diff options
| author | Patrick Williams <patrick@stwcx.xyz> | 2016-06-20 12:57:21 -0500 |
|---|---|---|
| committer | Patrick Williams <patrick@stwcx.xyz> | 2016-06-24 15:22:19 -0500 |
| commit | d8c66bc71e9a0303f1d300b9fa59c60dbfe10056 (patch) | |
| tree | 0d5c0ade4cc7ae9d8df42bcb3ad376d95398465e /yocto-poky/meta/recipes-connectivity | |
| parent | 353dbdaaa97d78d064f0638221f57311f21f0bb3 (diff) | |
| download | talos-openbmc-d8c66bc71e9a0303f1d300b9fa59c60dbfe10056.tar.gz talos-openbmc-d8c66bc71e9a0303f1d300b9fa59c60dbfe10056.zip | |
Squashed 'yocto-poky/' changes from b1f23d1..8358e54
Upgrade subtree to Yocto-2.1.
6c1c013 build-appliance-image: Update to krogoth head revision
5f84d65 syslinux.bbclass: Remove APPEND from variable dependency
d9dd864 bitbake: toaster-tests: tests for build dashboard
1cf8f21 bitbake: toaster: add modal to select custom image for editing
a40a3e6 bitbake: toaster: add build dashboard buttons to edit/create custom images
e65c980 bitbake: toaster-tests: make helper click on input before entering text
484cbf8 bitbake: toaster-tests: add tests for new custom image page
437b728 bitbake: toaster: prevent exception when Project.release is null
cfc22d3 bitbake: toaster: only prevent duplicate custom image names within a project
3036413 bitbake: toaster: disable/enable "Add layer" button according to input's content
040dbf6 bitbake: toaster: fix sorting after hiding a column in build tables
1b11b79 bitbake: toaster: ensure ToasterTable headings are reset when order by changes
9855840 image.bbclass: The wrong name is being used for the debug filesystem
38c7e2d image_types: Ensure rootfs dependencies cover DEBUGFS
0c3eaa7 syslinux.bbclass: The AUTO_SYSLINUXMENU value needs to be boolean
9c8a049 perf: pass DESTDIR in EXTRA_OEMAKE
9de7324 buildtools-tarball: set INHIBIT_DEFAULT_DEPS
ef09105 xf86-video-omapfb: remove EXTRA_OECONF_armv7a
c2f7da2 base.bbclass: Introduce PACKAGECONFIG_CONFARGS variable
e1c6890 git: update to 2.7.4
98bf7de license.bbclass: do write_deploy_manifest in image postprocessing
519600c devtool: sdk-update: fix handling of UNINATIVE_CHECKSUM changes
c7980b6 bitbake: main: fix processing of BBEVENTLOG
ee25d0e toasterconf.json: Update for krogoth release
b8e5de2 toasterconf.json: Remove fido from supported configurations
c59771e toasterconf.json: Update for krogoth release
d0bce0b toasterconf.json: Remove fido from supported configurations
d25eea3 poky-tiny.conf: set PREFERRED_VERSION_linux-yocto-tiny to 4.4
9f970b6 dev-manual, profile-manual, ref-manual: Purging Oprofile stuff
1d93104 ref-manual: Added description for the testsdk.bbclass.
db47094 ref-manual: Updated the remove-libtool.bbclass description.
a16eeca ref-manual: Added gobject-introspection.bbclass description.
3e761b4 ref-manual: Added reference for npm.bbclass.
5e50157 ref-manual: Fixed typo in the nopackages.bbclass description
f7b68c7 ref-manual: Added description for bash-completion.bbclass
ece900a ref-manual: Added nopackages.bbclass description. Fixed stray typo.
9143e9e ref-manual: Added description for the INSTALL_TIMEZONE_FILE variable.
6391dbf ref-manual: Updated the PREFERRED_PROVIDER variable with a note.
6d86f7a ref-manual: Dropped references to the autotools_stage class
4d5ff5e ref-manual, dev-manual: Scrubbed boot-directdisk and bootimg classes
cd2aaaa ref-manual: Updated the uninative.bbclass description.
e975d26 documentation: Converted "meta-yocto" to "meta-poky"
84452ee bsp-guide: Updated yocto-bsp create example output.
e00a62c ref-manual: Added the migration section for 2.1
02db9e6 yocto-project-qs, ref-manual: Upgraded minimum Git requirement
989841f ref-manual: Added rootfs-postcommands class description.
d06b343 ref-manual: Updated the EXTRA_OEMAKE variable description.
ecb2eb6 dev-manual: Updated "Additional Implementation Details" section
004b939 bitbake: lib/bb/utils: add docstring for contains()
524d04c ca-certificates: support Toybox
ecaf12e oetest: make console output more verbose
4946ecf dhcp: CVE-2016-2774
c219c6d buildtools-tarball: fix perl being included when building with ipk
9fe7738 buildtools-tarball.bb: fix unexpected operator
ed07f43 lib/oeqa/selftest/base.py: Correct a reference to meta/lib/oeqa/selftest
8953d83 oe-selftest: Correct the usage examples
dee47ad devtool: sdk-update: reset git metadata on update
396e64d build-appliance-image: Load TUN at startup
55068b1 default-providers.inc: set openssl PREFERRED_PROVIDER to openssl
74ab080 bind: CVE-2016-2088
d488d78 rpm: Disable __sync_add_and_fetch_8 on nios2
9d2d1ae kernel: fitimage: Fix do_deploy taskhash mismatch
4693593 images: zero out the rootfs_extra_space in initramfs images
8beb671 ext-sdk-prepare.py: exclude do_rm_work from unexpected output; create unit test
0262bc5 bitbake: bitbake-user-manual: Updated the 'bitbake -h' output example.
890ccd3 bitbake: bitbake-user-manual: Updated "Conditional Metadata" section
20a0121 bitbake: bitbake-user-manual: Updated discussion about using "inherit"
9f374c4 bitbake: providers: Add PREFERRED_RPROVIDER support
4b8b110 bitbake: providers: We don't depend on previous build results
8e7282c bitbake: cooker/knotty: Prefix parse logs with filename being parsed
1131303 bitbake: cooker: pass exception to finishAsyncCommand
ffa2ca0 fs-perms.txt: fix ROOT_HOME's permission
fd66a38 Revert "fs-perms.txt: fix ROOT_HOME's permission"
9ec9557 buildstats: Fix tracebacks for early task failures
7f9d01e default-providers: Update to use PREFERRED_RPROVIDER
76f4bbc oeqa/selftest/sstatetests: fix no-op sstate test
6326812 buildhistory: don't alter SDK creation stamps
bb40b5e dhcp: Enable update-rc.d service
27e202f meta/classes/qemu.bbclass: set -cpu of ppce5500/ppce6500 to e500mc
7c5823a shadow: Disable syslog for more commands
60a8719 devtool: upgrade: handle recipes where source is not first entry in SRC_URI
8353557 devtool: update-recipe: handle where SRC_URI is appended to with +=
aab3c8d linux-yocto: make aufs4 optional
d75d2be linux-yocto: tiny and pin ctrl config updates
8547cbf linux-yocto/4.4: BXT enablement
ffad386 linux-yocto/4.1: mainline SPI backports
4ba33a3 linux-yocto/4.4: gpio-pca953x: fix the "drive" property cannot read/write
86571db devtool: don't copy .git when building the eSDK
83eac65 package.bbclass: improve permission handling
eeae2ac fs-perms.txt: fix ROOT_HOME's permission
1db3dc8 runqemu: let ramfs equal to cpio.gz
a8c8e81 gcc-common.inc: String format tweak for available tunes
a7c426a pbzip2: fix LIC_FILES_CHKSUM following 1.1.12 -> 1.1.13 upgrade
1229009 pbzip2: don't skip do_configure
1e4ee30 useradd_base.bbclass: remove flock option '-w'
cb45ef3 matchbox-keyboard: Hide desktop launcher
69e20ca npm.bbclass: Stop packagenames containing underscores from being generated
c3c55478 bind: CVE-2016-1285 CVE-2016-1286
c4387a8 image.bbclass: add DEB_{PRE, POST}PROCESS_COMMANDS to rootfs_command_variables list
967bc74 rootfs.py: apply ROOTFS_POSTINSTALL_COMMAND to all package formats
f7352ca wic: fix bug in handling fsoptions
b2f5de5 buildtools-tarball.bb: set TOOLCHAIN_NEED_CONFIGSITE_CACHE to null
a460b04 rpm: more verbose errors in rpmTempFile
a43991d rootfs-postcommands: handle broken links when writing manifest
2c81e17 socat: Use c_ispeed and c_ospeed based upon libc
5c8124d archiver: Improve debug output
e912c46 kbd: remove uclibc-stdarg.patch
965fd3c image.bbclass: use max() instead of indexing booleans
6d85874 linux-yocto-tiny: fix KBRANCH
440d949 sudo: fix pam config on systemd systems
3fd5a6d sysvinit: make lastb.1 an alternative
175263e lib/oe/lsb: sanitise the distro identifier
9262d2f package.bbclass: handle links in sorted order
29cf263 sanity: allow sftp and ssh mirrors
f503317 toaster.bbclass: improve package information collection
88f4178 rsync: remove upstream's rebuild logic
8d59d06 rsync: pass cached configure values through the right variable
384e41c rsync: don't install acinclude.m4
e80800e Revert "oeqa/selftest/wic: add test case for sparse images"
45c0763 Revert "wic/utils/partitionedfs.py: assemble .wic images as sparse files"
e0e5426 bitbake: runqueue: Improve 'mulitiple .bb files are due to be built' message
380004b archiver: Ensure sstate-inputdir directory is created
3ad70a5 linux-yocto-tiny: fix COMPATIBLE_MACHINE
0e59727 glib-2.0: Put glib-compile-schemas back in -utils
d27ca36 oeqa/runexported.py: Fix exported test
85dbd7b oeqa/selftest/sstatetests: split 32/64 build host from no-op action tests
57be6dd util-linux: take ownership of hwclock if installed
acc1f96 meta: remove redundant ac_cv_sizeof_off_t assignments
92759d8 meta/site: remove sizeof_off_t
5602f64 archiver: Fix ASSUME_PROVIDED issues
fab626c distrodata: Exclude DATETIME reference from sstate checksum
faaeaf9 build-appliance-image: Support for VirtualBox guest additions
778121a local.conf.sample: Make it possible to override EXTRA_IMAGE_FEATURES
f947c27 poky.conf: add Fedora 23 to supported distros
f33a110 maintainers.inc: remove adt-installer
83d4fab local.conf.sample: remove reference to adt
52cfdb6 bitbake: toaster: fixes for customimage package not found
dae4ffb bitbake: data_smart: Restrict expansion regexp to not include : characters
7e739ac bitbake: tests/utils.py: test origvalue in a callback matches what is expected
e1e459e bitbake: lib/bb/utils.py: Fix a bug in edit_metadata() that could corrupt vars
43150ab oeqa/selftest/wic: add test case for sparse images
29bc2f7 wic/utils/partitionedfs.py: assemble .wic images as sparse files
7fdb061 image-vm.bbclass/image_types.bbclass: IMAGE_NAME -> IMAGE_LINK_NAME
04e1978 image_types.bbclass: fix elf
513ea49 image_types.bbclass: set nodesize for btrfs
bad434b libxml2: fix AM_PATH_XML2
9fe3d01 useradd_base.bbclass: prevent variable expansion in $opts
fb8e5f9 extrausers.bbclass: drop retry count for perform_user/group* calls
f737af4 build-perf-test: add eSDK installed size to metrics
50f5ca3 rpm: brace expansion is a bashism
66ecbd3 openssl.inc: minor packaging cleanup
e38ec0c systemd-systemctl-native: fix unit detection
4019058 apr-util: fix path in rules.mk for nativesdk
bdf453f bdwgc: installed-vs-shipped for nativesdk
12ca8df libsolv: fix installed-vs-shipped for nativesdk
c88c894 desktop-file-utils-native: disable emacs
d4f6c0e toaster: add DL_DIR and SSTATE_DIR to oe toasterconf
69b3f87 toaster.bbclass: strip task from the target
aa45c75 x11-common: Add PACKAGECONFIG for screen blanking
d366a33 opkg-utils: re-do find/ls code to not fail on filenames with spaces
5e360ca image-live.bbclass: fix iso + efi only
f5adb23 Add missing runtime dependency to python-pygobject
0720425 devtool: Create unlocked-sigs.inc containing items in the workspace
64cca7e sstatesig.py: Add a method to "unlock" recipes
1cb99dd populate_sdk_ext.bbclass: Enable locked sigs errors
2431ed7 sstatesig.py: Improve the SIGGEN_LOCKEDSIGS_TASKSIG_CHECK message
7e90280 sstatesig.py: Split single locked sigs check into multiple checks
7ce800c toasterconf.json: Set default distro to nodistro
1b7b548 dev-manual: Updated poky-floating-revisions file snippit example.
8d9e233 dev-manual: set correct task name for do_kernel_configme
6971029 poky-floating-revisions: Fix typo
14e2b90 toasterconf.json: Add DL_DIR and SSTATE_DIR to poky toasterconf
296dfbc build-appliance-image: Update to master head revision
00c4c9b poky: Convetion is 2.1, not 2.1.0
8cd1dec build-appliance-image: Update to master head revision
ecd58bb poky.conf: Bump version for 2.1.0 krogoth release
e955b5d bitbake: Update version to 1.30.0
4fd14e3 build-appliance-image: Update to master head revision
133224f documentation: Fixed references using the DISTRO_NAME variable
3831ca0 documentation: Updated release date in manual history tables.
b590fab dev-manual, ref-manual, sdk-manual: Removing oprofile references.
d2084cc Makefile: Removed adt-manual support
2677098 mega-manual: Removed the adt title .PNG file.
d9b4c80 README: Updated to remove the ADT manual and add the SDK manual.
9796cbb mega-manual.sed: Removed adt-manual processing
aa4b72b yocto-project-qs: Updated the minnowboard example.
f2505af poky.ent: Added lower-case distro name variable.
ee42a9b kernel-dev: Applied review comments to "Adding Recipe-Space Kernel Features"
d57fe7c ref-manual: Updated the PREFERRED_VERSION variable description.
53bade8 dev-manual: Added new section describing hardware and non-hardware config
763ae4e ref-manual: Updated verbiage on proxy handling
a1295ed ref-manual: Updated PREFERRED_VERSION variable description
879eec2 ref-manual: Updated debugging tips and tricks
23dbf81 kernel-dev: Added new "Adding Recipe-Space Kernel Features" section.
f30bfe9 kernel-dev: Updated the "Kernel Metadata Location" section.
53729bc sdk-manual: Removed three sections of writer notes.
9f0c571 sdk-manual: Applied review edits.
d4bdafa sdk-manual: Added sections in Appendix B.
d94fa00 dev-manual, profile-manual: Removed oprofile section and link
4f3dfa8 bitbake: bitbake: update LICENSE file with QUnit details
013984d bitbake: tests: browser Add test to run the js unit tests
7609888 bitbake: toaster: views jsunittest Add MACHINE and an extra layer to test project
fbc2c5d bitbake: toaster: tests Set MACHINE for the test projects
cb6b4eb bitbake: toaster: Add quint to project so that it can be used offline
18cb7fe bitbake: toaster: add rev dep column to image detail pages
7a309d9 bitbake: buildinfohelper: work around unicode exceptions
860cba8 bitbake: toasterui: update build in internal state
acb9407 bitbake: buildinfohelper: fix KeyError
52c8740 bitbake: toaster: get bitbake location from BBBASEDIR
f5d3ef6 bitbake: toaster: export BBBASEDIR variable
71ff9b9 bitbake: toaster: update projectconf.html for DL_DIR and SSTATE_DIR
705d44f bitbake: toaster: update view to support DL_DIR and SSTATE_DIR
4aafcae bitbake: toaster: use empty token
5ce4665 bitbake: toaster: runbuilds Clean up runbuilds
55b6fab bitbake: toaster: runbuilds Make runbuilds aware of the build CANCELLED state
f4cee88 bitbake: toaster: models Exclude the CANCELLED builds from get_number_of_builds
296d373 bitbake: toaster: mrb_section template Add build cancel button
f1b49dc bitbake: toaster: tables BuildsTable exclude cancelled builds
22242ae bitbake: buildinfohelper: Add handler for cancelling a build
9dcb9cb bitbake: toaster: bldcontrol models Add a cancelling state the BuildRequest
dfa8510 bitbake: toaster: models Add cancelled state to build outcome
5f862bb bitbake: toaster: update BuildEnvironmentController and BitbakeController
0db62c5 bitbake: toaster: libtoaster Update implementation of startABuild and cancelABuild
afab95c bitbake: toaster: xhr Update the implementation of the build cancellation request
eead032 bitbake: toaster: Move xhr calls for starting and stopping builds
f5aa970 bitbake: toaster: bldcontrol Add forceShutDown function to BitbakeController
d6992a8 bitbake: toasterui: shutdown on BuildCompleted event
c4ae028 bitbake: toaster: use bash explicitly
4adddfd bitbake: toaster: fix jethro build
b1a919a bitbake: toaster: update conf/local.conf
590a815 bitbake: toaster: stop bitbake server after the build
a8f6001 bitbake: toaster: add new parameter to _shellcmd
a43a16b bitbake: toaster: reimplement triggerBuild
ab18c20 bitbake: toaster: modified setLayers API
22fba9b bitbake: toaster: add brbe parameter to triggerBuild
829a0bd bitbake: toaster: remove release API
7068e8a bitbake: toaster: remove startBBServer API
9d4c62d bitbake: toasterui: fix brbe reporting
5bcce68 bitbake: buildinfohelper: improve handling of providermap
61b6b98 bitbake: uievent: improve BBUIEventQueue code
0b0d754 bitbake: toasterui: add brbe parameter to buildinfohelper
94ac3f0 bitbake: toaster: set BITBAKE_UI environment variable
e23a23b bitbake: toaster: get rid of noui option
f77baec bitbake: toaster: don't start bitbake server
4127fef image_types: use compress framework to produce checksums for images
60786b8 runqemu-gen-tapdevs: Add note about NetworkManager & tap devices
634aeed libtool: fix contaminated path to lt_truncate_bin
298d875 create-pull-request: fix for newer git
4faeff9 wget: fix build when len(TMPDIR) == 410
b667f4d sanity.bbclass: fix a hardcode in check_path_length()
94b3583 grub: remove unused 0001-Fix-build-with-glibc-2.20.patch
ef163ab glibc: remove unused CVE patches
b050ab2 clutter-gst-3.0: remove unused enable-tests.patch
064ebd5 cmake: remove unused dont-run-cross-binaries.patch
a71db4c tcl: remove unused fix-configure.patch
476eeea rpm: remove two unused patch
3d56864 ffmpeg, gstreamer1.0-libav: add textrel INSANE_SKIPs
8cc10a9 ffmpeg: Make configure options explicit
45c1944 bzip2: set correct soname
cbe33ec useradd.bbclass: remove user/group created by the package in clean* task
c115740 bitbake: fetch2/git.py: remove .indirectiondir workaround
4f07c22 bitbake: persist_data: Return str instead of unicode for sqlite3 text queries
d8f1f42 scripts/oe-selftest: avoid the creation of coverage file when coverage not installed
6e5e225 scripts/oe-selftest: remove coverage file if any coverage option is given
5edfec4 scripts/oe-selftest: remove unneeded coverage warning
8109e93 patch.bbclass: remove useless path assignment
7963613 gstreamer: remove now-redundant expansion in do_split_packages
37f4f5b package: do_split_packages: expand variables in extra_depends
2ed2089 xf86-video-intel: Add patch to fix some poor image quality
c1436b3 sanity: Increase minimum git version to 1.8.3.1
672545b scripts/oe-buildenv-internal: Fix regression in BB_ENV_EXTRAWHITE setting
f7fed7c license.bbclass: fix warnings when run in unprivileged "container" env
43071a0 externalsrc: avoid race in temporary git index file
f4f1d20 scripts/lib/bsp/help.py: Typo in help for yocto-bsp create
1bd2c8e bdwgc: use github repo for source location
0e6743b xf86-video-intel: Add patch to allow UXA to build
21e31c2 package_manager.py: better error handling in opkg's package listing
f2d5e20 systemd: make systemd-serialgetty optional
e699404 ncurses: reorder PACKAGES
f94ad4d bluez5.inc: remove obsolete workaround
a0cd8c0 buildtools-tarball: Add texinfo (for makeinfo)
9877795 cogl: fix G-I .typelib installation
b13184c classes/buildhistory: fix grammar in comments
e5c0a9f classes/buildhistory: fix filtering of depends-nokernel.dot
4d364f2 classes/buildhistory: optimise getting package size list
af5f423 bitbake: siggen: Ensure tainted stamps are accounted for with writing custom stamps
47e9e12 bitbake: siggen: Fix nostamp taint handling
8033627 bitbake: siggen: Add checksum recalculation/checking code
3e1b5e0 bitbake: siggen: Fix check calculation problem with file_checksums
39b637c bitbake: siggen: Drop misleading duplicate method
2c722e2 bitbake: tests/fetch.py: Improve unit tests for trusted network check
cf6d12d bitbake: fetch2: BB_ALLOWED_NETWORKS should not care about port numbers
158575c bitbake: toaster: orm better detect requires during CustomImageRecipe generation
c634473 bitbake: toaster: Correct typo on build form help text
c9ad1e6 bitbake: toaster: buildinfohelper Add additional metadata to the built layer
072a0b3 poky: Exclude DATE from DISTRO/SDK_VERSION checksums
f3c029f build-appliance-image: Exclude DDATETIME from task signature
7833eb4 image-vm: Exclude DISK_SIGNATURE_GENERATED from task signature
85ff4ff populate_sdk_ext: Exclude BBTASKDEPDATA from task signature
66412ab opkg-utils: opkg-build exit when fail to list files.
6b8f8a4 kernel-yocto: enforce SRC_URI specified branch
6ebd43c linux-yocto/4.4: UVC: Add support for R200 depth camera
6d2299f linux-yocto/4.4: fix PAT for 32bit x86
5559301 Revert "linux-yocto: Work around PAT issue on qemux86"
686c74f linux-yocto-dev: bump to v4.6-rcX
b3ba813 linux-yocto/4.1: ahci: backport AHCI runtime PM
8f7bbea linux-yocto/4.4: gpio-pca953x: add PCAL9535 interrupt support
4a50c05 linux-yocto/4.1: telemetry and dmaengine backports
31a10cb wic/isoimage-isohybrid.py: change cpio generated uid&gid to root
5cabf3b wic/isoimage-isohybrid.py: use glob to find initramfs location
5c60c36 bluez5: add ptest support
fc8b24d oe/patch: print cleaner error message when patch fails to apply
bf14014 oe/patch: more detailed error reporting
a2bf9e3 insane.bbclass: avoid false positives on library location
1f2f43c grub-efi.bbclass: use GRUB_ROOT rather than APPEND for root device
bf58526 bitbake.conf: Add BB_WORKERCONTEXT to HASHBASE_WHITELIST
1c1e851 gdb-cross-canadian: use PACKAGECONFIG for python and readline
370a50a base: Fixup PACKAGECONFIG incorrect mappings
dea3423 classes/packagegroup: Refactor code to be simpler
5defbcd default-distrovars.inc: remove libassuan from LGPLv2_WHITELIST_GPL-3.0
58d8123 libassuan: use package specific licensing
1f2a01b init-install-efi.sh: remove all root=foo from grub.cfg
3ce7d8c init-install.sh: fix disk_size
46eed0a ltp: fix test_proc_kill hanging
207ee90 ltp: add periodic output for memcg stress test
feafad1 epiphany: Depend on intltool-native for configure
2510239 image: Fix debugfs image type recursion loop
7dcb4c4 bitbake: toaster: tests Migrate landing page tests to Selenium
5b848fa bitbake: toaster: tests Migrate all projects page tests to Selenium
f2a38ea bitbake: toaster: tests Migrate project builds page tests to Selenium
961cd90 bitbake: toaster: tests Migrate all builds page and project page tests to Selenium
f859a3d bitbake: toaster: tests Migrate to Selenium for UI tests
965c72c yocto-bsp: Set correct default branches and branches base for i386, qemu and x86_64 archs
d110eba selftest/signing: Use packagedata to obtain PR value for signing test
34f11b5 lib/oe/packagedata: Add import os
0012b90 base.bbclass: avoid duplicate call to d.getVar('LICENSE', True)
efe73cb base.bbclass: drop obsolete HOSTTOOLS_WHITELIST_GPL-3.0
5293b83 man: use BUILD_CC and target include files for configure
5121705 scripts, lib: Don't limit traceback lengths to arbitrary values
3168134 bitbake: bitbake: Don't limit traceback lengths to arbitrary values
88ea0b9 image-vm.bbclass: remove invalid code
4d1df2c image-live.bbclass/image-vm.bbclass: remove duplicated code
d6d7526 bootimg.bbclass: merge it into image-live.bbclass
723fa56 boot-directdisk.bbclass: merge it into image-vm.bbclass
9e588481 man: fix several annoying compile/build warnings
aa13b97 image.bbclass: Make unneeded packages for a read-only rootfs configurable
4dde12f relocate_sdk: additional error checks
22bd875 systemd: fix build with gcrypt PACKAGECONFIG disabled
4b77909 devtool: modify: call shutdown on tinfoil when done
43da712 toolchain-shar-extract.sh: ensure all_proxy is allowed through
2aec71e oe-publish-sdk: exclude sstate-cache if publishing minimal SDK
8ef7016 oe-publish-sdk: prevent specifying a directory for the SDK argument
591b97c classes/populate_sdk_ext: support setting vars from environment at build time
c37d542 scripts, lib: Don't limit traceback lengths to arbitrary values
8049f25 pyton-numpy: Add definition of off_t size
b75505e image-live.bbclass: DEPENDS on syslinux
3ece012 ldconfig-native: Fix ELF flags on 64-bit binaries
d492aec recipes-support/rng-tools: Change runlevel start from S to 2, 3, 4, 5.
ab5c62e oeqa/runtime/parselogs.py: Add systemd unit circular dependencies errors.
9be3fb2 systemd-serialgetty: allow baud rate overriding
cf6788c psmisc: Remove including sys/user.h and __WORDSIZE
ede11b6 selftest: Added testcase decorator to tests
ccfe48c linux-yocto: add overlayfs feature
6ae0224 linux-yocto/4.4: broxton and usb type-c backports
e1ae3ee linux-yocto/4.4: drm/i915/skl: Fix DMC load on Skylake J0 and K0
0a1d621 linux-yocto/4.1: Intel Broxton: pwm backports
6ce8802 linux-yocto/4.1: Apollo Lake/Broxton mmc backports
a256628 linux-yocto/4.1: i2c: designware: Backport i2c patches
fbd209d linux-yocto/4.1: device property backports
ccf1b33 linux-yocto/qemuarm64: enable 32 bit compatibility
dacf9f2 linux-yocto/4.1: SMBus/iTCO backports
ab6fd48 default-distrovars.inc: remove gnutls + libtasn1 from LGPLv2_WHITELIST_GPL-3.0
2123a7e sanity.bbclass: Use pythonexception to raise real exceptions without backtraces
6af88d8 sanity: Require bitbake 1.29.1
1b2df6e uninative: Switch md5sum -> sha256
f719386 bitbake: cookerdata.py: remove slash in the end
e26087f bitbake: Bump version to 1.29.1
d73da22 bitbake: build/utils: Allow python functions to execute with real exception handling
672c07d bitbake: fetch2: Ensure that incorrect checksumed files are always renamed
2554be4 bitbake: cooker: fix CookerParser.shutdown()
53b5dc0 gcc: Fix musl ldso name for mips64
dd31bca selftest/buildoptions.py: use INHERIT +=
71db079 archiver.bbclass: addtask do_deploy_archives_setscene
1ca71e5 bitbake: cooker: Ensure bbappend order is deterministic
292c3e8 bitbake: checksum: In FileChecksumCache don't follow directory symlinks
326fc29 gcc-5.3/gcc-4.9: -fdebug-prefix-map support to remap relative path
9e20f94 ptest-runner_2.0.bb: Update recipe to point git.yoctoproject.org repo.
437841c man: fix src/Makefile to work with parallel make
abb5b46 oeqa/selftest/bbtests: Test bbappend order
ddbeb56 bitbake: cookerdata: Improve handling of ParseError
6dff639 gcc: Backport fixes for musl ssp configuration
ab20659 siteinfo: Fix musl 64bit targets
cd16b65 musl: Update to tip
0883aff buildhistory.bbclass: create image directory when needed
c093f7c runqemu: fix for iso
f1f9f89 init-live.sh: fix overlay fs
4e7eaed init-live.sh: fix ROOT_MOUNT
1622077 no-static-libs.inc: build static libusb1-native
b3e4a31 sstatesig: Ensure we keep native depends for allarch recipes
528a890 oe-selftest: generate .env only in test_image_env
21823cb build-appliance-image: Update to master head revision
7d251f7 build-appliance-image: Fix permissions
60656d0 bitbake: fetch2/wget.py: _check_latest_version_by_dir fix prefix detection
45ee2b1 bitbake: fetch2/wget.py: _check_latest_version_by_dir use group names
55cd35b conf/bitbake.conf package.bbclass: fix dbg package not contain sources while -fdebug-prefix-map used
e2b919c externalsrc: remove nostamp from do_configure
bbfc210 externalsrc: do not use do_configure[nostamp] for git srctrees
9ee403b archiver.bbclass: Just archive gcc-source for all gcc recipes
37683ef oeqa/utils/ftools: improve remove_from_file algorithm
3a934a8 scripts:/oe-selftest: Use timestamp instead of test names in coverage data file
71304d8 xcursor-transparent-theme: upgrade to latest git revision
7c5343a gdb: Fix build on mips64/musl
856be1f libunwind: Fix build on mips/mips64 for musl targets
dd61341 toolchain-shar-extract.sh: check the length for target_sdk_dir
c3c793b relocate_sdk: fixed .gccrelocprefix section handling
cc97d57 glib-2.0: Fix packaging
cef8bc9 gio-module-cache: Add class for Gio modules
0cda9d8 glib-2.0: Install gio-querymodules in main package
9ac1b6f oe-git-proxy: support username / password in http proxy
a15541d oe-git-proxy: also check all_proxy and http_proxy env variables
92b2bc5 wic: Update after task ordering changes
d6cb46c image.bbclass: run wicenv task only for wic images
5cb7705 wic: fix type of no-table option
1209eb2 matchbox-desktop: Do not close desktop on alt-F4
0361676 rootfs-postcommands: don't write manifest when IMAGE_MANIFEST empty
abd5b24 bitbake.conf: rename 'gobject-introspection-data' machine feature to 'qemu-usermode'
f81065f selftest/devtool: Update after make PROVIDER changes
25a04ee make, remake: make them properly exclude each other
f3a92ff kernel.bbclass: consider .csp firmware files
0569b69 tzdata: update to 2016c
a7e726a tzcode: update to 2016c
201d9d3 icecc.bbclass: replace icc with icecc
da00f6c icecc.bbclass: expand package arch
3f1702c icecc.bbclass: add icc_is_allarch inherit check
39170fe classes/sanity: use proper multi-line string literals
33a6135 oe-buildenv-internal: simplify derivation of BB_ENV_EXTRAWHITE
c6ab828 u-boot.inc: Add sub-dir support for SPL_BINARY
ddedab4 quilt: run ptest as normal user
afa4d5e site: Cache config vars for ccache
04344eb gdb-cross: use PACKAGECONFIG for python and readline
5005cab add !meta-poky to .gitignore file
1dd9348 scripts/lib/bsp/help.py: Add missing options to yocto-bsp help and usage
54eca75 poky-sanity.bbclass: update conf/templateconf.cfg for existing installations
2b992f3 site.conf.sample: fix reference to oe-git-proxy script
af63b49 conf-notes: remove reference to adt-installer
1d219ce linux-yocto: Update SRCREV for genericx86* for 4.4
8d4f43e linux-yocto: Update SRCREV for genericx86* for 4.1
84d5924 bitbake: fetch2: Handle lockfiles for file:// urls redirected to mirrors
b036afb bitbake: toaster: get all dependents for pkg for removal
9bf98a9 bitbake: toaster: new customise package-remove modal dlg
d5a419d bitbake: toaster: show full list of dependents to remove
fda94f4 bitbake: bitbake: fetch2/gitsm: Fix fetch when the repository contains nested submodules
1341c17 pseudo: backport a patch to fix xattr removal
07f0af3 uninative: don't try to relocate static binaries
c3c0d0a lib/oe/qa: add method to check if static or dynamic linked
10b6037 uninative: ensure patchelf errors are visible
86d7e44 libmad: remove use of obsolete _thumb over-ride
e7395c8 perf: package python modules into perf-python
b47225f perf: fix python scripts QA errors
ea8b914 linux-yocto/4.1: MFD backports
b6563a1 linux-yocto/4.1: device property : Backport device property patches
46baceb linux-yocto: ktypes/standard: Add tmpfs-posix-acl feature
bdf6b20 linux-firmware: Break out some additional firmware
6d8141f linux-firmware: Clean-up and sync license data
cea2a21 linux-firmware: Collapse iwlwifi firmware blobs for 7260 and 7265
3b3fe1d linux-firmware: Update to latest HEAD
d7cf2c3 archiver.bbclass: Fix tar name for git repositories
2cb4cb7 archiver.bbclass: Fix gcc-source corner case
c29eea0 archiver.bbclass: Fix use of ARCHIVER_WORKDIR and ARCHIVER_OUTDIR
8b7ee6e archiver.bbclass: Don't expand python functions in dumpdata
bc100b3 bind: /var/cache/bind
04d883c sysvinit: downgrade ALTERNATIVE_PRIORITY[mountpoint]
688d9a6 util-linux: split out util-linux-mountpoint
85ff75d gconf: fix buildpaths QA issue
7f7c9ab python-pygobject: use Python 2 instead of Python 3
e33124f sanity.bbclass: check host tool dependencies on change in NATIVELSBSTRING
4fe64d7 libunwind: Fix build with fstack-protector on musl
4aa08b8 ltp: Fix build on x86/musl
959b7f2 package.bbclass: Treat .node files same as .so when checking what to strip
e0bc781 bootimg.bbclass: only inherit syslinux when pcbios
1b1de89 grub-efi.bbclass: make it can build vm and live together
4ebaeb2 bootimg.bbclass: fix settings for grub-efi.bbclass
af1f77a pixz: Fix build on big-endian/musl systems
421289c sanity.bbclass cleanup
93e411e matchbox-wm: Update to fix XChangeProperty datatype issue
c843022 matchbox-panel-2: Fix Home-button icon load issue
01f6818 gstreamer1.0: fix introspection support also for git recipes
171adb1 gstreamer1.0-plugins-bad: fix incorrect handling of Cflags in gstreamer-gl.pc file
6462d08 x86-base.inc: suggest the latest kernel
c5c9ed6 at: fix configure option with/without-selinux
9b2b1f0 no-static-libs: just like target and native, nativesk-libcap doesn't like unrecognised options
bf90d0c linux-firmware: package firmware for Marvell 88W8688
cd17ab0 tune-arm926ejs: Handle missing thumb suffix
5b70c7e nativesdk-coreutils: a lot of warnings fixed
b47c53b runqemu-internal: split the code into functions
fae732f runqemu-internal: cleanup unsed code
e469bb7 runqemu: simplify checking for iso and ramfs
3610329 runqemu: add support for qcow2 and vdi
d85ca4a runqemu: remove ISO and RAMFS from help text
58bc854 runqemu: simplify the checking for vm images
6716eb2 runqemu: fix ROOTFS for vmdk
258cfa8 python(3): Disable tkinter
5988b5c selftest/signing.py: RPM_GPG_PASSPHRASE_FILE -> RPM_GPG_PASSPHRASE
3e5c5fe gpg_sign.py: get rid of pexpect
05d7e0d rpm: check _gpg_passphrase before ask for input
13a31b1 oe-publish-sdk: fix remote publishing
9926425 oe-publish-sdk: improve help output slightly
905286c oe-publish-sdk: drop SDK installer file from published output
0523378 devtool: add: create git repository if URL specified as positional argument
11c1d30 devtool: add: delete externalsrc files on npm recipe do_install
552a68a devtool: configure-help: fix error if do_configure not already run
eab3f06 bitbake.conf: whitelist proxy variables in config hash
58d2e56 classes/populate_sdk_ext: parse metadata on minimal SDK install
0684572 devtool: sdk-install: add option to allow building from source
50addfb classes/distutils*: don't hide logs when setup script fails
0ec30c7 classes/packagegroup: drop complementary -ptest if ptest not in DISTRO_FEATURES
d96ea29 classes/packagegroup: fix dbg/dev/ptest complementary packages
b58e5b1 bitbake: bitbake: xmlrpc: set single use mode differently
2df514b sdk-manual: Added note for running remote apps with SSH port forw enabled.
12f5c25 poky.ent: Added code name for 2.1 release to the variable
64241e0 sdk-manual: Applied more review edits to the manual per Eggleton.
b44d9e5 ref-manual: Created distrodata and checkpkg tasks, updated distrodata class
54050ff sdk-manual: Applied 2nd round of review edits.
6db8cbc sdk-manual: Applied review edits to the manual.
922eaeb sdk-manual: Updated the SDK devtool modify flow diagram.
2bbf77a dev-manual: Fixed a grammar error
286b76f sdk-manual, mega-manual: Updated the SDK devtool modify diagram
c3946bc dev-manual, profile-manual, ref-manual: Updates to remove meta-toolchain
7233e35 sdk-manual: Edits to add extensible SDK configuration sections.
b31bf7c ref-manual, sdk-manual: Changed section heading.
670735e ref-manual: Added some SDK manual support to introduction
266742b profile-manual: Updated screen output for oe-init-build-env
0654224 kernel-dev: Changed a link from an example to in-text.
19e3648 dev-manual: Edits from a 2.1 read-through.
a389684 poky.ent: Fixed a typo in one of the variables "ftar" to "tar"
b5d3065 poky.ent, bsp-guide: Removed eMenlow example and updated 2.1 variables
884b528 yocto-project-qs: Performed a read-through edit.
4b42385 poky.ent: Updated copyright year and version variables.
ae48b1f mega-manual: Added two new sections for the sdk manual
815d686 sdk-manual: Added some intro stuff about the SDK
4c5157f ref-manual: Resolving a conflict
4306f7f sdk-manual, mega-manual: Added new figure for Eclipse flow.
0bb6e48 sdk-manual: WIP on the book.
5a64701 sdk-manual, mega-manual, Makefile: Added new figures
32629e0 Makefile: Resolving a conflict
af40e9a sdk-manual: Added a new figure for installed extensible sdk directory.
62477889 sdk-manual: Applied some "red" text formatting to indicate notes
7ab8afa Makefile: Added the ".png" part to a figure I forgot.
fc43555 sdk-manual: Added a red-text "role" to the style sheet.
d07100d sdk-manual: Added new section detailing installed SDK directory.
b750729 sdk-manual-customization: Fixed XSL Appendix numbering parameter
ad7a994 Makefile: Updated the figure list for the mega-manual.
890f721 sdk-manual: WIP - Various small edits as WIP
f15f96c sdk-manual: New content for outline purposes.
4643b04 sdk-manual: Updated with two new appendices for new files.
d05566b sdk-manual: Added sdk-environment.png diagram.
0936eed sdk-manual: Added two appendix files to SDK Manual.
6996a1c Makefile: Added sdk-environment.png to figure list for SDK Manual
6cdb356 toaster-manual: Edits to a previous patch.
77594c0 mega-manual, Makefile: Added support for three new toaster figures.
00fe95d toaster-manual: Explain the local release
d06c7b8 documentation: remove all references to Hob
be8af37 ref-manual: Updated COREBASE_FILES variable.
5c7e5aa bitbake: bitbake-user-manual: include/require checks current directory
7ec8f28 bitbake: bitbake-user-manual: Updated the "inherit Directive" section.
75cba54 bitbake: bitbake-user-manual: Updated the copyright year to 2016
2918b50 bitbake: toasterui: remove ParseStarted from the event list
ab2abd4 bitbake: toasterui: Remove the excessive exception logging
d8137be bitbake: cache: Make BB_DONT_CACHE variable external
1d1aaa2 bitbake: toaster: orm generate CustomImageRecipe contents try secondary path
5c49230 bitbake: toaster: localhostbecontroller put generated layer in the builddir
b60c994 bitbake: toaster: localhostbecontroller Allow file:/// uri type for git repo
3025092 bitbake: toaster: orm Add a constant for the CustomImageRecipe's layer name
3df6551 bitbake: toaster: localhostbecontroller Don't clear out toaster custom layer dir
2f2f784 parselogs: add new whitelist entries to address 4.4.3 issues
8037ba4 bitbake: bb/tests/fetch: Update cups url
dab6d59 oe-buildenv-internal: Correct the sed expression which updates $PATH
068afc5 tzdata: update to 2016b
e140272 tzcode: update to 2016b
c0b3667 ffmpeg: Remove RSUGGEST=mplayer
e528a0a lttng-tools: Remove lttng-ust from PACKAGECONFIG for musl
42b9bdf packagegroup: Disable packages not available on musl
f148a2e world-broken: Add packages broken on musl
624ca6a siteinfo: Move apr configure cache to common-linux
90234f1 parselogs: add new whitelist entries to address 4.4.3 issues
13a2a3f u-boot: Upgrade to 2016.03 release
ecf3396 grub: add -Wno-error=trampolines to native CFLAGS
07515b0 dhcpd: create dhcpd user for dhcp dameon
b9ad80d valgrind: fix buildpath QA issue
7985006 gcc-5.3/gcc-4.9:Reuse -fdebug-prefix-map to replace -ffile-prefix-map
2faa718 gcc-5.3/gcc-4.9:replace build path with target path in __FILE__
76f10fd oe-buildenv-internal: Some clean up
4d1efc3 oe-buildenv-internal: Add variables individually to BB_ENV_EXTRAWHITE
39ac332 oe-buildenv-internal: Add paths to $PATH individually
dd5f2f7 oe-init-build-env*: Make them actually return failures
ea28de6 oe-init-build-env*: Remove unnecessary differences between the scripts
51aa00f oe-init-build-env*: Update/correct comment about specifying arguments
16fb9b8 oe-init-build-env*: Allow $OEROOT to be predefined
3173979 bluez5: allow D-Bus to spawn obexd in systems without systemd
10ef68f oeqa: remove RPM 4 self test
d915965 lib/package_manager: remove RPM4 support code
03fce73 smartpm: remove rpm4 patch
1e9de52 rpm: remove RPM 4
a7dd04d grub: fix documentation rebuilds
ee4f61b oe-selftest: Fixed --list-tests-by tag option
068e898 gcc-runtime.inc: set LICENSE for all gcc-runtime packages
788dfdd ParaTypeFFL-1.3: Add license file
62ddde6 externalsrc: use shared stamp directory if B=S
1969332 rpm: fix error when 'lua' is enabled
a31301e matchbox-keyboard: Update to latest HEAD to fix 64bit issue
40a55f1 oeqa/selftest/buildoptions: test read-only-rootfs
f64fdd2 oeqa/selftest/sstatetests: verify more variables don't impact the hash
ac347da gobject-introspection.bbclass: wrap comments at 80 columns
ae63b88 qemuarm64.conf: don't clear MACHINE_FEATURES
cad415d sanity.bbclass: allow customizing config file update error messages
96a5cb4 sanity.bbclass: fix success message when config file was updated
805aca8 sanity.bbclass: expand error messages for version checks
7d6801c lighttpd: fix /usr/lib/mod_cgi.so: undefined symbol: chunkqueue_written
5f7b9f0 valgrind: Disable nios2 support
aaaccc4 systemtap: Disable nios2 support
5857b20 lttng-modules: Add nios2 support
26248cd kexec: Disable on nios2
3e4d99b packagegroup-core-sdk: Disable sanitizers for nios2
797ffc8 bdgwc: Backport nios2 support
238e2c1 libatomic-ops: Backport nios2 support
7e83af3 selftest/buildoptions: Renamed one test case
0d9f515 python-numpy: Fix build on musl
e1f3f4c socat: Access c_ispeed and c_ospeed via APIs
bb4e6e0 watchdog: Disable nfs on musl targets
f00cca8 bdwgc: Check for getcontext() API during configure
51464e7 devtool: change config symlink name to .config.new
8c0148f systemd: Fix and expand ptests
427e369 oeqa/utils/testexport.py: add functionality for exporting binaries
2191623 init-live : make it easier to add custom boot targets
57a525c useradd_base.bbclass: replace retry logic with flock
5d06f00 image.bbclass: track ROOTFS_POSTUNINSTALL_COMMAND in do_rootfs vardeps
6129d86 eudev: split eudev-hwdb from eudev
9aa27fe openssl: don't move libcrypto to base_libdir
370419e xcb-util-image: Fix build with clang
8727975 musl: Update to get mips64 port
4653fdd dhcp: enable gentle shutdown
e382d96 coreutils: fix reporting 'unknown' by `uname -p' and `uname -i'
3b8cd1d ncurses_6: Improve installation
9cc65ed Revert "selftest: Added MACHINE = "qemux86" to tests that use runqemu"
3c5ee61 busybox: Drop -r passthrough patch
2c666af linux-yocto/4.1: usb: add usb_otg_caps to usb_gadget structure.
8dc9162 linux-yocto/4.1: Intel Broxton and Sunrisepoint-H: pinctrl and drm
99ad4c9 linux-yocto/4.1: powercap/RAPL: Backport powercap/RAPL
c4f544e linux-yocto/4.1: Thermal: Enable Broxton SoC thermal reporting device
123c2c6 linux-yocto/4.1: usb backports for Apollo Lake/Broxton
600b700 recipetool: create: don't create extra files directory unconditionally
8debfea local.conf.sample: Disable prelink by default
efa0881 oeqa/selftest/recipetool: Fix test_recipetool_create_simple
c9d269c Revert "packagegroup-core-x11-sato: add python-pygobject and gtk+3"
d24a39a oeqa/recipetool: Fix syntax error
55a1e52 oeqa/recipetool: Improve debugging output by adding dirlist
637b3c8 uninative: Add a fix for icu-native to use the correct ABI
9dbfbe9 scripts/oe-selftest: Add short names to most common options
681a452 gcc: Fix the license on GNU OpenMP
15c5b2a Revert "gcc: Fix the license on GNU OpenMP"
d5cdb48 perl: fix missing dependency for perl-misc
0eb52b9 classes/buildhistory: record a few more variables for extensible SDK
cbb4c5b package-deb: Ignore circular dependencies
fcc7ff0 package_deb: Fix python runtime error
9155b24 python-numpy: fix buildpaths QA issue
9e69963 python: move ast module into python-core
1a35166 xserver: require sufficiently new libdrm
36bf666 package_manager.py: Fix race condition in OpkgIndexer.write_index()
35be679 scripts/oe-selftest: Add search expression matching to run/list options
4489ef1 glib-2.0: relocate the GIO module directory for native builds
cf3402e image-buildinfo.bbclass: fix performance problems
e2fe28c linux-yocto/4.4: gpio-pca953x: add "drive" property
3d45853 python3: fix do_configure check platform triplet error
03b167d ncurses_6: Fix an install race condition
09eab6b build-appliance: make the inclusion of downloaded sources optional
8ea5cdc builder: remove hob from autostart
ff5d9f7 Revert "gstreamer1.0-plugins-XXX: move inherit gettext into common .inc file"
c99da8d musl: disable building of gobject introspection data
0dea50e machine/include/arch-x86: Make x32 ABI not supporting gobject-introspection-data
8c14c74 bitbake.conf: add 'gobject-introspection-data' to DISTRO/MACHINE_FEATURES_BACKFILL
2e27994 packagegroup-core-x11-sato: add python-pygobject and gtk+3
8b1fa2a webkitgtk: enable gobject introspection
7bd32b9 recipes-gnome: fix introspection support
efd37c5 python-pygobject: update to 3.18.2
ff3500b gnomebase.bbclass: do not disable gobject introspection
ac5cc0c gstreamer: enable gobject introspection
03cd714 libsoup-2.4: enable gobject introspection
c1d67e4 clutter: enable gobject introspection
0ec412b gtk+3: enable gobject-introspection
d6f8028 gtk+: enable gobject introspection
0d1e4b2 avahi: enable gobject-introspection
d2e0dc1 python-pygtk: remove the recipe
0c6d7cb avahi-ui: remove the dependency on python-pygtk by disabling avahi-discover
4fbf761 vala.bbclass: remove pre-packaged vapigen.m4 from tarballs
235455d vala: enable the use of vapigen by packages with vala support
d1b96f1 gobject-introspection.bbclass: add a class that enables gobject introspection
96b5847 gtk-doc-stub: remove introspection stubs
3a1d9fb gobject-introspection: Override GIO_MODULE_DIR when scanning
10e9977 gobject-introspection: add the recipe
3c66619 bitbake: fetch2/npm: fix ud.registry so that alternative registries can be handled
0155472 ref-manual: Updated "Application Development SDK" section.
4438460 ref-manual: Applied review edits to several SDK variables.
3c727ff ref-manual: Updated "Cross-Development Toolchain Development" section.
af1517c ref-manual: Updated "Build History SDK Information" section.
d9fc04b dev-manual, mega-manual: Updated "Application Development SDK" section.
357aa33 ref-manual, mega-manual: Updated "SDK Generation" section.
54490c0 ref-manual: Added several extensible SDK variables to glossary.
6dfd441 ref-manual: Updated IMAGE_PKGTYPE variable.
77f002c ref-manual: Updated "Cross-Development Toolchain Generation"
ee90cc6 ref-manual: Updated the "Build History SDK Information" section.
53dd8a0 dev-manual: Moved "Optionally Using an External Toolchain" to Tasks chapter.
9d76cfe meta: toolchain-shar-relocate.sh: Fix for extracting SDK in the same directory as SDK script.
054abad nettle: The variable named p in the patch file was incorrectly named.
93a5417 valgrind: Make dep on glibc-utils conditional on TCLIBC = glibc
40c9774 make 4.1: fix segfault when ttyname fails
7f27713 gcc: Disable libitm for MicroBlaze
81d58d6 sign_package_feed: add feed signature type
42f612c package_manager: sign IPK package feeds
c637783 signing-keys: create ipk package
14e809e gpg_sign: export_pubkey: add signature type support
0b088e0 gpg_sign: detach_sign: fix gpg > 2.1 STDIN file descriptor
2fccd8a gpg_sign: add local ipk package signing functionality
6bd6a2b systemd: add comment stating that resolved needs gcrypt
a5fd57d selftest/bblayers.py: Remove harcoded recipe files
dce7290 selftest/prservice.py: Sanitize package version when looking for stamp
cbd87f3 lsof: update UPSTREAM_CHECK_URI
57fb05a eudev: provide UPSTREAM_CHECK_URI
3f8d5bf toaster.bbclass: show packages that were setscened into existence too
39e1351 gcc: Fix the license on GNU OpenMP
c6aeef3 linux-yocto/4.4: Galileo updates
37b61b0 siteinfo: Add ppc64le support.
0265fcc nettle: disable static for 2.7.1
8660cd1 nettle: Security fix CVE-2015-8804
dae5715 nettle: Security fix CVE-2015-8803 and CVE-2015-8805
24aea3a glib-2.0: silence warnings when parsing headers for introspection
3331992 qemu: Limit paths searched during user mode emulation
b578a06 image-mklibs: handle position independent binaries
c706b5e libpam: define limits.conf as CONFFILES of package libpam-runtime
82dec46 perl-rdepends: Remove circular dependencies
815c36f rpm: Sync CVS to regular version
775f22e rpm: Fix musl integration with RPM5
001bdef gcc: Disable libitm for nios2
d53413d bitbake: server/process: Try connecting 4 times before giving up
0f01059 bitbake: toaster: models List only have the specified project's imported layers
0dcab02 bitbake: toaster: rework task buildstats storage and display
cc74a8a bitbake: toaster: use force_bytes to display non-ascii project names
aebc22d bitbake: fetch2: Make SRC_URI[md5sum] and SRC_URI[sha256sum] expand their values
d405f97 bitbake: xmlrpc: fix bug in setting XMLRPCServer.single_use
c50bdb3 bitbake: fetch2/npm: add missing URL argument to ParameterError
fbf27c4 bitbake: fetch2/npm: properly handle npm dependencies
ef6a451 bitbake: fetch2/npm: fix errors with some version specifications
ad50ce9 populate_sdk_ext: Correct commit 8b81bb56c69aabdea984352f8e267a9783c0bdbc
bc0e99d recipetool: create: shrinkwrap and lockdown npm modules
309b2e6 recipetool: create: support creation of additional files by plugins
2279eb2 recipetool: create: check if npm available if npm:// URL specified
9145500 recipetool: create: split npm module dependencies into packages
d46827c recipetool: create: add license file crunching
3fd244b recipetool: create: match *LICENSE* as a license file
2b6a352 recipetool: create: improve mapping for autotools program macros
1607fac recipetool: create: be more tolerant of spacing in configure.ac
9dca5c8 lib/sstatesig: skip shared_workdir when checking locked sigs
142bad3 python3: fix patching get_python_lib() in distutils/sysconfig.py
50d07e9 python3-native: use the previous version of python-config script
5dce2e3 qemu.bbclass: add qemu_wrapper_cmdline()
8b5afcd db: remove the NO_UPDATE_REASON and replace it a comment about RPM
5699c67 rpmresolve: It is not necessary to manually specify -lpopt
8ea55ba rpm: A number of the patches have been submitted upstream
6833c5d rpm: Enable specific crypto and digest settings via variables
59a4d99 security_flags.inc: Special flags are needed for RPM
007c284 rpm: Uprev to rpm-5.4.16 (pre) and rpm-5.4+cvs to current CVS head
a27ca6d yocto-bsp: Update templates to 4.4 kernel
2d0933c conf/distro/include: drop old recipes
1fd183e bblayers.conf.sample: remove BBLAYERS_NON_REMOVABLE
477b8fb poky: Enable uninative
1b7cc9c linux-yocto/4.4: explicitly enable ftrace in tracing fragment
aee7482 linux-yocto/4.4: iwlwifi: mvm: don't allow sched scans without matches to be started
2408f49 linux-yocto/kernel-meta: ktype refactoring: move DEBUG_KERNEL, EXPERT and EMBEDDED
9ac029b xmlto: tell xmlto where cp is
6d89b52 toaster.bbclass: improve how we gather buildstats for Toaster
4dd3e40 image-prelink: use STAGING_*_NATIVE variables
2193e9d strace: Backport fixes for compiling with clang
ee8ff42 ghostscript: 9.16 -> 9.18
3f5725c fontconfig: Revert changes made to FcConfigAppFontAddDir() recently
433d866 populate_sdk_ext: Make populate_sdk_ext nostamp
e186d6d systemd: binfmt should be added to SYSTEMD_PACKAGES only if binfmt is enabled
b051a95 license.bbclass: fix host contamination warnings for license files
f8a9774 oeqa/selftest/buildoptions: Test build does not fail without git rev
656aeff busybox.inc: add tail symlink so busybox can commit suicide cleanly
a321f4e avahi-ui: add dbus to PACKAGECONFIG
1bd4b72 avahi: add missing intltool-native build dependency
72f9e39 avahi: make dbus optional but default
424466b oe-setup-builddir: tidy up local.conf and bblayers.conf commentary
07919e9 net-tools: Add SCTP option support
e8254bc tune-corei7.inc: Fix PACKAGE_EXTRA_ARCHS for corei7-32
5346675 eudev: remove redundant udev_run assignment
adad264 xcursor-transparent-theme: use a version glob in the selftest bbappend
946d00c populate_sdk_ext: Update after uninative changes
ba57ba1 image.bbclass: support chaining compression (aka conversion) commands
5ac3dc7 image.bbclass: fix incomplete .rootfs customization
3322fa7 bitbake: toasterui: fix warning 'Unknown event'
621cbc8 bitbake: toasterui: exit on final events
8e138b7 bitbake: toasterui: make toasterui to work in build mode
0a61306 bitbake: toasterui: check if setEventMask succeeded
ac941ac bitbake: command: make setEventMask readonly
dd3da9a bitbake: toasterui: update list of events
f56fa5d bitbake: toasterui: reformat list of events
a71d32a bitbake: toaster: remove sshbecontroller module
3db71b4 bitbake: toaster: don't use sshbecontroller
790b2d1 bitbake: toaster: raise NotImplementedError
96535ba bitbake: toaster: bring back the strict directive
5b8b399 bitbake: toaster: change 'revision' to 'Git revision'
07ead98 bitbake: toaster: views api Package info return both kinds of RDEPENDS
9cda2ab bitbake: toaster: fixup dependency excludes for customimage
a54cebe bitbake: fetch2/npm: ignore unknown headers in tarballs
0cd1be1 bitbake: fetch2/npm: handle alternative dependency syntax
d999927 bitbake: fetch2/npm: fix indentation
26ee4dd image creation: allow overriding .rootfs suffix
e43fcdf scripts/hob: drop
59b4cef classes/packageinfo: remove
bbf2a5d conf/documentation.conf: remove BBLAYERS_NON_REMOVABLE
7054882 yocto-uninative: Add common include for uninative
d2c96ca mtools: Drop GCONV_PATH manipulation
d27644e uninative: Handle relocate of GCONV_PATH in libc
0523499 uninative: Add checksum support
73265d1 uninative: Refactor common code
4feb00d uninative: Use CXX11 ABI for interoperation between gcc4 and gcc5
013dd24 uninative: correctly enable uninative
034618d glibc: Add relocation of GCONV_PATH
8dca343 uninative-tarball: Add glibc-gconv-iso8859-1 for guile
1f50f29 dkpg: Use tar everywhere (not gtar)
b158d6c gtk3+: Add missing DEPENDS on wayland-native
e395e81 tune-cortexa17.inc: apply changes similar to a15
ea53d1e sstate: Allow late expansion of NATIVELSBSTRING
bd3a1d5 linux-yocto: Update SRCREV for genericx86* for 4.4
70c6df2 linux-yocto: Update SRCREV for genericx86* for 4.1
ae85c4b linuxloader/image-prelink/image-mklibs: Fix non-standard path prelinking
0b84897 insane/prelink: Handle nonstandard library paths
6b564ae ext-sdk-prepare: Catch setscene tasks which should have run but didn't
d8efd2e createrepo: Fix stat floating timestamps
ce5a9df xmlto: ensure /bin/bash is used as bash
70b4f36 openssl: add a patch to fix parallel builds
1632742 xdg-utils: remove trailing whitespace in multiline string
816391a btrfs-tools: Add libgcc to RDEPENDS
e467156 bitbake.conf: Add libgcc-native to ASSUME_PROVIDED
a91713f net-tools: Override CFLAGS/LDFLAGS in do_install too
fb0c3c5 nspr: Fix build regression on musl from last upgrade
37f5fb9 gdb: fix builds with internal readline and no static libraries
6518db4 feature-arm-thumb.inc: Fix thumb tune override warning
afb1d09 recipetool: create: fix support for AX_CHECK_LIBRARY
463fd5e formfactor: assume a keyboard is plugged in
e2107f5 acl: Fix re pattern in test cases
82a8064 gcc-runtime.inc: disable libitm for little endian MIPS too
25d9c4e devtool: add build-sdk subcommand
41eb36d devtool: build-image: rename module
82d0c8a oeqa/buildoptions: Improve unsafe references tests
4284fdf insane.bbclass: make the checking stricter for unsafe references in scripts
5cd71fe yocto-project-qs: Updated flow to mention Toaster
cd041b7 dev-manual: Applied review comments to the devshell section.
f54fe56 ref-manual: Updates for nativesdk clarifications.
a882267 dev-manual: Fixed typo in the devshell section.
70c7e36 dev-manual: Created devtool upgrade section.
b2b22d5 dev-manual, mega-manual, Makefile: Added support for new upgrade flow
0b7d8a4 dev-manual, mega-manual: Updated the workspace directory structure image
050e021 dev-manual: Applied review changes to the devtool section.
09ecf38 dev-manual, mega-manual: Updated three figures for devtool
f33ffaa dev-manual: Applied more review comments to the section.
fe70eb2 dev-manual, mega-manual: Updated the devtool modify flow diagram.
eb3b414 dev-manual, mega-manual: Updated the devtool add flow diagram.
4c5bd3f dev-manual, mega-manual: Updated the devtool workspace figure.
9cee16b dev-manual: Applied review comments to the devtool section
c678d1a dev-manual: Updated the devtool add section.
a09238a dev-manual, mega-manual: Updated devtool add flow diagram
7699f0a dev-manual: Added section for devtool modify flow
1eecaea dev-manual, mega-manual: Added new figure for devtool modify flow
9582da6 dev-manual: Edits to the devtool-add section.
740369f dev-manual, mega-manual: Updated the devtool add flow figure
a848e9f dev-manual, mega-manual: Updated the workflow layer content figure.
34e08b3 dev-manual: Added new "writernotes" style.
17a21e6 Makefile, dev-manual, mega-manual: Added new figure support
d346c35 dev-manual: Applied review comments to devshell section.
3b41049 ref-manual, dev-manual: Clarifying "native" and "sdknative"
a1970eb dev-manual: Updated devshell section.
a58cde0 toaster-manual: Updated how manage.py createsuperuser command is run
c5b4f69 ref-manual, dev-manual: Clarification of "native" and "sdknative"
952bcc7 toaster-manual: Removed prompts for json file.
34c75fa ref-manual: Updated the S variable description with feedback
2b2ced0 ref-manual: Updated the staging.bbclass description
b9dddd5 ref-manual: Updated the S variable description.
41e9f7c dev-manual, ref-manual: Updated licensing text information.
5066fbc ref-manual: Added order information for conf file parsing.
ad6b2f2 toaster-manual: Removed typo - double "allow" words.
c8c533e ref-manual: Updated the do_populate_sysroot task.
2a3942b dev-manual: Updated section on adding license text.
77b3d06 ref-manual: Updated the S variable entry in the glossary.
a1a4808 toaster-manual: Applied a patch to weed out build mode (modes).
353b755 bitbake: bitbake-user-manual: Added expand() function to list.
638ad17 bitbake: bitbake-user-manual: Added note for Python variable ref expansion.
da22add bitbake: bitbake-user-manual: Enhance environment variable discussion.
f11de9d e2fsprogs: do not enable non-stable features by default
b04280a sdk_update.py: Enable local sdk-update tests
14dd07c sdk.py: Fix undefined variable
c12e919 eudev: recipe formatting improvements
73a43fc openssl: Security fix Drown via 1.0.2g update
ed14aef layer.conf: Update after replacement of udev with eudev
e72233a bootimg: set default value for LABELS variable
4eaef67 sanity: Do not mistake meta-yocto-bsp for meta-yocto
86759de sanity.bbclass: remove conflict checking for image vm and live
bb1c719 syslinux.bbclass: make vm and live can be built together
5c5c13d recipetool: create: add basic support for new npm fetcher/class
2be37a9 recipetool: create: add basic support for generating linux kernel recipes
5cf15ff recipetool: create: add support for out-of-tree kernel modules
937ecd0 bitbake: toaster: cleanup of bin/toaster startup code
a7d1b95 bitbake: ui: remove the puccho ui
a9dc72f bitbake: hob: removal of hob ui and associated ui files
27468db bitbake: fetch2/npm: Add missing ParameterError import
44e3461 bitbake: npm: in cases where shrinkwrap resolved a git URL, ignore it and grab dist.tarball
2a73181 bitbake: fetch2: Fix unpack for absolute file urls
865d2fe bitbake: fetch2: fixes copying of file://dir; subdir=foo, bug 6128 and bug 6129
fb437d3 meta-yocto-bsp: bump to linux-yocto 4.4 for the non-x86 BSPs
fbedac4 maintainers.inc: Add new eudev package and change maintainership for udev
0138874 gcc: Add support for atomic opertions (libitm) where available
70153b4 classes/externalsrc: fix symlinking if symlink exists pointing to another path
eac4061 populate_sdk_ext: Only write LCONF_VERSION to bblayers if it is set
c366343 automake: don't delete .pyc files
d6e63be cracklib: fix Python packaging
a005d25 populate_sdk_base: handle empty SDK_PACKAGING_FUNC
ec3be9f linux-yocto/4.4: update to 4.4.3
6ed16ff linux-yocto/4.1: iwlwifi: mvm: don't allow sched scans without matches to be started
2497e80 linux-yocto/4.4: update to -stable 4.4.2
aa2c1f7 linux-yocto: braswell: Remove feature and move DRM_I915_PRELIMINARY_HW_SUPPORT option
702701d linux-yocto/4.4: yaffs2 build fixes
c2152b8 linux-yocto/4.1: update to 4.1.18
45d4cd7 linux-yocto/4.1: clkdev updates
79ecef6 linux-yocto/4.1: Galileo updates
5f61693 usbutils: Fix for new eudev implementation
c89b777 libgudev: Fix for new eudev implementation
3e5e540 eudev: Replaces udev with eudev for compatibility when using sysvinit on newer kernels
674e55f populate_sdk_ext: Delete the buildtools tar file after installation
d8acef2 libarchive: Set xattrs after setting times
431c1e1 combo-layer: handle empty commits during "init --history"
695cc45 classes/populate_sdk_ext: prepend to PATH rather than appending
b145480 classes/module: allow substitution of the modules_install target name
b03936c grub2.inc: drop bogus dependency on xz
7328765 grub2.inc: avoid passing -isystem to native builds
576587d grub2.inc: dont export TARGET_CFLAGS etc to grub2 configure
97a3322 harfbuzz: update 1.2.1 -> 1.2.3
edf93a0 gstreamer1.0-plugins-bad.inc: limit ARM_INSTRUCTION_SET over-rides to armv4/armv5
89140b0 dhcp: CVE-2015-8605
6ccd8cd sato/images: Add ptest image
f38debb layer.conf: Whitelist cantarell-fonts fontconfig dependency
b307937 pango: make ${PN}-ptest RDEPENDS on cantarell-fonts
0c80f29 cantarell-fonts: Add recipe
4006a7f sanity: Fix int verses string reference
2e27c4b bitbake: fetch2/npm: Enable fetcher
1c060d7 pseudo: Increase number of retries
030d920 bitbake: providers: Fix PREFERRED_VERSION lookup for '_' in PN
c679a3d bitbake: fetch2: Skip lockfiles and donestamps for local files
d01042e bitbake: fetch2/__init__.py: Error if lockfile path invalid
ab7b7bf bitbake: fetch2/__init__: Fix decodeurl to better handle urls without paths
06b4d8f bitbake: fetch2/wget: Set localfile for directories
8d7e799 genericx86-common: Update PREFERRED_VERSION_linux-yocto to 4.4
65d6a62 gstreamer1.0-plugins-bad.inc: enable webp PACKAGECONFIG by default
cd00748 gettext: Delete libintl.la file from install
b33efa9 systemctl: handle RequiredBy dependencies
8caa592 ffmpeg: add bzlib, lzma and xv PACKAGECONFIGs
0011760 rootfs-postcommands: fix ssh_allow_empty_password checking
96f5f89 musl: Add linux-libc-headers to deps
3354878 mesa: Fix build on musl
7651342 dosfstools_2.11: fix build following removal of -e from EXTRA_OEMAKE
6c8abea uclibc support for rng-tools
c7e5a38 oeqa/sdkext: Add sdk_update.SDKUpdateTest class.
738bd1a classes/testsdk: Pass tcname to SDK and SDKExt contexts
2a410b2 classes/testsdk: Move the removal of bitbake PATH to eSDK context only
eb1f8b9 classes/testsdk: Move code for avoid PATHs to oeqa.utils
55d4849 gstreamer1.0-plugins-XXX: control orc PACKAGECONFIG via GSTREAMER_ORC
083c63d boost.inc: fix BJAM_OPTS --build-dir option
f4e17c6 shared-mime-info: update to 1.6
4ffdfdf vala: update to 0.30.1
f53f374 python-git: update to 1.0.2
ec73437 pax-utils: update to 1.1.5
447ddb9 nettle: update to 3.2
26a3d25 ncurses: update to revision 20160213
dc42d30 libdrm: update to 2.4.67
0296e0a gtk+3: update to 3.18.8
e08ad62 gtk-icon-utils-native: update to 3.18.8
9daf153 git: update to 2.7.2
927dfaf gnupg: update to 2.1.11
2c39358 clutter-gst-3.0: update to 3.0.16
b8a1e59 ccache: update to 3.2.4
4d4aa1f libsolv: update to 0.6.19
8c2e420 ffmpeg: update to 3.0
afce247 nspr: update to 4.12
b19dbe5 pcmanfm: update to 1.2.4
6b41608 libfm: update to 1.2.4
325a9d3 epiphany: update to 3.18.4
d4da534 wic: don't throw away our created swap partition
5f82d17 automake: set test-driver path relative to top_builddir
b41862d uninative-tarball: respect SDKMACHINE when building
4d1c14f boost.inc: enable more verbose build logs
7f84ad0 gstreamer1.0-plugins-XXX: move inherit gettext into common .inc file
2ce48e6 gstreamer1.0.inc: add explicit PACKAGECONFIG init
935d88a gstreamer1.0-libav: move LIBAV_EXTRA_CONFIGURE_COMMON_ARG into .inc
3a8ff19 gstreamer1.0-libav_git: add --ranlib option to LIBAV_EXTRA_CONFIGURE_COMMON_ARG
b8bdb99 boost.inc: limit ARM_INSTRUCTION_SET over-rides to armv4/armv5
9ca8f30 populate_sdk_ext: Add images to SDK_INSTALL_TARGETS
07dc765 boot-directdisk.bbclass: drop IS_VM chechking
a87574c image-live/boot-directdisk.bbclass: remove AUTO_SYSLINUXCFG
76eb815 testimage.bbclass: reuse generic test suites
6571a84 testimage.bbclass: add generic, image test suites
8c45747 gconf: remove redundant dependencies
a74c389 gtk-doc-stub: don't inherit autotools
2269f90 os-release: sanitise VERSION_ID field
9d86b26 apr-util: add ldap crypto and sqlite3 to PACKAGECONFIG
d8d2f57 apr-util: fix loadable module packaging
77cfa2b glibc.inc: improve optimisation level sanity checking
04c4719 rsync: add native variant
2c20fe4 core-tools-profile: add lttng tools for aarch64
8a0b997 lttng-ust: add support for aarch64_be
6081c35 liburcu: add support for aarch64_be
07a3c71 harfbuzz: add explicit dependency on fontconfig
73cc8b8 harfbuzz: update 1.2.0 -> 1.2.1
bb151b8 fontconfig: Don't add font directories from host
e9f5134 musl: Upgrade to 1.1.14
bf4d380 oe-selftest: devtool: add an additional test for devtool upgrade
4bae2f2 oe-selftest: devtool: rework devtool upgrade test
10290f2 devtool: upgrade: print new recipe name
5cd3be3 devtool: upgrade: drop PR on upgrade
e6f684b devtool: upgrade: eliminate unnecessary datastore copy
860574e devtool: upgrade: fix several issues with extraction of new source
66a781c devtool: upgrade: fix constructing new branch from tarball releases
d30cc76 devtool: upgrade: fix renaming of recipe if PV is not in name
75eeeab devtool: upgrade: fix moving version-specific files directory
81ebb0b devtool: upgrade: fix version argument checking
e953b57 devtool: upgrade: drop superfluous call to validate_pn
492b1eb devtool: upgrade: make source tree path optional
942ae25 devtool: modify: fix source tree default name when mapping virtuals
e2334e1 devtool: add: tweak auto-determining name failure message
55ae566 uninative.bbclass: if the loader can't be found disable instead of failing
50b8740 uninative: use check_output instead of Popen directly
4495e8b lib/oe/qa: add explicit exception for 'file isn't an ELF'
4553bb1 libdrm: fix build with uclibc
4e5a871 strace: fix ptest execution
e8e0489 clutter-1.0: Fix confgure test errors found by clang
b748f40 oeqa/parselogs: Updated whitelist
4b32351 buildstats.bbclass: Don't assume /proc/<pid>/io present
07e1f10 sysvinit-inittab: Move start_getty scrip to base_bindir.
