectivity/dhcp/dhcp/0011-Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch
+++ /dev/null
@@ -1,81 +0,0 @@
-From 37725f3e22edb50e0ca2d1fff971321a5a4d5112 Mon Sep 17 00:00:00 2001
-From: Hongxu Jia <hongxu.jia@windriver.com>
-Date: Wed, 12 Jul 2017 03:05:13 -0400
-Subject: [PATCH 11/11] Moved the call to isc_app_ctxstart() to not get signal
- block by all threads
-
-Signed-off-by: Francis Dupont <fdupont@isc.org>
-
-In https://source.isc.org/git/bind9.git, since the following
-commit applied:
-...
-commit b99bfa184bc9375421b5df915eea7dfac6a68a99
-Author: Evan Hunt <each@isc.org>
-Date: Wed Apr 10 13:49:57 2013 -0700
-
- [master] unify internal and export libraries
-
- 3550. [func] Unified the internal and export versions of the
- BIND libraries, allowing external clients to use
- the same libraries as BIND. [RT #33131]
-...
-(git show b99bfa184bc9375421b5df915eea7dfac6a68a99 -- ./lib/isc/unix/app.c)
-
-In this commit, if bind9 enable threads(ISC_PLATFORM_USETHREADS),
-it blocks signal SIGHUP, SIGINT and SIGTERM in isc__app_ctxstart.
-Which caused dhclient/dhcpd could not be stopped by SIGTERM.
-
-It caused systemd's reboot hung which send SIGTERM by default.
-
-Upstream-Status: Backport [https://source.isc.org/git/dhcp.git]
-Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
----
- omapip/isclib.c | 25 +++++++++++++++----------
- 1 file changed, 15 insertions(+), 10 deletions(-)
-
-diff --git a/omapip/isclib.c b/omapip/isclib.c
-index ce86490..6a04345 100644
---- a/omapip/isclib.c
-+++ b/omapip/isclib.c
-@@ -185,16 +185,6 @@ dhcp_context_create(int flags,
- if (result != ISC_R_SUCCESS)
- goto cleanup;
-
-- result = isc_app_ctxstart(dhcp_gbl_ctx.actx);
-- if (result != ISC_R_SUCCESS)
-- return (result);
-- dhcp_gbl_ctx.actx_started = ISC_TRUE;
--
-- /* Not all OSs support suppressing SIGPIPE through socket
-- * options, so set the sigal action to be ignore. This allows
-- * broken connections to fail gracefully with EPIPE on writes */
-- handle_signal(SIGPIPE, SIG_IGN);
--
- result = isc_taskmgr_createinctx(dhcp_gbl_ctx.mctx,
- dhcp_gbl_ctx.actx,
- 1, 0,
-@@ -217,6 +207,21 @@ dhcp_context_create(int flags,
- result = isc_task_create(dhcp_gbl_ctx.taskmgr, 0, &dhcp_gbl_ctx.task);
- if (result != ISC_R_SUCCESS)
- goto cleanup;
-+
-+ result = isc_app_ctxstart(dhcp_gbl_ctx.actx);
-+ if (result != ISC_R_SUCCESS)
-+ return (result);
-+ dhcp_gbl_ctx.actx_started = ISC_TRUE;
-+
-+ /* Not all OSs support suppressing SIGPIPE through socket
-+ * options, so set the sigal action to be ignore. This allows
-+ * broken connections to fail gracefully with EPIPE on writes */
-+ handle_signal(SIGPIPE, SIG_IGN);
-+
-+ /* Reset handlers installed by isc_app_ctxstart()
-+ * to default for control-c and kill */
-+ handle_signal(SIGINT, SIG_DFL);
-+ handle_signal(SIGTERM, SIG_DFL);
- }
-
- #if defined (NSUPDATE)
---
-1.8.3.1
-
diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp/0012-dhcp-correct-the-intention-for-xml2-lib-search.patch b/poky/meta/recipes-connectivity/dhcp/dhcp/0012-dhcp-correct-the-intention-for-xml2-lib-search.patch
index 2d3af9db0..39ba65fbc 100644
--- a/poky/meta/recipes-connectivity/dhcp/dhcp/0012-dhcp-correct-the-intention-for-xml2-lib-search.patch
+++ b/poky/meta/recipes-connectivity/dhcp/dhcp/0012-dhcp-correct-the-intention-for-xml2-lib-search.patch
@@ -19,11 +19,11 @@ Signed-off-by: Awais Belal <awais_belal@mentor.com>
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
-diff --git a/configure.ac b/configure.ac
-index bfe988a..f0459e6 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -608,7 +608,7 @@ AC_ARG_WITH(libxml2,
+Index: dhcp-4.4.1/configure.ac
+===================================================================
+--- dhcp-4.4.1.orig/configure.ac
++++ dhcp-4.4.1/configure.ac
+@@ -647,7 +647,7 @@ AC_ARG_WITH(libxml2,
with_libxml2="$withval", with_libxml2="no")
if test x$with_libxml2 != xno; then
@@ -32,6 +32,3 @@ index bfe988a..f0459e6 100644
[if test x$with_libxml2 != xauto; then
AC_MSG_FAILURE([*** Cannot find xmlTextWriterStartElement with -lxml2 and libxml2 was requested])
fi])
---
-2.11.1
-
diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp/0013-fixup_use_libbind.patch b/poky/meta/recipes-connectivity/dhcp/dhcp/0013-fixup_use_libbind.patch
new file mode 100644
index 000000000..fcec010bd
--- /dev/null
+++ b/poky/meta/recipes-connectivity/dhcp/dhcp/0013-fixup_use_libbind.patch
@@ -0,0 +1,64 @@
+lib and include path is hardcoded for use_libbind
+
+use libdir and includedir vars
+
+Upstream-Status: Pending
+Signed-off-by: Armin Kuster <akuster808@gmail.com>
+
+Index: dhcp-4.4.1/configure.ac+lt
+===================================================================
+--- dhcp-4.4.1.orig/configure.ac+lt
++++ dhcp-4.4.1/configure.ac+lt
+@@ -801,22 +801,22 @@ no)
+ if test ! -d "$use_libbind"; then
+ AC_MSG_ERROR([Cannot find bind directory at $use_libbind])
+ fi
+- if test ! -d "$use_libbind/include" -o \
+- ! -f "$use_libbind/include/isc/buffer.h"
++ if test ! -d "$use_libbind/$includedir" -o \
++ ! -f "$use_libbind/$includedir/isc/buffer.h"
+ then
+- AC_MSG_ERROR([Cannot find bind includes at $use_libbind/include])
++ AC_MSG_ERROR([Cannot find bind includes at $use_libbind/$includedir])
+ fi
+- if test ! -d "$use_libbind/lib" -o \
+- \( ! -f "$use_libbind/lib/libisc.a" -a \
+- ! -f "$use_libbind/lib/libisc.la" \)
++ if test ! -d "$use_libbind/$libdir" -o \
++ \( ! -f "$use_libbind/$libdir/libisc.a" -a \
++ ! -f "$use_libbind/$libdir/libisc.la" \)
+ then
+- AC_MSG_ERROR([Cannot find bind libraries at $use_libbind/lib])
++ AC_MSG_ERROR([Cannot find bind libraries at $use_libbind/$libdir])
+ fi
+ BINDDIR="$use_libbind"
+- BINDLIBIRSDIR="$BINDDIR/lib"
+- BINDLIBDNSDIR="$BINDDIR/lib"
+- BINDLIBISCCFGDIR="$BINDDIR/lib"
+- BINDLIBISCDIR="$BINDDIR/lib"
++ BINDLIBIRSDIR="$BINDDIR/$libdir"
++ BINDLIBDNSDIR="$BINDDIR/$libdir"
++ BINDLIBISCCFGDIR="$BINDDIR/$libdir"
++ BINDLIBISCDIR="$BINDDIR/$libdir"
+ DISTCHECK_LIBBIND_CONFIGURE_FLAG="--with-libbind=$use_libbind"
+ ;;
+ esac
+@@ -856,14 +856,14 @@ AC_ARG_ENABLE(libtool,
+
+ if test "$use_libbind" != "no"; then
+ if test "$want_libtool" = "yes" -a \
+- ! -f "$use_libbind/lib/libisc.la"
++ ! -f "$use_libbind/$libdir/libisc.la"
+ then
+- AC_MSG_ERROR([Cannot find dynamic libraries at $use_libbind/lib])
++ AC_MSG_ERROR([Cannot find dynamic libraries at $use_libbind/$libdir])
+ fi
+ if test "$want_libtool" = "no" -a \
+- ! -f "$use_libbind/lib/libisc.a"
++ ! -f "$use_libbind/$libdir/libisc.a"
+ then
+- AC_MSG_ERROR([Cannot find static libraries at $use_libbind/lib])
++ AC_MSG_ERROR([Cannot find static libraries at $use_libbind/$libdir])
+ fi
+ fi
+
diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2017-3144.patch b/poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2017-3144.patch
deleted file mode 100644
index 2b2688cb2..000000000
--- a/poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2017-3144.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-From 8cfdedee369c26d2869b6ec4a64460b5f5a30934 Mon Sep 17 00:00:00 2001
-From: Thomas Markwalder <tmark@isc.org>
-Date: Thu, 7 Dec 2017 11:39:30 -0500
-Subject: [PATCH] [v4_3] Plugs a socket descriptor leak in OMAPI
-
- Merges in rt46767.
-
-Upstream-Status: Backport
-[https://source.isc.org/cgi-bin/gitweb.cgi?p=dhcp.git;a=commitdiff;h=5097bc0559f592683faac1f67bf350e1bddf6ed4]
-
-CVE: CVE-2017-3144
-
-Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
----
- RELNOTES | 7 +++++++
- omapip/buffer.c | 9 +++++++++
- omapip/message.c | 2 +-
- 3 files changed, 17 insertions(+), 1 deletion(-)
-
-diff --git a/RELNOTES b/RELNOTES
-index dd40aaf..3741b80 100644
---- a/RELNOTES
-+++ b/RELNOTES
-@@ -66,6 +66,13 @@ We welcome comments from DHCP users, about this or anything else we do.
- Email Vicky Risk, Product Manager at vicky@isc.org or discuss on
- dhcp-users@lists.isc.org.
-
-+- Plugged a socket descriptor leak in OMAPI, that can occur when there is
-+ data pending to be written to an OMAPI connection, when the connection
-+ is closed by the reader. Thanks to Pavel Zhukov at RedHat for bringing
-+ this issue to our attention and whose patch helped guide us in the right
-+ direction.
-+ [ISc-Bugs #46767]
-+
- Changes since 4.3.6b1
-
- - None
-diff --git a/omapip/buffer.c b/omapip/buffer.c
-index f7fdc32..809034d 100644
---- a/omapip/buffer.c
-+++ b/omapip/buffer.c
-@@ -566,6 +566,15 @@ isc_result_t omapi_connection_writer (omapi_object_t *h)
- omapi_buffer_dereference (&buffer, MDL);
- }
- }
-+
-+ /* If we had data left to write when we're told to disconnect,
-+ * we need recall disconnect, now that we're done writing.
-+ * See rt46767. */
-+ if (c->out_bytes == 0 && c->state == omapi_connection_disconnecting) {
-+ omapi_disconnect (h, 1);
-+ return ISC_R_SHUTTINGDOWN;
-+ }
-+
- return ISC_R_SUCCESS;
- }
-
-diff --git a/omapip/message.c b/omapip/message.c
-index 59ccdc2..21bcfc3 100644
---- a/omapip/message.c
-+++ b/omapip/message.c
-@@ -339,7 +339,7 @@ isc_result_t omapi_message_unregister (omapi_object_t *mo)
- }
-
- #ifdef DEBUG_PROTOCOL
--static const char *omapi_message_op_name(int op) {
-+const char *omapi_message_op_name(int op) {
- switch (op) {
- case OMAPI_OP_OPEN: return "OMAPI_OP_OPEN";
- case OMAPI_OP_REFRESH: return "OMAPI_OP_REFRESH";
---
-2.7.4
-
diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp_4.3.6.bb b/poky/meta/recipes-connectivity/dhcp/dhcp_4.3.6.bb
deleted file mode 100644
index 8b30579e2..000000000
--- a/poky/meta/recipes-connectivity/dhcp/dhcp_4.3.6.bb
+++ /dev/null
@@ -1,35 +0,0 @@
-require dhcp.inc
-
-SRC_URI += "file://0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch \
- file://0002-dhclient-dbus.patch \
- file://0003-link-with-lcrypto.patch \
- file://0004-Fix-out-of-tree-builds.patch \
- file://0005-dhcp-client-fix-invoke-dhclient-script-failed-on-Rea.patch \
- file://0006-site.h-enable-gentle-shutdown.patch \
- file://0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch \
- file://0009-remove-dhclient-script-bash-dependency.patch \
- file://0010-build-shared-libs.patch \
- file://0011-Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch \
- file://0012-dhcp-correct-the-intention-for-xml2-lib-search.patch \
- file://CVE-2017-3144.patch \
- "
-
-# use internal libisc libraries which are based on bind 9.9.11 - there
-# is a bug in bind 9.10.x (normally supplied by OE) that prevents
-# dhcpd/dhclient from shutting down cleanly on sigterm and from running
-# in the background
-#
-# [https://bugzilla.yoctoproject.org/show_bug.cgi?id=12744]
-#
-# remove "ext-bind" and
-# also set PARALLEL_MAKE = ""
-# [ Yocto 12744 ]
-#
-SRC_URI += "${@bb.utils.contains('PACKAGECONFIG', 'ext-bind', 'file://0008-tweak-to-support-external-bind.patch', '', d)}"
-
-SRC_URI[md5sum] = "afa6e9b3eb7539ea048421a82c668adc"
-SRC_URI[sha256sum] = "a41eaf6364f1377fe065d35671d9cf82bbbc8f21207819b2b9f33f652aec6f1b"
-
-PACKAGECONFIG ?= "ext-bind"
-PACKAGECONFIG[bind-httpstats] = "--with-libxml2,--without-libxml2,libxml2"
-PACKAGECONFIG[ext-bind] = "--with-libbind=${STAGING_LIBDIR}, --without-libbind, bind"
diff --git a/poky/meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb b/poky/meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb
new file mode 100644
index 000000000..159abbc40
--- /dev/null
+++ b/poky/meta/recipes-connectivity/dhcp/dhcp_4.4.1.bb
@@ -0,0 +1,21 @@
+require dhcp.inc
+
+SRC_URI += "file://0001-define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch \
+ file://0002-dhclient-dbus.patch \
+ file://0003-link-with-lcrypto.patch \
+ file://0004-Fix-out-of-tree-builds.patch \
+ file://0005-dhcp-client-fix-invoke-dhclient-script-failed-on-Rea.patch \
+ file://0006-site.h-enable-gentle-shutdown.patch \
+ file://0007-Add-configure-argument-to-make-the-libxml2-dependenc.patch \
+ file://0009-remove-dhclient-script-bash-dependency.patch \
+ file://0012-dhcp-correct-the-intention-for-xml2-lib-search.patch \
+ file://0013-fixup_use_libbind.patch \
+"
+
+SRC_URI[md5sum] = "18c7f4dcbb0a63df25098216d47b1ede"
+SRC_URI[sha256sum] = "2a22508922ab367b4af4664a0472dc220cc9603482cf3c16d9aff14f3a76b608"
+
+LDFLAGS_append = " -pthread"
+
+PACKAGECONFIG ?= ""
+PACKAGECONFIG[bind-httpstats] = "--with-libxml2,--without-libxml2,libxml2"
diff --git a/poky/meta/recipes-connectivity/dhcp/files/dhcpd6.service b/poky/meta/recipes-connectivity/dhcp/files/dhcpd6.service
index ca96abb83..52a6224dc 100644
--- a/poky/meta/recipes-connectivity/dhcp/files/dhcpd6.service
+++ b/poky/meta/recipes-connectivity/dhcp/files/dhcpd6.service
@@ -9,7 +9,7 @@ PIDFile=@localstatedir@/run/dhcpd6.pid
EnvironmentFile=@SYSCONFDIR@/default/dhcp-server
EnvironmentFile=-@SYSCONFDIR@/sysconfig/dhcpd6
ExecStartPre=@base_bindir@/touch @localstatedir@/lib/dhcp/dhcpd6.leases
-ExecStart=@SBINDIR@/dhcpd -f -6 -cf @SYSCONFDIR@/dhcp/dhcpd.conf -pf @localstatedir@/run/dhcpd6.pid $DHCPDARGS -q $INTERFACES
+ExecStart=@SBINDIR@/dhcpd -f -6 -cf @SYSCONFDIR@/dhcp/dhcpd6.conf -pf @localstatedir@/run/dhcpd6.pid $DHCPDARGS -q $INTERFACES
[Install]
WantedBy=multi-user.target
diff --git a/poky/meta/recipes-connectivity/iproute2/iproute2.inc b/poky/meta/recipes-connectivity/iproute2/iproute2.inc
index 4fbfec6f0..b28358906 100644
--- a/poky/meta/recipes-connectivity/iproute2/iproute2.inc
+++ b/poky/meta/recipes-connectivity/iproute2/iproute2.inc
@@ -9,7 +9,7 @@ LICENSE = "GPLv2+"
LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a \
file://ip/ip.c;beginline=3;endline=8;md5=689d691d0410a4b64d3899f8d6e31817"
-DEPENDS = "flex-native bison-native iptables elfutils"
+DEPENDS = "flex-native bison-native iptables elfutils libcap"
inherit update-alternatives bash-completion pkgconfig
diff --git a/poky/meta/recipes-connectivity/iproute2/iproute2/0001-iproute2-de-bash-scripts.patch b/poky/meta/recipes-connectivity/iproute2/iproute2/0001-iproute2-de-bash-scripts.patch
deleted file mode 100644
index c3d3fea9c..000000000
--- a/poky/meta/recipes-connectivity/iproute2/iproute2/0001-iproute2-de-bash-scripts.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-Subject: [PATCH] iproute2: de-bash scripts
-
-de-bash these two scripts to make iproute2 not depend on bash.