8d07e14 oeqa/selftest/prservice: Added new TC: check pr-server starts and stop correctly on localhost.
d2a563c oe-selftest: Add support for lib/oeqa/selftest subdirectories
7f58b92 musl: Upgrade to 1.1.14
73bf792 devtool: update-recipe: create config fragment
2fbd1d7 devtool: sync: update kernel config
26f951b git: fix installed-vs-shipped QA Issue
033db24 btrfs-tools: fix symlink creation multiple times
9af773f bison/gettext: add --with-bisonlocaledir to assign BISON_LOCALEDIR
b14e2ae gcc: use relative path for configure script
1f00fb2 depmodwrapper-cross: nopackages to avoid QA [buildpaths] issue
00a6f5a oeqa/utils: added new network module
3f7aa6f scripts/oe-selftest: Use site.USER_SITE to run coverage configuration code for sub-process
1c6c76e scripts/oe-selftest: Add filtering to the coverage data gathered by oe-selftest
4a21827 oeqa/selftest/signing: Added test for locked signatures
604dc1c package: check inherit instead of PN to decide if a recipe is a packagegroup
b4df005 tune-cortexa9.inc: add vfpv3 tunes
889a5cc mirrors/own-mirrors/sanity: Updates after npm fetcher addition
28d17cf npm.bbclass: Add npm class to match fetcher
bc5a1d1 base: Add nodejs-native dependency for npm:// urls
9d5483c meta-yocto: Rename to meta-poky to better match its purpose
ab3a718 adt-installer: Drop since its replaced by the extensible SDK
c1c6a9d sanity: Improve configuration upgrade capabilities (support meta-yocto -> poky transition)
2587101 image: Run do_rootfs_wicenv after do_image
e0fd964 bitbake: toaster: change 'delete layer' to 'remove layer'
6e82820 bitbake: toaster: rename 'run again' button
c8dd72c bitbake: toaster: fix banner after customimage package add
149f574 bitbake: toaster: custom breadcrumb for the default project
4a12865 bitbake: prserv: Add dump_db()
bdb51ab bitbake: toaster: remove custom images from Image Recipes
98d462c bitbake: toaster: show suffix for image files and basename for artifact files
88b5660 bitbake: toaster: add missing link to image recipe details
25b179d bitbake: toaster: adjust the search field width
a97081b bitbake: toaster: make 'configuration' the first tab
e1fc319 bitbake: toaster: link to configuration in all breadcrumbs
df2808f bitbake: toaster: reduce max height of modal dialogs
6c51f08 bitbake: toaster: disable add layer button on click
d4a663a bitbake: toaster: apply error class to name field
48f0ae2 bitbake: toaster: fix custom image name form
07eb4f2 bitbake: toaster: comment out project release change
12ade9b bitbake: fetch2/npm: Add mirroring support for npm fetcher
ca5b6d6 bitbake: fetch2/npm: Add npm fetcher
813bd1f bitbake: utils.py: Add sha1_file call
7bb9e8d signing-keys: Make signing keys the only publisher of keys
64ab17b systemd: Upgrade to 229
44248af harfbuzz: update to version 1.2.0
f4f5573 perf: add sysroot handling to subcmd
7a95c2c oeqa/selftest/buildoptions: build -minimal instead of -sato images
2980ac0 bitbake.conf: add findutils-native to ASSUME_PROVIDED
2e152ff findutils: upgrade to 4.6.0
951ce18 mesa: add missing space to RRECOMMENDS append
2305610 uclibc: Do not use immediate expansion operator
aab3900 security_flags: Disable ssp when compiling uclibc
afb954e rpm: fix building rpm 5 with internal beecrypt
069cdbe alsa-lib: topology: Add missing include sys/stat.h
b879aed libsdl2: Fix patch after upgrade
3d4f71d gstreamer1.0-libav_git: update 1.7.1 -> 1.7.2
9d83a3e gstreamer1.0-plugins-ugly_git: update 1.7.1 -> 1.7.2
6456a6f gstreamer1.0-plugins-bad_git: update 1.7.1 -> 1.7.2
821498f gstreamer1.0-plugins-good_git: update 1.7.1 -> 1.7.2
04e77c1 gstreamer1.0-plugins-base_git: update 1.7.1 -> 1.7.2
e67c91d gstreamer1.0_git: update 1.7.1 -> 1.7.2
ea8c34e libnewt: Fix build with PIE flags
66a833a pseudo: Fix build when security flags are enabled
91a1baa glibc: Upgrade to 2.23
c1f9507 no-static-libs: remove eglinfo
0ab67d6 freetype: use autotools instead of a manual do_configure
4883ccc classes/populate_sdk_ext: add a better config extension mechanism
524ee08 recipetool: create: improve CMake package mapping
7b6e5b0 recipetool: create: add additional extension mechanisms
b2d4472 devtool: modify: tweak help description for behaviour change
a8e0e5e devtool: deploy-target: preserve existing files
2059a34 devtool: undeploy-target: support undeploying all recipes
b95c72c devtool: deploy-target: write deployed files list to target
62989ef devtool: sdk-update: tweak command-line handling of updateserver
cada5a8 devtool: (un)deploy-target: add help descriptions
6bd88e6 scripts/lib/argparse_oe: tweak title above options
32ef523 devtool: categorise and order subcommands in help output
9f7df76 devtool: update-recipe: don't show workspace recipe warning if no update
51972ed devtool: reset: fix preserving patches/other files next to recipes
e54f9c1 devtool / recipetool: use common code for launching editor
dd35f69 devtool: minor fix for error message
41242a2 staging.bbclass: remove trail slash from SYSROOT_DESTDIR
aeb8964 terminal.bbclass: import oe.terminal for oe.terminal.prioritized()
bee556a recipe_sanity.bbclass: skip DataSmart in recipe_sanity_eh()
2d293bd image.bbclass: fix circular dependency when IMAGE_FSTYPES append hddimg
a332360 toolchain-scripts.bbclass: add three other path to PATH in env.sh
4d2910f libsoup-2.4: disable libsoup-gnome by default
619f6c6 libsoup-2.4: prevent PACKAGECONFIG dependant package renaming
13e726f libsoup-2.4: minor formatting improvements
dd0ef3c populate_sdk_ext.bbclass: Add SDK_RECRDEP_TASKS variable
4c5c40d devtool: Don't recursively look for .devtoolbase in --basepath
0220180 populate_sdk_ext: Don't ignore SDK_TARGETS value
8c0ba8d bitbake: toaster: toastergui Fix invalid char test and implementation
913e9b1 bitbake: toaster: PackagesTable show only installed packages
94bca58 bitbake: toaster: toastergui unit tests convert to use fixtures
8796ac8 bitbake: toaster: SoftwareRecipesTable apply default order_by
8469e58 bitbake: toaster: orm migrations Sort out migrations mess
78b6109 cml1/sstate: Fix missing getVar parameter
7e19f88 linux-yocto/4.1: capabilities backports
54bfbcc waf.bbclass: Remove --disable-static from EXTRA_OECONF
51fc304 gcc-5.3: backport fix for PR-target-65358
ed20c6c epiphany: Add libxml2-native to DEPENDS
2021f63 libsdl2: update to 2.0.4
947b3bf cmake: Update to 3.4.3.
4699483 sstate.bbclass: use oe.gpg_sign for gpg signing
db7c7c2 oe/gpg_sign: add 'passphrase' argument to detach_sign method
e845b75 sign_rpm.bbclass: do not store key details in signer instance
d5be866 oe/gpg_sign: add 'armor' argument to detach_sign()
03554b7 oe/gpg_sign: add verify() method
af7e516 ruby: break out ri-docs and rdoc into separate packages
8bcf139 insane.bbclass: print more info for build-deps and file-rdeps
5f3dfea curl: re-enable proxy support by default
1f61888 libtool: Don't hardcode grep paths
a3b996a cml1.bbclass: fix do_menuconfig
91bfe50 cups: upgrade to 2.1.3
eeac0a9 coreutils: upgrade to 8.25
01dc859 findutils: upgrade to 4.5.19
bf7d5f6 diffstat: upgrade to 1.61
247f3b4 grep: upgrade to 2.23
4e5e501 bitbake: data_smart: Drop default expand=False to getVarFlag [API change]
c7610aa bitbake: data_smart: Drop default expand=False to getVar [API change]
4f0ab27 bitbake: SignatureGeneratorBasic: make checksum cache file configurable
0cdf193 bitbake: MultiProcessCache: make cache filename configurable
ca552bb bitbake: FileChecksumCache: add get_checksums() method
8f61f2d bitbake: bb/runqueue: save task file dependency cache onto disk
5177b1e bitbake: SignatureGenerator: add method for saving the file checksum cache
97617fd bitbake: bb/cache: drop some unused arguments
5a87d8c bitbake: Allow Hob to run images on a custom simulator, other than qemu
7fc38ea gma500-gfx-check: Fixes infinite calling to modprobe gma500_gfx
be7b52a pulseaudio: 6.0 -> 8.0
c52b8f6 alsa-plugins: 1.0.29 -> 1.1.0
a231a4e alsa-utils: 1.0.29 -> 1.1.0
1adbb73 alsa-tools: 1.0.29 -> 1.1.0
3a82e2e avahi: update to version 0.6.32
14daeb5 no-static-libs.inc: Add libcap-native
c001863 libsdl2: Fix build with static libraries disabled
a46dc87 uboot-inc: Backport patch to fix Beaglebone Black bootloader
c7355b9 busybox: drop patches that are not valid anymore
47d0119 pcmciautils: Update SRC_URI
f37ac5b debianutils: Upgrade 4.5.1 -> 4.7
adfcaf2 busybox: Add musl config for _git recipe
46824dc debianutils: Fix SRC_URI to use debian snapshot
3df8701 nfs-utils: bugfix: adjust name of statd service unit
c15bf55 musl: Upgrade to 1.1.13+
07e7879 dpkg: Update to 1.18.4
5794b56 glew: upgrade to 1.13.0.
aea0746 glew: rewrite to use upstream build system
0b1c324 socat: Fix build with musl
04c6a48 binutils: Fix useless rpaths QA warning
eb6d14e image/populate_sdk: seprate variables to fix dependency
c9e5e34 gcc: Backport nios2 r31 fix
012460d sqlite3: update 3.10.2 -> 3.11.0
f770a6e insane: wrap autotools checks in inherits_class(autotools) checks
35011d9 cmake: don't inherit autotools
9cd64ed oeqa/selftest/bbtests: Test bitbake --setscene-only option
7e5b451 glew: don't put our CFLAGS into the pkgconfig file
b1145cc dbus: update large file patch
fad63e3 coreutils: fix problem with acl for 6.9 version
351039f gcc-4.9/5.3: Ignore -fdebug-prefix-map in producer string
7a11650 bitbake.conf: use target path as compile dir in debugging info
ef30119 glibc: Security fix CVE-2015-7547
c834ebc glibc: CVE-2015-8776
842177a glibc: CVE-2015-9761
efa1ae5 glibc: CVE-2015-8779
aefe1fa glibc: CVE-2015-8777.patch
152914f oeqa/parselogs: Whitelist dmi firmware failure message in 4.4 kernels
683ea31 rng-tools: Fix underquoted m4 and libgcrypt floating dependency
7a700f5 lib/qa.py: raise ValueError if file isn't an ELF
334e1b5 lib/oe/qa: ELFFile: check that a path is a file before opening it
11359e9 rng-tools: fix the build with musl
a258589 bitbake: bb.ui.knotty: prefix task messages with recipe/task
4bf8b21 bitbake: Move bb.{debug,note,..} into their own logging domain
3b35de3 layer.conf: Add gstreamer1.0-meta-base to SIGGEN_EXCLUDERECIPES_ABISAFE
14e9385 sstate: Add ca-certificates-native to postinst recipes list
73e53e4 nss: define RPATH variable for nss-native
6e4e9f7 Revert "lsbinitscripts: fix the path for mountpoint"
6db39e1 libunwind: Fix build on ppc
47896a7 dbus-glib: 0.104 -> 0.106
93d8fc1 conf/no-static-libs: add explicit rule for libical
637b44c runtime/systemd: Fix for boot time string parse error
ef5b8b4 security_flags: Add SECURITY_CFLAGS to TARGET_CC_ARCH for binutils
1387785 binutils: Use tip of 2.26 branch
da13f0b buildhistory.bbclass: remove out-dated information on request
a56da4a Remove obsolete references to exmap
8b21720 bitbake: knotty: Set exit failure code on runQueueTaskFailed events
a9223e2 bitbake: taskdata: Fix traceback issue with missing provider
7593756 bitbake: cooker: Improve cache handling
9cb38c1 poky: Disable static libs by default
f852014 bitbake.conf: Remove unhelpful default value for EXTRA_OEMAKE
b050c50 apmd: fix build with static libraries disabled
d585a71 oeqa: Update to handle domain specific references in build logs
9300749 libpng12: Handle no static libs
67ea65e ed_0.5: Handle --disable-static option
438d6d6 conf/distro/include: Add no-static-libs.inc
2eb19cc classes/buildhistory: fix for python function parsing change
1a3204c valgrind: Fix build with musl
e8b0da1 rpm: Fix build with musl
48144e0 gstreamer1.0-meta-base: Mark as machine specific due to COMBINED_FEATURES
ff8ca89 gdb-cross-canadian: Add missing virtual/* DEPENDS
120a160 e2fsprogs: Update to upstream version of a patch
5394ada gdb: Rationalise PACKAGECONFIG
ce0f8ab insane: Add --disable-static to UNKNOWN_CONFIGURE_WHITELIST
94abdb2 linux-yocto: Work around PAT issue on qemux86
6fb493a libgcrypt: update 1.6.4 -> 1.6.5
bf9ad22 musl: Upgrade to tip of tree
5d156bc oe-selftest: don't use specific tasks
80e8928 oe-selftest: pylinted wic tests
9b6dc9b wic-image-minimal: use uuid for root partition
ab7cb65 wic: fix processing of --use-uuid
51e0a8a oe-selftest: add new wic testcase
2100f82 wic-image-minimal: update .wks to boot by qemu
4b26601 wic-image-minimal: change IMAGE_FSTYPES
f799e21 oeqa/targetcontrol: support wic image type
7066f16 oeqa/targetcontrol: make ssh control optional
0ade658 qemurunner: add parameter to method 'start'
d083fec oe-selftest: remove unused parameter
c26a9c3 runqemu: support path/to/<image>-<machine>.wic
c7f0578 runqemu: don't set KERNEL for wic images
2c3a009 runqemu: add support for wic images
64d2f13 scripts/sstate-cache-management.sh: Change wording
6740dd5 qemu.inc: Add rng-tools to qemu images
ce3df21 rng-tools: Import recipe from meta-openembedded
36b43b2 lib/oe/terminal: set workdir for konsole terminal
03e1950 mmc-utils: upgrade to latest git version
b5b8003 ltp: Upgrade to 20160126 and fix build on musl
f6b3957 initscripts: start urandom after populate-volatiles
85ac8eb initscripts: populate-volatiles.sh: add mount-bind feature
be5b72c libdrm: don't detect components that have been disabled
5fc5996 buildhistory: Fix regex to handle versions without spaces
7c3d4c0 debian: Fix superfluous setting for RPROVIDES
2eba066 autotools: Fix interaction with bitbake -b
9c8fee9 autotools: Correct dependency search logic error
971fafb maintainers.inc: include libjpeg-turbo and mmc-utils
4e0b334 scripts/runqemu-internal: Work around qemux86 PAT bugs in linux 4.4.1
283a302 sanity: Bump minimum version to 1.29.0
1c2d632 bitbake: Bump version post release to 1.29.0
a12dcc4 base.bbclass: fix support for gitsm://
bc72f64 linux-yocto: Update SRCREV for genericx86* for 4.4
be89a1d linux-yocto: Update SRCREV for genericx86* for 4.1
4a8d20a poky: update qemu* to prefer 4.4 kernel
d255f4f linux-yocto/4.1: galileo backports and support
fdcb373 linux-yocto/4.1: update to v4.1.17
5688cab linux-yocto/4.4: update to v4.4.1
f9f93ae bitbake: cooker: gracefully shutdown parsers
1f7f077 bitbake: buildinfohelper: unset brbe variable when build finishes
9a6cb10 nativesdk-buildtools-perl-dummy.bb: Fix variable expansion in python code
5e978d7 classes/testsdk: do_testsdkext avoid STAGING_DIR/BASE_WORKDIR in PATH
f56e9aa freetype: update 2.6.2 -> 2.6.3
1ba1aa3 freetype: minor formatting improvements
0d5e611 piglit: upgrade SRCREV
72c6b62 libbsd: Security fix and update 0.8.2
78be954 gstreamer1.0-plugins-bad_git: fix gst_structure_get() etc compiler warnings
fdd8979 gstreamer1.0-plugins-good_git: fix gst_structure_get() compiler warning
a23a50e python-setuptools: Add python-compile on RDEPENDS
914ff14 qemu: Security fix CVE-2016-2198
0938353 qemu: Security fix CVE-2016-2197
1f3e1d1 curl: add PACKAGECONFIG options for less common / legacy protocols
19045ba toaster: tests Remove symlinks from toasteruitest folder
738a9b7 classes/sanity: check_perl_modules provide output when fail
e64ce73 oe-selftest: devtool: add another devtool add test
a5095d1 recipetool: create: set S when we set SRC_URI from local git repo
ca5a36c recipetool: create: convert http git URLs that don't end in .git but contain /git/
4c71afb recipetool: create: ensure URL parameters don't make it into the name
86f3464 devtool: add: fix adding from a local source directory
fa50153 devtool: modify: make -x the default behaviour
f767757 recipetool: create: determine name/version from github/bitbucket URLs
d94c7e3 recipetool: create: support cmake find_library directive
ddfe744 devtool: commit for extra tasks that modify source when extracting
e36cb6c classes/externalsrc: create symlinks for workdir and logs
20034c3 classes/externalsrc: disable rm_work when active
c38f253 uninative.bbclass: capture stdout/err from patchelf-uninative
9065222 db: update HOMEPAGE
f0d5478 mdadm: update to version 3.4
79d5041 iproute2: update to version 4.4.0
21e3b2a image_types_uboot: add cpio.gz.uboot to supported IMAGE_TYPES
6fab5fc recipetool.newappend: add -e/--edit argument
252f97e liburcu: Add nios2 support
e72ab70 strace: Fix build for arc, metag, nios2, or1k, tile
691277f udhcpc: specify full path for ip command calls
f141f0b alsa-lib: avoid including <sys/poll.h> directly
a1ad3d0 oprofile: Add nios2 support
fd7dd07 nspr: Add nios2 support
954dc45 guile: Fix nios2 support
611e3d8 binutils: Repair nios2 PLT and GP handling
027eac5 gstreamer1.0-meta-base: make gstreamer1.0-plugins-base-alsa conditional
056d82c curl: drop obsolete pkgconfig_fix.patch
0e62f01 iproute2: update to version 4.4.0
216e618 quota: update to version 4.03
25d2956 oeqa/selftest/sstatetests.py: check that PARALLEL_MAKE doesn't change signatures
2966016 bitbake.conf: remove unused ALLOWED_FLAGS
3bdeda5 libproxy: remove GPLv3 logic and spurious exports
86994fd libproxy: add PACKAGECONFIG control for gnome3
033d754 libproxy: replace PACKAGECONFIG equivalent with the real thing
e65a29e openssh: Properly skip ptrace test if tools are missing
e1a1e0b openssh: Fix regex that sets sftp-server path for tests
d7faf67 insane.bbclass: Support MicroBlaze with musl
9937c93 hdparm: Explicitly set EXTRA_OEMAKE as required
7475c4c qemu: Security fix CVE-2016-1568
4857511 xserver-xorg: Add PACKAGECONFIG for crypto libraries
34798fa mesa: upgrade 10.6.3 -> 11.1.1
7edea7c initrdscripts: fix mmc device as install target
c3ef2bb libsoup-2.4: Remove unnecessary gnutls dependency
04454b2 wpa-supplicant: Only depend on libgcrypt when needed
4de0ee6 systemd: Don't depend on gcrypt unnecessarily
0da96bf buildstats.bbclass: remove dead URL from comment
326592d Remove obsolete references to exmap
a0cc1c3 curl: update 7.47.0 -> 7.47.1
a0d3eb9 sign_package_feed.bbclass: fix task dependencies
8cb1e83 oe/gpg_sign: fix incorrect variable name
902a68f meta/conf/layer.conf: adapt to more flexible initramfs-framework RDEPENDS
5b2b343 tune-corei7.inc: tell qemu to emulate a matching processor
5b70ee4 pixz: fix upstream version check
62a6f97 webkitgtk: update to 2.10.7
1cd6912 libwnck3: update to 3.14.1
e53eef9 iso-codes: update to 3.65
30cf8aa bash-completion: fix upstream version check
8098256 gstreamer1.0: fix upstream check for unstable versions from git
c24b0ab ffmpeg: update to 2.8.6
9237097 python: merge python-elementtree into python-xml
5ac4172 piglit: add missing dependency on python-xml
4d3ca42 systemd: tighten timesyncd and journal-gateway user accounts
6be3031 systemd: extend PACKAGECONFIG flags
85728ec systemd: rename systemd-zsh to systemd-zsh-completion
22a2866 systemd: move some tools into systemd-extra-utils package
9909104 classes/useradd: handle whitespace only USERADD/GROUPADD/GROUPMEMS
e485686 systemd: realign packages list
41d0f83 systemd: move bash completion into separate package
9a80afd nettle.inc: drop duplicate LIC_FILES_CHKSUM and SRC_URI hashes
72ec267 gdb: drop unnecessary CC_FOR_BUILD etc exports
00d6b67 gdb: build fix for MIPS + musl libc
40e4e8c strace: build fix for MIPS + musl libc
299b426 uclibc: fetch from master branch not 1.0
4ac4d28 uclibc-ng: Bump up to 1.0.12 release
70bfd4c musl: Upgrade to tip of tree
d1496b4 e2fsprogs: Fix multiple xattr handling
9d4b526 cdrtools-native: Explicitly set EXTRA_OEMAKE as required
864797a oeqa/prservice: Fix whitespace problem
7cd8351 pseudo: uprev to 1.7.5
246b02e ptest-runner: Explicitly set EXTRA_OEMAKE as required
7932525 unzip: Explicitly set EXTRA_OEMAKE as required
4ef055c sysklogd: Explicitly set EXTRA_OEMAKE as required
625066b stat: Explicitly set EXTRA_OEMAKE as required
07e81c8 pigz: Explicitly set EXTRA_OEMAKE as required
936223b iputils: Explicitly set EXTRA_OEMAKE as required
1e3fdbb ed: Explicitly set EXTRA_OEMAKE as required
ef36b6f gptfdisk: Explicitly set EXTRA_OEMAKE as required
59ee206 dmidecode: Explicitly set EXTRA_OEMAKE as required
d17758a libacpi: Explicitly set EXTRA_OEMAKE as required
44e8d0f apmd: Explicitly set EXTRA_OEMAKE as required
961d898 perl: Explicitly set EXTRA_OEMAKE as required
ecb9c34 oeqa: Improve test failure messages
ae2f3a3 sstate: Ensure populate_lic sstate objects are cleaned
26f26e5 package_deb: Ensure allarch deb packages aren't target specific
b3a2065 base: Make do_cleansstate nostamp
37357ab classes/testimage: Fix exportTests function.
f895a61 classes/testsdk: Add help information on how to run tests.
e22fbce oeqa/sdkext/devtool.py: Add location test to ensure that devtool is the eSDK one.
92d0cc5 oeqa/sdkext: Add devtool basic tests for eSDK.
a619ea2 oeqa/oetest: Fix compatibility SDK tests using eSDK.
062dbd6 classes/populate_sdk_ext: Add SDK_EXT_TARGET_MANIFEST and SDK_EXT_HOST_MANIFEST
4cfdf17 testsdkext: Add skeleton for support Extensible SDK tests.
5580d7b classes/testsdk: Add compatibility SDK testsuite to eSDK
7181da7 oeqa/oetest: oeSDKTest when run a command redirect env output to null
f3c2ce2 classes/testsdk: Add function run_test_context
3577c35 oetest.py/TestContext: Move loadTests and runTests inside it.
8009418 testimage/testsdk: Move get test suites routine inside TestContext.
b588b80 testimage/testsdk: Modularize TestContext.
59791d1 toolchain-shar-extract.sh: Add proxy variable to new env.
abd8158 classes/testsdk: Add call to export_proxies on testsdkext.
42f2ac4 classes/testsdk: Add testsdkext task only install.
90590ab get_test_suites: Add sdkext type for load test suites.
2ecc319 populate_sdk_ext: Set TOOLCHAINEXT_OUTPUTNAME.
7b459be classes/testimage: Add defeault inherit for testsdk.
24326a9 classes/testsdk: Add new class testsdk.
3d1d30b testimage: Modularize helper functions for get test lists.
8b5ee36 bitbake.conf/base: Improve handling of SRCPV
947e526 oeqa: setup bitbake logger after tinfoil.shutdown
400f530 bitbake: build: Improve python execution tracebacks
aece748 bitbake: build/data: Don't expand python functions before execution [API change]
e39cfb1 bitbake: cooker: Don't expand python functions in variable dumps
f652b6b bitbake: data: Don't expand python functions for variable dependencies
d3e0c44 bitbake: data_smart: Avoid expanding anonymous python functions
e0eb2ea bitbake: toaster: models Remove manual transaction control from lsupdates
48622e1 bitbake: toaster: build section Improve display of builds when > 1 targets
4d0ba0f bitbake: toaster: templates make build data breadcrumb consistent
99184d7 bitbake: BBHandler/ast: Merge handMethod and handleMethodFlags
6ba69b4 bitbake: utils: Drop datastore function inspection during exception
f8a44b1 bitbake: cooker: extended dot styling
30c132b bitbake: toaster: Enable Image Customisation feature
5e14a8f bitbake: toaster: xhr_customrecipe_packages Add dependencies to included packages
749f5a6 bitbake: toaster: orm generate_recipe_content only exclude locale packages
6269411 bitbake: toaster: customrecipe page Add last successful build link and conditionals
8d5b61e bitbake: toaster: models Add update_package_list for CustomImageRecipe
86db0bd bitbake: toaster: orm Add last_updated field to CustomImageRecipe
18d8b17 bitbake: toaster: models add get_last_successful_built_target method
8885b7b bitbake: toaster: pkg_dependencies_popover just show direct dependencies
40f6eff bitbake: toaster: models add all_depends method for Package_DependencyManager
a8ab1c6 bitbake: toaster: buildinfohelper CustomImagePackage update dependency info
0fee829 bitbake: toaster: newcustomimage_modal add frontend name validation
cb6d290 bitbake: toaster: API CustomImageRecipe check the recipe name supplied is valid
5634a25 bitbake: toaster: views CustomRecipe API add size information to the package lists
6fbceb0 bitbake: toaster: models Invalidate ToasterTables cache when a m2m field changes
998f9af bitbake: toaster: customrecipe Add dependency tracking to package selection
9976e4f bitbake: toaster: tables move template logic into the pkg_add_rm_btn
d77c247 bitbake: toaster: CustomImageRecipe generate overwrite IMAGE_FEATURES
481dc11 bitbake: toaster: make locale packages uneditable in custom image page
a757d39 bitbake: toaster: include locale and packagegroup packages in custom image
baac458 bitbake: toaster: update custom image package table filters
efbffe3 bitbake: toaster: move recent builds query to model
b514785 bitbake: toaster: update customimagerecipe migration
df58f5b bitbake: toaster: add merge migration to resolve conflict
38f4913 bitbake: toaster: orm generate_recipe_file_contents Handler for require recipe
769017e bitbake: toaster: project builds Poll the server to get latest progress for build
971d65c bitbake: toaster: localhostbectrl Update the dirpath of customrecipe's base layer
6d9f342 bitbake: toaster: tables Check layer presence in project for customise_btn
76c0008 bitbake: toaster: toastergui tests Add addtional data to the setUp for new tables
70a078e bitbake: toaster: tables SelectPackagesTable rename recipe_id to custrecipeid
7e4c231 bitbake: toaster: toastergui tests Update package test to use CustomImagePackage
4b3c9d6 bitbake: toaster: customrecipe Add further front end features using new API
b213907 bitbake: toaster: xhr_customrecipe_packages add GET info for package response
a9668ee bitbake: toaster: xhr_customrecipe_id change to use CustomImagePackage
439314c bitbake: toaster: API allow CustomImageRecipe to be updated after creation
9ea4de6 bitbake: toaster: tables Change SelectPackagesTable to use ProjectPackage
20f400b bitbake: toaster: tables add recipe download link to CustomImagesTable
1c9ce1c bitbake: toaster: newcustomimage_modal use libtoaster method for new CustomRecipe
8b1d043 bitbake: toaster: libtoaster Add createCustomRecipe method
32048fa bitbake: toaster: orm Add convenience method to get all pkgs in a CustomImageRecipe
c80b7df bitbake: toaster: orm get_project_layer_versions to return layer_version objects
796e348 bitbake: toaster: toastergui tests Add unit test for download custom recipe
04d8c94 bitbake: toaster: toastergui tests Update to reflect changes to CustomImageRecipe
4e8a0aa bitbake: toaster: views xhr_customrecipe_packages clean up API
66b5608 bitbake: toaster: toastertable remove title from Show all in table
ce72896 bitbake: toaster: Add recipe details page
5f52614 bitbake: toaster: newcustomimage Move modal dialog out of newcustomimage template
2a3dd32 bitbake: toaster: Continue front end features to custom image recipe page.
d6e7e4a bitbake: toaster: tables Add table for Packages and update SelectPackagesTable
43f0a05 bitbake: toaster: views Add view to download custom recipe
2cf55af bitbake: toaster: move CustomImageRecipe generation to API entry point
c402ac2 bitbake: toaster: orm add CustomImageRecipe generate contents function
a6e4f94 bitbake: toaster: buildinfohelper Add the concept of CustomImagePackage
e1bfe1c bitbake: toaster: orm: Add db migration for new CustomImagePackage table
f760a78 bitbake: toaster: orm Add CustomImagePackage table
4117af2 bitbake: toaster: orm: Add db migration for new CustomImageRecipe inheritance change
1f10289 bitbake: toaster: orm make CustomImageRecipe inherit from Recipe
648753b bitbake: toaster: orm Add sum of dependencies size function to PackageDependencyManager
a92fc30 bitbake: toaster: tablejs Add an event handler to manually trigger a data reload
4c82878 bitbake: toaster: ToasterTables simplify filter function move common part to widget
3e1e8e6 bitbake: toaster: models fall back to a sensible string for no vcs reference
14d09c8 bitbake: toaster: localhostbecontroller CustomRecipe now base_recipe is Recipe
7d5d8d0 scripts/lib/bsp/engine: trailing whitespace cleanup
dfeda17 scripts/lib/bsp/engine: fix path separator
d482d84 maintainers: remove gtk-theme-torturer and gnome-mime-data
d0d85a4 bitbake: bb/fetch2: Move export_proxies function from wget to utils.
7226ce2 glibc-locale: fix QA warning
4a2f42f formfactor: add machconfig for Beaglebone
eb53c54 sstatetests: Fix after change to sstate populate_lic SWSPEC
a43b9ef gstreamer1.0-plugins-base: move freetype dependency into 1.6.3 recipe
fb4f05b gstreamer1.0-plugins-base_git: update to git master 1.7.1-79-g6414289
fc81c80 gstreamer1.0-plugins-bad_git: avoid including <sys/poll.h> directly
3f02474 gstreamer1.0-plugins-good_git: avoid including <sys/poll.h> directly
9b0a74a gstreamer1.0: avoid including <sys/poll.h> directly
f9e565e gmp_4.2.1: fix build for MIPS
6d570c8 gmp.inc: limit ARM_INSTRUCTION_SET over-rides to armv4/armv5
3aecdd9 gmp: move BBCLASSEXTEND = "native nativesdk" from gmp.inc into 6.1.0 recipe
263a65d gmp: move SRC_URI out of gmp.inc + minor reformatting
aacae25 image_types.bbclass: Embed IMAGE_NAME in ubinize config file
9c0d4ec toolchain-scripts: drop PYTHONHOME
6560f80 python: set PYTHONHOME for nativesdk
92ae4e2 gcc: musl related fixes for ppc/secure-plt and gthr
9e5222c gcc: Assume libssp and dl_iterate_phdr on musl
281bd41 security_flags: wipe security flags for gcc/glibc and related libraries
61a5875 security_flags: use -fstack-protector-strong
a07f2fd security_flags: ensure security flags only apply to target builds
8d57d1d gcc: Fix build on musl with -fstack-protector
eb134c6 isoimage-isohybrid.py: fix cpio working directory
8bedf76 glib-2.0: use the system libpcre
1ae132e libpcre: enable unicode properties by default
3adb8d5 python3: remove optimize by default patch
1df1ac9 security_flags.inc: don't do -pie for syslinux
562c75c neon: convert to PACKAGECONFIG
6228cf8 bitbake: toaster: reinstate ID on edit columns button
916c73d bitbake: cooker: shutdown cooker parser on shutdown
8857498 bitbake: fetch2/osc: Clean up old variable syntax
54da829 bitbake: fetch2/osc: Remove hardcoded url
c57ba52 cross-localedef-native: add ABI breaking glibc patch
0cc825f uninative: Improve error handling
576a248 patchelf: Add patch to handle large files
bbdbe00 package_manager.py: fix python indentation bug (opkg)
ea40a0b populate_sdk_ext: Make populate_sdk_ext depend on sdk_extra_conf
4f7656a populate_sdk_ext: Add support for a "minimal" type
71bb332 populate_sdk_ext: Don't set sdk_update_targets in the config
5b7a43e toolchain-scripts.bbclass: Use PYTHONPATH instead of PYTHONHOME
f1f8447 copy_buildsystem.py: Pass the nativelsb argument to gen-lockedsig-cache
b130805 gnome-mime-data: remove
12d5fa8 gtk-theme-torturer: remove from oe-core
659d755 openssl.inc: drop obsolete mtx-1 and mtx-2 over-rides
32b498c scripts/devtool: Add getVarFlag expand argument
ed5daa1 bitbake.conf/native/nativesdk: Set PKG_CONFIG_SYSTEM_ at top level
8fa2d52 pango: unset LDFLAGS when building gen_all_unicode
edfaa04 pango: merge bb and inc
00ccf51 e2fsprogs: Ensure we use the right mke2fs.conf when restoring from sstate
66a6ec2 nativesdk: Set PKG_CONFIG_SYSTEM_ variables
34e95b0 local.conf.sample.extended: Document HOW-TO enable systemd or busbox for init system
077d32e local.conf.sample: Remove trailing whitespaces
6ae662a bitbake: parse/ast: Mark anonymous functions as python functions
9913fd8 bitbake: codeparser: Improve handling of data.expand() dependencies
4628fe1 bitbake: lib/bb: Add expansion parameter to getVarFlag
b98866d bitbake: fetch2/gitsm: Fix when repository change submodules
390c2c1 bitbake: data_smart: Add missing expand parameter to getVar call
56454f6 bitbake: bitbake: prserv: do not clear umask when daemonizing
abf8a8f bitbake: bitbake: prserv: SIGTERM handling hung process
be032fc bitbake: bitbake: prserv: -wal and -shm sqlite lost when daemonizing
1e95ebd poky-tiny: Use musl for default system C library
6594bd5 maintainers.inc: Set me as Maintainer of QEMU.
86851d5 insane: Fix populate_sysroot sanity test path
d09a25e socat: upgrade to 1.7.3.1
fad264b libffi: move from recipes-gnome to recipes-support
d3753dd libffi: ensure sysroot paths are not in libffi.pc
c72614b syslinux: remove LDFLAGS manipulation
8ad11fc lttng-tools: Fix ptest installed la files
66ed16b gnutls: update 3.4.8 -> 3.4.9
149cb17 python-distutils: add missing dependency on python-email
3473962 nss-myhostname: Fix build on musl
42e37d7 linux-firmware: update to latest revision 52442afee
ce1bed7 license.bbclass: add LICENSE_CREATE_PACKAGE to perform_packagecopy vardeps
e43504b i2c-tools: point SRC_URI at Yocto source mirrors
2d7622c gnutls.inc: allow libidn support to be controlled via PACKAGECONFIG
60ebe1c gnutls.inc: add gmp to DEPENDS
935aa96 gnutls.inc: minor formatting improvements
3fa1c54 Revert "kernel/kernel-arch: Explicitly mapping between i386/x86_64 and x86 for kernel ARCH"
0b82af2 wic: isoimage-isohybrid: check for syslinux-native
9699441 formfactor: add machconfig for qemumips64
4701dc9 ncurses: use closing curly brackets in FILES_${PN}-tools variable
9d9f233 util-linux: Change ALTERNATIVE_PRIORITY above busybox
8f2306c mktemp: lower the priority of standalone mktemp package
6251846 libxsettings-client: drop obsolete disable_Os_option.patch
7894633 wic: default to empty bootloader config
090fb51 copy_buildsystem: add ability to exclude layers
8dc600f toaster.bbclass: reinstate scan for artifacts in the sdk directory
eee675b toaster.bbclass: attach image file scan postfunc to do_image_complete
0c0b072 meta: add ASSUME_PROVIDED dependency on wget-native for http fetches
f926610 gtk+3: Tweak getVar to use True, not 1
7fa6eeb classes/lib: Add expand parameter to getVarFlag
252e645 python-pycurl: remove unnecessary exports
9fd214d sstate: Fix SSTATE_SWSPEC only used by populate_lic tasks
4ea6a64 package.bbclass: Add data expansion to do_split_packages()
6ab5001 busybox/gtk/perl/base-passwd: Ensure data is correctly expanded
e8860f7 ref-manual: Fixed typo in FAQ 14.15 section.
9d2925e ref-manual: Updated FAQ entry regarding Proxy for SOCKS
29a44da ref-manual: Fixed type in LICENSE_CREATE_PACKAGE variable description
4181e58 ref-manual: Updated warning regarding libexecdir
0d8bd7d ref-manual: Added description for LICENSE_CREATE_PACKAGE variable.
6aca5b8 ref-manual: Added remove-libtool class
5e2201e toaster-manual: Updated the "Installation" to have TOASTER_DIR information
3aa162a p11-kit: fix packaging warnings
60c9759 piglit: don't use /tmp to write generated sources to
b33e440 libical: Work around hardcoded paths in pkgconfig file
a131b6e documentation.conf: align the documentation for DEBUG_OPTIMIZATION and FULL_OPTIMIZATION with bitbake.conf
974a8c0 pciutils: Explicitly set EXTRA_OEMAKE as required
2d3e6f3 openssl: Explicitly set EXTRA_OEMAKE as required
b07e161 dbus: add user sessions support
877eae1 dbus: use ${systemd_system_unitdir}
6010088 populate_sdk_ext: Add SSTATE_MIRRORS to config blacklist
70ec867 insane: add test for -dev packaging containing real libraries
38d6f1f python3: set INSANE_SKIP as libpython3.so is a trampoline library
4ac4023 p11-kit: fix module packaging
9a27010 libnl: package the libnl-cli modules in libnl-cli
111af1d remove-libtool: add new class
333dce4 gtk-immodules-cache.bbclass: fix immodules-cache path
b1e41f4 Revert "matchbox-keyboard: export GTK_IM_MODULE_FILE location"
ac1f311 directfb: use Yocto source mirrors for SRC_URI
4d80f7a gcc-configure-common.inc: drop --enable-target-optspace from configure
654eddc machine/include: drop tune-cortexm*.inc and tune-cortexr4.inc
322015a liboil: drop recipe from oe-core
41d50f9 boost: Fix build on soft-float ABI arm systems
07a91a6 libnss-mdns: Check for nss.h before using
1b34f55 db: Use cross libtool
64089c6 libtool-cross: Unset pre|post dep objects
457f417 docbook-xsl-stylesheets: create a link for easy refer
1ba62f9 pth: Remove dead code
a4a5d1f3 bitbake: cooker, bitbake-worker: Fix spelling of "received"
8f6b9c7 bitbake: cooker: Only start as many parse threads as we need
602da7c bitbake: knotty: Don't show errors for universe provider issues
1dd2d76 linux-yocto: Adds new genericx86 and genericx86-64 SRCREVs for kernel 4.4
b8fa9d3 poky: Add poky-world-exclude.inc and add qwt-as
5503a22 sstate: Revert using -m option to tar in sstate
6023798 libarchive-native: Disable libxml2 support
b09b054 pcmciautils: Fix makefile race
89df5f1 binutils: Use target provided zlib
c85c54f binutils: Upgrade to 2.26
ba2fdcd native.bbclass: Set CXXFLAGS from BUILD_CXXFLAGS not BUILD_CFLAGS
2394b15 gstreamer1.0-plugins-base: Add video crop supporting when convert frame
2724908 gstreamer1.0-plugins-bad: Fix memory leak of navigation thread
db81fc9 lib/oe/package_manager: remove package feed lists
c43da12 externalsrc: use shared CONFIGURESTAMPFILE if B=S
c6b8227 Make sure that the directory for CONFIGURESTAMPFILE exists
ca06179 autotools.bbclass: use oe_runmake instead of ${MAKE}
f4f9f2f gcc, qemuppc: Explicitly disable forcing SPE flags
691f7e4 pango.inc: misc dependency fixes
70efb8d pango.inc: limit ptest specific do_compile_prepend to target builds
c1273d4 systemtap_git.inc: do not immediate expand SELECTED_OPTIMIZATION
e631be2 glibc.inc: do not immediate expand SELECTED_OPTIMIZATION
770d9ff mkelfimage: fix target cflags leaks to host
c936bf0 base: Move COMPATIBLE_MACHINE out the scope of SOURCE_MIRROR_FETCH
3072361 bitbake: bitbake: BBUIHelper: Remove function findServerDetails
28c041c bitbake: fetch2: Simplify logic in verify_checksum()
5375e64 bitbake: bitbake: Set process names to be meaninful
5b234d1 bitbake: utils: Add ability to change the process name
0b06924 bitbake: data.py: avoid double newlines at the end of functions in emit_var()
68600ae bitbake: build.py: minor shell_trap_code() formatting tweaks
423a264 conf/distro/poky.conf: use example.com for connectivity check
6c058ce curl: update 7.46.0 -> 7.47.0 ( CVE-2016-0754 CVE-2016-0755 )
adbe63d openssl: update 1.0.2e -> 1.0.2f ( CVE-2016-0701 CVE-2015-3197 )
85b6679 autotools.bbclass: don't create subshell to delete configure scripts
2f1bcc1 sstate: Add back packagedata on packagedata dependencies
346b225 libical: update to 2.0.0
b696bb3 kexec: package kdump init script/configuration file correctly
51cebbf connman: fix crash with iptables 1.6
7f54fab autotools_stage.bbclass: remove it
07c4bc1 gdb-common.inc: add PACKAGECONFIG for readline
5869e35 tzdata: update to 2016a
c9cc707 tzcode: update to 2016a
aff2f58 glibc-testing.inc: drop pruning of PATCH_GET from the testglibc script
dfb9d41 gcc-cross.inc: drop pruning of PATCH_GET from the testgcc script
9e7d929 bitbake.conf: stop exporting PATCH_GET = "0"
5410aff sstate: Improve handling of useradd dependencies
9823802 gtk-icon-utils-native: Drop problematic dependency
6c04e0d glib.inc: limit ARM_INSTRUCTION_SET over-rides to armv4/armv5
83476b5 glib-2.0: drop add-march-i486-into-CFLAGS-automatically.patch
fab76ae glib-2.0: refresh configure-libtool.patch
593dcd4 systemd: fix systemctl enable script for template units
3c90507 glib: use bash-completion.bbclass
d88ed5d kmod: use bash-completion.bbclass
0f3780c git: use bash-completion.bbclass
9d20661 util-linux: use bash-completion.bbclass
0e5b0bf dbus-glib: use bash-completion.bbclass
9cddc0a bash-completion.bbclass: add class
ddb786c bash-completion: move in recipe from meta-oe
74e2f68 ffmpeg: add a recipe, and remove the libav recipe
eb7e554 lib/oe/patch: Make GitApplyTree._applypatch() support read-only .git/hooks
3ed566e gcc: fix hidden weak symbols by removing buggy gcc patch
51d9ba6 dpkg: fix CVE-2015-0860
f80d16e qemu.bbclass: clarify QEMU_EXTRAOPTIONS
3dca294 pango.inc: drop obsolete dependency on qemu-native
a16e9a2f dbus: upgrade to 1.10.6
7081458 buildhistory: fix the check for existence of a git repo
d74325e connman: tidy up connman-conf usage
79f4495 connman-conf: convert to systemd oneshot
5c35883 bitbake-whatchanged: avoid double do_ task name prefix
7881c02 netbase: add ipv6 host to /etc/hosts
93fcee6 linux-yocto/4.4: CVEs and preempt-rt update
07c182f linux-yocto/4.1: update to 4.1.16
7003698 gstreamer1.0-plugins-bad: fix compiler warnings with -Os in 1.7.1
6e90145 gstreamer1.0-plugins-good: fix compiler warnings with -Os in 1.7.1
3cd70c8 libsoup-2.4: add glib-2.0-native dependency
d5b3b97 libtirpc: remove stray .orig file from Use-netbsd-queue.h.patch
209066c ptest-runner: Add ptest-runner_2.0 recipe.
4953e26 musl: Upgrade to tip of tree
52413d0 libdrm: Refresh patch to match upstream submission
66e215f fts: Correct LIC_FILES_CHKSUM
be4c446 pth: Delete
df95988 elfutils: Fix build with uclibc/musl
047ad2c grub: Backport fix for largefile detection/use
956be0c oeqa/runtime/rpm: be more verbose if test_rpm_query_nonroot fails
3b5288f libc-package.bbclass: add LOCALE_UTF8_IS_DEFAULT
4f3ef90 ref-manual: Updated the BBMASK variable description.
b2b7214 dev-manual: Restored ptest-runner2 to ptest-runner
d484e58 ref-manual: Removed obsolete do_deploy statement from "Shared State"
7705b87 toaster-manual: Updated instructions for production setup.
4b4a8a6 ref-manual: Updated the SDK figure.
d7481ce ref-manual: Added do_image and do_image_complete tasks
d39e9d1 ref-manual: Rewrite of "Image Generation" and devtool text.
1e7735e ref-manual, mega-manual: Updated the Image Creation figure
fded4fa ref-manual: Updated configuration of auto.conf in closer look
9f192c8 dev-manual: Updated the devtool help examples.
4bbd39d dev-manual: Grammar fix to kickstart section.
75078dd dev-manual: Updated wic reference section
9ed7881 poky-ent: Grouped Fedora perl packages for niceness
3ac0416 local.conf.sample.extended: Update the info about BBMASK
d61d290 bitbake: bitbake-user-manual-ref-variables: Update the help for BBMASK
a948f52 bitbake: cooker: Allow BBMASK to contain multiple regular expressions
e82101a bitbake: bitbake-user-manual-metadata: Updated 'dir' flag
100d6c2 bitbake: bitbake-user-manual: Updated the example BitBake directory
11be341 documentation.conf: Update the help for BBMASK
3d2c0f5 cmake: update to 3.4.2
4364850 at-spi2-core: update to 2.18.3
c763940 webkitgtk: update to 2.10.5
1e95815 libsecret: update to 0.18.4
9259a43 freetype: update to 2.6.2
5ec6dbb gdk-pixbuf: update to 2.32.3
9c84fbc glib-2.0: update to 2.46.2
bd7278c gtk+3: update to 3.18.6
d609cd5 gtk+: update to 2.24.29
6197313 gtk-icon-utils-native: update to 3.18.6
1556f0e libsoup-2.4: update to 2.52.2
dff038a waffle: update to 1.5.2
89bd19f vala: update to 0.30.0
6c02099 rxvt-unicode: update to 9.22
245af2b btrfs-tools: Disable backtrace on musl
fa01d37 bsd-headers: Fix LICENCE and dev package RDEPENDS
05e11a5 gdb: Fix build failures on musl
72c1aa2 ltp: Add rdep on ldd
1d0332d argp-standalone: Fix build when S != B
9f22898 bitbake: fetch2/wget: fallback to GET if HEAD is rejected in checkstatus()
d11cc29 busybox: fix stop -vs- start typo in rcS script
9f4b088 mtools: keep v3.9.9 recipe in sync with the v4.0.18 version
2c14be3 gen-lockedsig-cache: fix bad destination path joining
9dea876 distutils-common-base: do not set PACKAGES - use defaults from bitbake.conf
4ead707 insane: remove unused variable assignment
44e9c3b meta: fix capitalisation in Upstream-Status
06b4572 pixman: only check even upstream versions
0f74387 gcr: check only even upstream versions
a2848ee avahi: Add patch to fix Win10 mDNS issues
04ef34f xf86-input-libinput: initial add 0.16.0
8a2dfa1 image.bbclass: check INITRAMFS_MAXSIZE
962cc37 systemd: make TEST_DIR configurable
9967746 bind: update to 9.10.3-P3
cac47db uninative: handle UNINATIVE_URL being file:///
9995814 uninative: fix path to patchelf-uninative
2495dfa scripts/wipe-sysroot: also delete uninative sysroot
bb97157 meta/lib: new module for handling GPG signing
aadb879 devtool: extract: use the correct datastore for builddir
fa801e7 busybox: backport upstream truncate open mode fix
6996b26 gstreamer1.0-plugins-base.inc: drop obsolete dependency on liboil
1c4a8cc e2fsprogs: disable blkid
0de8766 pango.inc: drop obsolete FULL_OPTIMIZATION over-ride
89a7ed5 devtool: add configure-help subcommand
84720c8 devtool: properly handle bb.build.FuncFailed when extracting source
c3f0f7b devtool: add: warn if modified recipe found in attic directory
e559b66 devtool: build-image: allow specifying packages to add to image
e00eac8 devtool: move edit-recipe to a separate module
6720bda image: Don't create tasks with '.' in the name
88ca227 rootfs-postcommands: fix allow-empty-password on read-only rootfs
fdac363 kernel: Clean DEPLOYDIR before do_deploy runs
c2231de gcc-cross-canadian: Add missing DEPENDS on virtual/${HOST_PREFIX}gcc-crosssdk
5fdedb6 libtirpc: Drop unneeded xz-native dependency
7a98fb7 libuser: Drop unneeded xz-native dependency
72f98ba bitbake: toaster: Update UI test runner
c192bd6 Revert "xz: Allow to work with ASSUME_PROVIDED xz-native"
6df607b acpid: upgrade to 2.0.26
7a52f67 build-perf-test.sh: add eSDK testing
5c367ec build-perf-test.sh: more generic timing function
44fee2b python3-pip: Upgrade to 8.0.0
9d95a9d orc: update HOMEPAGE
0c1c93e gstreamer1.0-plugins.inc: drop obsolete ${S}/po/Makefile.in.in workaround
be145ad busybox: Add support for busybox-init
716fa93 pulseaudio.inc: drop obsolete dependency on liboil
55bfaa2 sqlite3: update 3.10.0 -> 3.10.2
6bb1dd1 sqlite3.inc: add PACKAGECONFIG to support building against libedit
39f6a9e sqlite3.inc: dynamically link the sqlite3 command-line utility
9b2835e sqlite: formatting improvements, move more stuff into sqlite3.inc
89ed462 sqlite3.inc: drop obsolete config_BUILD_CC, etc exports
6188419 sqlite3.inc: fix readline PACKAGECONFIG
939de8d sqlite3: fix the parallel build fix patch
a304b82 weston: Add missing DEPENDS on wayland-native
4a5458f bitbake: fetch2: Don't show checksum warnings if a single checksum was supplied
e66599f uninative: Fix conflicts with normal sysroot
4833bee insane: Drop do_stage test
861c916 populate_sdk: Use pixz instead of xz
a1c35f3 lib/oe/sdk: Partially revert "sdk.py: fix conflicts of packages"
29c5eda uninative: Add fetch capability
b54fa25 pixz: Add 1.0.6
d47572d xz: Allow to work with ASSUME_PROVIDED xz-native
0aeb33f lib/oe/package_manager: prevent testing an undefined variable
c1f4e92 recipetool: create: better fix for fetch error handling
10c8d14 recipetool: create: fix extraction of name from URLs ending in /
b307e0a recipetool: create: extract SRC_URI from local git repositories
50e40fc devtool / recipetool: support specifying a subdirectory within the fetched source
7e1691d recipetool: create: strip quotes from values extracted from CMakeLists.txt
477fa84 gen-lockedsig-cache: copy correct native sstate into ext SDK
204e4ab toolchain-shar-extract.sh: improve behaviour when xz is not installed
979c8fb classes/populate_sdk*: add dependencies on script files
f220abc classes/populate_sdk_ext: drop ext-sdk-prepare.py when installing
b435225 devtool: add sdk-install subcommand
44d1a2a devtool: sdk-update: improve SDK update process robustness
3360baa devtool: sdk-update: improve temp directory handling
d193531 devtool: build: ensure pkgdata is written out
d3a4f72 classes/populate_sdk_ext: add option to bring in pkgdata for world
a9dfced linux-libc-headers: Port patches for linux-headers for musl
3cffa6d libsolv: Update to 0.6.17+
d9134cf glib-2.0: Fix locale location on musl
527cd95 syslinux: Set LD to avoid using build host ld
136db70 binutils: Fix gold linking errors due to unresolved R_ARM_MOVW_ABS_NC
704e342 puzzles: Silence warning on arm with clang
bee65f9 eglinfo: Fix build on raspberrypi
6296c0f mdadm: Fix build with musl
67eef11 gpgme: Define __error_t_defined on musl
368e838 console-tools: Fix header inclusion when not using glibc
5a8c935 uclibc: Update to 1.0.11
1113d58 unfs3: Depend on libtirpc when building on musl
2ecfc02 guile: Fix build with musl
2df08b8 bsd-headers: Package cdefs.h
29deaf0 musl: Create ld.so as a relative symlink
2d028b3 fts: Fix linker hash-style option
8dd1aa8 dosfstools: Correct cross-compile CFLAGS and fix build with musl
21550d1 nss: Undefine HAVE_SYS_CDEFS_H
92e6a7a apmd: Fix build with musl
5d661c5 pcmciautils: Fix parallel build and include sys/types.h
86795ff kexec-tools: Define _GNU_SOURCE for getting loff_t definition
ff8006f systemd: Skip parsing on musl based targets
f2856a1 oprofile: fix build with musl
226c450 portmap: Point to tirpc headers and libraries on musl
5512c2f nfs-utils: Disable tcp-wrappers for musl
06d0204 bsd-headers,musl: Add recipe for bsd missing features
c2c9202 tcf-agent: Implement canonicalize_file_name() for musl as well
f294813 chkconfig: Avoid using caddr_t
b2aca09 nspr: Drop older glibc code
c0976fc irda-utils: Fix header inclusions
a3f9721 iproute2: Fix build with musl
22333f0 libuser: Fix build when secure getenv is not there
ea9dc99 iputils: Use member based initialization for mrghdr struct
b207868 pax: Fix build with musl
1076499 tar: Fix build for musl based targets
e451023 rt-tests: Fix build with non-gcc compilers
68da390 webkitgtk: Fix build with clang/musl
da81635 console-tools: Include sys/types.h for u_char and u_short defs
205a07a sysklogd: untangle header inclusion maze
9f40dba babeltrace: Add missing header for MAXNAMLEN define
2458850 libunwind: backtrace APIs are glibc specific
abdfacb apt: Add support for building for musl targets
ec187d3 puzzles: Zero'ise structs before use
3cd0a8c dpkg: Add musleabi to known architectures
aaa8516 xinetd: Fix build with musl
93fb408 watchdog: Fix build with musl
7509ffd gzip: Fix build with musl
1d28cbc directfb: Fix build with musl
7b6b312 net-tools: Link with libintl on uclibc
ee1bfdb parted: Fix build with uclibc
ed5da2a mtools: Fix build with uclibc
5384f08 gnutls: Link with libuargp on uclibc
493e557 guile: Fix build with uclibc
1636f6f packagegroup-self-hosted.bb: Move glibc-gconv-ibm850 to glibc only case
3e7d7ab util-linux: Fix ptest builds on musl
77825f8 gnutls: Link with libargp on musl and depend on argp-standalone
1a6fe71 argp-standalone: Add recipe
a7d780c gdk-pixbuf: Fix latent build issue exposed by musl
f2cf5d3 xserver-xorg: Fix build with musl
b8de631 libcgroup: Add dependency on fts when building on musl
87c3e98 connman: include config.h for HAVE_STRUCT_IN6_PKTINFO_IPI6_ADDR
cc55fc7 fts: Add recipe
6e3950b tcp-wrappers: Fix build with musl
68f88a5 ppp: Fix build with musl
4972edd blktrace: Include <sys/types.h for dev_t
d629fa1 powertop: Include right headers for timval struct
063dc38 update-alternatives: when warning about alt_link==alt_target, say what PN
6baafa1 python-setuptools: Unify and upgrade python-setuptools and python3-setuptools to 19.4
f0e500e gstreamer1.0-libav: update git recipe to 1.7.1
90cbdfb gstreamer1.0-plugins-ugly: update git recipe to 1.7.1
6752484 gstreamer1.0-plugins-bad: update git recipe to 1.7.1
ad8f201 gstreamer1.0-plugins-good: update git recipe to 1.7.1
2ca9f20 gstreamer1.0-plugins-base: update git recipe to 1.7.1
3c7f2b8 gstreamer1.0: update git recipe to 1.7.1
7c810d0 gstreamer1.0-libav: update 1.6.2 -> 1.6.3
a4b8e9a gstreamer1.0-plugins-ugly: update 1.6.2 -> 1.6.3
8170e06 gstreamer1.0-plugins-bad: update 1.6.2 -> 1.6.3
497ebc9 gstreamer1.0-plugins-good: update 1.6.2 -> 1.6.3
3d87902 gstreamer1.0-plugins-base: update 1.6.2 -> 1.6.3
1e256ee gstreamer1.0: update 1.6.2 -> 1.6.3
dacf2aa gst-plugins-package.inc: drop perl RDEPEND for XXX-apps packages
676275f gstreamer1.0-plugins.inc: don't set base SRC_URI via python
852f098 gstreamer1.0-plugins.inc: drop obsolete lib-link.m4 workaround
a32ac26 gstreamer1.0-plugins-bad.inc: update hls dependency gnutls -> nettle
97e0752 gstreamer1.0-plugins-bad.inc: don't set ${S} or apply version specific patch
78e9361 gstreamer1.0-plugins-good.inc: remove duplicate --disable-examples
0edabfd gstreamer1.0-plugins.inc: convert GSTREAMER_1_0_DEBUG to a PACKAGECONFIG
81cd227 gstreamer1.0-plugins.inc: add missing glib-2.0-native dependency
a0b1e66 gstreamer1.0.inc: add missing glib-2.0-native dependency
e5fb79d gstreamer1.0-rtsp-server.inc: minor formatting improvements
434aa8e gstreamer1.0-omx: minor formatting improvements + update HOMEPAGE
69bcd33 gstreamer1.0-libav: minor formatting improvements + update HOMEPAGE
1d6e61a gstreamer1.0-plugins-ugly: minor formatting improvements
c45ce26 gstreamer1.0-plugins-bad: minor formatting improvements
c1ea981 gstreamer1.0-plugins-good: minor formatting improvements
beb8091 gstreamer1.0-plugins-base: minor formatting improvements
61f30b4 gstreamer1.0-plugins.inc: minor formatting improvements
981145a gstreamer1.0: minor formatting improvements
9f1a943 gst-plugins-package.inc: minor formatting improvements
9e08b69 gst-player: minor formatting improvements
a8ed2c8 valgrind: remove unused valgrind-remove-rpath.patch
e24123d emptytest: exclude from world builds
6808035 build-appliance-image: bump version to 14.0.0
eb418c3 insane.bbclass: fix package_qa_walk()
e185004 insane.bbclass: print all the QA messages
95fa36e weston: upgrade 1.8.0 -> 1.9.0
1bc0c89 wayland: upgrade 1.8.1 -> 1.9.0
03dae8e glib-2.0: fix the ptest
68c5e6d insane.bbclass:buildpaths: ignore ipkg/dpkg's CONTROL dir
258676b sstate: display the sysroot name when cleaning for clarity
f35b2e2 bitbake: set default libexecdir to $prefix/libexec
40f0c2d gawk: fix libexecdir/libdir/BPN confusion
2458f41 mesa: update SRC_URI
fdb12f9 e2fsprogs: set PV to 1.42.99+1.43+git${SRCPV}
9cf1ec0 valgrind: avoid neon for targets which don't support it
b191f58 valgrind: re-enable ARM intdiv and vcvt_fixed_float_VFP tests
b0b3412 valgrind: let valgrind determine its own optimisation flags
92abb5f meta/files/toolchain-shar-relocate.sh: Detect different python binaries and select one that exists.
924e2c3 python-nose: upgrade to 1.3.7
02440b5 python-native: Make python-native also RPROVIDE python-unittest-native
b7ca05d linux-libc-headers: update to 4.4
f73ee59 libpng12: upgrade to 1.2.56
3a59486 libpng: upgrade to 1.6.21
63a49f8 libtirpc: remove redundant va_list patch
55a8df2 perl: Upgrade to 5.22.1
a840588 oeqa/selftest/signing: use temporary rpmdb
65c1de9 kexec-tools: inherit update-rc.d
ba837f1 autotools: don't output the full config.log on configure failure
3e3cb62 bitbake.conf: Remove horrible variable expansion hacks
b963efb mesa: add missing wayland-native build dependency
9dd6c81 maintainers.inc: Correct maintainership for several packages
bd1a534 bitbake: toaster: run bitbake server with --read option
76a281c bitbake: taskdata: add the ability to access world targets list
11a1f49 bitbake: cache.py: check existence before add to cachedata.rproviders
05c1775 bitbake: taskdata.py: add RuntimeProviders to close matches
cf9cb65 bitbake: data_smart: Don't show exceptions for EOL literals
b80219e udev: Add 2 patches to support 4.4 kernel
1013385 gcc-runtime.inc: provide libquadmath
60b237f kexec: update supported architecture list
92a0032 strace: update 4.10 -> 4.11
0aa8169 strace: fix ARCH definition in tests/Makefile
2408149 strace: remove need for git-version-gen script
9ca6a5f strace: fix --disable-aio configure option
dd90f32 strace: drop unnecessary dependency on acl
aadae7b libnewt: Fix linking error due missing symbols
571289d lib/oe/package_manager.py: Remove list() from PkgsList class
6ebda8e lib/oe/rootfs: Use list_pkgs() instead of list()
03075f6 lib/oe/utils: Add function format_pkg_list()
c708411 lib/oe/package_manager: Add list_pkgs() to PkgsList class
113e136 python3: Minor upgrade 3.5.0 -> 3.5.1
918149d python-numpy: upgrade to 1.10.4
eae7584 swig: upgrade to 3.0.8
21f7677 python-scons: upgrade to 2.4.1
7721652 python-pycurl: upgrade to 7.21.5
2ef401f python-mako: upgrade to 1.0.3
2a608cc python-setuptools: Upgrade to 19.2
6395bc8 python3-setuptools: upgrade to 19.2
40738af python: Upgrade 2.7.9 > 2.7.11
35855a0 wic: pylinted ksparser module
e3b3bcf wic: add help for 'include' command
bfaabe5 wic: move parts of canned .wks into common.wks.inc
50a3dc5 wic: implement search of includes
15ea180 wic: refactor get_boot_config
d304162 wic: ksparser: add support for include
3fc6aaa wic: do not remove build dir in source plugins
8d34eea wic: use unique partition number
43b4058 wic: move wks parsing code to KickStart._parse
3860640 nss: update to 3.21
ea39ad0 libjpeg-turbo: fix upstream version check (sort of)
48a8a89 libical: fix upstream version check
c6f71c5 gnutls: update to 3.4.8
7a80f84 sysstat: fix upstream version check
2aabf9a pbzip2: update to 1.1.13
77aee28 ncurses: fix upstream version check
56e4ff6 libsolv: fix upstream version check
d46bc77 e2fsprogs: fix upstream version check
0436e3f build-appliance-image: bump version to 14.0
a206a19 btrfs-tools: update to 4.4
a1790bc bootchart2: update to 0.14.8
68c7113 poky.conf: Delete BB_SIGNATURE_HANDLER settings
0916235 rpm: remove bashisms: [ x == x ] -> [ x = x ]
2dbd61f uclibc: remove a use of immediate expansion and oe_filter_out ()
32eeb00 gcc-runtime: switch to removal override syntax to modify CXXFLAGS
c886a78 bitbake: tests/codeparser.py: Add filename/lineno flags to test variable
f130033 bitbake: toaster: write variables to toaster.conf
1835768 sstate: replace verbose manifest removal with a single count
d4c721a libdrm: Upgrade 2.4.65 -> 2.4.66
b5508a8 slang: Add dependency on ncurses
27b2df2 valgrind: make it explicit that valgrind supports armv7a and above
5dc38a3 sign_rpm.bbclass: fix task dependencies
27c39c4 opkg-utils: store alternatives in nonarch_libdir
77fde15 security_flags.inc: remove obsolete workarounds for curl
31ce027 cups: update systemd support
a4b48c2 coreutils: Add xattr PACKAGECONFIG
7a0b1c1 oeqa/runtime/parselogs: use -F to search fixed strings for grep
b8e11e2 libinput: Upgrade 0.21.0 -> 1.1.4
a9f2e87 postinst-intercepts: always use set -e
de0848f maintainers: mark Khem as nominal owner for uclibc
3235f5e formfactor: remove unused beagleboard configuration
6c64700 alsa-state: remove beagleboard configuration
f0d47a6 bitbake: Revert "runqueue.py: Ensure one setscene function doesn't mask out another which needs to run"
9e867ef sstate: Add packagedata to list of tasks not to recurse
5e881c1 classes/populate_sdk_ext: fix task dependency regression
2e9f092 image: Handle image types containing '-' correctly
0612ca4 oe-selftest: devtool: fix test_devtool_add_library if python was built first
c1492c4 recipetool: create: add a couple more license checksums
2c8c9fe recipetool: create: add basic support for extracting dependencies from cmake
3eb397f recipetool: create: force GL libraries to virtual/*
726dbda recipetool: create: move dependency mapping code to RecipeHandler
788e4bb recipetool: create: fix overzealous mapping of git URLs
ece0a2e recipetool: create: support additional autoconf macros from autoconf-archive
903d471 recipetool: create: detect flex/bison dependency
a66f4ac recipetool: create: pick up boost macros in configure.ac
dbe91a3 recipetool: create: improve extraction of pkg-config / lib deps
e7bedb9 wic: rename kickstarter.py -> ksparser.py
3bb6ea6 wic: override ArgumentParser.error
d652203 wic: removed unused imports
d2090a6 wic: improve processing of parseing errors
1ed97cc wic: catch KickStartError
bda77fd wic: add custom exception KickStartError
ef211a5 bootimg/image-vm/image-live: Improve image dependencies
0910bc6 image: Always run do_rootfs_wicenv
12e37e7 selftest/buildhistory: Improve test to remove sources of error
05716dd bootimg/image: Enhance bootimg to respect RM_OLD_IMAGE
1c869a9 rootfs-postcommands: Ensure license manifests respect RM_OLD_IMAGE
d27491b image: Ensure we don't expand TMPDIR in image commands
ce8a206 image: Fix instability of do_image_* checksums
fb1654f image: Fix wic environment issues
1da8f52 insane: Start to clean up do_configure_qa code
dd28695 insane: Clean up horrible return value processing code
839fb18 e2fsprogs: fix PV
b1236dc e2fsprogs: add PACKAGECONFIG for fuse
f98e11c bitbake: toastergui: make artifact download more robust
68f3e1e bitbake: toasterui: log OSErrorException metadata events
fb94754 bitbake: toasterui: listen for bb.event.MetadataEvent
a2f23fa openssh: CVE-2016-1907
320a319 license.bbclass: fix license manifest
4339a82 wic/help.py: document requirements for valid fstab generation
d688df8 glib-2.0: add dependency glib-2.0-native back
76e35f1 kernel-yocto.bbclass: move do_kernel_link_vmlinux() into kernel.bbclass
d453fa1 kernel-yocto.bbclass: remove do_kernel_link_vmlinux from SRCTREECOVEREDTASKS
2b92f88 libarchive: Add bsdtar and bsdcpio packages
e246905 toaster.bbclass: Separate artifact dump from image file dump
4f481bc pax-utils: 1.0.5 -> 1.1.4
f9974f2 sqlite3: upgrade to version 3.10.0
cd7910d connman: upgrade to 1.31
b9169b7 python3: add missing dependency on PN-misc to PN-modules
4b4dea7 useradd-staticids.bbclass: Remove unnecessary spaces
4f2c352 useradd-staticids.bbclass: Read passwd/group files before parsing
4cbdb15 useradd-staticids.bbclass: Simplify the logic for when to add groups
b18e40c useradd-staticids.bbclass: Simplify some logic
b689aa0 useradd-staticids.bbclass: Make --no-user-group have effect
c03ea8d useradd-staticids.bbclass: Treat mutually exclusive options as such
af8b005 wic: get rid of 2 getters
2573e28 wic: get rid of set_size and set_source_file setters
5cd222b wic: get rid of get_rootfs and set_rootfs
4d5d5dd wic: get rid of get_timeout getter
26fb2a1 wic: adjust code for new data structure
c827238 wic: remove pykickstart code
c15ea82 wic: use new kickstart parser
f572f44 wic: add kickstart parser module
e5e1905 wic: add partition module
180f170 alsa-lib: 1.0.29 -> 1.1.0
a8c25af matchbox-keyboard: export GTK_IM_MODULE_FILE location
d75cb1f xf86-input-evdev: upgrade to 2.10.1
2283732 menu-cache: upgrade to 1.0.1
ec7e406 libxi: upgrade to 1.7.6
86f3f25 librsvg: upgrade to 2.40.13
72dd806 libgpg-error: upgrade to 1.21
3c02fe0 libevdev: upgrade to 1.4.6
33e9930 libcroco: upgrade to 0.6.11
5b63c44 gsettings-desktop-schemas: upgrade to 3.19.3
dfff167 gpgme: upgrade to 1.6.0
5abb691 u-boot: Update to 2016.01 release
e9280d1 linux-yocto: introduce v4.4 standard/preempt-rt/standard kernel
8c3276e e2fsprogs: 1.42.9 -> 1.43 (master)
b248e55 bitbake.conf: rename python-native-runtime
65d0bfc net-tools_1.60-26.bb: Fix do_patch dependency error
99923fc ncurses: 5.9 0 -> 6.0
44d283a autotools.bbclass: use relative path to run configure script
b2f1de3 glibc-initial.inc: use relative path to run configure
0fe6e2d bitbake: toaster: increase timeout
a5f34bc poky.ent: Added "perl-bignum" package for Fedora
afc6cba dev-manual: Updated "Running ptset" section
ec047ad yocto-project-qs: Updated the "Next Steps" section
57ddbe8 ref-manual: Removed all variables related to "QMAKE"
7814b33 ref-manual: Updates to cull out qt4 stuff.
bf81969 toaster-manual: Updates on how to start Toaster.