-
-Upstream-Status: Pending
-
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
----
- ip/ifcfg | 15 ++++++++-------
- ip/rtpr | 2 +-
- 2 files changed, 9 insertions(+), 8 deletions(-)
-
-diff --git a/ip/ifcfg b/ip/ifcfg
-index 30a2dc4..8677b2e 100644
---- a/ip/ifcfg
-+++ b/ip/ifcfg
-@@ -1,12 +1,13 @@
--#! /bin/bash
-+#! /bin/sh
-
- CheckForwarding () {
-- local sbase fwd
-+ local sbase fwd forwarding
- sbase=/proc/sys/net/ipv4/conf
- fwd=0
- if [ -d $sbase ]; then
- for dir in $sbase/*/forwarding; do
-- fwd=$[$fwd + `cat $dir`]
-+ forwarding=`cat $dir`
-+ fwd=$(($fwd+$forwarding))
- done
- else
- fwd=2
-@@ -127,12 +128,12 @@ fi
- arping -q -A -c 1 -I $dev $ipaddr
- noarp=$?
- ( sleep 2 ;
-- arping -q -U -c 1 -I $dev $ipaddr ) >& /dev/null </dev/null &
-+ arping -q -U -c 1 -I $dev $ipaddr ) > /dev/null 2>&1 </dev/null &
-
--ip route add unreachable 224.0.0.0/24 >& /dev/null
--ip route add unreachable 255.255.255.255 >& /dev/null
-+ip route add unreachable 224.0.0.0/24 > /dev/null 2>&1
-+ip route add unreachable 255.255.255.255 > /dev/null 2>&1
- if [ "`ip link ls $dev | grep -c MULTICAST`" -ge 1 ]; then
-- ip route add 224.0.0.0/4 dev $dev scope global >& /dev/null
-+ ip route add 224.0.0.0/4 dev $dev scope global > /dev/null 2>&1
- fi
-
- if [ $fwd -eq 0 ]; then
-diff --git a/ip/rtpr b/ip/rtpr
-index c3629fd..674198d 100644
---- a/ip/rtpr
-+++ b/ip/rtpr
-@@ -1,4 +1,4 @@
--#! /bin/bash
-+#! /bin/sh
-
- exec tr "[\\\\]" "[
- ]"
---
-2.7.4
-
diff --git a/poky/meta/recipes-connectivity/iproute2/iproute2_4.14.1.bb b/poky/meta/recipes-connectivity/iproute2/iproute2_4.18.0.bb
index 81e2e4a16..8eed37761 100644
--- a/poky/meta/recipes-connectivity/iproute2/iproute2_4.14.1.bb
+++ b/poky/meta/recipes-connectivity/iproute2/iproute2_4.18.0.bb
@@ -2,13 +2,12 @@ require iproute2.inc
SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz \
file://configure-cross.patch \
- file://0001-iproute2-de-bash-scripts.patch \
file://0001-libc-compat.h-add-musl-workaround.patch \
file://0001-ip-Remove-unneed-header.patch \
"
-SRC_URI[md5sum] = "1075423d7029e02a8f23ed4f42b7e372"
-SRC_URI[sha256sum] = "d43ac068afcc350a448f4581b6e292331ef7e4e7aa746e34981582d5fdb10067"
+SRC_URI[md5sum] = "8b8680e91390c57cab788fbf8e929479"
+SRC_URI[sha256sum] = "a9e6c70c95f513871c5e1f4e452c04fcb3c4d8a05be651bd794cd994a52daa45"
# CFLAGS are computed in Makefile and reference CCOPTS
#
diff --git a/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb b/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb
index 8d2feec76..d0eb2768d 100644
--- a/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb
+++ b/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb
@@ -17,6 +17,8 @@ SRC_URI[sha256sum] = "1e683c2e7c3921814706d62fbbd3e9cbf493a75fa00255e0e715508d81
S = "${WORKDIR}/nss-mdns-${PV}"
+localstatedir = "/"
+
inherit autotools
EXTRA_OECONF = "--libdir=${base_libdir} --disable-lynx --enable-avahi"
@@ -28,13 +30,16 @@ DEBIANNAME_${PN} = "libnss-mdns"
RDEPENDS_${PN} = "avahi-daemon"
pkg_postinst_${PN} () {
- sed -e '/^hosts:/s/\s*\<mdns\>//' \
- -e 's/\(^hosts:.*\)\(\<files\>\)\(.*\)\(\<dns\>\)\(.*\)/\1\2 mdns4_minimal [NOTFOUND=return]\3\4 mdns\5/' \
- -i $D${sysconfdir}/nsswitch.conf
+ sed '
+ /^hosts:/ !b
+ /\<mdns\(4\|6\)\?\(_minimal\)\?\>/ b
+ s/\([[:blank:]]\+\)dns\>/\1mdns4_minimal [NOTFOUND=return] dns/g
+ ' -i $D${sysconfdir}/nsswitch.conf
}
pkg_prerm_${PN} () {
- sed -e '/^hosts:/s/\s*\<mdns\>//' \
- -e '/^hosts:/s/\s*mdns4_minimal\s\+\[NOTFOUND=return\]//' \
- -i $D${sysconfdir}/nsswitch.conf
+ sed '
+ /^hosts:/ !b
+ s/[[:blank:]]\+mdns\(4\|6\)\?\(_minimal\( \[NOTFOUND=return\]\)\?\)\?//g
+ ' -i $D${sysconfdir}/nsswitch.conf
}
diff --git a/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info/multilibfix.patch b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info/multilibfix.patch
new file mode 100644
index 000000000..7e97e8ec3
--- /dev/null
+++ b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info/multilibfix.patch
@@ -0,0 +1,18 @@
+The mobile-broadband-provider-info.pc file is installed into a non-arch directory
+yet contains libdir which can vary depending on which multilib is configured.
+The .pc file does not require libdir so remove this to fix multilib builds.
+
+Upstream-Status: Backport [8109fcd3c7299fae859fb891ff416927581a9955]
+Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
+
+Index: git/mobile-broadband-provider-info.pc.in
+===================================================================
+--- git.orig/mobile-broadband-provider-info.pc.in 2018-08-07 13:09:31.811364063 +0800
++++ git/mobile-broadband-provider-info.pc.in 2018-08-10 17:49:25.645288320 +0800
+@@ -1,6 +1,5 @@
+ prefix=@prefix@
+ exec_prefix=@exec_prefix@
+-libdir=@libdir@
+ datarootdir = @datarootdir@
+ pkgdatadir=${datarootdir}/@PACKAGE@
+ includedir=@includedir@
diff --git a/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
index 57f521a6c..7f1dd78c1 100644
--- a/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
+++ b/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
@@ -7,8 +7,9 @@ SRCREV = "befcbbc9867e742ac16415660b0b7521218a530c"
PV = "20170310"
PE = "1"
-SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info;protocol=https"
-
+SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https \
+ file://multilibfix.patch \
+"
S = "${WORKDIR}/git"
inherit autotools
diff --git a/poky/meta/recipes-connectivity/nfs-utils/libnfsidmap/0001-include-sys-types.h-for-getting-u_-typedefs.patch b/poky/meta/recipes-connectivity/nfs-utils/libnfsidmap/0001-include-sys-types.h-for-getting-u_-typedefs.patch
deleted file mode 100644
index 4ac529044..000000000
--- a/poky/meta/recipes-connectivity/nfs-utils/libnfsidmap/0001-include-sys-types.h-for-getting-u_-typedefs.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From a5e95a42e7bceddc9ecad06694c1a0588f4bafc8 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Tue, 14 Apr 2015 07:22:47 -0700
-Subject: [PATCH] include sys/types.h for getting u_* typedefs
-
-Upstream-Status: Pending
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- cfg.h | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/cfg.h b/cfg.h
-index d4d4cab..fe49e8f 100644
---- a/cfg.h
-+++ b/cfg.h
-@@ -33,6 +33,7 @@
- #ifndef _CONF_H_
- #define _CONF_H_
-
-+#include <sys/types.h>
- #include "queue.h"
-
- struct conf_list_node {
---
-2.1.4
-
diff --git a/poky/meta/recipes-connectivity/nfs-utils/libnfsidmap/Set_nobody_user_group.patch b/poky/meta/recipes-connectivity/nfs-utils/libnfsidmap/Set_nobody_user_group.patch
deleted file mode 100644
index 4633da919..000000000
--- a/poky/meta/recipes-connectivity/nfs-utils/libnfsidmap/Set_nobody_user_group.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-Set nobody user and group
-
-Upstream-Status: Inappropriate [configuration]
-
-Signed-off-by: Roy.Li <rongqing.li@windriver.com>
---- a/idmapd.conf
-+++ b/idmapd.conf
-@@ -17,8 +17,8 @@
-
- [Mapping]
-
--#Nobody-User = nobody
--#Nobody-Group = nobody
-+Nobody-User = nobody
-+Nobody-Group = nogroup
-
- [Translation]
-
diff --git a/poky/meta/recipes-connectivity/nfs-utils/libnfsidmap/fix-ac-prereq.patch b/poky/meta/recipes-connectivity/nfs-utils/libnfsidmap/fix-ac-prereq.patch
deleted file mode 100644
index d81c7c5f3..000000000
--- a/poky/meta/recipes-connectivity/nfs-utils/libnfsidmap/fix-ac-prereq.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-Upstream-Status: Inappropriate [configuration]
-
---- a/configure.in
-+++ b/configure.in
-@@ -1,7 +1,7 @@
- # -*- Autoconf -*-
- # Process this file with autoconf to produce a configure script.
-
--AC_PREREQ([2.68])
-+AC_PREREQ([2.65])
- AC_INIT([libnfsidmap],[0.25],[linux-nfs@vger.kernel.org])
- AC_CONFIG_SRCDIR([nfsidmap.h])
- AC_CONFIG_MACRO_DIR([m4])
diff --git a/poky/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb b/poky/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb
deleted file mode 100644
index 256577100..000000000
--- a/poky/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb
+++ /dev/null
@@ -1,27 +0,0 @@
-SUMMARY = "NFS id mapping library"
-HOMEPAGE = "http://www.citi.umich.edu/projects/nfsv4/linux/"
-SECTION = "libs"
-
-LICENSE = "BSD"
-LIC_FILES_CHKSUM = "file://COPYING;md5=d9c6a2a0ca6017fda7cd905ed2739b37"
-
-SRC_URI = "http://www.citi.umich.edu/projects/nfsv4/linux/libnfsidmap/${BPN}-${PV}.tar.gz \
- file://fix-ac-prereq.patch \
- file://Set_nobody_user_group.patch \
- file://0001-include-sys-types.h-for-getting-u_-typedefs.patch \
- "
-
-SRC_URI[md5sum] = "2ac4893c92716add1a1447ae01df77ab"
-SRC_URI[sha256sum] = "656d245d84400e1030f8f40a5a27da76370690c4a932baf249110f047fe7efcf"
-
-UPSTREAM_CHECK_URI = "http://www.citi.umich.edu/projects/nfsv4/linux/libnfsidmap/"
-
-inherit autotools
-
-EXTRA_OECONF = "--disable-ldap"
-
-do_install_append () {
- install -d ${D}${sysconfdir}/
- install -m 0644 ${WORKDIR}/${BPN}-${PV}/idmapd.conf ${D}${sysconfdir}/idmapd.conf
-}
-
diff --git a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-configure-Allow-to-explicitly-disable-nfsidmap.patch b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-configure-Allow-to-explicitly-disable-nfsidmap.patch
deleted file mode 100644
index 26b558c81..000000000
--- a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-configure-Allow-to-explicitly-disable-nfsidmap.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 9b84cff305866abd150cf1a4c6e7e5ebf8a7eb3a Mon Sep 17 00:00:00 2001
-From: Martin Jansa <Martin.Jansa@gmail.com>
-Date: Fri, 15 Nov 2013 23:21:35 +0100
-Subject: [PATCH] configure: Allow to explicitly disable nfsidmap
-
-* keyutils availability is autodetected and builds aren't reproducible
-
-Upstream-Status: Pending
-
-Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
----
- configure.ac | 10 +++++++++-
- 1 file changed, 9 insertions(+), 1 deletion(-)
-
-Index: nfs-utils-2.1.1/configure.ac
-===================================================================
---- nfs-utils-2.1.1.orig/configure.ac
-+++ nfs-utils-2.1.1/configure.ac
-@@ -92,6 +92,12 @@ AC_ARG_ENABLE(nfsv4,
- AC_SUBST(enable_nfsv4)
- AM_CONDITIONAL(CONFIG_NFSV4, [test "$enable_nfsv4" = "yes"])
-
-+AC_ARG_ENABLE(nfsidmap,
-+ [AC_HELP_STRING([--enable-nfsidmap],
-+ [enable support for NFSv4 idmapper @<:@default=yes@:>@])],
-+ enable_nfsidmap=$enableval,
-+ enable_nfsidmap=yes)
-+
- AC_ARG_ENABLE(nfsv41,
- [AC_HELP_STRING([--disable-nfsv41],
- [disable support for NFSv41 @<:@default=no@:>@])],
-@@ -339,7 +345,7 @@ fi
-
- dnl enable nfsidmap when its support by libnfsidmap
- AM_CONDITIONAL(CONFIG_NFSDCLTRACK, [test "$enable_nfsdcltrack" = "yes" ])
--AM_CONDITIONAL(CONFIG_NFSIDMAP, [test "$ac_cv_header_keyutils_h$ac_cv_lib_nfsidmap_nfs4_owner_to_uid" = "yesyes"])
-+AM_CONDITIONAL(CONFIG_NFSIDMAP, [test "$enable_nfsidmap$ac_cv_header_keyutils_h$ac_cv_lib_nfsidmap_nfs4_owner_to_uid" = "yesyesyes"])
-
-
- if test "$knfsd_cv_glibc2" = no; then
diff --git a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-include-stdint.h-for-UINT16_MAX-definition.patch b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-include-stdint.h-for-UINT16_MAX-definition.patch
deleted file mode 100644
index 235a2c76f..000000000
--- a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-include-stdint.h-for-UINT16_MAX-definition.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 36b48057bce76dced335d67a2894a420967811c9 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Sat, 20 May 2017 14:07:53 -0700
-Subject: [PATCH] include stdint.h for UINT16_MAX definition
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
-Upstream-Status: Pending
-
- support/nsm/rpc.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/support/nsm/rpc.c b/support/nsm/rpc.c
-index 4e5f40e..d91c6ea 100644
---- a/support/nsm/rpc.c
-+++ b/support/nsm/rpc.c
-@@ -40,6 +40,7 @@
-
- #include <time.h>
- #include <stdbool.h>
-+#include <stdint.h>
- #include <string.h>
- #include <unistd.h>
- #include <fcntl.h>
---
-2.13.0
-
diff --git a/poky/meta/recipes-connectivity/nfs-utils/files/bugfix-adjust-statd-service-name.patch b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/bugfix-adjust-statd-service-name.patch
index 822939f0d..822939f0d 100644
--- a/poky/meta/recipes-connectivity/nfs-utils/files/bugfix-adjust-statd-service-name.patch
+++ b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/bugfix-adjust-statd-service-name.patch
diff --git a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-1.2.3-sm-notify-res_init.patch b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-1.2.3-sm-notify-res_init.patch
deleted file mode 100644
index 89a8a5726..000000000
--- a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-1.2.3-sm-notify-res_init.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-Fixes errors like
-sm-notify[1070]: DNS resolution of a.b.c.d..com failed; retrying later
-This error will occur anytime sm-notify is run before the network if fully up,
-which is happening more and more with parallel startup systems.
-The res_init() call is simple, safe, quick, and a patch to use it should be
-able to go upstream. Presumably the whole reason sm-notify tries several
-times is to wait for possible changes to the network configuration, but without
-calling res_init() it will never be aware of those changes
-
-Backported drom Fedora
-
-Upstream-Status: Pending
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
-
-Index: nfs-utils-2.1.1/utils/statd/sm-notify.c
-===================================================================
---- nfs-utils-2.1.1.orig/utils/statd/sm-notify.c
-+++ nfs-utils-2.1.1/utils/statd/sm-notify.c
-@@ -28,6 +28,9 @@
- #include <netdb.h>
- #include <errno.h>
- #include <grp.h>
-+#include <netinet/in.h>
-+#include <arpa/nameser.h>
-+#include <resolv.h>
-
- #include "conffile.h"
- #include "sockaddr.h"
-@@ -89,6 +92,7 @@ smn_lookup(const char *name)
- };
- int error;
-
-+ res_init();
- error = getaddrinfo(name, NULL, &hint, &ai);
- if (error != 0) {
- xlog(D_GENERAL, "getaddrinfo(3): %s", gai_strerror(error));
diff --git a/poky/meta/recipes-connectivity/nfs-utils/files/nfs-utils-debianize-start-statd.patch b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-debianize-start-statd.patch
index ede0dcefc..ede0dcefc 100644
--- a/poky/meta/recipes-connectivity/nfs-utils/files/nfs-utils-debianize-start-statd.patch
+++ b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-debianize-start-statd.patch
diff --git a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-musl-limits.patch b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-musl-limits.patch
new file mode 100644
index 000000000..25ca41515
--- /dev/null
+++ b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-musl-limits.patch
@@ -0,0 +1,133 @@
+Fixed:
+| file.c: In function 'generic_make_pathname':
+| file.c:48:13: error: 'PATH_MAX' undeclared (first use in this function); did you mean 'RAND_MAX'?
+| if (size > PATH_MAX)
+| ^~~~~~~~
+[snip]
+
+Upstream-Status: Pending [https://git.alpinelinux.org/cgit/aports/tree/main/nfs-utils/limits.patch?id=f6734a77d3caee73325f8cc1f77d1b5117a75096]
+
+Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
+---
+ support/export/export.c | 1 +
+ support/export/xtab.c | 1 +
+ support/misc/file.c | 1 +
+ support/nfs/xcommon.c | 1 +
+ support/nsm/file.c | 1 +
+ utils/blkmapd/device-discovery.c | 1 +
+ utils/gssd/krb5_util.c | 1 +
+ utils/mountd/cache.c | 1 +
+ utils/mountd/mountd.c | 1 +
+ utils/mountd/rmtab.c | 1 +
+ 10 files changed, 10 insertions(+)
+
+diff --git a/support/export/export.c b/support/export/export.c
+--- a/support/export/export.c
++++ b/support/export/export.c
+@@ -17,6 +17,7 @@
+ #include <stdlib.h>
+ #include <dirent.h>
+ #include <errno.h>
++#include <limits.h>
+ #include "xmalloc.h"
+ #include "nfslib.h"
+ #include "exportfs.h"
+diff --git a/support/export/xtab.c b/support/export/xtab.c
+--- a/support/export/xtab.c
++++ b/support/export/xtab.c
+@@ -18,6 +18,7 @@
+ #include <sys/stat.h>
+ #include <errno.h>
+ #include <libgen.h>
++#include <limits.h>
+
+ #include "nfslib.h"
+ #include "exportfs.h"
+diff --git a/support/misc/file.c b/support/misc/file.c
+--- a/support/misc/file.c
++++ b/support/misc/file.c
+@@ -27,6 +27,7 @@
+ #include <dirent.h>
+ #include <stdlib.h>
+ #include <stdbool.h>
++#include <limits.h>
+
+ #include "xlog.h"
+ #include "misc.h"
+diff --git a/support/nfs/xcommon.c b/support/nfs/xcommon.c
+--- a/support/nfs/xcommon.c
++++ b/support/nfs/xcommon.c
+@@ -16,6 +16,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
++#include <limits.h>
+
+ #include "xcommon.h"
+ #include "nls.h" /* _() */
+diff --git a/support/nsm/file.c b/support/nsm/file.c
+--- a/support/nsm/file.c
++++ b/support/nsm/file.c
+@@ -85,6 +85,7 @@
+ #include <fcntl.h>
+ #include <dirent.h>
+ #include <grp.h>
++#include <limits.h>
+
+ #include "xlog.h"
+ #include "nsm.h"
+diff --git a/utils/blkmapd/device-discovery.c b/utils/blkmapd/device-discovery.c
+--- a/utils/blkmapd/device-discovery.c
++++ b/utils/blkmapd/device-discovery.c
+@@ -49,6 +49,7 @@
+ #include <unistd.h>
+ #include <libgen.h>
+ #include <errno.h>
++#include <limits.h>
+ #include <libdevmapper.h>
+
+ #ifdef HAVE_CONFIG_H
+diff --git a/utils/gssd/krb5_util.c b/utils/gssd/krb5_util.c
+--- a/utils/gssd/krb5_util.c
++++ b/utils/gssd/krb5_util.c
+@@ -120,6 +120,7 @@
+ #endif
+ #include <krb5.h>
+ #include <rpc/auth_gss.h>
++#include <limits.h>
+
+ #include "gssd.h"
+ #include "err_util.h"
+diff --git a/utils/mountd/cache.c b/utils/mountd/cache.c
+--- a/utils/mountd/cache.c
++++ b/utils/mountd/cache.c
+@@ -26,6 +26,7 @@
+ #include <pwd.h>
+ #include <grp.h>
+ #include <mntent.h>
++#include <limits.h>
+ #include "misc.h"
+ #include "nfslib.h"
+ #include "exportfs.h"
+diff --git a/utils/mountd/mountd.c b/utils/mountd/mountd.c
+--- a/utils/mountd/mountd.c
++++ b/utils/mountd/mountd.c
+@@ -22,6 +22,7 @@
+ #include <fcntl.h>
+ #include <sys/resource.h>
+ #include <sys/wait.h>
++#include <limits.h>
+
+ #include "conffile.h"
+ #include "xmalloc.h"
+diff --git a/utils/mountd/rmtab.c b/utils/mountd/rmtab.c
+--- a/utils/mountd/rmtab.c
++++ b/utils/mountd/rmtab.c
+@@ -16,6 +16,7 @@
+ #include <netinet/in.h>
+ #include <arpa/inet.h>
+ #include <netdb.h>
++#include <limits.h>
+
+ #include "misc.h"
+ #include "exportfs.h"
diff --git a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-musl-res_querydomain.patch b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-musl-res_querydomain.patch
new file mode 100644
index 000000000..a169e6a22
--- /dev/null
+++ b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/nfs-utils-musl-res_querydomain.patch
@@ -0,0 +1,22 @@
+Fixed:
+configure: error: res_querydomain needed
+
+Upstream-Status: Pending [https://git.alpinelinux.org/cgit/aports/tree/main/nfs-utils/musl-res_querydomain.patch?id=f6734a77d3caee73325f8cc1f77d1b5117a75096]
+
+Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
+---
+ configure.ac | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+--- a/configure.ac
++++ b/configure.ac
+@@ -401,7 +401,7 @@ if test "$enable_gss" = yes; then
+ fi
+
+ dnl libdnsidmap specific checks
+-AC_CHECK_LIB([resolv], [__res_querydomain], , AC_MSG_ERROR(res_querydomain needed))
++AC_CHECK_LIB([resolv], [res_querydomain], , AC_MSG_ERROR(res_querydomain needed))
+
+ AC_ARG_ENABLE([ldap],
+ [AS_HELP_STRING([--disable-ldap],[Disable support for LDAP @<:default=detect@:>@])])
diff --git a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.1.1.bb b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.3.1.bb
index 79453ad20..6d450c751 100644
--- a/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.1.1.bb
+++ b/poky/meta/recipes-connectivity/nfs-utils/nfs-utils_2.3.1.bb
@@ -8,7 +8,7 @@ LICENSE = "MIT & GPLv2+ & BSD"
LIC_FILES_CHKSUM = "file://COPYING;md5=95f3a93a5c3c7888de623b46ea085a84"
# util-linux for libblkid
-DEPENDS = "libcap libnfsidmap libevent util-linux sqlite3 libtirpc"
+DEPENDS = "libcap libevent util-linux sqlite3 libtirpc"
RDEPENDS_${PN} = "${PN}-client bash"
RRECOMMENDS_${PN} = "kernel-module-nfsd"
@@ -19,8 +19,6 @@ USERADD_PARAM_${PN}-client = "--system --home-dir /var/lib/nfs \
--shell /bin/false --user-group rpcuser"
SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.xz \
- file://0001-configure-Allow-to-explicitly-disable-nfsidmap.patch \
- file://nfs-utils-1.2.3-sm-notify-res_init.patch \
file://nfsserver \
file://nfscommon \
file://nfs-utils.conf \
@@ -31,11 +29,13 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.x
file://nfs-utils-Do-not-pass-CFLAGS-to-gcc-while-building.patch \
file://nfs-utils-debianize-start-statd.patch \
file://bugfix-adjust-statd-service-name.patch \
- file://0001-include-stdint.h-for-UINT16_MAX-definition.patch \
+ file://nfs-utils-musl-limits.patch \
"
-SRC_URI[md5sum] = "59dfcb2e6254b129f901f40c86086b13"
-SRC_URI[sha256sum] = "0faeb54c70b84e6bd3b9b6901544b1f6add8d246f35c1683e402daf4e0c719ef"
+SRC_URI_append_libc-musl = " file://nfs-utils-musl-res_querydomain.patch"
+
+SRC_URI[md5sum] = "d77b182a9ee396aa6221ac2401ad7046"
+SRC_URI[sha256sum] = "96d06b5a86b185815760d8f04c34fdface8fa8b9949ff256ac05c3ebc08335a5"
# Only kernel-module-nfsd is required here (but can be built-in) - the nfsd module will
# pull in the remainder of the dependencies.
@@ -67,10 +67,11 @@ PACKAGECONFIG ??= "tcp-wrappers \
"
PACKAGECONFIG_remove_libc-musl = "tcp-wrappers"
PACKAGECONFIG[tcp-wrappers] = "--with-tcp-wrappers,--without-tcp-wrappers,tcp-wrappers"
-PACKAGECONFIG[nfsidmap] = "--enable-nfsidmap,--disable-nfsidmap,keyutils"
PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
# libdevmapper is available in meta-oe
PACKAGECONFIG[nfsv41] = "--enable-nfsv41,--disable-nfsv41,libdevmapper"
+# keyutils is available in meta-security
+PACKAGECONFIG[nfsv4] = "--enable-nfsv4,--disable-nfsv4,keyutils"
PACKAGES =+ "${PN}-client ${PN}-mount ${PN}-stats"
diff --git a/poky/meta/recipes-connectivity/ofono/ofono_1.22.bb b/poky/meta/recipes-connectivity/ofono/ofono_1.22.bb
deleted file mode 100644
index e57eaa77e..000000000
--- a/poky/meta/recipes-connectivity/ofono/ofono_1.22.bb
+++ /dev/null
@@ -1,9 +0,0 @@
-require ofono.inc
-
-SRC_URI = "\
- ${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
- file://ofono \
- file://use-python3.patch \
-"
-SRC_URI[md5sum] = "2a683ab8e98448ad8bc5dc9868d2893e"
-SRC_URI[sha256sum] = "8e34a6696c300c9841b55e8dff640bd3096e49f5dbe55bbebaa69a71676f687e"
diff --git a/poky/meta/recipes-connectivity/ofono/ofono_1.24.bb b/poky/meta/recipes-connectivity/ofono/ofono_1.24.bb
new file mode 100644
index 000000000..be7d9ea85
--- /dev/null
+++ b/poky/meta/recipes-connectivity/ofono/ofono_1.24.bb
@@ -0,0 +1,9 @@
+require ofono.inc
+
+SRC_URI = "\
+ ${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
+ file://ofono \
+ file://use-python3.patch \
+"
+SRC_URI[md5sum] = "be24e80f6551f46fea0c5b5879964d6c"
+SRC_URI[sha256sum] = "9c8e351b7658f4b43f9a4380b731c47d2d7544a89987c48c3f227e73636c87ae"
diff --git a/poky/meta/recipes-connectivity/openssh/openssh/disable-ciphers-not-supported-by-OpenSSL-DES.patch b/poky/meta/recipes-connectivity/openssh/openssh/disable-ciphers-not-supported-by-OpenSSL-DES.patch
deleted file mode 100644
index 8a2d1a0a7..000000000
--- a/poky/meta/recipes-connectivity/openssh/openssh/disable-ciphers-not-supported-by-OpenSSL-DES.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From 265eaab8b39d8d8721224a48eefed5bf1696d353 Mon Sep 17 00:00:00 2001
-From: Hongxu Jia <hongxu.jia@windriver.com>
-Date: Wed, 18 Apr 2018 21:58:32 +0800
-Subject: [PATCH] disable ciphers not supported by OpenSSL DES
-
-While compiling openssl with option `no-des', it caused the openssh
-build failure
-...
-cipher.c:85:41: error: 'EVP_des_ede3_cbc' undeclared here (not in a function);
-...