798e8b8 bitbake: toastergui: code formatting and clean-up
c4b5011 bitbake: toaster tests: fix Django tests for new ToasterTable pages
88a262c bitbake: toastergui: remove unused views and template code
059a274 bitbake: toastergui: fix error and warning counts for builds
4103e0c bitbake: toastergui: make "Apply" button state depend on filter range
6c2d88f bitbake: toastergui: mute label for filter actions with no records
f08730a bitbake: toastergui: set default visible and hideable columns
112f374 bitbake: toastergui: serialise decimals correctly
e024aab bitbake: toastergui: streamline construction of filter objects
fcb20f9 bitbake: toastergui: ensure filter_value updates
f9c46f5 bitbake: toastergui: don't hide all elements with .col class
eaae82a bitbake: toastergui: convert project builds page to ToasterTable
33b011c bitbake: toastergui: implement "today" and "yesterday" filters
f8d383d bitbake: toastergui: implement date range filters for builds
b929889 bitbake: toastergui: show recent builds on all builds page
1a4b203 bitbake: toastergui: switch off filter highlights when inactive
809046c bitbake: toastergui: refactor ToasterTable filtering
294579b bitbake: toastergui: convert all builds page to ToasterTable
6c12ca7 bitbake: toastergui: use event delegates for hover help elements
ef93dce bitbake: toastergui: switch projects/ view to ToasterTable
417f1d3 bitbake: toaster: check inferred file suffixes against list of known types
c02ee05 bitbake: toaster: move image file suffix list to model
d29e4cd bitbake: toastergui: use ToasterTable for projects page
b1256db openssh: update to 7.1p2
c0e9f2d kernel/kernel-arch: Explicitly mapping between i386/x86_64 and x86 for kernel ARCH
f8508de bitbake: Revert "fetch/git: Change to use clearer ssh url syntax for broken servers"
b567235 image/image-live: Add back IMAGE_TYPES_MASKED support
e914e2a image.bbclass: Handle image base type dependency properly
ad32f65 autoconf: add missing perl-module-file-find to RDEPENDS
d83dfe6 ca-certificates: update to 20160104
4440560 epiphany: upgrade to 3.18.3
dcf54b4 iso-codes: upgrade to 3.64
d7bee35 lighttpd: upgrade to 1.4.39
08c8923 libwebp: upgrade to 0.5.0
cf0aea7 classes/populate_sdk_ext: avoid unnecessary sstate being brought in
ea29bec insane/package: Fix cases where QA errors aren't fatal
2e620a4 classes/populate_sdk_ext: check that extensible SDK prepared correctly
4685c33 classes/buildhistory: save auto.conf and bblayers.conf for extensible SDK
39f6472 classes/populate_sdk_ext: support auto.conf
91877aa classes/populate_sdk_ext.bbclass: handle if local.conf doesn't end with a newline
764c927 util-linux: create util-linux-runuser iff pam in DISTRO_FEATURES
95dce70 rsync: 3.1.1 -> 3.1.2
38aa0fc less: 479 -> 481
4cb2269 iputils: s20121221 -> s20151218
fe47dd7 wget: 1.17 -> 1.17.1
79886e9 git: 2.5.0 -> 2.7.0
d3e16b8 file: 5.24 -> 5.25
3549abc autogen-native: 5.18.5 -> 5.18.6
fb14627 curl: upgrade to 7.46
eaf88d7 xz: upgrade to 5.2.2
8516ff7 sysstat: upgrade to 11.2.0
ae73be1 at: upgrade to 3.18
21efab7 kmod: upgrade to 22
c88efae resolvconf: upgrade to 1.78
6729889 pciutils: upgrade to 3.4.1
edd319c gnupg: 2.1.7 -> 2.1.10
78b58b8 help2man-native: 1.47.1 -> 1.47.3
ac0e0d5 man-pages: 4.02 -> 4.04
1e0cbb9 libgcrypt: 1.6.3 -> 1.6.4
372c23d xmlto: 0.0.26 -> 0.0.28
aaafe33 elfutils: 0.163 -> 0.164
38901a7 dhcp: 4.3.2 -> 4.3.3
ea05e05 image.bbclass: Unconditional includes of populate_sdk_ext fails
c08f272 tcmode-default.inc: Fix preferred provider nativesdk-sdk_prefix-libc-initial
5d2f783 dhcp: search libxml2 for bind
b69652d tzdata: remove bashism
7c7c249 harfbuzz: update 1.1.2 -> 1.1.3
84623dc libpostproc: duplicate armv7a over-rides for armv7ve
1744198 libav.inc: duplicate armv7a over-rides for armv7ve
102dfa1 gcc-configure-common.inc: duplicate armv7a over-ride for armv7ve
b08dfb5 subversion: Upgrade 1.9.2 -> 1.9.3
d6fae0c lttng-ust: Upgrade to 2.7.1
a9cc9b5 lttng-tools: Upgrade to 2.7.1
6b02575 lttng-modules: Upgrade to 2.7.1
a378430 gdb: upgrade to 7.10.1
92cc02f linux-yocto: Update Genericx86* BSPs to 4.1.15
da43a56 bitbake: Revert "fetch2/local.py: avoid using PREMIRROR"
96a34e7 conf/distro/poky-tiny: correctly disable python in opkg-utils
1724ffd bitbake: fetch2/git.py: Add missing "errno" module import.
74fa824 bitbake: bitbake: clean up stamp-base related codes
f3f769a local.conf.sample: add qemumips64
43328fe bitbake: runqueue: Fix setscene task dependencies
7b905ca bitbake: toaster: settings Add uid to the toaster cache dir
dff7a27 bitbake: toaster: show 'satisfied via' text for reverse deps
89f4932 bitbake: toaster: show 'satisfied via' text for build deps
febb898 bitbake: toaster: show list of provides for the recipe
2ff4ccb bitbake: buildinfohelper: add provides info to the db
16a81fb bitbake: toaster: add Provider model
6a28ed3 bitbake: buildinfohelper: use providermap
f2b7252 bitbake: cooker: add providermap to dep_tree
7e380d4 bitbake: taskdata: refactor get_providermap
46731da bitbake: main/runqueue: Add --setscene-only option to bitbake
34f8db9 update_font_cache: only scan system font directories
e5c011b Add "CVE:" tag to current patches in OE-core
f04fb88 scripts/create-pull-request: fix git request-pull syntax
928ceb6 qt4: fix-for-mips-n32.patch: remove it
c4a3258 util-linux: create util-linux-runuser package
554ca68 valgrind: include aarch64 in COMPATIBLE_HOST
0ce775a valgrind: update to 3.11.0
21a94f6 valgrind: don't restrict to armv7a
b8ebac9 DpkgRootfs: Fix logcheck_error false-positive when use multilib
e265fbb package_deb.bbclass: add 'Multi-Arch: foreign' tag to allarch packages
4aeb69d package_manager.py: fixes for multilib deb packaging builds
9ea7428 package_deb.bbclass, cross-canadian.bbclass: DPKG_ARCH mapping function
72e6932 connman.inc: add missing RDEPENDS
675ff42 meta: rename perl-native-runtime
3f4fb39 dbus: support large-file for stat64
0d5e41f freetype: enable out-of-tree builds, and use host zlib
8f2ab19 bluez5: upgrade to 5.37
11f5a42 cogl-1.0: fix may be used uninitialized error
235606f oeqa/runtime/logrotate: fix hardcoded root directory
cce6c3e oeqa/runtime/smart: fix hardcoded root directory
cd2cf1f boost: update to 1.60.0
afc0255 bitbake.conf: remove 'stamp-base'
c8fef7f gcc5: Fix build on NIOS2
eda3947 rpmresolve.c: Fix unfreed pointers that keep DB opened
3c8a451 tzdata: Make /etc/timezone optional
b80da02 systemd: arrange for volatile /etc/resolv.conf
5548a76 systemd: add myhostname to nsswitch.conf
d6bc841 opkg-utils: add update-alternatives PACKAGECONFIG
c3b96ff linux-dtb.inc: use absolute upd-alt paths
3ad08c0 uclibc: Upgrade to 1.0.10
74c3667 populate_sdk_ext: Pass excluded_targets as a list to prune_lockedsigs
e306d54 populate_sdk_ext: Change to include siginfo and non sstate task sigs
e1a558a populate_sdk: Switch from bzip2 to xz
3341f3f classes: Fix do_rootfs references
0a4e1f9 image: Create separate tasks for rootfs construction
fdced52 image: Move pre/post process commands to bbclass
cdc0aee image.bbclass: Separate out image generation into a new task, do_image
0269219 populate_sdk_ext: Use new --setscene-only option to bitbake instead of workarounds
1ee0842 sstatesig: Handle special case of gcc-source shared-workdir for printdiff
d93c212 bitbake.conf: add virtual/libiconv-native to ASSUME_PROVIDED
b2fe2a8 devtool: build: support using BBCLASSEXTENDed names
38ed039 devtool: reset: support recipes with BBCLASSEXTEND
532f429 devtool: refactor code for getting local recipe file
ec90168 devtool: add: support adding a native variant
99e3872 devtool: reset: do clean for multiple recipes at once with -a
5ef716c recipetool: create: support creating standalone native/nativesdk recipes
1e503c0 recipetool: create: lower case name when determining from filename
4deed25 devtool: sdk-update: add option to skip preparation step
d586a11 devtool: sdk-update: fix error checking
c1b7d83 devtool: sdk-update: fix metadata update step
efead10 devtool: sdk-update: fix not using updateserver config file option
9348c91 classes/populate_sdk_ext: disable signature warnings
d44dcd7 classes/populate_sdk_ext: fix cascading from preparation failure
d11051c scripts/oe-publish-sdk: add missing call to git update-server-info
fbc2147 libbsd: upgrade to 0.8.1
221d864 bitbake: fetch/git: Change to use clearer ssh url syntax for broken servers
46d62d0 bitbake: knotty: Use non-interactive mode as fallback for dumb terminals
bfa7859 bitbake: cooker: fix findFilesMatchingInDir documentation
3d42737 bitbake: cooker: use in instead of count
0e83229 maintainers.inc: remove x11vnc
d914c7f meta-yocto: drop qt4 references
0f3ad7c scripts/yocto-layer: Avoids duplication of "meta-" prefix
220ef32 poky-lsb/poky-tiny: update preferred kernel to 4.1
b82e228 yocto-bsp: remove 3.14 and 3.19 bbappends
685daeb conf/local.conf.sample: comment out ASSUME_PROVIDED=libsdl-native
2c5e7e0 image: Really remove lockfiles flag
a500e3a boost: ensure boost to remain an empty metapackage
b151506 image_types.bbclass: Rebuild when WICVARS change
eb4159c gccmakedep: fix buildpaths qa check
f54e53c bash: fix buildpaths qa check error
6d111c8 testimage: remove VNC test, x11vnc isn't in oe-core anymore
8bec5c5 x11vnc: remove all references to moved package
8f865e2 x11vnc: move recipe to meta-oe
ae1fc96 classes/buildhistory: actually use KiB in extensible SDK sizes files
84f66b5 x11vnc: move recipe to meta-oe
c44599d readline: move inputrc into readline
f29d642 tune-*: use mcpu instead of mtune for ARM tunes
c6a1991 arch-armv7ve: add tune include for armv7ve and use it from cortexa7 and cortexa15
21d61fa cortexa{7,15,17}: add VFPv4 tunes
7f2cb68 feature-arm-vfp.inc: Further simplify with TUNE_CCARGS_MFLOAT
e9b2ffc feature-arm-{neon,vfp}.inc: refactor and fix issues
45f726c arch-armv7a.inc: add vfpv4 support also to softfp and big endiand tunes
ebe8358 arch-armv7a.inc: Fix PACKAGE_EXTRA_ARCHS for tune-armv7atb-vfpv3, tune-armv7atb-vfpv3d16, cortexa7thf-neon-vfpv4
9280a8e arch-armv5.inc: drop duplicate ARMPKGSFX_DSP and PACKAGE_EXTRA_ARCHS_tune-armv5tehf-vfp
46d6b0e arch-armv[456]*.inc: improve indentation like armv7a
860663a arm/arch-arm*, tune-cortexa*, tune-thunderx.inc, powerpac/arch-powerpc64.inc: Use normal assignment
8c483a1 arch-armv7a, tune-cortexa*: improve indentation
7498b91 arch-armv7a, tune-cortexa*: improve comment VFP -> HF
bb9b581 arch-armv7a: add missing space before ?=
15f8344 tune-cortexr4.inc: fix PACKAGE_EXTRA_ARCHS
e2736f7 sanity.bbclass: add more information to error message about TUNE_PKGARCH missing in PACKAGE_ARCHS
b68d947 mkefidisk.sh: add boot log on console
62d7c97 mkefidisk.sh: add startup script for automated boot
5aa3b93 oeqa/selftest/recipetool: update for libjpeg-turbo migration
ffa7469 libjpeg: Replace libjpeg with libjpeg-turbo
29d273f python3: fix installed-vs-shipped when 64bit + multilib
db7cee6 pulseaudio: add PACKAGECONFIG for lirc
b900ec8 sstate-sysroot-cruft.sh: Extend the whitelist
20843fa iptables: upgrade to 1.6.0
c2bda6c scripts/oe-selftest: Allow to run tests on random/all MACHINEs
8e1435e selftest: Added testcase decorators for 2 tests
32f332c oe-selftest: New option --list-tests
17d886b oe-selftest: Improved --list-classes when determining test names
4ec2da7 selftest: moved tc test_buildhistory_does_not_change_signatures
02d259c scripts/oe-selftest: Remove extra coverage data added to unittests
30c06a4 expat: CVE-2015-1283
315bdc8 packagegroup-core-x11-sato: enable pcmanfm on mips
a3e26f9 wic: rawcopy: Copy source file to build folder
d6e0da4 grub2: Fix CVE-2015-8370
bb663b0 systemd: enable compatibility libraries by default
3fea163 systemd: add more compression and importd PACKAGECONFIGs
d462b70 gcc-sanitizers: link directly against sysroot libstc++
3eb6135 openjade: Fix build if not installing libtool .la files
6308c47 valgrind: Define __UCLIBC__ for uclibc based systems
3d19a1e security_flags.inc: disable -fstack-protector-XXX for valgrind
807ed8a meta/conf/layer.conf: bump layer version due to Qt4 removal
4fb3e05 packagegroup-core-lsb: treat qt4 packages same as qt3 packages
8b11ed8 qt4: remove recipes and classes
0baadc8 toaster-manual: Updates to toaster use chapter.
908bbff ref-manual: Updated the list of supported image types.
5d27451 dev-manual: Added the --configfile bootloader option.
7b3b1f9 dev-manual: Added three new wic option descriptions.
eeffa64 dev-manual: Added the --overhead-factor wic option description.
2beb19b dev-manual: Added the --extra-space wic option description.
95851df dev-manual: Added wic --notable option description.
88a2794 dev-manual:
8bdc707 sdk-manual: Initial Manual framework
f1f7625 bsp-guide: Updated the license statement.
6686a31 dev-manual: Correction to the KVM stuff in the runqemu commands.
ccc830d documentation: Prepare for 2.1 builds
7af9314 mega-manual: Added four new figures for GUI example.
f8185ff bitbake: ast: Add filename/lineno to mapped functions
a178c5a bitbake: main: kill server without queue setup
773700d bitbake: xmplrpc: split connect method
05b4fbc bitbake: uievent: refactor retry loop
ebc169c bitbake: uievent: get rid of EventHandler attribute
4e0de6e bitbake: uievent: add error to registerEventHandler return
01419d5 bitbake: cooker: add state.get_name method
763506d bitbake: fetch2/__init__.py: Add support for 7-Zip
f5bfc1c bitbake: utils: Remove double compile from better_compile
b4141f6 bitbake: fetch2/local.py: avoid using PREMIRROR
1ad3595 bitbake: siggen: Change exception note into a warning
4ba49ac bitbake: data: Drop misleading ExpansionError exception
2c94311 bitbake: cooker: Drop useless parsing exception
a16b543 bitbake: data: Pass lineno/filename data from build_dependencies
958f0ff bitbake: codeparser: Add support for correct linenumbers
db4376e udev-extraconf: introduce multiple blacklist files for more complex setups
a8fb429 uclibc: disable parallel builds
401c632 image: Condense do_rootfs function/flags
0051510 image/rootfs-postcommands: Separate out post rootfs commands to separate class
3428edd image: Remove pointless rootfs lock
eb5bb0e packagegroup-core-boot:replace busybox to variable
cc7bb6c initramfs-framework_1.0:replace busybox for variable.
d9ffa59 core-image-minimal-initramfs: replace base-utils
9349f42 base-utils:flexible dependency for command utilities
c44b76a orc: Add missing PACKAGES_DYNAMIC
2cd061a bluez5: include the patch only for 5.36
4c35473 meta-yocto-bsp: remove 3.14 and 3.19 bbappends
6af8981 meta-yocto-bsp: Remove uvesafb (v86d) from generic x86 features
614e9ec qemu: add PACKAGECONFIG for Nettle crypto support
09705a4 oeqa/selftest: support sets in devtool comparisons
4b543f7 packagegroup-core-x11-sato: include pulseaudio-misc
23302ee devtool: use cp instead of shutil.copytree
d6e7b5b xorg-lib: allow native building without x11 DISTRO_FEATURES
4cba706 busybox: generalize recipe to work with arbitrary install directories
9d001ae cairo: update 1.14.4 -> 1.14.6
6d561fb libdrm: Upgrade to 2.4.65
0f516f0 image-vm.bbclass: uses IMAGE_LINK_NAME
c851096 image-live.bbclass: uses IMAGE_LINK_NAME
907b87d rpm: Generate per distribution and multilib macro files
c910789 package_manager.py: add debugging support for rpm scriptlet execution
8dd27ef xinput-calibrator: get screen geometry when calibrating
e8d36f4 scripts: hand the TEMPLATECONF local over to setup-builddir
0f4fb26 util-linux: Fix floating dependency upon 'readline'
2cb434a linux-firmware: package Broadcom BCM43340 firmware
f70d46f rpcbind: Fix build with libtirpc 1.0.1
866c693 libtirpc: upgrade to 1.0.1
5754b83 gstreamer1.0-libav: upgrade to version 1.6.2
6ac601f gstreamer1.0-rtsp-server: upgrade to version 1.6.2
3ac3d33 gstreamer1.0-plugins-ugly: upgrade to version 1.6.2
823b623 gstreamer1.0-plugins-bad: upgrade to version 1.6.2
6d13f30 gstreamer1.0-plugins-good: upgrade to version 1.6.2
05896a5 gstreamer1.0-plugins-base: upgrade to version 1.6.2
a8eb77b gstreamer1.0: upgrade to version 1.6.2
dd5756b mirrors: add archive.apache.org to Apache mirrors
cfbd804 guile: remove redundant replacement of .pc file
c2e8079 bind: 9.10.2-P4 -> 9.10.3-P2
7204a0f libsndfile1: enable FLAC/Ogg/Vorbis support
35bd254 buildhistory: improve support for extensible SDK
ea0abcd buildhistory: fix not recording SDK information
b6d191d scripts/oe-selftest: Add support for selftest log with timestamp
ab79287 selftest: Added MACHINE = "qemux86" to tests that use runqemu
b09080d ncurses: fixes wrong paths in BINCONFIG
8df88fb xcb: don't build-depend on python-native
d7759a5 tcmode-default: Use glibc for nativesdk version even on uclibc and musl
a7eadc3 qemu: upgrade to 2.5.0
9988ab3 webkitgtk: update to 2.10.4
cedb027 epiphany: update to 3.18.2
6e27dd8 libwebp: update to 0.4.4
efcf4b4 libsecret: update to 0.18.3
0112274 gnome-desktop3: update to 3.18.2
88a656e gcr: update to 3.18.0
883193a linux-yocto: remove 3.14 and 3.19 recipes
4487e3a kernel-yocto: fix checkout bare-cloned kernel repositories
5161944 linux-yocto/4.1: update to v4.1.15
a462d16 linux-yocto-dev: bump to 4.4-rcX
862b3b3 lttng-modules: fix build issue against kernel 4.4
9563aa8 yaffs2: fix checkpoint functionality
cefc24d mobile-broadband-provider-info: update to tagged release 20151214
04aa27c icu: fix upstream version check
2865e5f btrfs-tools: update to 4.3.1
5beb3bc iso-codes: update to 3.63
503c08d kexec-tools: update to 2.0.11
4fa2e4b lighttpd: update to 1.4.38
f7a7796 tiff: update to 4.0.6
2498065 libassuan: update to 2.4.2
f2192fa msmtp: update to 1.6.3
7fc3066 liburcu: update to 0.9.1
10d14bc trace-cmd: update to 2.6
fc774e9 python3-pip: update to 7.1.2
c3330aa pytnon-pexpect: update to 4.0.1
aa90b5d ifupdown: update to 0.8.2
4c98105 gptfdisk: update to 1.0.1
edde9af cryptodev: update to 1.8
9da9308 oe-selftest: devtool: add more explicit check for ls output
c2435b1 oe-selftest: add tests for simple devtool add / recipetool create URL case
8916731 recipetool: create: fix error when extracting source to a specified directory
fe28c25 recipetool: create: improve autotools support
498e483 devtool: sync: tweak help / messages
b272c51 devtool: reset: print message about leaving source tree behind
95a234e devtool: status: list recipe file within workspace if one exists
e116739 devtool: modify: default source tree path
110f433 devtool: add: allow specifying URL as positional argument
ceaa4bf devtool: add: figure out recipe name from recipetool
ee0d5a1 devtool: add: allow source tree to be omitted
0d8751f scripts/lib/argparse_oe: handle intermixing of optional positional arguments
1bd7793 devtool: update-recipe: use correct method to get bbappend filename
2074654 devtool: split out function for naming bbappend
6acbdc9 devtool: add: tweak help text
316b57b devtool: edit-recipe: add new subcommand
ebe5f0b recipetool: create: basic extraction of name/version from filename
db5f964 recipetool: create: support extracting name and version from build scripts
6a7661b recipetool: create: set up priority system for recipe handlers
38803e3 recipetool: create: detect when specified URL returns a web page
e78a039 recipetool: create: prevent attempting to unpack entire DL_DIR
e61645b recipetool: create: minor fix for potential issue in python handling
ae2141b recipetool: create: fix do_install handling for makefile-only software
c2f1742 recipetool: create: avoid traceback on fetch error
470f20b recipetool: create: handle https://....git URLs
8e0a84c scripts: print usage in argparse-using scripts when a command-line error occurs
548d433 directfb.inc: enable bfd linker workaround for all arm targets
2381f4a devtool: sdk-update: fix traceback without update server set
7540550 classes/populate_sdk_ext: error out of install if buildtools install fails
ecce3d3 classes/populate_sdk_ext: hide build configuration in devtool build* output
fd84d0f classes/base: don't print header if BUILDCFG_HEADER not set
a4f496a classes/populate_sdk_ext: use uninative to set NATIVELSBSTRING
a6f8a3f toaster.bbclass: fix TypeError when parsing build stats
937b7fd libxcb: Add a workaround for gcc5 bug on mips
86c8b8b flex: update to 2.6.0
dad130b opkg: upgrade to v0.3.1
d2b770c systemd: remove merge conflicts accidently left in
ca69643 wic/help.py: document that mountpoint is optional for part command
5628dde pixman: check neon support via TUNE_FEATURES, not the _armv7a over-ride
9a74388 xdg-utils: Do not build the in-script documentation
520b37d gettext: Upgrade 0.19.4 -> 0.19.6
cae0e0f gcc-configure-common.inc: add gcc-runtime ABI fixes for armv7m and armv7r
cba8fb3 tune-cortexr4.inc: provide an _armv7r over-ride via MACHINEOVERRIDES
fd10723 tune-cortexm3.inc: provide an _armv7m over-ride via MACHINEOVERRIDES
b6fe440 feature-arm-thumb.inc: drop 'no-thumb-interwork' tuning feature
1d5a4cf feature-arm-thumb.inc: drop legacy _thumb and _thumb-interwork over-rides
ca64c16 feature-arm-thumb.inc: drop ARM -vs- thumb comments
95a79a5 rpm: Fix support for db5 and db6
75cec07 oe-buildenv-internal: fix return code
606c9e7 staging.bbclass: make already-stripped can be skipped
647e0e4 buildhistory-collect-srcrevs: hide empty sections
d4b5a1f selftest/buildhistory.py: Test buildhistory does not change sigs
4b83f1f gcc5: Upgrade gcc-5.2 -> gcc-5.3
0381b78 bitbake: event/utils/methodpool: Add a cache of compiled code objects
c61c1eb bitbake: BBHandler: Improve IN_PYTHON_EOF handling
2a94194 bitbake.conf: Add filename and lineno to BB_SIGNATURE_EXCLUDE_FLAGS
5f40691 bitbake: toaster: remove 2 confusing parameters
3960b6e bitbake: toaster: move setting of default values
b194c0c bitbake: toaster: move startup checks to a better place
064d2c7 bitbake: toaster: remove 2 unused functions
c505f24 bitbake: toaster: remove addtoConfiguration function
c7e4404 bitbake: toaster: updated header of the toaster script
af34920 bitbake: toaster: add MANAGE variable
563b786 bitbake: toaster: remove unused variable
aa3cc12 bitbake: toaster: split long lines, add/remove whitespace
8e4acac bitbake: toaster: check if address:port is in use
847b935 bitbake: toaster: implement checksocket command
9f3681d buildstats-summary/toaster: Cope with removal of get_bn()
522dcaa bitbake: knotty: Improve exception error message
01d67bf bitbake: knotty: Fix row/column function return value issue
6c12efa bitbake: buildinfohelper: Update for buildstats layout change
28ea1a1 bitbake: fetch: use orig localpath when calling orig method
5cb6d83 bitbake: utils: Improve traceback from better_exec internal errors
0019edc bitbake: ast/event/utils: Improve tracebacks to include file and line numbers more correctly
b14ccb2 bitbake: runqueue: Add support for <task>- syntax
5069ab6 m4: Drop unused/unreferenced patch
d7e766b toaster: Update for buildstats changes
adfdca4 buildstats: Improve to add getrusage data and corrected IO stats
3187647 buildstats: Separate out the build and task data to allow improvements
38a2553 buildstats: Clean up e.data and bb.data references
7b1e48f buildstats: Drop get_bn/set_pn and just use BUILDNAME
7837162 buildstats: Drop disk data from buildstats
030c033 nativesdk-buildtools-perl-dummy: Bump PR
e6f2761 combo-layer: Stop using filterdiff
f1f3716 meta: more removals of redunant FILES_${PN}-dbg
5fb8fea clutter-gst-3.0: add dependency on libgudev
54f01ca systemd: Upgrade to 228
63bdadc uclibc: Switch to using uclibc-ng
0b5cddd cdrtools-native: update to 3.01 final
c4dfb92 grep: update to 2.22
d8608bc procps: update to 3.3.11
52f6a01 babeltrace: update to 1.3.1
0c705d6 powertop: update to 2.8
516d8c9 nfs-utils: update to 1.3.3
9c39a4f systemtap: update to 2.9
fef0ec6 kbd: update to 2.0.3
8668e17 gmp: update to 6.1.0
86e02d0 docbook-xsl-stylesheets: fix UPSTREAM_CHECK_REGEX
f065766 mtd-utils: update to 1.5.2
5d32aeb unfs3: update to r497
4e653b5 python-numpy: update to 1.10.1
90b7212 libxml-simple-perl: update to 2.22
689db13 dmidecode: update to 3.0
d301451 cpio: update to 2.12
2bea006 puzzles: update to current commit
2d04c83 gnutls: update to 3.4.7
cf1eb2b libidn: add native and nativesdk support
dd58b3b libpng: Update SRC_URI to use GENTOO_MIRROR
b763668 libpng12: Upgrade 1.2.54 -> 1.2.55
91c92fc libical: Upgrade 1.0.0 -> 1.0.1
5c6ff26 libxslt: use proper SRC_URI
a444eb5 kexec-tools: added the script kdump
be9f7f9 ltp: Upgrade 20150420 -> 20150903
81f1e41 musl: Update to latest 1.1.12 release
c529e66 util-linux: Upgrade to 2.27.1
bdbc5ee packagegroup-core-sdk: Disable sanitizers for uclibc
692853d libsolv: add new recipe
8bba7de curl: upgrade to 7.45
2e3a172 libsndfile1: 1.0.25 -> 1.0.26
df18352 wget: Upgrade 1.16.3 -> 1.17
81eb101 unifdef: upgrade to 2.11
19c76ad sstate-sysroot-cruft: Add php, python, lua, fontcache generated files to whitelist
f80f8ba oeqa/selftest: Added testcase decorators for 2 testcases
a5dd1dd uninative.bbclass: Choose the correct loader based on BUILD_ARCH
388e580 license: Fix BB_TASKDEPDATA references
f19e8de coreutils/procps: Revert priority change since coreutils > busybox
455ff32 meta: more removals of redunant FILES_${PN}-dbg
e0890b6 meta: Drop now pointless manual -dbg packaging
b7766e4 package: Add auto package splitting of .debug files
89f13c7 meta/conf/toasterconf.json: remove SDKMACHINE variable as it no longer used
03d715e bitbake: toaster: tables Set a default order for the software recipes table
4ff0d60 bitbake: toaster: rework checking of Django version
4a78416 bitbake: toaster: monkey patch Queryset
c1c8eff bitbake: toaster: removed extra calls of migrate
507aafb bitbake: toaster: work around 'database is locked' error
322b470 bitbake: toaster: fixed format strings
84daa40 bitbake: toaster: use OneToOneField instead of ForeignKey
c464f34 bitbake: toaster: Amend regex for MySQL database URLs
f001a4a bitbake: toaster: Remove compatible_layerversions() method
0adffdf bitbake: toaster: Check Django version against toaster-requirements.txt
8d058cf bitbake: toaster: Update deprecated manage.py command
717c636 bitbake: toaster: Prevent deprecation warnings for RedirectView
0f602c1 bitbake: toaster: Update API used to make runbuilds methods run in transactions
93f5738 bitbake: toaster: rename get_query_set -> get_queryset
23c4806 bitbake: toaster: Start Django machinery for database access
7a0c45e bitbake: toaster: Create default project with get_or_create* method
9de8dfa bitbake: toaster: Fix references to app paths
535fc9b bitbake: toaster: Remove South migrations
8ca4664 bitbake: toaster: Upgrade to Django 1.8.6 and remove South
b322dec bitbake: toasterui: process SetBRBE event
0274b68 bitbake: toaster: trigger SetBRBE event
fdb8e74 bitbake: toaster: implement BitbakeController.triggerEvent
5de3800 bitbake: event: Fix subprocess event error traceback failures
0da1d71 nopackages: Add class for recipes which don't generate packages
5003d14 sstate: Ensure populate_lic dependencies are not followed
48aad51 populate_sdk_ext/sign_rpm/sign_package_feed: Add missing getVar parameter
98dcdcb autoconf: Disable macro which causes excessive delays when using dash as sh
28fa304 automake: Remove delays in configure scripts using automake
f5e681d site/common-linux: Add some macros to avoid sleeps during configure
93adf46 meta-yocto/conf/toasterconf.json: remove SDKMACHINE variable as it no longer used
b3d6872 lttng-tools: Revert wrong enforcement of Python 3.0 use
2c11bdd attr: Add patch to account for use of internal glibc header
f1c034b libpam: Fix build with musl
33bab59 openssl: Add musl configuration support
c4207ee busybox: Add config for musl
083d9d1 gettext: Delete libintl.h and charset.alias
3a0797f sysvinit: Fix build with musl
fd21402 musl: Add recipe
781d34f mtools: Use proper glibc override to add glibc packages to recommendations
1b90d67 squashfs-tools: Define FNM_EXTMATCH if not defined
36a709a mtd-utils: Backport and create patches to support musl
41fd73f gdb: Fix build with musl
1ee97d8 autoconf: Add musl support
a2ea58b gcc: Add support for building musl configuration
37c74e2 gstreamer1.0: Split bash completion information into separate package
fc32a3b attr: add attr dependency to attr-ptest
9205f0a valgrind: import Debian link_tool patch for MIPS
c27bbb4 slang: update upstream URI to (official) jedsoft.org
21e35df subversion: update to 1.9.2
39260c3 json-c: add manual upstream version check
4ff0017 mirrors: replace references to archive.apache.org
1672a18 mobile-broadband-provider-info: update to current commit
b699b15 nspr: update to 4.11
dec8d20 python-setuptools: update to 18.7.1
b3535e2 openssl: update to 1.0.2e
fce2ee7 dropbear.inc: drop legacy CFLAGS and LD tweaks
f87063b dropbear: update 2015.70 -> 2015.71
a520495 texinfo: don't create dependency on INHERIT variable
2b2774b sudo: upgrade to 1.8.15
5eb0e90 linux-firmware: update to latest revision bbe4917
c147782 bluez5: upgrade to 5.36
64c3a09 sudo: remove libdir INSANE_SKIP
b407a80 libsdl: expand PACKAGECONFIG and enable native builds
39facf9 buildtools-tarball.bb: 32bit tools need pseudo 32bit library
bc26a7d rpm: fix file conflicts for MIPS64 N32
01c0285 rpm: Enable MIPS64 N32 transactions
a742586 bash: fix testcase run-coproc/run-execscript/run-test/run-heredoc failed
a6bb872 cpio: fix test case of symlink-bad-length
787d82b linux-libc-headers: update default KORG_ARCHIVE_COMPRESSION bz2 -> xz
94c0332 linux-libc-headers.inc: remove '-e MAKEFLAGS=' from EXTRA_OEMAKE
c7ad779 gcc-4.9: import patch fixing compilation in thumb mode
1260ded gcc-5.2: import patch fixing compilation in thumb mode
b4db53a dropbear: Upgrade 2015.68 -> 2015.70
e0162c1 gcc-cross-initial: make dependency on gnu-config-native and autoconf-native explicit
fccb128 weston-init: add a native systemd unit file
a1fa8d9 python: Fix cross compiling issue
c9fdc1b icu: Upgrade 55.1 -> 56.1
95909bc kernel.bbclass: drop unnecessary 'eval' from kernel_do_configure()
ec79a19 insane: in libdir test allow libraries in libexecdir
9c0186f rootfs.py: Change logic to unistall packages
23083e7 oeqa/systemd: get runtest target boot time and log
c6330a2 oeqa/systemd: journalctl helper function
220a78b scripts: oe-selftest Added new features.
98d2485 oe-buildenv-internal: preserve existing BB_ENV_EXTRAWHITE
9cab798 toolchain-shar-extract.sh: fix ~ not working in path
f27401d nativesdk-buildtools-perl-dummy: properly set PACKAGE_ARCH
5e3e2e0 poky.conf: Bump for 2.1 development
7e8ff7b bitbake: toaster: toasterui Add ParseStarted/ParseProgress events to mask
f823601 build-appliance-image: Update to master head revision
992e577 linux-yocto: Update genericx86* BSPs to v4.1.13
b4f6950 cmake: Add nios2 support
27b9f04 boost: adjust hard-coded path after python3 upgrade
639cadd sdk.py / OpkgSdk: remove_packaging_data() after install
fd4894f devtool: extract: update SRCTREECOVEREDTASKS for kernel
34f1d81 devtool: extract: copy kernel config to srctree
6650357 lib/oe/package_manager: Introducing PACKAGE_FEED_BASE_PATHS/PACKAGE_FEED_ARCHS
d7baeb5 selftest/wic.py: Add test for custom bootloader config
8612f26 directdisk-bootloader-config.wks: Add example for custom bootloader config
c59dc3b wic/help.py: Document the new option "configfile"
7033873 wic: Allow to use a custom config for bootloaders
f95f729 wic/utils/misc.py: Added function to search for files in canned-wks
9773faa wic: Prepare wicboot to allow custom bootloader config
4515186 package_ipk: allow to specify OPKG_ARGS in local.conf
7cf7156 systemd.bbclass: Allow enabling of parameterised services
551cda0 base: check for existing prefix when expanding names in PACKAGECONFIG
c093fd8 linux-yocto/4.1: Fix kernel oops on qemuarm boot
cda3905 toolchain-shar-extract.sh: ensure cleaned environment will work for ext SDK
f9384b0 bitbake: knotty: Enforce terminal line limit to stop crazy scrolling
7a775a1 initramfs-framework: create directory /var/run
2861399 libpcre: drop UPSTREAM_CHECK_ variables
35c28e3 libpcre: upgrade to 8.38
d50ef65 libpng: update 1.6.19 -> 1.6.20 (CVE-2015-8126)
2b736f2 ghostscript: add dependency for pnglibconf.h
976f0e3 package_regex.inc: split the rest of the entries to their recipes
74bfa62 package_regex.inc: split entries which blacklist specific versions to their recipes
75c6929 package_regex.inc: split sourceforge related entries to their own recipes
cefeac2 package_regex.inc: split PyPi related entries to their own recipes
aa5df2a package_regex.inc: split Debian-related entries into their own recipes
12ba5cc package_regex.inc: split GITTAGREGEX entries into recipe files
642e92f package_regex.inc: split entries with odd-even versioning into their own recipes
96eac69 package_regex.inc: deprecate the file
b0bbea5 gstreamer: really fix the helper install race
b822216 neard: fix libdir/libexecdir confusion
cbfccc6 glibc: fix libdir/libexecdir path confusion
d0577f9 sudo: handle libexecdir != libdir/PN.
6f837cc util-linux: Add ptest
dbd02bd libav: Correctly handle prefix=""
fda9859 libav: Add PACKAGECONFIG options: avdevice, avfilter, avplay, gpl
7ba85f1 libav: Remove deprecated --disable-avserver
2739ed0 busybox: backport upstream fixes for unzip
6decbbb qt4-4.8.7: fix build for mips n32
f1e8938 gstreamer1.0: Convert tests and valgrind config opts to PACKAGECONFIGs
11b9524 cracklib: fix for base_libdir == libdir
d9f73ca libbsd: Upgrade to 0.8.0
10d6dc4 libcroco: Upgrade 0.6.8 -> 0.6.9
79b823a shared-mime-info: Upgrade 1.4 -> 1.5
f6ec8a4 xdg-utils: Upgrade to 1.1.1
a3f63f9 gsettings-desktop-schemas: Upgrade 2.16.1 -> 3.18.1
754f6b6 gnome-common: Upgrade 3.14.0 -> 3.18.0
75aba18 clutter-gtk-1.0: Upgrade 1.6.2 -> 1.6.6
c6a6212 clutter-gst-3.0: Upgrade 3.0.8 -> 3.0.14
2da6cd5 clutter-1.0: Upgrade 1.24.2
148c953 cogl-1.0: Upgrade 1.20.0 -> 1.22.0
f54d4e4 ghostscript: Add NIOS2 support
21ba42b harfbuzz: update 1.1.0 -> 1.1.2
058b91e xvideo-tests: move to the latest release
70d459c scripts/oe-pkgdata-util: sort the packages in list-pkg-files
80e3919 wic: insert local Python paths at front
9d788d7 toolchain-scripts.bbclass: unset command_not_found_handle
82ab99f waf.bbclass: remove unused parameter from get_waf_parallel_make()
68d3dfe toolchain-shar-extract.sh: proper fix for additional env setup scripts
0c5d239 base: Improve handling of switching virtual/x providers
3745479 bitbake: bitbake: rename REGEX, REGEX_URI, and GITTAGREGEX.
dd282d4 bitbake: toaster: return back 'New project' button
2a8e970 bitbake: toaster: tests Update UI tests to work with 2.0 changes
fe8a0a3 bitbake: toaster: tests Automated build-mode backend tests
0497b57 bitbake: toaster: unset environment variables
8b7a548 bitbake: toaster: get rid of complicated heuristics
556b8b6 bitbake: toaster: remove SDKMACHINE from project variables
4186f5b bitbake: toaster: stop using toaster-pre.conf
361faa3 bitbake: toaster: remove writeConfFile API
fcbba5a bitbake: toaster: set varibales on bitbake server
993bc7e bitbake: toaster: implement BitbakeController.getVariable
53e981e bitbake: toaster: buildinfohelper Broaden the toaster created recipe data case
57e5f24 bitbake: toaster: do not create duplicate HelpText objects
4c1e5ec bitbake: toaster: remove usage of BUILD_MODE variable
9902895 bitbake: toaster: do not terminate bb server
58765a8 bitbake: toaster: remove stopBBServer API
95a3cf7 bitbake: toaster: reimplemented startBBServer method
76d53b5 bitbake: toaster: remove _setupBE function
87b2f95 bitbake: toaster: implement 'toaster restart-bitbake'
891484a bitbake: toaster: implement start_bitbake function
bf25471 bitbake: toaster: implement stop_bitbake function
7c2b225 bitbake: toaster: update brbe and project attributes
de812d0 bitbake: toaster: start 'manage.py runbuilds' in the script
28e8ccf bitbake: toaster: make runbuilds to loop
a3871a3 bitbake: toaster: use parent of the build dir
2a96d35 bitbake: toaster: check for toaster configuration later
d87a534 bitbake: toaster: remove unused variable
dc6a489 bitbake: toaster: change toasterconf.json logic to use TEMPLATECONF, like oe-setup-builddir
5a42c2d bitbake: toaster: run bitbake the same way
cac91db bitbake: toaster: set DATABASE_URL in toaster script
a464bf2 bitbake: toaster: implement get-dburl command
e473151 bitbake: toaster: don't allow to run toaster as a script
4de214f bitbake: lib/bb/utils: improve edit_bblayers_conf() handling of bblayers.conf formatting
0debb11 bitbake: lib/bb/utils: fix error in edit_metadata() when deleting first line
9d19dd9 bitbake: wget.py: parse only <a> tags
71ede7b bitbake: toaster: toastergui tests Add generic test for ToasterTables widget
34b22cf bitbake: toaster: tables Fix invalid field name on NewCustomImagesTable
1c59846 bitbake: toaster: tables Add default_orderby field where it was missing or unset
d82c541 bitbake: toaster: CustomImageRecipe add search_allowed_fields to this model
bdf6241 bitbake: toaster: machines table Fix missing layers information needed for filter
b90a8dc bitbake: toaster: tablejs Make sure click handlers consume click event
c075bcf bitbake: toaster: projectpage Make sure build targets are space separated
698c74c libsdl: remove redundant configure_tweak patch
35945fd iw: upgrade to version 4.3
15969ae gstreamer1.0-plugins-good: fix PACKAGECONFIG for gudev and add one for v4l2 and libv4l2
e601b38 gstreamer1.0-plugins-bad: fix dependencies for uvch264 PACKAGECONFIG
ddf2501 gudev: Add from meta-oe
e406fa8 lsb: fix installed-vs-shipped for mips
39ecdce rpm: fix for N32 MIPS64
09b4da6 glibc/0029-fix-getmnt-empty-lines.patch: fix getmntent()
1781a9a init-install-efi: fix script for eMMC installation
f808747 init-install-efi: fix script for gummiboot loader
2a55036 linux-firmware: rtl8192cx: Add latest available firmware
b60af3b libsdl2: add missing dependency on libxkbcommon for PACKAGECONFIG[wayland]
ed31874 libxml2: upgrade to 2.9.3
ecb1c71 libxml2: merge pointless bb/inc split
19a626d openssh: redesign ssh-agent.sh regression test case
81b59e7 gcr: Require x11 DISTRO_FEATURE
934e486 psplash: update to latest git version
ccb2a57 sysvinit-inittab: Add wrapper script to verify console exists
b7f610d linux-yocto/4.1: Bluetooth:Fix the connection fail of 6lowpan over BT LE
d08e761 linux-yocto-rt/4.1: update to -rt15
6aa464c linux-yocto/4.1: fsl-mpc8315e-rdb: Enable EEPROM
bd29006 linux-yocto/4.1: update to v4.1.13
5561407 uClibc: enable utmp for shadow compatibility
533fc01 glibc: Backported a patch to fix glibc's bug(18589)
598e372 ncurses: update SRC_URI
51b64ee openssl: enable parallel make
88e45cd busybox: enable resize applet
87de4a1 busybox: disable support for mounting NFS file systems on Linux < 2.6.23
73cc839 busybox: update 1.23.2 -> 1.24.1
f8ac408 busybox: re-order defconfig to align with busybox 1.24.1
3648a37 busybox.inc: remove '-e MAKEFLAGS=' from EXTRA_OEMAKE
bf28ea9 busybox.inc: set CC=${CC} via make command line
f21dce1 busybox.inc: fix CONFIG_EXTRA_CFLAGS configmangle
6167669 busybox.inc: don't set .config CROSS_COMPILER_PREFIX
e1ecccd busybox: move EXTRA_OEMAKE etc into busybox.inc
0e63300 busybox.inc: don't export EXTRA_OEMAKE
3735776 busybox_git: Enable getopt applet
b1774f4 harfbuzz: update 1.0.6 -> 1.1.0
31f803a sqlite3: update 3.9.0 -> 3.9.2
7e3474c readline: apply missing upstream patches
99b9d52 readline: prepare for readline6.3 upstream patches
e0b6d0c dbus: merge .bb and .inc
d99958a pulseaudio: Fix HDMI profile selection
2ba954f initscripts: hide the error in case system is not writeable
4ed84ff nativesdk-buildtools-perl-dummy: fix rebuilding when SDKMACHINE changes
b8fdd09 xf86-video-vmware: Add vmwgfx PACKAGECONFIG option
dfd5c4d pkgconfig: merge .bb and .inc
61c6887 pkgconfig: upgrade to version 0.29
744e89f ofono: upgrade to version 1.17
996f843 libxml2: remove legacy LDFLAGS += "-ldl" workaround
dedabc1 apr: fix LTFLAGS to make it work with ccache
9470956 iproute2: install bridge tool by default
1b8f6a2 lttng-tools: add libgcc to RDEPENDS
22dd6e7 lttng-tools: Upgrade to 2.7 release
ef73f21 lttng-tools: Drop unused patch
c375976 lttng-ust: Upgrade to 2.7 release
f5c1b57 lttng-modules: Upgrade to 2.7 release
8d708a5 libunistring: upgrade to version 0.9.6
f840e59 libtasn1: upgrade to 4.7
012ca02 wpa-supplicant: upgrade to 2.5
872e153 mesa: Make gl libraries RRECOMMEND mesa-megadriver
a62fa23 directfb.inc: force bfd linker for armv7a
9b075ca libpng12: update to 1.2.54
6d1eb34 libpng: update to 1.6.19
92a881f orc: update to 0.4.24
2f479b1 libpcap: update to 1.7.4
bd4058f apr-util: add missing RDEPENDS for ptest
1408642 iproute2: update to 4.3.0
e677c25 ruby-native: Depend on openssl-native
9e37812 db: fix race issue for libdb-6.0.la
c19036a pango: use ptest-gnome
43b29d9 gst-plugins-bad: improve FILES variables
9fc877f gstreamer1.0-plugins-base: add PACKAGECONFIG for libvisual
7a2bb0d python3: fix building nativesdk-python3
2268a70 python3: Upgrade from 3.4.3 to 3.5
ed8d1be python-git: Add missing dependency
dee2a8c guile, mailx, gcc, opensp, gstreamer1.0-libav, libunwind: disable thumb where it fails for qemuarm
c0b822f icu: force arm mode
f42ef3f rpcbind: Security Advisory - rpcbind - CVE-2015-7236
04034e7 subversion: fix CVE-2015-3187
f91aedf subversion: fix CVE-2015-3184
40cd228 oeqa/sshcontrol: don't source profile
d39192a oeqa/runtime/multilib: refactor ELF class extraction
cc34104 oe-selftest: Enable code coverage on unit tests
06859de meta/conf/machine: use ' inside quoted values
6be94ec runqemu-internal: Replace wacom-tablet with tablet for usbdevice
0cc3810 recipetool: make plugin registration function name consistent with devtool
b381f80 recipetool: add setvar subcommand
1fbd760 lib/oe/recipeutils: refactor patch_recipe_file() to use edit_metadata()
0b850cb devtool: clarify help text
5001f23 devtool: build: enable showing default task in help
f79022d devtool: build: use bbappend to set PARALLEL_MAKE
21481bc lib/oe/recipeutils: check in validate_pn() for names instead of filenames
671f41e devtool: ensure we change back to the original dir on error
74505b4 devtool: search: print SUMMARY value
3f46af2 devtool: drop unused plugin_init() functions
176211a devtool: package: use DEPLOY_DIR_<pkgtype> to get deploy directory
0fe7426 devtool: disable creating workspace for extract and search subcommands
a360fa7 lib/oe/patch: improve extraction of patch header
f79cc4d devtool: upgrade: provide a means to update the source branch
b4d4d21 devtool: upgrade: fetch remote repository before checking out new revision
9b7d45c devtool: upgrade: remove erroneous error when not renaming recipe
9a70444 devtool: upgrade: fix updating PV and SRCREV
6a52c73 devtool: upgrade: fix removing other recipes from workspace on reset
44ef78a devtool: include do_patch in SRCTREECOVEREDTASKS
804f5b8 image.py: avoid mkdir race when building multiple images
312862f package_manager.py: define info_dir and status_file when OPKGLIBDIR isn't the default
b00f734 image.py: Avoid creating empty .env file in _write_wic_env
a88505b lib/oe/terminal: use C locale when determining version
8d784ba toolchain-shar-extract.sh: Ensure it's ran in clean environment
7f3c20f toolchain-shar-extract.sh: do not allow $ in paths for ext SDK
2d21e5d create-pull-request: handle empty ODIR
c63b36f scripts/gen-lockedsig-cache: improve output
67af6d6 wic: exec_native_cmd: implement support for pseudo
8ffba25 toolchain-shar-relocate: don't assume last state of env_setup_script is good
b8ee7ae sanity: don't enforce DISPLAY for testimage
b364183 oeqa/qemurunner: pass nographic to runqemu if DISPLAY isn't set
46755cc base: add automatic dependency on lzip-native for .lz SRC_URI
6ea39c2 base: decode SRC_URI before adding implicit fetch dependencies
eded9c2 buildhistory.bbclass: support extending the content of the build history
d95df11 license.bbclass: Create image license manifest
efdab52 license.bbclass: Add function get_deployed_files
cc0d044 license.bbclass: Added function get_deployed_dependencies
d45e10e license.bbclass: Added get_boot_dependencies function
8b1e7bc license.bbclass: Split license create manifest
1a210e6 license.bbclass: Write recipeinfo file in license folder
74c7cd5 populate_sdk_ext.bbclass: Be more permissive on the name of the buildtools
5ba6382 populate_sdk_base: Add sysroot symlink check
7fed655 classes/populate_sdk_ext: fail if SDK_ARCH != BUILD_ARCH
2948169 classes/populate_sdk_ext: tweak reporting of workspace exclusion
28a2ea7 classes/populate_sdk_ext: make it clear when SDK installation has failed
124c6aa classes/populate_sdk_ext: tidy up preparation log file writing
d348624 boot-directdisk.bbclass: remove HDDIMG before create
03f15e5 sstate: Ensure siginfo and sig files are also touched
615ccae weston: Add PACKAGECONFIG option for colord CMS
cdad67c opkg: add cache filename length fixes
2ec77de openjade-native: statically link local libs
29747d4 sysklogd: inhibit updatercd for non-sysvinit
add3451 connman: depend on readline
7a557a2 latencytop: obey LDFLAGS
8aeec87 tcf-agent: obey LDFLAGS
9025d2e blkspace: fix ldflags for iowatcher
1732a8a bluez5: enable sysvinit support
160fdd8 sysprof: use packageconfig for the gui
425d020 mc: upgrade to 4.8.15
7386647 packagegroup-core-directfb: Don't depend on pango-modules
ac5ed8e xkeyboard-config: Upgrade 2.15 -> 2.16
3a71fab xkbcomp: Upgrade 1.3.0 -> 1.3.1
b7cb308 xinput: Upgrade 1.6.1 -> 1.6.2
05eca73 xf86-video-omap: Upgrade 0.4.3 -> 0.4.4
cfcc5e5 xf86-input-synaptics: Upgrade 1.8.2 -> 1.8.3
4c9256f xf86-input-evdev: Upgrade 2.9.2 -> 2.10.0
96ddcc5 xorg-driver-input: add xorg configuration to FILES
a1003f5 xserver-xorg: Upgrade 1.17.2 -> 1.18.0
a336b8a libxcb: Remove unused git-version of the recipe
05ba0db libxcb: Upgrade 1.11 -> 1.11.1
44233d3 pixman: Upgrade 0.32.6 -> 0.32.8
7ab0466 libxi: Upgrade 1.7.4 -> 1.7.5
63feef0 gtk-icon-utils-native: Upgrade 3.16.6 -> 3.18.2
38924d9 package_regex.inc: Add gtk-icon-utils-native
060b482 gtk+3: Upgrade 3.16.6 -> 3.18.2
4f3d2b3 adwaita-icon-theme: Upgrade 3.16.2.1 -> 3.18.0
c8849ac librsvg: Upgrade 2.40.10 -> 2.40.11
81769ca pango: add RPROVIDES for removed packages
c9b06f5 pango: Upgrade 1.36.8 -> 1.38.1
ced8d49 gdk-pixbuf: Upgrade 2.30.8 -> 2.32.1
918c773 libsoup-2.4: Upgrade 2.50.0 -> 2.52.1
5bd9305 at-spi2-atk: Upgrade 2.16.0 -> 2.18.1
8eb0c8f atk-spi2-core: Upgrade 2.16.0 -> 2.18.1
78130eb atk: Upgrade 2.16.0 -> 2.18.0
e7141ab glib-networking: Upgrade 2.44.0 -> 2.46.1
fcd7494 glib-2.0: build dependency cleanup
5357764 glib-2.0: Enable more tests while cross-compiling
1e271af glib-2.0: Upgrade 2.44.1 -> 2.46.1
bc1be07 qemu: Backport malloc-trace disabling
bca5a7a logrotate: do not move binary logrotate to /usr/bin
0069c0d systemd: drop unneeded $D check in prerm
cd1f2b4 systemd: chown hwdb.bin to root:root for do_rootfs
7ca8cd9 systemd: for valgrind, define VALGRIND=1
46fa8ab systemd: make coredump a PACKAGECONFIG
ac34784 systemd: add machine-id to conffiles
04937cc systemd: ignore .so filenames in systemd-doc
6821854 systemd: fix Upstream-Status tag
82107b1 mdadm: fix CFLAGS and ptest issues
d8adfd2 gcc-4.9: Fix various _FOR_BUILD and related variables
8ae27fa devtool: add sync command
6bfa1dc boost.inc: remove unused parameter from get_boost_parallel_make()
16d7bfd wireless-tools: remove unused files
ee923bf gstreamer1.0: fix install race
0ae52c8 gcc-multilib-config: make aarch64 support multilib
8514d21 libxml2: fix CVE-2015-7942 and CVE-2015-8035
e864f71 terminal: Open a new window instead of split on older tmux versions (<1.9)
5056581 flex: fix test-bison-yylval and test-bison-yylloc failed
c54540e gdbm 1.8.3: install libgdbm_compat
b9f87ed harfbuzz: update to 1.0.6
3f75537 ethtool: bump version to 4.2
9a4da3c openssl: fix ptest issues
9163a5d base-files: stage /etc/skel
d60c5ff mktemp: raise the priority to avoid conflicting with coreutils
b06eacd libunwind: fix build for qemuarm
c4acace gma500_gfx: Avoid inserting gma500_gfx module for certain devices
6c3f680 libsndfile: fix CVE-2014-9756
aa07eb1 python-pycurl: update version to 7.19.5.2
696aa7e rt-tests: upgrade to version 0.96
6ec7dc2 rpcbind: don't use '-w' for starting rpcbind
eddd88f libsecret: add dependency on intltool-native
2e8efb1 openssl: use subdir= instead of moving files in do_configure_prepend()
036d2dc openssl: sanity check that the bignum module is present
cf366d8 libsdl2: require GLES when building Wayland support
4b38be6 meta: add some missing Upstream-Status tags to patches
42c75cd weston: delete unused patch
521fac6 glibc: fix Upstream-Status tag
44a7bbc linux-firmware: package Broadcom BCM4339 firmware
f9d51cd libusb1: fix make install race
cb01f6d libusb1: upgrade from 1.0.19 to 1.0.20
b4e6f63 perl: fix spaces in brackets while using CC version
a59d019 u-boot: Update to 2015.10 release
e67c5b0 bitbake-prserv-tool: check file name
4e2c5e1 recipetool.append: don't choke on a trailing ; in a url
a35f79d yocto-bsp: Set SRCREV meta/machine revisions to AUTOREV
9d585b5 yocto-bsp: Set KTYPE to user selected base branch
1542c2a yocto-bsp: Typo on the file extension
f674ffa yocto-bsp: Avoid duplication of user patches ({{=machine}}-user-patches.scc)
49a465c package_manager.py: Delete installed_pkgs.txt file
ace895d rootfs.py: Stop using installed_pkgs.txt
ccb1616 lib/oe/distro_check: don't set empty proxy keys
8137a84 lib/oe/copy_buildsystem: Don't expand BB_TASKDEPDATA
a6c68d8 oeqa/selftest/sstatetests: prettier output for allarch test
92328b4 oeqa/selftest/signing: Added new test for signing sstate.
fbb03a8 oeqa/selftest/signing: New test for Signing packages in the package feeds.
13a4c38 qemu.bbclass: fix vardeps of QEMU_OPTIONS
51bd011 qemu.bbclass: correct the fsl ppc QEMU_EXTRAOPTIONS
753f31e autotools: Allow recipe-individual configure scripts
e281791 allarch: Force TARGET_*FLAGS variable values
e28e17e distro/maintainers.inc: include stress package details
76d2e46 image_types: improve wks path specification
70ae7a6 insane.bbclass: Avoid libdir QA check if PACKAGE_DEBUG_SPLIT_STYLE='debug-file-directory'
cf0dfdb classes/cpan-base: fix libdir for nativesdk
a205c4c bbclass: fix spelling mistakes
cf218e5 rootfs_*.bbclass: don't add BUILDNAME to do_rootfs vardepsexclude
7d8616c insane: Don't depend on BB_TASKDEPDATA
a9cc27e kernel: fix race condition between compile_kernelmodules and shared_workdir
fecb077 classes: Ensure pass setVar/setVarFlag strings, not integers
9167f20 classes/license: fix intermittent license collection warning
43c8867 classes/metadata_scm: fix git errors showing up on non-git repositories
59b27d5 sstate: respect GPG_BIN and GPG_HOME
4415dc5 archiver.bbclass: add bbappend when do_ar_recipe kernel and gcc packages
2f0ff3a archiver.bbclass: fix previous issue regarding work-shared for linux-yocto
0cc4eef waf.bbclass: filter out non -j from PARALLEL_MAKE
95719b0 ptest-gnome: extend EXTRA_OECONF in all builds, not just target
1b25a70 yocto-project-qs, ref-manual, poky.ent: CentOS Package updates
2e649d7 dev-manual: Updated runqemu command options list
bd62289 toaster-manual: Removed SDKMACHINE from the json file example.
c674cd7 ref-manual: Updated list of supported distros.
33d8cff ref-manual: Updated the GCC 5 migration section for 2.0
d9aabf9 gcc: Drop 4.8
2cb1aee layer.conf: Correct gcc-cross dependency
88f9310 bitbake: toaster: builds pages Fix the download cooker log link
d04af8b bitbake: toaster: project pages Link to image recipes table in notifications
70465c7 bitbake: toaster: tests: Re-write some cases to make them more maintainable
536b73f bitbake: data_smart: Only support lowercase OVERRIDES
fb01a66 bitbake: fetch2: Remove crazy code in unpack
7db88aa bitbake: parse: Don't try to expand __base_depends/__depends
4c04ce0 bitbake: cache: Don't try to expand __inherit_data
9d8e36a bitbake: toaster: localhostbectrl Pass DATABASE_URL in via the process environment
4677d8b bitbake: toaster: Remove the new-build-input button widget
55f4494 bitbake: toaster: projecttopbar Use the project in context to get num builds
e9d4962 bitbake: toaster: projectpage Disable/Enable build input if we have 0 layers
5fa4c73 bitbake: toaster: orm Fix get_number_of_builds to count all apart from IN_PROGRESS
c4032f4 bitbake: codeparser: Only load the codeparser cache once
e3b66c1 maintainers: mass reassign and cleanup
37ddd3e Revert "local.conf.sample: Disable image-prelink by default"
9cc221d yocto-bsp: Default kernel version to 4.1 on x86_64
7100c42 scripts: runqemu: remove QEMUARCH from help message
f47e4ad cairo: update 1.14.2 -> 1.14.4
603b4de cairo.inc: drop obsolete CFLAGS += "-ffat-lto-objects" workaround
e8833a6 cmake: update 3.3.1 -> 3.3.2
8b2b068 oe-selftest: add test for bitbake-layers show-recipes
480bbae oeqa/selftest/layerappend: fix test if build directory is not inside COREBASE
a301f6e oeqa/selftest/devtool: fix test if build directory is not inside COREBASE
fd6bf77 classes/distrodata: split SRC_URI properly before determining type
7cebff6 classes/buildhistory: split package history values only once
10fc534 conf/distro/include: drop old recipes from include files
37cfd80 gitignore: fix overzealous exclusion
1f6599b meta: Fix typos in Upstream-Status labels
7cace4c meta/conf/layer.conf: fix typo
ca8e1e5 texinfo-dummy-native: set SUMMARY instead of DESCRIPTION
64cd113 gstreamer1.0-meta-base: set SUMMARY instead of DESCRIPTION
1d42d59 mmc-utils: set SUMMARY instead of DESCRIPTION
6692540 swig: set SUMMARY instead of DESCRIPTION
47ae8eb alsa-plugins: set SUMMARY instead of DESCRIPTION
eac5fa9 tzcode-native: set SUMMARY instead of DESCRIPTION
0a30a1f linux-yocto.inc: set SUMMARY instead of DESCRIPTION
19e1a73 python-nose: add SUMMARY
b5f58c1 stress: add SUMMARY
5f9392a libunwind: add SUMMARY
1460e01 gptfdisk: add SUMMARY
0821c36 verify-homepage: fix recipe file selection
0c48921 verify-homepage: tidy up output and comments
0e348e7 verify-homepage: get expanded HOMEPAGE value
caaca00 verify-homepage: use scriptpath to find bitbake path
649b6bc libaio: don't disable linking to the system libraries
11a9c24 runqemu: don't specify IP when starting a VNC server
3b95964 qemurunner: Remove the timeout in run_serial
bbd6d07 libxslt: CVE-2015-7995
a0d2ea9 gstreamer1.0-rtsp-server: upgrade to version 1.6.1
2459ec2 gstreamer1.0-libav: upgrade to version 1.6.1
bce06e7 gstreamer1.0-plugins-ugly: upgrade to version 1.6.1
0ec3c62 gstreamer1.0-plugins-bad: upgrade to version 1.6.1
ba1bc63 gstreamer1.0-plugins-good: upgrade to version 1.6.1
4a55d12 gstreamer1.0-plugins-base: upgrade to version 1.6.1
8360f23 gstreamer1.0: upgrade to version 1.6.1
8800033 prelink: Fix various prelink issues on IA32, ARM, and MIPS.
920fb96 gcc: Update default Power GCC settings to use secure-plt
7b1763a glibc: Fix ld.so / prelink interface for ELF_RTYPE_CLASS_EXTERN_PROTECTED_DATA
e63e191 qemurunner: Enable timestamps on kernel boot-up
a1ca788 openssl: fix mips64 configure support
5a10a6f at: modify sources in do_patch
78e0598 unzip: rename patch to reflect CVE fix
b80935a readline: rename patch to contain CVE reference
86d84ff qemu: upgrade to 2.4.0.1
4f0d756 gnome-desktop-testing: fix ptest output format
834de84 default-distrovars: remove less from WHITELIST_GPL-3.0
29bba95 lsof: don't export EXTRA_OEMAKE
3d37768 cmake.bbclass: don't duplicate CMAKE_C_FLAGS in CMAKE_C_FLAGS_RELEASE
efc07c2 rm_work.bbclass: Exclude do_rootfs stamp removal
5f9d16b cairo: fix license for cairo-script-interpreter
7328479 openssh: enable X11Forwarding if distro feature x11 is set
adeb820 acpid: Upgrade to 2.0.25
781dfd8 libidn: 1.30 -> 1.32
351c69a sqlite: 3.8.10.2 -> 3.9.0
c0fe43c rt-tests: bump to v0.94
cf972f9 gbm: Fix "configure: error: gbm requires --enable-dri"
17733cc xinetd: install xinetd supported services configuration
aa1844e combo-layer: introduce ability to exclude component from mass update
dcc446f linux-dtb.inc: refactor common code to function get_real_dtb_path_in_kernel
af9c7a4 linux-dtb.inc: refactor common code to function normalize_dtb
7eecb81 linux-dtb.inc: explicit test for empty string not needed
54df911 ptest-runner: Allow running of specific tests
54325b2 oeqa/testimage: Add support for test folder export.
ecbe135 oeqa/runtime/multilib: run the arch tests on connmand not connman-applet
2d1071e oeqa/runtime: remove dmesg test
42a5378 nfs-utils/statd: fix a segfault
77e3246 qemu: enable user mode for mips64 and mips64el
70600fb gnupg: fix find-version for beta checking
ab123ef rpm: define EM_AARCH64 for debugedit
af8c136 xserver-xorg: drop empty ${PN}-security-policy package
b667067 xserver-xorg: add Xwayland RRECOMMENDS
80f4d71 weston: add a PACKAGECONFIG option for xwayland support
883ab0f systemd: make dbus an optional build time dependency
2c5047f weston: add PACKAGECONFIG to build with systemd-login support
65ffeb5 systemd: add PACKAGECONFIG to build with compatibility libraries
4b29c80 os-release: put double-quotes around variable contents
0f516a5 cpio: fix testcase symlink-bad-lengths [ LIN8-947 ]
bceb9cb cpio: Fix symlink-bad-length test for 64-bit [ LIN8-947 ] architectures.
0ff3fc7 gtk+3: fix ALTERNATIVE_PRIORITY conflict with gtk+
eca12a6 coreutils: fix ALTERNATIVE_PRIORITY conflict with procps and mktemp
8de5315 util-linux: fix ALTERNATIVE_PRIORITY conflict with ncurses procps and e2fsprogs
3befb43 console-tools: fix ALTERNATIVE_PRIORITY conflict with kbd
5385ea8 debianutils: fix ALTERNATIVE_PRIORITY conflict with which
3a0bd40 linux-dtb.inc: use same variable name DTB for all elements of KERNEL_DEVICETREE
a879312 linux-dtb.inc: remove unneeded 'cd'
a23d1ca webkitgtk: Add upstream patch to fix build problem
69836e8 python: don't append -D__SOFTFP__ to TARGET_CC_ARCH for armv6/armv7a
38d1d63 prexport.bbclass: avoid export for native and crosssdk
d3da006 recipes: add distro_features_check for some packages
63690f0 scons.bbclass: SCons packages don't require do_configure
bffdc65 busybox: Schedule mdev after mountall
13ce7c2 busybox: Fix mdev block device automounting
b09f0f2 libarchive: rename patch to reflect CVE
116360f binutils: Fix XLP / Octeon 3 instruction clash
fd4f4d2 binutils: Fix octeon3 disassembly patch
REVERT: b1f23d1 build-appliance-image: Update to jethro head revision
REVERT: 7fe17a2 qemu: Security fix CVE-2016-2198
REVERT: 50700a7 qemu: Security fix CVE-2016-2197
REVERT: 1f0e615 libgcrypt: Security fix CVE-2015-7511
REVERT: dc5f155 uclibc: Security fix CVE-2016-2225
REVERT: ef13511 uclibc: Security fix CVE-2016-2224
REVERT: ae57ea0 libbsd: Security fix CVE-2016-2090
REVERT: eb9666a glibc: Security fix CVE-2015-7547
REVERT: 5b12268 build-appliance-image: Update to jethro head revision
REVERT: a3a374a curl: Secuirty fix CVE-2016-0755
REVERT: f4341a9 curl: Security fix CVE-2016-0754
REVERT: 35f4306 nettle: Security fix CVE-2015-8804
REVERT: 3e8a07b nettle: Security fix CVE-2015-8803 and CVE-2015-8805
REVERT: 5ffc326 socat: Security fix CVE-2016-2217
REVERT: 5cc5f99 libpng: Security fix CVE-2015-8472
REVERT: 21a816c libpng: Security fix CVE-2015-8126
REVERT: 6a0fbfa foomatic-filters: Security fixes CVE-2015-8327
REVERT: d57aaf7 foomatic-filters: Security fix CVE-2015-8560
REVERT: 941874a build-appliance-image: Update to jethro head revision
REVERT: d74a3cb cross-localedef-native: add ABI breaking glibc patch
REVERT: 12fae23 build-appliance-image: Update to jethro head revision
REVERT: 67ac9d6 e2fsprogs: Ensure we use the right mke2fs.conf when restoring from sstate
REVERT: 5812fc9 build-appliance-image: Update to jethro head revision
REVERT: 3de2492 ref-manual: Updated host package install requirements CentOS
REVERT: 79de8cf toaster-manual: Updated the "Installation" to have TOASTER_DIR information
REVERT: a23d262 toaster-manual: Updated instructions for production setup.
REVERT: b6def81 linux-yocto: Update SRCREV for genericx86* for 4.1, fixes CVE-2016-0728
REVERT: db0f8ac linux-yocto: Update SRCREV for genericx86* for 3.19, fixes CVE-2016-0728
REVERT: c8122a0 linux-yocto: Update SRCREV for genericx86* for 3.14, fixes CVE-2016-0728
REVERT: cdeb241 meta-yocto-bsp: Remove uvesafb (v86d) from generic x86 features
REVERT: 52cd219 yocto-bsp: Set SRCREV meta/machine revisions to AUTOREV
REVERT: a88d6cb yocto-bsp: Set KTYPE to user selected base branch
REVERT: 4e74b36 yocto-bsp: Avoid duplication of user patches ({{=machine}}-user-patches.scc)
REVERT: 6680773 yocto-bsp: Default kernel version to 4.1 on x86_64
REVERT: 4c075e7 piglit: don't use /tmp to write generated sources to
REVERT: ee52ac6 gen-lockedsig-cache: fix bad destination path joining
REVERT: e9f95df linux-yocto: Update SRCREV for qemux86* for 4.1, fixes CVE-2016-0728
REVERT: e63bab1 linux-yocto: Update SRCREV for qemux86* for 3.19, fixes CVE-2016-0728
REVERT: 64a4920 linux-yocto: Update SRCREV for qemux86* for 3.14, fixes CVE-2016-0728
REVERT: 5b043da libpng12: update URL that no longer exists
REVERT: 655c8a5 libpng: update URL that no longer exists
REVERT: 96fda8c busybox: fix build of last applet
REVERT: ae037d9 ghostscript: add dependency for pnglibconf.h
REVERT: 26eb877 gcr: Require x11 DISTRO_FEATURE
REVERT: e632cdb uClibc: enable utmp for shadow compatibility
REVERT: e8c9613 git: Security fix CVE-2015-7545
REVERT: 108ea6d glibc-locale: fix QA warning
REVERT: 9a88c1d grub: Security fix CVE-2015-8370
REVERT: 443b09a gdk-pixbuf: Security fix CVE-2015-7674
REVERT: 6c91068 librsvg: Security fix CVE-2015-7558
REVERT: 9fd2349 bind: Security fix CVE-2015-8461
REVERT: 5a40d9f bind: Security fix CVE-2015-8000
REVERT: 1bbf183 libxml2: Security fix CVE-2015-8710
REVERT: 2ec6d1d libxml2: Security fix CVE-2015-8241
REVERT: 55aafb5 dpkg: Security fix CVE-2015-0860
REVERT: 029948b tzdata: update to 2016a
REVERT: 2bcf141 tzcode: update to 2016a
REVERT: cc3a391 kernel-yocto: fix checkout bare-cloned kernel repositories
REVERT: 049be17 libpcre: bug fixes include security
REVERT: 5e94ac7 qemu: Security fix CVE-2015-7295
REVERT: 7ee1828 qemu: Security fix CVE-2016-1568
REVERT: ca6ec2e qemu: Security fix CVE-2015-8345
REVERT: b55a677 qemu: Security fix CVE-2015-7512
REVERT: 4922f47 qemu: Security fix CVE-2015-7504
REVERT: 3ec0e95 qemu: Security fix CVE-2015-8504
REVERT: 942ce53 openssl: Security fix CVE-2016-0701
REVERT: ce8ae1c openssl: Security fix CVE-2015-3197
REVERT: 080e027 tiff: Security fix CVE-2015-8784
REVERT: c6ae9c1 tiff: Security fix CVE-2015-8781
REVERT: 049b7db bind: CVE-2015-8704 and CVE-2015-8705
REVERT: d632a92 rpmresolve.c: Fix unfreed pointers that keep DB opened
REVERT: 5b993ed openssh: CVE-2016-1907
REVERT: 27ee5b4 glibc: CVE-2015-8776
REVERT: a4134af glibc: CVE-2015-9761
REVERT: e10ec6f glibc: CVE-2015-8779
REVERT: a5a965d glibc: CVE-2015-8777.patch
REVERT: 2fb7ee2 bitbake: toaster: make runbuilds loop
REVERT: b9ad87b nativesdk-buildtools-perl-dummy: Bump PR
REVERT: 0a1c63a nativesdk-buildtools-perl-dummy: properly set PACKAGE_ARCH
REVERT: d4b400e nativesdk-buildtools-perl-dummy: fix rebuilding when SDKMACHINE changes
REVERT: 8c8c4ed Revert "gstreamer1.0-plugins-good.inc: add gudev back to PACKAGECONFIG"
REVERT: b832202 Revert "gstreamer: Deal with merge conflict which breaks systemd builds"
REVERT: dd0ba9e build-appliance-image: Update to jethro head revision
REVERT: 325d205 gstreamer: Deal with merge conflict which breaks systemd builds
REVERT: 53b114b build-appliance-image: Update to jethro head revision
REVERT: 02be35d poky.conf: Bump version for 2.0.1 jethro release
REVERT: f5551f8 ref-manual: Updated the list of supported image types.