-
-OpenSSL configured that way defines OPENSSL_NO_DES to disable des
-
-Suggested by dtucker@
-
-Upstream-Status: Submitted [openssh-unix-dev@mindrot.org]
-
-Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
----
- cipher.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/cipher.c b/cipher.c
-index c3cd5dc..86558e1 100644
---- a/cipher.c
-+++ b/cipher.c
-@@ -82,7 +82,9 @@ struct sshcipher {
-
- static const struct sshcipher ciphers[] = {
- #ifdef WITH_OPENSSL
-+#ifndef OPENSSL_NO_DES
- { "3des-cbc", 8, 24, 0, 0, CFLAG_CBC, EVP_des_ede3_cbc },
-+#endif
- { "aes128-cbc", 16, 16, 0, 0, CFLAG_CBC, EVP_aes_128_cbc },
- { "aes192-cbc", 16, 24, 0, 0, CFLAG_CBC, EVP_aes_192_cbc },
- { "aes256-cbc", 16, 32, 0, 0, CFLAG_CBC, EVP_aes_256_cbc },
---
-2.7.4
-
diff --git a/poky/meta/recipes-connectivity/openssh/openssh/init b/poky/meta/recipes-connectivity/openssh/openssh/init
index 34ba0f846..8887e3af1 100644
--- a/poky/meta/recipes-connectivity/openssh/openssh/init
+++ b/poky/meta/recipes-connectivity/openssh/openssh/init
@@ -36,7 +36,7 @@ check_privsep_dir() {
}
check_config() {
- /usr/sbin/sshd -t $SSHD_OPTS || exit 1
+ /usr/sbin/sshd $SSHD_OPTS -t || exit 1
}
export PATH="${PATH:+$PATH:}/usr/sbin:/sbin"
@@ -48,19 +48,19 @@ case "$1" in
@LIBEXECDIR@/sshd_check_keys
check_privsep_dir
start-stop-daemon -S -p $PIDFILE -x /usr/sbin/sshd -- $SSHD_OPTS
- echo "done."
+ echo "done."
;;
stop)
- echo -n "Stopping OpenBSD Secure Shell server: sshd"
+ echo -n "Stopping OpenBSD Secure Shell server: sshd"
start-stop-daemon -K -p $PIDFILE -x /usr/sbin/sshd
- echo "."
+ echo "."
;;
reload|force-reload)
check_for_no_start
@LIBEXECDIR@/sshd_check_keys
check_config
- echo -n "Reloading OpenBSD Secure Shell server's configuration"
+ echo -n "Reloading OpenBSD Secure Shell server's configuration"
start-stop-daemon -K -p $PIDFILE -s 1 -x /usr/sbin/sshd
echo "."
;;
@@ -68,7 +68,7 @@ case "$1" in
restart)
@LIBEXECDIR@/sshd_check_keys
check_config
- echo -n "Restarting OpenBSD Secure Shell server: sshd"
+ echo -n "Restarting OpenBSD Secure Shell server: sshd"
start-stop-daemon -K -p $PIDFILE --oknodo -x /usr/sbin/sshd
check_for_no_start
check_privsep_dir
diff --git a/poky/meta/recipes-connectivity/openssh/openssh/ssh_config b/poky/meta/recipes-connectivity/openssh/openssh/ssh_config
index 9e919156d..e0d023803 100644
--- a/poky/meta/recipes-connectivity/openssh/openssh/ssh_config
+++ b/poky/meta/recipes-connectivity/openssh/openssh/ssh_config
@@ -1,4 +1,4 @@
-# $OpenBSD: ssh_config,v 1.28 2013/09/16 11:35:43 sthen Exp $
+# $OpenBSD: ssh_config,v 1.33 2017/05/07 23:12:57 djm Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
@@ -31,14 +31,14 @@ Host *
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
-# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
+# IdentityFile ~/.ssh/id_ecdsa
+# IdentityFile ~/.ssh/id_ed25519
# Port 22
-# Protocol 2,1
-# Cipher 3des
-# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
-# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
+# Protocol 2
+# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
+# MACs hmac-md5,hmac-sha1,umac-64@openssh.com
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
diff --git a/poky/meta/recipes-connectivity/openssh/openssh/sshd_check_keys b/poky/meta/recipes-connectivity/openssh/openssh/sshd_check_keys
index 5463b1a4c..1931dc715 100644
--- a/poky/meta/recipes-connectivity/openssh/openssh/sshd_check_keys
+++ b/poky/meta/recipes-connectivity/openssh/openssh/sshd_check_keys
@@ -56,35 +56,23 @@ while true ; do
esac
done
-# parse location of keys
-HOST_KEY_RSA=$(grep ^HostKey "${sshd_config}" | grep _rsa_ | tail -1 | awk ' { print $2 } ')
-[ -z "${HOST_KEY_RSA}" ] && HOST_KEY_RSA=$(grep HostKey "${sshd_config}" | grep _rsa_ | tail -1 | awk ' { print $2 } ')
-[ -z "${HOST_KEY_RSA}" ] && HOST_KEY_RSA=$SYSCONFDIR/ssh_host_rsa_key
-HOST_KEY_DSA=$(grep ^HostKey "${sshd_config}" | grep _dsa_ | tail -1 | awk ' { print $2 } ')
-[ -z "${HOST_KEY_DSA}" ] && HOST_KEY_DSA=$(grep HostKey "${sshd_config}" | grep _dsa_ | tail -1 | awk ' { print $2 } ')
-[ -z "${HOST_KEY_DSA}" ] && HOST_KEY_DSA=$SYSCONFDIR/ssh_host_dsa_key
-HOST_KEY_ECDSA=$(grep ^HostKey "${sshd_config}" | grep _ecdsa_ | tail -1 | awk ' { print $2 } ')
-[ -z "${HOST_KEY_ECDSA}" ] && HOST_KEY_ECDSA=$(grep HostKey "${sshd_config}" | grep _ecdsa_ | tail -1 | awk ' { print $2 } ')
-[ -z "${HOST_KEY_ECDSA}" ] && HOST_KEY_ECDSA=$SYSCONFDIR/ssh_host_ecdsa_key
-HOST_KEY_ED25519=$(grep ^HostKey "${sshd_config}" | grep _ed25519_ | tail -1 | awk ' { print $2 } ')
-[ -z "${HOST_KEY_ED25519}" ] && HOST_KEY_ED25519=$(grep HostKey "${sshd_config}" | grep _ed25519_ | tail -1 | awk ' { print $2 } ')
-[ -z "${HOST_KEY_ED25519}" ] && HOST_KEY_ED25519=$SYSCONFDIR/ssh_host_ed25519_key
-
-# create keys if necessary
-if [ ! -f $HOST_KEY_RSA ]; then
- echo " generating ssh RSA key..."
- generate_key $HOST_KEY_RSA rsa
-fi
-if [ ! -f $HOST_KEY_ECDSA ]; then
- echo " generating ssh ECDSA key..."
- generate_key $HOST_KEY_ECDSA ecdsa
-fi
-if [ ! -f $HOST_KEY_DSA ]; then
- echo " generating ssh DSA key..."
- generate_key $HOST_KEY_DSA dsa
-fi
-if [ ! -f $HOST_KEY_ED25519 ]; then
- echo " generating ssh ED25519 key..."
- generate_key $HOST_KEY_ED25519 ed25519
-fi
+HOST_KEYS=$(sed -n 's/^[ \t]*HostKey[ \t]\+\(.*\)/\1/p' "${sshd_config}")
+[ -z "${HOST_KEYS}" ] && HOST_KEYS="$SYSCONFDIR/ssh_host_rsa_key $SYSCONFDIR/ssh_host_ecdsa_key $SYSCONFDIR/ssh_host_ed25519_key"
+for key in ${HOST_KEYS} ; do
+ [ -f $key ] && continue
+ case $key in
+ *_rsa_key)
+ echo " generating ssh RSA host key..."
+ generate_key $key rsa
+ ;;
+ *_ecdsa_key)
+ echo " generating ssh ECDSA host key..."
+ generate_key $key ecdsa
+ ;;
+ *_ed25519_key)
+ echo " generating ssh ED25519 host key..."
+ generate_key $key ed25519
+ ;;
+ esac
+done
diff --git a/poky/meta/recipes-connectivity/openssh/openssh/sshd_config b/poky/meta/recipes-connectivity/openssh/openssh/sshd_config
index 31fe5d924..15f061b57 100644
--- a/poky/meta/recipes-connectivity/openssh/openssh/sshd_config
+++ b/poky/meta/recipes-connectivity/openssh/openssh/sshd_config
@@ -1,4 +1,4 @@
-# $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $
+# $OpenBSD: sshd_config,v 1.102 2018/02/16 02:32:40 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
@@ -7,7 +7,7 @@
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
-# possible, but leave them commented. Uncommented options change a
+# possible, but leave them commented. Uncommented options override the
# default value.
#Port 22
@@ -15,43 +15,30 @@
#ListenAddress 0.0.0.0
#ListenAddress ::
-# The default requires explicit activation of protocol 1
-Protocol 2
-
-# HostKey for protocol version 1
-#HostKey /etc/ssh/ssh_host_key
-# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
-#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key
-# Lifetime and size of ephemeral version 1 server key
-#KeyRegenerationInterval 1h
-#ServerKeyBits 1024
-
# Ciphers and keying
#RekeyLimit default none
# Logging
-# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
-#PermitRootLogin yes
+#PermitRootLogin prohibit-password
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10
-#RSAAuthentication yes
#PubkeyAuthentication yes
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
-AuthorizedKeysFile .ssh/authorized_keys
+AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedPrincipalsFile none
@@ -59,11 +46,9 @@ AuthorizedKeysFile .ssh/authorized_keys
#AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
-#RhostsRSAAuthentication no
-# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
-# RhostsRSAAuthentication and HostbasedAuthentication
+# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
@@ -72,7 +57,8 @@ AuthorizedKeysFile .ssh/authorized_keys
#PasswordAuthentication yes
#PermitEmptyPasswords no
-# Change to no to disable s/key passwords
+# Change to yes to enable challenge-response passwords (beware issues with
+# some PAM modules and threads)
ChallengeResponseAuthentication no
# Kerberos options
@@ -111,7 +97,7 @@ ChallengeResponseAuthentication no
Compression no
ClientAliveInterval 15
ClientAliveCountMax 4
-#UseDNS yes
+#UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
diff --git a/poky/meta/recipes-connectivity/openssh/openssh_7.6p1.bb b/poky/meta/recipes-connectivity/openssh/openssh_7.8p1+git.bb
index e11e8d774..f54dfb5de 100644
--- a/poky/meta/recipes-connectivity/openssh/openssh_7.6p1.bb
+++ b/poky/meta/recipes-connectivity/openssh/openssh_7.8p1+git.bb
@@ -8,11 +8,10 @@ SECTION = "console/network"
LICENSE = "BSD"
LIC_FILES_CHKSUM = "file://LICENCE;md5=429658c6612f3a9b1293782366ab29d8"
-# openssl 1.1 patches are proposed at https://github.com/openssh/openssh-portable/pull/48
-DEPENDS = "zlib openssl10"
+DEPENDS = "zlib openssl"
DEPENDS += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'libpam', '', d)}"
-SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar.gz \
+SRC_URI = "git://github.com/openssh/openssh-portable;branch=master \
file://sshd_config \
file://ssh_config \
file://init \
@@ -25,13 +24,13 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \
file://sshd_check_keys \
file://add-test-support-for-busybox.patch \
- file://disable-ciphers-not-supported-by-OpenSSL-DES.patch \
"
PAM_SRC_URI = "file://sshd"
-SRC_URI[md5sum] = "06a88699018e5fef13d4655abfed1f63"
-SRC_URI[sha256sum] = "a323caeeddfe145baaa0db16e98d784b1fbc7dd436a6bf1f479dfd5cd1d21723"
+SRCREV = "cce8cbe0ed7d1ba3a575310e0b63c193326ae616"
+
+S = "${WORKDIR}/git"
inherit useradd update-rc.d update-alternatives systemd
@@ -46,18 +45,15 @@ SYSTEMD_SERVICE_${PN}-sshd = "sshd.socket"
inherit autotools-brokensep ptest
-# LFS support:
-CFLAGS += "-D__FILE_OFFSET_BITS=64"
-
EXTRA_AUTORECONF += "--exclude=aclocal"
# login path is hardcoded in sshd
EXTRA_OECONF = "'LOGIN_PROGRAM=${base_bindir}/login' \
${@bb.utils.contains('DISTRO_FEATURES', 'pam', '--with-pam', '--without-pam', d)} \
--without-zlib-version-check \
- --with-privsep-path=/var/run/sshd \
+ --with-privsep-path=${localstatedir}/run/sshd \
--sysconfdir=${sysconfdir}/ssh \
- --with-xauth=/usr/bin/xauth \
+ --with-xauth=${bindir}/xauth \
--disable-strip \
"
@@ -84,7 +80,8 @@ do_configure_prepend () {
do_compile_ptest() {
# skip regress/unittests/ binaries: this will silently skip
# unittests in run-ptests which is good because they are so slow.
- oe_runmake regress/modpipe regress/setuid-allowed regress/netcat
+ oe_runmake regress/modpipe regress/setuid-allowed regress/netcat \
+ regress/check-perm regress/mkdtemp
}
do_install_append () {
@@ -110,7 +107,6 @@ do_install_append () {
install -m 644 ${D}${sysconfdir}/ssh/sshd_config ${D}${sysconfdir}/ssh/sshd_config_readonly
sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config_readonly
echo "HostKey /var/run/ssh/ssh_host_rsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly
- echo "HostKey /var/run/ssh/ssh_host_dsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly
echo "HostKey /var/run/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly
echo "HostKey /var/run/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly
@@ -157,7 +153,6 @@ RPROVIDES_${PN}-sshd = "sshd"
RCONFLICTS_${PN} = "dropbear"
RCONFLICTS_${PN}-sshd = "dropbear"
-RCONFLICTS_${PN}-keygen = "ssh-keygen"
CONFFILES_${PN}-sshd = "${sysconfdir}/ssh/sshd_config"
CONFFILES_${PN}-ssh = "${sysconfdir}/ssh/ssh_config"
@@ -165,3 +160,5 @@ CONFFILES_${PN}-ssh = "${sysconfdir}/ssh/ssh_config"
ALTERNATIVE_PRIORITY = "90"
ALTERNATIVE_${PN}-scp = "scp"
ALTERNATIVE_${PN}-ssh = "ssh"
+
+BBCLASSEXTEND += "nativesdk"
diff --git a/poky/meta/recipes-connectivity/openssl/openssl/environment.d-openssl.sh b/poky/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh
index b9cc24a7a..b9cc24a7a 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl/environment.d-openssl.sh
+++ b/poky/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh
diff --git a/poky/meta/recipes-connectivity/openssl/openssl/0001-Take-linking-flags-from-LDFLAGS-env-var.patch b/poky/meta/recipes-connectivity/openssl/openssl/0001-Take-linking-flags-from-LDFLAGS-env-var.patch
deleted file mode 100644
index 6ce4e47d7..000000000
--- a/poky/meta/recipes-connectivity/openssl/openssl/0001-Take-linking-flags-from-LDFLAGS-env-var.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 08face4353d80111973aba9c1304c92158cfad0e Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin <alex.kanavin@gmail.com>
-Date: Tue, 28 Mar 2017 16:40:12 +0300
-Subject: [PATCH] Take linking flags from LDFLAGS env var
-
-This fixes "No GNU_HASH in the elf binary" issues.
-
-Upstream-Status: Inappropriate [oe-core specific]
-Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
----
- Configurations/unix-Makefile.tmpl | 2 +-
- Configure | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
-index c029817..43b769b 100644
---- a/Configurations/unix-Makefile.tmpl
-+++ b/Configurations/unix-Makefile.tmpl
-@@ -173,7 +173,7 @@ CROSS_COMPILE= {- $config{cross_compile_prefix} -}
- CC= $(CROSS_COMPILE){- $target{cc} -}
- CFLAGS={- our $cflags2 = join(" ",(map { "-D".$_} @{$target{defines}}, @{$config{defines}}),"-DOPENSSLDIR=\"\\\"\$(OPENSSLDIR)\\\"\"","-DENGINESDIR=\"\\\"\$(ENGINESDIR)\\\"\"") -} {- $target{cflags} -} {- $config{cflags} -}
- CFLAGS_Q={- $cflags2 =~ s|([\\"])|\\$1|g; $cflags2 -} {- $config{cflags} -}
--LDFLAGS= {- $target{lflags} -}
-+LDFLAGS= {- $target{lflags}." ".$ENV{'LDFLAGS'} -}
- PLIB_LDFLAGS= {- $target{plib_lflags} -}
- EX_LIBS= {- $target{ex_libs} -} {- $config{ex_libs} -}
- LIB_CFLAGS={- $target{shared_cflag} || "" -}
-diff --git a/Configure b/Configure
-index aee7cc3..274d236 100755
---- a/Configure
-+++ b/Configure
-@@ -979,7 +979,7 @@ $config{build_file} = $target{build_file};
- $config{defines} = [];
- $config{cflags} = "";
- $config{ex_libs} = "";
--$config{shared_ldflag} = "";
-+$config{shared_ldflag} = $ENV{'LDFLAGS'};
-
- # Make sure build_scheme is consistent.