REVERT: aa179ae dev-manual: Added three new wic option descriptions.
REVERT: 20007c8 dev-manual: Added the --overhead-factor wic option description.
REVERT: 2dd7f46 dev-manual: Added the --extra-space wic option description.
REVERT: 81cc737 dev-manual: Added wic --notable option description.
REVERT: 2b1dce5 dev-manual:
REVERT: a6f5293 kernel/kernel-arch: Explicitly mapping between i386/x86_64 and x86 for kernel ARCH
REVERT: e79a538 openssh: update to 7.1p2
REVERT: b171076 devtool: reset: do clean for multiple recipes at once with -a
REVERT: 255115f devtool: sdk-update: fix error checking
REVERT: 3f69105 devtool: sdk-update: fix metadata update step
REVERT: 5ba94af devtool: sdk-update: fix not using updateserver config file option
REVERT: d03d145 classes/populate_sdk_ext: disable signature warnings
REVERT: 00ff950 classes/populate_sdk_ext: fix cascading from preparation failure
REVERT: 22446c6 scripts/oe-publish-sdk: add missing call to git update-server-info
REVERT: 8597a61 devtool: use cp instead of shutil.copytree
REVERT: 95cc641 buildhistory: fix not recording SDK information
REVERT: 84d48ac recipetool: create: fix error when extracting source to a specified directory
REVERT: 4369329 recipetool: create: detect when specified URL returns a web page
REVERT: 4c3191f recipetool: create: prevent attempting to unpack entire DL_DIR
REVERT: caca77e recipetool: create: fix do_install handling for makefile-only software
REVERT: 383159e recipetool: create: avoid traceback on fetch error
REVERT: be40baa recipetool: create: handle https://....git URLs
REVERT: a897bfd devtool: sdk-update: fix traceback without update server set
REVERT: 9c4b61e classes/populate_sdk_ext: error out of install if buildtools install fails
REVERT: 4c07dd2 gstreamer1.0-plugins-good.inc: add gudev back to PACKAGECONFIG
REVERT: 83b72d8 linux-yocto: Update Genericx86* BSP to 4.1.15 kernel
REVERT: 44639bd libaio: don't disable linking to the system libraries
REVERT: a0be9bd linux-yocto/4.1: update to v4.1.15
REVERT: 53f0290 libxml2: security fix CVE-2015-5312
REVERT: f4b0c49 libxml2: security fix CVE-2015-8242
REVERT: fb409c9 libxml2: security fix CVE-2015-7500
REVERT: 55d097a libxml2: security fix CVE-2015-7499
REVERT: 8e6b2d6 libxml2: security fix CVE-2015-7497
REVERT: 332eb1d libxml2: security fix CVE-2015-7498
REVERT: cbc4e83 libxml2: security fix CVE-2015-8035
REVERT: c4b71e1 libxml2: security fix CVE-2015-7942
REVERT: fdea03d libxml2: security fix CVE-2015-8317
REVERT: 6fc1109 libxml2: security fix CVE-2015-7941
REVERT: 9eb4ce0 openssl: fix for CVE-2015-3195
REVERT: 6880f82 openssl: fix for CVE-2015-3194
REVERT: 7dcaa84 openssl: fix for CVE-2015-3193
REVERT: 435139b logrotate: do not move binary logrotate to /usr/bin
REVERT: 5f49c0a cairo: fix license for cairo-script-interpreter
REVERT: a29ec81 glibc: Fix ld.so / prelink interface for ELF_RTYPE_CLASS_EXTERN_PROTECTED_DATA
REVERT: b1e980f gcc: Update default Power GCC settings to use secure-plt
REVERT: ed82690 prelink: Fix various prelink issues on IA32, ARM, and MIPS.
REVERT: 9a620da autotools: Allow recipe-individual configure scripts
REVERT: f828071 toolchain-scripts.bbclass: unset command_not_found_handle
REVERT: 49858bd devtool: upgrade: fetch remote repository before checking out new revision
REVERT: d213452 devtool: upgrade: remove erroneous error when not renaming recipe
REVERT: fec97f6 devtool: upgrade: fix updating PV and SRCREV
REVERT: 3b4f659 devtool: upgrade: fix removing other recipes from workspace on reset
REVERT: 61a7de0 devtool: include do_patch in SRCTREECOVEREDTASKS
REVERT: 82c0072 toolchain-shar-extract.sh: do not allow $ in paths for ext SDK
REVERT: f181e72 scripts/gen-lockedsig-cache: improve output
REVERT: 4b5d4ca toolchain-shar-extract.sh: proper fix for additional env setup scripts
REVERT: d2ea8f1 toolchain-shar-relocate: don't assume last state of env_setup_script is good
REVERT: 02ef437 populate_sdk_ext.bbclass: Be more permissive on the name of the buildtools
REVERT: 3653b17 classes/populate_sdk_ext: fail if SDK_ARCH != BUILD_ARCH
REVERT: 8879571 classes/populate_sdk_ext: tweak reporting of workspace exclusion
REVERT: eeda3c6 classes/populate_sdk_ext: make it clear when SDK installation has failed
REVERT: dee9fbe classes/populate_sdk_ext: tidy up preparation log file writing
REVERT: d001d46 classes/license: fix intermittent license collection warning
REVERT: 777451c classes/metadata_scm: fix git errors showing up on non-git repositories
REVERT: cb0ca72 oeqa/selftest/layerappend: fix test if build directory is not inside COREBASE
REVERT: 8970ad6 oeqa/selftest/devtool: fix test if build directory is not inside COREBASE
REVERT: 4f7fdd0 classes/distrodata: split SRC_URI properly before determining type
REVERT: 3b7df55 uninative.bbclass: Choose the correct loader based on BUILD_ARCH
REVERT: f3d7c3f openssl: sanity check that the bignum module is present
REVERT: 96b1b5c glibc: Backported a patch to fix glibc's bug(18589)
REVERT: 7aecb57 directfb.inc: force bfd linker for armv7a
REVERT: 75ca2c8 texinfo: don't create dependency on INHERIT variable
REVERT: 02c7b3f package_manager.py: define info_dir and status_file when OPKGLIBDIR isn't the default
REVERT: 003c94f libsdl2: require GLES when building Wayland support
REVERT: ad6db01 gst-plugins-bad: add PACKAGECONFIGs for voamrwbenc, voaacenc, resindvd
REVERT: f0d87fe gstreamer1.0-plugins-good: fix PACKAGECONFIG for gudev and add one for v4l2 and libv4l2
REVERT: 35f34a6 gstreamer1.0-plugins-bad: fix dependencies for uvch264 PACKAGECONFIG
REVERT: 3b77e20 gstreamer1.0-plugins-{base,good}: update PACKAGECONFIGs
REVERT: e2d4412 libunwind: fix build for qemuarm
REVERT: ef69078 guile, mailx, gcc, opensp, gstreamer1.0-libav, libunwind: disable thumb where it fails for qemuarm
REVERT: 4700e40 icu: force arm mode
REVERT: 743ee04 libxcb: Add a workaround for gcc5 bug on mips
REVERT: 8a3deca bitbake: fetch: use orig localpath when calling orig method
REVERT: 0073b23 yocto-bsp: Typo on the file extension
REVERT: 71dbbcd bsp-guide: Updated the license statement.
REVERT: 41f1026 dev-manual: Correction to the KVM stuff in the runqemu commands.
REVERT: 38e3c6e mega-manual: Added four new figures for GUI example.
REVERT: b99ec28 poky.ent: Fixed POKYVERSION variable.
REVERT: c670dc7 yocto-project-qs, ref-manual, poky.ent: CentOS Package updates
REVERT: b968190 dev-manual: Updated runqemu command options list
REVERT: 1278753 toaster-manual: Removed SDKMACHINE from the json file example.
REVERT: 7b25b70 ref-manual: Updated list of supported distros.
REVERT: d9423fb ref-manual: Updated the GCC 5 migration section for 2.0
REVERT: 347347a bitbake: lib/bb/utils: improve edit_bblayers_conf() handling of bblayers.conf formatting
REVERT: 5935783 bitbake: lib/bb/utils: fix error in edit_metadata() when deleting first line
REVERT: 7fdad70 rpcbind: Security Advisory - rpcbind - CVE-2015-7236
REVERT: 0cb2fa5 subversion: fix CVE-2015-3187
REVERT: 5b52e9b subversion: fix CVE-2015-3184
REVERT: 59bdde4 linux-firmware: rtl8192cx: Add latest available firmware
REVERT: 8ad2bcc init-install-efi: fix script for gummiboot loader
REVERT: c3087bd init-install-efi: fix script for eMMC installation
REVERT: d2bf9fb pulseaudio: Fix HDMI profile selection
REVERT: 0556c58 allarch: Force TARGET_*FLAGS variable values
REVERT: e683dac libsndfile: fix CVE-2014-9756
REVERT: 092757e libxslt: CVE-2015-7995
REVERT: dab5555 unzip: rename patch to reflect CVE fix
REVERT: 1753d4a readline: rename patch to contain CVE reference
REVERT: 9dd3422 libarchive: rename patch to reflect CVE
REVERT: 1401976 binutils: Fix octeon3 disassembly patch
REVERT: a54a0db opkg: add cache filename length fixes
git-subtree-dir: yocto-poky
git-subtree-split: 8358e543ab95a1d2b1d19c1e944275daa17378c1
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Diffstat (limited to 'yocto-poky/meta/recipes-connectivity')
99 files changed, 7255 insertions, 2509 deletions
diff --git a/yocto-poky/meta/recipes-connectivity/avahi/avahi-ui_0.6.31.bb b/yocto-poky/meta/recipes-connectivity/avahi/avahi-ui_0.6.32.bb index 0d42b90e7..3966b4c6e 100644 --- a/yocto-poky/meta/recipes-connectivity/avahi/avahi-ui_0.6.31.bb +++ b/yocto-poky/meta/recipes-connectivity/avahi/avahi-ui_0.6.32.bb @@ -9,37 +9,32 @@ require avahi.inc inherit python-dir pythonnative distro_features_check ANY_OF_DISTRO_FEATURES = "${GTK2DISTROFEATURES}" -PACKAGECONFIG ??= "python" +PACKAGECONFIG ??= "dbus python" PACKAGECONFIG[python] = "--enable-python,--disable-python,python-native python" -PR = "${INC_PR}.0" - -SRC_URI[md5sum] = "2f22745b8f7368ad5a0a3fddac343f2d" -SRC_URI[sha256sum] = "8372719b24e2dd75de6f59bb1315e600db4fd092805bd1201ed0cb651a2dab48" +SRC_URI[md5sum] = "22b5e705d3eabb31d26f2e1e7b074013" +SRC_URI[sha256sum] = "d54991185d514a0aba54ebeb408d7575b60f5818a772e28fa0e18b98bc1db454" DEPENDS += "avahi gtk+ libglade" -AVAHI_GTK = "--enable-gtk --disable-gtk3" +AVAHI_GTK = "--enable-gtk --disable-gtk3 --disable-pygtk" S = "${WORKDIR}/avahi-${PV}" -PACKAGES = "${PN} ${PN}-utils ${PN}-dbg ${PN}-dev ${PN}-staticdev ${PN}-doc python-avahi avahi-discover avahi-discover-standalone" +PACKAGES = "${PN} ${PN}-utils ${PN}-dbg ${PN}-dev ${PN}-staticdev ${PN}-doc python-avahi avahi-discover" FILES_${PN} = "${libdir}/libavahi-ui*.so.*" -FILES_${PN}-dbg += "${libdir}/.debug/libavah-ui*" FILES_${PN}-dev += "${libdir}/libavahi-ui${SOLIBSDEV}" FILES_${PN}-staticdev += "${libdir}/libavahi-ui.a" FILES_${PN}-utils = "${bindir}/b* ${datadir}/applications/b*" FILES_python-avahi = "${PYTHON_SITEPACKAGES_DIR}/avahi ${PYTHON_SITEPACKAGES_DIR}/avahi_discover" -FILES_avahi-discover = "${bindir}/avahi-discover \ - ${datadir}/applications/avahi-discover.desktop \ - ${datadir}/avahi/interfaces/avahi-discover*" -FILES_avahi-discover-standalone = "${bindir}/avahi-discover-standalone \ - ${datadir}/avahi/interfaces/avahi-discover.glade" +FILES_avahi-discover = "${datadir}/applications/avahi-discover.desktop \ + ${datadir}/avahi/interfaces/avahi-discover* \ + ${bindir}/avahi-discover-standalone \ + ${datadir}/avahi/interfaces/avahi-discover.glade" -RDEPENDS_avahi-discover = "python-avahi python-pygtk" RDEPENDS_python-avahi = "python-core python-dbus" @@ -69,5 +64,7 @@ do_install_append () { rm ${D}${mandir}/man1/a* rm ${D}${mandir}/man5 -rf rm ${D}${mandir}/man8 -rf + rm ${D}${libdir}/girepository-1.0/ -rf + rm ${D}${datadir}/gir-1.0/ -rf } diff --git a/yocto-poky/meta/recipes-connectivity/avahi/avahi.inc b/yocto-poky/meta/recipes-connectivity/avahi/avahi.inc index 825197d61..81aad7935 100644 --- a/yocto-poky/meta/recipes-connectivity/avahi/avahi.inc +++ b/yocto-poky/meta/recipes-connectivity/avahi/avahi.inc @@ -7,27 +7,24 @@ configuration from the link-local 169.254.0.0/16 range without the need for a ce server.' AUTHOR = "Lennart Poettering <lennart@poettering.net>" HOMEPAGE = "http://avahi.org" -BUGTRACKER = "http://avahi.org/report" +BUGTRACKER = "https://github.com/lathiat/avahi/issues" SECTION = "network" # major part is under LGPLv2.1+, but several .dtd, .xsl, initscripts and # python scripts are under GPLv2+ LICENSE = "GPLv2+ & LGPLv2.1+" -INC_PR = "r11" +DEPENDS = "expat libcap libdaemon glib-2.0 intltool-native" -DEPENDS = "expat libcap libdaemon dbus glib-2.0" - -SRC_URI = "http://avahi.org/download/avahi-${PV}.tar.gz \ +SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV}.tar.gz \ file://00avahi-autoipd \ file://99avahi-autoipd \ file://initscript.patch \ - file://avahi_fix_install_issue.patch \ - file://fix_for_automake_1.12.x.patch \ - file://out-of-tree.patch \ - file://0001-avahi-fix-avahi-status-command-error-prompt.patch \ - file://reuseport-check.patch \ " +UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/" + +PACKAGECONFIG ??= "dbus" +PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus" USERADD_PACKAGES = "avahi-daemon avahi-autoipd" USERADD_PARAM_avahi-daemon = "--system --home /var/run/avahi-daemon \ @@ -40,10 +37,9 @@ USERADD_PARAM_avahi-autoipd = "--system --home /var/run/avahi-autoipd \ -c \"Avahi autoip daemon\" \ avahi-autoipd" -inherit autotools pkgconfig update-rc.d gettext useradd +inherit autotools pkgconfig update-rc.d gettext useradd gobject-introspection -EXTRA_OECONF = "--disable-introspection \ - --with-avahi-priv-access-group=adm \ +EXTRA_OECONF = "--with-avahi-priv-access-group=adm \ --disable-stack-protector \ --disable-gdbm \ --disable-mono \ @@ -52,6 +48,7 @@ EXTRA_OECONF = "--disable-introspection \ --disable-qt4 \ --disable-python \ --disable-doxygen-doc \ + --disable-manpages \ ${EXTRA_OECONF_SYSVINIT} \ ${EXTRA_OECONF_SYSTEMD} \ ${AVAHI_GTK} \ @@ -68,8 +65,14 @@ LDFLAGS_append_uclinux-uclibc = " -lintl" do_configure_prepend() { sed 's:AM_CHECK_PYMOD:echo "no pymod" #AM_CHECK_PYMOD:g' -i ${S}/configure.ac + + # This m4 file will get in the way of our introspection.m4 with special cross-compilation fixes + rm "${S}/common/introspection.m4" || true } +do_compile_prepend() { + export GIR_EXTRA_LIBS_PATH="${B}/avahi-common/.libs:${B}/avahi-client/.libs:${B}/avahi-glib/.libs" +} PACKAGES =+ "avahi-daemon libavahi-common libavahi-core libavahi-client avahi-dnsconfd libavahi-glib libavahi-ui avahi-autoipd avahi-utils" @@ -82,7 +85,7 @@ FILES_avahi-autoipd = "${sbindir}/avahi-autoipd \ ${sysconfdir}/udhcpc.d/00avahi-autoipd \ ${sysconfdir}/udhcpc.d/99avahi-autoipd" FILES_libavahi-common = "${libdir}/libavahi-common.so.*" -FILES_libavahi-core = "${libdir}/libavahi-core.so.*" +FILES_libavahi-core = "${libdir}/libavahi-core.so.* ${libdir}/girepository-1.0/AvahiCore*.typelib" FILES_avahi-daemon = "${sbindir}/avahi-daemon \ ${sysconfdir}/avahi/avahi-daemon.conf \ ${sysconfdir}/avahi/hosts \ @@ -99,7 +102,7 @@ FILES_avahi-dnsconfd = "${sbindir}/avahi-dnsconfd \ ${sysconfdir}/avahi/avahi-dnsconfd.action \ ${sysconfdir}/init.d/avahi-dnsconfd" FILES_libavahi-glib = "${libdir}/libavahi-glib.so.*" -FILES_libavahi-gobject = "${libdir}/libavahi-gobject.so.*" +FILES_libavahi-gobject = "${libdir}/libavahi-gobject.so.* ${libdir}/girepository-1.0/Avahi*.typelib" FILES_avahi-utils = "${bindir}/avahi-*" RDEPENDS_${PN}-dev = "avahi-daemon (= ${EXTENDPKGV}) libavahi-core (= ${EXTENDPKGV}) libavahi-client (= ${EXTENDPKGV})" @@ -130,7 +133,7 @@ do_install() { rm -rf ${D}${localstatedir}/run rmdir --ignore-fail-on-non-empty ${D}${localstatedir} rm -rf ${D}${datadir}/dbus-1/interfaces - rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1 + test -d ${D}${datadir}/dbus-1 && rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1 rm -rf ${D}${libdir}/avahi install -d ${D}${sysconfdir}/udhcpc.d diff --git a/yocto-poky/meta/recipes-connectivity/avahi/avahi_0.6.31.bb b/yocto-poky/meta/recipes-connectivity/avahi/avahi_0.6.32.bb index 5d796a202..6670106b1 100644 --- a/yocto-poky/meta/recipes-connectivity/avahi/avahi_0.6.31.bb +++ b/yocto-poky/meta/recipes-connectivity/avahi/avahi_0.6.32.bb @@ -12,10 +12,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \ file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \ file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf" -PR = "${INC_PR}.1" - -SRC_URI[md5sum] = "2f22745b8f7368ad5a0a3fddac343f2d" -SRC_URI[sha256sum] = "8372719b24e2dd75de6f59bb1315e600db4fd092805bd1201ed0cb651a2dab48" +SRC_URI[md5sum] = "22b5e705d3eabb31d26f2e1e7b074013" +SRC_URI[sha256sum] = "d54991185d514a0aba54ebeb408d7575b60f5818a772e28fa0e18b98bc1db454" DEPENDS += "intltool-native" diff --git a/yocto-poky/meta/recipes-connectivity/avahi/files/0001-avahi-fix-avahi-status-command-error-prompt.patch b/yocto-poky/meta/recipes-connectivity/avahi/files/0001-avahi-fix-avahi-status-command-error-prompt.patch deleted file mode 100644 index 7590df79f..000000000 --- a/yocto-poky/meta/recipes-connectivity/avahi/files/0001-avahi-fix-avahi-status-command-error-prompt.patch +++ /dev/null @@ -1,52 +0,0 @@ -From f774ac25f436a782ccccc4dbe68378a684596799 Mon Sep 17 00:00:00 2001 -From: Lu Chong <Chong.Lu@windriver.com> -Date: Thu, 7 Nov 2013 14:36:28 +0800 -Subject: [PATCH] avahi: fix avahi status command error prompt - -service --status-all command will display wrong status for avahi-daemon. -This commit fix this error prompt and make service display right status -for avahi-daemon. - -Upstream-Status: Pending - -Signed-off-by: Lu Chong <Chong.Lu@windriver.com> ---- - initscript/debian/avahi-daemon.in | 14 +++++++++++--- - 1 file changed, 11 insertions(+), 3 deletions(-) - -diff --git a/initscript/debian/avahi-daemon.in b/initscript/debian/avahi-daemon.in -index 4793b46..49ec358 100755 ---- a/initscript/debian/avahi-daemon.in -+++ b/initscript/debian/avahi-daemon.in -@@ -153,7 +153,15 @@ d_reload() { - # Function that check the status of the daemon/service. - # - d_status() { -- $DAEMON -c && echo "$DESC is running" || echo "$DESC is not running" -+ $DAEMON -c -+ status=$? -+ if [ $status = 0 ]; then -+ echo "$DESC is running" -+ return 0 -+ else -+ echo "$DESC is not running" -+ return 3 -+ fi - } - - case "$1" in -@@ -182,9 +190,9 @@ case "$1" in - d_status - ;; - *) -- echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|reload}" >&2 -+ echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|reload|status}" >&2 - exit 1 - ;; - esac - --exit 0 -+exit $? --- -1.7.9.5 - diff --git a/yocto-poky/meta/recipes-connectivity/avahi/files/avahi_fix_install_issue.patch b/yocto-poky/meta/recipes-connectivity/avahi/files/avahi_fix_install_issue.patch deleted file mode 100644 index 32f20ece4..000000000 --- a/yocto-poky/meta/recipes-connectivity/avahi/files/avahi_fix_install_issue.patch +++ /dev/null @@ -1,32 +0,0 @@ -Upstream-Status: Pending - -Fixes this install issue -#| /bin/sh: line 0: cd: /srv/home/nitin/builds/build-gcc47/tmp/work/i586-poky-linux/avahi-0.6.31-r3.0/image//usr/bin: No such file or directory - -Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> -2012/05/03 - -Index: avahi-0.6.31/avahi-utils/Makefile.am -=================================================================== ---- avahi-0.6.31.orig/avahi-utils/Makefile.am -+++ avahi-0.6.31/avahi-utils/Makefile.am -@@ -54,6 +54,7 @@ avahi_set_host_name_CFLAGS = $(AM_CFLAGS - avahi_set_host_name_LDADD = $(AM_LDADD) ../avahi-client/libavahi-client.la ../avahi-common/libavahi-common.la - - install-exec-local: -+ $(MKDIR_P) $(DESTDIR)/$(bindir) && \ - cd $(DESTDIR)/$(bindir) && \ - rm -f avahi-resolve-host-name avahi-resolve-address avahi-browse-domains avahi-publish-address avahi-publish-service && \ - $(LN_S) avahi-resolve avahi-resolve-host-name && \ -Index: avahi-0.6.31/avahi-utils/Makefile.in -=================================================================== ---- avahi-0.6.31.orig/avahi-utils/Makefile.in -+++ avahi-0.6.31/avahi-utils/Makefile.in -@@ -906,6 +906,7 @@ uninstall-am: uninstall-binPROGRAMS - - - @HAVE_DBUS_TRUE@install-exec-local: -+@HAVE_DBUS_TRUE@ $(MKDIR_P) $(DESTDIR)/$(bindir) && \ - @HAVE_DBUS_TRUE@ cd $(DESTDIR)/$(bindir) && \ - @HAVE_DBUS_TRUE@ rm -f avahi-resolve-host-name avahi-resolve-address avahi-browse-domains avahi-publish-address avahi-publish-service && \ - @HAVE_DBUS_TRUE@ $(LN_S) avahi-resolve avahi-resolve-host-name && \ diff --git a/yocto-poky/meta/recipes-connectivity/avahi/files/fix_for_automake_1.12.x.patch b/yocto-poky/meta/recipes-connectivity/avahi/files/fix_for_automake_1.12.x.patch deleted file mode 100644 index 0fc4c290c..000000000 --- a/yocto-poky/meta/recipes-connectivity/avahi/files/fix_for_automake_1.12.x.patch +++ /dev/null @@ -1,34 +0,0 @@ -Upstream-Status: Pending - -autoamke 1.12.x has depricated use of mkdir_p , and recommends use of MKDIR_P -instead. Fixed the automake files accordingly to avoid warning-errors. -Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> -2012/07/09 - - -Index: avahi-0.6.31/avahi-daemon/Makefile.am -=================================================================== ---- avahi-0.6.31.orig/avahi-daemon/Makefile.am -+++ avahi-0.6.31/avahi-daemon/Makefile.am -@@ -169,7 +169,7 @@ xmllint: - done - - install-data-local: -- test -z "$(localstatedir)/run" || $(mkdir_p) "$(DESTDIR)$(localstatedir)/run" -+ test -z "$(localstatedir)/run" || $(MKDIR_P) "$(DESTDIR)$(localstatedir)/run" - - update-systemd: - curl http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.c > sd-daemon.c -Index: avahi-0.6.31/avahi-autoipd/Makefile.am -=================================================================== ---- avahi-0.6.31.orig/avahi-autoipd/Makefile.am -+++ avahi-0.6.31/avahi-autoipd/Makefile.am -@@ -76,7 +76,7 @@ dhcliententerdir = $(sysconfdir)/dhcp/dh - dhclientexitdir = $(sysconfdir)/dhcp/dhclient-exit-hooks.d - - install-exec-hook: dhclient-exit-hook dhclient-enter-hook -- $(mkdir_p) $(DESTDIR)$(dhcliententerdir) $(DESTDIR)$(dhclientexitdir) -+ $(MKDIR_P) $(DESTDIR)$(dhcliententerdir) $(DESTDIR)$(dhclientexitdir) - $(INSTALL) dhclient-enter-hook $(DESTDIR)$(dhcliententerdir)/avahi-autoipd - $(INSTALL) dhclient-exit-hook $(DESTDIR)$(dhclientexitdir)/avahi-autoipd - diff --git a/yocto-poky/meta/recipes-connectivity/avahi/files/out-of-tree.patch b/yocto-poky/meta/recipes-connectivity/avahi/files/out-of-tree.patch deleted file mode 100644 index 43476cde0..000000000 --- a/yocto-poky/meta/recipes-connectivity/avahi/files/out-of-tree.patch +++ /dev/null @@ -1,32 +0,0 @@ -Upstream-Status: Pending -Signed-off-by: Ross Burton <ross.burton@intel.com> - -From a62dc95d75691ea4aefa86d8bbe54c62afd78ff6 Mon Sep 17 00:00:00 2001 -From: Ross Burton <ross.burton@intel.com> -Date: Tue, 17 Sep 2013 12:27:36 +0100 -Subject: [PATCH] build-sys: fix out-of-tree builds without xmltoman - -If manpages are enabled but xmltoman isn't present, out-of-tree builds fail -because it checks inside the build directory for the pre-generated manpages. - -Fix this by using $srcdir when looking for files inside the source directory. ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index 9debce2..047c7ae 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -1021,7 +1021,7 @@ if test x$manpages = xyes ; then - fi - - if test x$have_xmltoman = xno -o x$xmltoman = xno; then -- if ! test -e man/avahi-daemon.8 ; then -+ if ! test -e $srcdir/man/avahi-daemon.8 ; then - AC_MSG_ERROR([*** xmltoman was not found or was disabled, it is required to build the manpages as they have not been pre-built, install xmltoman, pass --disable-manpages or dont pass --disable-xmltoman]) - exit 1 - fi --- -1.7.10.4 - diff --git a/yocto-poky/meta/recipes-connectivity/avahi/files/reuseport-check.patch b/yocto-poky/meta/recipes-connectivity/avahi/files/reuseport-check.patch deleted file mode 100644 index bb81c2cb4..000000000 --- a/yocto-poky/meta/recipes-connectivity/avahi/files/reuseport-check.patch +++ /dev/null @@ -1,30 +0,0 @@ -Fix avahi-daemon when running on kernel < 3.9 (patch taken from Ubuntu). - -Upstream-Status: Pending (unmaintained upstream) -Signed-off-by: Ross Burton <ross.burton@intel.com> - -Description: SO_REUSEPORT may not exist in running kernel - When userspace defines SO_REUSEPORT we will attempt to enable socket - port number reuse. However if the running kernel does not support - this call it will fail preventing daemon startup. If this call is - present but fails ENOPROTOOPT then we know that actually the kernel - does not support it and we should continue as if we did not have the - call at all. (LP: #1228204) - . - This patch could be removed from the debian package after jessie release. -Author: Andy Whitcroft <apw@canonical.com> - -Index: avahi-0.6.31/avahi-core/socket.c -=================================================================== ---- avahi-0.6.31.orig/avahi-core/socket.c 2013-09-20 16:36:50.000000000 +0100 -+++ avahi-0.6.31/avahi-core/socket.c 2013-09-20 16:38:23.781863644 +0100 -@@ -177,7 +177,8 @@ - yes = 1; - if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &yes, sizeof(yes)) < 0) { - avahi_log_warn("SO_REUSEPORT failed: %s", strerror(errno)); -- return -1; -+ if (errno != ENOPROTOOPT) -+ return -1; - } - #endif - diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/0001-build-use-pkg-config-to-find-libxml2.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/0001-build-use-pkg-config-to-find-libxml2.patch index cb5251d15..805cbb331 100644 --- a/yocto-poky/meta/recipes-connectivity/bind/bind/0001-build-use-pkg-config-to-find-libxml2.patch +++ b/yocto-poky/meta/recipes-connectivity/bind/bind/0001-build-use-pkg-config-to-find-libxml2.patch @@ -4,15 +4,18 @@ libxml2. Upstream-Status: Inappropriate Signed-off-by: Ross Burton <ross.burton@intel.com> +Update context for version 9.10.3-P2. + +Signed-off-by: Kai Kang <kai.kang@windriver.com> --- - configure.in | 18 +++--------------- - 1 file changed, 3 insertions(+), 15 deletions(-) + configure.in | 23 +++-------------------- + 1 file changed, 3 insertions(+), 20 deletions(-) diff --git a/configure.in b/configure.in -index d566e1c..c9ef3a6 100644 +index 0db826d..75819eb 100644 --- a/configure.in +++ b/configure.in -@@ -2102,21 +2102,9 @@ case "$use_libxml2" in +@@ -2107,26 +2107,9 @@ case "$use_libxml2" in DST_LIBXML2_INC="" ;; auto|yes) @@ -22,8 +25,13 @@ index d566e1c..c9ef3a6 100644 - libxml2_cflags=`xml2-config --cflags` - ;; - *) -- libxml2_libs= -- libxml2_cflags= +- if test "$use_libxml2" = "yes" ; then +- AC_MSG_RESULT(no) +- AC_MSG_ERROR(required libxml2 version not available) +- else +- libxml2_libs= +- libxml2_cflags= +- fi - ;; - esac - ;; diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8000.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8000.patch deleted file mode 100644 index e1c805257..000000000 --- a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8000.patch +++ /dev/null @@ -1,278 +0,0 @@ -From 8259daad7242ab2af8731681177ef7e948a15ece Mon Sep 17 00:00:00 2001 -From: Mark Andrews <marka@isc.org> -Date: Mon, 16 Nov 2015 13:12:20 +1100 -Subject: [PATCH] 4260. [security] Insufficient testing when parsing a - message allowed records with an incorrect class to be - be accepted, triggering a REQUIRE failure when those - records were subsequently cached. (CVE-2015-8000) [RT - #4098] - -(cherry picked from commit c8821d124c532e0a65752b378f924d4259499fd3) -(cherry picked from commit 3a4c24c4a52d4a2d21d2decbde3d4e514e27d51c) - - -Upstream-Status: Backport - -https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=8259daad7242ab2af8731681177ef7e948a15ece - -CVE: CVE-2015-8000 - -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - CHANGES | 5 +++++ - bin/tests/system/start.pl | 5 ++++- - doc/arm/notes.xml | 9 +++++++++ - lib/dns/include/dns/message.h | 13 +++++++++++-- - lib/dns/message.c | 45 ++++++++++++++++++++++++++++++++++++++----- - lib/dns/resolver.c | 9 +++++++++ - lib/dns/xfrin.c | 2 ++ - 7 files changed, 80 insertions(+), 8 deletions(-) - -Index: bind-9.10.2-P4/bin/tests/system/start.pl -=================================================================== ---- bind-9.10.2-P4.orig/bin/tests/system/start.pl -+++ bind-9.10.2-P4/bin/tests/system/start.pl -@@ -68,6 +68,7 @@ my $NAMED = $ENV{'NAMED'}; - my $LWRESD = $ENV{'LWRESD'}; - my $DIG = $ENV{'DIG'}; - my $PERL = $ENV{'PERL'}; -+my $PYTHON = $ENV{'PYTHON'}; - - # Start the server(s) - -@@ -213,7 +214,9 @@ sub start_server { - $pid_file = "lwresd.pid"; - } elsif ($server =~ /^ans/) { - $cleanup_files = "{ans.run}"; -- if (-e "$testdir/$server/ans.pl") { -+ if (-e "$testdir/$server/ans.py") { -+ $command = "$PYTHON ans.py 10.53.0.$' 5300"; -+ } elsif (-e "$testdir/$server/ans.pl") { - $command = "$PERL ans.pl"; - } else { - $command = "$PERL $topdir/ans.pl 10.53.0.$'"; -Index: bind-9.10.2-P4/doc/arm/notes.xml -=================================================================== ---- bind-9.10.2-P4.orig/doc/arm/notes.xml -+++ bind-9.10.2-P4/doc/arm/notes.xml -@@ -62,6 +62,15 @@ - <itemizedlist> - <listitem> - <para> -+ Insufficient testing when parsing a message allowed -+ records with an incorrect class to be be accepted, -+ triggering a REQUIRE failure when those records -+ were subsequently cached. This flaw is disclosed -+ in CVE-2015-8000. [RT #4098] -+ </para> -+ </listitem> -+ <listitem> -+ <para> - An incorrect boundary check in the OPENPGPKEY rdatatype - could trigger an assertion failure. This flaw is disclosed - in CVE-2015-5986. [RT #40286] -Index: bind-9.10.2-P4/lib/dns/include/dns/message.h -=================================================================== ---- bind-9.10.2-P4.orig/lib/dns/include/dns/message.h -+++ bind-9.10.2-P4/lib/dns/include/dns/message.h -@@ -15,8 +15,6 @@ - * PERFORMANCE OF THIS SOFTWARE. - */ - --/* $Id$ */ -- - #ifndef DNS_MESSAGE_H - #define DNS_MESSAGE_H 1 - -@@ -221,6 +219,8 @@ struct dns_message { - unsigned int free_saved : 1; - unsigned int sitok : 1; - unsigned int sitbad : 1; -+ unsigned int tkey : 1; -+ unsigned int rdclass_set : 1; - - unsigned int opt_reserved; - unsigned int sig_reserved; -@@ -1400,6 +1400,15 @@ dns_message_buildopt(dns_message_t *msg, - * \li other. - */ - -+void -+dns_message_setclass(dns_message_t *msg, dns_rdataclass_t rdclass); -+/*%< -+ * Set the expected class of records in the response. -+ * -+ * Requires: -+ * \li msg be a valid message with parsing intent. -+ */ -+ - ISC_LANG_ENDDECLS - - #endif /* DNS_MESSAGE_H */ -Index: bind-9.10.2-P4/lib/dns/message.c -=================================================================== ---- bind-9.10.2-P4.orig/lib/dns/message.c -+++ bind-9.10.2-P4/lib/dns/message.c -@@ -439,6 +439,8 @@ msginit(dns_message_t *m) { - m->free_saved = 0; - m->sitok = 0; - m->sitbad = 0; -+ m->tkey = 0; -+ m->rdclass_set = 0; - m->querytsig = NULL; - } - -@@ -1091,13 +1093,19 @@ getquestions(isc_buffer_t *source, dns_m - * If this class is different than the one we already read, - * this is an error. - */ -- if (msg->state == DNS_SECTION_ANY) { -- msg->state = DNS_SECTION_QUESTION; -+ if (msg->rdclass_set == 0) { - msg->rdclass = rdclass; -+ msg->rdclass_set = 1; - } else if (msg->rdclass != rdclass) - DO_FORMERR; - - /* -+ * Is this a TKEY query? -+ */ -+ if (rdtype == dns_rdatatype_tkey) -+ msg->tkey = 1; -+ -+ /* - * Can't ask the same question twice. - */ - result = dns_message_find(name, rdclass, rdtype, 0, NULL); -@@ -1241,12 +1249,12 @@ getsection(isc_buffer_t *source, dns_mes - * If there was no question section, we may not yet have - * established a class. Do so now. - */ -- if (msg->state == DNS_SECTION_ANY && -+ if (msg->rdclass_set == 0 && - rdtype != dns_rdatatype_opt && /* class is UDP SIZE */ - rdtype != dns_rdatatype_tsig && /* class is ANY */ - rdtype != dns_rdatatype_tkey) { /* class is undefined */ - msg->rdclass = rdclass; -- msg->state = DNS_SECTION_QUESTION; -+ msg->rdclass_set = 1; - } - - /* -@@ -1256,7 +1264,7 @@ getsection(isc_buffer_t *source, dns_mes - if (msg->opcode != dns_opcode_update - && rdtype != dns_rdatatype_tsig - && rdtype != dns_rdatatype_opt -- && rdtype != dns_rdatatype_dnskey /* in a TKEY query */ -+ && rdtype != dns_rdatatype_key /* in a TKEY query */ - && rdtype != dns_rdatatype_sig /* SIG(0) */ - && rdtype != dns_rdatatype_tkey /* Win2000 TKEY */ - && msg->rdclass != dns_rdataclass_any -@@ -1264,6 +1272,16 @@ getsection(isc_buffer_t *source, dns_mes - DO_FORMERR; - - /* -+ * If this is not a TKEY query/response then the KEY -+ * record's class needs to match. -+ */ -+ if (msg->opcode != dns_opcode_update && !msg->tkey && -+ rdtype == dns_rdatatype_key && -+ msg->rdclass != dns_rdataclass_any && -+ msg->rdclass != rdclass) -+ DO_FORMERR; -+ -+ /* - * Special type handling for TSIG, OPT, and TKEY. - */ - if (rdtype == dns_rdatatype_tsig) { -@@ -1377,6 +1395,10 @@ getsection(isc_buffer_t *source, dns_mes - skip_name_search = ISC_TRUE; - skip_type_search = ISC_TRUE; - issigzero = ISC_TRUE; -+ } else { -+ if (msg->rdclass != dns_rdataclass_any && -+ msg->rdclass != rdclass) -+ DO_FORMERR; - } - } else - covers = 0; -@@ -1625,6 +1647,7 @@ dns_message_parse(dns_message_t *msg, is - msg->counts[DNS_SECTION_ADDITIONAL] = isc_buffer_getuint16(source); - - msg->header_ok = 1; -+ msg->state = DNS_SECTION_QUESTION; - - /* - * -1 means no EDNS. -@@ -3706,3 +3729,15 @@ dns_message_buildopt(dns_message_t *mess - dns_message_puttemprdatalist(message, &rdatalist); - return (result); - } -+ -+void -+dns_message_setclass(dns_message_t *msg, dns_rdataclass_t rdclass) { -+ -+ REQUIRE(DNS_MESSAGE_VALID(msg)); -+ REQUIRE(msg->from_to_wire == DNS_MESSAGE_INTENTPARSE); -+ REQUIRE(msg->state == DNS_SECTION_ANY); -+ REQUIRE(msg->rdclass_set == 0); -+ -+ msg->rdclass = rdclass; -+ msg->rdclass_set = 1; -+} -Index: bind-9.10.2-P4/lib/dns/resolver.c -=================================================================== ---- bind-9.10.2-P4.orig/lib/dns/resolver.c -+++ bind-9.10.2-P4/lib/dns/resolver.c -@@ -7309,6 +7309,8 @@ resquery_response(isc_task_t *task, isc_ - goto done; - } - -+ dns_message_setclass(message, fctx->res->rdclass); -+ - if ((options & DNS_FETCHOPT_TCP) == 0) { - if ((options & DNS_FETCHOPT_NOEDNS0) == 0) - dns_adb_setudpsize(fctx->adb, query->addrinfo, -@@ -7391,6 +7393,13 @@ resquery_response(isc_task_t *task, isc_ - &dns_master_style_comment, - ISC_LOG_DEBUG(10), - fctx->res->mctx); -+ -+ if (message->rdclass != fctx->res->rdclass) { -+ resend = ISC_TRUE; -+ FCTXTRACE("bad class"); -+ goto done; -+ } -+ - /* - * Process receive opt record. - */ -Index: bind-9.10.2-P4/lib/dns/xfrin.c -=================================================================== ---- bind-9.10.2-P4.orig/lib/dns/xfrin.c -+++ bind-9.10.2-P4/lib/dns/xfrin.c -@@ -1225,6 +1225,8 @@ xfrin_recv_done(isc_task_t *task, isc_ev - msg->tsigctx = xfr->tsigctx; - xfr->tsigctx = NULL; - -+ dns_message_setclass(msg, xfr->rdclass); -+ - if (xfr->nmsg > 0) - msg->tcp_continuation = 1; - -Index: bind-9.10.2-P4/CHANGES -=================================================================== ---- bind-9.10.2-P4.orig/CHANGES -+++ bind-9.10.2-P4/CHANGES -@@ -1,4 +1,9 @@ -- --- 9.10.2-P4 released --- -+4260. [security] Insufficient testing when parsing a message allowed -+ records with an incorrect class to be be accepted, -+ triggering a REQUIRE failure when those records -+ were subsequently cached. (CVE-2015-8000) [RT #4098] -+ -+ --- 9.10.2-P4 released --- - - 4170. [security] An incorrect boundary check in the OPENPGPKEY - rdatatype could trigger an assertion failure. diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch deleted file mode 100644 index 88e9c8342..000000000 --- a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch +++ /dev/null @@ -1,44 +0,0 @@ -From adbf81335b67be0cebdcf9f1f4fcb38ef4814f4d Mon Sep 17 00:00:00 2001 -From: Mark Andrews <marka@isc.org> -Date: Thu, 25 Jun 2015 18:36:27 +1000 -Subject: [PATCH] 4146. [bug] Address reference leak that could - prevent a clean shutdown. [RT #37125] - -Upstream-Status: Backport - -https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=adbf81335b67be0cebdcf9f1f4fcb38ef4814f4d - -CVE: CVE-2015-8461 -Signed-off-by: Armin Kuster <akuster@mvista.com> ---- - CHANGES | 3 +++ - lib/dns/resolver.c | 5 +++++ - 2 files changed, 8 insertions(+) - -Index: bind-9.10.2-P4/CHANGES -=================================================================== ---- bind-9.10.2-P4.orig/CHANGES -+++ bind-9.10.2-P4/CHANGES -@@ -1,3 +1,6 @@ -+4146. [bug] Address reference leak that could prevent a clean -+ shutdown. [RT #37125] -+ - 4260. [security] Insufficient testing when parsing a message allowed - records with an incorrect class to be be accepted, - triggering a REQUIRE failure when those records -Index: bind-9.10.2-P4/lib/dns/resolver.c -=================================================================== ---- bind-9.10.2-P4.orig/lib/dns/resolver.c -+++ bind-9.10.2-P4/lib/dns/resolver.c -@@ -1649,6 +1649,11 @@ fctx_query(fetchctx_t *fctx, dns_adbaddr - if (query->dispatch != NULL) - dns_dispatch_detach(&query->dispatch); - -+ LOCK(&res->buckets[fctx->bucketnum].lock); -+ INSIST(fctx->references > 1); -+ fctx->references--; -+ UNLOCK(&res->buckets[fctx->bucketnum].lock); -+ - cleanup_query: - if (query->connects == 0) { - query->magic = 0; diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8704.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8704.patch deleted file mode 100644 index d5bf740e8..000000000 --- a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8704.patch +++ /dev/null @@ -1,28 +0,0 @@ -a buffer size check can cause denial of service under certain circumstances - -[security] -The following flaw in BIND was reported by ISC: - -A buffer size check used to guard against overflow could cause named to exit with an INSIST failure In apl_42.c. - -A server could exit due to an INSIST failure in apl_42.c when performing certain string formatting operations. - -Upstream-Status: Backport -CVE: CVE-2015-8704 - -[The patch is taken from BIND 9.10.3: -https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8704] - -Signed-off-by: Derek Straka <derek@asterius.io> -diff --git a/lib/dns/rdata/in_1/apl_42.c b/lib/dns/rdata/in_1/apl_42.c -index bedd38e..28eb7f2 100644 ---- a/lib/dns/rdata/in_1/apl_42.c -+++ b/lib/dns/rdata/in_1/apl_42.c -@@ -116,7 +116,7 @@ totext_in_apl(ARGS_TOTEXT) { - isc_uint8_t len; - isc_boolean_t neg; - unsigned char buf[16]; -- char txt[sizeof(" !64000")]; -+ char txt[sizeof(" !64000:")]; - const char *sep = ""; - int n; diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8705.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8705.patch deleted file mode 100644 index c4a052d7b..000000000 --- a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8705.patch +++ /dev/null @@ -1,44 +0,0 @@ -a crash or assertion failure can during format processing - -[security] -The following flaw in BIND was reported by ISC: - -In versions of BIND 9.10, errors can occur when OPT pseudo-RR data or ECS options are formatted to text. In 9.10.3 through 9.10.3-P2, the issue may result in a REQUIRE assertion failure in buffer.c. - -This issue can affect both authoritative and recursive servers if they are performing debug logging. (It may also crash related tools which use the same code, such as dig or delv.) - -A server could exit due to an INSIST failure in apl_42.c when performing certain string formatting operations. - -Upstream-Status: Backport -CVE: CVE-2015-8705 - -[The patch is taken from BIND 9.10.3: -https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8705] - -Signed-off-by: Derek Straka <derek@asterius.io> -diff --git a/lib/dns/message.c b/lib/dns/message.c -index ea7b93a..810c58e 100644 ---- a/lib/dns/message.c -+++ b/lib/dns/message.c -@@ -3310,9 +3310,19 @@ - } else if (optcode == DNS_OPT_SIT) { - ADD_STRING(target, "; SIT"); - } else if (optcode == DNS_OPT_CLIENT_SUBNET) { -+ isc_buffer_t ecsbuf; - ADD_STRING(target, "; CLIENT-SUBNET: "); -- render_ecs(&optbuf, target); -- ADD_STRING(target, "\n"); -+ isc_buffer_init(&ecsbuf, -+ isc_buffer_current(&optbuf), -+ optlen); -+ isc_buffer_add(&ecsbuf, optlen); -+ result = render_ecs(&ecsbuf, target); -+ if (result == ISC_R_NOSPACE) -+ return (result); -+ if (result == ISC_R_SUCCESS) { -+ isc_buffer_forward(&optbuf, optlen); -+ ADD_STRING(target, "\n"); -+ } - continue; - } else if (optcode == DNS_OPT_EXPIRE) { - if (optlen == 4) { diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1285.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1285.patch new file mode 100644 index 000000000..2149bd180 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1285.patch @@ -0,0 +1,154 @@ +From 70037e040e587329cec82123e12b9f4f7c945f67 Mon Sep 17 00:00:00 2001 +From: Mark Andrews <marka@isc.org> +Date: Thu, 18 Feb 2016 12:11:27 +1100 +Subject: [PATCH] 4318. [security] Malformed control messages can + trigger assertions in named and rndc. (CVE-2016-1285) + [RT #41666] + +(cherry picked from commit a2b15b3305acd52179e6f3dc7d073b07fbc40b8e) + +CVE: CVE-2016-1285 +Upstream-Status: Backport +[Removed doc/arm/notes.xml changes from upstream patch] + +Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> +--- + CHANGES | 3 +++ + bin/named/control.c | 2 +- + bin/named/controlconf.c | 2 +- + bin/rndc/rndc.c | 8 ++++---- + doc/arm/notes.xml | 11 +++++++++++ + lib/isccc/cc.c | 14 +++++++------- + 6 files changed, 27 insertions(+), 13 deletions(-) + +diff --git a/CHANGES b/CHANGES +index b9bd9ef..2c727d5 100644 +--- a/CHANGES ++++ b/CHANGES +@@ -1,3 +1,6 @@ ++4318. [security] Malformed control messages can trigger assertions ++ in named and rndc. (CVE-2016-1285) [RT #41666] ++ + --- 9.10.3-P3 released --- + + 4288. [bug] Fixed a regression in resolver.c:possibly_mark() +diff --git a/bin/named/control.c b/bin/named/control.c +index 8554335..81340ca 100644 +--- a/bin/named/control.c ++++ b/bin/named/control.c +@@ -69,7 +69,7 @@ ns_control_docommand(isccc_sexpr_t *message, isc_buffer_t *text) { + #endif + + data = isccc_alist_lookup(message, "_data"); +- if (data == NULL) { ++ if (!isccc_alist_alistp(data)) { + /* + * No data section. + */ +diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c +index 765afdd..a39ab8b 100644 +--- a/bin/named/controlconf.c ++++ b/bin/named/controlconf.c +@@ -402,7 +402,7 @@ control_recvmessage(isc_task_t *task, isc_event_t *event) { + * Limit exposure to replay attacks. + */ + _ctrl = isccc_alist_lookup(request, "_ctrl"); +- if (_ctrl == NULL) { ++ if (!isccc_alist_alistp(_ctrl)) { + log_invalid(&conn->ccmsg, ISC_R_FAILURE); + goto cleanup_request; + } +diff --git a/bin/rndc/rndc.c b/bin/rndc/rndc.c +index cb17050..b6e05c8 100644 +--- a/bin/rndc/rndc.c ++++ b/bin/rndc/rndc.c +@@ -255,8 +255,8 @@ rndc_recvdone(isc_task_t *task, isc_event_t *event) { + isccc_cc_fromwire(&source, &response, algorithm, &secret)); + + data = isccc_alist_lookup(response, "_data"); +- if (data == NULL) +- fatal("no data section in response"); ++ if (!isccc_alist_alistp(data)) ++ fatal("bad or missing data section in response"); + result = isccc_cc_lookupstring(data, "err", &errormsg); + if (result == ISC_R_SUCCESS) { + failed = ISC_TRUE; +@@ -321,8 +321,8 @@ rndc_recvnonce(isc_task_t *task, isc_event_t *event) { + isccc_cc_fromwire(&source, &response, algorithm, &secret)); + + _ctrl = isccc_alist_lookup(response, "_ctrl"); +- if (_ctrl == NULL) +- fatal("_ctrl section missing"); ++ if (!isccc_alist_alistp(_ctrl)) ++ fatal("bad or missing ctrl section in response"); + nonce = 0; + if (isccc_cc_lookupuint32(_ctrl, "_nonce", &nonce) != ISC_R_SUCCESS) + nonce = 0; +diff --git a/lib/isccc/cc.c b/lib/isccc/cc.c +index 47a3b74..2bb961e 100644 +--- a/lib/isccc/cc.c ++++ b/lib/isccc/cc.c +@@ -403,13 +403,13 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length, + * Extract digest. + */ + _auth = isccc_alist_lookup(alist, "_auth"); +- if (_auth == NULL) ++ if (!isccc_alist_alistp(_auth)) + return (ISC_R_FAILURE); + if (algorithm == ISCCC_ALG_HMACMD5) + hmac = isccc_alist_lookup(_auth, "hmd5"); + else + hmac = isccc_alist_lookup(_auth, "hsha"); +- if (hmac == NULL) ++ if (!isccc_sexpr_binaryp(hmac)) + return (ISC_R_FAILURE); + /* + * Compute digest. +@@ -728,7 +728,7 @@ isccc_cc_createack(isccc_sexpr_t *message, isc_boolean_t ok, + REQUIRE(ackp != NULL && *ackp == NULL); + + _ctrl = isccc_alist_lookup(message, "_ctrl"); +- if (_ctrl == NULL || ++ if (!isccc_alist_alistp(_ctrl) || + isccc_cc_lookupuint32(_ctrl, "_ser", &serial) != ISC_R_SUCCESS || + isccc_cc_lookupuint32(_ctrl, "_tim", &t) != ISC_R_SUCCESS) + return (ISC_R_FAILURE); +@@ -773,7 +773,7 @@ isccc_cc_isack(isccc_sexpr_t *message) + isccc_sexpr_t *_ctrl; + + _ctrl = isccc_alist_lookup(message, "_ctrl"); +- if (_ctrl == NULL) ++ if (!isccc_alist_alistp(_ctrl)) + return (ISC_FALSE); + if (isccc_cc_lookupstring(_ctrl, "_ack", NULL) == ISC_R_SUCCESS) + return (ISC_TRUE); +@@ -786,7 +786,7 @@ isccc_cc_isreply(isccc_sexpr_t *message) + isccc_sexpr_t *_ctrl; + + _ctrl = isccc_alist_lookup(message, "_ctrl"); +- if (_ctrl == NULL) ++ if (!isccc_alist_alistp(_ctrl)) + return (ISC_FALSE); + if (isccc_cc_lookupstring(_ctrl, "_rpl", NULL) == ISC_R_SUCCESS) + return (ISC_TRUE); +@@ -806,7 +806,7 @@ isccc_cc_createresponse(isccc_sexpr_t *message, isccc_time_t now, + + _ctrl = isccc_alist_lookup(message, "_ctrl"); + _data = isccc_alist_lookup(message, "_data"); +- if (_ctrl == NULL || _data == NULL || ++ if (!isccc_alist_alistp(_ctrl) || !isccc_alist_alistp(_data) || + isccc_cc_lookupuint32(_ctrl, "_ser", &serial) != ISC_R_SUCCESS || + isccc_cc_lookupstring(_data, "type", &type) != ISC_R_SUCCESS) + return (ISC_R_FAILURE); +@@ -995,7 +995,7 @@ isccc_cc_checkdup(isccc_symtab_t *symtab, isccc_sexpr_t *message, + isccc_sexpr_t *_ctrl; + + _ctrl = isccc_alist_lookup(message, "_ctrl"); +- if (_ctrl == NULL || ++ if (!isccc_alist_alistp(_ctrl) || + isccc_cc_lookupstring(_ctrl, "_ser", &_ser) != ISC_R_SUCCESS || + isccc_cc_lookupstring(_ctrl, "_tim", &_tim) != ISC_R_SUCCESS) + return (ISC_R_FAILURE); +-- +1.9.1 + diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch new file mode 100644 index 000000000..ae5cc48d9 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch @@ -0,0 +1,79 @@ +From a3d327bf1ceaaeabb20223d8de85166e940b9f12 Mon Sep 17 00:00:00 2001 +From: Mukund Sivaraman <muks@isc.org> +Date: Mon, 22 Feb 2016 12:22:43 +0530 +Subject: [PATCH] Fix resolver assertion failure due to improper DNAME handling + (CVE-2016-1286) (#41753) + +(cherry picked from commit 5995fec51cc8bb7e53804e4936e60aa1537f3673) + +CVE: CVE-2016-1286 +Upstream-Status: Backport + +[Removed doc/arm/notes.xml changes from upstream patch.] + +Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> +--- +diff -ruN a/CHANGES b/CHANGES +--- a/CHANGES 2016-04-13 07:28:44.940873629 +0200 ++++ b/CHANGES 2016-04-13 07:38:38.923167851 +0200 +@@ -1,3 +1,7 @@ ++4319. [security] Fix resolver assertion failure due to improper ++ DNAME handling when parsing fetch reply messages. ++ (CVE-2016-1286) [RT #41753] ++ + 4318. [security] Malformed control messages can trigger assertions + in named and rndc. (CVE-2016-1285) [RT #41666] + +diff -ruN a/lib/dns/resolver.c b/lib/dns/resolver.c +--- a/lib/dns/resolver.c 2016-04-13 07:28:43.088953790 +0200 ++++ b/lib/dns/resolver.c 2016-04-13 07:38:20.411968925 +0200 +@@ -6967,21 +6967,26 @@ + isc_boolean_t found_dname = ISC_FALSE; + dns_name_t *dname_name; + ++ /* ++ * Only pass DNAME or RRSIG(DNAME). ++ */ ++ if (rdataset->type != dns_rdatatype_dname && ++ (rdataset->type != dns_rdatatype_rrsig || ++ rdataset->covers != dns_rdatatype_dname)) ++ continue; ++ ++ /* ++ * If we're not chaining, then the DNAME and ++ * its signature should not be external. ++ */ ++ if (!chaining && external) { ++ log_formerr(fctx, "external DNAME"); ++ return (DNS_R_FORMERR); ++ } ++ + found = ISC_FALSE; + aflag = 0; + if (rdataset->type == dns_rdatatype_dname) { +- /* +- * We're looking for something else, +- * but we found a DNAME. +- * +- * If we're not chaining, then the +- * DNAME should not be external. +- */ +- if (!chaining && external) { +- log_formerr(fctx, +- "external DNAME"); +- return (DNS_R_FORMERR); +- } + found = ISC_TRUE; + want_chaining = ISC_TRUE; + POST(want_chaining); +@@ -7010,9 +7015,7 @@ + &fctx->domain)) { + return (DNS_R_SERVFAIL); + } +- } else if (rdataset->type == dns_rdatatype_rrsig +- && rdataset->covers == +- dns_rdatatype_dname) { ++ } else { + /* + * We've found a signature that + * covers the DNAME. diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_2.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_2.patch new file mode 100644 index 000000000..a31ea81f8 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_2.patch @@ -0,0 +1,314 @@ +From 7602be276a73a6eb5431c5acd9718e68a55e8b61 Mon Sep 17 00:00:00 2001 +From: Mark Andrews <marka@isc.org> +Date: Mon, 29 Feb 2016 07:16:48 +1100 +Subject: [PATCH] Part 2 of: 4319. [security] Fix resolver assertion + failure due to improper DNAME handling when parsing + fetch reply messages. (CVE-2016-1286) [RT #41753] + +(cherry picked from commit 2de89ee9de8c8da9dc153a754b02dcdbb7fe2374) +Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> +--- + lib/dns/resolver.c | 192 ++++++++++++++++++++++++++--------------------------- + 1 file changed, 93 insertions(+), 99 deletions(-) + +diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c +index 70aba87..41e9df4 100644 +--- a/lib/dns/resolver.c ++++ b/lib/dns/resolver.c +@@ -6074,14 +6074,11 @@ cname_target(dns_rdataset_t *rdataset, dns_name_t *tname) { + } + + static inline isc_result_t +-dname_target(fetchctx_t *fctx, dns_rdataset_t *rdataset, dns_name_t *qname, +- dns_name_t *oname, dns_fixedname_t *fixeddname) ++dname_target(dns_rdataset_t *rdataset, dns_name_t *qname, ++ unsigned int nlabels, dns_fixedname_t *fixeddname) + { + isc_result_t result; + dns_rdata_t rdata = DNS_RDATA_INIT; +- unsigned int nlabels; +- int order; +- dns_namereln_t namereln; + dns_rdata_dname_t dname; + dns_fixedname_t prefix; + +@@ -6096,21 +6093,6 @@ dname_target(fetchctx_t *fctx, dns_rdataset_t *rdataset, dns_name_t *qname, + if (result != ISC_R_SUCCESS) + return (result); + +- /* +- * Get the prefix of qname. +- */ +- namereln = dns_name_fullcompare(qname, oname, &order, &nlabels); +- if (namereln != dns_namereln_subdomain) { +- char qbuf[DNS_NAME_FORMATSIZE]; +- char obuf[DNS_NAME_FORMATSIZE]; +- +- dns_rdata_freestruct(&dname); +- dns_name_format(qname, qbuf, sizeof(qbuf)); +- dns_name_format(oname, obuf, sizeof(obuf)); +- log_formerr(fctx, "unrelated DNAME in answer: " +- "%s is not in %s", qbuf, obuf); +- return (DNS_R_FORMERR); +- } + dns_fixedname_init(&prefix); + dns_name_split(qname, nlabels, dns_fixedname_name(&prefix), NULL); + dns_fixedname_init(fixeddname); +@@ -6736,13 +6718,13 @@ static isc_result_t + answer_response(fetchctx_t *fctx) { + isc_result_t result; + dns_message_t *message; +- dns_name_t *name, *qname, tname, *ns_name; ++ dns_name_t *name, *dname, *qname, tname, *ns_name; + dns_rdataset_t *rdataset, *ns_rdataset; + isc_boolean_t done, external, chaining, aa, found, want_chaining; + isc_boolean_t have_answer, found_cname, found_type, wanted_chaining; + unsigned int aflag; + dns_rdatatype_t type; +- dns_fixedname_t dname, fqname; ++ dns_fixedname_t fdname, fqname; + dns_view_t *view; + + FCTXTRACE("answer_response"); +@@ -6770,10 +6752,15 @@ answer_response(fetchctx_t *fctx) { + view = fctx->res->view; + result = dns_message_firstname(message, DNS_SECTION_ANSWER); + while (!done && result == ISC_R_SUCCESS) { ++ dns_namereln_t namereln; ++ int order; ++ unsigned int nlabels; ++ + name = NULL; + dns_message_currentname(message, DNS_SECTION_ANSWER, &name); + external = ISC_TF(!dns_name_issubdomain(name, &fctx->domain)); +- if (dns_name_equal(name, qname)) { ++ namereln = dns_name_fullcompare(qname, name, &order, &nlabels); ++ if (namereln == dns_namereln_equal) { + wanted_chaining = ISC_FALSE; + for (rdataset = ISC_LIST_HEAD(name->list); + rdataset != NULL; +@@ -6898,10 +6885,11 @@ answer_response(fetchctx_t *fctx) { + */ + INSIST(!external); + if (aflag == +- DNS_RDATASETATTR_ANSWER) ++ DNS_RDATASETATTR_ANSWER) { + have_answer = ISC_TRUE; +- name->attributes |= +- DNS_NAMEATTR_ANSWER; ++ name->attributes |= ++ DNS_NAMEATTR_ANSWER; ++ } + rdataset->attributes |= aflag; + if (aa) + rdataset->trust = +@@ -6956,6 +6944,8 @@ answer_response(fetchctx_t *fctx) { + if (wanted_chaining) + chaining = ISC_TRUE; + } else { ++ dns_rdataset_t *dnameset = NULL; ++ + /* + * Look for a DNAME (or its SIG). Anything else is + * ignored. +@@ -6963,10 +6953,8 @@ answer_response(fetchctx_t *fctx) { + wanted_chaining = ISC_FALSE; + for (rdataset = ISC_LIST_HEAD(name->list); + rdataset != NULL; +- rdataset = ISC_LIST_NEXT(rdataset, link)) { +- isc_boolean_t found_dname = ISC_FALSE; +- dns_name_t *dname_name; +- ++ rdataset = ISC_LIST_NEXT(rdataset, link)) ++ { + /* + * Only pass DNAME or RRSIG(DNAME). + */ +@@ -6980,20 +6968,41 @@ answer_response(fetchctx_t *fctx) { + * its signature should not be external. + */ + if (!chaining && external) { +- log_formerr(fctx, "external DNAME"); ++ char qbuf[DNS_NAME_FORMATSIZE]; ++ char obuf[DNS_NAME_FORMATSIZE]; ++ ++ dns_name_format(name, qbuf, ++ sizeof(qbuf)); ++ dns_name_format(&fctx->domain, obuf, ++ sizeof(obuf)); ++ log_formerr(fctx, "external DNAME or " ++ "RRSIG covering DNAME " ++ "in answer: %s is " ++ "not in %s", qbuf, obuf); ++ return (DNS_R_FORMERR); ++ } ++ ++ if (namereln != dns_namereln_subdomain) { ++ char qbuf[DNS_NAME_FORMATSIZE]; ++ char obuf[DNS_NAME_FORMATSIZE]; ++ ++ dns_name_format(qname, qbuf, ++ sizeof(qbuf)); ++ dns_name_format(name, obuf, ++ sizeof(obuf)); ++ log_formerr(fctx, "unrelated DNAME " ++ "in answer: %s is " ++ "not in %s", qbuf, obuf); + return (DNS_R_FORMERR); + } + +- found = ISC_FALSE; + aflag = 0; + if (rdataset->type == dns_rdatatype_dname) { +- found = ISC_TRUE; + want_chaining = ISC_TRUE; + POST(want_chaining); + aflag = DNS_RDATASETATTR_ANSWER; +- result = dname_target(fctx, rdataset, +- qname, name, +- &dname); ++ result = dname_target(rdataset, qname, ++ nlabels, &fdname); + if (result == ISC_R_NOSPACE) { + /* + * We can't construct the +@@ -7005,14 +7014,12 @@ answer_response(fetchctx_t *fctx) { + } else if (result != ISC_R_SUCCESS) + return (result); + else +- found_dname = ISC_TRUE; ++ dnameset = rdataset; + +- dname_name = dns_fixedname_name(&dname); ++ dname = dns_fixedname_name(&fdname); + if (!is_answertarget_allowed(view, +- qname, +- rdataset->type, +- dname_name, +- &fctx->domain)) { ++ qname, rdataset->type, ++ dname, &fctx->domain)) { + return (DNS_R_SERVFAIL); + } + } else { +@@ -7020,73 +7027,60 @@ answer_response(fetchctx_t *fctx) { + * We've found a signature that + * covers the DNAME. + */ +- found = ISC_TRUE; + aflag = DNS_RDATASETATTR_ANSWERSIG; + } + +- if (found) { ++ /* ++ * We've found an answer to our ++ * question. ++ */ ++ name->attributes |= DNS_NAMEATTR_CACHE; ++ rdataset->attributes |= DNS_RDATASETATTR_CACHE; ++ rdataset->trust = dns_trust_answer; ++ if (!chaining) { + /* +- * We've found an answer to our +- * question. ++ * This data is "the" answer to ++ * our question only if we're ++ * not chaining. + */ +- name->attributes |= +- DNS_NAMEATTR_CACHE; +- rdataset->attributes |= +- DNS_RDATASETATTR_CACHE; +- rdataset->trust = dns_trust_answer; +- if (!chaining) { +- /* +- * This data is "the" answer +- * to our question only if +- * we're not chaining. +- */ +- INSIST(!external); +- if (aflag == +- DNS_RDATASETATTR_ANSWER) +- have_answer = ISC_TRUE; ++ INSIST(!external); ++ if (aflag == DNS_RDATASETATTR_ANSWER) { ++ have_answer = ISC_TRUE; + name->attributes |= + DNS_NAMEATTR_ANSWER; +- rdataset->attributes |= aflag; +- if (aa) +- rdataset->trust = +- dns_trust_authanswer; +- } else if (external) { +- rdataset->attributes |= +- DNS_RDATASETATTR_EXTERNAL; +- } +- +- /* +- * DNAME chaining. +- */ +- if (found_dname) { +- /* +- * Copy the dname into the +- * qname fixed name. +- * +- * Although we check for +- * failure of the copy +- * operation, in practice it +- * should never fail since +- * we already know that the +- * result fits in a fixedname. +- */ +- dns_fixedname_init(&fqname); +- result = dns_name_copy( +- dns_fixedname_name(&dname), +- dns_fixedname_name(&fqname), +- NULL); +- if (result != ISC_R_SUCCESS) +- return (result); +- wanted_chaining = ISC_TRUE; +- name->attributes |= +- DNS_NAMEATTR_CHAINING; +- rdataset->attributes |= +- DNS_RDATASETATTR_CHAINING; +- qname = dns_fixedname_name( +- &fqname); + } ++ rdataset->attributes |= aflag; ++ if (aa) ++ rdataset->trust = ++ dns_trust_authanswer; ++ } else if (external) { ++ rdataset->attributes |= ++ DNS_RDATASETATTR_EXTERNAL; + } + } ++ ++ /* ++ * DNAME chaining. ++ */ ++ if (dnameset != NULL) { ++ /* ++ * Copy the dname into the qname fixed name. ++ * ++ * Although we check for failure of the copy ++ * operation, in practice it should never fail ++ * since we already know that the result fits ++ * in a fixedname. ++ */ ++ dns_fixedname_init(&fqname); ++ qname = dns_fixedname_name(&fqname); ++ result = dns_name_copy(dname, qname, NULL); ++ if (result != ISC_R_SUCCESS) ++ return (result); ++ wanted_chaining = ISC_TRUE; ++ name->attributes |= DNS_NAMEATTR_CHAINING; ++ dnameset->attributes |= ++ DNS_RDATASETATTR_CHAINING; ++ } + if (wanted_chaining) + chaining = ISC_TRUE; + } +-- +1.9.1 + diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-2088.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-2088.patch new file mode 100644 index 000000000..1b84d46b7 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-2088.patch @@ -0,0 +1,247 @@ +CVE-2016-2088 + +Backport commit d7ff9a1c41bf0ba9773cb3adb08b48b9fd57c956 from the +v9_10_3_patch branch. + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2088 +https://kb.isc.org/article/AA-01351 + +CVE: CVE-2016-2088 +Upstream-Status: Backport +Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> + + +Original commit message from Mark Andrews <marka@isc.org> below: + +4322. [security] Duplicate EDNS COOKIE options in a response could + trigger an assertion failure. (CVE-2016-2088) + [RT #41809] + +(cherry picked from commit 455c0848f80a8acda27aad1466c72987cafaa029) +(cherry picked from commit 7cd300abd6ee8b8ee8730593daf742ba53f90bc3) +--- + CHANGES | 4 ++++ + bin/dig/dighost.c | 9 +++++++++ + bin/named/client.c | 33 +++++++++++++++++++++++---------- + doc/arm/notes.xml | 7 +++++++ + lib/dns/resolver.c | 14 +++++++++++++- + 5 files changed, 56 insertions(+), 11 deletions(-) + +diff --git a/CHANGES b/CHANGES +index c5b5d2b..d2e3360 100644 +--- a/CHANGES ++++ b/CHANGES +@@ -1,3 +1,7 @@ ++4322. [security] Duplicate EDNS COOKIE options in a response could ++ trigger an assertion failure. (CVE-2016-2088) ++ [RT #41809] ++ + 4319. [security] Fix resolver assertion failure due to improper + DNAME handling when parsing fetch reply messages. + (CVE-2016-1286) [RT #41753] +diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c +index ca82f8e..340904f 100644 +--- a/bin/dig/dighost.c ++++ b/bin/dig/dighost.c +@@ -3458,6 +3458,7 @@ process_opt(dig_lookup_t *l, dns_message_t *msg) { + isc_buffer_t optbuf; + isc_uint16_t optcode, optlen; + dns_rdataset_t *opt = msg->opt; ++ isc_boolean_t seen_cookie = ISC_FALSE; + + result = dns_rdataset_first(opt); + if (result == ISC_R_SUCCESS) { +@@ -3470,7 +3471,15 @@ process_opt(dig_lookup_t *l, dns_message_t *msg) { + optlen = isc_buffer_getuint16(&optbuf); + switch (optcode) { + case DNS_OPT_COOKIE: ++ /* ++ * Only process the first cookie option. ++ */ ++ if (seen_cookie) { ++ isc_buffer_forward(&optbuf, optlen); ++ break; ++ } + process_sit(l, msg, &optbuf, optlen); ++ seen_cookie = ISC_TRUE; + break; + default: + isc_buffer_forward(&optbuf, optlen); +diff --git a/bin/named/client.c b/bin/named/client.c +index 683305c..0d7331a 100644 +--- a/bin/named/client.c ++++ b/bin/named/client.c +@@ -120,7 +120,10 @@ + */ + #endif + +-#define SIT_SIZE 24U /* 8 + 4 + 4 + 8 */ ++#define COOKIE_SIZE 24U /* 8 + 4 + 4 + 8 */ ++ ++#define WANTNSID(x) (((x)->attributes & NS_CLIENTATTR_WANTNSID) != 0) ++#define WANTEXPIRE(x) (((x)->attributes & NS_CLIENTATTR_WANTEXPIRE) != 0) + + /*% nameserver client manager structure */ + struct ns_clientmgr { +@@ -1395,7 +1398,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message, + { + char nsid[BUFSIZ], *nsidp; + #ifdef ISC_PLATFORM_USESIT +- unsigned char sit[SIT_SIZE]; ++ unsigned char sit[COOKIE_SIZE]; + #endif + isc_result_t result; + dns_view_t *view; +@@ -1420,7 +1423,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message, + flags = client->extflags & DNS_MESSAGEEXTFLAG_REPLYPRESERVE; + + /* Set EDNS options if applicable */ +- if ((client->attributes & NS_CLIENTATTR_WANTNSID) != 0 && ++ if (WANTNSID(client) && + (ns_g_server->server_id != NULL || + ns_g_server->server_usehostname)) { + if (ns_g_server->server_usehostname) { +@@ -1453,7 +1456,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message, + + INSIST(count < DNS_EDNSOPTIONS); + ednsopts[count].code = DNS_OPT_COOKIE; +- ednsopts[count].length = SIT_SIZE; ++ ednsopts[count].length = COOKIE_SIZE; + ednsopts[count].value = sit; + count++; + } +@@ -1661,19 +1664,26 @@ compute_sit(ns_client_t *client, isc_uint32_t when, isc_uint32_t nonce, + + static void + process_sit(ns_client_t *client, isc_buffer_t *buf, size_t optlen) { +- unsigned char dbuf[SIT_SIZE]; ++ unsigned char dbuf[COOKIE_SIZE]; + unsigned char *old; + isc_stdtime_t now; + isc_uint32_t when; + isc_uint32_t nonce; + isc_buffer_t db; + ++ /* ++ * If we have already seen a ECS option skip this ECS option. ++ */ ++ if ((client->attributes & NS_CLIENTATTR_WANTSIT) != 0) { ++ isc_buffer_forward(buf, optlen); ++ return; ++ } + client->attributes |= NS_CLIENTATTR_WANTSIT; + + isc_stats_increment(ns_g_server->nsstats, + dns_nsstatscounter_sitopt); + +- if (optlen != SIT_SIZE) { ++ if (optlen != COOKIE_SIZE) { + /* + * Not our token. + */ +@@ -1717,14 +1727,13 @@ process_sit(ns_client_t *client, isc_buffer_t *buf, size_t optlen) { + isc_buffer_init(&db, dbuf, sizeof(dbuf)); + compute_sit(client, when, nonce, &db); + +- if (!isc_safe_memequal(old, dbuf, SIT_SIZE)) { ++ if (!isc_safe_memequal(old, dbuf, COOKIE_SIZE)) { + isc_stats_increment(ns_g_server->nsstats, + dns_nsstatscounter_sitnomatch); + return; + } + isc_stats_increment(ns_g_server->nsstats, + dns_nsstatscounter_sitmatch); +- + client->attributes |= NS_CLIENTATTR_HAVESIT; + } + #endif +@@ -1783,7 +1792,9 @@ process_opt(ns_client_t *client, dns_rdataset_t *opt) { + optlen = isc_buffer_getuint16(&optbuf); + switch (optcode) { + case DNS_OPT_NSID: +- isc_stats_increment(ns_g_server->nsstats, ++ if (!WANTNSID(client)) ++ isc_stats_increment( ++ ns_g_server->nsstats, + dns_nsstatscounter_nsidopt); + client->attributes |= NS_CLIENTATTR_WANTNSID; + isc_buffer_forward(&optbuf, optlen); +@@ -1794,7 +1805,9 @@ process_opt(ns_client_t *client, dns_rdataset_t *opt) { + break; + #endif + case DNS_OPT_EXPIRE: +- isc_stats_increment(ns_g_server->nsstats, ++ if (!WANTEXPIRE(client)) ++ isc_stats_increment( ++ ns_g_server->nsstats, + dns_nsstatscounter_expireopt); + client->attributes |= NS_CLIENTATTR_WANTEXPIRE; + isc_buffer_forward(&optbuf, optlen); +diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml +index ebf4f55..095eb5b 100644 +--- a/doc/arm/notes.xml ++++ b/doc/arm/notes.xml +@@ -51,6 +51,13 @@ + <title>Security Fixes</title> + <itemizedlist> + <listitem> ++ <para> ++ Duplicate EDNS COOKIE options in a response could trigger ++ an assertion failure. This flaw is disclosed in CVE-2016-2088. ++ [RT #41809] ++ </para> ++ </listitem> ++ <listitem> + <para> + Specific APL data could trigger an INSIST. This flaw + was discovered by Brian Mitchell and is disclosed in +diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c +index a797e3f..ba1ae23 100644 +--- a/lib/dns/resolver.c ++++ b/lib/dns/resolver.c +@@ -7502,7 +7502,9 @@ process_opt(resquery_t *query, dns_rdataset_t *opt) { + unsigned char *sit; + dns_adbaddrinfo_t *addrinfo; + unsigned char cookie[8]; ++ isc_boolean_t seen_cookie = ISC_FALSE; + #endif ++ isc_boolean_t seen_nsid = ISC_FALSE; + + result = dns_rdataset_first(opt); + if (result == ISC_R_SUCCESS) { +@@ -7516,14 +7518,23 @@ process_opt(resquery_t *query, dns_rdataset_t *opt) { + INSIST(optlen <= isc_buffer_remaininglength(&optbuf)); + switch (optcode) { + case DNS_OPT_NSID: +- if (query->options & DNS_FETCHOPT_WANTNSID) ++ if (!seen_nsid && ++ query->options & DNS_FETCHOPT_WANTNSID) + log_nsid(&optbuf, optlen, query, + ISC_LOG_DEBUG(3), + query->fctx->res->mctx); + isc_buffer_forward(&optbuf, optlen); ++ seen_nsid = ISC_TRUE; + break; + #ifdef ISC_PLATFORM_USESIT + case DNS_OPT_COOKIE: ++ /* ++ * Only process the first cookie option. ++ */ ++ if (seen_cookie) { ++ isc_buffer_forward(&optbuf, optlen); ++ break; ++ } + sit = isc_buffer_current(&optbuf); + compute_cc(query, cookie, sizeof(cookie)); + INSIST(query->fctx->rmessage->sitbad == 0 && +@@ -7541,6 +7552,7 @@ process_opt(resquery_t *query, dns_rdataset_t *opt) { + isc_buffer_forward(&optbuf, optlen); + inc_stats(query->fctx->res, + dns_resstatscounter_sitin); ++ seen_cookie = ISC_TRUE; + break; + #endif + default: +-- +2.1.4 + diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind_9.10.2-P4.bb b/yocto-poky/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb index 19f87d793..1e3a20f9a 100644 --- a/yocto-poky/meta/recipes-connectivity/bind/bind_9.10.2-P4.bb +++ b/yocto-poky/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb @@ -21,14 +21,14 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \ file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ file://0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch \ file://0001-lib-dns-gen.c-fix-too-long-error.patch \ - file://CVE-2015-8704.patch \ - file://CVE-2015-8705.patch \ - file://CVE-2015-8000.patch \ - file://CVE-2015-8461.patch \ + file://CVE-2016-1285.patch \ + file://CVE-2016-1286_1.patch \ + file://CVE-2016-1286_2.patch \ + file://CVE-2016-2088.patch \ " -SRC_URI[md5sum] = "8b1f5064837756c938eadc1537dec5c7" -SRC_URI[sha256sum] = "c00b21ec1def212957f28efe9d10aac52d6ec515e84fbf2c42143f5d71429cb8" +SRC_URI[md5sum] = "bcf7e772b616f7259420a3edc5df350a" +SRC_URI[sha256sum] = "690810d1fbb72afa629e74638d19cd44e28d2b2e5eb63f55c705ad85d1a4cb83" ENABLE_IPV6 = "--enable-ipv6=${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'yes', 'no', d)}" EXTRA_OECONF = " ${ENABLE_IPV6} --with-randomdev=/dev/random --disable-threads \ @@ -39,11 +39,14 @@ EXTRA_OECONF = " ${ENABLE_IPV6} --with-randomdev=/dev/random --disable-threads \ " inherit autotools update-rc.d systemd useradd pkgconfig -PACKAGECONFIG ?= "" +# PACKAGECONFIGs readline and libedit should NOT be set at same time +PACKAGECONFIG ?= "readline" PACKAGECONFIG[httpstats] = "--with-libxml2,--without-libxml2,libxml2" +PACKAGECONFIG[readline] = "--with-readline=-lreadline,,readline" +PACKAGECONFIG[libedit] = "--with-readline=-ledit,,libedit" USERADD_PACKAGES = "${PN}" -USERADD_PARAM_${PN} = "--system --home /var/cache/bind --no-create-home \ +USERADD_PARAM_${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \ --user-group bind" INITSCRIPT_NAME = "bind" @@ -73,7 +76,7 @@ do_install_append() { rm "${D}${mandir}/man1/nslookup.1" rmdir "${D}${localstatedir}/run" rmdir --ignore-fail-on-non-empty "${D}${localstatedir}" - install -d "${D}${localstatedir}/cache/bind" + install -d -o bind "${D}${localstatedir}/cache/bind" install -d "${D}${sysconfdir}/bind" install -d "${D}${sysconfdir}/init.d" install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/" @@ -81,7 +84,6 @@ do_install_append() { sed -i -e '1s,#!.*python,#! /usr/bin/env python,' ${D}${sbindir}/dnssec-coverage ${D}${sbindir}/dnssec-checkds # Install systemd related files - install -d ${D}${localstatedir}/cache/bind install -d ${D}${sbindir} install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir} install -d ${D}${systemd_unitdir}/system diff --git a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5.inc b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5.inc index df42c88b9..a508229a3 100644 --- a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5.inc +++ b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5.inc @@ -18,10 +18,14 @@ PACKAGECONFIG[experimental] = "--enable-experimental,--disable-experimental," SRC_URI = "\ ${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \ + file://init \ + file://run-ptest \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \ + file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \ " S = "${WORKDIR}/bluez-${PV}" -inherit autotools-brokensep pkgconfig systemd +inherit autotools-brokensep pkgconfig systemd update-rc.d distro_features_check ptest EXTRA_OECONF = "\ --enable-tools \ @@ -42,6 +46,9 @@ NOINST_TOOLS = " \ " do_install_append() { + install -d ${D}${INIT_D_DIR} + install -m 0755 ${WORKDIR}/init ${D}${INIT_D_DIR}/bluetooth + install -d ${D}${sysconfdir}/bluetooth/ if [ -f ${S}/profiles/audio/audio.conf ]; then install -m 0644 ${S}/profiles/audio/audio.conf ${D}/${sysconfdir}/bluetooth/ @@ -53,8 +60,6 @@ do_install_append() { install -m 0644 ${S}/profiles/input/input.conf ${D}/${sysconfdir}/bluetooth/ fi - install -m 0644 ${S}/src/bluetooth.conf ${D}/${sysconfdir}/dbus-1/system.d/ - # Install desired tools that upstream leaves in build area for f in ${NOINST_TOOLS} ; do install -m 755 ${B}/$f ${D}/${bindir} @@ -89,16 +94,19 @@ def get_noinst_tools_paths (d, bb, tools): FILES_${PN}-noinst-tools = "${@get_noinst_tools_paths(d, bb, d.getVar('NOINST_TOOLS', True))}" -FILES_${PN}-dbg += "\ - ${libexecdir}/bluetooth/.debug \ - ${libdir}/bluetooth/plugins/.debug \ - ${libdir}/*/.debug \ - */udev/.debug \ - */*/udev/.debug \ - " - RDEPENDS_${PN}-testtools += "python python-dbus python-pygobject" SYSTEMD_SERVICE_${PN} = "bluetooth.service" +INITSCRIPT_PACKAGES = "${PN}" +INITSCRIPT_NAME_${PN} = "bluetooth" EXCLUDE_FROM_WORLD = "1" + +do_compile_ptest() { + oe_runmake buildtests +} + +do_install_ptest() { + cp -r ${B}/unit/ ${D}${PTEST_PATH} + rm ${D}${PTEST_PATH}/unit/*.c ${D}${PTEST_PATH}/unit/*.o +} diff --git a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch new file mode 100644 index 000000000..2fde7bc06 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch @@ -0,0 +1,63 @@ +From: Giovanni Campagna <gcampagna-cNUdlRotFMnNLxjTenLetw@public.gmane.org> +Date: Sat, 12 Oct 2013 17:45:25 +0200 +Subject: [PATCH] Allow using obexd without systemd in the user session + +Not all sessions run systemd --user (actually, the majority +doesn't), so the dbus daemon must be able to spawn obexd +directly, and to do so it needs the full path of the daemon. + +Upstream-Status: Denied + +Not accepted by upstream maintainer for being a distro specific +configuration. See thread: + +http://thread.gmane.org/gmane.linux.bluez.kernel/38725/focus=38843 + +Signed-off-by: Javier Viguera <javier.viguera@digi.com> +--- + Makefile.obexd | 4 ++-- + obexd/src/org.bluez.obex.service | 4 ---- + obexd/src/org.bluez.obex.service.in | 4 ++++ + 3 files changed, 6 insertions(+), 6 deletions(-) + delete mode 100644 obexd/src/org.bluez.obex.service + create mode 100644 obexd/src/org.bluez.obex.service.in + +diff --git a/Makefile.obexd b/Makefile.obexd +index 2e33cbc72f2b..d5d858c857b4 100644 +--- a/Makefile.obexd ++++ b/Makefile.obexd +@@ -2,12 +2,12 @@ + if SYSTEMD + systemduserunitdir = @SYSTEMD_USERUNITDIR@ + systemduserunit_DATA = obexd/src/obex.service ++endif + + dbussessionbusdir = @DBUS_SESSIONBUSDIR@ + dbussessionbus_DATA = obexd/src/org.bluez.obex.service +-endif + +-EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service ++EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service.in + + obex_plugindir = $(libdir)/obex/plugins + +diff --git a/obexd/src/org.bluez.obex.service b/obexd/src/org.bluez.obex.service +deleted file mode 100644 +index a53808884554..000000000000 +--- a/obexd/src/org.bluez.obex.service ++++ /dev/null +@@ -1,4 +0,0 @@ +-[D-BUS Service] +-Name=org.bluez.obex +-Exec=/bin/false +-SystemdService=dbus-org.bluez.obex.service +diff --git a/obexd/src/org.bluez.obex.service.in b/obexd/src/org.bluez.obex.service.in +new file mode 100644 +index 000000000000..9c815f246b77 +--- /dev/null ++++ b/obexd/src/org.bluez.obex.service.in +@@ -0,0 +1,4 @@ ++[D-BUS Service] ++Name=org.bluez.obex ++Exec=@libexecdir@/obexd ++SystemdService=dbus-org.bluez.obex.service diff --git a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch new file mode 100644 index 000000000..24ddae6b6 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch @@ -0,0 +1,28 @@ +From 4bdf0f96dcaa945fd29f26d56e5b36d8c23e4c8b Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex.kanavin@gmail.com> +Date: Fri, 1 Apr 2016 17:07:34 +0300 +Subject: [PATCH] tests: add a target for building tests without running them + +Upstream-Status: Inappropriate [oe specific] +Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> +--- + Makefile.am | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/Makefile.am b/Makefile.am +index 1a48a71..ba3b92f 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -425,6 +425,9 @@ endif + TESTS = $(unit_tests) + AM_TESTS_ENVIRONMENT = MALLOC_CHECK_=3 MALLOC_PERTURB_=69 + ++# This allows building tests without running them ++buildtests: $(TESTS) ++ + if DBUS_RUN_SESSION + AM_TESTS_ENVIRONMENT += dbus-run-session -- + endif +-- +2.8.0.rc3 + diff --git a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/init b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/init new file mode 100644 index 000000000..1606a5c66 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/init @@ -0,0 +1,68 @@ +#!/bin/sh + +PATH=/sbin:/bin:/usr/sbin:/usr/bin +DESC=bluetooth + +DAEMON=/usr/lib/bluez5/bluetooth/bluetoothd + +# If you want to be ignore error of "org.freedesktop.hostname1", +# please enable NOPLUGIN_OPTION. +# NOPLUGIN_OPTION="--noplugin=hostname" +NOPLUGIN_OPTION="" +SSD_OPTIONS="--oknodo --quiet --exec $DAEMON -- $NOPLUGIN_OPTION" + +test -f $DAEMON || exit 0 + +# FIXME: any of the sourced files may fail if/with syntax errors +test -f /etc/default/bluetooth && . /etc/default/bluetooth +test -f /etc/default/rcS && . /etc/default/rcS + +set -e + +case $1 in + start) + echo "Starting $DESC" + + if test "$BLUETOOTH_ENABLED" = 0; then + echo "disabled. see /etc/default/bluetooth" + exit 0 + fi + + start-stop-daemon --start --background $SSD_OPTIONS + echo "${DAEMON##*/}" + + ;; + stop) + echo "Stopping $DESC" + if test "$BLUETOOTH_ENABLED" = 0; then + echo "disabled." + exit 0 + fi + start-stop-daemon --stop $SSD_OPTIONS + echo "${DAEMON}" + ;; + restart|force-reload) + $0 stop + sleep 1 + $0 start + ;; + status) + pidof ${DAEMON} >/dev/null + status=$? + if [ $status -eq 0 ]; then + echo "bluetooth is running." + else + echo "bluetooth is not running" + fi + exit $status + ;; + *) + N=/etc/init.d/bluetooth + echo "Usage: $N {start|stop|restart|force-reload|status}" >&2 + exit 1 + ;; +esac + +exit 0 + +# vim:noet diff --git a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/run-ptest b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/run-ptest new file mode 100644 index 000000000..21df00c32 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/run-ptest @@ -0,0 +1,31 @@ +#! /bin/sh + +cd unit + +failed=0 +all=0 + +for f in test-*; do + "./$f" + case "$?" in + 0) + echo "PASS: $f" + all=$((all + 1)) + ;; + 77) + echo "SKIP: $f" + ;; + *) + echo "FAIL: $f" + failed=$((failed + 1)) + all=$((all + 1)) + ;; + esac +done + +if [ "$failed" -eq 0 ] ; then + echo "All $all tests passed" +else + echo "$failed of $all tests failed" +fi + diff --git a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5_5.33.bb b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5_5.37.bb index 23c7397e1..db20f79ff 100644 --- a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5_5.33.bb +++ b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5_5.37.bb @@ -1,6 +1,9 @@ require bluez5.inc -SRC_URI[md5sum] = "78782dc33d9a8b6344c4cc1af70c8a98" -SRC_URI[sha256sum] = "1801807a13506678cbfeb15c6a4b89ecb5739efe1067eb464da6641d731436d3" + +REQUIRED_DISTRO_FEATURES = "bluez5" + +SRC_URI[md5sum] = "33177e5743e24b2b3738f72be64e3ffb" +SRC_URI[sha256sum] = "c14ba9ddcb0055522073477b8fd8bf1ddf5d219e75fdfd4699b7e0ce5350d6b0" # noinst programs in Makefile.tools that are conditional on READLINE # support diff --git a/yocto-poky/meta/recipes-connectivity/connman/connman-conf.bb b/yocto-poky/meta/recipes-connectivity/connman/connman-conf.bb index 9254ed703..9a519ec86 100644 --- a/yocto-poky/meta/recipes-connectivity/connman/connman-conf.bb +++ b/yocto-poky/meta/recipes-connectivity/connman/connman-conf.bb @@ -4,8 +4,11 @@ network interface for a qemu machine." LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6" +inherit systemd + SRC_URI_append_qemuall = " file://wired.config \ file://wired-setup \ + file://wired-connection.service \ " PR = "r2" @@ -17,10 +20,17 @@ FILES_${PN} = "${localstatedir}/* ${datadir}/*" do_install() { #Configure Wired network interface in case of qemu* machines - if test -e ${WORKDIR}/wired.config && test -e ${WORKDIR}/wired-setup; then + if test -e ${WORKDIR}/wired.config && + test -e ${WORKDIR}/wired-setup && + test -e ${WORKDIR}/wired-connection.service; then install -d ${D}${localstatedir}/lib/connman install -m 0644 ${WORKDIR}/wired.config ${D}${localstatedir}/lib/connman install -d ${D}${datadir}/connman install -m 0755 ${WORKDIR}/wired-setup ${D}${datadir}/connman + install -d ${D}${systemd_system_unitdir} + install -m 0644 ${WORKDIR}/wired-connection.service ${D}${systemd_system_unitdir} + sed -i -e 's|@SCRIPTDIR@|${datadir}/connman|g' ${D}${systemd_system_unitdir}/wired-connection.service fi } + +SYSTEMD_SERVICE_${PN}_qemuall = "wired-connection.service" diff --git a/yocto-poky/meta/recipes-connectivity/connman/connman-conf/qemuall/wired-connection.service b/yocto-poky/meta/recipes-connectivity/connman/connman-conf/qemuall/wired-connection.service new file mode 100644 index 000000000..48adfc08a --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/connman/connman-conf/qemuall/wired-connection.service @@ -0,0 +1,10 @@ +[Unit] +Description=Setup a wired interface +Before=connman.service + +[Service] +Type=oneshot +ExecStart=@SCRIPTDIR@/wired-setup + +[Install] +WantedBy=network.target diff --git a/yocto-poky/meta/recipes-connectivity/connman/connman.inc b/yocto-poky/meta/recipes-connectivity/connman/connman.inc index afdb3f2d0..c3752514c 100644 --- a/yocto-poky/meta/recipes-connectivity/connman/connman.inc +++ b/yocto-poky/meta/recipes-connectivity/connman/connman.inc @@ -15,7 +15,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \ inherit autotools pkgconfig systemd update-rc.d bluetooth -DEPENDS = "dbus glib-2.0 ppp iptables" +DEPENDS = "dbus glib-2.0 ppp iptables readline" INC_PR = "r20" @@ -43,7 +43,7 @@ PACKAGECONFIG ??= "wispr \ # local.conf or distro config # PACKAGECONFIG_append_pn-connman = " openvpn vpnc l2tp pptp" -PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/,--with-systemdunitdir=" +PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/ --with-tmpfilesdir=${sysconfdir}/tmpfiles.d/,--with-systemdunitdir='' --with-tmpfilesdir=''" PACKAGECONFIG[wifi] = "--enable-wifi, --disable-wifi, wpa-supplicant, wpa-supplicant" PACKAGECONFIG[bluez] = "--enable-bluetooth, --disable-bluetooth, ${BLUEZ}, ${BLUEZ}" PACKAGECONFIG[3g] = "--enable-ofono, --disable-ofono, ofono, ofono" @@ -68,11 +68,7 @@ python __anonymous () { SYSTEMD_SERVICE_${PN} = "connman.service" SYSTEMD_SERVICE_${PN}-vpn = "connman-vpn.service" -SYSTEMD_WIRED_SETUP = "ExecStartPre=-${datadir}/connman/wired-setup" - -do_compile_append() { - sed -i "s#ExecStart=#${SYSTEMD_WIRED_SETUP}\nExecStart=#" ${B}/src/connman.service -} +SYSTEMD_SERVICE_${PN}-wait-online = "connman-wait-online.service" do_install_append() { if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then @@ -142,23 +138,26 @@ python populate_packages_prepend() { PACKAGES =+ "${PN}-tools ${PN}-tests ${PN}-client" FILES_${PN}-tools = "${bindir}/wispr" +RDEPENDS_${PN}-tools ="${PN}" FILES_${PN}-tests = "${bindir}/*-test ${libdir}/${BPN}/test/*" -RDEPENDS_${PN}-tests = "python-dbus python-pygobject python-textutils python-subprocess python-fcntl python-netclient" +RDEPENDS_${PN}-tests = "python-dbus python-pygobject python-textutils python-subprocess python-fcntl python-netclient \ + ${PN} \ +" FILES_${PN}-client = "${bindir}/connmanctl" +RDEPENDS_${PN}-client ="${PN}" FILES_${PN} = "${bindir}/* ${sbindir}/* ${libexecdir}/* ${libdir}/lib*.so.* \ ${libdir}/connman/plugins \ ${sysconfdir} ${sharedstatedir} ${localstatedir} \ ${base_bindir}/* ${base_sbindir}/* ${base_libdir}/*.so* ${datadir}/${PN} \ - ${datadir}/dbus-1/system-services/*" - -FILES_${PN}-dbg += "${libdir}/connman/*/.debug" + ${datadir}/dbus-1/system-services/* \ + ${sysconfdir}/tmpfiles.d/connman_resolvconf.conf" FILES_${PN}-dev += "${libdir}/connman/*/*.la" -PACKAGES =+ "${PN}-vpn" +PACKAGES =+ "${PN}-vpn ${PN}-wait-online" SUMMARY_${PN}-vpn = "A daemon for managing VPN connections within embedded devices" DESCRIPTION_${PN}-vpn = "The ConnMan VPN provides a daemon for \ @@ -172,6 +171,12 @@ FILES_${PN}-vpn += "${sbindir}/connman-vpnd \ ${datadir}/dbus-1/system-services/net.connman.vpn.service \ ${systemd_unitdir}/system/connman-vpn.service" +SUMMARY_${PN}-wait-online = "A program that will return once ConnMan has connected to a network" +DESCRIPTION_${PN}-wait-online = "A service that can be enabled so that \ +the system waits until a network connection is established." +FILES_${PN}-wait-online += "${sbindir}/connmand-wait-online \ + ${systemd_unitdir}/system/connman-wait-online.service" + SUMMARY_${PN}-plugin-vpn-openvpn = "An OpenVPN plugin for ConnMan VPN" DESCRIPTION_${PN}-plugin-vpn-openvpn = "The ConnMan OpenVPN plugin uses openvpn client \ to create a VPN connection to OpenVPN server." diff --git a/yocto-poky/meta/recipes-connectivity/connman/connman/0001-iptables-Add-missing-function-item-of-xtables-to-mat.patch b/yocto-poky/meta/recipes-connectivity/connman/connman/0001-iptables-Add-missing-function-item-of-xtables-to-mat.patch new file mode 100644 index 000000000..1b5a3e440 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/connman/connman/0001-iptables-Add-missing-function-item-of-xtables-to-mat.patch @@ -0,0 +1,42 @@ +From acea08a0e4234a4c1a87bedc087c73ff36de0c7b Mon Sep 17 00:00:00 2001 +From: Wu Zheng <wu.zheng@intel.com> +Date: Thu, 28 Jan 2016 18:04:17 +0800 +Subject: [PATCH] iptables: Add missing function item of xtables to match + iptables 1.6 + +The struct of xtables_globals has been modified in iptables 1.6. +If connman runs with iptables 1.6, it can crash. + +Program received signal SIGSEGV, Segmentation fault. +0x00000000 in ?? () +0xb7dea89c in xtables_find_target () from /usr/lib/libxtables.so.11 +0xb7deac1c in ?? () from /usr/lib/libxtables.so.11 +0xb7dea793 in xtables_find_target () from /usr/lib/libxtables.so.11 + +The the missing function item of xtables is added to xtables_globals. + +Upstream-Status: Backport + +Signed-off-by: Maxin B. John <maxin.john@intel.com> +Signed-off-by: Wu Zheng <wu.zheng@intel.com> +--- + src/iptables.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/iptables.c b/src/iptables.c +index bc0c763..5ef757a 100644 +--- a/src/iptables.c ++++ b/src/iptables.c +@@ -1566,6 +1566,9 @@ struct xtables_globals iptables_globals = { + .option_offset = 0, + .opts = iptables_opts, + .orig_opts = iptables_opts, ++#if XTABLES_VERSION_CODE > 10 ++ .compat_rev = xtables_compatible_revision, ++#endif + }; + + static struct xtables_target *prepare_target(struct connman_iptables *table, +-- +2.4.0 + diff --git a/yocto-poky/meta/recipes-connectivity/connman/connman/0003-Fix-header-inclusions-for-musl.patch b/yocto-poky/meta/recipes-connectivity/connman/connman/0003-Fix-header-inclusions-for-musl.patch index 6327aa2cb..eefc6834b 100644 --- a/yocto-poky/meta/recipes-connectivity/connman/connman/0003-Fix-header-inclusions-for-musl.patch +++ b/yocto-poky/meta/recipes-connectivity/connman/connman/0003-Fix-header-inclusions-for-musl.patch @@ -14,10 +14,10 @@ Upstream-Status: Pending tools/dnsproxy-test.c | 1 + 5 files changed, 3 insertions(+), 5 deletions(-) -diff --git a/gweb/gresolv.c b/gweb/gresolv.c -index 3ad8e70..61d6fe8 100644 ---- a/gweb/gresolv.c -+++ b/gweb/gresolv.c +Index: connman-1.30/gweb/gresolv.c +=================================================================== +--- connman-1.30.orig/gweb/gresolv.c ++++ connman-1.30/gweb/gresolv.c @@ -28,6 +28,7 @@ #include <stdarg.h> #include <string.h> @@ -26,10 +26,10 @@ index 3ad8e70..61d6fe8 100644 #include <resolv.h> #include <sys/types.h> #include <sys/socket.h> -diff --git a/plugins/wifi.c b/plugins/wifi.c -index dfe849f..99cff3f 100644 ---- a/plugins/wifi.c -+++ b/plugins/wifi.c +Index: connman-1.30/plugins/wifi.c +=================================================================== +--- connman-1.30.orig/plugins/wifi.c ++++ connman-1.30/plugins/wifi.c @@ -30,9 +30,8 @@ #include <string.h> #include <sys/ioctl.h> @@ -41,10 +41,10 @@ index dfe849f..99cff3f 100644 #ifndef IFF_LOWER_UP #define IFF_LOWER_UP 0x10000 -diff --git a/src/tethering.c b/src/tethering.c -index ceeec74..c44cb36 100644 ---- a/src/tethering.c -+++ b/src/tethering.c +Index: connman-1.30/src/tethering.c +=================================================================== +--- connman-1.30.orig/src/tethering.c ++++ connman-1.30/src/tethering.c @@ -31,10 +31,8 @@ #include <stdio.h> #include <sys/ioctl.h> @@ -56,10 +56,10 @@ index ceeec74..c44cb36 100644 #include <netinet/in.h> #include <linux/if_bridge.h> -diff --git a/tools/dhcp-test.c b/tools/dhcp-test.c -index c34e10a..eae66fc 100644 ---- a/tools/dhcp-test.c -+++ b/tools/dhcp-test.c +Index: connman-1.30/tools/dhcp-test.c +=================================================================== +--- connman-1.30.orig/tools/dhcp-test.c ++++ connman-1.30/tools/dhcp-test.c @@ -33,7 +33,6 @@ #include <arpa/inet.h> #include <net/route.h> @@ -68,10 +68,10 @@ index c34e10a..eae66fc 100644 #include <gdhcp/gdhcp.h> -diff --git a/tools/dnsproxy-test.c b/tools/dnsproxy-test.c -index 551cae9..226ba86 100644 ---- a/tools/dnsproxy-test.c -+++ b/tools/dnsproxy-test.c +Index: connman-1.30/tools/dnsproxy-test.c +=================================================================== +--- connman-1.30.orig/tools/dnsproxy-test.c ++++ connman-1.30/tools/dnsproxy-test.c @@ -27,6 +27,7 @@ #include <stdlib.h> #include <string.h> @@ -80,6 +80,39 @@ index 551cae9..226ba86 100644 #include <arpa/inet.h> #include <netinet/in.h> #include <sys/types.h> --- -2.5.1 - +Index: connman-1.30/configure.ac +=================================================================== +--- connman-1.30.orig/configure.ac ++++ connman-1.30/configure.ac +@@ -173,6 +173,8 @@ AM_CONDITIONAL(PPTP_BUILTIN, test "${ena + + AC_CHECK_HEADERS([execinfo.h]) + ++AC_CHECK_MEMBERS([struct in6_pktinfo.ipi6_addr], [], [], [[#include <netinet/in.h>]]) ++ + AC_CHECK_HEADERS(resolv.h, dummy=yes, + AC_MSG_ERROR(resolver header files are required)) + AC_CHECK_LIB(resolv, ns_initparse, dummy=yes, [ +Index: connman-1.30/gdhcp/common.h +=================================================================== +--- connman-1.30.orig/gdhcp/common.h ++++ connman-1.30/gdhcp/common.h +@@ -19,6 +19,7 @@ + * + */ + ++#include <config.h> + #include <netinet/udp.h> + #include <netinet/ip.h> + +@@ -170,8 +171,8 @@ static const uint8_t dhcp_option_lengths + [OPTION_U32] = 4, + }; + +-/* already defined within netinet/in.h if using GNU compiler */ +-#ifndef __USE_GNU ++/* already defined within netinet/in.h if using GNU or musl libc */ ++#ifndef HAVE_STRUCT_IN6_PKTINFO_IPI6_ADDR + struct in6_pktinfo { + struct in6_addr ipi6_addr; /* src/dst IPv6 address */ + unsigned int ipi6_ifindex; /* send/recv interface index */ diff --git a/yocto-poky/meta/recipes-connectivity/connman/connman_1.30.bb b/yocto-poky/meta/recipes-connectivity/connman/connman_1.31.bb index 7d65ac931..e71d2218a 100644 --- a/yocto-poky/meta/recipes-connectivity/connman/connman_1.30.bb +++ b/yocto-poky/meta/recipes-connectivity/connman/connman_1.31.bb @@ -5,10 +5,11 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ file://0001-Detect-backtrace-API-availability-before-using-it.patch \ file://0002-resolve-musl-does-not-implement-res_ninit.patch \ file://0003-Fix-header-inclusions-for-musl.patch \ + file://0001-iptables-Add-missing-function-item-of-xtables-to-mat.patch \ file://connman \ " -SRC_URI[md5sum] = "4a3efdbd6796922db9c6f66da57887fa" -SRC_URI[sha256sum] = "5c5e464bacc9c27ed4e7269fb9b5059f07947f5be26433b59212133663ffa991" +SRC_URI[md5sum] = "cb1c413fcc4f49430294bbd7a92f5f3c" +SRC_URI[sha256sum] = "88fcf0b6df334796b90e2fd2e434d6f5b36cd6f13b886a119b8c90276b72b8e2" RRECOMMENDS_${PN} = "connman-conf" diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp.inc b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp.inc index d883a8df4..5e396f159 100644 --- a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp.inc +++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp.inc @@ -18,9 +18,16 @@ SRC_URI = "ftp://ftp.isc.org/isc/dhcp/${PV}/dhcp-${PV}.tar.gz \ file://init-server file://default-server \ file://dhclient.conf file://dhcpd.conf \ file://dhcpd.service file://dhcrelay.service \ - file://dhcpd6.service " + file://dhcpd6.service \ + file://search-for-libxml2.patch " -inherit autotools systemd +UPSTREAM_CHECK_URI = "ftp://ftp.isc.org/isc/dhcp/" +UPSTREAM_CHECK_REGEX = "(?P<pver>\d+\.\d+\.(\d+?))/" + +inherit autotools systemd useradd update-rc.d + +USERADD_PACKAGES = "${PN}-server" +USERADD_PARAM_${PN}-server = "--system --no-create-home --home-dir /var/run/${PN} --shell /bin/false --user-group ${PN}" SYSTEMD_PACKAGES = "${PN}-server ${PN}-relay" SYSTEMD_SERVICE_${PN}-server = "dhcpd.service dhcpd6.service" @@ -29,12 +36,17 @@ SYSTEMD_AUTO_ENABLE_${PN}-server = "disable" SYSTEMD_SERVICE_${PN}-relay = "dhcrelay.service" SYSTEMD_AUTO_ENABLE_${PN}-relay = "disable" +INITSCRIPT_PACKAGES = "dhcp-server" +INITSCRIPT_NAME_dhcp-server = "dhcp-server" +INITSCRIPT_PARAMS_dhcp-server = "defaults" + TARGET_CFLAGS += "-D_GNU_SOURCE" EXTRA_OECONF = "--with-srv-lease-file=${localstatedir}/lib/dhcp/dhcpd.leases \ --with-srv6-lease-file=${localstatedir}/lib/dhcp/dhcpd6.leases \ --with-cli-lease-file=${localstatedir}/lib/dhcp/dhclient.leases \ --with-cli6-lease-file=${localstatedir}/lib/dhcp/dhclient6.leases \ --with-libbind=${STAGING_LIBDIR}/ \ + --enable-paranoia \ " do_install_append () { diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/0001-site.h-enable-gentle-shutdown.patch b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/0001-site.h-enable-gentle-shutdown.patch new file mode 100644 index 000000000..434421230 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/0001-site.h-enable-gentle-shutdown.patch @@ -0,0 +1,25 @@ +Upstream-Status: Inappropriate [configuration] + +Subject: [PATCH] site.h: enable gentle shutdown + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + includes/site.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/includes/site.h b/includes/site.h +index 73fa4e8..9c33de3 100644 +--- a/includes/site.h ++++ b/includes/site.h +@@ -280,7 +280,7 @@ + situations. We plan to revisit this feature and may + make non-backwards compatible changes including the + removal of this define. Use at your own risk. */ +-/* #define ENABLE_GENTLE_SHUTDOWN */ ++#define ENABLE_GENTLE_SHUTDOWN + + /* Include old error codes. This is provided in case you + are building an external program similar to omshell for +-- +1.9.1 + diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605.patch b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605.patch new file mode 100644 index 000000000..923d5d5c5 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605.patch @@ -0,0 +1,99 @@ +Solves CVE-2015-8605 that caused DoS when an invalid lenght field in IPv4 UDP +was recived by the server. + +Upstream-Status: Backport +CVE: CVE-2015-8605 + +Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com> + +======================================================================= +diff --git a/common/packet.c b/common/packet.c +index b530432..e600e37 100644 +--- a/common/packet.c ++++ b/common/packet.c +@@ -220,7 +220,28 @@ ssize_t decode_hw_header (interface, buf, bufix, from) + } + } + +-/* UDP header and IP header decoded together for convenience. */ ++/*! ++ * ++ * \brief UDP header and IP header decoded together for convenience. ++ * ++ * Attempt to decode the UDP and IP headers and, if necessary, checksum ++ * the packet. ++ * ++ * \param inteface - the interface on which the packet was recevied ++ * \param buf - a pointer to the buffer for the received packet ++ * \param bufix - where to start processing the buffer, previous ++ * routines may have processed parts of the buffer already ++ * \param from - space to return the address of the packet sender ++ * \param buflen - remaining length of the buffer, this will have been ++ * decremented by bufix by the caller ++ * \param rbuflen - space to return the length of the payload from the udp ++ * header ++ * \param csum_ready - indication if the checksum is valid for use ++ * non-zero indicates the checksum should be validated ++ * ++ * \return - the index to the first byte of the udp payload (that is the ++ * start of the DHCP packet ++ */ + + ssize_t + decode_udp_ip_header(struct interface_info *interface, +@@ -231,7 +252,7 @@ decode_udp_ip_header(struct interface_info *interface, + unsigned char *data; + struct ip ip; + struct udphdr udp; +- unsigned char *upp, *endbuf; ++ unsigned char *upp; + u_int32_t ip_len, ulen, pkt_len; + static unsigned int ip_packets_seen = 0; + static unsigned int ip_packets_bad_checksum = 0; +@@ -241,11 +262,8 @@ decode_udp_ip_header(struct interface_info *interface, + static unsigned int udp_packets_length_overflow = 0; + unsigned len; + +- /* Designate the end of the input buffer for bounds checks. */ +- endbuf = buf + bufix + buflen; +- + /* Assure there is at least an IP header there. */ +- if ((buf + bufix + sizeof(ip)) > endbuf) ++ if (sizeof(ip) > buflen) + return -1; + + /* Copy the IP header into a stack aligned structure for inspection. +@@ -257,13 +275,17 @@ decode_udp_ip_header(struct interface_info *interface, + ip_len = (*upp & 0x0f) << 2; + upp += ip_len; + +- /* Check the IP packet length. */ ++ /* Check packet lengths are within the buffer: ++ * first the ip header (ip_len) ++ * then the packet length from the ip header (pkt_len) ++ * then the udp header (ip_len + sizeof(udp) ++ * We are liberal in what we accept, the udp payload should fit within ++ * pkt_len, but we only check against the full buffer size. ++ */ + pkt_len = ntohs(ip.ip_len); +- if (pkt_len > buflen) +- return -1; +- +- /* Assure after ip_len bytes that there is enough room for a UDP header. */ +- if ((upp + sizeof(udp)) > endbuf) ++ if ((ip_len > buflen) || ++ (pkt_len > buflen) || ++ ((ip_len + sizeof(udp)) > buflen)) + return -1; + + /* Copy the UDP header into a stack aligned structure for inspection. */ +@@ -284,7 +306,8 @@ decode_udp_ip_header(struct interface_info *interface, + return -1; + + udp_packets_length_checked++; +- if ((upp + ulen) > endbuf) { ++ /* verify that the payload length from the udp packet fits in the buffer */ ++ if ((ip_len + ulen) > buflen) { + udp_packets_length_overflow++; + if (((udp_packets_length_checked > 4) && + (udp_packets_length_overflow != 0)) && diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2016-2774.patch b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2016-2774.patch new file mode 100644 index 000000000..4836dbc2a --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2016-2774.patch @@ -0,0 +1,65 @@ +From b9f56d578ebfd649b5d829960540859ac6ca931c Mon Sep 17 00:00:00 2001 +From: Catalin Enache <catalin.enache@windriver.com> +Date: Tue, 12 Apr 2016 18:23:31 +0300 +Subject: [PATCH] Add patch to limit the value of an fd we accept for a + connection. + +By limiting the highest value we accept for an fd we limit the number +of connections. + +Upstream-Status: Backport +CVE: CVE-2016-2774 + +Author: Shawn Routhier <sar@isc.org> +Signed-off-by: Catalin Enache <catalin.enache@windriver.com> +--- + includes/site.h | 6 ++++++ + omapip/listener.c | 9 +++++++-- + 3 files changed, 18 insertions(+), 2 deletions(-) + +diff --git a/includes/site.h b/includes/site.h +index 9c33de3..df020c8 100644 +--- a/includes/site.h ++++ b/includes/site.h +@@ -290,6 +290,12 @@ + this option will be removed at some time. */ + /* #define INCLUDE_OLD_DHCP_ISC_ERROR_CODES */ + ++/* Limit the value of a file descriptor the serve will use ++ when accepting a connecting request. This can be used to ++ limit the number of TCP connections that the server will ++ allow at one time. A value of 0 means there is no limit.*/ ++#define MAX_FD_VALUE 200 ++ + /* Include definitions for various options. In general these + should be left as is, but if you have already defined one + of these and prefer your definition you can comment the +diff --git a/omapip/listener.c b/omapip/listener.c +index 8bdcdbd..61473cf 100644 +--- a/omapip/listener.c ++++ b/omapip/listener.c +@@ -3,7 +3,7 @@ + Subroutines that support the generic listener object. */ + + /* +- * Copyright (c) 2012,2014 by Internet Systems Consortium, Inc. ("ISC") ++ * Copyright (c) 2012,2014,2016 by Internet Systems Consortium, Inc. ("ISC") + * Copyright (c) 2004,2007,2009 by Internet Systems Consortium, Inc. ("ISC") + * Copyright (c) 1999-2003 by Internet Software Consortium + * +@@ -233,7 +233,12 @@ isc_result_t omapi_accept (omapi_object_t *h) + return ISC_R_NORESOURCES; + return ISC_R_UNEXPECTED; + } +- ++ ++ if ((MAX_FD_VALUE != 0) && (socket > MAX_FD_VALUE)) { ++ close(socket); ++ return (ISC_R_NORESOURCES); ++ } ++ + #if defined (TRACING) + /* If we're recording a trace, remember the connection. */ + if (trace_record ()) { +-- +2.7.4 diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch index 12d3c9bdb..32bdaf08e 100644 --- a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch +++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch @@ -1,6 +1,6 @@ define macro _PATH_DHCPD_CONF and _PATH_DHCLIENT_CONF -Upstream-Status: inappropriate <oe specific> +Upstream-Status: Inappropriate [OE specific] Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> --- diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fix-external-bind.patch b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fix-external-bind.patch index a291fdaf5..956c5d8b5 100644 --- a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fix-external-bind.patch +++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fix-external-bind.patch @@ -6,24 +6,25 @@ this patch is to allow building with external bind Signed-off-by: Qing He <qing.he@intel.com> -Index: dhcp-4.3.0/Makefile.am -=================================================================== ---- dhcp-4.3.0.orig/Makefile.am -+++ dhcp-4.3.0/Makefile.am +Rebase the patch to 4.3.3 +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- +diff --git a/Makefile.am b/Makefile.am +--- a/Makefile.am ++++ b/Makefile.am @@ -25,7 +25,7 @@ EXTRA_DIST = RELNOTES LICENSE \ - bind/Makefile bind/bind.tar.gz bind/version.tmp \ + bind/Makefile.in bind/bind.tar.gz bind/version.tmp \ common/tests/Atffile server/tests/Atffile --SUBDIRS = bind includes tests common dst omapip client dhcpctl relay server -+SUBDIRS = includes tests common dst omapip client dhcpctl relay server +-SUBDIRS = bind includes tests common omapip client dhcpctl relay server ++SUBDIRS = includes tests common omapip client dhcpctl relay server nobase_include_HEADERS = dhcpctl/dhcpctl.h -Index: dhcp-4.3.0/client/Makefile.am -=================================================================== ---- dhcp-4.3.0.orig/client/Makefile.am -+++ dhcp-4.3.0/client/Makefile.am -@@ -4,8 +4,8 @@ dhclient_SOURCES = clparse.c dhclient.c +diff --git a/client/Makefile.am b/client/Makefile.am +--- a/client/Makefile.am ++++ b/client/Makefile.am +@@ -10,8 +10,8 @@ dhclient_SOURCES = clparse.c dhclient.c dhc6.c \ scripts/bsdos scripts/freebsd scripts/linux scripts/macos \ scripts/netbsd scripts/nextstep scripts/openbsd \ scripts/solaris scripts/openwrt @@ -34,22 +35,20 @@ Index: dhcp-4.3.0/client/Makefile.am man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5 EXTRA_DIST = $(man_MANS) -Index: dhcp-4.3.0/configure.ac -=================================================================== ---- dhcp-4.3.0.orig/configure.ac -+++ dhcp-4.3.0/configure.ac -@@ -566,6 +566,7 @@ no) - libbind="$use_libbind" +diff --git a/configure.ac b/configure.ac +--- a/configure.ac ++++ b/configure.ac +@@ -623,6 +623,7 @@ no) + fi ;; esac +AC_SUBST([libbind]) # OpenLDAP support. AC_ARG_WITH(ldap, -Index: dhcp-4.3.0/dhcpctl/Makefile.am -=================================================================== ---- dhcp-4.3.0.orig/dhcpctl/Makefile.am -+++ dhcp-4.3.0/dhcpctl/Makefile.am +diff --git a/dhcpctl/Makefile.am b/dhcpctl/Makefile.am +--- a/dhcpctl/Makefile.am ++++ b/dhcpctl/Makefile.am @@ -6,12 +6,12 @@ EXTRA_DIST = $(man_MANS) omshell_SOURCES = omshell.c @@ -67,10 +66,9 @@ Index: dhcp-4.3.0/dhcpctl/Makefile.am - ../bind/lib/libisccfg.a ../bind/lib/libisc.a + $(libbind)/libirs.a $(libbind)/libdns.a \ + $(libbind)/libisccfg.a $(libbind)/libisc.a -Index: dhcp-4.3.0/omapip/Makefile.am -=================================================================== ---- dhcp-4.3.0.orig/omapip/Makefile.am -+++ dhcp-4.3.0/omapip/Makefile.am +diff --git a/omapip/Makefile.am b/omapip/Makefile.am +--- a/omapip/Makefile.am ++++ b/omapip/Makefile.am @@ -10,6 +10,6 @@ man_MANS = omapi.3 EXTRA_DIST = $(man_MANS) @@ -80,11 +78,10 @@ Index: dhcp-4.3.0/omapip/Makefile.am +svtest_LDADD = libomapi.a $(libbind)/libirs.a $(libbind)/libdns.a \ + $(libbind)/libisccfg.a $(libbind)/libisc.a -Index: dhcp-4.3.0/relay/Makefile.am -=================================================================== ---- dhcp-4.3.0.orig/relay/Makefile.am -+++ dhcp-4.3.0/relay/Makefile.am -@@ -3,8 +3,8 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst +diff --git a/relay/Makefile.am b/relay/Makefile.am +--- a/relay/Makefile.am ++++ b/relay/Makefile.am +@@ -3,8 +3,8 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localstatedir@"' sbin_PROGRAMS = dhcrelay dhcrelay_SOURCES = dhcrelay.c dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \ @@ -95,18 +92,24 @@ Index: dhcp-4.3.0/relay/Makefile.am man_MANS = dhcrelay.8 EXTRA_DIST = $(man_MANS) -Index: dhcp-4.3.0/server/Makefile.am -=================================================================== ---- dhcp-4.3.0.orig/server/Makefile.am -+++ dhcp-4.3.0/server/Makefile.am -@@ -14,8 +14,8 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c +diff --git a/server/Makefile.am b/server/Makefile.am +--- a/server/Makefile.am ++++ b/server/Makefile.am +@@ -14,10 +14,12 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c confpars.c db.c class.c failover.c \ dhcpd_CFLAGS = $(LDAP_CFLAGS) dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \ - ../dhcpctl/libdhcpctl.a ../bind/lib/libirs.a \ -- ../bind/lib/libdns.a ../bind/lib/libisccfg.a ../bind/lib/libisc.a +- ../bind/lib/libdns.a ../bind/lib/libisccfg.a ../bind/lib/libisc.a \ + ../dhcpctl/libdhcpctl.a $(libbind)/libirs.a \ -+ $(libbind)/libdns.a $(libbind)/libisccfg.a $(libbind)/libisc.a ++ $(libbind)/libdns.a $(libbind)/libisccfg.a $(libbind)/libisc.a \ + $(LDAP_LIBS) ++ dhcpd_CFLAGS = $(LDAP_CFLAGS) ++ man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5 EXTRA_DIST = $(man_MANS) + +-- +1.9.1 + diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch index 14e75a37e..b3f8fdb0a 100644 --- a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch +++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch @@ -7,15 +7,6 @@ RP 2013/03/21 Rebase to 4.3.1 Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> --- - client/Makefile.am | 6 ++++-- - common/Makefile.am | 2 +- - dhcpctl/Makefile.am | 2 ++ - dst/Makefile.am | 2 +- - omapip/Makefile.am | 2 ++ - relay/Makefile.am | 2 +- - server/Makefile.am | 2 +- - 7 files changed, 12 insertions(+), 6 deletions(-) - diff --git a/client/Makefile.am b/client/Makefile.am index 8411960..1740f72 100644 --- a/client/Makefile.am @@ -60,16 +51,6 @@ index 2987a53..cd72d75 100644 bin_PROGRAMS = omshell lib_LIBRARIES = libdhcpctl.a noinst_PROGRAMS = cltest -diff --git a/dst/Makefile.am b/dst/Makefile.am -index 8937fe8..a14798b 100644 ---- a/dst/Makefile.am -+++ b/dst/Makefile.am -@@ -1,4 +1,4 @@ --AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5 -+AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5 -I$(top_srcdir)/includes - - lib_LIBRARIES = libdst.a - diff --git a/omapip/Makefile.am b/omapip/Makefile.am index 5074479..9c0fab3 100644 --- a/omapip/Makefile.am diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/search-for-libxml2.patch b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/search-for-libxml2.patch new file mode 100644 index 000000000..a08a5b725 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/search-for-libxml2.patch @@ -0,0 +1,23 @@ +libdns requires libxml2 if bind was built with libxml2 support +enabled. Compilation will fail for omapip/test.c in case +lxml2 isn't used during the build. So, we add losely coupled +search path which will pick up the lib if it is present. + +Signed-off-by: Awais Belal <awais_belal@mentor.com> +Upstream-Status: Pending + +diff --git a/configure.ac b/configure.ac +index c9dc8b5..85f59be 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -602,6 +602,10 @@ no) + esac + AC_SUBST([libbind]) + ++# We need to find libxml2 if bind was built with support enabled ++# otherwise we'll fail to build omapip/test.c ++AC_SEARCH_LIBS(xmlTextWriterStartElement, [xml2],) ++ + # OpenLDAP support. + AC_ARG_WITH(ldap, + AS_HELP_STRING([--with-ldap],[enable OpenLDAP support in dhcpd (default is no)]), diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp_4.3.2.bb b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp_4.3.3.bb index b4a05fcd9..4e8cd272b 100644 --- a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp_4.3.2.bb +++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp_4.3.3.bb @@ -6,7 +6,10 @@ SRC_URI += "file://dhcp-3.0.3-dhclient-dbus.patch;striplevel=0 \ file://fixsepbuild.patch \ file://dhclient-script-drop-resolv.conf.dhclient.patch \ file://replace-ifconfig-route.patch \ + file://CVE-2015-8605.patch \ + file://0001-site.h-enable-gentle-shutdown.patch \ + file://CVE-2016-2774.patch \ " -SRC_URI[md5sum] = "5a284875dd2c12ddd388416d69156a67" -SRC_URI[sha256sum] = "6246c9b358759f6cdcc45104caaf76e732a211dbbbbf64a21f499c8db1298165" +SRC_URI[md5sum] = "c5577b09c9017cdd319a11ff6364268e" +SRC_URI[sha256sum] = "553c4945b09b1c1b904c4780f34f72aaefa2fc8c6556715de0bc9d4e3d255ede" diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/files/init-server b/yocto-poky/meta/recipes-connectivity/dhcp/files/init-server index 34c20852b..5e693adf7 100644 --- a/yocto-poky/meta/recipes-connectivity/dhcp/files/init-server +++ b/yocto-poky/meta/recipes-connectivity/dhcp/files/init-server @@ -20,7 +20,7 @@ case "$1" in echo -n "Starting DHCP server: " test -d /var/lib/dhcp/ || mkdir -p /var/lib/dhcp/ test -f /var/lib/dhcp/dhcpd.leases || touch /var/lib/dhcp/dhcpd.leases - start-stop-daemon -S -x /usr/sbin/dhcpd -- -q $INTERFACES + start-stop-daemon -S -x /usr/sbin/dhcpd -- -q $INTERFACES -user dhcp -group dhcp echo "." ;; stop) diff --git a/yocto-poky/meta/recipes-connectivity/iproute2/iproute2.inc b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2.inc index 29f90629a..86e931063 100644 --- a/yocto-poky/meta/recipes-connectivity/iproute2/iproute2.inc +++ b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2.inc @@ -13,7 +13,7 @@ DEPENDS = "flex-native bison-native iptables elfutils" inherit update-alternatives -EXTRA_OEMAKE = "CC='${CC}' KERNEL_INCLUDE=${STAGING_INCDIR} DOCDIR=${docdir}/iproute2 SUBDIRS='lib tc ip' SBINDIR='${base_sbindir}' LIBDIR='${libdir}'" +EXTRA_OEMAKE = "CC='${CC}' KERNEL_INCLUDE=${STAGING_INCDIR} DOCDIR=${docdir}/iproute2 SUBDIRS='lib tc ip bridge misc genl' SBINDIR='${base_sbindir}' LIBDIR='${libdir}'" do_configure_append () { sh configure ${STAGING_INCDIR} @@ -32,11 +32,15 @@ do_install () { # The .so files in iproute2-tc are modules, not traditional libraries INSANE_SKIP_${PN}-tc = "dev-so" -PACKAGES =+ "${PN}-tc" +PACKAGES =+ "${PN}-tc ${PN}-lnstat ${PN}-ifstat ${PN}-genl ${PN}-rtacct ${PN}-nstat ${PN}-ss" FILES_${PN}-tc = "${base_sbindir}/tc* \ ${libdir}/tc/*.so" - -FILES_${PN}-dbg += "${libdir}/tc/.debug" +FILES_${PN}-lnstat = "${base_sbindir}/lnstat ${base_sbindir}/ctstat ${base_sbindir}/rtstat" +FILES_${PN}-ifstat = "${base_sbindir}/ifstat" +FILES_${PN}-genl = "${base_sbindir}/genl" +FILES_${PN}-rtacct = "${base_sbindir}/rtacct" +FILES_${PN}-nstat = "${base_sbindir}/nstat" +FILES_${PN}-ss = "${base_sbindir}/ss" ALTERNATIVE_${PN} = "ip" ALTERNATIVE_TARGET[ip] = "${base_sbindir}/ip.