- $target{build_scheme} = [ $target{build_scheme} ]
---
-2.11.0
-
diff --git a/poky/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch b/poky/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch
new file mode 100644
index 000000000..80b62ab18
--- /dev/null
+++ b/poky/meta/recipes-connectivity/openssl/openssl/0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch
@@ -0,0 +1,70 @@
+From 3e1d00481093e10775eaf69d619c45b32a4aa7dc Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Martin=20Hundeb=C3=B8ll?= <martin@geanix.com>
+Date: Tue, 6 Nov 2018 14:50:47 +0100
+Subject: [PATCH] buildinfo: strip sysroot and debug-prefix-map from compiler
+ info
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The openssl build system generates buildinf.h containing the full
+compiler command line used to compile objects. This breaks
+reproducibility, as the compile command is baked into libcrypto, where
+it is used when running `openssl version -f`.
+
+Add stripped build variables for the compiler and cflags lines, and use
+those when generating buildinfo.h.
+
+This is based on a similar patch for older openssl versions:
+https://patchwork.openembedded.org/patch/147229/
+
+Upstream-Status: Inappropriate [OE specific]
+Signed-off-by: Martin Hundebøll <martin@geanix.com>
+---
+ Configurations/unix-Makefile.tmpl | 10 +++++++++-
+ crypto/build.info | 2 +-
+ 2 files changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
+index 16af4d2087..54c162784c 100644
+--- a/Configurations/unix-Makefile.tmpl
++++ b/Configurations/unix-Makefile.tmpl
+@@ -317,13 +317,21 @@ BIN_LDFLAGS={- join(' ', $target{bin_lflags} || (),
+ '$(CNF_LDFLAGS)', '$(LDFLAGS)') -}
+ BIN_EX_LIBS=$(CNF_EX_LIBS) $(EX_LIBS)
+
+-# CPPFLAGS_Q is used for one thing only: to build up buildinf.h
++# *_Q variables are used for one thing only: to build up buildinf.h
+ CPPFLAGS_Q={- $cppflags1 =~ s|([\\"])|\\$1|g;
+ $cppflags2 =~ s|([\\"])|\\$1|g;
+ $lib_cppflags =~ s|([\\"])|\\$1|g;
+ join(' ', $lib_cppflags || (), $cppflags2 || (),
+ $cppflags1 || ()) -}
+
++CFLAGS_Q={- for (@{$config{CFLAGS}}) {
++ s|-fdebug-prefix-map=[^ ]+|-fdebug-prefix-map=|g;
++ }
++ join(' ', @{$config{CFLAGS}}) -}
++
++CC_Q={- $config{CC} =~ s|--sysroot=[^ ]+|--sysroot=recipe-sysroot|g;
++ join(' ', $config{CC}) -}
++
+ PERLASM_SCHEME= {- $target{perlasm_scheme} -}
+
+ # For x86 assembler: Set PROCESSOR to 386 if you want to support
+diff --git a/crypto/build.info b/crypto/build.info
+index b515b7318e..8c9cee2a09 100644
+--- a/crypto/build.info
++++ b/crypto/build.info
+@@ -10,7 +10,7 @@ EXTRA= ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \
+ ppccpuid.pl pariscid.pl alphacpuid.pl arm64cpuid.pl armv4cpuid.pl
+
+ DEPEND[cversion.o]=buildinf.h
+-GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC) $(LIB_CFLAGS) $(CPPFLAGS_Q)" "$(PLATFORM)"
++GENERATE[buildinf.h]=../util/mkbuildinf.pl "$(CC_Q) $(CFLAGS_Q) $(CPPFLAGS_Q)" "$(PLATFORM)"
+ DEPEND[buildinf.h]=../configdata.pm
+
+ GENERATE[uplink-x86.s]=../ms/uplink-x86.pl $(PERLASM_SCHEME)
+--
+2.19.1
+
diff --git a/poky/meta/recipes-connectivity/openssl/openssl/0001-skip-test_symbol_presence.patch b/poky/meta/recipes-connectivity/openssl/openssl/0001-skip-test_symbol_presence.patch
new file mode 100644
index 000000000..d8d9651b6
--- /dev/null
+++ b/poky/meta/recipes-connectivity/openssl/openssl/0001-skip-test_symbol_presence.patch
@@ -0,0 +1,46 @@
+From a9401b2289656c5a36dd1b0ecebf0d23e291ce70 Mon Sep 17 00:00:00 2001
+From: Hongxu Jia <hongxu.jia@windriver.com>
+Date: Tue, 2 Oct 2018 23:58:24 +0800
+Subject: [PATCH] skip test_symbol_presence
+
+We cannot skip `01-test_symbol_presence.t' by configuring option `no-shared'
+as INSTALL told us the shared libraries will not be built.
+
+[INSTALL snip]
+ Notes on shared libraries
+ -------------------------
+
+ For most systems the OpenSSL Configure script knows what is needed to
+ build shared libraries for libcrypto and libssl. On these systems
+ the shared libraries will be created by default. This can be suppressed and
+ only static libraries created by using the "no-shared" option. On systems
+ where OpenSSL does not know how to build shared libraries the "no-shared"
+ option will be forced and only static libraries will be created.
+[INSTALL snip]
+
+Hence directly modification the case to skip it.
+
+Upstream-Status: Inappropriate [OE Specific]
+
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+ test/recipes/01-test_symbol_presence.t | 3 +--
+ 1 file changed, 1 insertion(+), 2 deletions(-)
+
+diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t
+index 7f2a2d7..0b93745 100644
+--- a/test/recipes/01-test_symbol_presence.t
++++ b/test/recipes/01-test_symbol_presence.t
+@@ -14,8 +14,7 @@ use OpenSSL::Test::Utils;
+
+ setup("test_symbol_presence");
+
+-plan skip_all => "Only useful when building shared libraries"
+- if disabled("shared");
++plan skip_all => "The case needs debug symbols then we just disable it";
+
+ my @libnames = ("crypto", "ssl");
+ my $testcount = scalar @libnames;
+--
+2.7.4
+
diff --git a/poky/meta/recipes-connectivity/openssl/openssl/0002-fix-CVE-2018-0734.patch b/poky/meta/recipes-connectivity/openssl/openssl/0002-fix-CVE-2018-0734.patch
new file mode 100644
index 000000000..2a3e03fe2
--- /dev/null
+++ b/poky/meta/recipes-connectivity/openssl/openssl/0002-fix-CVE-2018-0734.patch
@@ -0,0 +1,108 @@
+Backport patch to fix CVE-2018-0734. Remove a section which only remove a
+space. It can't be applied because the context is different.
+
+CVE: CVE-2018-0734
+Upstream-Status: Backport
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From 8abfe72e8c1de1b95f50aa0d9134803b4d00070f Mon Sep 17 00:00:00 2001
+From: Pauli <paul.dale@oracle.com>
+Date: Wed, 24 Oct 2018 07:42:46 +1000
+Subject: [PATCH] Timing vulnerability in DSA signature generation
+ (CVE-2018-0734).
+
+Avoid a timing attack that leaks information via a side channel that
+triggers when a BN is resized. Increasing the size of the BNs
+prior to doing anything with them suppresses the attack.
+
+Thanks due to Samuel Weiser for finding and locating this.
+
+Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
+(Merged from https://github.com/openssl/openssl/pull/7486)
+
+(cherry picked from commit a9cfb8c2aa7254a4aa6a1716909e3f8cb78049b6)
+---
+ crypto/dsa/dsa_ossl.c | 28 +++++++++++++++-------------
+ 1 file changed, 15 insertions(+), 13 deletions(-)
+
+diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
+index ca20811200..2dd2d7489a 100644
+--- a/crypto/dsa/dsa_ossl.c
++++ b/crypto/dsa/dsa_ossl.c
+@@ -9,6 +9,7 @@
+
+ #include <stdio.h>
+ #include "internal/cryptlib.h"
++#include "internal/bn_int.h"
+ #include <openssl/bn.h>
+ #include <openssl/sha.h>
+ #include "dsa_locl.h"
+@@ -180,9 +181,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
+ {
+ BN_CTX *ctx = NULL;
+ BIGNUM *k, *kinv = NULL, *r = *rp;
+- BIGNUM *l, *m;
++ BIGNUM *l;
+ int ret = 0;
+- int q_bits;
++ int q_bits, q_words;
+
+ if (!dsa->p || !dsa->q || !dsa->g) {
+ DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_MISSING_PARAMETERS);
+@@ -191,8 +192,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
+
+ k = BN_new();
+ l = BN_new();
+- m = BN_new();
+- if (k == NULL || l == NULL || m == NULL)
++ if (k == NULL || l == NULL)
+ goto err;
+
+ if (ctx_in == NULL) {
+@@ -203,9 +203,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
+
+ /* Preallocate space */
+ q_bits = BN_num_bits(dsa->q);
+- if (!BN_set_bit(k, q_bits)
+- || !BN_set_bit(l, q_bits)
+- || !BN_set_bit(m, q_bits))
++ q_words = bn_get_top(dsa->q);
++ if (!bn_wexpand(k, q_words + 2)
++ || !bn_wexpand(l, q_words + 2))
+ goto err;
+
+ /* Get random k */
+@@ -240,14 +240,17 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
+ * small timing information leakage. We then choose the sum that is
+ * one bit longer than the modulus.
+ *
+- * TODO: revisit the BN_copy aiming for a memory access agnostic
+- * conditional copy.
++ * There are some concerns about the efficacy of doing this. More
++ * specificly refer to the discussion starting with:
++ * https://github.com/openssl/openssl/pull/7486#discussion_r228323705
++ * The fix is to rework BN so these gymnastics aren't required.
+ */
+ if (!BN_add(l, k, dsa->q)
+- || !BN_add(m, l, dsa->q)
+- || !BN_copy(k, BN_num_bits(l) > q_bits ? l : m))
++ || !BN_add(k, l, dsa->q))
+ goto err;
+
++ BN_consttime_swap(BN_is_bit_set(l, q_bits), k, l, q_words + 2);
++
+ if ((dsa)->meth->bn_mod_exp != NULL) {
+ if (!dsa->meth->bn_mod_exp(dsa, r, dsa->g, k, dsa->p, ctx,
+ dsa->method_mont_p))
+@@ -275,7 +278,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
+ BN_CTX_free(ctx);
+ BN_clear_free(k);
+ BN_clear_free(l);
+- BN_clear_free(m);
+ return ret;
+ }
+
+--
+2.17.0
+
diff --git a/poky/meta/recipes-connectivity/openssl/openssl/0003-fix-CVE-2018-0735.patch b/poky/meta/recipes-connectivity/openssl/openssl/0003-fix-CVE-2018-0735.patch
new file mode 100644
index 000000000..736323f0c
--- /dev/null
+++ b/poky/meta/recipes-connectivity/openssl/openssl/0003-fix-CVE-2018-0735.patch
@@ -0,0 +1,50 @@
+CVE: CVE-2018-0735
+
+Upstream-Status: Backport
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From b1d6d55ece1c26fa2829e2b819b038d7b6d692b4 Mon Sep 17 00:00:00 2001
+From: Pauli <paul.dale@oracle.com>
+Date: Fri, 26 Oct 2018 10:54:58 +1000
+Subject: [PATCH] Timing vulnerability in ECDSA signature generation
+ (CVE-2018-0735)
+
+Preallocate an extra limb for some of the big numbers to avoid a reallocation
+that can potentially provide a side channel.
+
+Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
+(Merged from https://github.com/openssl/openssl/pull/7486)
+
+(cherry picked from commit 99540ec79491f59ed8b46b4edf130e17dc907f52)
+---
+ crypto/ec/ec_mult.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
+index 7e1b3650e7..0e0a5e1394 100644
+--- a/crypto/ec/ec_mult.c
++++ b/crypto/ec/ec_mult.c
+@@ -206,8 +206,8 @@ int ec_scalar_mul_ladder(const EC_GROUP *group, EC_POINT *r,
+ */
+ cardinality_bits = BN_num_bits(cardinality);
+ group_top = bn_get_top(cardinality);
+- if ((bn_wexpand(k, group_top + 1) == NULL)
+- || (bn_wexpand(lambda, group_top + 1) == NULL)) {
++ if ((bn_wexpand(k, group_top + 2) == NULL)
++ || (bn_wexpand(lambda, group_top + 2) == NULL)) {
+ ECerr(EC_F_EC_SCALAR_MUL_LADDER, ERR_R_BN_LIB);
+ goto err;
+ }
+@@ -244,7 +244,7 @@ int ec_scalar_mul_ladder(const EC_GROUP *group, EC_POINT *r,
+ * k := scalar + 2*cardinality
+ */
+ kbit = BN_is_bit_set(lambda, cardinality_bits);
+- BN_consttime_swap(kbit, k, lambda, group_top + 1);
++ BN_consttime_swap(kbit, k, lambda, group_top + 2);
+
+ group_top = bn_get_top(group->field);
+ if ((bn_wexpand(s->X, group_top) == NULL)
+--
+2.17.0
+
diff --git a/poky/meta/recipes-connectivity/openssl/openssl/run-ptest b/poky/meta/recipes-connectivity/openssl/openssl/run-ptest
index 65c6cc7b8..0a620dea7 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl/run-ptest
+++ b/poky/meta/recipes-connectivity/openssl/openssl/run-ptest
@@ -1,4 +1,12 @@
#!/bin/sh
-cd test
-OPENSSL_ENGINES=../engines BLDTOP=.. SRCTOP=.. perl run_tests.pl
-cd ..
+
+set -e
+
+# Optional arguments are 'list' to lists all tests, or the test name (base name
+# ie test_evp, not 03_test_evp.t).
+
+export TOP=.
+# OPENSSL_ENGINES is relative from the test binaries
+export OPENSSL_ENGINES=../engines
+
+perl ./test/run_tests.pl $*
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/0001-Fix-build-with-clang-using-external-assembler.patch b/poky/meta/recipes-connectivity/openssl/openssl10/0001-Fix-build-with-clang-using-external-assembler.patch
index 2270962a6..2270962a6 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/0001-Fix-build-with-clang-using-external-assembler.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/0001-Fix-build-with-clang-using-external-assembler.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/0001-allow-manpages-to-be-disabled.patch b/poky/meta/recipes-connectivity/openssl/openssl10/0001-allow-manpages-to-be-disabled.patch
index 3f7d64995..3f7d64995 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/0001-allow-manpages-to-be-disabled.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/0001-allow-manpages-to-be-disabled.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl10/0001-fix-CVE-2018-0734.patch b/poky/meta/recipes-connectivity/openssl/openssl10/0001-fix-CVE-2018-0734.patch
new file mode 100644
index 000000000..b9865a69b
--- /dev/null
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/0001-fix-CVE-2018-0734.patch
@@ -0,0 +1,33 @@
+CVE: CVE-2018-0734
+
+Upstream-Status: Backport
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+
+From 43e6a58d4991a451daf4891ff05a48735df871ac Mon Sep 17 00:00:00 2001
+From: Pauli <paul.dale@oracle.com>
+Date: Mon, 29 Oct 2018 08:24:22 +1000
+Subject: [PATCH] Merge DSA reallocation timing fix CVE-2018-0734.