${BPN}" diff --git a/yocto-poky/meta/recipes-connectivity/iproute2/iproute2/iproute2-4.3.0-musl.patch b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2/iproute2-4.3.0-musl.patch new file mode 100644 index 000000000..1b415a511 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2/iproute2-4.3.0-musl.patch @@ -0,0 +1,97 @@ +From 48596709d8ab59727b79a5c6db33ebb251c36543 Mon Sep 17 00:00:00 2001 +From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> +Date: Thu, 19 Nov 2015 17:44:25 +0100 +Subject: [PATCH] Avoid in6_addr redefinition +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Due to both <netinet/in.h> and <linux/in6.h> being included, the +in6_addr is being redefined: once from the C library headers and once +from the kernel headers. This causes some build failures with for +example the musl C library: + +In file included from ../include/linux/xfrm.h:4:0, + from xfrm.h:29, + from ipxfrm.c:39: +../include/linux/in6.h:32:8: error: redefinition of ‘struct in6_addr’ + struct in6_addr { + ^ +In file included from .../output/host/usr/x86_64-buildroot-linux-musl/sysroot/usr/include/netdb.h:9:0, + from ipxfrm.c:34: +.../output/host/usr/x86_64-buildroot-linux-musl/sysroot/usr/include/netinet/in.h:24:8: note: originally defined here + struct in6_addr + ^ + +In order to fix this, use just the C library header <netinet/in.h>. + +Original patch taken from +http://git.alpinelinux.org/cgit/aports/tree/main/iproute2/musl-fixes.patch. + +Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> +--- +Upstream-Status: Pending + + include/libiptc/ipt_kernel_headers.h | 2 -- + include/linux/if_bridge.h | 1 - + include/linux/netfilter.h | 2 -- + include/linux/xfrm.h | 1 - + 4 files changed, 6 deletions(-) + +diff --git a/include/libiptc/ipt_kernel_headers.h b/include/libiptc/ipt_kernel_headers.h +index 7e87828..9566be5 100644 +--- a/include/libiptc/ipt_kernel_headers.h ++++ b/include/libiptc/ipt_kernel_headers.h +@@ -15,12 +15,10 @@ + #else /* libc5 */ + #include <sys/socket.h> + #include <linux/ip.h> +-#include <linux/in.h> + #include <linux/if.h> + #include <linux/icmp.h> + #include <linux/tcp.h> + #include <linux/udp.h> + #include <linux/types.h> +-#include <linux/in6.h> + #endif + #endif +diff --git a/include/linux/if_bridge.h b/include/linux/if_bridge.h +index ee197a3..f823aa4 100644 +--- a/include/linux/if_bridge.h ++++ b/include/linux/if_bridge.h +@@ -15,7 +15,6 @@ + + #include <linux/types.h> + #include <linux/if_ether.h> +-#include <linux/in6.h> + + #define SYSFS_BRIDGE_ATTR "bridge" + #define SYSFS_BRIDGE_FDB "brforward" +diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h +index b71b4c9..3e4e6ae 100644 +--- a/include/linux/netfilter.h ++++ b/include/linux/netfilter.h +@@ -4,8 +4,6 @@ + #include <linux/types.h> + + #include <linux/sysctl.h> +-#include <linux/in.h> +-#include <linux/in6.h> + + /* Responses from hook functions. */ + #define NF_DROP 0 +diff --git a/include/linux/xfrm.h b/include/linux/xfrm.h +index b8f5451..a9761a5 100644 +--- a/include/linux/xfrm.h ++++ b/include/linux/xfrm.h +@@ -1,7 +1,6 @@ + #ifndef _LINUX_XFRM_H + #define _LINUX_XFRM_H + +-#include <linux/in6.h> + #include <linux/types.h> + + /* All of the structures in this file may not change size as they are +-- +2.6.3 + diff --git a/yocto-poky/meta/recipes-connectivity/iproute2/iproute2/iproute2-fix-building-with-musl.patch b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2/iproute2-fix-building-with-musl.patch new file mode 100644 index 000000000..c83a243b7 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2/iproute2-fix-building-with-musl.patch @@ -0,0 +1,24 @@ +iproute2: fix building with musl + +We need limits.h for PATH_MAX, fixes: + +rt_names.c:364:13: error: ‘PATH_MAX’ undeclared (first use in this +function) + +Upstream-Status: Backport + +Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> +Signed-off-by: Maxin B. John <maxin.john@intel.com> +--- +diff --git a/lib/rt_names.c b/lib/rt_names.c +index f6d17c0..b665d3e 100644 +--- a/lib/rt_names.c ++++ b/lib/rt_names.c +@@ -18,6 +18,7 @@ + #include <sys/time.h> + #include <sys/socket.h> + #include <dirent.h> ++#include <limits.h> + + #include <asm/types.h> + #include <linux/rtnetlink.h> diff --git a/yocto-poky/meta/recipes-connectivity/iproute2/iproute2_4.1.1.bb b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2_4.4.0.bb index 10db0ba5d..7979e8beb 100644 --- a/yocto-poky/meta/recipes-connectivity/iproute2/iproute2_4.1.1.bb +++ b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2_4.4.0.bb @@ -3,9 +3,11 @@ require iproute2.inc SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz \ file://configure-cross.patch \ file://0001-iproute2-de-bash-scripts.patch \ + file://iproute2-4.3.0-musl.patch \ + file://iproute2-fix-building-with-musl.patch \ " -SRC_URI[md5sum] = "39290cb3a55d38dd8d10e19a3094109f" -SRC_URI[sha256sum] = "73077a989efb934450bd655cbd9aaddaa747cb696c64d0c9a3323768a6a8e66f" +SRC_URI[md5sum] = "d762653ec3e1ab0d4a9689e169ca184f" +SRC_URI[sha256sum] = "bc91c367288a19f78ef800cd6840363be1f22da8436fbae88e1a7250490d6514" # CFLAGS are computed in Makefile and reference CCOPTS # diff --git a/yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/musl.patch b/yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/musl.patch new file mode 100644 index 000000000..97eb97502 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/musl.patch @@ -0,0 +1,29 @@ +Replace use of <net/if_packet.h> with <linux/if_packet.h>. + +kernel headers <linux/if_packet.h> already provides the +needed definitions, moreover not all libc implementations +provide if_packet.h e.g. musl + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +Upstream-Status: Pending + +Index: irda-utils-0.9.18/irdaping/irdaping.c +=================================================================== +--- irda-utils-0.9.18.orig/irdaping/irdaping.c ++++ irda-utils-0.9.18/irdaping/irdaping.c +@@ -33,7 +33,6 @@ + #include <sys/socket.h> + #include <sys/ioctl.h> + #include <net/if.h> /* For struct ifreq */ +-#include <net/if_packet.h> /* For struct sockaddr_pkt */ + #include <net/if_arp.h> /* For ARPHRD_IRDA */ + #include <netinet/if_ether.h> /* For ETH_P_ALL */ + #include <netinet/in.h> /* For htons */ +@@ -46,6 +45,7 @@ + #include <asm/byteorder.h> /* __cpu_to_le32 and co. */ + + #include <linux/types.h> /* For __u8 and co. */ ++#include <linux/if_packet.h> /* For struct sockaddr_pkt */ + #include <irda.h> + + #ifndef AF_IRDA diff --git a/yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils_0.9.18.bb b/yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils_0.9.18.bb index bd2f815cb..11b2ee911 100644 --- a/yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils_0.9.18.bb +++ b/yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils_0.9.18.bb @@ -13,6 +13,7 @@ LIC_FILES_CHKSUM = "file://irdadump/COPYING;md5=94d55d512a9ba36caa9b7df079bae19f SRC_URI = "${SOURCEFORGE_MIRROR}/irda/irda-utils-${PV}.tar.gz \ file://ldflags.patch \ + file://musl.patch \ file://init" SRC_URI[md5sum] = "84dc12aa4c3f61fccb8d8919bf4079bb" diff --git a/yocto-poky/meta/recipes-connectivity/iw/iw/0001-iw-version.sh-don-t-use-git-describe-for-versioning.patch b/yocto-poky/meta/recipes-connectivity/iw/iw/0001-iw-version.sh-don-t-use-git-describe-for-versioning.patch index a0a77b2e5..2e52c80c0 100644 --- a/yocto-poky/meta/recipes-connectivity/iw/iw/0001-iw-version.sh-don-t-use-git-describe-for-versioning.patch +++ b/yocto-poky/meta/recipes-connectivity/iw/iw/0001-iw-version.sh-don-t-use-git-describe-for-versioning.patch @@ -1,6 +1,3 @@ -From 5310abba864cfe3a8b65af130729447604190b29 Mon Sep 17 00:00:00 2001 -From: Koen Kooi <koen@dominion.thruhere.net> -Date: Tue, 29 Nov 2011 17:03:27 +0100 Subject: [PATCH] iw: version.sh: don't use git describe for versioning It will detect top-level git repositories like the Angstrom setup-scripts and break. @@ -8,21 +5,18 @@ It will detect top-level git repositories like the Angstrom setup-scripts and br Upstream-Status: Pending Signed-off-by: Koen Kooi <koen@dominion.thruhere.net> +Signed-off-by: Maxin B. John <maxin.john@intel.com> --- - version.sh | 16 +--------------- - 1 file changed, 1 insertion(+), 15 deletions(-) - -diff --git a/version.sh b/version.sh -index 11d124b..5d423c4 100755 ---- a/version.sh -+++ b/version.sh +diff -Naur iw-4.3-origin/version.sh iw-4.3/version.sh +--- iw-4.3-origin/version.sh 2015-11-20 16:37:58.762077162 +0200 ++++ iw-4.3/version.sh 2015-11-20 16:52:05.526491150 +0200 @@ -3,21 +3,7 @@ - VERSION="3.15" + VERSION="4.3" OUT="$1" -if [ -d .git ] && head=`git rev-parse --verify HEAD 2>/dev/null`; then - git update-index --refresh --unmerged > /dev/null -- descr=$(git describe) +- descr=$(git describe --match=v*) - - # on git builds check that the version number above - # is correct... @@ -39,5 +33,3 @@ index 11d124b..5d423c4 100755 echo '#include "iw.h"' > "$OUT" echo "const char iw_version[] = \"$v\";" >> "$OUT" --- -1.7.7.3 diff --git a/yocto-poky/meta/recipes-connectivity/iw/iw/separate-objdir.patch b/yocto-poky/meta/recipes-connectivity/iw/iw/separate-objdir.patch index 883f8b2c6..0ea6a5278 100644 --- a/yocto-poky/meta/recipes-connectivity/iw/iw/separate-objdir.patch +++ b/yocto-poky/meta/recipes-connectivity/iw/iw/separate-objdir.patch @@ -1,6 +1,3 @@ -From 9e27fc2e1b3dc8c36ef6a502edffc3a3d84d9dd9 Mon Sep 17 00:00:00 2001 -From: Christopher Larson <chris_larson@mentor.com> -Date: Wed, 26 Aug 2015 17:23:48 -0700 Subject: [PATCH] Support separation of SRCDIR and OBJDIR Typical use of VPATH to locate the sources. @@ -8,26 +5,21 @@ Typical use of VPATH to locate the sources. Upstream-Status: Pending Signed-off-by: Christopher Larson <chris_larson@mentor.com> - +Signed-off-by: Maxin B. John <maxin.john@intel.com> --- - Makefile | 7 +++++-- - version.sh | 2 +- - 2 files changed, 6 insertions(+), 3 deletions(-) - -diff --git a/Makefile b/Makefile -index 548591a..da8d33a 100644 ---- a/Makefile -+++ b/Makefile -@@ -1,5 +1,8 @@ +diff -Naur iw-4.3-origin/Makefile iw-4.3/Makefile +--- iw-4.3-origin/Makefile 2015-11-20 16:37:58.752077287 +0200 ++++ iw-4.3/Makefile 2015-11-20 16:57:15.510615815 +0200 +@@ -1,5 +1,7 @@ MAKEFLAGS += --no-print-directory - +- +SRCDIR ?= $(dir $(lastword $(MAKEFILE_LIST))) +OBJDIR ?= $(PWD) +VPATH = $(SRCDIR) PREFIX ?= /usr SBINDIR ?= $(PREFIX)/sbin MANDIR ?= $(PREFIX)/share/man -@@ -95,11 +98,11 @@ VERSION_OBJS := $(filter-out version.o, $(OBJS)) +@@ -95,11 +97,11 @@ version.c: version.sh $(patsubst %.o,%.c,$(VERSION_OBJS)) nl80211.h iw.h Makefile \ $(wildcard .git/index .git/refs/tags) @$(NQ) ' GEN ' $@ @@ -41,17 +33,3 @@ index 548591a..da8d33a 100644 ifeq ($(IW_ANDROID_BUILD),) iw: $(OBJS) -diff --git a/version.sh b/version.sh -index 5354383..fa954cf 100755 ---- a/version.sh -+++ b/version.sh -@@ -5,5 +5,5 @@ OUT="$1" - - v="$VERSION" - --echo '#include "iw.h"' > "$OUT" -+echo '#include <iw.h>' > "$OUT" - echo "const char iw_version[] = \"$v\";" >> "$OUT" --- -2.2.1 - diff --git a/yocto-poky/meta/recipes-connectivity/iw/iw_4.1.bb b/yocto-poky/meta/recipes-connectivity/iw/iw_4.3.bb index fafb0e3c9..6865e7ad6 100644 --- a/yocto-poky/meta/recipes-connectivity/iw/iw_4.1.bb +++ b/yocto-poky/meta/recipes-connectivity/iw/iw_4.3.bb @@ -14,8 +14,8 @@ SRC_URI = "http://www.kernel.org/pub/software/network/iw/${BP}.tar.gz \ file://separate-objdir.patch \ " -SRC_URI[md5sum] = "68c282285c71c956069957e9ca10a6a7" -SRC_URI[sha256sum] = "14bfc627b37f7f607e4ffa63a70ded15fa2ea85177f703cb17d7fe36f9c8f33d" +SRC_URI[md5sum] = "5ca622a270687d6862c9024fab266871" +SRC_URI[sha256sum] = "2a853d95ffbd2b06c058b40ef4e6fa76a52c2709b05fb1976761fe13e9d9e39f" inherit pkgconfig diff --git a/yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns/0001-check-for-nss.h.patch b/yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns/0001-check-for-nss.h.patch new file mode 100644 index 000000000..f63eb90cd --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns/0001-check-for-nss.h.patch @@ -0,0 +1,56 @@ +From bdf01a581d58eb5340e9238d143dbcac9db5b11c Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sat, 30 Jan 2016 19:29:45 +0000 +Subject: [PATCH] check for nss.h + +nss.h may not available on all libc implementations, e.g. musl does not +have this header, this patch detects nss.h presence and defines the data +types that are required if nss.h is missing on platform + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- +Upstream-Status: Pending + + configure.ac | 2 +- + src/nss.c | 11 +++++++++++ + 2 files changed, 12 insertions(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index aa66bc6..ce19b07 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -71,7 +71,7 @@ AC_PROG_LIBTOOL + + # Checks for header files. + AC_HEADER_STDC +-AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h unistd.h nss.h sys/ioctl.h]) ++AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h unistd.h nss.h sys/ioctl.h nss.h]) + + # Checks for typedefs, structures, and compiler characteristics. + AC_C_CONST +diff --git a/src/nss.c b/src/nss.c +index e48e315..406733b 100644 +--- a/src/nss.c ++++ b/src/nss.c +@@ -29,7 +29,18 @@ + #include <assert.h> + #include <netdb.h> + #include <sys/socket.h> ++#ifdef HAVE_NSS_H + #include <nss.h> ++#else ++enum nss_status { ++ NSS_STATUS_TRYAGAIN = -2, ++ NSS_STATUS_UNAVAIL, ++ NSS_STATUS_NOTFOUND, ++ NSS_STATUS_SUCCESS, ++ NSS_STATUS_RETURN ++}; ++#endif ++ + #include <stdio.h> + #include <stdlib.h> + +-- +2.7.0 + diff --git a/yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb b/yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb index 0b936ef09..8d2feec76 100644 --- a/yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb +++ b/yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb @@ -8,7 +8,9 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1" DEPENDS = "avahi" PR = "r7" -SRC_URI = "http://0pointer.de/lennart/projects/nss-mdns/nss-mdns-${PV}.tar.gz" +SRC_URI = "http://0pointer.de/lennart/projects/nss-mdns/nss-mdns-${PV}.tar.gz \ + file://0001-check-for-nss.h.patch \ + " SRC_URI[md5sum] = "03938f17646efbb50aa70ba5f99f51d7" SRC_URI[sha256sum] = "1e683c2e7c3921814706d62fbbd3e9cbf493a75fa00255e0e715508d8134fa6d" diff --git a/yocto-poky/meta/recipes-connectivity/libpcap/libpcap.inc b/yocto-poky/meta/recipes-connectivity/libpcap/libpcap.inc index 0873c248c..b7601b05c 100644 --- a/yocto-poky/meta/recipes-connectivity/libpcap/libpcap.inc +++ b/yocto-poky/meta/recipes-connectivity/libpcap/libpcap.inc @@ -6,7 +6,7 @@ HOMEPAGE = "http://www.tcpdump.org/" BUGTRACKER = "http://sourceforge.net/tracker/?group_id=53067&atid=469577" SECTION = "libs/network" LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://LICENSE;md5=1d4b0366557951c84a94fabe3529f867 \ +LIC_FILES_CHKSUM = "file://LICENSE;md5=5eb289217c160e2920d2e35bddc36453 \ file://pcap.h;beginline=1;endline=32;md5=39af3510e011f34b8872f120b1dc31d2" DEPENDS = "flex-native bison-native" diff --git a/yocto-poky/meta/recipes-connectivity/libpcap/libpcap_1.6.2.bb b/yocto-poky/meta/recipes-connectivity/libpcap/libpcap_1.7.4.bb index 611543e42..8d12b2521 100644 --- a/yocto-poky/meta/recipes-connectivity/libpcap/libpcap_1.6.2.bb +++ b/yocto-poky/meta/recipes-connectivity/libpcap/libpcap_1.7.4.bb @@ -3,8 +3,8 @@ require libpcap.inc SRC_URI += "file://aclocal.patch \ file://libpcap-pkgconfig-support.patch \ " -SRC_URI[md5sum] = "5f14191c1a684a75532c739c2c4059fa" -SRC_URI[sha256sum] = "5db3e2998f1eeba2c76da55da5d474248fe19c44f49e15cac8a796a2c7e19690" +SRC_URI[md5sum] = "b2e13142bbaba857ab1c6894aedaf547" +SRC_URI[sha256sum] = "7ad3112187e88328b85e46dce7a9b949632af18ee74d97ffc3f2b41fe7f448b0" # # make install doesn't cover the shared lib diff --git a/yocto-poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/yocto-poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb index 31cf2bb5f..bd488eb08 100644 --- a/yocto-poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb +++ b/yocto-poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb @@ -2,8 +2,8 @@ SUMMARY = "Mobile Broadband Service Provider Database" SECTION = "network" LICENSE = "PD" LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04" -SRCREV = "d06ebd314a7cdd087d38e4966c19de42c8c55246" -PV = "20140618+gitr${SRCPV}" +SRCREV = "519465766fabc85b9fdea5f2b5ee3d08c2b1f70d" +PV = "20151214" PE = "1" SRC_URI = "git://git.gnome.org/mobile-broadband-provider-info" diff --git a/yocto-poky/meta/recipes-connectivity/neard/neard_0.15.bb b/yocto-poky/meta/recipes-connectivity/neard/neard_0.15.bb index 8adf70cc9..93bddb34c 100644 --- a/yocto-poky/meta/recipes-connectivity/neard/neard_0.15.bb +++ b/yocto-poky/meta/recipes-connectivity/neard/neard_0.15.bb @@ -43,7 +43,6 @@ do_install_append() { PACKAGES =+ "${PN}-tests" FILES_${PN}-tests = "${libdir}/${BPN}/*-test" -FILES_${PN}-dbg += "${libdir}/${BPN}/*/.debug" RDEPENDS_${PN} = "dbus python python-dbus python-pygobject" diff --git a/yocto-poky/meta/recipes-connectivity/nfs-utils/files/bugfix-adjust-statd-service-name.patch b/yocto-poky/meta/recipes-connectivity/nfs-utils/files/bugfix-adjust-statd-service-name.patch new file mode 100644 index 000000000..14bd4036a --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/nfs-utils/files/bugfix-adjust-statd-service-name.patch @@ -0,0 +1,34 @@ +From 398fed3bb0350cb1229e54e7020ae0e044c206d1 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ulrich=20=C3=96lmann?= <u.oelmann@pengutronix.de> +Date: Wed, 17 Feb 2016 08:33:45 +0100 +Subject: bugfix: adjust statd service name +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Upstream uses 'rpc-statd.service' and Yocto introduced 'nfs-statd.service' +instead but forgot to update the mount.nfs helper 'start-statd' accordingly. + +Upstream-Status: Inappropriate [other] + +Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de> +--- + utils/statd/start-statd | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/utils/statd/start-statd b/utils/statd/start-statd +index 8211a90..3c2aa6f 100755 +--- a/utils/statd/start-statd ++++ b/utils/statd/start-statd +@@ -16,7 +16,7 @@ fi + # First try systemd if it's installed. + if [ -d /run/systemd/system ]; then + # Quit only if the call worked. +- systemctl start rpc-statd.service && exit ++ systemctl start nfs-statd.service && exit + fi + + # Fall back to launching it ourselves. +-- +2.1.4 + diff --git a/yocto-poky/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb b/yocto-poky/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb index 5b578e9a1..256577100 100644 --- a/yocto-poky/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb +++ b/yocto-poky/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb @@ -14,6 +14,8 @@ SRC_URI = "http://www.citi.umich.edu/projects/nfsv4/linux/libnfsidmap/${BPN}-${P SRC_URI[md5sum] = "2ac4893c92716add1a1447ae01df77ab" SRC_URI[sha256sum] = "656d245d84400e1030f8f40a5a27da76370690c4a932baf249110f047fe7efcf" +UPSTREAM_CHECK_URI = "http://www.citi.umich.edu/projects/nfsv4/linux/libnfsidmap/" + inherit autotools EXTRA_OECONF = "--disable-ldap" diff --git a/yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-nfs-utils-statd-fix-a-segfault-caused-by-improper-us.patch b/yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-nfs-utils-statd-fix-a-segfault-caused-by-improper-us.patch new file mode 100644 index 000000000..de0b045c8 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-nfs-utils-statd-fix-a-segfault-caused-by-improper-us.patch @@ -0,0 +1,113 @@ +Upstream-Status: Pending + +Subject: nfs-utils/statd: fix a segfault caused by improper usage of RPC interface + +There is a hack which uses the bottom-level RPC improperly as below +in the current statd implementation: +insert a socket in the svc_fdset without a corresponding transport handle +and passes the socket to the svc_getreqset subroutine, this usage causes +a segfault of statd on a huge amount of sm-notifications. + +Fix the issue by separating the non-RPC-server sock from RPC dispatcher. + +Signed-off-by: Shan Hai <shan.hai@windriver.com> +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + utils/statd/rmtcall.c | 1 - + utils/statd/statd.c | 5 +++-- + utils/statd/statd.h | 2 +- + utils/statd/svc_run.c | 8 ++++++-- + 4 files changed, 10 insertions(+), 6 deletions(-) + +diff --git a/utils/statd/rmtcall.c b/utils/statd/rmtcall.c +index fd576d9..cde091b 100644 +--- a/utils/statd/rmtcall.c ++++ b/utils/statd/rmtcall.c +@@ -104,7 +104,6 @@ statd_get_socket(void) + if (sockfd < 0) + return -1; + +- FD_SET(sockfd, &SVC_FDSET); + return sockfd; + } + +diff --git a/utils/statd/statd.c b/utils/statd/statd.c +index 51a016e..e21a259 100644 +--- a/utils/statd/statd.c ++++ b/utils/statd/statd.c +@@ -247,6 +247,7 @@ int main (int argc, char **argv) + int port = 0, out_port = 0; + int nlm_udp = 0, nlm_tcp = 0; + struct rlimit rlim; ++ int notify_sockfd; + + int pipefds[2] = { -1, -1}; + char status; +@@ -473,7 +474,7 @@ int main (int argc, char **argv) + } + + /* Make sure we have a privilege port for calling into the kernel */ +- if (statd_get_socket() < 0) ++ if ((notify_sockfd = statd_get_socket()) < 0) + exit(1); + + /* If sm-notify didn't take all the state files, load +@@ -528,7 +529,7 @@ int main (int argc, char **argv) + * Handle incoming requests: SM_NOTIFY socket requests, as + * well as callbacks from lockd. + */ +- my_svc_run(); /* I rolled my own, Olaf made it better... */ ++ my_svc_run(notify_sockfd); /* I rolled my own, Olaf made it better... */ + + /* Only get here when simulating a crash so we should probably + * start sm-notify running again. As we have already dropped +diff --git a/utils/statd/statd.h b/utils/statd/statd.h +index a1d8035..231ac7e 100644 +--- a/utils/statd/statd.h ++++ b/utils/statd/statd.h +@@ -28,7 +28,7 @@ extern _Bool statd_present_address(const struct sockaddr *sap, char *buf, + __attribute__((__malloc__)) + extern char * statd_canonical_name(const char *hostname); + +-extern void my_svc_run(void); ++extern void my_svc_run(int); + extern void notify_hosts(void); + extern void shuffle_dirs(void); + extern int statd_get_socket(void); +diff --git a/utils/statd/svc_run.c b/utils/statd/svc_run.c +index d98ecee..28c1ad6 100644 +--- a/utils/statd/svc_run.c ++++ b/utils/statd/svc_run.c +@@ -78,7 +78,7 @@ my_svc_exit(void) + * The heart of the server. A crib from libc for the most part... + */ + void +-my_svc_run(void) ++my_svc_run(int sockfd) + { + FD_SET_TYPE readfds; + int selret; +@@ -96,6 +96,8 @@ my_svc_run(void) + } + + readfds = SVC_FDSET; ++ /* Set notify sockfd for waiting for reply */ ++ FD_SET(sockfd, &readfds); + if (notify) { + struct timeval tv; + +@@ -125,8 +127,10 @@ my_svc_run(void) + + default: + selret -= process_reply(&readfds); +- if (selret) ++ if (selret) { ++ FD_CLR(sockfd, &readfds); + svc_getreqset(&readfds); ++ } + } + } + } +-- +1.9.1 + diff --git a/yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.1.bb b/yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.3.bb index 42101de79..a6268f3d4 100644 --- a/yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.1.bb +++ b/yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.3.bb @@ -8,7 +8,7 @@ LICENSE = "MIT & GPLv2+ & BSD" LIC_FILES_CHKSUM = "file://COPYING;md5=95f3a93a5c3c7888de623b46ea085a84" # util-linux for libblkid -DEPENDS = "libcap libnfsidmap libevent util-linux sqlite3" +DEPENDS = "libcap libnfsidmap libevent util-linux sqlite3 libtirpc" RDEPENDS_${PN}-client = "rpcbind bash" RDEPENDS_${PN} = "${PN}-client bash" RRECOMMENDS_${PN} = "kernel-module-nfsd" @@ -31,10 +31,12 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.x file://proc-fs-nfsd.mount \ file://nfs-utils-Do-not-pass-CFLAGS-to-gcc-while-building.patch \ file://nfs-utils-debianize-start-statd.patch \ + file://0001-nfs-utils-statd-fix-a-segfault-caused-by-improper-us.patch \ + file://bugfix-adjust-statd-service-name.patch \ " -SRC_URI[md5sum] = "8de676b9ff34b8f9addc1d0800fabdf8" -SRC_URI[sha256sum] = "ff79d70b7b58b2c8f9b798c58721127e82bb96022adc04a5c4cb251630e696b8" +SRC_URI[md5sum] = "cd6b568c2e9301cc3bfac09d87fbbc0b" +SRC_URI[sha256sum] = "700d689c5622c87953c34102e5befafc4d3c811e676852238f0dd79c9c0c084d" # Only kernel-module-nfsd is required here (but can be built-in) - the nfsd module will # pull in the remainder of the dependencies. @@ -58,12 +60,12 @@ EXTRA_OECONF = "--with-statduser=rpcuser \ --disable-nfsv41 \ --enable-uuid \ --disable-gss \ - --disable-tirpc \ --disable-nfsdcltrack \ --with-statdpath=/var/lib/nfs/statd \ " PACKAGECONFIG ??= "tcp-wrappers" +PACKAGECONFIG_remove_libc-musl = "tcp-wrappers" PACKAGECONFIG[tcp-wrappers] = "--with-tcp-wrappers,--without-tcp-wrappers,tcp-wrappers" PACKAGECONFIG[nfsidmap] = "--enable-nfsidmap,--disable-nfsidmap,keyutils" diff --git a/yocto-poky/meta/recipes-connectivity/ofono/ofono/0001-backtrace-Disable-for-non-glibc-C-libraries.patch b/yocto-poky/meta/recipes-connectivity/ofono/ofono/0001-backtrace-Disable-for-non-glibc-C-libraries.patch deleted file mode 100644 index 306b6da33..000000000 --- a/yocto-poky/meta/recipes-connectivity/ofono/ofono/0001-backtrace-Disable-for-non-glibc-C-libraries.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 2d729af0897d7d72b83d111876febf9e0eec1a68 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Fri, 3 Apr 2015 20:50:56 -0700 -Subject: [PATCH] backtrace: Disable for non-glibc C libraries - -Signed-off-by: Khem Raj <raj.khem@gmail.com> -Upstream-Status: Pending - ---- - src/log.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/src/log.c b/src/log.c -index febc874..9db4ae7 100644 ---- a/src/log.c -+++ b/src/log.c -@@ -30,7 +30,9 @@ - #include <stdlib.h> - #include <string.h> - #include <syslog.h> -+#ifdef __GLIBC__ - #include <execinfo.h> -+#endif - #include <dlfcn.h> - - #include "ofono.h" -@@ -219,8 +221,9 @@ static void signal_handler(int signo) - { - ofono_error("Aborting (signal %d) [%s]", signo, program_exec); - -+#ifdef __GLIBC__ - print_backtrace(2); -- -+#endif - exit(EXIT_FAILURE); - } - --- -2.1.4 - diff --git a/yocto-poky/meta/recipes-connectivity/ofono/ofono_1.16.bb b/yocto-poky/meta/recipes-connectivity/ofono/ofono_1.16.bb deleted file mode 100644 index fbf13e52b..000000000 --- a/yocto-poky/meta/recipes-connectivity/ofono/ofono_1.16.bb +++ /dev/null @@ -1,12 +0,0 @@ -require ofono.inc - -SRC_URI = "\ - ${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ - file://ofono \ - file://Revert-test-Convert-to-Python-3.patch \ - file://0001-backtrace-Disable-for-non-glibc-C-libraries.patch \ -" -SRC_URI[md5sum] = "c31b5b55a1d68354bff771d3edf02829" -SRC_URI[sha256sum] = "403b98dadece8bc804c0bd16b96d3db5a3bb0f84af64b3d67924da2d1a754b07" - -CFLAGS_append_libc-uclibc = " -D_GNU_SOURCE" diff --git a/yocto-poky/meta/recipes-connectivity/ofono/ofono_1.17.bb b/yocto-poky/meta/recipes-connectivity/ofono/ofono_1.17.bb new file mode 100644 index 000000000..947f9d714 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/ofono/ofono_1.17.bb @@ -0,0 +1,11 @@ +require ofono.inc + +SRC_URI = "\ + ${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ + file://ofono \ + file://Revert-test-Convert-to-Python-3.patch \ +" +SRC_URI[md5sum] = "d280b1d267ba5bf391d2a898fea7c748" +SRC_URI[sha256sum] = "cbf20f07fd15253c682b23c1786d517f505c3688f7c4ea93da777e1523b89635" + +CFLAGS_append_libc-uclibc = " -D_GNU_SOURCE" diff --git a/yocto-poky/meta/recipes-connectivity/openssh/openssh/run-ptest b/yocto-poky/meta/recipes-connectivity/openssh/openssh/run-ptest index 564c0c825..36a3d2a7b 100755 --- a/yocto-poky/meta/recipes-connectivity/openssh/openssh/run-ptest +++ b/yocto-poky/meta/recipes-connectivity/openssh/openssh/run-ptest @@ -3,5 +3,42 @@ export TEST_SHELL=sh cd regress +sed -i "/\t\tagent-ptrace /d" Makefile make -k .OBJDIR=`pwd` .CURDIR=`pwd` SUDO="sudo" tests \ | sed -e 's/^skipped/SKIP: /g' -e 's/^ok /PASS: /g' -e 's/^failed/FAIL: /g' + +SSHAGENT=`which ssh-agent` +GDB=`which gdb` + +if [ -z "${SSHAGENT}" -o -z "${GDB}" ]; then + echo "SKIP: agent-ptrace" + exit +fi + +useradd openssh-test + +eval `su -c "${SSHAGENT} -s" openssh-test` > /dev/null +r=$? +if [ $r -ne 0 ]; then + echo "FAIL: could not start ssh-agent: exit code $r" +else + su -c "gdb -p ${SSH_AGENT_PID}" openssh-test > /tmp/gdb.out 2>&1 << EOF + quit +EOF + r=$? + if [ $r -ne 0 ]; then + echo "gdb failed: exit code $r" + fi + egrep 'ptrace: Operation not permitted.|procfs:.*Permission denied.|ttrace.*Permission denied.|procfs:.*: Invalid argument.|Unable to access task ' >/dev/null /tmp/gdb.out + r=$? + rm -f /tmp/gdb.out + if [ $r -ne 0 ]; then + echo "FAIL: ptrace agent" + else + echo "PASS: ptrace agent" + fi + + ${SSHAGENT} -k > /dev/null +fi +userdel openssh-test + diff --git a/yocto-poky/meta/recipes-connectivity/openssh/openssh_7.1p2.bb b/yocto-poky/meta/recipes-connectivity/openssh/openssh_7.1p2.bb index 714c3917c..3b5e28a1d 100644 --- a/yocto-poky/meta/recipes-connectivity/openssh/openssh_7.1p2.bb +++ b/yocto-poky/meta/recipes-connectivity/openssh/openssh_7.1p2.bb @@ -91,7 +91,11 @@ do_compile_ptest() { do_install_append () { if [ "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam', '', d)}" = "pam" ]; then install -D -m 0644 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd - sed -i -e 's:#UsePAM no:UsePAM yes:' ${WORKDIR}/sshd_config ${D}${sysconfdir}/ssh/sshd_config + sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config + fi + + if [ "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11', '', d)}" = "x11" ]; then + sed -i -e 's:#X11Forwarding no:X11Forwarding yes:' ${D}${sysconfdir}/ssh/sshd_config fi install -d ${D}${sysconfdir}/init.d @@ -121,7 +125,7 @@ do_install_append () { } do_install_ptest () { - sed -i -e "s|^SFTPSERVER=.*|SFTPSERVER=${libdir}/${PN}/sftp-server|" regress/test-exec.sh + sed -i -e "s|^SFTPSERVER=.*|SFTPSERVER=${libexecdir}/sftp-server|" regress/test-exec.sh cp -r regress ${D}${PTEST_PATH} } diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl.inc b/yocto-poky/meta/recipes-connectivity/openssl/openssl.inc index 8af423f1a..a5ddf4d4b 100644 --- a/yocto-poky/meta/recipes-connectivity/openssl/openssl.inc +++ b/yocto-poky/meta/recipes-connectivity/openssl/openssl.inc @@ -8,7 +8,7 @@ SECTION = "libs/network" LICENSE = "openssl" LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" -DEPENDS = "perl-native-runtime" +DEPENDS = "hostperl-runtime-native" DEPENDS_append_class-target = " openssl-native" SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ @@ -18,28 +18,26 @@ S = "${WORKDIR}/openssl-${PV}" PACKAGECONFIG[perl] = ",,," AR_append = " r" +TERMIO_libc-musl = "-DTERMIOS" +TERMIO ?= "-DTERMIO" # Avoid binaries being marked as requiring an executable stack since it # doesn't(which causes and this causes issues with SELinux CFLAG = "${@base_conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \ - -DTERMIO ${CFLAGS} -Wall -Wa,--noexecstack" - -# -02 does not work on mipsel: ssh hangs when it tries to read /dev/urandom -CFLAG_mtx-1 := "${@'${CFLAG}'.replace('-O2', '')}" -CFLAG_mtx-2 := "${@'${CFLAG}'.replace('-O2', '')}" + ${TERMIO} ${CFLAGS} -Wall -Wa,--noexecstack" export DIRS = "crypto ssl apps" export EX_LIBS = "-lgcc -ldl" export AS = "${CC} -c" +EXTRA_OEMAKE = "-e MAKEFLAGS=" inherit pkgconfig siteinfo multilib_header ptest PACKAGES =+ "libcrypto libssl ${PN}-misc openssl-conf" -FILES_libcrypto = "${base_libdir}/libcrypto${SOLIBS}" -FILES_libssl = "${libdir}/libssl.so.*" +FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}" +FILES_libssl = "${libdir}/libssl${SOLIBS}" FILES_${PN} =+ " ${libdir}/ssl/*" FILES_${PN}-misc = "${libdir}/ssl/misc ${bindir}/c_rehash" RDEPENDS_${PN}-misc = "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}" -FILES_${PN}-dev += "${base_libdir}/libcrypto${SOLIBSDEV}" # Add the openssl.cnf file to the openssl-conf package. Make the libcrypto # package RRECOMMENDS on this package. This will enable the configuration @@ -115,7 +113,7 @@ do_configure () { linux-mipsel) target=debian-mipsel ;; - linux-*-mips64) + linux-*-mips64 | linux-mips64) target=linux-mips ;; linux-microblaze*|linux-nios2*) @@ -167,13 +165,6 @@ do_install () { oe_libinstall -so libcrypto ${D}${libdir} oe_libinstall -so libssl ${D}${libdir} - # Moving libcrypto to /lib - if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then - mkdir -p ${D}/${base_libdir}/ - mv ${D}${libdir}/libcrypto* ${D}${base_libdir}/ - sed -i s#libdir=\$\{exec_prefix\}\/lib#libdir=${base_libdir}# ${D}/${libdir}/pkgconfig/libcrypto.pc - fi - install -d ${D}${includedir} cp --dereference -R include/openssl ${D}${includedir} @@ -191,12 +182,18 @@ do_install () { } do_install_ptest () { - cp -r Makefile test ${D}${PTEST_PATH} + cp -r -L Makefile.org Makefile test ${D}${PTEST_PATH} + cp Configure config e_os.h ${D}${PTEST_PATH} + cp -r -L include ${D}${PTEST_PATH} + ln -sf ${base_libdir}/libcrypto.a ${D}${PTEST_PATH} + ln -sf ${libdir}/libssl.a ${D}${PTEST_PATH} + mkdir -p ${D}${PTEST_PATH}/crypto + cp crypto/constant_time_locl.h ${D}${PTEST_PATH}/crypto cp -r certs ${D}${PTEST_PATH} mkdir -p ${D}${PTEST_PATH}/apps - ln -sf /usr/lib/ssl/misc/CA.sh ${D}${PTEST_PATH}/apps - ln -sf /usr/lib/ssl/openssl.cnf ${D}${PTEST_PATH}/apps - ln -sf /usr/bin/openssl ${D}${PTEST_PATH}/apps + ln -sf ${libdir}/ssl/misc/CA.sh ${D}${PTEST_PATH}/apps + ln -sf ${libdir}/ssl/openssl.cnf ${D}${PTEST_PATH}/apps + ln -sf ${bindir}/openssl ${D}${PTEST_PATH}/apps cp apps/server2.pem ${D}${PTEST_PATH}/apps mkdir -p ${D}${PTEST_PATH}/util install util/opensslwrap.sh ${D}${PTEST_PATH}/util diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/0001-Add-test-for-CVE-2015-3194.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/0001-Add-test-for-CVE-2015-3194.patch deleted file mode 100644 index 39a2e5a94..000000000 --- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/0001-Add-test-for-CVE-2015-3194.patch +++ /dev/null @@ -1,66 +0,0 @@ -From 00456fded43eadd4bb94bf675ae4ea5d158a764f Mon Sep 17 00:00:00 2001 -From: "Dr. Stephen Henson" <steve@openssl.org> -Date: Wed, 4 Nov 2015 13:30:03 +0000 -Subject: [PATCH] Add test for CVE-2015-3194 - -Reviewed-by: Richard Levitte <levitte@openssl.org> - -Upstream-Status: Backport - -This patch was imported from -https://git.openssl.org/?p=openssl.git;a=commit;h=00456fded43eadd4bb94bf675ae4ea5d158a764f -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - test/certs/pss1.pem | 21 +++++++++++++++++++++ - test/tx509 | 7 +++++++ - 2 files changed, 28 insertions(+) - create mode 100644 test/certs/pss1.pem - -diff --git a/test/certs/pss1.pem b/test/certs/pss1.pem -new file mode 100644 -index 0000000..29da71d ---- /dev/null -+++ b/test/certs/pss1.pem -@@ -0,0 +1,21 @@ -+-----BEGIN CERTIFICATE----- -+MIIDdjCCAjqgAwIBAgIJANcwZLyfEv7DMD4GCSqGSIb3DQEBCjAxoA0wCwYJYIZI -+AWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIEAgIA3jAnMSUwIwYD -+VQQDDBxUZXN0IEludmFsaWQgUFNTIGNlcnRpZmljYXRlMB4XDTE1MTEwNDE2MDIz -+NVoXDTE1MTIwNDE2MDIzNVowJzElMCMGA1UEAwwcVGVzdCBJbnZhbGlkIFBTUyBj -+ZXJ0aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMTaM7WH -+qVCAGAIA+zL1KWvvASTrhlq+1ePdO7wsrWX2KiYoTYrJYTnxhLnn0wrHqApt79nL -+IBG7cfShyZqFHOY/IzlYPMVt+gPo293gw96Fds5JBsjhjkyGnOyr9OUntFqvxDbT -+IIFU7o9IdxD4edaqjRv+fegVE+B79pDk4s0ujsk6dULtCg9Rst0ucGFo19mr+b7k -+dbfn8pZ72ZNDJPueVdrUAWw9oll61UcYfk75XdrLk6JlL41GrYHc8KlfXf43gGQq -+QfrpHkg4Ih2cI6Wt2nhFGAzrlcorzLliQIUJRIhM8h4IgDfpBpaPdVQLqS2pFbXa -+5eQjqiyJwak2vJ8CAwEAAaNQME4wHQYDVR0OBBYEFCt180N4oGUt5LbzBwQ4Ia+2 -+4V97MB8GA1UdIwQYMBaAFCt180N4oGUt5LbzBwQ4Ia+24V97MAwGA1UdEwQFMAMB -+Af8wMQYJKoZIhvcNAQEKMCSgDTALBglghkgBZQMEAgGhDTALBgkqhkiG9w0BAQii -+BAICAN4DggEBAAjBtm90lGxgddjc4Xu/nbXXFHVs2zVcHv/mqOZoQkGB9r/BVgLb -+xhHrFZ2pHGElbUYPfifdS9ztB73e1d4J+P29o0yBqfd4/wGAc/JA8qgn6AAEO/Xn -+plhFeTRJQtLZVl75CkHXgUGUd3h+ADvKtcBuW9dSUncaUrgNKR8u/h/2sMG38RWY -+DzBddC/66YTa3r7KkVUfW7yqRQfELiGKdcm+bjlTEMsvS+EhHup9CzbpoCx2Fx9p -+NPtFY3yEObQhmL1JyoCRWqBE75GzFPbRaiux5UpEkns+i3trkGssZzsOuVqHNTNZ -+lC9+9hPHIoc9UMmAQNo1vGIW3NWVoeGbaJ8= -+-----END CERTIFICATE----- -diff --git a/test/tx509 b/test/tx509 -index 0ce3b52..77f5cac 100644 ---- a/test/tx509 -+++ b/test/tx509 -@@ -74,5 +74,12 @@ if [ $? != 0 ]; then exit 1; fi - cmp x509-f.p x509-ff.p3 - if [ $? != 0 ]; then exit 1; fi - -+echo "Parsing test certificates" -+ -+$cmd -in certs/pss1.pem -text -noout >/dev/null -+if [ $? != 0 ]; then exit 1; fi -+ -+echo OK -+ - /bin/rm -f x509-f.* x509-ff.* x509-fff.* - exit 0 --- -2.3.5 - diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch deleted file mode 100644 index 125016a23..000000000 --- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch +++ /dev/null @@ -1,101 +0,0 @@ -From d73cc256c8e256c32ed959456101b73ba9842f72 Mon Sep 17 00:00:00 2001 -From: Andy Polyakov <appro@openssl.org> -Date: Tue, 1 Dec 2015 09:00:32 +0100 -Subject: [PATCH] bn/asm/x86_64-mont5.pl: fix carry propagating bug - (CVE-2015-3193). - -Reviewed-by: Richard Levitte <levitte@openssl.org> -(cherry picked from commit e7c078db57908cbf16074c68034977565ffaf107) - -Upstream-Status: Backport - -This patch was imported from -https://git.openssl.org/?p=openssl.git;a=commit;h=d73cc256c8e256c32ed959456101b73ba9842f72 - -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - crypto/bn/asm/x86_64-mont5.pl | 22 +++++++++++++++++++--- - crypto/bn/bntest.c | 18 ++++++++++++++++++ - 2 files changed, 37 insertions(+), 3 deletions(-) - -Index: openssl-1.0.2d/crypto/bn/asm/x86_64-mont5.pl -=================================================================== ---- openssl-1.0.2d.orig/crypto/bn/asm/x86_64-mont5.pl -+++ openssl-1.0.2d/crypto/bn/asm/x86_64-mont5.pl -@@ -1779,6 +1779,15 @@ sqr8x_reduction: - .align 32 - .L8x_tail_done: - add (%rdx),%r8 # can this overflow? -+ adc \$0,%r9 -+ adc \$0,%r10 -+ adc \$0,%r11 -+ adc \$0,%r12 -+ adc \$0,%r13 -+ adc \$0,%r14 -+ adc \$0,%r15 # can't overflow, because we -+ # started with "overhung" part -+ # of multiplication - xor %rax,%rax - - neg $carry -@@ -3125,6 +3134,15 @@ sqrx8x_reduction: - .align 32 - .Lsqrx8x_tail_done: - add 24+8(%rsp),%r8 # can this overflow? -+ adc \$0,%r9 -+ adc \$0,%r10 -+ adc \$0,%r11 -+ adc \$0,%r12 -+ adc \$0,%r13 -+ adc \$0,%r14 -+ adc \$0,%r15 # can't overflow, because we -+ # started with "overhung" part -+ # of multiplication - mov $carry,%rax # xor %rax,%rax - - sub 16+8(%rsp),$carry # mov 16(%rsp),%cf -@@ -3168,13 +3186,11 @@ my ($rptr,$nptr)=("%rdx","%rbp"); - my @ri=map("%r$_",(10..13)); - my @ni=map("%r$_",(14..15)); - $code.=<<___; -- xor %rbx,%rbx -+ xor %ebx,%ebx - sub %r15,%rsi # compare top-most words - adc %rbx,%rbx - mov %rcx,%r10 # -$num -- .byte 0x67 - or %rbx,%rax -- .byte 0x67 - mov %rcx,%r9 # -$num - xor \$1,%rax - sar \$3+2,%rcx # cf=0 -Index: openssl-1.0.2d/crypto/bn/bntest.c -=================================================================== ---- openssl-1.0.2d.orig/crypto/bn/bntest.c -+++ openssl-1.0.2d/crypto/bn/bntest.c -@@ -1027,6 +1027,24 @@ int test_mod_exp_mont_consttime(BIO *bp, - return 0; - } - } -+ -+ /* Regression test for carry propagation bug in sqr8x_reduction */ -+ BN_hex2bn(&a, "050505050505"); -+ BN_hex2bn(&b, "02"); -+ BN_hex2bn(&c, -+ "4141414141414141414141274141414141414141414141414141414141414141" -+ "4141414141414141414141414141414141414141414141414141414141414141" -+ "4141414141414141414141800000000000000000000000000000000000000000" -+ "0000000000000000000000000000000000000000000000000000000000000000" -+ "0000000000000000000000000000000000000000000000000000000000000000" -+ "0000000000000000000000000000000000000000000000000000000001"); -+ BN_mod_exp(d, a, b, c, ctx); -+ BN_mul(e, a, a, ctx); -+ if (BN_cmp(d, e)) { -+ fprintf(stderr, "BN_mod_exp and BN_mul produce different results!\n"); -+ return 0; -+ } -+ - BN_free(a); - BN_free(b); - BN_free(c); diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-1-Add-PSS-parameter-check.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-1-Add-PSS-parameter-check.patch deleted file mode 100644 index 13d48913b..000000000 --- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-1-Add-PSS-parameter-check.patch +++ /dev/null @@ -1,45 +0,0 @@ -From c394a488942387246653833359a5c94b5832674e Mon Sep 17 00:00:00 2001 -From: "Dr. Stephen Henson" <steve@openssl.org> -Date: Fri, 2 Oct 2015 12:35:19 +0100 -Subject: [PATCH] Add PSS parameter check. -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Avoid seg fault by checking mgf1 parameter is not NULL. This can be -triggered during certificate verification so could be a DoS attack -against a client or a server enabling client authentication. - -Thanks to Loïc Jonas Etienne (Qnective AG) for discovering this bug. - -CVE-2015-3194 - -Reviewed-by: Richard Levitte <levitte@openssl.org> - -Upstream-Status: Backport - -This patch was imported from -https://git.openssl.org/?p=openssl.git;a=commit;h=c394a488942387246653833359a5c94b5832674e - -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - crypto/rsa/rsa_ameth.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c -index ca3922e..4e06218 100644 ---- a/crypto/rsa/rsa_ameth.c -+++ b/crypto/rsa/rsa_ameth.c -@@ -268,7 +268,7 @@ static X509_ALGOR *rsa_mgf1_decode(X509_ALGOR *alg) - { - const unsigned char *p; - int plen; -- if (alg == NULL) -+ if (alg == NULL || alg->parameter == NULL) - return NULL; - if (OBJ_obj2nid(alg->algorithm) != NID_mgf1) - return NULL; --- -2.3.5 - diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch deleted file mode 100644 index 6fc4d0e83..000000000 --- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch +++ /dev/null @@ -1,66 +0,0 @@ -From cc598f321fbac9c04da5766243ed55d55948637d Mon Sep 17 00:00:00 2001 -From: "Dr. Stephen Henson" <steve@openssl.org> -Date: Tue, 10 Nov 2015 19:03:07 +0000 -Subject: [PATCH] Fix leak with ASN.1 combine. - -When parsing a combined structure pass a flag to the decode routine -so on error a pointer to the parent structure is not zeroed as -this will leak any additional components in the parent. - -This can leak memory in any application parsing PKCS#7 or CMS structures. - -CVE-2015-3195. - -Thanks to Adam Langley (Google/BoringSSL) for discovering this bug using -libFuzzer. - -PR#4131 - -Reviewed-by: Richard Levitte <levitte@openssl.org> - -Upstream-Status: Backport - -This patch was imported from -https://git.openssl.org/?p=openssl.git;a=commit;h=cc598f321fbac9c04da5766243ed55d55948637d - -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - crypto/asn1/tasn_dec.c | 7 +++++-- - 1 file changed, 5 insertions(+), 2 deletions(-) - -diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c -index febf605..9256049 100644 ---- a/crypto/asn1/tasn_dec.c -+++ b/crypto/asn1/tasn_dec.c -@@ -180,6 +180,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, - int otag; - int ret = 0; - ASN1_VALUE **pchptr, *ptmpval; -+ int combine = aclass & ASN1_TFLG_COMBINE; -+ aclass &= ~ASN1_TFLG_COMBINE; - if (!pval) - return 0; - if (aux && aux->asn1_cb) -@@ -500,7 +502,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, - auxerr: - ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR); - err: -- ASN1_item_ex_free(pval, it); -+ if (combine == 0) -+ ASN1_item_ex_free(pval, it); - if (errtt) - ERR_add_error_data(4, "Field=", errtt->field_name, - ", Type=", it->sname); -@@ -689,7 +692,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, - } else { - /* Nothing special */ - ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), -- -1, 0, opt, ctx); -+ -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx); - if (!ret) { - ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR); - goto err; --- -2.3.5 - diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3197.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3197.patch deleted file mode 100644 index dd288c93f..000000000 --- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3197.patch +++ /dev/null @@ -1,63 +0,0 @@ -From d81a1600588b726c2bdccda7efad3cc7a87d6245 Mon Sep 17 00:00:00 2001 -From: Viktor Dukhovni <openssl-users@dukhovni.org> -Date: Wed, 30 Dec 2015 22:44:51 -0500 -Subject: [PATCH] Better SSLv2 cipher-suite enforcement - -Based on patch by: Nimrod Aviram <nimrod.aviram@gmail.com> - -CVE-2015-3197 - -Reviewed-by: Tim Hudson <tjh@openssl.org> -Reviewed-by: Richard Levitte <levitte@openssl.org> - -Upstream-Status: Backport -https://github.com/openssl/openssl/commit/d81a1600588b726c2bdccda7efad3cc7a87d6245 - -CVE: CVE-2015-3197 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - ssl/s2_srvr.c | 15 +++++++++++++-- - 1 file changed, 13 insertions(+), 2 deletions(-) - -Index: openssl-1.0.2d/ssl/s2_srvr.c -=================================================================== ---- openssl-1.0.2d.orig/ssl/s2_srvr.c -+++ openssl-1.0.2d/ssl/s2_srvr.c -@@ -402,7 +402,7 @@ static int get_client_master_key(SSL *s) - } - - cp = ssl2_get_cipher_by_char(p); -- if (cp == NULL) { -+ if (cp == NULL || sk_SSL_CIPHER_find(s->session->ciphers, cp) < 0) { - ssl2_return_error(s, SSL2_PE_NO_CIPHER); - SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH); - return (-1); -@@ -687,8 +687,12 @@ static int get_client_hello(SSL *s) - prio = cs; - allow = cl; - } -+ -+ /* Generate list of SSLv2 ciphers shared between client and server */ - for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) { -- if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, z)) < 0) { -+ const SSL_CIPHER *cp = sk_SSL_CIPHER_value(prio, z); -+ if ((cp->algorithm_ssl & SSL_SSLV2) == 0 || -+ sk_SSL_CIPHER_find(allow, cp) < 0) { - (void)sk_SSL_CIPHER_delete(prio, z); - z--; - } -@@ -697,6 +701,13 @@ static int get_client_hello(SSL *s) - sk_SSL_CIPHER_free(s->session->ciphers); - s->session->ciphers = prio; - } -+ -+ /* Make sure we have at least one cipher in common */ -+ if (sk_SSL_CIPHER_num(s->session->ciphers) == 0) { -+ ssl2_return_error(s, SSL2_PE_NO_CIPHER); -+ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CIPHER_MATCH); -+ return -1; -+ } - /* - * s->session->ciphers should now have a list of ciphers that are on - * both the client and server. This list is ordered by the order the diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_1.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_1.patch deleted file mode 100644 index cf2d9a7b0..000000000 --- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_1.patch +++ /dev/null @@ -1,102 +0,0 @@ -From 878e2c5b13010329c203f309ed0c8f2113f85648 Mon Sep 17 00:00:00 2001 -From: Matt Caswell <matt@openssl.org> -Date: Mon, 18 Jan 2016 11:31:58 +0000 -Subject: [PATCH] Prevent small subgroup attacks on DH/DHE - -Historically OpenSSL only ever generated DH parameters based on "safe" -primes. More recently (in version 1.0.2) support was provided for -generating X9.42 style parameter files such as those required for RFC -5114 support. The primes used in such files may not be "safe". Where an -application is using DH configured with parameters based on primes that -are not "safe" then an attacker could use this fact to find a peer's -private DH exponent. This attack requires that the attacker complete -multiple handshakes in which the peer uses the same DH exponent. - -A simple mitigation is to ensure that y^q (mod p) == 1 - -CVE-2016-0701 (fix part 1 of 2) - -Issue reported by Antonio Sanso. - -Reviewed-by: Viktor Dukhovni <viktor@openssl.org> - -Upstream-Status: Backport - -https://github.com/openssl/openssl/commit/878e2c5b13010329c203f309ed0c8f2113f85648 - -CVE: CVE-2016-0701 -Signed-of-by: Armin Kuster <akuster@mvisa.com> - ---- - crypto/dh/dh.h | 1 + - crypto/dh/dh_check.c | 35 +++++++++++++++++++++++++---------- - 2 files changed, 26 insertions(+), 10 deletions(-) - -diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h -index b177673..5498a9d 100644 ---- a/crypto/dh/dh.h -+++ b/crypto/dh/dh.h -@@ -174,6 +174,7 @@ struct dh_st { - /* DH_check_pub_key error codes */ - # define DH_CHECK_PUBKEY_TOO_SMALL 0x01 - # define DH_CHECK_PUBKEY_TOO_LARGE 0x02 -+# define DH_CHECK_PUBKEY_INVALID 0x03 - - /* - * primes p where (p-1)/2 is prime too are called "safe"; we define this for -diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c -index 347467c..5adedc0 100644 ---- a/crypto/dh/dh_check.c -+++ b/crypto/dh/dh_check.c -@@ -151,23 +151,38 @@ int DH_check(const DH *dh, int *ret) - int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) - { - int ok = 0; -- BIGNUM *q = NULL; -+ BIGNUM *tmp = NULL; -+ BN_CTX *ctx = NULL; - - *ret = 0; -- q = BN_new(); -- if (q == NULL) -+ ctx = BN_CTX_new(); -+ if (ctx == NULL) - goto err; -- BN_set_word(q, 1); -- if (BN_cmp(pub_key, q) <= 0) -+ BN_CTX_start(ctx); -+ tmp = BN_CTX_get(ctx); -+ if (tmp == NULL) -+ goto err; -+ BN_set_word(tmp, 1); -+ if (BN_cmp(pub_key, tmp) <= 0) - *ret |= DH_CHECK_PUBKEY_TOO_SMALL; -- BN_copy(q, dh->p); -- BN_sub_word(q, 1); -- if (BN_cmp(pub_key, q) >= 0) -+ BN_copy(tmp, dh->p); -+ BN_sub_word(tmp, 1); -+ if (BN_cmp(pub_key, tmp) >= 0) - *ret |= DH_CHECK_PUBKEY_TOO_LARGE; - -+ if (dh->q != NULL) { -+ /* Check pub_key^q == 1 mod p */ -+ if (!BN_mod_exp(tmp, pub_key, dh->q, dh->p, ctx)) -+ goto err; -+ if (!BN_is_one(tmp)) -+ *ret |= DH_CHECK_PUBKEY_INVALID; -+ } -+ - ok = 1; - err: -- if (q != NULL) -- BN_free(q); -+ if (ctx != NULL) { -+ BN_CTX_end(ctx); -+ BN_CTX_free(ctx); -+ } - return (ok); - } --- -2.3.5 - diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch deleted file mode 100644 index 05caf0a99..000000000 --- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch +++ /dev/null @@ -1,156 +0,0 @@ -From c5b831f21d0d29d1e517d139d9d101763f60c9a2 Mon Sep 17 00:00:00 2001 -From: Matt Caswell <matt@openssl.org> -Date: Thu, 17 Dec 2015 02:57:20 +0000 -Subject: [PATCH] Always generate DH keys for ephemeral DH cipher suites - -Modified version of the commit ffaef3f15 in the master branch by Stephen -Henson. This makes the SSL_OP_SINGLE_DH_USE option a no-op and always -generates a new DH key for every handshake regardless. - -CVE-2016-0701 (fix part 2 or 2) - -Issue reported by Antonio Sanso - -Reviewed-by: Viktor Dukhovni <viktor@openssl.org> - -Upstream-Status: Backport - -https://github.com/openssl/openssl/commit/c5b831f21d0d29d1e517d139d9d101763f60c9a2 - -CVE: CVE-2016-0701 #2 -Signed-of-by: Armin Kuster <akuster@mvisa.com> - ---- - doc/ssl/SSL_CTX_set_tmp_dh_callback.pod | 29 +++++------------------------ - ssl/s3_lib.c | 14 -------------- - ssl/s3_srvr.c | 17 +++-------------- - ssl/ssl.h | 2 +- - 4 files changed, 9 insertions(+), 53 deletions(-) - -Index: openssl-1.0.2d/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod -=================================================================== ---- openssl-1.0.2d.orig/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod -+++ openssl-1.0.2d/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod -@@ -48,25 +48,8 @@ even if he gets hold of the normal (cert - only used for signing. - - In order to perform a DH key exchange the server must use a DH group --(DH parameters) and generate a DH key. --The server will always generate a new DH key during the negotiation --if either the DH parameters are supplied via callback or the --SSL_OP_SINGLE_DH_USE option of SSL_CTX_set_options(3) is set (or both). --It will immediately create a DH key if DH parameters are supplied via --SSL_CTX_set_tmp_dh() and SSL_OP_SINGLE_DH_USE is not set. --In this case, --it may happen that a key is generated on initialization without later --being needed, while on the other hand the computer time during the --negotiation is being saved. -- --If "strong" primes were used to generate the DH parameters, it is not strictly --necessary to generate a new key for each handshake but it does improve forward --secrecy. If it is not assured that "strong" primes were used, --SSL_OP_SINGLE_DH_USE must be used in order to prevent small subgroup --attacks. Always using SSL_OP_SINGLE_DH_USE has an impact on the --computer time needed during negotiation, but it is not very large, so --application authors/users should consider always enabling this option. --The option is required to implement perfect forward secrecy (PFS). -+(DH parameters) and generate a DH key. The server will always generate -+a new DH key during the negotiation. - - As generating DH parameters is extremely time consuming, an application - should not generate the parameters on the fly but supply the parameters. -@@ -93,10 +76,9 @@ can supply the DH parameters via a callb - Previous versions of the callback used B<is_export> and B<keylength> - parameters to control parameter generation for export and non-export - cipher suites. Modern servers that do not support export ciphersuites --are advised to either use SSL_CTX_set_tmp_dh() in combination with --SSL_OP_SINGLE_DH_USE, or alternatively, use the callback but ignore --B<keylength> and B<is_export> and simply supply at least 2048-bit --parameters in the callback. -+are advised to either use SSL_CTX_set_tmp_dh() or alternatively, use -+the callback but ignore B<keylength> and B<is_export> and simply -+supply at least 2048-bit parameters in the callback. - - =head1 EXAMPLES - -@@ -128,7 +110,6 @@ partly left out.) - if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1) { - /* Error. */ - } -- SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE); - ... - - =head1 RETURN VALUES -Index: openssl-1.0.2d/ssl/s3_lib.c -=================================================================== ---- openssl-1.0.2d.orig/ssl/s3_lib.c -+++ openssl-1.0.2d/ssl/s3_lib.c -@@ -3206,13 +3206,6 @@ long ssl3_ctrl(SSL *s, int cmd, long lar - SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); - return (ret); - } -- if (!