+
+Reviewed-by: Richard Levitte <levitte@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/7513)
+---
+ crypto/dsa/dsa_ossl.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
+index 2dcfedeeee..100e269268 100644
+--- a/crypto/dsa/dsa_ossl.c
++++ b/crypto/dsa/dsa_ossl.c
+@@ -279,7 +279,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
+ goto err;
+
+ /* Preallocate space */
+- q_bits = BN_num_bits(dsa->q);
++ q_bits = BN_num_bits(dsa->q) + sizeof(dsa->q->d[0]) * 16;
+ if (!BN_set_bit(&k, q_bits)
+ || !BN_set_bit(&l, q_bits)
+ || !BN_set_bit(&m, q_bits))
+--
+2.17.0
+
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/0001-openssl-force-soft-link-to-avoid-rare-race.patch b/poky/meta/recipes-connectivity/openssl/openssl10/0001-openssl-force-soft-link-to-avoid-rare-race.patch
index dd1a9b1dd..dd1a9b1dd 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/0001-openssl-force-soft-link-to-avoid-rare-race.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/0001-openssl-force-soft-link-to-avoid-rare-race.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/Makefiles-ptest.patch b/poky/meta/recipes-connectivity/openssl/openssl10/Makefiles-ptest.patch
index 1b8402af9..1b8402af9 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/Makefiles-ptest.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/Makefiles-ptest.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/Use-SHA256-not-MD5-as-default-digest.patch b/poky/meta/recipes-connectivity/openssl/openssl10/Use-SHA256-not-MD5-as-default-digest.patch
index 58c9ee784..58c9ee784 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/Use-SHA256-not-MD5-as-default-digest.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/Use-SHA256-not-MD5-as-default-digest.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/configure-musl-target.patch b/poky/meta/recipes-connectivity/openssl/openssl10/configure-musl-target.patch
index f357b3f59..f357b3f59 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/configure-musl-target.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/configure-musl-target.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/configure-targets.patch b/poky/meta/recipes-connectivity/openssl/openssl10/configure-targets.patch
index 1e0158972..1e0158972 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/configure-targets.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/configure-targets.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/c_rehash-compat.patch b/poky/meta/recipes-connectivity/openssl/openssl10/debian/c_rehash-compat.patch
index 3820e3e30..3820e3e30 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/c_rehash-compat.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/debian/c_rehash-compat.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/debian-targets.patch b/poky/meta/recipes-connectivity/openssl/openssl10/debian/debian-targets.patch
index 35d92bedb..24709f4f0 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/debian-targets.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/debian/debian-targets.patch
@@ -42,8 +42,8 @@ Index: openssl-1.0.2n/Configure
+"debian-mipsel", "gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-mipsn32", "mips64-linux-gnuabin32-gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-mipsn32el", "mips64el-linux-gnuabin32-gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mips64", "mips64-linux-gnuabi64-gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
-+"debian-mips64el", "mips64el-linux-gnuabi64-gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mips64", "mips64-linux-gnuabi64-gcc:-DB_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"debian-mips64el", "mips64el-linux-gnuabi64-gcc:-DL_ENDIAN -DTERMIO ${debian_cflags}::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL DES_RISC2:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS ${debian_cflags} -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags}::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"debian-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS ${debian_cflags} -mv8::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/man-dir.patch b/poky/meta/recipes-connectivity/openssl/openssl10/debian/man-dir.patch
index 4085e3b1d..4085e3b1d 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/man-dir.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/debian/man-dir.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/man-section.patch b/poky/meta/recipes-connectivity/openssl/openssl10/debian/man-section.patch
index 21c1d1a4e..21c1d1a4e 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/man-section.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/debian/man-section.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/no-rpath.patch b/poky/meta/recipes-connectivity/openssl/openssl10/debian/no-rpath.patch
index 1ccb3b86e..1ccb3b86e 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/no-rpath.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/debian/no-rpath.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/no-symbolic.patch b/poky/meta/recipes-connectivity/openssl/openssl10/debian/no-symbolic.patch
index cc4408ab7..cc4408ab7 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/no-symbolic.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/debian/no-symbolic.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/pic.patch b/poky/meta/recipes-connectivity/openssl/openssl10/debian/pic.patch
index bfda3888b..bfda3888b 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian/pic.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/debian/pic.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/block_digicert_malaysia.patch b/poky/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/block_digicert_malaysia.patch
index c43bcd1c7..c43bcd1c7 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/block_digicert_malaysia.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/block_digicert_malaysia.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/block_diginotar.patch b/poky/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/block_diginotar.patch
index d81e22cd8..d81e22cd8 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/block_diginotar.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/block_diginotar.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/soname.patch b/poky/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/soname.patch
index 09dd9eaf8..09dd9eaf8 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/soname.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/soname.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/version-script.patch b/poky/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/version-script.patch
index e404ee331..e404ee331 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/debian1.0.2/version-script.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/debian1.0.2/version-script.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/engines-install-in-libdir-ssl.patch b/poky/meta/recipes-connectivity/openssl/openssl10/engines-install-in-libdir-ssl.patch
index a5746483e..a5746483e 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/engines-install-in-libdir-ssl.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/engines-install-in-libdir-ssl.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/oe-ldflags.patch b/poky/meta/recipes-connectivity/openssl/openssl10/oe-ldflags.patch
index 292e13dc5..292e13dc5 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/oe-ldflags.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/oe-ldflags.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/openssl-c_rehash.sh b/poky/meta/recipes-connectivity/openssl/openssl10/openssl-c_rehash.sh
index 6620fdcb5..6620fdcb5 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/openssl-c_rehash.sh
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/openssl-c_rehash.sh
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/openssl-fix-des.pod-error.patch b/poky/meta/recipes-connectivity/openssl/openssl10/openssl-fix-des.pod-error.patch
index de49729e5..de49729e5 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/openssl-fix-des.pod-error.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/openssl-fix-des.pod-error.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/openssl_fix_for_x32.patch b/poky/meta/recipes-connectivity/openssl/openssl10/openssl_fix_for_x32.patch
index 0f08a642f..0f08a642f 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/openssl_fix_for_x32.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/openssl_fix_for_x32.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/parallel.patch b/poky/meta/recipes-connectivity/openssl/openssl10/parallel.patch
index 41abf3d6b..41abf3d6b 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/parallel.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/parallel.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/ptest-deps.patch b/poky/meta/recipes-connectivity/openssl/openssl10/ptest-deps.patch
index ef6d17934..ef6d17934 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/ptest-deps.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/ptest-deps.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/ptest_makefile_deps.patch b/poky/meta/recipes-connectivity/openssl/openssl10/ptest_makefile_deps.patch
index 4202e61d1..4202e61d1 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/ptest_makefile_deps.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/ptest_makefile_deps.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/reproducible-cflags.patch b/poky/meta/recipes-connectivity/openssl/openssl10/reproducible-cflags.patch
index 2803cb039..2803cb039 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/reproducible-cflags.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/reproducible-cflags.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/reproducible-mkbuildinf.patch b/poky/meta/recipes-connectivity/openssl/openssl10/reproducible-mkbuildinf.patch
index b55673121..b55673121 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/reproducible-mkbuildinf.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/reproducible-mkbuildinf.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/run-ptest b/poky/meta/recipes-connectivity/openssl/openssl10/run-ptest
index 3b20fce1e..3b20fce1e 100755
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/run-ptest
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/run-ptest
diff --git a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/shared-libs.patch b/poky/meta/recipes-connectivity/openssl/openssl10/shared-libs.patch
index a7ca0a307..a7ca0a307 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl-1.0.2p/shared-libs.patch
+++ b/poky/meta/recipes-connectivity/openssl/openssl10/shared-libs.patch
diff --git a/poky/meta/recipes-connectivity/openssl/openssl_1.0.2p.bb b/poky/meta/recipes-connectivity/openssl/openssl10_1.0.2p.bb
index 5d419772f..432594070 100644
--- a/poky/meta/recipes-connectivity/openssl/openssl_1.0.2p.bb
+++ b/poky/meta/recipes-connectivity/openssl/openssl10_1.0.2p.bb
@@ -11,8 +11,6 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=f475368924827d06d4b416111c8bdb77"
DEPENDS = "hostperl-runtime-native"
DEPENDS_append_class-target = " openssl-native"
-PROVIDES += "openssl10"
-
SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
file://run-ptest \
file://openssl-c_rehash.sh \
@@ -42,6 +40,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
file://0001-Fix-build-with-clang-using-external-assembler.patch \
file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \
file://0001-allow-manpages-to-be-disabled.patch \
+ file://0001-fix-CVE-2018-0734.patch \
"
SRC_URI_append_class-target = " \
@@ -56,9 +55,11 @@ SRC_URI_append_class-nativesdk = " \
SRC_URI[md5sum] = "ac5eb30bf5798aa14b1ae6d0e7da58df"
SRC_URI[sha256sum] = "50a98e07b1a89eb8f6a99477f262df71c6fa7bef77df4dc83025a2845c827d00"
+S = "${WORKDIR}/openssl-${PV}"
+
UPSTREAM_CHECK_REGEX = "openssl-(?P<pver>1\.0.+)\.tar"
-inherit pkgconfig siteinfo multilib_header ptest relative_symlinks manpages
+inherit pkgconfig siteinfo multilib_header ptest manpages
PACKAGECONFIG ?= "cryptodev-linux"
PACKAGECONFIG_class-native = ""
@@ -164,7 +165,7 @@ do_configure () {
linux-mips*)
target=debian-mips
;;
- linux-microblaze*|linux-nios2*|linux-gnu*ilp32**)
+ linux-microblaze* | linux-nios2* | linux-gnu*ilp32** | linux-arc*)
target=linux-generic32
;;
linux-powerpc)
@@ -179,10 +180,7 @@ do_configure () {
linux-riscv64)
target=linux-generic64
;;
- linux-supersparc)
- target=linux-sparcv8
- ;;
- linux-sparc)
+ linux-sparc | linux-supersparc)
target=linux-sparcv8
;;
esac
@@ -194,7 +192,7 @@ do_configure () {
if [ "x$useprefix" = "x" ]; then
useprefix=/
fi
- libdirleaf="$(echo ${libdir} | sed s:$useprefix::)"
+ libdirleaf="$( echo "${libdir}" | sed "s:^$useprefix/*::" )"
perl ./Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} shared --prefix=$useprefix --openssldir=${libdir}/ssl --libdir=$libdirleaf $target
}
@@ -226,10 +224,11 @@ do_install () {
install -d ${D}${includedir}
cp --dereference -R include/openssl ${D}${includedir}
+ oe_multilib_header openssl/opensslconf.h
+
install -Dm 0755 ${WORKDIR}/openssl-c_rehash.sh ${D}${bindir}/c_rehash
sed -i -e 's,/etc/openssl,${sysconfdir}/ssl,g' ${D}${bindir}/c_rehash
- oe_multilib_header openssl/opensslconf.h
if [ "${@bb.utils.filter('PACKAGECONFIG', 'perl', d)}" ]; then
sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/CA.pl
sed -i -e '1s,.*,#!${bindir}/env perl,' ${D}${libdir}/ssl/misc/tsget
@@ -237,16 +236,19 @@ do_install () {
rm -f ${D}${libdir}/ssl/misc/CA.pl ${D}${libdir}/ssl/misc/tsget
fi
- # Create SSL structure
- install -d ${D}${sysconfdir}/ssl/
- mv ${D}${libdir}/ssl/openssl.cnf \
- ${D}${libdir}/ssl/certs \
+ # Create SSL structure for packages such as ca-certificates which
+ # contain hard-coded paths to /etc/ssl. Debian does the same.
+ install -d ${D}${sysconfdir}/ssl
+ mv ${D}${libdir}/ssl/certs \
${D}${libdir}/ssl/private \
- \
+ ${D}${libdir}/ssl/openssl.cnf \
${D}${sysconfdir}/ssl/
- ln -sf ${sysconfdir}/ssl/certs ${D}${libdir}/ssl/certs
- ln -sf ${sysconfdir}/ssl/private ${D}${libdir}/ssl/private
- ln -sf ${sysconfdir}/ssl/openssl.cnf ${D}${libdir}/ssl/openssl.cnf
+
+ # Although absolute symlinks would be OK for the target, they become
+ # invalid if native or nativesdk are relocated from sstate.
+ ln -sf ${@oe.path.relative('${libdir}/ssl', '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl/certs
+ ln -sf ${@oe.path.relative('${libdir}/ssl', '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl/private
+ ln -sf ${@oe.path.relative('${libdir}/ssl', '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl/openssl.cnf
# Rename man pages to prefix openssl10-*
for f in `find ${D}${mandir} -type f`; do
@@ -259,6 +261,19 @@ do_install () {
done
}
+do_install_append_class-native () {
+ create_wrapper ${D}${bindir}/openssl \
+ OPENSSL_CONF=${libdir}/ssl/openssl.cnf \
+ SSL_CERT_DIR=${libdir}/ssl/certs \
+ SSL_CERT_FILE=${libdir}/ssl/cert.pem \
+ OPENSSL_ENGINES=${libdir}/ssl/engines
+}
+
+do_install_append_class-nativesdk () {
+ mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d
+ install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
+}
+
do_install_ptest () {
cp -r -L Makefile.org Makefile test ${D}${PTEST_PATH}
@@ -307,38 +322,40 @@ do_install_ptest () {
${D}${PTEST_PATH}/Makefile ${D}${PTEST_PATH}/Configure
}
-do_install_append_class-native() {
- create_wrapper ${D}${bindir}/openssl \
- OPENSSL_CONF=${libdir}/ssl/openssl.cnf \
- SSL_CERT_DIR=${libdir}/ssl/certs \
- SSL_CERT_FILE=${libdir}/ssl/cert.pem \
- OPENSSL_ENGINES=${libdir}/ssl/engines
-}
-
-do_install_append_class-nativesdk() {
- mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d
- install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
-}
-
-# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto
-# package RRECOMMENDS on this package. This will enable the configuration
+# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto
+# package RRECOMMENDS on this package. This will enable the configuration
# file to be installed for both the base openssl package and the libcrypto
# package since the base openssl package depends on the libcrypto package.
-PACKAGES =+ "libcrypto libssl openssl-conf ${PN}-engines ${PN}-misc"
+PACKAGES =+ "libcrypto10 libssl10 openssl10-conf ${PN}-engines ${PN}-misc"
-FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}"
-FILES_libssl = "${libdir}/libssl${SOLIBS}"
-FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
+FILES_libcrypto10 = "${libdir}/libcrypto${SOLIBS}"
+FILES_libssl10 = "${libdir}/libssl${SOLIBS}"
+FILES_openssl10-conf = "${sysconfdir}/ssl/openssl.cnf"
FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines"
FILES_${PN}-misc = "${libdir}/ssl/misc"
FILES_${PN} =+ "${libdir}/ssl/*"
FILES_${PN}_append_class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh"
-CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
+CONFFILES_openssl10-conf = "${sysconfdir}/ssl/openssl.cnf"
-RRECOMMENDS_libcrypto += "openssl-conf"
+RRECOMMENDS_libcrypto10 += "openssl10-conf"
RDEPENDS_${PN}-misc = "${@bb.utils.filter('PACKAGECONFIG', 'perl', d)}"
RDEPENDS_${PN}-ptest += "${PN}-misc make perl perl-module-filehandle bc"
BBCLASSEXTEND = "native nativesdk"
+PACKAGE_PREPROCESS_FUNCS += "openssl_package_preprocess"
+
+# openssl 1.0 development files and executable binaries clash with openssl 1.1
+# files when installed into target rootfs. So we don't put them into
+# packages, but they continue to be provided via target sysroot for
+# cross-compilation on the host, if some software still depends on openssl 1.0.
+openssl_package_preprocess () {
+ for file in `find ${PKGD} -name *.h -o -name *.pc -o -name *.so`; do
+ rm $file
+ done
+ rm ${PKGD}/usr/bin/openssl
+ rm ${PKGD}/usr/bin/c_rehash
+ rmdir ${PKGD}/usr/bin
+
+}
diff --git a/poky/meta/recipes-connectivity/openssl/openssl_1.1.0i.bb b/poky/meta/recipes-connectivity/openssl/openssl_1.1.0i.bb
deleted file mode 100644
index e7006268f..000000000
--- a/poky/meta/recipes-connectivity/openssl/openssl_1.1.0i.bb
+++ /dev/null
@@ -1,170 +0,0 @@
-SUMMARY = "Secure Socket Layer"
-DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools."
-HOMEPAGE = "http://www.openssl.org/"
-BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html"
-SECTION = "libs/network"
-
-# "openssl | SSLeay" dual license
-LICENSE = "openssl"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=d57d511030c9d66ef5f5966bee5a7eff"
-
-DEPENDS = "hostperl-runtime-native"
-
-SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
- file://run-ptest \
- file://openssl-c_rehash.sh \
- file://0001-Take-linking-flags-from-LDFLAGS-env-var.patch \
- "
-
-SRC_URI_append_class-nativesdk = " \
- file://environment.d-openssl.sh \
- "
-
-SRC_URI[md5sum] = "9495126aafd2659d357ea66a969c3fe1"
-SRC_URI[sha256sum] = "ebbfc844a8c8cc0ea5dc10b86c9ce97f401837f3fa08c17b2cdadc118253cf99"
-
-inherit lib_package multilib_header ptest
-
-#| engines/afalg/e_afalg.c: In function 'eventfd':
-#| engines/afalg/e_afalg.c:110:20: error: '__NR_eventfd' undeclared (first use in this function)
-#| return syscall(__NR_eventfd, n);
-#| ^~~~~~~~~~~~
-EXTRA_OECONF_append_aarch64 = " no-afalgeng"
-
-#| ./libcrypto.so: undefined reference to `getcontext'
-#| ./libcrypto.so: undefined reference to `setcontext'
-#| ./libcrypto.so: undefined reference to `makecontext'
-EXTRA_OECONF_append_libc-musl = " -DOPENSSL_NO_ASYNC"
-
-do_configure () {
- os=${HOST_OS}
- case $os in
- linux-gnueabi |\
- linux-gnuspe |\
- linux-musleabi |\
- linux-muslspe |\
- linux-musl )
- os=linux
- ;;
- *)
- ;;
- esac
- target="$os-${HOST_ARCH}"
- case $target in
- linux-arm)
- target=linux-armv4
- ;;
- linux-armeb)
- target=linux-armv4
- ;;
- linux-aarch64*)
- target=linux-aarch64
- ;;
- linux-sh3)
- target=linux-generic32
- ;;
- linux-sh4)
- target=linux-generic32
- ;;
- linux-i486)
- target=linux-elf
- ;;
- linux-i586 | linux-viac3)
- target=linux-elf
- ;;
- linux-i686)
- target=linux-elf
- ;;
- linux-gnux32-x86_64 | linux-muslx32-x86_64 )
- target=linux-x32
- ;;
- linux-gnu64-x86_64)
- target=linux-x86_64
- ;;
- linux-mips)
- # specifying TARGET_CC_ARCH prevents openssl from (incorrectly) adding target architecture flags
- target="linux-mips32 ${TARGET_CC_ARCH}"
- ;;
- linux-mipsel)
- target="linux-mips32 ${TARGET_CC_ARCH}"
- ;;
- linux-gnun32-mips*)
- target=linux-mips64
- ;;
- linux-*-mips64 | linux-mips64)
- target=linux64-mips64
- ;;
- linux-*-mips64el | linux-mips64el)
- target=linux64-mips64
- ;;
- linux-microblaze*|linux-nios2*)
- target=linux-generic32
- ;;
- linux-powerpc)
- target=linux-ppc
- ;;
- linux-powerpc64)
- target=linux-ppc64
- ;;
- linux-riscv32)
- target=linux-generic32
- ;;
- linux-riscv64)
- target=linux-generic64
- ;;
- linux-supersparc)
- target=linux-sparcv9
- ;;
- linux-sparc)
- target=linux-sparcv9
- ;;
- darwin-i386)
- target=darwin-i386-cc
- ;;
- esac
-
- useprefix=${prefix}
- if [ "x$useprefix" = "x" ]; then
- useprefix=/
- fi
- libdirleaf="$(echo ${libdir} | sed s:$useprefix::)"
- perl ./Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} --prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=$libdirleaf $target
-}
-
-do_install () {
- oe_runmake DESTDIR="${D}" MANDIR="${mandir}" MANSUFFIX=ssl install
- oe_multilib_header openssl/opensslconf.h
-}
-
-do_install_append_class-native () {
- # Install a custom version of c_rehash that can handle sysroots properly.
- # This version is used for example when installing ca-certificates during
- # image creation.
- install -Dm 0755 ${WORKDIR}/openssl-c_rehash.sh ${D}${bindir}/c_rehash
- sed -i -e 's,/etc/openssl,${sysconfdir}/ssl,g' ${D}${bindir}/c_rehash
-}
-
-do_install_append_class-nativesdk () {
- mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d
- install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
-}
-
-do_install_ptest() {
- cp -r * ${D}${PTEST_PATH}
-
- # Putting .so files in ptest package will mess up the dependencies of the main openssl package
- # so we rename them to .so.ptest and patch the test accordingly
- mv ${D}${PTEST_PATH}/libcrypto.so ${D}${PTEST_PATH}/libcrypto.so.ptest
- mv ${D}${PTEST_PATH}/libssl.so ${D}${PTEST_PATH}/libssl.so.ptest
- sed -i 's/$target{shared_extension_simple}/".so.ptest"/' ${D}${PTEST_PATH}/test/recipes/90-test_shlibload.t
-}
-
-PACKAGES =+ "${PN}-engines"
-
-FILES_${PN} =+ "${libdir}/ssl-1.1/*"
-FILES_${PN}_append_class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh"
-FILES_${PN}-engines = "${libdir}/engines-1.1"
-
-RDEPENDS_${PN}-ptest += "perl-module-file-spec-functions bash python"
-
-BBCLASSEXTEND = "native nativesdk"
diff --git a/poky/meta/recipes-connectivity/openssl/openssl_1.1.1.bb b/poky/meta/recipes-connectivity/openssl/openssl_1.1.1.bb
new file mode 100644
index 000000000..1234b64b8
--- /dev/null
+++ b/poky/meta/recipes-connectivity/openssl/openssl_1.1.1.bb
@@ -0,0 +1,205 @@
+SUMMARY = "Secure Socket Layer"
+DESCRIPTION = "Secure Socket Layer (SSL) binary and related cryptographic tools."
+HOMEPAGE = "http://www.openssl.org/"
+BUGTRACKER = "http://www.openssl.org/news/vulnerabilities.html"
+SECTION = "libs/network"
+
+# "openssl" here actually means both OpenSSL and SSLeay licenses apply
+# (see meta/files/common-licenses/OpenSSL to which "openssl" is SPDXLICENSEMAPped)
+LICENSE = "openssl"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=d57d511030c9d66ef5f5966bee5a7eff"
+
+DEPENDS = "hostperl-runtime-native"
+
+SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
+ file://run-ptest \
+ file://openssl-c_rehash.sh \
+ file://0001-skip-test_symbol_presence.patch \
+ file://0002-fix-CVE-2018-0734.patch \
+ file://0003-fix-CVE-2018-0735.patch \
+ file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
+ "
+
+SRC_URI_append_class-nativesdk = " \
+ file://environment.d-openssl.sh \
+ "
+
+SRC_URI[md5sum] = "7079eb017429e0ffb9efb42bf80ccb21"
+SRC_URI[sha256sum] = "2836875a0f89c03d0fdf483941512613a50cfb421d6fd94b9f41d7279d586a3d"
+
+inherit lib_package multilib_header ptest
+
+B = "${WORKDIR}/build"
+do_configure[cleandirs] = "${B}"
+
+#| ./libcrypto.so: undefined reference to `getcontext'
+#| ./libcrypto.so: undefined reference to `setcontext'
+#| ./libcrypto.so: undefined reference to `makecontext'
+EXTRA_OECONF_append_libc-musl = " no-async"
+
+# This prevents openssl from using getrandom() which is not available on older glibc versions
+# (native versions can be built with newer glibc, but then relocated onto a system with older glibc)
+EXTRA_OECONF_class-native = "--with-rand-seed=devrandom"
+EXTRA_OECONF_class-nativesdk = "--with-rand-seed=devrandom"
+
+# Relying on hardcoded built-in paths causes openssl-native to not be relocateable from sstate.
+CFLAGS_append_class-native = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin"
+CFLAGS_append_class-nativesdk = " -DOPENSSLDIR=/not/builtin -DENGINESDIR=/not/builtin"
+
+do_configure () {
+ os=${HOST_OS}
+ case $os in
+ linux-gnueabi |\
+ linux-gnuspe |\
+ linux-musleabi |\
+ linux-muslspe |\
+ linux-musl )
+ os=linux
+ ;;
+ *)
+ ;;
+ esac
+ target="$os-${HOST_ARCH}"
+ case $target in
+ linux-arm*)
+ target=linux-armv4
+ ;;
+ linux-aarch64*)
+ target=linux-aarch64
+ ;;
+ linux-i?86 | linux-viac3)
+ target=linux-x86
+ ;;
+ linux-gnux32-x86_64 | linux-muslx32-x86_64 )
+ target=linux-x32
+ ;;
+ linux-gnu64-x86_64)
+ target=linux-x86_64
+ ;;
+ linux-mips | linux-mipsel)
+ # specifying TARGET_CC_ARCH prevents openssl from (incorrectly) adding target architecture flags
+ target="linux-mips32 ${TARGET_CC_ARCH}"
+ ;;
+ linux-gnun32-mips*)
+ target=linux-mips64
+ ;;
+ linux-*-mips64 | linux-mips64 | linux-*-mips64el | linux-mips64el)
+ target=linux64-mips64
+ ;;
+ linux-microblaze* | linux-nios2* | linux-sh3 | linux-sh4 | linux-arc*)
+ target=linux-generic32
+ ;;
+ linux-powerpc)
+ target=linux-ppc
+ ;;
+ linux-powerpc64)
+ target=linux-ppc64
+ ;;
+ linux-riscv32)
+ target=linux-generic32
+ ;;
+ linux-riscv64)
+ target=linux-generic64
+ ;;
+ linux-sparc | linux-supersparc)
+ target=linux-sparcv9
+ ;;
+ esac
+
+ useprefix=${prefix}
+ if [ "x$useprefix" = "x" ]; then
+ useprefix=/
+ fi
+ # WARNING: do not set compiler/linker flags (-I/-D etc.) in EXTRA_OECONF, as they will fully replace the
+ # environment variables set by bitbake. Adjust the environment variables instead.
+ PERL5LIB="${S}/external/perl/Text-Template-1.46/lib/" \
+ perl ${S}/Configure ${EXTRA_OECONF} ${PACKAGECONFIG_CONFARGS} --prefix=$useprefix --openssldir=${libdir}/ssl-1.1 --libdir=${libdir} $target
+}
+
+do_install () {
+ oe_runmake DESTDIR="${D}" MANDIR="${mandir}" MANSUFFIX=ssl install
+
+ oe_multilib_header openssl/opensslconf.h
+
+ # Create SSL structure for packages such as ca-certificates which
+ # contain hard-coded paths to /etc/ssl. Debian does the same.
+ install -d ${D}${sysconfdir}/ssl
+ mv ${D}${libdir}/ssl-1.1/certs \
+ ${D}${libdir}/ssl-1.1/private \
+ ${D}${libdir}/ssl-1.1/openssl.cnf \
+ ${D}${sysconfdir}/ssl/
+
+ # Although absolute symlinks would be OK for the target, they become
+ # invalid if native or nativesdk are relocated from sstate.
+ ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/certs')} ${D}${libdir}/ssl-1.1/certs
+ ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/private')} ${D}${libdir}/ssl-1.1/private
+ ln -sf ${@oe.path.relative('${libdir}/ssl-1.1', '${sysconfdir}/ssl/openssl.cnf')} ${D}${libdir}/ssl-1.1/openssl.cnf
+}
+
+do_install_append_class-native () {
+ create_wrapper ${D}${bindir}/openssl \
+ OPENSSL_CONF=${libdir}/ssl-1.1/openssl.cnf \
+ SSL_CERT_DIR=${libdir}/ssl-1.1/certs \
+ SSL_CERT_FILE=${libdir}/ssl-1.1/cert.pem \
+ OPENSSL_ENGINES=${libdir}/ssl-1.1/engines
+
+ # Install a custom version of c_rehash that can handle sysroots properly.
+ # This version is used for example when installing ca-certificates during
+ # image creation.
+ install -Dm 0755 ${WORKDIR}/openssl-c_rehash.sh ${D}${bindir}/c_rehash
+ sed -i -e 's,/etc/openssl,${sysconfdir}/ssl,g' ${D}${bindir}/c_rehash
+}
+
+do_install_append_class-nativesdk () {
+ mkdir -p ${D}${SDKPATHNATIVE}/environment-setup.d
+ install -m 644 ${WORKDIR}/environment.d-openssl.sh ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
+ sed 's|/usr/lib/ssl/|/usr/lib/ssl-1.1/|g' -i ${D}${SDKPATHNATIVE}/environment-setup.d/openssl.sh
+}
+
+do_install_ptest () {
+ # Prune the build tree
+ rm -f ${B}/fuzz/*.* ${B}/test/*.*
+
+ cp ${S}/Configure ${B}/configdata.pm ${D}${PTEST_PATH}
+ cp -r ${S}/external ${B}/test ${S}/test ${B}/fuzz ${S}/util ${B}/util ${D}${PTEST_PATH}
+
+ # For test_shlibload
+ ln -s ${libdir}/libcrypto.so.1.1 ${D}${PTEST_PATH}/libcrypto.so
+ ln -s ${libdir}/libssl.so.1.1 ${D}${PTEST_PATH}/libssl.so
+
+ install -d ${D}${PTEST_PATH}/apps
+ ln -s ${bindir}/openssl ${D}${PTEST_PATH}/apps
+ install -m644 ${S}/apps/*.pem ${S}/apps/*.srl ${S}/apps/openssl.cnf ${D}${PTEST_PATH}/apps
+ install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps
+
+ install -d ${D}${PTEST_PATH}/engines
+ install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines
+}
+
+# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto
+# package RRECOMMENDS on this package. This will enable the configuration
+# file to be installed for both the openssl-bin package and the libcrypto
+# package since the openssl-bin package depends on the libcrypto package.
+
+PACKAGES =+ "libcrypto libssl openssl-conf ${PN}-engines ${PN}-misc"
+
+FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}"
+FILES_libssl = "${libdir}/libssl${SOLIBS}"
+FILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
+FILES_${PN}-engines = "${libdir}/engines-1.1"
+FILES_${PN}-misc = "${libdir}/ssl-1.1/misc"
+FILES_${PN} =+ "${libdir}/ssl-1.1/*"
+FILES_${PN}_append_class-nativesdk = " ${SDKPATHNATIVE}/environment-setup.d/openssl.sh"
+
+CONFFILES_openssl-conf = "${sysconfdir}/ssl/openssl.cnf"
+
+RRECOMMENDS_libcrypto += "openssl-conf"
+RDEPENDS_${PN}-bin = "perl"
+RDEPENDS_${PN}-misc = "perl"
+RDEPENDS_${PN}-ptest += "openssl-bin perl perl-modules bash python"
+
+RPROVIDES_openssl-conf = "openssl10-conf"
+RREPLACES_openssl-conf = "openssl10-conf"
+RCONFLICTS_openssl-conf = "openssl10-conf"
+
+BBCLASSEXTEND = "native nativesdk"
diff --git a/poky/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch b/poky/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch
new file mode 100644
index 000000000..e53f24054
--- /dev/null
+++ b/poky/meta/recipes-connectivity/ppp/ppp/ppp-2.4.7-DES-openssl.patch
@@ -0,0 +1,84 @@
+Used openssl for the DES instead of the libcrypt / glibc
+
+Upstream-Status: Pending
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+Index: ppp-2.4.7/pppd/Makefile.linux
+===================================================================
+--- ppp-2.4.7.orig/pppd/Makefile.linux
++++ ppp-2.4.7/pppd/Makefile.linux
+@@ -38,7 +38,7 @@ LIBS =
+ # Uncomment the next 2 lines to include support for Microsoft's
+ # MS-CHAP authentication protocol. Also, edit plugins/radius/Makefile.linux.
+ CHAPMS=y
+-USE_CRYPT=y
++#USE_CRYPT=y
+ # Don't use MSLANMAN unless you really know what you're doing.
+ #MSLANMAN=y
+ # Uncomment the next line to include support for MPPE. CHAPMS (above) must
+@@ -132,7 +132,7 @@ endif
+
+ ifdef NEEDDES
+ ifndef USE_CRYPT
+-LIBS += -ldes $(LIBS)
++LIBS += -lcrypto
+ else
+ CFLAGS += -DUSE_CRYPT=1
+ endif
+Index: ppp-2.4.7/pppd/pppcrypt.c
+===================================================================
+--- ppp-2.4.7.orig/pppd/pppcrypt.c
++++ ppp-2.4.7/pppd/pppcrypt.c
+@@ -64,7 +64,7 @@ u_char *des_key; /* OUT 64 bit DES key w
+ des_key[7] = Get7Bits(key, 49);
+
+ #ifndef USE_CRYPT
+- des_set_odd_parity((des_cblock *)des_key);
++ DES_set_odd_parity((DES_cblock *)des_key);
+ #endif
+ }
+
+@@ -158,25 +158,25 @@ u_char *clear; /* OUT 8 octets */
+ }
+
+ #else /* USE_CRYPT */
+-static des_key_schedule key_schedule;
++static DES_key_schedule key_schedule;
+
+ bool
+ DesSetkey(key)
+ u_char *key;
+ {
+- des_cblock des_key;
++ DES_cblock des_key;
+ MakeKey(key, des_key);
+- des_set_key(&des_key, key_schedule);
++ DES_set_key(&des_key, &key_schedule);
+ return (1);
+ }
+
+ bool
+-DesEncrypt(clear, key, cipher)
++DesEncrypt(clear, cipher)
+ u_char *clear; /* IN 8 octets */
+ u_char *cipher; /* OUT 8 octets */
+ {
+- des_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher,
+- key_schedule, 1);
++ DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher,
++ &key_schedule, 1);
+ return (1);
+ }
+
+@@ -185,8 +185,8 @@ DesDecrypt(cipher, clear)
+ u_char *cipher; /* IN 8 octets */
+ u_char *clear; /* OUT 8 octets */
+ {
+- des_ecb_encrypt((des_cblock *)cipher, (des_cblock *)clear,
+- key_schedule, 0);
++ DES_ecb_encrypt((DES_cblock *)cipher, (DES_cblock *)clear,
++ &key_schedule, 0);
+ return (1);
+ }
+
diff --git a/poky/meta/recipes-connectivity/ppp/ppp_2.4.7.bb b/poky/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
index a5f764f6e..644cde456 100644
--- a/poky/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
+++ b/poky/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
@@ -4,7 +4,7 @@ the Point-to-Point Protocol (PPP) on Linux and Solaris systems."
SECTION = "console/network"
HOMEPAGE = "http://samba.org/ppp/"
BUGTRACKER = "http://ppp.samba.org/cgi-bin/ppp-bugs"
-DEPENDS = "libpcap"
+DEPENDS = "libpcap openssl virtual/crypt"
LICENSE = "BSD & GPLv2+ & LGPLv2+ & PD"
LIC_FILES_CHKSUM = "file://pppd/ccp.c;beginline=1;endline=29;md5=e2c43fe6e81ff77d87dc9c290a424dea \
file://pppd/plugins/passprompt.c;beginline=1;endline=10;md5=3bcbcdbf0e369c9a3e0b8c8275b065d8 \
@@ -32,6 +32,7 @@ SRC_URI = "https://download.samba.org/pub/${BPN}/${BP}.tar.gz \
file://fix-CVE-2015-3310.patch \
file://0001-pppoe-include-netinet-in.h-before-linux-in.h.patch \
file://0001-ppp-Remove-unneeded-include.patch \
+ file://ppp-2.4.7-DES-openssl.patch \
"
SRC_URI_append_libc-musl = "\
@@ -49,7 +50,7 @@ EXTRA_OECONF = "--disable-strip"
# Package Makefile computes CFLAGS, referencing COPTS.
# Typically hard-coded to '-O2 -g' in the Makefile's.
#
-EXTRA_OEMAKE += ' COPTS="${CFLAGS} -I${S}/include"'
+EXTRA_OEMAKE += ' COPTS="${CFLAGS} -I${STAGING_INCDIR}/openssl -I${S}/include"'
do_configure () {
oe_runconf
@@ -80,6 +81,10 @@ do_install_append () {
chmod u+s ${D}${sbindir}/pppd
}
+do_install_append_libc-musl () {
+ install -Dm 0644 ${S}/include/net/ppp_defs.h ${D}${includedir}/net/ppp_defs.h
+}
+
CONFFILES_${PN} = "${sysconfdir}/ppp/pap-secrets ${sysconfdir}/ppp/chap-secrets ${sysconfdir}/ppp/options"
PACKAGES =+ "${PN}-oa ${PN}-oe ${PN}-radius ${PN}-winbind ${PN}-minconn ${PN}-password ${PN}-l2tp ${PN}-tools"
FILES_${PN} = "${sysconfdir} ${bindir} ${sbindir}/chat ${sbindir}/pppd ${systemd_unitdir}/system/ppp@.service"
diff --git a/poky/meta/recipes-connectivity/socat/socat_1.7.3.2.bb b/poky/meta/recipes-connectivity/socat/socat_1.7.3.2.bb
index 6373dd40a..927df7463 100644
--- a/poky/meta/recipes-connectivity/socat/socat_1.7.3.2.bb
+++ b/poky/meta/recipes-connectivity/socat/socat_1.7.3.2.bb
@@ -7,11 +7,10 @@ SECTION = "console/network"
DEPENDS = "openssl readline"
-LICENSE = "GPL-2.0-with-OpenSSL-exception"
+LICENSE = "GPL-2.0+-with-OpenSSL-exception"
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
file://README;beginline=257;endline=287;md5=338c05eadd013872abb1d6e198e10a3f"
-
SRC_URI = "http://www.dest-unreach.org/socat/download/socat-${PV}.tar.bz2 \
file://Makefile.in-fix-for-parallel-build.patch \
file://0001-define-NETDB_INTERNAL-to-1-if-not-available.patch \
@@ -26,9 +25,23 @@ inherit autotools
EXTRA_AUTORECONF += "--exclude=autoheader"
EXTRA_OECONF += "ac_cv_have_z_modifier=yes \
- ac_cv_header_bsd_libutil_h=no \
+ ac_cv_header_bsd_libutil_h=no \
+ sc_cv_termios_ispeed=no \
+ ${TERMBITS_SHIFTS} \
"
+TERMBITS_SHIFTS ?= "sc_cv_sys_crdly_shift=9 \
+ sc_cv_sys_tabdly_shift=11 \
+ sc_cv_sys_csize_shift=4"
+
+TERMBITS_SHIFTS_powerpc = "sc_cv_sys_crdly_shift=12 \
+ sc_cv_sys_tabdly_shift=10 \
+ sc_cv_sys_csize_shift=8"
+
+TERMBITS_SHIFTS_powerpc64 = "sc_cv_sys_crdly_shift=12 \
+ sc_cv_sys_tabdly_shift=10 \
+ sc_cv_sys_csize_shift=8"
+
PACKAGECONFIG_class-target ??= "tcp-wrappers"
PACKAGECONFIG ??= ""
PACKAGECONFIG[tcp-wrappers] = "--enable-libwrap,--disable-libwrap,tcp-wrappers"
diff --git a/poky/meta/recipes-connectivity/wireless-tools/wireless-tools/avoid_strip.patch b/poky/meta/recipes-connectivity/wireless-tools/wireless-tools/avoid_strip.patch
deleted file mode 100644
index f34e243de..000000000
--- a/poky/meta/recipes-connectivity/wireless-tools/wireless-tools/avoid_strip.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-wireless_tools: Avoid stripping iwmulticall
-
-Upstream-Status: Inappropriate [other]
- The removed code was from upstream.
-
-Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
-
-diff -ur wireless_tools.29.orig/Makefile wireless_tools.29/Makefile
---- wireless_tools.29.orig/Makefile 2011-06-18 11:35:12.183907453 -0500
-+++ wireless_tools.29/Makefile 2011-06-18 11:38:09.995907985 -0500
-@@ -135,9 +135,8 @@
-
- macaddr: macaddr.o $(IWLIB)
-
--# Always do symbol stripping here
- iwmulticall: iwmulticall.o
-- $(CC) $(LDFLAGS) -Wl,-s $(XCFLAGS) -o $@ $^ $(LIBS)
-+ $(CC) $(LDFLAGS) $(STRIPFLAGS) $(XCFLAGS) -o $@ $^ $(LIBS)
-
- # It's a kind of magic...
- wireless.h:
diff --git a/poky/meta/recipes-connectivity/wireless-tools/wireless-tools/ldflags.patch b/poky/meta/recipes-connectivity/wireless-tools/wireless-tools/ldflags.patch
deleted file mode 100644
index 6c0d8cbd2..000000000
--- a/poky/meta/recipes-connectivity/wireless-tools/wireless-tools/ldflags.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-wireless-tools: Remove QA warning: No GNU_HASH in the elf binary
-
-Upstream-Status: Inappropriate [other]
- Useful within bitbake environment only.
-
-Signed-off-by: Muhammad Shakeel <muhammad_shakeel@mentor.com>
-
----
- Makefile | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- wireless_tools.29.orig/Makefile
-+++ wireless_tools.29/Makefile
-@@ -144,7 +144,7 @@ wireless.h:
-
- # Compilation of the dynamic library
- $(DYNAMIC): $(OBJS:.o=.so)
-- $(CC) -shared -o $@ -Wl,-soname,$@ $(STRIPFLAGS) $(LIBS) -lc $^
-+ $(CC) -shared -o $@ -Wl,-soname,$@ $(LDFLAGS) $(STRIPFLAGS) $(LIBS) -lc $^
-
- # Compilation of the static library
- $(STATIC): $(OBJS:.o=.so)
diff --git a/poky/meta/recipes-connectivity/wireless-tools/wireless-tools/man.patch b/poky/meta/recipes-connectivity/wireless-tools/wireless-tools/man.patch
deleted file mode 100644
index 6a757dae7..000000000
--- a/poky/meta/recipes-connectivity/wireless-tools/wireless-tools/man.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Upstream-Status: Inappropriate [configuration]
-
-Index: wireless_tools.30/Makefile
-===================================================================
---- wireless_tools.30.orig/Makefile 2014-02-01 00:21:04.148463382 -0800
-+++ wireless_tools.30/Makefile 2014-02-01 00:23:35.448072279 -0800
-@@ -76,7 +76,7 @@
- INSTALL_DIR= $(PREFIX)/sbin
- INSTALL_LIB= $(PREFIX)/lib
- INSTALL_INC= $(PREFIX)/include
--INSTALL_MAN= $(PREFIX)/man
-+INSTALL_MAN= $(PREFIX)/share/man
-
- # Various commands
- RM = rm -f
diff --git a/poky/meta/recipes-connectivity/wireless-tools/wireless-tools/remove.ldconfig.call.patch b/poky/meta/recipes-connectivity/wireless-tools/wireless-tools/remove.ldconfig.call.patch
deleted file mode 100644
index 3a22c3f1e..000000000
--- a/poky/meta/recipes-connectivity/wireless-tools/wireless-tools/remove.ldconfig.call.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-When /etc/ld.so.cache is writeable by user running bitbake then it creates invalid cache
-(in my case libstdc++.so cannot be found after building zlib(-native) and I have to call
-touch */libstdc++.so && /sbin/ldconfig to fix it.
-
-So remove ldconfig call from make install-libs
-
-Upstream-Status: Inappropriate [disable feature]
-
-diff -uNr wireless_tools.29.orig/Makefile wireless_tools.29/Makefile
---- wireless_tools.29.orig/Makefile 2007-09-18 01:56:46.000000000 +0200
-+++ wireless_tools.29/Makefile 2012-02-15 20:46:41.780763514 +0100
-@@ -163,7 +163,6 @@
- install -m 755 $(DYNAMIC) $(INSTALL_LIB)
- ln -sfn $(DYNAMIC) $(INSTALL_LIB)/$(DYNAMIC_LINK)
- @echo "*** Don't forget to add $(INSTALL_LIB) to /etc/ld.so.conf, and run ldconfig as root. ***"
-- @$(LDCONFIG) || echo "*** Could not run ldconfig ! ***"
-
- # Install the static library
- install-static:: $(STATIC)
diff --git a/poky/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb b/poky/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb
deleted file mode 100644
index 0a342071e..000000000
--- a/poky/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb
+++ /dev/null
@@ -1,50 +0,0 @@
-SUMMARY = "Tools for the Linux Standard Wireless Extension Subsystem"
-HOMEPAGE = "https://hewlettpackard.github.io/wireless-tools/Tools.html"
-LICENSE = "GPLv2 & (LGPLv2.1 | MPL-1.1 | BSD)"
-LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \
- file://iwconfig.c;beginline=1;endline=12;md5=cf710eb1795c376eb10ea4ff04649caf \
- file://iwevent.c;beginline=59;endline=72;md5=d66a10026d4394f0a5b1c5587bce4537 \
- file://sample_enc.c;beginline=1;endline=4;md5=838372be07874260b566bae2f6ed33b6"
-SECTION = "base"
-PE = "1"
-
-SRC_URI = "https://hewlettpackard.github.io/wireless-tools/wireless_tools.${PV}.tar.gz \
- file://remove.ldconfig.call.patch \
- file://man.patch \
- file://avoid_strip.patch \
- file://ldflags.patch \
- "
-SRC_URI[md5sum] = "ca91ba7c7eff9bfff6926b1a34a4697d"
-SRC_URI[sha256sum] = "abd9c5c98abf1fdd11892ac2f8a56737544fe101e1be27c6241a564948f34c63"
-
-UPSTREAM_CHECK_URI = "https://hewlettpackard.github.io/wireless-tools/Tools.html"
-UPSTREAM_CHECK_REGEX = "wireless_tools\.(?P<pver>(\d+)(\..*|))\.tar\.gz"
-
-S = "${WORKDIR}/wireless_tools.30"
-
-CFLAGS =+ "-I${S}"
-EXTRA_OEMAKE = "-e 'BUILD_SHARED=y' \
- 'INSTALL_DIR=${D}${base_sbindir}' \
- 'INSTALL_LIB=${D}${libdir}' \
- 'INSTALL_INC=${D}${includedir}' \
- 'INSTALL_MAN=${D}${mandir}'"
-
-do_compile() {
- oe_runmake all libiw.a
-}
-
-do_install() {
- oe_runmake PREFIX=${D} install-iwmulticall install-dynamic install-man install-hdr
- install -d ${D}${sbindir}
- install -m 0755 ifrename ${D}${sbindir}/ifrename
-}
-
-PACKAGES = "libiw libiw-dev libiw-doc ifrename-doc ifrename ${PN} ${PN}-doc ${PN}-dbg"
-
-FILES_libiw = "${libdir}/*.so.*"
-FILES_libiw-dev = "${libdir}/*.a ${libdir}/*.so ${includedir}"
-FILES_libiw-doc = "${mandir}/man7"
-FILES_ifrename = "${sbindir}/ifrename"
-FILES_ifrename-doc = "${mandir}/man8/ifrename.8 ${mandir}/man5/iftab.5"
-FILES_${PN} = "${bindir} ${sbindir}/iw* ${base_sbindir} ${base_bindir} ${sysconfdir}/network"
-FILES_${PN}-doc = "${mandir}"
OpenPOWER on IntegriCloud