(s->options & SSL_OP_SINGLE_DH_USE)) { -- if (!DH_generate_key(dh)) { -- DH_free(dh); -- SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB); -- return (ret); -- } -- } - if (s->cert->dh_tmp != NULL) - DH_free(s->cert->dh_tmp); - s->cert->dh_tmp = dh; -@@ -3710,13 +3703,6 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd - SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); - return 0; - } -- if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) { -- if (!DH_generate_key(new)) { -- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB); -- DH_free(new); -- return 0; -- } -- } - if (cert->dh_tmp != NULL) - DH_free(cert->dh_tmp); - cert->dh_tmp = new; -Index: openssl-1.0.2d/ssl/s3_srvr.c -=================================================================== ---- openssl-1.0.2d.orig/ssl/s3_srvr.c -+++ openssl-1.0.2d/ssl/s3_srvr.c -@@ -1684,20 +1684,9 @@ int ssl3_send_server_key_exchange(SSL *s - } - - s->s3->tmp.dh = dh; -- if ((dhp->pub_key == NULL || -- dhp->priv_key == NULL || -- (s->options & SSL_OP_SINGLE_DH_USE))) { -- if (!DH_generate_key(dh)) { -- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); -- goto err; -- } -- } else { -- dh->pub_key = BN_dup(dhp->pub_key); -- dh->priv_key = BN_dup(dhp->priv_key); -- if ((dh->pub_key == NULL) || (dh->priv_key == NULL)) { -- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); -- goto err; -- } -+ if (!DH_generate_key(dh)) { -+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB); -+ goto err; - } - r[0] = dh->p; - r[1] = dh->g; -Index: openssl-1.0.2d/ssl/ssl.h -=================================================================== ---- openssl-1.0.2d.orig/ssl/ssl.h -+++ openssl-1.0.2d/ssl/ssl.h -@@ -625,7 +625,7 @@ struct ssl_session_st { - # define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L - /* If set, always create a new key when using tmp_ecdh parameters */ - # define SSL_OP_SINGLE_ECDH_USE 0x00080000L --/* If set, always create a new key when using tmp_dh parameters */ -+/* Does nothing: retained for compatibility */ - # define SSL_OP_SINGLE_DH_USE 0x00100000L - /* Does nothing: retained for compatibiity */ - # define SSL_OP_EPHEMERAL_RSA 0x0 diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/configure-musl-target.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/configure-musl-target.patch new file mode 100644 index 000000000..613dc7b71 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/openssl/openssl/configure-musl-target.patch @@ -0,0 +1,27 @@ +Add musl triplet support + +Upstream-Status: Pending +Signed-off-by: Khem Raj <raj.khem@gmail.com> + +Index: openssl-1.0.2a/Configure +=================================================================== +--- openssl-1.0.2a.orig/Configure ++++ openssl-1.0.2a/Configure +@@ -431,7 +431,7 @@ my %table=( + # + # ./Configure linux-armv4 -march=armv6 -D__ARM_MAX_ARCH__=8 + # +-"linux-armv4", "gcc: -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-armv4", "gcc: -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-aarch64","gcc: -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${aarch64_asm}:linux64:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + # Configure script adds minimally required -march for assembly support, + # if no -march was specified at command line. mips32 and mips64 below +@@ -504,6 +504,8 @@ my %table=( + "linux-gnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-uclibceabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-uclibceabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-musleabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-musleabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + + "linux-avr32","$ENV{'CC'}:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).", + diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch index c397af2f0..af3989f62 100644 --- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch +++ b/yocto-poky/meta/recipes-connectivity/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch @@ -1,4 +1,4 @@ -Upsteram Status: Backport +Upstream-Status: Backport When building on x32 systems where the default type is 32bit, make sure we can transparently represent 64bit integers. Otherwise we end up with diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch index 0c1a0b651..d81e22cd8 100644 --- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch +++ b/yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch @@ -9,14 +9,15 @@ Reviewed-by: Kurt Roeckx <kurt@roeckx.be> Reviewed-by: Dr Stephen N Henson <shenson@drh-consultancy.co.uk> This is not meant as final patch. - + Upstream-Status: Backport [debian] +Signed-off-by: Armin Kuster <akuster@mvista.com> -Index: openssl-1.0.2/crypto/x509/x509_vfy.c +Index: openssl-1.0.2g/crypto/x509/x509_vfy.c =================================================================== ---- openssl-1.0.2.orig/crypto/x509/x509_vfy.c -+++ openssl-1.0.2/crypto/x509/x509_vfy.c +--- openssl-1.0.2g.orig/crypto/x509/x509_vfy.c ++++ openssl-1.0.2g/crypto/x509/x509_vfy.c @@ -119,6 +119,7 @@ static int check_trust(X509_STORE_CTX *c static int check_revocation(X509_STORE_CTX *ctx); static int check_cert(X509_STORE_CTX *ctx); @@ -25,17 +26,17 @@ Index: openssl-1.0.2/crypto/x509/x509_vfy.c static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer, unsigned int *preasons, X509_CRL *crl, X509 *x); -@@ -438,6 +439,9 @@ int X509_verify_cert(X509_STORE_CTX *ctx +@@ -489,6 +490,9 @@ int X509_verify_cert(X509_STORE_CTX *ctx if (!ok) - goto end; + goto err; + ok = check_ca_blacklist(ctx); -+ if(!ok) goto end; ++ if(!ok) goto err; + #ifndef OPENSSL_NO_RFC3779 /* RFC 3779 path validation, now that CRL check has been done */ ok = v3_asid_validate_path(ctx); -@@ -938,6 +942,29 @@ static int check_crl_time(X509_STORE_CTX +@@ -996,6 +1000,29 @@ static int check_crl_time(X509_STORE_CTX return 1; } diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/version-script.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/version-script.patch new file mode 100644 index 000000000..29f11a288 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/version-script.patch @@ -0,0 +1,4656 @@ +Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure +=================================================================== +--- openssl-1.0.2~beta1.obsolete.0.0498436515490575.orig/Configure 2014-02-24 21:02:30.000000000 +0100 ++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure 2014-02-24 21:02:30.000000000 +0100 +@@ -1651,6 +1651,8 @@ + } + } + ++$shared_ldflag .= " -Wl,--version-script=openssl.ld"; ++ + open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n"; + unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new"; + open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n"; +Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld 2014-02-24 22:19:08.601827266 +0100 +@@ -0,0 +1,4608 @@ ++OPENSSL_1.0.2d { ++ global: ++ BIO_f_ssl; ++ BIO_new_buffer_ssl_connect; ++ BIO_new_ssl; ++ BIO_new_ssl_connect; ++ BIO_proxy_ssl_copy_session_id; ++ BIO_ssl_copy_session_id; ++ BIO_ssl_shutdown; ++ d2i_SSL_SESSION; ++ DTLSv1_client_method; ++ DTLSv1_method; ++ DTLSv1_server_method; ++ ERR_load_SSL_strings; ++ i2d_SSL_SESSION; ++ kssl_build_principal_2; ++ kssl_cget_tkt; ++ kssl_check_authent; ++ kssl_ctx_free; ++ kssl_ctx_new; ++ kssl_ctx_setkey; ++ kssl_ctx_setprinc; ++ kssl_ctx_setstring; ++ kssl_ctx_show; ++ kssl_err_set; ++ kssl_krb5_free_data_contents; ++ kssl_sget_tkt; ++ kssl_skip_confound; ++ kssl_validate_times; ++ PEM_read_bio_SSL_SESSION; ++ PEM_read_SSL_SESSION; ++ PEM_write_bio_SSL_SESSION; ++ PEM_write_SSL_SESSION; ++ SSL_accept; ++ SSL_add_client_CA; ++ SSL_add_dir_cert_subjects_to_stack; ++ SSL_add_dir_cert_subjs_to_stk; ++ SSL_add_file_cert_subjects_to_stack; ++ SSL_add_file_cert_subjs_to_stk; ++ SSL_alert_desc_string; ++ SSL_alert_desc_string_long; ++ SSL_alert_type_string; ++ SSL_alert_type_string_long; ++ SSL_callback_ctrl; ++ SSL_check_private_key; ++ SSL_CIPHER_description; ++ SSL_CIPHER_get_bits; ++ SSL_CIPHER_get_name; ++ SSL_CIPHER_get_version; ++ SSL_clear; ++ SSL_COMP_add_compression_method; ++ SSL_COMP_get_compression_methods; ++ SSL_COMP_get_compress_methods; ++ SSL_COMP_get_name; ++ SSL_connect; ++ SSL_copy_session_id; ++ SSL_ctrl; ++ SSL_CTX_add_client_CA; ++ SSL_CTX_add_session; ++ SSL_CTX_callback_ctrl; ++ SSL_CTX_check_private_key; ++ SSL_CTX_ctrl; ++ SSL_CTX_flush_sessions; ++ SSL_CTX_free; ++ SSL_CTX_get_cert_store; ++ SSL_CTX_get_client_CA_list; ++ SSL_CTX_get_client_cert_cb; ++ SSL_CTX_get_ex_data; ++ SSL_CTX_get_ex_new_index; ++ SSL_CTX_get_info_callback; ++ SSL_CTX_get_quiet_shutdown; ++ SSL_CTX_get_timeout; ++ SSL_CTX_get_verify_callback; ++ SSL_CTX_get_verify_depth; ++ SSL_CTX_get_verify_mode; ++ SSL_CTX_load_verify_locations; ++ SSL_CTX_new; ++ SSL_CTX_remove_session; ++ SSL_CTX_sess_get_get_cb; ++ SSL_CTX_sess_get_new_cb; ++ SSL_CTX_sess_get_remove_cb; ++ SSL_CTX_sessions; ++ SSL_CTX_sess_set_get_cb; ++ SSL_CTX_sess_set_new_cb; ++ SSL_CTX_sess_set_remove_cb; ++ SSL_CTX_set1_param; ++ SSL_CTX_set_cert_store; ++ SSL_CTX_set_cert_verify_callback; ++ SSL_CTX_set_cert_verify_cb; ++ SSL_CTX_set_cipher_list; ++ SSL_CTX_set_client_CA_list; ++ SSL_CTX_set_client_cert_cb; ++ SSL_CTX_set_client_cert_engine; ++ SSL_CTX_set_cookie_generate_cb; ++ SSL_CTX_set_cookie_verify_cb; ++ SSL_CTX_set_default_passwd_cb; ++ SSL_CTX_set_default_passwd_cb_userdata; ++ SSL_CTX_set_default_verify_paths; ++ SSL_CTX_set_def_passwd_cb_ud; ++ SSL_CTX_set_def_verify_paths; ++ SSL_CTX_set_ex_data; ++ SSL_CTX_set_generate_session_id; ++ SSL_CTX_set_info_callback; ++ SSL_CTX_set_msg_callback; ++ SSL_CTX_set_psk_client_callback; ++ SSL_CTX_set_psk_server_callback; ++ SSL_CTX_set_purpose; ++ SSL_CTX_set_quiet_shutdown; ++ SSL_CTX_set_session_id_context; ++ SSL_CTX_set_ssl_version; ++ SSL_CTX_set_timeout; ++ SSL_CTX_set_tmp_dh_callback; ++ SSL_CTX_set_tmp_ecdh_callback; ++ SSL_CTX_set_tmp_rsa_callback; ++ SSL_CTX_set_trust; ++ SSL_CTX_set_verify; ++ SSL_CTX_set_verify_depth; ++ SSL_CTX_use_cert_chain_file; ++ SSL_CTX_use_certificate; ++ SSL_CTX_use_certificate_ASN1; ++ SSL_CTX_use_certificate_chain_file; ++ SSL_CTX_use_certificate_file; ++ SSL_CTX_use_PrivateKey; ++ SSL_CTX_use_PrivateKey_ASN1; ++ SSL_CTX_use_PrivateKey_file; ++ SSL_CTX_use_psk_identity_hint; ++ SSL_CTX_use_RSAPrivateKey; ++ SSL_CTX_use_RSAPrivateKey_ASN1; ++ SSL_CTX_use_RSAPrivateKey_file; ++ SSL_do_handshake; ++ SSL_dup; ++ SSL_dup_CA_list; ++ SSLeay_add_ssl_algorithms; ++ SSL_free; ++ SSL_get1_session; ++ SSL_get_certificate; ++ SSL_get_cipher_list; ++ SSL_get_ciphers; ++ SSL_get_client_CA_list; ++ SSL_get_current_cipher; ++ SSL_get_current_compression; ++ SSL_get_current_expansion; ++ SSL_get_default_timeout; ++ SSL_get_error; ++ SSL_get_ex_data; ++ SSL_get_ex_data_X509_STORE_CTX_idx; ++ SSL_get_ex_d_X509_STORE_CTX_idx; ++ SSL_get_ex_new_index; ++ SSL_get_fd; ++ SSL_get_finished; ++ SSL_get_info_callback; ++ SSL_get_peer_cert_chain; ++ SSL_get_peer_certificate; ++ SSL_get_peer_finished; ++ SSL_get_privatekey; ++ SSL_get_psk_identity; ++ SSL_get_psk_identity_hint; ++ SSL_get_quiet_shutdown; ++ SSL_get_rbio; ++ SSL_get_read_ahead; ++ SSL_get_rfd; ++ SSL_get_servername; ++ SSL_get_servername_type; ++ SSL_get_session; ++ SSL_get_shared_ciphers; ++ SSL_get_shutdown; ++ SSL_get_SSL_CTX; ++ SSL_get_ssl_method; ++ SSL_get_verify_callback; ++ SSL_get_verify_depth; ++ SSL_get_verify_mode; ++ SSL_get_verify_result; ++ SSL_get_version; ++ SSL_get_wbio; ++ SSL_get_wfd; ++ SSL_has_matching_session_id; ++ SSL_library_init; ++ SSL_load_client_CA_file; ++ SSL_load_error_strings; ++ SSL_new; ++ SSL_peek; ++ SSL_pending; ++ SSL_read; ++ SSL_renegotiate; ++ SSL_renegotiate_pending; ++ SSL_rstate_string; ++ SSL_rstate_string_long; ++ SSL_SESSION_cmp; ++ SSL_SESSION_free; ++ SSL_SESSION_get_ex_data; ++ SSL_SESSION_get_ex_new_index; ++ SSL_SESSION_get_id; ++ SSL_SESSION_get_time; ++ SSL_SESSION_get_timeout; ++ SSL_SESSION_hash; ++ SSL_SESSION_new; ++ SSL_SESSION_print; ++ SSL_SESSION_print_fp; ++ SSL_SESSION_set_ex_data; ++ SSL_SESSION_set_time; ++ SSL_SESSION_set_timeout; ++ SSL_set1_param; ++ SSL_set_accept_state; ++ SSL_set_bio; ++ SSL_set_cipher_list; ++ SSL_set_client_CA_list; ++ SSL_set_connect_state; ++ SSL_set_ex_data; ++ SSL_set_fd; ++ SSL_set_generate_session_id; ++ SSL_set_info_callback; ++ SSL_set_msg_callback; ++ SSL_set_psk_client_callback; ++ SSL_set_psk_server_callback; ++ SSL_set_purpose; ++ SSL_set_quiet_shutdown; ++ SSL_set_read_ahead; ++ SSL_set_rfd; ++ SSL_set_session; ++ SSL_set_session_id_context; ++ SSL_set_session_secret_cb; ++ SSL_set_session_ticket_ext; ++ SSL_set_session_ticket_ext_cb; ++ SSL_set_shutdown; ++ SSL_set_SSL_CTX; ++ SSL_set_ssl_method; ++ SSL_set_tmp_dh_callback; ++ SSL_set_tmp_ecdh_callback; ++ SSL_set_tmp_rsa_callback; ++ SSL_set_trust; ++ SSL_set_verify; ++ SSL_set_verify_depth; ++ SSL_set_verify_result; ++ SSL_set_wfd; ++ SSL_shutdown; ++ SSL_state; ++ SSL_state_string; ++ SSL_state_string_long; ++ SSL_use_certificate; ++ SSL_use_certificate_ASN1; ++ SSL_use_certificate_file; ++ SSL_use_PrivateKey; ++ SSL_use_PrivateKey_ASN1; ++ SSL_use_PrivateKey_file; ++ SSL_use_psk_identity_hint; ++ SSL_use_RSAPrivateKey; ++ SSL_use_RSAPrivateKey_ASN1; ++ SSL_use_RSAPrivateKey_file; ++ SSLv23_client_method; ++ SSLv23_method; ++ SSLv23_server_method; ++ SSLv2_client_method; ++ SSLv2_method; ++ SSLv2_server_method; ++ SSLv3_client_method; ++ SSLv3_method; ++ SSLv3_server_method; ++ SSL_version; ++ SSL_want; ++ SSL_write; ++ TLSv1_client_method; ++ TLSv1_method; ++ TLSv1_server_method; ++ ++ ++ SSLeay; ++ SSLeay_version; ++ ASN1_BIT_STRING_asn1_meth; ++ ASN1_HEADER_free; ++ ASN1_HEADER_new; ++ ASN1_IA5STRING_asn1_meth; ++ ASN1_INTEGER_get; ++ ASN1_INTEGER_set; ++ ASN1_INTEGER_to_BN; ++ ASN1_OBJECT_create; ++ ASN1_OBJECT_free; ++ ASN1_OBJECT_new; ++ ASN1_PRINTABLE_type; ++ ASN1_STRING_cmp; ++ ASN1_STRING_dup; ++ ASN1_STRING_free; ++ ASN1_STRING_new; ++ ASN1_STRING_print; ++ ASN1_STRING_set; ++ ASN1_STRING_type_new; ++ ASN1_TYPE_free; ++ ASN1_TYPE_new; ++ ASN1_UNIVERSALSTRING_to_string; ++ ASN1_UTCTIME_check; ++ ASN1_UTCTIME_print; ++ ASN1_UTCTIME_set; ++ ASN1_check_infinite_end; ++ ASN1_d2i_bio; ++ ASN1_d2i_fp; ++ ASN1_digest; ++ ASN1_dup; ++ ASN1_get_object; ++ ASN1_i2d_bio; ++ ASN1_i2d_fp; ++ ASN1_object_size; ++ ASN1_parse; ++ ASN1_put_object; ++ ASN1_sign; ++ ASN1_verify; ++ BF_cbc_encrypt; ++ BF_cfb64_encrypt; ++ BF_ecb_encrypt; ++ BF_encrypt; ++ BF_ofb64_encrypt; ++ BF_options; ++ BF_set_key; ++ BIO_CONNECT_free; ++ BIO_CONNECT_new; ++ BIO_accept; ++ BIO_ctrl; ++ BIO_int_ctrl; ++ BIO_debug_callback; ++ BIO_dump; ++ BIO_dup_chain; ++ BIO_f_base64; ++ BIO_f_buffer; ++ BIO_f_cipher; ++ BIO_f_md; ++ BIO_f_null; ++ BIO_f_proxy_server; ++ BIO_fd_non_fatal_error; ++ BIO_fd_should_retry; ++ BIO_find_type; ++ BIO_free; ++ BIO_free_all; ++ BIO_get_accept_socket; ++ BIO_get_filter_bio; ++ BIO_get_host_ip; ++ BIO_get_port; ++ BIO_get_retry_BIO; ++ BIO_get_retry_reason; ++ BIO_gethostbyname; ++ BIO_gets; ++ BIO_new; ++ BIO_new_accept; ++ BIO_new_connect; ++ BIO_new_fd; ++ BIO_new_file; ++ BIO_new_fp; ++ BIO_new_socket; ++ BIO_pop; ++ BIO_printf; ++ BIO_push; ++ BIO_puts; ++ BIO_read; ++ BIO_s_accept; ++ BIO_s_connect; ++ BIO_s_fd; ++ BIO_s_file; ++ BIO_s_mem; ++ BIO_s_null; ++ BIO_s_proxy_client; ++ BIO_s_socket; ++ BIO_set; ++ BIO_set_cipher; ++ BIO_set_tcp_ndelay; ++ BIO_sock_cleanup; ++ BIO_sock_error; ++ BIO_sock_init; ++ BIO_sock_non_fatal_error; ++ BIO_sock_should_retry; ++ BIO_socket_ioctl; ++ BIO_write; ++ BN_CTX_free; ++ BN_CTX_new; ++ BN_MONT_CTX_free; ++ BN_MONT_CTX_new; ++ BN_MONT_CTX_set; ++ BN_add; ++ BN_add_word; ++ BN_hex2bn; ++ BN_bin2bn; ++ BN_bn2hex; ++ BN_bn2bin; ++ BN_clear; ++ BN_clear_bit; ++ BN_clear_free; ++ BN_cmp; ++ BN_copy; ++ BN_div; ++ BN_div_word; ++ BN_dup; ++ BN_free; ++ BN_from_montgomery; ++ BN_gcd; ++ BN_generate_prime; ++ BN_get_word; ++ BN_is_bit_set; ++ BN_is_prime; ++ BN_lshift; ++ BN_lshift1; ++ BN_mask_bits; ++ BN_mod; ++ BN_mod_exp; ++ BN_mod_exp_mont; ++ BN_mod_exp_simple; ++ BN_mod_inverse; ++ BN_mod_mul; ++ BN_mod_mul_montgomery; ++ BN_mod_word; ++ BN_mul; ++ BN_new; ++ BN_num_bits; ++ BN_num_bits_word; ++ BN_options; ++ BN_print; ++ BN_print_fp; ++ BN_rand; ++ BN_reciprocal; ++ BN_rshift; ++ BN_rshift1; ++ BN_set_bit; ++ BN_set_word; ++ BN_sqr; ++ BN_sub; ++ BN_to_ASN1_INTEGER; ++ BN_ucmp; ++ BN_value_one; ++ BUF_MEM_free; ++ BUF_MEM_grow; ++ BUF_MEM_new; ++ BUF_strdup; ++ CONF_free; ++ CONF_get_number; ++ CONF_get_section; ++ CONF_get_string; ++ CONF_load; ++ CRYPTO_add_lock; ++ CRYPTO_dbg_free; ++ CRYPTO_dbg_malloc; ++ CRYPTO_dbg_realloc; ++ CRYPTO_dbg_remalloc; ++ CRYPTO_free; ++ CRYPTO_get_add_lock_callback; ++ CRYPTO_get_id_callback; ++ CRYPTO_get_lock_name; ++ CRYPTO_get_locking_callback; ++ CRYPTO_get_mem_functions; ++ CRYPTO_lock; ++ CRYPTO_malloc; ++ CRYPTO_mem_ctrl; ++ CRYPTO_mem_leaks; ++ CRYPTO_mem_leaks_cb; ++ CRYPTO_mem_leaks_fp; ++ CRYPTO_realloc; ++ CRYPTO_remalloc; ++ CRYPTO_set_add_lock_callback; ++ CRYPTO_set_id_callback; ++ CRYPTO_set_locking_callback; ++ CRYPTO_set_mem_functions; ++ CRYPTO_thread_id; ++ DH_check; ++ DH_compute_key; ++ DH_free; ++ DH_generate_key; ++ DH_generate_parameters; ++ DH_new; ++ DH_size; ++ DHparams_print; ++ DHparams_print_fp; ++ DSA_free; ++ DSA_generate_key; ++ DSA_generate_parameters; ++ DSA_is_prime; ++ DSA_new; ++ DSA_print; ++ DSA_print_fp; ++ DSA_sign; ++ DSA_sign_setup; ++ DSA_size; ++ DSA_verify; ++ DSAparams_print; ++ DSAparams_print_fp; ++ ERR_clear_error; ++ ERR_error_string; ++ ERR_free_strings; ++ ERR_func_error_string; ++ ERR_get_err_state_table; ++ ERR_get_error; ++ ERR_get_error_line; ++ ERR_get_state; ++ ERR_get_string_table; ++ ERR_lib_error_string; ++ ERR_load_ASN1_strings; ++ ERR_load_BIO_strings; ++ ERR_load_BN_strings; ++ ERR_load_BUF_strings; ++ ERR_load_CONF_strings; ++ ERR_load_DH_strings; ++ ERR_load_DSA_strings; ++ ERR_load_ERR_strings; ++ ERR_load_EVP_strings; ++ ERR_load_OBJ_strings; ++ ERR_load_PEM_strings; ++ ERR_load_PROXY_strings; ++ ERR_load_RSA_strings; ++ ERR_load_X509_strings; ++ ERR_load_crypto_strings; ++ ERR_load_strings; ++ ERR_peek_error; ++ ERR_peek_error_line; ++ ERR_print_errors; ++ ERR_print_errors_fp; ++ ERR_put_error; ++ ERR_reason_error_string; ++ ERR_remove_state; ++ EVP_BytesToKey; ++ EVP_CIPHER_CTX_cleanup; ++ EVP_CipherFinal; ++ EVP_CipherInit; ++ EVP_CipherUpdate; ++ EVP_DecodeBlock; ++ EVP_DecodeFinal; ++ EVP_DecodeInit; ++ EVP_DecodeUpdate; ++ EVP_DecryptFinal; ++ EVP_DecryptInit; ++ EVP_DecryptUpdate; ++ EVP_DigestFinal; ++ EVP_DigestInit; ++ EVP_DigestUpdate; ++ EVP_EncodeBlock; ++ EVP_EncodeFinal; ++ EVP_EncodeInit; ++ EVP_EncodeUpdate; ++ EVP_EncryptFinal; ++ EVP_EncryptInit; ++ EVP_EncryptUpdate; ++ EVP_OpenFinal; ++ EVP_OpenInit; ++ EVP_PKEY_assign; ++ EVP_PKEY_copy_parameters; ++ EVP_PKEY_free; ++ EVP_PKEY_missing_parameters; ++ EVP_PKEY_new; ++ EVP_PKEY_save_parameters; ++ EVP_PKEY_size; ++ EVP_PKEY_type; ++ EVP_SealFinal; ++ EVP_SealInit; ++ EVP_SignFinal; ++ EVP_VerifyFinal; ++ EVP_add_alias; ++ EVP_add_cipher; ++ EVP_add_digest; ++ EVP_bf_cbc; ++ EVP_bf_cfb64; ++ EVP_bf_ecb; ++ EVP_bf_ofb; ++ EVP_cleanup; ++ EVP_des_cbc; ++ EVP_des_cfb64; ++ EVP_des_ecb; ++ EVP_des_ede; ++ EVP_des_ede3; ++ EVP_des_ede3_cbc; ++ EVP_des_ede3_cfb64; ++ EVP_des_ede3_ofb; ++ EVP_des_ede_cbc; ++ EVP_des_ede_cfb64; ++ EVP_des_ede_ofb; ++ EVP_des_ofb; ++ EVP_desx_cbc; ++ EVP_dss; ++ EVP_dss1; ++ EVP_enc_null; ++ EVP_get_cipherbyname; ++ EVP_get_digestbyname; ++ EVP_get_pw_prompt; ++ EVP_idea_cbc; ++ EVP_idea_cfb64; ++ EVP_idea_ecb; ++ EVP_idea_ofb; ++ EVP_md2; ++ EVP_md5; ++ EVP_md_null; ++ EVP_rc2_cbc; ++ EVP_rc2_cfb64; ++ EVP_rc2_ecb; ++ EVP_rc2_ofb; ++ EVP_rc4; ++ EVP_read_pw_string; ++ EVP_set_pw_prompt; ++ EVP_sha; ++ EVP_sha1; ++ MD2; ++ MD2_Final; ++ MD2_Init; ++ MD2_Update; ++ MD2_options; ++ MD5; ++ MD5_Final; ++ MD5_Init; ++ MD5_Update; ++ MDC2; ++ MDC2_Final; ++ MDC2_Init; ++ MDC2_Update; ++ NETSCAPE_SPKAC_free; ++ NETSCAPE_SPKAC_new; ++ NETSCAPE_SPKI_free; ++ NETSCAPE_SPKI_new; ++ NETSCAPE_SPKI_sign; ++ NETSCAPE_SPKI_verify; ++ OBJ_add_object; ++ OBJ_bsearch; ++ OBJ_cleanup; ++ OBJ_cmp; ++ OBJ_create; ++ OBJ_dup; ++ OBJ_ln2nid; ++ OBJ_new_nid; ++ OBJ_nid2ln; ++ OBJ_nid2obj; ++ OBJ_nid2sn; ++ OBJ_obj2nid; ++ OBJ_sn2nid; ++ OBJ_txt2nid; ++ PEM_ASN1_read; ++ PEM_ASN1_read_bio; ++ PEM_ASN1_write; ++ PEM_ASN1_write_bio; ++ PEM_SealFinal; ++ PEM_SealInit; ++ PEM_SealUpdate; ++ PEM_SignFinal; ++ PEM_SignInit; ++ PEM_SignUpdate; ++ PEM_X509_INFO_read; ++ PEM_X509_INFO_read_bio; ++ PEM_X509_INFO_write_bio; ++ PEM_dek_info; ++ PEM_do_header; ++ PEM_get_EVP_CIPHER_INFO; ++ PEM_proc_type; ++ PEM_read; ++ PEM_read_DHparams; ++ PEM_read_DSAPrivateKey; ++ PEM_read_DSAparams; ++ PEM_read_PKCS7; ++ PEM_read_PrivateKey; ++ PEM_read_RSAPrivateKey; ++ PEM_read_X509; ++ PEM_read_X509_CRL; ++ PEM_read_X509_REQ; ++ PEM_read_bio; ++ PEM_read_bio_DHparams; ++ PEM_read_bio_DSAPrivateKey; ++ PEM_read_bio_DSAparams; ++ PEM_read_bio_PKCS7; ++ PEM_read_bio_PrivateKey; ++ PEM_read_bio_RSAPrivateKey; ++ PEM_read_bio_X509; ++ PEM_read_bio_X509_CRL; ++ PEM_read_bio_X509_REQ; ++ PEM_write; ++ PEM_write_DHparams; ++ PEM_write_DSAPrivateKey; ++ PEM_write_DSAparams; ++ PEM_write_PKCS7; ++ PEM_write_PrivateKey; ++ PEM_write_RSAPrivateKey; ++ PEM_write_X509; ++ PEM_write_X509_CRL; ++ PEM_write_X509_REQ; ++ PEM_write_bio; ++ PEM_write_bio_DHparams; ++ PEM_write_bio_DSAPrivateKey; ++ PEM_write_bio_DSAparams; ++ PEM_write_bio_PKCS7; ++ PEM_write_bio_PrivateKey; ++ PEM_write_bio_RSAPrivateKey; ++ PEM_write_bio_X509; ++ PEM_write_bio_X509_CRL; ++ PEM_write_bio_X509_REQ; ++ PKCS7_DIGEST_free; ++ PKCS7_DIGEST_new; ++ PKCS7_ENCRYPT_free; ++ PKCS7_ENCRYPT_new; ++ PKCS7_ENC_CONTENT_free; ++ PKCS7_ENC_CONTENT_new; ++ PKCS7_ENVELOPE_free; ++ PKCS7_ENVELOPE_new; ++ PKCS7_ISSUER_AND_SERIAL_digest; ++ PKCS7_ISSUER_AND_SERIAL_free; ++ PKCS7_ISSUER_AND_SERIAL_new; ++ PKCS7_RECIP_INFO_free; ++ PKCS7_RECIP_INFO_new; ++ PKCS7_SIGNED_free; ++ PKCS7_SIGNED_new; ++ PKCS7_SIGNER_INFO_free; ++ PKCS7_SIGNER_INFO_new; ++ PKCS7_SIGN_ENVELOPE_free; ++ PKCS7_SIGN_ENVELOPE_new; ++ PKCS7_dup; ++ PKCS7_free; ++ PKCS7_new; ++ PROXY_ENTRY_add_noproxy; ++ PROXY_ENTRY_clear_noproxy; ++ PROXY_ENTRY_free; ++ PROXY_ENTRY_get_noproxy; ++ PROXY_ENTRY_new; ++ PROXY_ENTRY_set_server; ++ PROXY_add_noproxy; ++ PROXY_add_server; ++ PROXY_check_by_host; ++ PROXY_check_url; ++ PROXY_clear_noproxy; ++ PROXY_free; ++ PROXY_get_noproxy; ++ PROXY_get_proxies; ++ PROXY_get_proxy_entry; ++ PROXY_load_conf; ++ PROXY_new; ++ PROXY_print; ++ RAND_bytes; ++ RAND_cleanup; ++ RAND_file_name; ++ RAND_load_file; ++ RAND_screen; ++ RAND_seed; ++ RAND_write_file; ++ RC2_cbc_encrypt; ++ RC2_cfb64_encrypt; ++ RC2_ecb_encrypt; ++ RC2_encrypt; ++ RC2_ofb64_encrypt; ++ RC2_set_key; ++ RC4; ++ RC4_options; ++ RC4_set_key; ++ RSAPrivateKey_asn1_meth; ++ RSAPrivateKey_dup; ++ RSAPublicKey_dup; ++ RSA_PKCS1_SSLeay; ++ RSA_free; ++ RSA_generate_key; ++ RSA_new; ++ RSA_new_method; ++ RSA_print; ++ RSA_print_fp; ++ RSA_private_decrypt; ++ RSA_private_encrypt; ++ RSA_public_decrypt; ++ RSA_public_encrypt; ++ RSA_set_default_method; ++ RSA_sign; ++ RSA_sign_ASN1_OCTET_STRING; ++ RSA_size; ++ RSA_verify; ++ RSA_verify_ASN1_OCTET_STRING; ++ SHA; ++ SHA1; ++ SHA1_Final; ++ SHA1_Init; ++ SHA1_Update; ++ SHA_Final; ++ SHA_Init; ++ SHA_Update; ++ OpenSSL_add_all_algorithms; ++ OpenSSL_add_all_ciphers; ++ OpenSSL_add_all_digests; ++ TXT_DB_create_index; ++ TXT_DB_free; ++ TXT_DB_get_by_index; ++ TXT_DB_insert; ++ TXT_DB_read; ++ TXT_DB_write; ++ X509_ALGOR_free; ++ X509_ALGOR_new; ++ X509_ATTRIBUTE_free; ++ X509_ATTRIBUTE_new; ++ X509_CINF_free; ++ X509_CINF_new; ++ X509_CRL_INFO_free; ++ X509_CRL_INFO_new; ++ X509_CRL_add_ext; ++ X509_CRL_cmp; ++ X509_CRL_delete_ext; ++ X509_CRL_dup; ++ X509_CRL_free; ++ X509_CRL_get_ext; ++ X509_CRL_get_ext_by_NID; ++ X509_CRL_get_ext_by_OBJ; ++ X509_CRL_get_ext_by_critical; ++ X509_CRL_get_ext_count; ++ X509_CRL_new; ++ X509_CRL_sign; ++ X509_CRL_verify; ++ X509_EXTENSION_create_by_NID; ++ X509_EXTENSION_create_by_OBJ; ++ X509_EXTENSION_dup; ++ X509_EXTENSION_free; ++ X509_EXTENSION_get_critical; ++ X509_EXTENSION_get_data; ++ X509_EXTENSION_get_object; ++ X509_EXTENSION_new; ++ X509_EXTENSION_set_critical; ++ X509_EXTENSION_set_data; ++ X509_EXTENSION_set_object; ++ X509_INFO_free; ++ X509_INFO_new; ++ X509_LOOKUP_by_alias; ++ X509_LOOKUP_by_fingerprint; ++ X509_LOOKUP_by_issuer_serial; ++ X509_LOOKUP_by_subject; ++ X509_LOOKUP_ctrl; ++ X509_LOOKUP_file; ++ X509_LOOKUP_free; ++ X509_LOOKUP_hash_dir; ++ X509_LOOKUP_init; ++ X509_LOOKUP_new; ++ X509_LOOKUP_shutdown; ++ X509_NAME_ENTRY_create_by_NID; ++ X509_NAME_ENTRY_create_by_OBJ; ++ X509_NAME_ENTRY_dup; ++ X509_NAME_ENTRY_free; ++ X509_NAME_ENTRY_get_data; ++ X509_NAME_ENTRY_get_object; ++ X509_NAME_ENTRY_new; ++ X509_NAME_ENTRY_set_data; ++ X509_NAME_ENTRY_set_object; ++ X509_NAME_add_entry; ++ X509_NAME_cmp; ++ X509_NAME_delete_entry; ++ X509_NAME_digest; ++ X509_NAME_dup; ++ X509_NAME_entry_count; ++ X509_NAME_free; ++ X509_NAME_get_entry; ++ X509_NAME_get_index_by_NID; ++ X509_NAME_get_index_by_OBJ; ++ X509_NAME_get_text_by_NID; ++ X509_NAME_get_text_by_OBJ; ++ X509_NAME_hash; ++ X509_NAME_new; ++ X509_NAME_oneline; ++ X509_NAME_print; ++ X509_NAME_set; ++ X509_OBJECT_free_contents; ++ X509_OBJECT_retrieve_by_subject; ++ X509_OBJECT_up_ref_count; ++ X509_PKEY_free; ++ X509_PKEY_new; ++ X509_PUBKEY_free; ++ X509_PUBKEY_get; ++ X509_PUBKEY_new; ++ X509_PUBKEY_set; ++ X509_REQ_INFO_free; ++ X509_REQ_INFO_new; ++ X509_REQ_dup; ++ X509_REQ_free; ++ X509_REQ_get_pubkey; ++ X509_REQ_new; ++ X509_REQ_print; ++ X509_REQ_print_fp; ++ X509_REQ_set_pubkey; ++ X509_REQ_set_subject_name; ++ X509_REQ_set_version; ++ X509_REQ_sign; ++ X509_REQ_to_X509; ++ X509_REQ_verify; ++ X509_REVOKED_add_ext; ++ X509_REVOKED_delete_ext; ++ X509_REVOKED_free; ++ X509_REVOKED_get_ext; ++ X509_REVOKED_get_ext_by_NID; ++ X509_REVOKED_get_ext_by_OBJ; ++ X509_REVOKED_get_ext_by_critical; ++ X509_REVOKED_get_ext_by_critic; ++ X509_REVOKED_get_ext_count; ++ X509_REVOKED_new; ++ X509_SIG_free; ++ X509_SIG_new; ++ X509_STORE_CTX_cleanup; ++ X509_STORE_CTX_init; ++ X509_STORE_add_cert; ++ X509_STORE_add_lookup; ++ X509_STORE_free; ++ X509_STORE_get_by_subject; ++ X509_STORE_load_locations; ++ X509_STORE_new; ++ X509_STORE_set_default_paths; ++ X509_VAL_free; ++ X509_VAL_new; ++ X509_add_ext; ++ X509_asn1_meth; ++ X509_certificate_type; ++ X509_check_private_key; ++ X509_cmp_current_time; ++ X509_delete_ext; ++ X509_digest; ++ X509_dup; ++ X509_free; ++ X509_get_default_cert_area; ++ X509_get_default_cert_dir; ++ X509_get_default_cert_dir_env; ++ X509_get_default_cert_file; ++ X509_get_default_cert_file_env; ++ X509_get_default_private_dir; ++ X509_get_ext; ++ X509_get_ext_by_NID; ++ X509_get_ext_by_OBJ; ++ X509_get_ext_by_critical; ++ X509_get_ext_count; ++ X509_get_issuer_name; ++ X509_get_pubkey; ++ X509_get_pubkey_parameters; ++ X509_get_serialNumber; ++ X509_get_subject_name; ++ X509_gmtime_adj; ++ X509_issuer_and_serial_cmp; ++ X509_issuer_and_serial_hash; ++ X509_issuer_name_cmp; ++ X509_issuer_name_hash; ++ X509_load_cert_file; ++ X509_new; ++ X509_print; ++ X509_print_fp; ++ X509_set_issuer_name; ++ X509_set_notAfter; ++ X509_set_notBefore; ++ X509_set_pubkey; ++ X509_set_serialNumber; ++ X509_set_subject_name; ++ X509_set_version; ++ X509_sign; ++ X509_subject_name_cmp; ++ X509_subject_name_hash; ++ X509_to_X509_REQ; ++ X509_verify; ++ X509_verify_cert; ++ X509_verify_cert_error_string; ++ X509v3_add_ext; ++ X509v3_add_extension; ++ X509v3_add_netscape_extensions; ++ X509v3_add_standard_extensions; ++ X509v3_cleanup_extensions; ++ X509v3_data_type_by_NID; ++ X509v3_data_type_by_OBJ; ++ X509v3_delete_ext; ++ X509v3_get_ext; ++ X509v3_get_ext_by_NID; ++ X509v3_get_ext_by_OBJ; ++ X509v3_get_ext_by_critical; ++ X509v3_get_ext_count; ++ X509v3_pack_string; ++ X509v3_pack_type_by_NID; ++ X509v3_pack_type_by_OBJ; ++ X509v3_unpack_string; ++ _des_crypt; ++ a2d_ASN1_OBJECT; ++ a2i_ASN1_INTEGER; ++ a2i_ASN1_STRING; ++ asn1_Finish; ++ asn1_GetSequence; ++ bn_div_words; ++ bn_expand2; ++ bn_mul_add_words; ++ bn_mul_words; ++ BN_uadd; ++ BN_usub; ++ bn_sqr_words; ++ _ossl_old_crypt; ++ d2i_ASN1_BIT_STRING; ++ d2i_ASN1_BOOLEAN; ++ d2i_ASN1_HEADER; ++ d2i_ASN1_IA5STRING; ++ d2i_ASN1_INTEGER; ++ d2i_ASN1_OBJECT; ++ d2i_ASN1_OCTET_STRING; ++ d2i_ASN1_PRINTABLE; ++ d2i_ASN1_PRINTABLESTRING; ++ d2i_ASN1_SET; ++ d2i_ASN1_T61STRING; ++ d2i_ASN1_TYPE; ++ d2i_ASN1_UTCTIME; ++ d2i_ASN1_bytes; ++ d2i_ASN1_type_bytes; ++ d2i_DHparams; ++ d2i_DSAPrivateKey; ++ d2i_DSAPrivateKey_bio; ++ d2i_DSAPrivateKey_fp; ++ d2i_DSAPublicKey; ++ d2i_DSAparams; ++ d2i_NETSCAPE_SPKAC; ++ d2i_NETSCAPE_SPKI; ++ d2i_Netscape_RSA; ++ d2i_PKCS7; ++ d2i_PKCS7_DIGEST; ++ d2i_PKCS7_ENCRYPT; ++ d2i_PKCS7_ENC_CONTENT; ++ d2i_PKCS7_ENVELOPE; ++ d2i_PKCS7_ISSUER_AND_SERIAL; ++ d2i_PKCS7_RECIP_INFO; ++ d2i_PKCS7_SIGNED; ++ d2i_PKCS7_SIGNER_INFO; ++ d2i_PKCS7_SIGN_ENVELOPE; ++ d2i_PKCS7_bio; ++ d2i_PKCS7_fp; ++ d2i_PrivateKey; ++ d2i_PublicKey; ++ d2i_RSAPrivateKey; ++ d2i_RSAPrivateKey_bio; ++ d2i_RSAPrivateKey_fp; ++ d2i_RSAPublicKey; ++ d2i_X509; ++ d2i_X509_ALGOR; ++ d2i_X509_ATTRIBUTE; ++ d2i_X509_CINF; ++ d2i_X509_CRL; ++ d2i_X509_CRL_INFO; ++ d2i_X509_CRL_bio; ++ d2i_X509_CRL_fp; ++ d2i_X509_EXTENSION; ++ d2i_X509_NAME; ++ d2i_X509_NAME_ENTRY; ++ d2i_X509_PKEY; ++ d2i_X509_PUBKEY; ++ d2i_X509_REQ; ++ d2i_X509_REQ_INFO; ++ d2i_X509_REQ_bio; ++ d2i_X509_REQ_fp; ++ d2i_X509_REVOKED; ++ d2i_X509_SIG; ++ d2i_X509_VAL; ++ d2i_X509_bio; ++ d2i_X509_fp; ++ DES_cbc_cksum; ++ DES_cbc_encrypt; ++ DES_cblock_print_file; ++ DES_cfb64_encrypt; ++ DES_cfb_encrypt; ++ DES_decrypt3; ++ DES_ecb3_encrypt; ++ DES_ecb_encrypt; ++ DES_ede3_cbc_encrypt; ++ DES_ede3_cfb64_encrypt; ++ DES_ede3_ofb64_encrypt; ++ DES_enc_read; ++ DES_enc_write; ++ DES_encrypt1; ++ DES_encrypt2; ++ DES_encrypt3; ++ DES_fcrypt; ++ DES_is_weak_key; ++ DES_key_sched; ++ DES_ncbc_encrypt; ++ DES_ofb64_encrypt; ++ DES_ofb_encrypt; ++ DES_options; ++ DES_pcbc_encrypt; ++ DES_quad_cksum; ++ DES_random_key; ++ _ossl_old_des_random_seed; ++ _ossl_old_des_read_2passwords; ++ _ossl_old_des_read_password; ++ _ossl_old_des_read_pw; ++ _ossl_old_des_read_pw_string; ++ DES_set_key; ++ DES_set_odd_parity; ++ DES_string_to_2keys; ++ DES_string_to_key; ++ DES_xcbc_encrypt; ++ DES_xwhite_in2out; ++ fcrypt_body; ++ i2a_ASN1_INTEGER; ++ i2a_ASN1_OBJECT; ++ i2a_ASN1_STRING; ++ i2d_ASN1_BIT_STRING; ++ i2d_ASN1_BOOLEAN; ++ i2d_ASN1_HEADER; ++ i2d_ASN1_IA5STRING; ++ i2d_ASN1_INTEGER; ++ i2d_ASN1_OBJECT; ++ i2d_ASN1_OCTET_STRING; ++ i2d_ASN1_PRINTABLE; ++ i2d_ASN1_SET; ++ i2d_ASN1_TYPE; ++ i2d_ASN1_UTCTIME; ++ i2d_ASN1_bytes; ++ i2d_DHparams; ++ i2d_DSAPrivateKey; ++ i2d_DSAPrivateKey_bio; ++ i2d_DSAPrivateKey_fp; ++ i2d_DSAPublicKey; ++ i2d_DSAparams; ++ i2d_NETSCAPE_SPKAC; ++ i2d_NETSCAPE_SPKI; ++ i2d_Netscape_RSA; ++ i2d_PKCS7; ++ i2d_PKCS7_DIGEST; ++ i2d_PKCS7_ENCRYPT; ++ i2d_PKCS7_ENC_CONTENT; ++ i2d_PKCS7_ENVELOPE; ++ i2d_PKCS7_ISSUER_AND_SERIAL; ++ i2d_PKCS7_RECIP_INFO; ++ i2d_PKCS7_SIGNED; ++ i2d_PKCS7_SIGNER_INFO; ++ i2d_PKCS7_SIGN_ENVELOPE; ++ i2d_PKCS7_bio; ++ i2d_PKCS7_fp; ++ i2d_PrivateKey; ++ i2d_PublicKey; ++ i2d_RSAPrivateKey; ++ i2d_RSAPrivateKey_bio; ++ i2d_RSAPrivateKey_fp; ++ i2d_RSAPublicKey; ++ i2d_X509; ++ i2d_X509_ALGOR; ++ i2d_X509_ATTRIBUTE; ++ i2d_X509_CINF; ++ i2d_X509_CRL; ++ i2d_X509_CRL_INFO; ++ i2d_X509_CRL_bio; ++ i2d_X509_CRL_fp; ++ i2d_X509_EXTENSION; ++ i2d_X509_NAME; ++ i2d_X509_NAME_ENTRY; ++ i2d_X509_PKEY; ++ i2d_X509_PUBKEY; ++ i2d_X509_REQ; ++ i2d_X509_REQ_INFO; ++ i2d_X509_REQ_bio; ++ i2d_X509_REQ_fp; ++ i2d_X509_REVOKED; ++ i2d_X509_SIG; ++ i2d_X509_VAL; ++ i2d_X509_bio; ++ i2d_X509_fp; ++ idea_cbc_encrypt; ++ idea_cfb64_encrypt; ++ idea_ecb_encrypt; ++ idea_encrypt; ++ idea_ofb64_encrypt; ++ idea_options; ++ idea_set_decrypt_key; ++ idea_set_encrypt_key; ++ lh_delete; ++ lh_doall; ++ lh_doall_arg; ++ lh_free; ++ lh_insert; ++ lh_new; ++ lh_node_stats; ++ lh_node_stats_bio; ++ lh_node_usage_stats; ++ lh_node_usage_stats_bio; ++ lh_retrieve; ++ lh_stats; ++ lh_stats_bio; ++ lh_strhash; ++ sk_delete; ++ sk_delete_ptr; ++ sk_dup; ++ sk_find; ++ sk_free; ++ sk_insert; ++ sk_new; ++ sk_pop; ++ sk_pop_free; ++ sk_push; ++ sk_set_cmp_func; ++ sk_shift; ++ sk_unshift; ++ sk_zero; ++ BIO_f_nbio_test; ++ ASN1_TYPE_get; ++ ASN1_TYPE_set; ++ PKCS7_content_free; ++ ERR_load_PKCS7_strings; ++ X509_find_by_issuer_and_serial; ++ X509_find_by_subject; ++ PKCS7_ctrl; ++ PKCS7_set_type; ++ PKCS7_set_content; ++ PKCS7_SIGNER_INFO_set; ++ PKCS7_add_signer; ++ PKCS7_add_certificate; ++ PKCS7_add_crl; ++ PKCS7_content_new; ++ PKCS7_dataSign; ++ PKCS7_dataVerify; ++ PKCS7_dataInit; ++ PKCS7_add_signature; ++ PKCS7_cert_from_signer_info; ++ PKCS7_get_signer_info; ++ EVP_delete_alias; ++ EVP_mdc2; ++ PEM_read_bio_RSAPublicKey; ++ PEM_write_bio_RSAPublicKey; ++ d2i_RSAPublicKey_bio; ++ i2d_RSAPublicKey_bio; ++ PEM_read_RSAPublicKey; ++ PEM_write_RSAPublicKey; ++ d2i_RSAPublicKey_fp; ++ i2d_RSAPublicKey_fp; ++ BIO_copy_next_retry; ++ RSA_flags; ++ X509_STORE_add_crl; ++ X509_load_crl_file; ++ EVP_rc2_40_cbc; ++ EVP_rc4_40; ++ EVP_CIPHER_CTX_init; ++ HMAC; ++ HMAC_Init; ++ HMAC_Update; ++ HMAC_Final; ++ ERR_get_next_error_library; ++ EVP_PKEY_cmp_parameters; ++ HMAC_cleanup; ++ BIO_ptr_ctrl; ++ BIO_new_file_internal; ++ BIO_new_fp_internal; ++ BIO_s_file_internal; ++ BN_BLINDING_convert; ++ BN_BLINDING_invert; ++ BN_BLINDING_update; ++ RSA_blinding_on; ++ RSA_blinding_off; ++ i2t_ASN1_OBJECT; ++ BN_BLINDING_new; ++ BN_BLINDING_free; ++ EVP_cast5_cbc; ++ EVP_cast5_cfb64; ++ EVP_cast5_ecb; ++ EVP_cast5_ofb; ++ BF_decrypt; ++ CAST_set_key; ++ CAST_encrypt; ++ CAST_decrypt; ++ CAST_ecb_encrypt; ++ CAST_cbc_encrypt; ++ CAST_cfb64_encrypt; ++ CAST_ofb64_encrypt; ++ RC2_decrypt; ++ OBJ_create_objects; ++ BN_exp; ++ BN_mul_word; ++ BN_sub_word; ++ BN_dec2bn; ++ BN_bn2dec; ++ BIO_ghbn_ctrl; ++ CRYPTO_free_ex_data; ++ CRYPTO_get_ex_data; ++ CRYPTO_set_ex_data; ++ ERR_load_CRYPTO_strings; ++ ERR_load_CRYPTOlib_strings; ++ EVP_PKEY_bits; ++ MD5_Transform; ++ SHA1_Transform; ++ SHA_Transform; ++ X509_STORE_CTX_get_chain; ++ X509_STORE_CTX_get_current_cert; ++ X509_STORE_CTX_get_error; ++ X509_STORE_CTX_get_error_depth; ++ X509_STORE_CTX_get_ex_data; ++ X509_STORE_CTX_set_cert; ++ X509_STORE_CTX_set_chain; ++ X509_STORE_CTX_set_error; ++ X509_STORE_CTX_set_ex_data; ++ CRYPTO_dup_ex_data; ++ CRYPTO_get_new_lockid; ++ CRYPTO_new_ex_data; ++ RSA_set_ex_data; ++ RSA_get_ex_data; ++ RSA_get_ex_new_index; ++ RSA_padding_add_PKCS1_type_1; ++ RSA_padding_add_PKCS1_type_2; ++ RSA_padding_add_SSLv23; ++ RSA_padding_add_none; ++ RSA_padding_check_PKCS1_type_1; ++ RSA_padding_check_PKCS1_type_2; ++ RSA_padding_check_SSLv23; ++ RSA_padding_check_none; ++ bn_add_words; ++ d2i_Netscape_RSA_2; ++ CRYPTO_get_ex_new_index; ++ RIPEMD160_Init; ++ RIPEMD160_Update; ++ RIPEMD160_Final; ++ RIPEMD160; ++ RIPEMD160_Transform; ++ RC5_32_set_key; ++ RC5_32_ecb_encrypt; ++ RC5_32_encrypt; ++ RC5_32_decrypt; ++ RC5_32_cbc_encrypt; ++ RC5_32_cfb64_encrypt; ++ RC5_32_ofb64_encrypt; ++ BN_bn2mpi; ++ BN_mpi2bn; ++ ASN1_BIT_STRING_get_bit; ++ ASN1_BIT_STRING_set_bit; ++ BIO_get_ex_data; ++ BIO_get_ex_new_index; ++ BIO_set_ex_data; ++ X509v3_get_key_usage; ++ X509v3_set_key_usage; ++ a2i_X509v3_key_usage; ++ i2a_X509v3_key_usage; ++ EVP_PKEY_decrypt; ++ EVP_PKEY_encrypt; ++ PKCS7_RECIP_INFO_set; ++ PKCS7_add_recipient; ++ PKCS7_add_recipient_info; ++ PKCS7_set_cipher; ++ ASN1_TYPE_get_int_octetstring; ++ ASN1_TYPE_get_octetstring; ++ ASN1_TYPE_set_int_octetstring; ++ ASN1_TYPE_set_octetstring; ++ ASN1_UTCTIME_set_string; ++ ERR_add_error_data; ++ ERR_set_error_data; ++ EVP_CIPHER_asn1_to_param; ++ EVP_CIPHER_param_to_asn1; ++ EVP_CIPHER_get_asn1_iv; ++ EVP_CIPHER_set_asn1_iv; ++ EVP_rc5_32_12_16_cbc; ++ EVP_rc5_32_12_16_cfb64; ++ EVP_rc5_32_12_16_ecb; ++ EVP_rc5_32_12_16_ofb; ++ asn1_add_error; ++ d2i_ASN1_BMPSTRING; ++ i2d_ASN1_BMPSTRING; ++ BIO_f_ber; ++ BN_init; ++ COMP_CTX_new; ++ COMP_CTX_free; ++ COMP_CTX_compress_block; ++ COMP_CTX_expand_block; ++ X509_STORE_CTX_get_ex_new_index; ++ OBJ_NAME_add; ++ BIO_socket_nbio; ++ EVP_rc2_64_cbc; ++ OBJ_NAME_cleanup; ++ OBJ_NAME_get; ++ OBJ_NAME_init; ++ OBJ_NAME_new_index; ++ OBJ_NAME_remove; ++ BN_MONT_CTX_copy; ++ BIO_new_socks4a_connect; ++ BIO_s_socks4a_connect; ++ PROXY_set_connect_mode; ++ RAND_SSLeay; ++ RAND_set_rand_method; ++ RSA_memory_lock; ++ bn_sub_words; ++ bn_mul_normal; ++ bn_mul_comba8; ++ bn_mul_comba4; ++ bn_sqr_normal; ++ bn_sqr_comba8; ++ bn_sqr_comba4; ++ bn_cmp_words; ++ bn_mul_recursive; ++ bn_mul_part_recursive; ++ bn_sqr_recursive; ++ bn_mul_low_normal; ++ BN_RECP_CTX_init; ++ BN_RECP_CTX_new; ++ BN_RECP_CTX_free; ++ BN_RECP_CTX_set; ++ BN_mod_mul_reciprocal; ++ BN_mod_exp_recp; ++ BN_div_recp; ++ BN_CTX_init; ++ BN_MONT_CTX_init; ++ RAND_get_rand_method; ++ PKCS7_add_attribute; ++ PKCS7_add_signed_attribute; ++ PKCS7_digest_from_attributes; ++ PKCS7_get_attribute; ++ PKCS7_get_issuer_and_serial; ++ PKCS7_get_signed_attribute; ++ COMP_compress_block; ++ COMP_expand_block; ++ COMP_rle; ++ COMP_zlib; ++ ms_time_diff; ++ ms_time_new; ++ ms_time_free; ++ ms_time_cmp; ++ ms_time_get; ++ PKCS7_set_attributes; ++ PKCS7_set_signed_attributes; ++ X509_ATTRIBUTE_create; ++ X509_ATTRIBUTE_dup; ++ ASN1_GENERALIZEDTIME_check; ++ ASN1_GENERALIZEDTIME_print; ++ ASN1_GENERALIZEDTIME_set; ++ ASN1_GENERALIZEDTIME_set_string; ++ ASN1_TIME_print; ++ BASIC_CONSTRAINTS_free; ++ BASIC_CONSTRAINTS_new; ++ ERR_load_X509V3_strings; ++ NETSCAPE_CERT_SEQUENCE_free; ++ NETSCAPE_CERT_SEQUENCE_new; ++ OBJ_txt2obj; ++ PEM_read_NETSCAPE_CERT_SEQUENCE; ++ PEM_read_NS_CERT_SEQ; ++ PEM_read_bio_NETSCAPE_CERT_SEQUENCE; ++ PEM_read_bio_NS_CERT_SEQ; ++ PEM_write_NETSCAPE_CERT_SEQUENCE; ++ PEM_write_NS_CERT_SEQ; ++ PEM_write_bio_NETSCAPE_CERT_SEQUENCE; ++ PEM_write_bio_NS_CERT_SEQ; ++ X509V3_EXT_add; ++ X509V3_EXT_add_alias; ++ X509V3_EXT_add_conf; ++ X509V3_EXT_cleanup; ++ X509V3_EXT_conf; ++ X509V3_EXT_conf_nid; ++ X509V3_EXT_get; ++ X509V3_EXT_get_nid; ++ X509V3_EXT_print; ++ X509V3_EXT_print_fp; ++ X509V3_add_standard_extensions; ++ X509V3_add_value; ++ X509V3_add_value_bool; ++ X509V3_add_value_int; ++ X509V3_conf_free; ++ X509V3_get_value_bool; ++ X509V3_get_value_int; ++ X509V3_parse_list; ++ d2i_ASN1_GENERALIZEDTIME; ++ d2i_ASN1_TIME; ++ d2i_BASIC_CONSTRAINTS; ++ d2i_NETSCAPE_CERT_SEQUENCE; ++ d2i_ext_ku; ++ ext_ku_free; ++ ext_ku_new; ++ i2d_ASN1_GENERALIZEDTIME; ++ i2d_ASN1_TIME; ++ i2d_BASIC_CONSTRAINTS; ++ i2d_NETSCAPE_CERT_SEQUENCE; ++ i2d_ext_ku; ++ EVP_MD_CTX_copy; ++ i2d_ASN1_ENUMERATED; ++ d2i_ASN1_ENUMERATED; ++ ASN1_ENUMERATED_set; ++ ASN1_ENUMERATED_get; ++ BN_to_ASN1_ENUMERATED; ++ ASN1_ENUMERATED_to_BN; ++ i2a_ASN1_ENUMERATED; ++ a2i_ASN1_ENUMERATED; ++ i2d_GENERAL_NAME; ++ d2i_GENERAL_NAME; ++ GENERAL_NAME_new; ++ GENERAL_NAME_free; ++ GENERAL_NAMES_new; ++ GENERAL_NAMES_free; ++ d2i_GENERAL_NAMES; ++ i2d_GENERAL_NAMES; ++ i2v_GENERAL_NAMES; ++ i2s_ASN1_OCTET_STRING; ++ s2i_ASN1_OCTET_STRING; ++ X509V3_EXT_check_conf; ++ hex_to_string; ++ string_to_hex; ++ DES_ede3_cbcm_encrypt; ++ RSA_padding_add_PKCS1_OAEP; ++ RSA_padding_check_PKCS1_OAEP; ++ X509_CRL_print_fp; ++ X509_CRL_print; ++ i2v_GENERAL_NAME; ++ v2i_GENERAL_NAME; ++ i2d_PKEY_USAGE_PERIOD; ++ d2i_PKEY_USAGE_PERIOD; ++ PKEY_USAGE_PERIOD_new; ++ PKEY_USAGE_PERIOD_free; ++ v2i_GENERAL_NAMES; ++ i2s_ASN1_INTEGER; ++ X509V3_EXT_d2i; ++ name_cmp; ++ str_dup; ++ i2s_ASN1_ENUMERATED; ++ i2s_ASN1_ENUMERATED_TABLE; ++ BIO_s_log; ++ BIO_f_reliable; ++ PKCS7_dataFinal; ++ PKCS7_dataDecode; ++ X509V3_EXT_CRL_add_conf; ++ BN_set_params; ++ BN_get_params; ++ BIO_get_ex_num; ++ BIO_set_ex_free_func; ++ EVP_ripemd160; ++ ASN1_TIME_set; ++ i2d_AUTHORITY_KEYID; ++ d2i_AUTHORITY_KEYID; ++ AUTHORITY_KEYID_new; ++ AUTHORITY_KEYID_free; ++ ASN1_seq_unpack; ++ ASN1_seq_pack; ++ ASN1_unpack_string; ++ ASN1_pack_string; ++ PKCS12_pack_safebag; ++ PKCS12_MAKE_KEYBAG; ++ PKCS8_encrypt; ++ PKCS12_MAKE_SHKEYBAG; ++ PKCS12_pack_p7data; ++ PKCS12_pack_p7encdata; ++ PKCS12_add_localkeyid; ++ PKCS12_add_friendlyname_asc; ++ PKCS12_add_friendlyname_uni; ++ PKCS12_get_friendlyname; ++ PKCS12_pbe_crypt; ++ PKCS12_decrypt_d2i; ++ PKCS12_i2d_encrypt; ++ PKCS12_init; ++ PKCS12_key_gen_asc; ++ PKCS12_key_gen_uni; ++ PKCS12_gen_mac; ++ PKCS12_verify_mac; ++ PKCS12_set_mac; ++ PKCS12_setup_mac; ++ OPENSSL_asc2uni; ++ OPENSSL_uni2asc; ++ i2d_PKCS12_BAGS; ++ PKCS12_BAGS_new; ++ d2i_PKCS12_BAGS; ++ PKCS12_BAGS_free; ++ i2d_PKCS12; ++ d2i_PKCS12; ++ PKCS12_new; ++ PKCS12_free; ++ i2d_PKCS12_MAC_DATA; ++ PKCS12_MAC_DATA_new; ++ d2i_PKCS12_MAC_DATA; ++ PKCS12_MAC_DATA_free; ++ i2d_PKCS12_SAFEBAG; ++ PKCS12_SAFEBAG_new; ++ d2i_PKCS12_SAFEBAG; ++ PKCS12_SAFEBAG_free; ++ ERR_load_PKCS12_strings; ++ PKCS12_PBE_add; ++ PKCS8_add_keyusage; ++ PKCS12_get_attr_gen; ++ PKCS12_parse; ++ PKCS12_create; ++ i2d_PKCS12_bio; ++ i2d_PKCS12_fp; ++ d2i_PKCS12_bio; ++ d2i_PKCS12_fp; ++ i2d_PBEPARAM; ++ PBEPARAM_new; ++ d2i_PBEPARAM; ++ PBEPARAM_free; ++ i2d_PKCS8_PRIV_KEY_INFO; ++ PKCS8_PRIV_KEY_INFO_new; ++ d2i_PKCS8_PRIV_KEY_INFO; ++ PKCS8_PRIV_KEY_INFO_free; ++ EVP_PKCS82PKEY; ++ EVP_PKEY2PKCS8; ++ PKCS8_set_broken; ++ EVP_PBE_ALGOR_CipherInit; ++ EVP_PBE_alg_add; ++ PKCS5_pbe_set; ++ EVP_PBE_cleanup; ++ i2d_SXNET; ++ d2i_SXNET; ++ SXNET_new; ++ SXNET_free; ++ i2d_SXNETID; ++ d2i_SXNETID; ++ SXNETID_new; ++ SXNETID_free; ++ DSA_SIG_new; ++ DSA_SIG_free; ++ DSA_do_sign; ++ DSA_do_verify; ++ d2i_DSA_SIG; ++ i2d_DSA_SIG; ++ i2d_ASN1_VISIBLESTRING; ++ d2i_ASN1_VISIBLESTRING; ++ i2d_ASN1_UTF8STRING; ++ d2i_ASN1_UTF8STRING; ++ i2d_DIRECTORYSTRING; ++ d2i_DIRECTORYSTRING; ++ i2d_DISPLAYTEXT; ++ d2i_DISPLAYTEXT; ++ d2i_ASN1_SET_OF_X509; ++ i2d_ASN1_SET_OF_X509; ++ i2d_PBKDF2PARAM; ++ PBKDF2PARAM_new; ++ d2i_PBKDF2PARAM; ++ PBKDF2PARAM_free; ++ i2d_PBE2PARAM; ++ PBE2PARAM_new; ++ d2i_PBE2PARAM; ++ PBE2PARAM_free; ++ d2i_ASN1_SET_OF_GENERAL_NAME; ++ i2d_ASN1_SET_OF_GENERAL_NAME; ++ d2i_ASN1_SET_OF_SXNETID; ++ i2d_ASN1_SET_OF_SXNETID; ++ d2i_ASN1_SET_OF_POLICYQUALINFO; ++ i2d_ASN1_SET_OF_POLICYQUALINFO; ++ d2i_ASN1_SET_OF_POLICYINFO; ++ i2d_ASN1_SET_OF_POLICYINFO; ++ SXNET_add_id_asc; ++ SXNET_add_id_ulong; ++ SXNET_add_id_INTEGER; ++ SXNET_get_id_asc; ++ SXNET_get_id_ulong; ++ SXNET_get_id_INTEGER; ++ X509V3_set_conf_lhash; ++ i2d_CERTIFICATEPOLICIES; ++ CERTIFICATEPOLICIES_new; ++ CERTIFICATEPOLICIES_free; ++ d2i_CERTIFICATEPOLICIES; ++ i2d_POLICYINFO; ++ POLICYINFO_new; ++ d2i_POLICYINFO; ++ POLICYINFO_free; ++ i2d_POLICYQUALINFO; ++ POLICYQUALINFO_new; ++ d2i_POLICYQUALINFO; ++ POLICYQUALINFO_free; ++ i2d_USERNOTICE; ++ USERNOTICE_new; ++ d2i_USERNOTICE; ++ USERNOTICE_free; ++ i2d_NOTICEREF; ++ NOTICEREF_new; ++ d2i_NOTICEREF; ++ NOTICEREF_free; ++ X509V3_get_string; ++ X509V3_get_section; ++ X509V3_string_free; ++ X509V3_section_free; ++ X509V3_set_ctx; ++ s2i_ASN1_INTEGER; ++ CRYPTO_set_locked_mem_functions; ++ CRYPTO_get_locked_mem_functions; ++ CRYPTO_malloc_locked; ++ CRYPTO_free_locked; ++ BN_mod_exp2_mont; ++ ERR_get_error_line_data; ++ ERR_peek_error_line_data; ++ PKCS12_PBE_keyivgen; ++ X509_ALGOR_dup; ++ d2i_ASN1_SET_OF_DIST_POINT; ++ i2d_ASN1_SET_OF_DIST_POINT; ++ i2d_CRL_DIST_POINTS; ++ CRL_DIST_POINTS_new; ++ CRL_DIST_POINTS_free; ++ d2i_CRL_DIST_POINTS; ++ i2d_DIST_POINT; ++ DIST_POINT_new; ++ d2i_DIST_POINT; ++ DIST_POINT_free; ++ i2d_DIST_POINT_NAME; ++ DIST_POINT_NAME_new; ++ DIST_POINT_NAME_free; ++ d2i_DIST_POINT_NAME; ++ X509V3_add_value_uchar; ++ d2i_ASN1_SET_OF_X509_ATTRIBUTE; ++ i2d_ASN1_SET_OF_ASN1_TYPE; ++ d2i_ASN1_SET_OF_X509_EXTENSION; ++ d2i_ASN1_SET_OF_X509_NAME_ENTRY; ++ d2i_ASN1_SET_OF_ASN1_TYPE; ++ i2d_ASN1_SET_OF_X509_ATTRIBUTE; ++ i2d_ASN1_SET_OF_X509_EXTENSION; ++ i2d_ASN1_SET_OF_X509_NAME_ENTRY; ++ X509V3_EXT_i2d; ++ X509V3_EXT_val_prn; ++ X509V3_EXT_add_list; ++ EVP_CIPHER_type; ++ EVP_PBE_CipherInit; ++ X509V3_add_value_bool_nf; ++ d2i_ASN1_UINTEGER; ++ sk_value; ++ sk_num; ++ sk_set; ++ i2d_ASN1_SET_OF_X509_REVOKED; ++ sk_sort; ++ d2i_ASN1_SET_OF_X509_REVOKED; ++ i2d_ASN1_SET_OF_X509_ALGOR; ++ i2d_ASN1_SET_OF_X509_CRL; ++ d2i_ASN1_SET_OF_X509_ALGOR; ++ d2i_ASN1_SET_OF_X509_CRL; ++ i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO; ++ i2d_ASN1_SET_OF_PKCS7_RECIP_INFO; ++ d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO; ++ d2i_ASN1_SET_OF_PKCS7_RECIP_INFO; ++ PKCS5_PBE_add; ++ PEM_write_bio_PKCS8; ++ i2d_PKCS8_fp; ++ PEM_read_bio_PKCS8_PRIV_KEY_INFO; ++ PEM_read_bio_P8_PRIV_KEY_INFO; ++ d2i_PKCS8_bio; ++ d2i_PKCS8_PRIV_KEY_INFO_fp; ++ PEM_write_bio_PKCS8_PRIV_KEY_INFO; ++ PEM_write_bio_P8_PRIV_KEY_INFO; ++ PEM_read_PKCS8; ++ d2i_PKCS8_PRIV_KEY_INFO_bio; ++ d2i_PKCS8_fp; ++ PEM_write_PKCS8; ++ PEM_read_PKCS8_PRIV_KEY_INFO; ++ PEM_read_P8_PRIV_KEY_INFO; ++ PEM_read_bio_PKCS8; ++ PEM_write_PKCS8_PRIV_KEY_INFO; ++ PEM_write_P8_PRIV_KEY_INFO; ++ PKCS5_PBE_keyivgen; ++ i2d_PKCS8_bio; ++ i2d_PKCS8_PRIV_KEY_INFO_fp; ++ i2d_PKCS8_PRIV_KEY_INFO_bio; ++ BIO_s_bio; ++ PKCS5_pbe2_set; ++ PKCS5_PBKDF2_HMAC_SHA1; ++ PKCS5_v2_PBE_keyivgen; ++ PEM_write_bio_PKCS8PrivateKey; ++ PEM_write_PKCS8PrivateKey; ++ BIO_ctrl_get_read_request; ++ BIO_ctrl_pending; ++ BIO_ctrl_wpending; ++ BIO_new_bio_pair; ++ BIO_ctrl_get_write_guarantee; ++ CRYPTO_num_locks; ++ CONF_load_bio; ++ CONF_load_fp; ++ i2d_ASN1_SET_OF_ASN1_OBJECT; ++ d2i_ASN1_SET_OF_ASN1_OBJECT; ++ PKCS7_signatureVerify; ++ RSA_set_method; ++ RSA_get_method; ++ RSA_get_default_method; ++ RSA_check_key; ++ OBJ_obj2txt; ++ DSA_dup_DH; ++ X509_REQ_get_extensions; ++ X509_REQ_set_extension_nids; ++ BIO_nwrite; ++ X509_REQ_extension_nid; ++ BIO_nread; ++ X509_REQ_get_extension_nids; ++ BIO_nwrite0; ++ X509_REQ_add_extensions_nid; ++ BIO_nread0; ++ X509_REQ_add_extensions; ++ BIO_new_mem_buf; ++ DH_set_ex_data; ++ DH_set_method; ++ DSA_OpenSSL; ++ DH_get_ex_data; ++ DH_get_ex_new_index; ++ DSA_new_method; ++ DH_new_method; ++ DH_OpenSSL; ++ DSA_get_ex_new_index; ++ DH_get_default_method; ++ DSA_set_ex_data; ++ DH_set_default_method; ++ DSA_get_ex_data; ++ X509V3_EXT_REQ_add_conf; ++ NETSCAPE_SPKI_print; ++ NETSCAPE_SPKI_set_pubkey; ++ NETSCAPE_SPKI_b64_encode; ++ NETSCAPE_SPKI_get_pubkey; ++ NETSCAPE_SPKI_b64_decode; ++ UTF8_putc; ++ UTF8_getc; ++ RSA_null_method; ++ ASN1_tag2str; ++ BIO_ctrl_reset_read_request; ++ DISPLAYTEXT_new; ++ ASN1_GENERALIZEDTIME_free; ++ X509_REVOKED_get_ext_d2i; ++ X509_set_ex_data; ++ X509_reject_set_bit_asc; ++ X509_NAME_add_entry_by_txt; ++ X509_NAME_add_entry_by_NID; ++ X509_PURPOSE_get0; ++ PEM_read_X509_AUX; ++ d2i_AUTHORITY_INFO_ACCESS; ++ PEM_write_PUBKEY; ++ ACCESS_DESCRIPTION_new; ++ X509_CERT_AUX_free; ++ d2i_ACCESS_DESCRIPTION; ++ X509_trust_clear; ++ X509_TRUST_add; ++ ASN1_VISIBLESTRING_new; ++ X509_alias_set1; ++ ASN1_PRINTABLESTRING_free; ++ EVP_PKEY_get1_DSA; ++ ASN1_BMPSTRING_new; ++ ASN1_mbstring_copy; ++ ASN1_UTF8STRING_new; ++ DSA_get_default_method; ++ i2d_ASN1_SET_OF_ACCESS_DESCRIPTION; ++ ASN1_T61STRING_free; ++ DSA_set_method; ++ X509_get_ex_data; ++ ASN1_STRING_type; ++ X509_PURPOSE_get_by_sname; ++ ASN1_TIME_free; ++ ASN1_OCTET_STRING_cmp; ++ ASN1_BIT_STRING_new; ++ X509_get_ext_d2i; ++ PEM_read_bio_X509_AUX; ++ ASN1_STRING_set_default_mask_asc; ++ ASN1_STRING_set_def_mask_asc; ++ PEM_write_bio_RSA_PUBKEY; ++ ASN1_INTEGER_cmp; ++ d2i_RSA_PUBKEY_fp; ++ X509_trust_set_bit_asc; ++ PEM_write_bio_DSA_PUBKEY; ++ X509_STORE_CTX_free; ++ EVP_PKEY_set1_DSA; ++ i2d_DSA_PUBKEY_fp; ++ X509_load_cert_crl_file; ++ ASN1_TIME_new; ++ i2d_RSA_PUBKEY; ++ X509_STORE_CTX_purpose_inherit; ++ PEM_read_RSA_PUBKEY; ++ d2i_X509_AUX; ++ i2d_DSA_PUBKEY; ++ X509_CERT_AUX_print; ++ PEM_read_DSA_PUBKEY; ++ i2d_RSA_PUBKEY_bio; ++ ASN1_BIT_STRING_num_asc; ++ i2d_PUBKEY; ++ ASN1_UTCTIME_free; ++ DSA_set_default_method; ++ X509_PURPOSE_get_by_id; ++ ACCESS_DESCRIPTION_free; ++ PEM_read_bio_PUBKEY; ++ ASN1_STRING_set_by_NID; ++ X509_PURPOSE_get_id; ++ DISPLAYTEXT_free; ++ OTHERNAME_new; ++ X509_CERT_AUX_new; ++ X509_TRUST_cleanup; ++ X509_NAME_add_entry_by_OBJ; ++ X509_CRL_get_ext_d2i; ++ X509_PURPOSE_get0_name; ++ PEM_read_PUBKEY; ++ i2d_DSA_PUBKEY_bio; ++ i2d_OTHERNAME; ++ ASN1_OCTET_STRING_free; ++ ASN1_BIT_STRING_set_asc; ++ X509_get_ex_new_index; ++ ASN1_STRING_TABLE_cleanup; ++ X509_TRUST_get_by_id; ++ X509_PURPOSE_get_trust; ++ ASN1_STRING_length; ++ d2i_ASN1_SET_OF_ACCESS_DESCRIPTION; ++ ASN1_PRINTABLESTRING_new; ++ X509V3_get_d2i; ++ ASN1_ENUMERATED_free; ++ i2d_X509_CERT_AUX; ++ X509_STORE_CTX_set_trust; ++ ASN1_STRING_set_default_mask; ++ X509_STORE_CTX_new; ++ EVP_PKEY_get1_RSA; ++ DIRECTORYSTRING_free; ++ PEM_write_X509_AUX; ++ ASN1_OCTET_STRING_set; ++ d2i_DSA_PUBKEY_fp; ++ d2i_RSA_PUBKEY; ++ X509_TRUST_get0_name; ++ X509_TRUST_get0; ++ AUTHORITY_INFO_ACCESS_free; ++ ASN1_IA5STRING_new; ++ d2i_DSA_PUBKEY; ++ X509_check_purpose; ++ ASN1_ENUMERATED_new; ++ d2i_RSA_PUBKEY_bio; ++ d2i_PUBKEY; ++ X509_TRUST_get_trust; ++ X509_TRUST_get_flags; ++ ASN1_BMPSTRING_free; ++ ASN1_T61STRING_new; ++ ASN1_UTCTIME_new; ++ i2d_AUTHORITY_INFO_ACCESS; ++ EVP_PKEY_set1_RSA; ++ X509_STORE_CTX_set_purpose; ++ ASN1_IA5STRING_free; ++ PEM_write_bio_X509_AUX; ++ X509_PURPOSE_get_count; ++ CRYPTO_add_info; ++ X509_NAME_ENTRY_create_by_txt; ++ ASN1_STRING_get_default_mask; ++ X509_alias_get0; ++ ASN1_STRING_data; ++ i2d_ACCESS_DESCRIPTION; ++ X509_trust_set_bit; ++ ASN1_BIT_STRING_free; ++ PEM_read_bio_RSA_PUBKEY; ++ X509_add1_reject_object; ++ X509_check_trust; ++ PEM_read_bio_DSA_PUBKEY; ++ X509_PURPOSE_add; ++ ASN1_STRING_TABLE_get; ++ ASN1_UTF8STRING_free; ++ d2i_DSA_PUBKEY_bio; ++ PEM_write_RSA_PUBKEY; ++ d2i_OTHERNAME; ++ X509_reject_set_bit; ++ PEM_write_DSA_PUBKEY; ++ X509_PURPOSE_get0_sname; ++ EVP_PKEY_set1_DH; ++ ASN1_OCTET_STRING_dup; ++ ASN1_BIT_STRING_set; ++ X509_TRUST_get_count; ++ ASN1_INTEGER_free; ++ OTHERNAME_free; ++ i2d_RSA_PUBKEY_fp; ++ ASN1_INTEGER_dup; ++ d2i_X509_CERT_AUX; ++ PEM_write_bio_PUBKEY; ++ ASN1_VISIBLESTRING_free; ++ X509_PURPOSE_cleanup; ++ ASN1_mbstring_ncopy; ++ ASN1_GENERALIZEDTIME_new; ++ EVP_PKEY_get1_DH; ++ ASN1_OCTET_STRING_new; ++ ASN1_INTEGER_new; ++ i2d_X509_AUX; ++ ASN1_BIT_STRING_name_print; ++ X509_cmp; ++ ASN1_STRING_length_set; ++ DIRECTORYSTRING_new; ++ X509_add1_trust_object; ++ PKCS12_newpass; ++ SMIME_write_PKCS7; ++ SMIME_read_PKCS7; ++ DES_set_key_checked; ++ PKCS7_verify; ++ PKCS7_encrypt; ++ DES_set_key_unchecked; ++ SMIME_crlf_copy; ++ i2d_ASN1_PRINTABLESTRING; ++ PKCS7_get0_signers; ++ PKCS7_decrypt; ++ SMIME_text; ++ PKCS7_simple_smimecap; ++ PKCS7_get_smimecap; ++ PKCS7_sign; ++ PKCS7_add_attrib_smimecap; ++ CRYPTO_dbg_set_options; ++ CRYPTO_remove_all_info; ++ CRYPTO_get_mem_debug_functions; ++ CRYPTO_is_mem_check_on; ++ CRYPTO_set_mem_debug_functions; ++ CRYPTO_pop_info; ++ CRYPTO_push_info_; ++ CRYPTO_set_mem_debug_options; ++ PEM_write_PKCS8PrivateKey_nid; ++ PEM_write_bio_PKCS8PrivateKey_nid; ++ PEM_write_bio_PKCS8PrivKey_nid; ++ d2i_PKCS8PrivateKey_bio; ++ ASN1_NULL_free; ++ d2i_ASN1_NULL; ++ ASN1_NULL_new; ++ i2d_PKCS8PrivateKey_bio; ++ i2d_PKCS8PrivateKey_fp; ++ i2d_ASN1_NULL; ++ i2d_PKCS8PrivateKey_nid_fp; ++ d2i_PKCS8PrivateKey_fp; ++ i2d_PKCS8PrivateKey_nid_bio; ++ i2d_PKCS8PrivateKeyInfo_fp; ++ i2d_PKCS8PrivateKeyInfo_bio; ++ PEM_cb; ++ i2d_PrivateKey_fp; ++ d2i_PrivateKey_bio; ++ d2i_PrivateKey_fp; ++ i2d_PrivateKey_bio; ++ X509_reject_clear; ++ X509_TRUST_set_default; ++ d2i_AutoPrivateKey; ++ X509_ATTRIBUTE_get0_type; ++ X509_ATTRIBUTE_set1_data; ++ X509at_get_attr; ++ X509at_get_attr_count; ++ X509_ATTRIBUTE_create_by_NID; ++ X509_ATTRIBUTE_set1_object; ++ X509_ATTRIBUTE_count; ++ X509_ATTRIBUTE_create_by_OBJ; ++ X509_ATTRIBUTE_get0_object; ++ X509at_get_attr_by_NID; ++ X509at_add1_attr; ++ X509_ATTRIBUTE_get0_data; ++ X509at_delete_attr; ++ X509at_get_attr_by_OBJ; ++ RAND_add; ++ BIO_number_written; ++ BIO_number_read; ++ X509_STORE_CTX_get1_chain; ++ ERR_load_RAND_strings; ++ RAND_pseudo_bytes; ++ X509_REQ_get_attr_by_NID; ++ X509_REQ_get_attr; ++ X509_REQ_add1_attr_by_NID; ++ X509_REQ_get_attr_by_OBJ; ++ X509at_add1_attr_by_NID; ++ X509_REQ_add1_attr_by_OBJ; ++ X509_REQ_get_attr_count; ++ X509_REQ_add1_attr; ++ X509_REQ_delete_attr; ++ X509at_add1_attr_by_OBJ; ++ X509_REQ_add1_attr_by_txt; ++ X509_ATTRIBUTE_create_by_txt; ++ X509at_add1_attr_by_txt; ++ BN_pseudo_rand; ++ BN_is_prime_fasttest; ++ BN_CTX_end; ++ BN_CTX_start; ++ BN_CTX_get; ++ EVP_PKEY2PKCS8_broken; ++ ASN1_STRING_TABLE_add; ++ CRYPTO_dbg_get_options; ++ AUTHORITY_INFO_ACCESS_new; ++ CRYPTO_get_mem_debug_options; ++ DES_crypt; ++ PEM_write_bio_X509_REQ_NEW; ++ PEM_write_X509_REQ_NEW; ++ BIO_callback_ctrl; ++ RAND_egd; ++ RAND_status; ++ bn_dump1; ++ DES_check_key_parity; ++ lh_num_items; ++ RAND_event; ++ DSO_new; ++ DSO_new_method; ++ DSO_free; ++ DSO_flags; ++ DSO_up; ++ DSO_set_default_method; ++ DSO_get_default_method; ++ DSO_get_method; ++ DSO_set_method; ++ DSO_load; ++ DSO_bind_var; ++ DSO_METHOD_null; ++ DSO_METHOD_openssl; ++ DSO_METHOD_dlfcn; ++ DSO_METHOD_win32; ++ ERR_load_DSO_strings; ++ DSO_METHOD_dl; ++ NCONF_load; ++ NCONF_load_fp; ++ NCONF_new; ++ NCONF_get_string; ++ NCONF_free; ++ NCONF_get_number; ++ CONF_dump_fp; ++ NCONF_load_bio; ++ NCONF_dump_fp; ++ NCONF_get_section; ++ NCONF_dump_bio; ++ CONF_dump_bio; ++ NCONF_free_data; ++ CONF_set_default_method; ++ ERR_error_string_n; ++ BIO_snprintf; ++ DSO_ctrl; ++ i2d_ASN1_SET_OF_ASN1_INTEGER; ++ i2d_ASN1_SET_OF_PKCS12_SAFEBAG; ++ i2d_ASN1_SET_OF_PKCS7; ++ BIO_vfree; ++ d2i_ASN1_SET_OF_ASN1_INTEGER; ++ d2i_ASN1_SET_OF_PKCS12_SAFEBAG; ++ ASN1_UTCTIME_get; ++ X509_REQ_digest; ++ X509_CRL_digest; ++ d2i_ASN1_SET_OF_PKCS7; ++ EVP_CIPHER_CTX_set_key_length; ++ EVP_CIPHER_CTX_ctrl; ++ BN_mod_exp_mont_word; ++ RAND_egd_bytes; ++ X509_REQ_get1_email; ++ X509_get1_email; ++ X509_email_free; ++ i2d_RSA_NET; ++ d2i_RSA_NET_2; ++ d2i_RSA_NET; ++ DSO_bind_func; ++ CRYPTO_get_new_dynlockid; ++ sk_new_null; ++ CRYPTO_set_dynlock_destroy_callback; ++ CRYPTO_set_dynlock_destroy_cb; ++ CRYPTO_destroy_dynlockid; ++ CRYPTO_set_dynlock_size; ++ CRYPTO_set_dynlock_create_callback; ++ CRYPTO_set_dynlock_create_cb; ++ CRYPTO_set_dynlock_lock_callback; ++ CRYPTO_set_dynlock_lock_cb; ++ CRYPTO_get_dynlock_lock_callback; ++ CRYPTO_get_dynlock_lock_cb; ++ CRYPTO_get_dynlock_destroy_callback; ++ CRYPTO_get_dynlock_destroy_cb; ++ CRYPTO_get_dynlock_value; ++ CRYPTO_get_dynlock_create_callback; ++ CRYPTO_get_dynlock_create_cb; ++ c2i_ASN1_BIT_STRING; ++ i2c_ASN1_BIT_STRING; ++ RAND_poll; ++ c2i_ASN1_INTEGER; ++ i2c_ASN1_INTEGER; ++ BIO_dump_indent; ++ ASN1_parse_dump; ++ c2i_ASN1_OBJECT; ++ X509_NAME_print_ex_fp; ++ ASN1_STRING_print_ex_fp; ++ X509_NAME_print_ex; ++ ASN1_STRING_print_ex; ++ MD4; ++ MD4_Transform; ++ MD4_Final; ++ MD4_Update; ++ MD4_Init; ++ EVP_md4; ++ i2d_PUBKEY_bio; ++ i2d_PUBKEY_fp; ++ d2i_PUBKEY_bio; ++ ASN1_STRING_to_UTF8; ++ BIO_vprintf; ++ BIO_vsnprintf; ++ d2i_PUBKEY_fp; ++ X509_cmp_time; ++ X509_STORE_CTX_set_time; ++ X509_STORE_CTX_get1_issuer; ++ X509_OBJECT_retrieve_match; ++ X509_OBJECT_idx_by_subject; ++ X509_STORE_CTX_set_flags; ++ X509_STORE_CTX_trusted_stack; ++ X509_time_adj; ++ X509_check_issued; ++ ASN1_UTCTIME_cmp_time_t; ++ DES_set_weak_key_flag; ++ DES_check_key; ++ DES_rw_mode; ++ RSA_PKCS1_RSAref; ++ X509_keyid_set1; ++ BIO_next; ++ DSO_METHOD_vms; ++ BIO_f_linebuffer; ++ BN_bntest_rand; ++ OPENSSL_issetugid; ++ BN_rand_range; ++ ERR_load_ENGINE_strings; ++ ENGINE_set_DSA; ++ ENGINE_get_finish_function; ++ ENGINE_get_default_RSA; ++ ENGINE_get_BN_mod_exp; ++ DSA_get_default_openssl_method; ++ ENGINE_set_DH; ++ ENGINE_set_def_BN_mod_exp_crt; ++ ENGINE_set_default_BN_mod_exp_crt; ++ ENGINE_init; ++ DH_get_default_openssl_method; ++ RSA_set_default_openssl_method; ++ ENGINE_finish; ++ ENGINE_load_public_key; ++ ENGINE_get_DH; ++ ENGINE_ctrl; ++ ENGINE_get_init_function; ++ ENGINE_set_init_function; ++ ENGINE_set_default_DSA; ++ ENGINE_get_name; ++ ENGINE_get_last; ++ ENGINE_get_prev; ++ ENGINE_get_default_DH; ++ ENGINE_get_RSA; ++ ENGINE_set_default; ++ ENGINE_get_RAND; ++ ENGINE_get_first; ++ ENGINE_by_id; ++ ENGINE_set_finish_function; ++ ENGINE_get_def_BN_mod_exp_crt; ++ ENGINE_get_default_BN_mod_exp_crt; ++ RSA_get_default_openssl_method; ++ ENGINE_set_RSA; ++ ENGINE_load_private_key; ++ ENGINE_set_default_RAND; ++ ENGINE_set_BN_mod_exp; ++ ENGINE_remove; ++ ENGINE_free; ++ ENGINE_get_BN_mod_exp_crt; ++ ENGINE_get_next; ++ ENGINE_set_name; ++ ENGINE_get_default_DSA; ++ ENGINE_set_default_BN_mod_exp; ++ ENGINE_set_default_RSA; ++ ENGINE_get_default_RAND; ++ ENGINE_get_default_BN_mod_exp; ++ ENGINE_set_RAND; ++ ENGINE_set_id; ++ ENGINE_set_BN_mod_exp_crt; ++ ENGINE_set_default_DH; ++ ENGINE_new; ++ ENGINE_get_id; ++ DSA_set_default_openssl_method; ++ ENGINE_add; ++ DH_set_default_openssl_method; ++ ENGINE_get_DSA; ++ ENGINE_get_ctrl_function; ++ ENGINE_set_ctrl_function; ++ BN_pseudo_rand_range; ++ X509_STORE_CTX_set_verify_cb; ++ ERR_load_COMP_strings; ++ PKCS12_item_decrypt_d2i; ++ ASN1_UTF8STRING_it; ++ ENGINE_unregister_ciphers; ++ ENGINE_get_ciphers; ++ d2i_OCSP_BASICRESP; ++ KRB5_CHECKSUM_it; ++ EC_POINT_add; ++ ASN1_item_ex_i2d; ++ OCSP_CERTID_it; ++ d2i_OCSP_RESPBYTES; ++ X509V3_add1_i2d; ++ PKCS7_ENVELOPE_it; ++ UI_add_input_boolean; ++ ENGINE_unregister_RSA; ++ X509V3_EXT_nconf; ++ ASN1_GENERALSTRING_free; ++ d2i_OCSP_CERTSTATUS; ++ X509_REVOKED_set_serialNumber; ++ X509_print_ex; ++ OCSP_ONEREQ_get1_ext_d2i; ++ ENGINE_register_all_RAND; ++ ENGINE_load_dynamic; ++ PBKDF2PARAM_it; ++ EXTENDED_KEY_USAGE_new; ++ EC_GROUP_clear_free; ++ OCSP_sendreq_bio; ++ ASN1_item_digest; ++ OCSP_BASICRESP_delete_ext; ++ OCSP_SIGNATURE_it; ++ X509_CRL_it; ++ OCSP_BASICRESP_add_ext; ++ KRB5_ENCKEY_it; ++ UI_method_set_closer; ++ X509_STORE_set_purpose; ++ i2d_ASN1_GENERALSTRING; ++ OCSP_response_status; ++ i2d_OCSP_SERVICELOC; ++ ENGINE_get_digest_engine; ++ EC_GROUP_set_curve_GFp; ++ OCSP_REQUEST_get_ext_by_OBJ; ++ _ossl_old_des_random_key; ++ ASN1_T61STRING_it; ++ EC_GROUP_method_of; ++ i2d_KRB5_APREQ; ++ _ossl_old_des_encrypt; ++ ASN1_PRINTABLE_new; ++ HMAC_Init_ex; ++ d2i_KRB5_AUTHENT; ++ OCSP_archive_cutoff_new; ++ EC_POINT_set_Jprojective_coordinates_GFp; ++ EC_POINT_set_Jproj_coords_GFp; ++ _ossl_old_des_is_weak_key; ++ OCSP_BASICRESP_get_ext_by_OBJ; ++ EC_POINT_oct2point; ++ OCSP_SINGLERESP_get_ext_count; ++ UI_ctrl; ++ _shadow_DES_rw_mode; ++ asn1_do_adb; ++ ASN1_template_i2d; ++ ENGINE_register_DH; ++ UI_construct_prompt; ++ X509_STORE_set_trust; ++ UI_dup_input_string; ++ d2i_KRB5_APREQ; ++ EVP_MD_CTX_copy_ex; ++ OCSP_request_is_signed; ++ i2d_OCSP_REQINFO; ++ KRB5_ENCKEY_free; ++ OCSP_resp_get0; ++ GENERAL_NAME_it; ++ ASN1_GENERALIZEDTIME_it; ++ X509_STORE_set_flags; ++ EC_POINT_set_compressed_coordinates_GFp; ++ EC_POINT_set_compr_coords_GFp; ++ OCSP_response_status_str; ++ d2i_OCSP_REVOKEDINFO; ++ OCSP_basic_add1_cert; ++ ERR_get_implementation; ++ EVP_CipherFinal_ex; ++ OCSP_CERTSTATUS_new; ++ CRYPTO_cleanup_all_ex_data; ++ OCSP_resp_find; ++ BN_nnmod; ++ X509_CRL_sort; ++ X509_REVOKED_set_revocationDate; ++ ENGINE_register_RAND; ++ OCSP_SERVICELOC_new; ++ EC_POINT_set_affine_coordinates_GFp; ++ EC_POINT_set_affine_coords_GFp; ++ _ossl_old_des_options; ++ SXNET_it; ++ UI_dup_input_boolean; ++ PKCS12_add_CSPName_asc; ++ EC_POINT_is_at_infinity; ++ ENGINE_load_cryptodev; ++ DSO_convert_filename; ++ POLICYQUALINFO_it; ++ ENGINE_register_ciphers; ++ BN_mod_lshift_quick; ++ DSO_set_filename; ++ ASN1_item_free; ++ KRB5_TKTBODY_free; ++ AUTHORITY_KEYID_it; ++ KRB5_APREQBODY_new; ++ X509V3_EXT_REQ_add_nconf; ++ ENGINE_ctrl_cmd_string; ++ i2d_OCSP_RESPDATA; ++ EVP_MD_CTX_init; ++ EXTENDED_KEY_USAGE_free; ++ PKCS7_ATTR_SIGN_it; ++ UI_add_error_string; ++ KRB5_CHECKSUM_free; ++ OCSP_REQUEST_get_ext; ++ ENGINE_load_ubsec; ++ ENGINE_register_all_digests; ++ PKEY_USAGE_PERIOD_it; ++ PKCS12_unpack_authsafes; ++ ASN1_item_unpack; ++ NETSCAPE_SPKAC_it; ++ X509_REVOKED_it; ++ ASN1_STRING_encode; ++ EVP_aes_128_ecb; ++ KRB5_AUTHENT_free; ++ OCSP_BASICRESP_get_ext_by_critical; ++ OCSP_BASICRESP_get_ext_by_crit; ++ OCSP_cert_status_str; ++ d2i_OCSP_REQUEST; ++ UI_dup_info_string; ++ _ossl_old_des_xwhite_in2out; ++ PKCS12_it; ++ OCSP_SINGLERESP_get_ext_by_critical; ++ OCSP_SINGLERESP_get_ext_by_crit; ++ OCSP_CERTSTATUS_free; ++ _ossl_old_des_crypt; ++ ASN1_item_i2d; ++ EVP_DecryptFinal_ex; ++ ENGINE_load_openssl; ++ ENGINE_get_cmd_defns; ++ ENGINE_set_load_privkey_function; ++ ENGINE_set_load_privkey_fn; ++ EVP_EncryptFinal_ex; ++ ENGINE_set_default_digests; ++ X509_get0_pubkey_bitstr; ++ asn1_ex_i2c; ++ ENGINE_register_RSA; ++ ENGINE_unregister_DSA; ++ _ossl_old_des_key_sched; ++ X509_EXTENSION_it; ++ i2d_KRB5_AUTHENT; ++ SXNETID_it; ++ d2i_OCSP_SINGLERESP; ++ EDIPARTYNAME_new; ++ PKCS12_certbag2x509; ++ _ossl_old_des_ofb64_encrypt; ++ d2i_EXTENDED_KEY_USAGE; ++ ERR_print_errors_cb; ++ ENGINE_set_ciphers; ++ d2i_KRB5_APREQBODY; ++ UI_method_get_flusher; ++ X509_PUBKEY_it; ++ _ossl_old_des_enc_read; ++ PKCS7_ENCRYPT_it; ++ i2d_OCSP_RESPONSE; ++ EC_GROUP_get_cofactor; ++ PKCS12_unpack_p7data; ++ d2i_KRB5_AUTHDATA; ++ OCSP_copy_nonce; ++ KRB5_AUTHDATA_new; ++ OCSP_RESPDATA_new; ++ EC_GFp_mont_method; ++ OCSP_REVOKEDINFO_free; ++ UI_get_ex_data; ++ KRB5_APREQBODY_free; ++ EC_GROUP_get0_generator; ++ UI_get_default_method; ++ X509V3_set_nconf; ++ PKCS12_item_i2d_encrypt; ++ X509_add1_ext_i2d; ++ PKCS7_SIGNER_INFO_it; ++ KRB5_PRINCNAME_new; ++ PKCS12_SAFEBAG_it; ++ EC_GROUP_get_order; ++ d2i_OCSP_RESPID; ++ OCSP_request_verify; ++ NCONF_get_number_e; ++ _ossl_old_des_decrypt3; ++ X509_signature_print; ++ OCSP_SINGLERESP_free; ++ ENGINE_load_builtin_engines; ++ i2d_OCSP_ONEREQ; ++ OCSP_REQUEST_add_ext; ++ OCSP_RESPBYTES_new; ++ EVP_MD_CTX_create; ++ OCSP_resp_find_status; ++ X509_ALGOR_it; ++ ASN1_TIME_it; ++ OCSP_request_set1_name; ++ OCSP_ONEREQ_get_ext_count; ++ UI_get0_result; ++ PKCS12_AUTHSAFES_it; ++ EVP_aes_256_ecb; ++ PKCS12_pack_authsafes; ++ ASN1_IA5STRING_it; ++ UI_get_input_flags; ++ EC_GROUP_set_generator; ++ _ossl_old_des_string_to_2keys; ++ OCSP_CERTID_free; ++ X509_CERT_AUX_it; ++ CERTIFICATEPOLICIES_it; ++ _ossl_old_des_ede3_cbc_encrypt; ++ RAND_set_rand_engine; ++ DSO_get_loaded_filename; ++ X509_ATTRIBUTE_it; ++ OCSP_ONEREQ_get_ext_by_NID; ++ PKCS12_decrypt_skey; ++ KRB5_AUTHENT_it; ++ UI_dup_error_string; ++ RSAPublicKey_it; ++ i2d_OCSP_REQUEST; ++ PKCS12_x509crl2certbag; ++ OCSP_SERVICELOC_it; ++ ASN1_item_sign; ++ X509_CRL_set_issuer_name; ++ OBJ_NAME_do_all_sorted; ++ i2d_OCSP_BASICRESP; ++ i2d_OCSP_RESPBYTES; ++ PKCS12_unpack_p7encdata; ++ HMAC_CTX_init; ++ ENGINE_get_digest; ++ OCSP_RESPONSE_print; ++ KRB5_TKTBODY_it; ++ ACCESS_DESCRIPTION_it; ++ PKCS7_ISSUER_AND_SERIAL_it; ++ PBE2PARAM_it; ++ PKCS12_certbag2x509crl; ++ PKCS7_SIGNED_it; ++ ENGINE_get_cipher; ++ i2d_OCSP_CRLID; ++ OCSP_SINGLERESP_new; ++ ENGINE_cmd_is_executable; ++ RSA_up_ref; ++ ASN1_GENERALSTRING_it; ++ ENGINE_register_DSA; ++ X509V3_EXT_add_nconf_sk; ++ ENGINE_set_load_pubkey_function; ++ PKCS8_decrypt; ++ PEM_bytes_read_bio; ++ DIRECTORYSTRING_it; ++ d2i_OCSP_CRLID; ++ EC_POINT_is_on_curve; ++ CRYPTO_set_locked_mem_ex_functions; ++ CRYPTO_set_locked_mem_ex_funcs; ++ d2i_KRB5_CHECKSUM; ++ ASN1_item_dup; ++ X509_it; ++ BN_mod_add; ++ KRB5_AUTHDATA_free; ++ _ossl_old_des_cbc_cksum; ++ ASN1_item_verify; ++ CRYPTO_set_mem_ex_functions; ++ EC_POINT_get_Jprojective_coordinates_GFp; ++ EC_POINT_get_Jproj_coords_GFp; ++ ZLONG_it; ++ CRYPTO_get_locked_mem_ex_functions; ++ CRYPTO_get_locked_mem_ex_funcs; ++ ASN1_TIME_check; ++ UI_get0_user_data; ++ HMAC_CTX_cleanup; ++ DSA_up_ref; ++ _ossl_old_des_ede3_cfb64_encrypt; ++ _ossl_odes_ede3_cfb64_encrypt; ++ ASN1_BMPSTRING_it; ++ ASN1_tag2bit; ++ UI_method_set_flusher; ++ X509_ocspid_print; ++ KRB5_ENCDATA_it; ++ ENGINE_get_load_pubkey_function; ++ UI_add_user_data; ++ OCSP_REQUEST_delete_ext; ++ UI_get_method; ++ OCSP_ONEREQ_free; ++ ASN1_PRINTABLESTRING_it; ++ X509_CRL_set_nextUpdate; ++ OCSP_REQUEST_it; ++ OCSP_BASICRESP_it; ++ AES_ecb_encrypt; ++ BN_mod_sqr; ++ NETSCAPE_CERT_SEQUENCE_it; ++ GENERAL_NAMES_it; ++ AUTHORITY_INFO_ACCESS_it; ++ ASN1_FBOOLEAN_it; ++ UI_set_ex_data; ++ _ossl_old_des_string_to_key; ++ ENGINE_register_all_RSA; ++ d2i_KRB5_PRINCNAME; ++ OCSP_RESPBYTES_it; ++ X509_CINF_it; ++ ENGINE_unregister_digests; ++ d2i_EDIPARTYNAME; ++ d2i_OCSP_SERVICELOC; ++ ENGINE_get_digests; ++ _ossl_old_des_set_odd_parity; ++ OCSP_RESPDATA_free; ++ d2i_KRB5_TICKET; ++ OTHERNAME_it; ++ EVP_MD_CTX_cleanup; ++ d2i_ASN1_GENERALSTRING; ++ X509_CRL_set_version; ++ BN_mod_sub; ++ OCSP_SINGLERESP_get_ext_by_NID; ++ ENGINE_get_ex_new_index; ++ OCSP_REQUEST_free; ++ OCSP_REQUEST_add1_ext_i2d; ++ X509_VAL_it; ++ EC_POINTs_make_affine; ++ EC_POINT_mul; ++ X509V3_EXT_add_nconf; ++ X509_TRUST_set; ++ X509_CRL_add1_ext_i2d; ++ _ossl_old_des_fcrypt; ++ DISPLAYTEXT_it; ++ X509_CRL_set_lastUpdate; ++ OCSP_BASICRESP_free; ++ OCSP_BASICRESP_add1_ext_i2d; ++ d2i_KRB5_AUTHENTBODY; ++ CRYPTO_set_ex_data_implementation; ++ CRYPTO_set_ex_data_impl; ++ KRB5_ENCDATA_new; ++ DSO_up_ref; ++ OCSP_crl_reason_str; ++ UI_get0_result_string; ++ ASN1_GENERALSTRING_new; ++ X509_SIG_it; ++ ERR_set_implementation; ++ ERR_load_EC_strings; ++ UI_get0_action_string; ++ OCSP_ONEREQ_get_ext; ++ EC_POINT_method_of; ++ i2d_KRB5_APREQBODY; ++ _ossl_old_des_ecb3_encrypt; ++ CRYPTO_get_mem_ex_functions; ++ ENGINE_get_ex_data; ++ UI_destroy_method; ++ ASN1_item_i2d_bio; ++ OCSP_ONEREQ_get_ext_by_OBJ; ++ ASN1_primitive_new; ++ ASN1_PRINTABLE_it; ++ EVP_aes_192_ecb; ++ OCSP_SIGNATURE_new; ++ LONG_it; ++ ASN1_VISIBLESTRING_it; ++ OCSP_SINGLERESP_add1_ext_i2d; ++ d2i_OCSP_CERTID; ++ ASN1_item_d2i_fp; ++ CRL_DIST_POINTS_it; ++ GENERAL_NAME_print; ++ OCSP_SINGLERESP_delete_ext; ++ PKCS12_SAFEBAGS_it; ++ d2i_OCSP_SIGNATURE; ++ OCSP_request_add1_nonce; ++ ENGINE_set_cmd_defns; ++ OCSP_SERVICELOC_free; ++ EC_GROUP_free; ++ ASN1_BIT_STRING_it; ++ X509_REQ_it; ++ _ossl_old_des_cbc_encrypt; ++ ERR_unload_strings; ++ PKCS7_SIGN_ENVELOPE_it; ++ EDIPARTYNAME_free; ++ OCSP_REQINFO_free; ++ EC_GROUP_new_curve_GFp; ++ OCSP_REQUEST_get1_ext_d2i; ++ PKCS12_item_pack_safebag; ++ asn1_ex_c2i; ++ ENGINE_register_digests; ++ i2d_OCSP_REVOKEDINFO; ++ asn1_enc_restore; ++ UI_free; ++ UI_new_method; ++ EVP_EncryptInit_ex; ++ X509_pubkey_digest; ++ EC_POINT_invert; ++ OCSP_basic_sign; ++ i2d_OCSP_RESPID; ++ OCSP_check_nonce; ++ ENGINE_ctrl_cmd; ++ d2i_KRB5_ENCKEY; ++ OCSP_parse_url; ++ OCSP_SINGLERESP_get_ext; ++ OCSP_CRLID_free; ++ OCSP_BASICRESP_get1_ext_d2i; ++ RSAPrivateKey_it; ++ ENGINE_register_all_DH; ++ i2d_EDIPARTYNAME; ++ EC_POINT_get_affine_coordinates_GFp; ++ EC_POINT_get_affine_coords_GFp; ++ OCSP_CRLID_new; ++ ENGINE_get_flags; ++ OCSP_ONEREQ_it; ++ UI_process; ++ ASN1_INTEGER_it; ++ EVP_CipherInit_ex; ++ UI_get_string_type; ++ ENGINE_unregister_DH; ++ ENGINE_register_all_DSA; ++ OCSP_ONEREQ_get_ext_by_critical; ++ bn_dup_expand; ++ OCSP_cert_id_new; ++ BASIC_CONSTRAINTS_it; ++ BN_mod_add_quick; ++ EC_POINT_new; ++ EVP_MD_CTX_destroy; ++ OCSP_RESPBYTES_free; ++ EVP_aes_128_cbc; ++ OCSP_SINGLERESP_get1_ext_d2i; ++ EC_POINT_free; ++ DH_up_ref; ++ X509_NAME_ENTRY_it; ++ UI_get_ex_new_index; ++ BN_mod_sub_quick; ++ OCSP_ONEREQ_add_ext; ++ OCSP_request_sign; ++ EVP_DigestFinal_ex; ++ ENGINE_set_digests; ++ OCSP_id_issuer_cmp; ++ OBJ_NAME_do_all; ++ EC_POINTs_mul; ++ ENGINE_register_complete; ++ X509V3_EXT_nconf_nid; ++ ASN1_SEQUENCE_it; ++ UI_set_default_method; ++ RAND_query_egd_bytes; ++ UI_method_get_writer; ++ UI_OpenSSL; ++ PEM_def_callback; ++ ENGINE_cleanup; ++ DIST_POINT_it; ++ OCSP_SINGLERESP_it; ++ d2i_KRB5_TKTBODY; ++ EC_POINT_cmp; ++ OCSP_REVOKEDINFO_new; ++ i2d_OCSP_CERTSTATUS; ++ OCSP_basic_add1_nonce; ++ ASN1_item_ex_d2i; ++ BN_mod_lshift1_quick; ++ UI_set_method; ++ OCSP_id_get0_info; ++ BN_mod_sqrt; ++ EC_GROUP_copy; ++ KRB5_ENCDATA_free; ++ _ossl_old_des_cfb_encrypt; ++ OCSP_SINGLERESP_get_ext_by_OBJ; ++ OCSP_cert_to_id; ++ OCSP_RESPID_new; ++ OCSP_RESPDATA_it; ++ d2i_OCSP_RESPDATA; ++ ENGINE_register_all_complete; ++ OCSP_check_validity; ++ PKCS12_BAGS_it; ++ OCSP_url_svcloc_new; ++ ASN1_template_free; ++ OCSP_SINGLERESP_add_ext; ++ KRB5_AUTHENTBODY_it; ++ X509_supported_extension; ++ i2d_KRB5_AUTHDATA; ++ UI_method_get_opener; ++ ENGINE_set_ex_data; ++ OCSP_REQUEST_print; ++ CBIGNUM_it; ++ KRB5_TICKET_new; ++ KRB5_APREQ_new; ++ EC_GROUP_get_curve_GFp; ++ KRB5_ENCKEY_new; ++ ASN1_template_d2i; ++ _ossl_old_des_quad_cksum; ++ OCSP_single_get0_status; ++ BN_swap; ++ POLICYINFO_it; ++ ENGINE_set_destroy_function; ++ asn1_enc_free; ++ OCSP_RESPID_it; ++ EC_GROUP_new; ++ EVP_aes_256_cbc; ++ i2d_KRB5_PRINCNAME; ++ _ossl_old_des_encrypt2; ++ _ossl_old_des_encrypt3; ++ PKCS8_PRIV_KEY_INFO_it; ++ OCSP_REQINFO_it; ++ PBEPARAM_it; ++ KRB5_AUTHENTBODY_new; ++ X509_CRL_add0_revoked; ++ EDIPARTYNAME_it; ++ NETSCAPE_SPKI_it; ++ UI_get0_test_string; ++ ENGINE_get_cipher_engine; ++ ENGINE_register_all_ciphers; ++ EC_POINT_copy; ++ BN_kronecker; ++ _ossl_old_des_ede3_ofb64_encrypt; ++ _ossl_odes_ede3_ofb64_encrypt; ++ UI_method_get_reader; ++ OCSP_BASICRESP_get_ext_count; ++ ASN1_ENUMERATED_it; ++ UI_set_result; ++ i2d_KRB5_TICKET; ++ X509_print_ex_fp; ++ EVP_CIPHER_CTX_set_padding; ++ d2i_OCSP_RESPONSE; ++ ASN1_UTCTIME_it; ++ _ossl_old_des_enc_write; ++ OCSP_RESPONSE_new; ++ AES_set_encrypt_key; ++ OCSP_resp_count; ++ KRB5_CHECKSUM_new; ++ ENGINE_load_cswift; ++ OCSP_onereq_get0_id; ++ ENGINE_set_default_ciphers; ++ NOTICEREF_it; ++ X509V3_EXT_CRL_add_nconf; ++ OCSP_REVOKEDINFO_it; ++ AES_encrypt; ++ OCSP_REQUEST_new; ++ ASN1_ANY_it; ++ CRYPTO_ex_data_new_class; ++ _ossl_old_des_ncbc_encrypt; ++ i2d_KRB5_TKTBODY; ++ EC_POINT_clear_free; ++ AES_decrypt; ++ asn1_enc_init; ++ UI_get_result_maxsize; ++ OCSP_CERTID_new; ++ ENGINE_unregister_RAND; ++ UI_method_get_closer; ++ d2i_KRB5_ENCDATA; ++ OCSP_request_onereq_count; ++ OCSP_basic_verify; ++ KRB5_AUTHENTBODY_free; ++ ASN1_item_d2i; ++ ASN1_primitive_free; ++ i2d_EXTENDED_KEY_USAGE; ++ i2d_OCSP_SIGNATURE; ++ asn1_enc_save; ++ ENGINE_load_nuron; ++ _ossl_old_des_pcbc_encrypt; ++ PKCS12_MAC_DATA_it; ++ OCSP_accept_responses_new; ++ asn1_do_lock; ++ PKCS7_ATTR_VERIFY_it; ++ KRB5_APREQBODY_it; ++ i2d_OCSP_SINGLERESP; ++ ASN1_item_ex_new; ++ UI_add_verify_string; ++ _ossl_old_des_set_key; ++ KRB5_PRINCNAME_it; ++ EVP_DecryptInit_ex; ++ i2d_OCSP_CERTID; ++ ASN1_item_d2i_bio; ++ EC_POINT_dbl; ++ asn1_get_choice_selector; ++ i2d_KRB5_CHECKSUM; ++ ENGINE_set_table_flags; ++ AES_options; ++ ENGINE_load_chil; ++ OCSP_id_cmp; ++ OCSP_BASICRESP_new; ++ OCSP_REQUEST_get_ext_by_NID; ++ KRB5_APREQ_it; ++ ENGINE_get_destroy_function; ++ CONF_set_nconf; ++ ASN1_PRINTABLE_free; ++ OCSP_BASICRESP_get_ext_by_NID; ++ DIST_POINT_NAME_it; ++ X509V3_extensions_print; ++ _ossl_old_des_cfb64_encrypt; ++ X509_REVOKED_add1_ext_i2d; ++ _ossl_old_des_ofb_encrypt; ++ KRB5_TKTBODY_new; ++ ASN1_OCTET_STRING_it; ++ ERR_load_UI_strings; ++ i2d_KRB5_ENCKEY; ++ ASN1_template_new; ++ OCSP_SIGNATURE_free; ++ ASN1_item_i2d_fp; ++ KRB5_PRINCNAME_free; ++ PKCS7_RECIP_INFO_it; ++ EXTENDED_KEY_USAGE_it; ++ EC_GFp_simple_method; ++ EC_GROUP_precompute_mult; ++ OCSP_request_onereq_get0; ++ UI_method_set_writer; ++ KRB5_AUTHENT_new; ++ X509_CRL_INFO_it; ++ DSO_set_name_converter; ++ AES_set_decrypt_key; ++ PKCS7_DIGEST_it; ++ PKCS12_x5092certbag; ++ EVP_DigestInit_ex; ++ i2a_ACCESS_DESCRIPTION; ++ OCSP_RESPONSE_it; ++ PKCS7_ENC_CONTENT_it; ++ OCSP_request_add0_id; ++ EC_POINT_make_affine; ++ DSO_get_filename; ++ OCSP_CERTSTATUS_it; ++ OCSP_request_add1_cert; ++ UI_get0_output_string; ++ UI_dup_verify_string; ++ BN_mod_lshift; ++ KRB5_AUTHDATA_it; ++ asn1_set_choice_selector; ++ OCSP_basic_add1_status; ++ OCSP_RESPID_free; ++ asn1_get_field_ptr; ++ UI_add_input_string; ++ OCSP_CRLID_it; ++ i2d_KRB5_AUTHENTBODY; ++ OCSP_REQUEST_get_ext_count; ++ ENGINE_load_atalla; ++ X509_NAME_it; ++ USERNOTICE_it; ++ OCSP_REQINFO_new; ++ OCSP_BASICRESP_get_ext; ++ CRYPTO_get_ex_data_implementation; ++ CRYPTO_get_ex_data_impl; ++ ASN1_item_pack; ++ i2d_KRB5_ENCDATA; ++ X509_PURPOSE_set; ++ X509_REQ_INFO_it; ++ UI_method_set_opener; ++ ASN1_item_ex_free; ++ ASN1_BOOLEAN_it; ++ ENGINE_get_table_flags; ++ UI_create_method; ++ OCSP_ONEREQ_add1_ext_i2d; ++ _shadow_DES_check_key; ++ d2i_OCSP_REQINFO; ++ UI_add_info_string; ++ UI_get_result_minsize; ++ ASN1_NULL_it; ++ BN_mod_lshift1; ++ d2i_OCSP_ONEREQ; ++ OCSP_ONEREQ_new; ++ KRB5_TICKET_it; ++ EVP_aes_192_cbc; ++ KRB5_TICKET_free; ++ UI_new; ++ OCSP_response_create; ++ _ossl_old_des_xcbc_encrypt; ++ PKCS7_it; ++ OCSP_REQUEST_get_ext_by_critical; ++ OCSP_REQUEST_get_ext_by_crit; ++ ENGINE_set_flags; ++ _ossl_old_des_ecb_encrypt; ++ OCSP_response_get1_basic; ++ EVP_Digest; ++ OCSP_ONEREQ_delete_ext; ++ ASN1_TBOOLEAN_it; ++ ASN1_item_new; ++ ASN1_TIME_to_generalizedtime; ++ BIGNUM_it; ++ AES_cbc_encrypt; ++ ENGINE_get_load_privkey_function; ++ ENGINE_get_load_privkey_fn; ++ OCSP_RESPONSE_free; ++ UI_method_set_reader; ++ i2d_ASN1_T61STRING; ++ EC_POINT_set_to_infinity; ++ ERR_load_OCSP_strings; ++ EC_POINT_point2oct; ++ KRB5_APREQ_free; ++ ASN1_OBJECT_it; ++ OCSP_crlID_new; ++ OCSP_crlID2_new; ++ CONF_modules_load_file; ++ CONF_imodule_set_usr_data; ++ ENGINE_set_default_string; ++ CONF_module_get_usr_data; ++ ASN1_add_oid_module; ++ CONF_modules_finish; ++ OPENSSL_config; ++ CONF_modules_unload; ++ CONF_imodule_get_value; ++ CONF_module_set_usr_data; ++ CONF_parse_list; ++ CONF_module_add; ++ CONF_get1_default_config_file; ++ CONF_imodule_get_flags; ++ CONF_imodule_get_module; ++ CONF_modules_load; ++ CONF_imodule_get_name; ++ ERR_peek_top_error; ++ CONF_imodule_get_usr_data; ++ CONF_imodule_set_flags; ++ ENGINE_add_conf_module; ++ ERR_peek_last_error_line; ++ ERR_peek_last_error_line_data; ++ ERR_peek_last_error; ++ DES_read_2passwords; ++ DES_read_password; ++ UI_UTIL_read_pw; ++ UI_UTIL_read_pw_string; ++ ENGINE_load_aep; ++ ENGINE_load_sureware; ++ OPENSSL_add_all_algorithms_noconf; ++ OPENSSL_add_all_algo_noconf; ++ OPENSSL_add_all_algorithms_conf; ++ OPENSSL_add_all_algo_conf; ++ OPENSSL_load_builtin_modules; ++ AES_ofb128_encrypt; ++ AES_ctr128_encrypt; ++ AES_cfb128_encrypt; ++ ENGINE_load_4758cca; ++ _ossl_096_des_random_seed; ++ EVP_aes_256_ofb; ++ EVP_aes_192_ofb; ++ EVP_aes_128_cfb128; ++ EVP_aes_256_cfb128; ++ EVP_aes_128_ofb; ++ EVP_aes_192_cfb128; ++ CONF_modules_free; ++ NCONF_default; ++ OPENSSL_no_config; ++ NCONF_WIN32; ++ ASN1_UNIVERSALSTRING_new; ++ EVP_des_ede_ecb; ++ i2d_ASN1_UNIVERSALSTRING; ++ ASN1_UNIVERSALSTRING_free; ++ ASN1_UNIVERSALSTRING_it; ++ d2i_ASN1_UNIVERSALSTRING; ++ EVP_des_ede3_ecb; ++ X509_REQ_print_ex; ++ ENGINE_up_ref; ++ BUF_MEM_grow_clean; ++ CRYPTO_realloc_clean; ++ BUF_strlcat; ++ BIO_indent; ++ BUF_strlcpy; ++ OpenSSLDie; ++ OPENSSL_cleanse; ++ ENGINE_setup_bsd_cryptodev; ++ ERR_release_err_state_table; ++ EVP_aes_128_cfb8; ++ FIPS_corrupt_rsa; ++ FIPS_selftest_des; ++ EVP_aes_128_cfb1; ++ EVP_aes_192_cfb8; ++ FIPS_mode_set; ++ FIPS_selftest_dsa; ++ EVP_aes_256_cfb8; ++ FIPS_allow_md5; ++ DES_ede3_cfb_encrypt; ++ EVP_des_ede3_cfb8; ++ FIPS_rand_seeded; ++ AES_cfbr_encrypt_block; ++ AES_cfb8_encrypt; ++ FIPS_rand_seed; ++ FIPS_corrupt_des; ++ EVP_aes_192_cfb1; ++ FIPS_selftest_aes; ++ FIPS_set_prng_key; ++ EVP_des_cfb8; ++ FIPS_corrupt_dsa; ++ FIPS_test_mode; ++ FIPS_rand_method; ++ EVP_aes_256_cfb1; ++ ERR_load_FIPS_strings; ++ FIPS_corrupt_aes; ++ FIPS_selftest_sha1; ++ FIPS_selftest_rsa; ++ FIPS_corrupt_sha1; ++ EVP_des_cfb1; ++ FIPS_dsa_check; ++ AES_cfb1_encrypt; ++ EVP_des_ede3_cfb1; ++ FIPS_rand_check; ++ FIPS_md5_allowed; ++ FIPS_mode; ++ FIPS_selftest_failed; ++ sk_is_sorted; ++ X509_check_ca; ++ HMAC_CTX_set_flags; ++ d2i_PROXY_CERT_INFO_EXTENSION; ++ PROXY_POLICY_it; ++ i2d_PROXY_POLICY; ++ i2d_PROXY_CERT_INFO_EXTENSION; ++ d2i_PROXY_POLICY; ++ PROXY_CERT_INFO_EXTENSION_new; ++ PROXY_CERT_INFO_EXTENSION_free; ++ PROXY_CERT_INFO_EXTENSION_it; ++ PROXY_POLICY_free; ++ PROXY_POLICY_new; ++ BN_MONT_CTX_set_locked; ++ FIPS_selftest_rng; ++ EVP_sha384; ++ EVP_sha512; ++ EVP_sha224; ++ EVP_sha256; ++ FIPS_selftest_hmac; ++ FIPS_corrupt_rng; ++ BN_mod_exp_mont_consttime; ++ RSA_X931_hash_id; ++ RSA_padding_check_X931; ++ RSA_verify_PKCS1_PSS; ++ RSA_padding_add_X931; ++ RSA_padding_add_PKCS1_PSS; ++ PKCS1_MGF1; ++ BN_X931_generate_Xpq; ++ RSA_X931_generate_key; ++ BN_X931_derive_prime; ++ BN_X931_generate_prime; ++ RSA_X931_derive; ++ BIO_new_dgram; ++ BN_get0_nist_prime_384; ++ ERR_set_mark; ++ X509_STORE_CTX_set0_crls; ++ ENGINE_set_STORE; ++ ENGINE_register_ECDSA; ++ STORE_meth_set_list_start_fn; ++ STORE_method_set_list_start_function; ++ BN_BLINDING_invert_ex; ++ NAME_CONSTRAINTS_free; ++ STORE_ATTR_INFO_set_number; ++ BN_BLINDING_get_thread_id; ++ X509_STORE_CTX_set0_param; ++ POLICY_MAPPING_it; ++ STORE_parse_attrs_start; ++ POLICY_CONSTRAINTS_free; ++ EVP_PKEY_add1_attr_by_NID; ++ BN_nist_mod_192; ++ EC_GROUP_get_trinomial_basis; ++ STORE_set_method; ++ GENERAL_SUBTREE_free; ++ NAME_CONSTRAINTS_it; ++ ECDH_get_default_method; ++ PKCS12_add_safe; ++ EC_KEY_new_by_curve_name; ++ STORE_meth_get_update_store_fn; ++ STORE_method_get_update_store_function; ++ ENGINE_register_ECDH; ++ SHA512_Update; ++ i2d_ECPrivateKey; ++ BN_get0_nist_prime_192; ++ STORE_modify_certificate; ++ EC_POINT_set_affine_coordinates_GF2m; ++ EC_POINT_set_affine_coords_GF2m; ++ BN_GF2m_mod_exp_arr; ++ STORE_ATTR_INFO_modify_number; ++ X509_keyid_get0; ++ ENGINE_load_gmp; ++ pitem_new; ++ BN_GF2m_mod_mul_arr; ++ STORE_list_public_key_endp; ++ o2i_ECPublicKey; ++ EC_KEY_copy; ++ BIO_dump_fp; ++ X509_policy_node_get0_parent; ++ EC_GROUP_check_discriminant; ++ i2o_ECPublicKey; ++ EC_KEY_precompute_mult; ++ a2i_IPADDRESS; ++ STORE_meth_set_initialise_fn; ++ STORE_method_set_initialise_function; ++ X509_STORE_CTX_set_depth; ++ X509_VERIFY_PARAM_inherit; ++ EC_POINT_point2bn; ++ STORE_ATTR_INFO_set_dn; ++ X509_policy_tree_get0_policies; ++ EC_GROUP_new_curve_GF2m; ++ STORE_destroy_method; ++ ENGINE_unregister_STORE; ++ EVP_PKEY_get1_EC_KEY; ++ STORE_ATTR_INFO_get0_number; ++ ENGINE_get_default_ECDH; ++ EC_KEY_get_conv_form; ++ ASN1_OCTET_STRING_NDEF_it; ++ STORE_delete_public_key; ++ STORE_get_public_key; ++ STORE_modify_arbitrary; ++ ENGINE_get_static_state; ++ pqueue_iterator; ++ ECDSA_SIG_new; ++ OPENSSL_DIR_end; ++ BN_GF2m_mod_sqr; ++ EC_POINT_bn2point; ++ X509_VERIFY_PARAM_set_depth; ++ EC_KEY_set_asn1_flag; ++ STORE_get_method; ++ EC_KEY_get_key_method_data; ++ ECDSA_sign_ex; ++ STORE_parse_attrs_end; ++ EC_GROUP_get_point_conversion_form; ++ EC_GROUP_get_point_conv_form; ++ STORE_method_set_store_function; ++ STORE_ATTR_INFO_in; ++ PEM_read_bio_ECPKParameters; ++ EC_GROUP_get_pentanomial_basis; ++ EVP_PKEY_add1_attr_by_txt; ++ BN_BLINDING_set_flags; ++ X509_VERIFY_PARAM_set1_policies; ++ X509_VERIFY_PARAM_set1_name; ++ X509_VERIFY_PARAM_set_purpose; ++ STORE_get_number; ++ ECDSA_sign_setup; ++ BN_GF2m_mod_solve_quad_arr; ++ EC_KEY_up_ref; ++ POLICY_MAPPING_free; ++ BN_GF2m_mod_div; ++ X509_VERIFY_PARAM_set_flags; ++ EC_KEY_free; ++ STORE_meth_set_list_next_fn; ++ STORE_method_set_list_next_function; ++ PEM_write_bio_ECPrivateKey; ++ d2i_EC_PUBKEY; ++ STORE_meth_get_generate_fn; ++ STORE_method_get_generate_function; ++ STORE_meth_set_list_end_fn; ++ STORE_method_set_list_end_function; ++ pqueue_print; ++ EC_GROUP_have_precompute_mult; ++ EC_KEY_print_fp; ++ BN_GF2m_mod_arr; ++ PEM_write_bio_X509_CERT_PAIR; ++ EVP_PKEY_cmp; ++ X509_policy_level_node_count; ++ STORE_new_engine; ++ STORE_list_public_key_start; ++ X509_VERIFY_PARAM_new; ++ ECDH_get_ex_data; ++ EVP_PKEY_get_attr; ++ ECDSA_do_sign; ++ ENGINE_unregister_ECDH; ++ ECDH_OpenSSL; ++ EC_KEY_set_conv_form; ++ EC_POINT_dup; ++ GENERAL_SUBTREE_new; ++ STORE_list_crl_endp; ++ EC_get_builtin_curves; ++ X509_policy_node_get0_qualifiers; ++ X509_pcy_node_get0_qualifiers; ++ STORE_list_crl_end; ++ EVP_PKEY_set1_EC_KEY; ++ BN_GF2m_mod_sqrt_arr; ++ i2d_ECPrivateKey_bio; ++ ECPKParameters_print_fp; ++ pqueue_find; ++ ECDSA_SIG_free; ++ PEM_write_bio_ECPKParameters; ++ STORE_method_set_ctrl_function; ++ STORE_list_public_key_end; ++ EC_KEY_set_private_key; ++ pqueue_peek; ++ STORE_get_arbitrary; ++ STORE_store_crl; ++ X509_policy_node_get0_policy; ++ PKCS12_add_safes; ++ BN_BLINDING_convert_ex; ++ X509_policy_tree_free; ++ OPENSSL_ia32cap_loc; ++ BN_GF2m_poly2arr; ++ STORE_ctrl; ++ STORE_ATTR_INFO_compare; ++ BN_get0_nist_prime_224; ++ i2d_ECParameters; ++ i2d_ECPKParameters; ++ BN_GENCB_call; ++ d2i_ECPKParameters; ++ STORE_meth_set_generate_fn; ++ STORE_method_set_generate_function; ++ ENGINE_set_ECDH; ++ NAME_CONSTRAINTS_new; ++ SHA256_Init; ++ EC_KEY_get0_public_key; ++ PEM_write_bio_EC_PUBKEY; ++ STORE_ATTR_INFO_set_cstr; ++ STORE_list_crl_next; ++ STORE_ATTR_INFO_in_range; ++ ECParameters_print; ++ STORE_meth_set_delete_fn; ++ STORE_method_set_delete_function; ++ STORE_list_certificate_next; ++ ASN1_generate_nconf; ++ BUF_memdup; ++ BN_GF2m_mod_mul; ++ STORE_meth_get_list_next_fn; ++ STORE_method_get_list_next_function; ++ STORE_ATTR_INFO_get0_dn; ++ STORE_list_private_key_next; ++ EC_GROUP_set_seed; ++ X509_VERIFY_PARAM_set_trust; ++ STORE_ATTR_INFO_free; ++ STORE_get_private_key; ++ EVP_PKEY_get_attr_count; ++ STORE_ATTR_INFO_new; ++ EC_GROUP_get_curve_GF2m; ++ STORE_meth_set_revoke_fn; ++ STORE_method_set_revoke_function; ++ STORE_store_number; ++ BN_is_prime_ex; ++ STORE_revoke_public_key; ++ X509_STORE_CTX_get0_param; ++ STORE_delete_arbitrary; ++ PEM_read_X509_CERT_PAIR; ++ X509_STORE_set_depth; ++ ECDSA_get_ex_data; ++ SHA224; ++ BIO_dump_indent_fp; ++ EC_KEY_set_group; ++ BUF_strndup; ++ STORE_list_certificate_start; ++ BN_GF2m_mod; ++ X509_REQ_check_private_key; ++ EC_GROUP_get_seed_len; ++ ERR_load_STORE_strings; ++ PEM_read_bio_EC_PUBKEY; ++ STORE_list_private_key_end; ++ i2d_EC_PUBKEY; ++ ECDSA_get_default_method; ++ ASN1_put_eoc; ++ X509_STORE_CTX_get_explicit_policy; ++ X509_STORE_CTX_get_expl_policy; ++ X509_VERIFY_PARAM_table_cleanup; ++ STORE_modify_private_key; ++ X509_VERIFY_PARAM_free; ++ EC_METHOD_get_field_type; ++ EC_GFp_nist_method; ++ STORE_meth_set_modify_fn; ++ STORE_method_set_modify_function; ++ STORE_parse_attrs_next; ++ ENGINE_load_padlock; ++ EC_GROUP_set_curve_name; ++ X509_CERT_PAIR_it; ++ STORE_meth_get_revoke_fn; ++ STORE_method_get_revoke_function; ++ STORE_method_set_get_function; ++ STORE_modify_number; ++ STORE_method_get_store_function; ++ STORE_store_private_key; ++ BN_GF2m_mod_sqr_arr; ++ RSA_setup_blinding; ++ BIO_s_datagram; ++ STORE_Memory; ++ sk_find_ex; ++ EC_GROUP_set_curve_GF2m; ++ ENGINE_set_default_ECDSA; ++ POLICY_CONSTRAINTS_new; ++ BN_GF2m_mod_sqrt; ++ ECDH_set_default_method; ++ EC_KEY_generate_key; ++ SHA384_Update; ++ BN_GF2m_arr2poly; ++ STORE_method_get_get_function; ++ STORE_meth_set_cleanup_fn; ++ STORE_method_set_cleanup_function; ++ EC_GROUP_check; ++ d2i_ECPrivateKey_bio; ++ EC_KEY_insert_key_method_data; ++ STORE_meth_get_lock_store_fn; ++ STORE_method_get_lock_store_function; ++ X509_VERIFY_PARAM_get_depth; ++ SHA224_Final; ++ STORE_meth_set_update_store_fn; ++ STORE_method_set_update_store_function; ++ SHA224_Update; ++ d2i_ECPrivateKey; ++ ASN1_item_ndef_i2d; ++ STORE_delete_private_key; ++ ERR_pop_to_mark; ++ ENGINE_register_all_STORE; ++ X509_policy_level_get0_node; ++ i2d_PKCS7_NDEF; ++ EC_GROUP_get_degree; ++ ASN1_generate_v3; ++ STORE_ATTR_INFO_modify_cstr; ++ X509_policy_tree_level_count; ++ BN_GF2m_add; ++ EC_KEY_get0_group; ++ STORE_generate_crl; ++ STORE_store_public_key; ++ X509_CERT_PAIR_free; ++ STORE_revoke_private_key; ++ BN_nist_mod_224; ++ SHA512_Final; ++ STORE_ATTR_INFO_modify_dn; ++ STORE_meth_get_initialise_fn; ++ STORE_method_get_initialise_function; ++ STORE_delete_number; ++ i2d_EC_PUBKEY_bio; ++ BIO_dgram_non_fatal_error; ++ EC_GROUP_get_asn1_flag; ++ STORE_ATTR_INFO_in_ex; ++ STORE_list_crl_start; ++ ECDH_get_ex_new_index; ++ STORE_meth_get_modify_fn; ++ STORE_method_get_modify_function; ++ v2i_ASN1_BIT_STRING; ++ STORE_store_certificate; ++ OBJ_bsearch_ex; ++ X509_STORE_CTX_set_default; ++ STORE_ATTR_INFO_set_sha1str; ++ BN_GF2m_mod_inv; ++ BN_GF2m_mod_exp; ++ STORE_modify_public_key; ++ STORE_meth_get_list_start_fn; ++ STORE_method_get_list_start_function; ++ EC_GROUP_get0_seed; ++ STORE_store_arbitrary; ++ STORE_meth_set_unlock_store_fn; ++ STORE_method_set_unlock_store_function; ++ BN_GF2m_mod_div_arr; ++ ENGINE_set_ECDSA; ++ STORE_create_method; ++ ECPKParameters_print; ++ EC_KEY_get0_private_key; ++ PEM_write_EC_PUBKEY; ++ X509_VERIFY_PARAM_set1; ++ ECDH_set_method; ++ v2i_GENERAL_NAME_ex; ++ ECDH_set_ex_data; ++ STORE_generate_key; ++ BN_nist_mod_521; ++ X509_policy_tree_get0_level; ++ EC_GROUP_set_point_conversion_form; ++ EC_GROUP_set_point_conv_form; ++ PEM_read_EC_PUBKEY; ++ i2d_ECDSA_SIG; ++ ECDSA_OpenSSL; ++ STORE_delete_crl; ++ EC_KEY_get_enc_flags; ++ ASN1_const_check_infinite_end; ++ EVP_PKEY_delete_attr; ++ ECDSA_set_default_method; ++ EC_POINT_set_compressed_coordinates_GF2m; ++ EC_POINT_set_compr_coords_GF2m; ++ EC_GROUP_cmp; ++ STORE_revoke_certificate; ++ BN_get0_nist_prime_256; ++ STORE_meth_get_delete_fn; ++ STORE_method_get_delete_function; ++ SHA224_Init; ++ PEM_read_ECPrivateKey; ++ SHA512_Init; ++ STORE_parse_attrs_endp; ++ BN_set_negative; ++ ERR_load_ECDSA_strings; ++ EC_GROUP_get_basis_type; ++ STORE_list_public_key_next; ++ i2v_ASN1_BIT_STRING; ++ STORE_OBJECT_free; ++ BN_nist_mod_384; ++ i2d_X509_CERT_PAIR; ++ PEM_write_ECPKParameters; ++ ECDH_compute_key; ++ STORE_ATTR_INFO_get0_sha1str; ++ ENGINE_register_all_ECDH; ++ pqueue_pop; ++ STORE_ATTR_INFO_get0_cstr; ++ POLICY_CONSTRAINTS_it; ++ STORE_get_ex_new_index; ++ EVP_PKEY_get_attr_by_OBJ; ++ X509_VERIFY_PARAM_add0_policy; ++ BN_GF2m_mod_solve_quad; ++ SHA256; ++ i2d_ECPrivateKey_fp; ++ X509_policy_tree_get0_user_policies; ++ X509_pcy_tree_get0_usr_policies; ++ OPENSSL_DIR_read; ++ ENGINE_register_all_ECDSA; ++ X509_VERIFY_PARAM_lookup; ++ EC_POINT_get_affine_coordinates_GF2m; ++ EC_POINT_get_affine_coords_GF2m; ++ EC_GROUP_dup; ++ ENGINE_get_default_ECDSA; ++ EC_KEY_new; ++ SHA256_Transform; ++ EC_KEY_set_enc_flags; ++ ECDSA_verify; ++ EC_POINT_point2hex; ++ ENGINE_get_STORE; ++ SHA512; ++ STORE_get_certificate; ++ ECDSA_do_sign_ex; ++ ECDSA_do_verify; ++ d2i_ECPrivateKey_fp; ++ STORE_delete_certificate; ++ SHA512_Transform; ++ X509_STORE_set1_param; ++ STORE_method_get_ctrl_function; ++ STORE_free; ++ PEM_write_ECPrivateKey; ++ STORE_meth_get_unlock_store_fn; ++ STORE_method_get_unlock_store_function; ++ STORE_get_ex_data; ++ EC_KEY_set_public_key; ++ PEM_read_ECPKParameters; ++ X509_CERT_PAIR_new; ++ ENGINE_register_STORE; ++ RSA_generate_key_ex; ++ DSA_generate_parameters_ex; ++ ECParameters_print_fp; ++ X509V3_NAME_from_section; ++ EVP_PKEY_add1_attr; ++ STORE_modify_crl; ++ STORE_list_private_key_start; ++ POLICY_MAPPINGS_it; ++ GENERAL_SUBTREE_it; ++ EC_GROUP_get_curve_name; ++ PEM_write_X509_CERT_PAIR; ++ BIO_dump_indent_cb; ++ d2i_X509_CERT_PAIR; ++ STORE_list_private_key_endp; ++ asn1_const_Finish; ++ i2d_EC_PUBKEY_fp; ++ BN_nist_mod_256; ++ X509_VERIFY_PARAM_add0_table; ++ pqueue_free; ++ BN_BLINDING_create_param; ++ ECDSA_size; ++ d2i_EC_PUBKEY_bio; ++ BN_get0_nist_prime_521; ++ STORE_ATTR_INFO_modify_sha1str; ++ BN_generate_prime_ex; ++ EC_GROUP_new_by_curve_name; ++ SHA256_Final; ++ DH_generate_parameters_ex; ++ PEM_read_bio_ECPrivateKey; ++ STORE_meth_get_cleanup_fn; ++ STORE_method_get_cleanup_function; ++ ENGINE_get_ECDH; ++ d2i_ECDSA_SIG; ++ BN_is_prime_fasttest_ex; ++ ECDSA_sign; ++ X509_policy_check; ++ EVP_PKEY_get_attr_by_NID; ++ STORE_set_ex_data; ++ ENGINE_get_ECDSA; ++ EVP_ecdsa; ++ BN_BLINDING_get_flags; ++ PKCS12_add_cert; ++ STORE_OBJECT_new; ++ ERR_load_ECDH_strings; ++ EC_KEY_dup; ++ EVP_CIPHER_CTX_rand_key; ++ ECDSA_set_method; ++ a2i_IPADDRESS_NC; ++ d2i_ECParameters; ++ STORE_list_certificate_end; ++ STORE_get_crl; ++ X509_POLICY_NODE_print; ++ SHA384_Init; ++ EC_GF2m_simple_method; ++ ECDSA_set_ex_data; ++ SHA384_Final; ++ PKCS7_set_digest; ++ EC_KEY_print; ++ STORE_meth_set_lock_store_fn; ++ STORE_method_set_lock_store_function; ++ ECDSA_get_ex_new_index; ++ SHA384; ++ POLICY_MAPPING_new; ++ STORE_list_certificate_endp; ++ X509_STORE_CTX_get0_policy_tree; ++ EC_GROUP_set_asn1_flag; ++ EC_KEY_check_key; ++ d2i_EC_PUBKEY_fp; ++ PKCS7_set0_type_other; ++ PEM_read_bio_X509_CERT_PAIR; ++ pqueue_next; ++ STORE_meth_get_list_end_fn; ++ STORE_method_get_list_end_function; ++ EVP_PKEY_add1_attr_by_OBJ; ++ X509_VERIFY_PARAM_set_time; ++ pqueue_new; ++ ENGINE_set_default_ECDH; ++ STORE_new_method; ++ PKCS12_add_key; ++ DSO_merge; ++ EC_POINT_hex2point; ++ BIO_dump_cb; ++ SHA256_Update; ++ pqueue_insert; ++ pitem_free; ++ BN_GF2m_mod_inv_arr; ++ ENGINE_unregister_ECDSA; ++ BN_BLINDING_set_thread_id; ++ get_rfc3526_prime_8192; ++ X509_VERIFY_PARAM_clear_flags; ++ get_rfc2409_prime_1024; ++ DH_check_pub_key; ++ get_rfc3526_prime_2048; ++ get_rfc3526_prime_6144; ++ get_rfc3526_prime_1536; ++ get_rfc3526_prime_3072; ++ get_rfc3526_prime_4096; ++ get_rfc2409_prime_768; ++ X509_VERIFY_PARAM_get_flags; ++ EVP_CIPHER_CTX_new; ++ EVP_CIPHER_CTX_free; ++ Camellia_cbc_encrypt; ++ Camellia_cfb128_encrypt; ++ Camellia_cfb1_encrypt; ++ Camellia_cfb8_encrypt; ++ Camellia_ctr128_encrypt; ++ Camellia_cfbr_encrypt_block; ++ Camellia_decrypt; ++ Camellia_ecb_encrypt; ++ Camellia_encrypt; ++ Camellia_ofb128_encrypt; ++ Camellia_set_key; ++ EVP_camellia_128_cbc; ++ EVP_camellia_128_cfb128; ++ EVP_camellia_128_cfb1; ++ EVP_camellia_128_cfb8; ++ EVP_camellia_128_ecb; ++ EVP_camellia_128_ofb; ++ EVP_camellia_192_cbc; ++ EVP_camellia_192_cfb128; ++ EVP_camellia_192_cfb1; ++ EVP_camellia_192_cfb8; ++ EVP_camellia_192_ecb; ++ EVP_camellia_192_ofb; ++ EVP_camellia_256_cbc; ++ EVP_camellia_256_cfb128; ++ EVP_camellia_256_cfb1; ++ EVP_camellia_256_cfb8; ++ EVP_camellia_256_ecb; ++ EVP_camellia_256_ofb; ++ a2i_ipadd; ++ ASIdentifiers_free; ++ i2d_ASIdOrRange; ++ EVP_CIPHER_block_size; ++ v3_asid_is_canonical; ++ IPAddressChoice_free; ++ EVP_CIPHER_CTX_set_app_data; ++ BIO_set_callback_arg; ++ v3_addr_add_prefix; ++ IPAddressOrRange_it; ++ BIO_set_flags; ++ ASIdentifiers_it; ++ v3_addr_get_range; ++ BIO_method_type; ++ v3_addr_inherits; ++ IPAddressChoice_it; ++ AES_ige_encrypt; ++ v3_addr_add_range; ++ EVP_CIPHER_CTX_nid; ++ d2i_ASRange; ++ v3_addr_add_inherit; ++ v3_asid_add_id_or_range; ++ v3_addr_validate_resource_set; ++ EVP_CIPHER_iv_length; ++ EVP_MD_type; ++ v3_asid_canonize; ++ IPAddressRange_free; ++ v3_asid_add_inherit; ++ EVP_CIPHER_CTX_key_length; ++ IPAddressRange_new; ++ ASIdOrRange_new; ++ EVP_MD_size; ++ EVP_MD_CTX_test_flags; ++ BIO_clear_flags; ++ i2d_ASRange; ++ IPAddressRange_it; ++ IPAddressChoice_new; ++ ASIdentifierChoice_new; ++ ASRange_free; ++ EVP_MD_pkey_type; ++ EVP_MD_CTX_clear_flags; ++ IPAddressFamily_free; ++ i2d_IPAddressFamily; ++ IPAddressOrRange_new; ++ EVP_CIPHER_flags; ++ v3_asid_validate_resource_set; ++ d2i_IPAddressRange; ++ AES_bi_ige_encrypt; ++ BIO_get_callback; ++ IPAddressOrRange_free; ++ v3_addr_subset; ++ d2i_IPAddressFamily; ++ v3_asid_subset; ++ BIO_test_flags; ++ i2d_ASIdentifierChoice; ++ ASRange_it; ++ d2i_ASIdentifiers; ++ ASRange_new; ++ d2i_IPAddressChoice; ++ v3_addr_get_afi; ++ EVP_CIPHER_key_length; ++ EVP_Cipher; ++ i2d_IPAddressOrRange; ++ ASIdOrRange_it; ++ EVP_CIPHER_nid; ++ i2d_IPAddressChoice; ++ EVP_CIPHER_CTX_block_size; ++ ASIdentifiers_new; ++ v3_addr_validate_path; ++ IPAddressFamily_new; ++ EVP_MD_CTX_set_flags; ++ v3_addr_is_canonical; ++ i2d_IPAddressRange; ++ IPAddressFamily_it; ++ v3_asid_inherits; ++ EVP_CIPHER_CTX_cipher; ++ EVP_CIPHER_CTX_get_app_data; ++ EVP_MD_block_size; ++ EVP_CIPHER_CTX_flags; ++ v3_asid_validate_path; ++ d2i_IPAddressOrRange; ++ v3_addr_canonize; ++ ASIdentifierChoice_it; ++ EVP_MD_CTX_md; ++ d2i_ASIdentifierChoice; ++ BIO_method_name; ++ EVP_CIPHER_CTX_iv_length; ++ ASIdOrRange_free; ++ ASIdentifierChoice_free; ++ BIO_get_callback_arg; ++ BIO_set_callback; ++ d2i_ASIdOrRange; ++ i2d_ASIdentifiers; ++ SEED_decrypt; ++ SEED_encrypt; ++ SEED_cbc_encrypt; ++ EVP_seed_ofb; ++ SEED_cfb128_encrypt; ++ SEED_ofb128_encrypt; ++ EVP_seed_cbc; ++ SEED_ecb_encrypt; ++ EVP_seed_ecb; ++ SEED_set_key; ++ EVP_seed_cfb128; ++ X509_EXTENSIONS_it; ++ X509_get1_ocsp; ++ OCSP_REQ_CTX_free; ++ i2d_X509_EXTENSIONS; ++ OCSP_sendreq_nbio; ++ OCSP_sendreq_new; ++ d2i_X509_EXTENSIONS; ++ X509_ALGORS_it; ++ X509_ALGOR_get0; ++ X509_ALGOR_set0; ++ AES_unwrap_key; ++ AES_wrap_key; ++ X509at_get0_data_by_OBJ; ++ ASN1_TYPE_set1; ++ ASN1_STRING_set0; ++ i2d_X509_ALGORS; ++ BIO_f_zlib; ++ COMP_zlib_cleanup; ++ d2i_X509_ALGORS; ++ CMS_ReceiptRequest_free; ++ PEM_write_CMS; ++ CMS_add0_CertificateChoices; ++ CMS_unsigned_add1_attr_by_OBJ; ++ ERR_load_CMS_strings; ++ CMS_sign_receipt; ++ i2d_CMS_ContentInfo; ++ CMS_signed_delete_attr; ++ d2i_CMS_bio; ++ CMS_unsigned_get_attr_by_NID; ++ CMS_verify; ++ SMIME_read_CMS; ++ CMS_decrypt_set1_key; ++ CMS_SignerInfo_get0_algs; ++ CMS_add1_cert; ++ CMS_set_detached; ++ CMS_encrypt; ++ CMS_EnvelopedData_create; ++ CMS_uncompress; ++ CMS_add0_crl; ++ CMS_SignerInfo_verify_content; ++ CMS_unsigned_get0_data_by_OBJ; ++ PEM_write_bio_CMS; ++ CMS_unsigned_get_attr; ++ CMS_RecipientInfo_ktri_cert_cmp; ++ CMS_RecipientInfo_ktri_get0_algs; ++ CMS_RecipInfo_ktri_get0_algs; ++ CMS_ContentInfo_free; ++ CMS_final; ++ CMS_add_simple_smimecap; ++ CMS_SignerInfo_verify; ++ CMS_data; ++ CMS_ContentInfo_it; ++ d2i_CMS_ReceiptRequest; ++ CMS_compress; ++ CMS_digest_create; ++ CMS_SignerInfo_cert_cmp; ++ CMS_SignerInfo_sign; ++ CMS_data_create; ++ i2d_CMS_bio; ++ CMS_EncryptedData_set1_key; ++ CMS_decrypt; ++ int_smime_write_ASN1; ++ CMS_unsigned_delete_attr; ++ CMS_unsigned_get_attr_count; ++ CMS_add_smimecap; ++ PEM_read_CMS; ++ CMS_signed_get_attr_by_OBJ; ++ d2i_CMS_ContentInfo; ++ CMS_add_standard_smimecap; ++ CMS_ContentInfo_new; ++ CMS_RecipientInfo_type; ++ CMS_get0_type; ++ CMS_is_detached; ++ CMS_sign; ++ CMS_signed_add1_attr; ++ CMS_unsigned_get_attr_by_OBJ; ++ SMIME_write_CMS; ++ CMS_EncryptedData_decrypt; ++ CMS_get0_RecipientInfos; ++ CMS_add0_RevocationInfoChoice; ++ CMS_decrypt_set1_pkey; ++ CMS_SignerInfo_set1_signer_cert; ++ CMS_get0_signers; ++ CMS_ReceiptRequest_get0_values; ++ CMS_signed_get0_data_by_OBJ; ++ CMS_get0_SignerInfos; ++ CMS_add0_cert; ++ CMS_EncryptedData_encrypt; ++ CMS_digest_verify; ++ CMS_set1_signers_certs; ++ CMS_signed_get_attr; ++ CMS_RecipientInfo_set0_key; ++ CMS_SignedData_init; ++ CMS_RecipientInfo_kekri_get0_id; ++ CMS_verify_receipt; ++ CMS_ReceiptRequest_it; ++ PEM_read_bio_CMS; ++ CMS_get1_crls; ++ CMS_add0_recipient_key; ++ SMIME_read_ASN1; ++ CMS_ReceiptRequest_new; ++ CMS_get0_content; ++ CMS_get1_ReceiptRequest; ++ CMS_signed_add1_attr_by_OBJ; ++ CMS_RecipientInfo_kekri_id_cmp; ++ CMS_add1_ReceiptRequest; ++ CMS_SignerInfo_get0_signer_id; ++ CMS_unsigned_add1_attr_by_NID; ++ CMS_unsigned_add1_attr; ++ CMS_signed_get_attr_by_NID; ++ CMS_get1_certs; ++ CMS_signed_add1_attr_by_NID; ++ CMS_unsigned_add1_attr_by_txt; ++ CMS_dataFinal; ++ CMS_RecipientInfo_ktri_get0_signer_id; ++ CMS_RecipInfo_ktri_get0_sigr_id; ++ i2d_CMS_ReceiptRequest; ++ CMS_add1_recipient_cert; ++ CMS_dataInit; ++ CMS_signed_add1_attr_by_txt; ++ CMS_RecipientInfo_decrypt; ++ CMS_signed_get_attr_count; ++ CMS_get0_eContentType; ++ CMS_set1_eContentType; ++ CMS_ReceiptRequest_create0; ++ CMS_add1_signer; ++ CMS_RecipientInfo_set0_pkey; ++ ENGINE_set_load_ssl_client_cert_function; ++ ENGINE_set_ld_ssl_clnt_cert_fn; ++ ENGINE_get_ssl_client_cert_function; ++ ENGINE_get_ssl_client_cert_fn; ++ ENGINE_load_ssl_client_cert; ++ ENGINE_load_capi; ++ OPENSSL_isservice; ++ FIPS_dsa_sig_decode; ++ EVP_CIPHER_CTX_clear_flags; ++ FIPS_rand_status; ++ FIPS_rand_set_key; ++ CRYPTO_set_mem_info_functions; ++ RSA_X931_generate_key_ex; ++ int_ERR_set_state_func; ++ int_EVP_MD_set_engine_callbacks; ++ int_CRYPTO_set_do_dynlock_callback; ++ FIPS_rng_stick; ++ EVP_CIPHER_CTX_set_flags; ++ BN_X931_generate_prime_ex; ++ FIPS_selftest_check; ++ FIPS_rand_set_dt; ++ CRYPTO_dbg_pop_info; ++ FIPS_dsa_free; ++ RSA_X931_derive_ex; ++ FIPS_rsa_new; ++ FIPS_rand_bytes; ++ fips_cipher_test; ++ EVP_CIPHER_CTX_test_flags; ++ CRYPTO_malloc_debug_init; ++ CRYPTO_dbg_push_info; ++ FIPS_corrupt_rsa_keygen; ++ FIPS_dh_new; ++ FIPS_corrupt_dsa_keygen; ++ FIPS_dh_free; ++ fips_pkey_signature_test; ++ EVP_add_alg_module; ++ int_RAND_init_engine_callbacks; ++ int_EVP_CIPHER_set_engine_callbacks; ++ int_EVP_MD_init_engine_callbacks; ++ FIPS_rand_test_mode; ++ FIPS_rand_reset; ++ FIPS_dsa_new; ++ int_RAND_set_callbacks; ++ BN_X931_derive_prime_ex; ++ int_ERR_lib_init; ++ int_EVP_CIPHER_init_engine_callbacks; ++ FIPS_rsa_free; ++ FIPS_dsa_sig_encode; ++ CRYPTO_dbg_remove_all_info; ++ OPENSSL_init; ++ CRYPTO_strdup; ++ JPAKE_STEP3A_process; ++ JPAKE_STEP1_release; ++ JPAKE_get_shared_key; ++ JPAKE_STEP3B_init; ++ JPAKE_STEP1_generate; ++ JPAKE_STEP1_init; ++ JPAKE_STEP3B_process; ++ JPAKE_STEP2_generate; ++ JPAKE_CTX_new; ++ JPAKE_CTX_free; ++ JPAKE_STEP3B_release; ++ JPAKE_STEP3A_release; ++ JPAKE_STEP2_process; ++ JPAKE_STEP3B_generate; ++ JPAKE_STEP1_process; ++ JPAKE_STEP3A_generate; ++ JPAKE_STEP2_release; ++ JPAKE_STEP3A_init; ++ ERR_load_JPAKE_strings; ++ JPAKE_STEP2_init; ++ pqueue_size; ++ i2d_TS_ACCURACY; ++ i2d_TS_MSG_IMPRINT_fp; ++ i2d_TS_MSG_IMPRINT; ++ EVP_PKEY_print_public; ++ EVP_PKEY_CTX_new; ++ i2d_TS_TST_INFO; ++ EVP_PKEY_asn1_find; ++ DSO_METHOD_beos; ++ TS_CONF_load_cert; ++ TS_REQ_get_ext; ++ EVP_PKEY_sign_init; ++ ASN1_item_print; ++ TS_TST_INFO_set_nonce; ++ TS_RESP_dup; ++ ENGINE_register_pkey_meths; ++ EVP_PKEY_asn1_add0; ++ PKCS7_add0_attrib_signing_time; ++ i2d_TS_TST_INFO_fp; ++ BIO_asn1_get_prefix; ++ TS_TST_INFO_set_time; ++ EVP_PKEY_meth_set_decrypt; ++ EVP_PKEY_set_type_str; ++ EVP_PKEY_CTX_get_keygen_info; ++ TS_REQ_set_policy_id; ++ d2i_TS_RESP_fp; ++ ENGINE_get_pkey_asn1_meth_engine; ++ ENGINE_get_pkey_asn1_meth_eng; ++ WHIRLPOOL_Init; ++ TS_RESP_set_status_info; ++ EVP_PKEY_keygen; ++ EVP_DigestSignInit; ++ TS_ACCURACY_set_millis; ++ TS_REQ_dup; ++ GENERAL_NAME_dup; ++ ASN1_SEQUENCE_ANY_it; ++ WHIRLPOOL; ++ X509_STORE_get1_crls; ++ ENGINE_get_pkey_asn1_meth; ++ EVP_PKEY_asn1_new; ++ BIO_new_NDEF; ++ ENGINE_get_pkey_meth; ++ TS_MSG_IMPRINT_set_algo; ++ i2d_TS_TST_INFO_bio; ++ TS_TST_INFO_set_ordering; ++ TS_TST_INFO_get_ext_by_OBJ; ++ CRYPTO_THREADID_set_pointer; ++ TS_CONF_get_tsa_section; ++ SMIME_write_ASN1; ++ TS_RESP_CTX_set_signer_key; ++ EVP_PKEY_encrypt_old; ++ EVP_PKEY_encrypt_init; ++ CRYPTO_THREADID_cpy; ++ ASN1_PCTX_get_cert_flags; ++ i2d_ESS_SIGNING_CERT; ++ TS_CONF_load_key; ++ i2d_ASN1_SEQUENCE_ANY; ++ d2i_TS_MSG_IMPRINT_bio; ++ EVP_PKEY_asn1_set_public; ++ b2i_PublicKey_bio; ++ BIO_asn1_set_prefix; ++ EVP_PKEY_new_mac_key; ++ BIO_new_CMS; ++ CRYPTO_THREADID_cmp; ++ TS_REQ_ext_free; ++ EVP_PKEY_asn1_set_free; ++ EVP_PKEY_get0_asn1; ++ d2i_NETSCAPE_X509; ++ EVP_PKEY_verify_recover_init; ++ EVP_PKEY_CTX_set_data; ++ EVP_PKEY_keygen_init; ++ TS_RESP_CTX_set_status_info; ++ TS_MSG_IMPRINT_get_algo; ++ TS_REQ_print_bio; ++ EVP_PKEY_CTX_ctrl_str; ++ EVP_PKEY_get_default_digest_nid; ++ PEM_write_bio_PKCS7_stream; ++ TS_MSG_IMPRINT_print_bio; ++ BN_asc2bn; ++ TS_REQ_get_policy_id; ++ ENGINE_set_default_pkey_asn1_meths; ++ ENGINE_set_def_pkey_asn1_meths; ++ d2i_TS_ACCURACY; ++ DSO_global_lookup; ++ TS_CONF_set_tsa_name; ++ i2d_ASN1_SET_ANY; ++ ENGINE_load_gost; ++ WHIRLPOOL_BitUpdate; ++ ASN1_PCTX_get_flags; ++ TS_TST_INFO_get_ext_by_NID; ++ TS_RESP_new; ++ ESS_CERT_ID_dup; ++ TS_STATUS_INFO_dup; ++ TS_REQ_delete_ext; ++ EVP_DigestVerifyFinal; ++ EVP_PKEY_print_params; ++ i2d_CMS_bio_stream; ++ TS_REQ_get_msg_imprint; ++ OBJ_find_sigid_by_algs; ++ TS_TST_INFO_get_serial; ++ TS_REQ_get_nonce; ++ X509_PUBKEY_set0_param; ++ EVP_PKEY_CTX_set0_keygen_info; ++ DIST_POINT_set_dpname; ++ i2d_ISSUING_DIST_POINT; ++ ASN1_SET_ANY_it; ++ EVP_PKEY_CTX_get_data; ++ TS_STATUS_INFO_print_bio; ++ EVP_PKEY_derive_init; ++ d2i_TS_TST_INFO; ++ EVP_PKEY_asn1_add_alias; ++ d2i_TS_RESP_bio; ++ OTHERNAME_cmp; ++ GENERAL_NAME_set0_value; ++ PKCS7_RECIP_INFO_get0_alg; ++ TS_RESP_CTX_new; ++ TS_RESP_set_tst_info; ++ PKCS7_final; ++ EVP_PKEY_base_id; ++ TS_RESP_CTX_set_signer_cert; ++ TS_REQ_set_msg_imprint; ++ EVP_PKEY_CTX_ctrl; ++ TS_CONF_set_digests; ++ d2i_TS_MSG_IMPRINT; ++ EVP_PKEY_meth_set_ctrl; ++ TS_REQ_get_ext_by_NID; ++ PKCS5_pbe_set0_algor; ++ BN_BLINDING_thread_id; ++ TS_ACCURACY_new; ++ X509_CRL_METHOD_free; ++ ASN1_PCTX_get_nm_flags; ++ EVP_PKEY_meth_set_sign; ++ CRYPTO_THREADID_current; ++ EVP_PKEY_decrypt_init; ++ NETSCAPE_X509_free; ++ i2b_PVK_bio; ++ EVP_PKEY_print_private; ++ GENERAL_NAME_get0_value; ++ b2i_PVK_bio; ++ ASN1_UTCTIME_adj; ++ TS_TST_INFO_new; ++ EVP_MD_do_all_sorted; ++ TS_CONF_set_default_engine; ++ TS_ACCURACY_set_seconds; ++ TS_TST_INFO_get_time; ++ PKCS8_pkey_get0; ++ EVP_PKEY_asn1_get0; ++ OBJ_add_sigid; ++ PKCS7_SIGNER_INFO_sign; ++ EVP_PKEY_paramgen_init; ++ EVP_PKEY_sign; ++ OBJ_sigid_free; ++ EVP_PKEY_meth_set_init; ++ d2i_ESS_ISSUER_SERIAL; ++ ISSUING_DIST_POINT_new; ++ ASN1_TIME_adj; ++ TS_OBJ_print_bio; ++ EVP_PKEY_meth_set_verify_recover; ++ EVP_PKEY_meth_set_vrfy_recover; ++ TS_RESP_get_status_info; ++ CMS_stream; ++ EVP_PKEY_CTX_set_cb; ++ PKCS7_to_TS_TST_INFO; ++ ASN1_PCTX_get_oid_flags; ++ TS_TST_INFO_add_ext; ++ EVP_PKEY_meth_set_derive; ++ i2d_TS_RESP_fp; ++ i2d_TS_MSG_IMPRINT_bio; ++ TS_RESP_CTX_set_accuracy; ++ TS_REQ_set_nonce; ++ ESS_CERT_ID_new; ++ ENGINE_pkey_asn1_find_str; ++ TS_REQ_get_ext_count; ++ BUF_reverse; ++ TS_TST_INFO_print_bio; ++ d2i_ISSUING_DIST_POINT; ++ ENGINE_get_pkey_meths; ++ i2b_PrivateKey_bio; ++ i2d_TS_RESP; ++ b2i_PublicKey; ++ TS_VERIFY_CTX_cleanup; ++ TS_STATUS_INFO_free; ++ TS_RESP_verify_token; ++ OBJ_bsearch_ex_; ++ ASN1_bn_print; ++ EVP_PKEY_asn1_get_count; ++ ENGINE_register_pkey_asn1_meths; ++ ASN1_PCTX_set_nm_flags; ++ EVP_DigestVerifyInit; ++ ENGINE_set_default_pkey_meths; ++ TS_TST_INFO_get_policy_id; ++ TS_REQ_get_cert_req; ++ X509_CRL_set_meth_data; ++ PKCS8_pkey_set0; ++ ASN1_STRING_copy; ++ d2i_TS_TST_INFO_fp; ++ X509_CRL_match; ++ EVP_PKEY_asn1_set_private; ++ TS_TST_INFO_get_ext_d2i; ++ TS_RESP_CTX_add_policy; ++ d2i_TS_RESP; ++ TS_CONF_load_certs; ++ TS_TST_INFO_get_msg_imprint; ++ ERR_load_TS_strings; ++ TS_TST_INFO_get_version; ++ EVP_PKEY_CTX_dup; ++ EVP_PKEY_meth_set_verify; ++ i2b_PublicKey_bio; ++ TS_CONF_set_certs; ++ EVP_PKEY_asn1_get0_info; ++ TS_VERIFY_CTX_free; ++ TS_REQ_get_ext_by_critical; ++ TS_RESP_CTX_set_serial_cb; ++ X509_CRL_get_meth_data; ++ TS_RESP_CTX_set_time_cb; ++ TS_MSG_IMPRINT_get_msg; ++ TS_TST_INFO_ext_free; ++ TS_REQ_get_version; ++ TS_REQ_add_ext; ++ EVP_PKEY_CTX_set_app_data; ++ OBJ_bsearch_; ++ EVP_PKEY_meth_set_verifyctx; ++ i2d_PKCS7_bio_stream; ++ CRYPTO_THREADID_set_numeric; ++ PKCS7_sign_add_signer; ++ d2i_TS_TST_INFO_bio; ++ TS_TST_INFO_get_ordering; ++ TS_RESP_print_bio; ++ TS_TST_INFO_get_exts; ++ HMAC_CTX_copy; ++ PKCS5_pbe2_set_iv; ++ ENGINE_get_pkey_asn1_meths; ++ b2i_PrivateKey; ++ EVP_PKEY_CTX_get_app_data; ++ TS_REQ_set_cert_req; ++ CRYPTO_THREADID_set_callback; ++ TS_CONF_set_serial; ++ TS_TST_INFO_free; ++ d2i_TS_REQ_fp; ++ TS_RESP_verify_response; ++ i2d_ESS_ISSUER_SERIAL; ++ TS_ACCURACY_get_seconds; ++ EVP_CIPHER_do_all; ++ b2i_PrivateKey_bio; ++ OCSP_CERTID_dup; ++ X509_PUBKEY_get0_param; ++ TS_MSG_IMPRINT_dup; ++ PKCS7_print_ctx; ++ i2d_TS_REQ_bio; ++ EVP_whirlpool; ++ EVP_PKEY_asn1_set_param; ++ EVP_PKEY_meth_set_encrypt; ++ ASN1_PCTX_set_flags; ++ i2d_ESS_CERT_ID; ++ TS_VERIFY_CTX_new; ++ TS_RESP_CTX_set_extension_cb; ++ ENGINE_register_all_pkey_meths; ++ TS_RESP_CTX_set_status_info_cond; ++ TS_RESP_CTX_set_stat_info_cond; ++ EVP_PKEY_verify; ++ WHIRLPOOL_Final; ++ X509_CRL_METHOD_new; ++ EVP_DigestSignFinal; ++ TS_RESP_CTX_set_def_policy; ++ NETSCAPE_X509_it; ++ TS_RESP_create_response; ++ PKCS7_SIGNER_INFO_get0_algs; ++ TS_TST_INFO_get_nonce; ++ EVP_PKEY_decrypt_old; ++ TS_TST_INFO_set_policy_id; ++ TS_CONF_set_ess_cert_id_chain; ++ EVP_PKEY_CTX_get0_pkey; ++ d2i_TS_REQ; ++ EVP_PKEY_asn1_find_str; ++ BIO_f_asn1; ++ ESS_SIGNING_CERT_new; ++ EVP_PBE_find; ++ X509_CRL_get0_by_cert; ++ EVP_PKEY_derive; ++ i2d_TS_REQ; ++ TS_TST_INFO_delete_ext; ++ ESS_ISSUER_SERIAL_free; ++ ASN1_PCTX_set_str_flags; ++ ENGINE_get_pkey_asn1_meth_str; ++ TS_CONF_set_signer_key; ++ TS_ACCURACY_get_millis; ++ TS_RESP_get_token; ++ TS_ACCURACY_dup; ++ ENGINE_register_all_pkey_asn1_meths; ++ ENGINE_reg_all_pkey_asn1_meths; ++ X509_CRL_set_default_method; ++ CRYPTO_THREADID_hash; ++ CMS_ContentInfo_print_ctx; ++ TS_RESP_free; ++ ISSUING_DIST_POINT_free; ++ ESS_ISSUER_SERIAL_new; ++ CMS_add1_crl; ++ PKCS7_add1_attrib_digest; ++ TS_RESP_CTX_add_md; ++ TS_TST_INFO_dup; ++ ENGINE_set_pkey_asn1_meths; ++ PEM_write_bio_Parameters; ++ TS_TST_INFO_get_accuracy; ++ X509_CRL_get0_by_serial; ++ TS_TST_INFO_set_version; ++ TS_RESP_CTX_get_tst_info; ++ TS_RESP_verify_signature; ++ CRYPTO_THREADID_get_callback; ++ TS_TST_INFO_get_tsa; ++ TS_STATUS_INFO_new; ++ EVP_PKEY_CTX_get_cb; ++ TS_REQ_get_ext_d2i; ++ GENERAL_NAME_set0_othername; ++ TS_TST_INFO_get_ext_count; ++ TS_RESP_CTX_get_request; ++ i2d_NETSCAPE_X509; ++ ENGINE_get_pkey_meth_engine; ++ EVP_PKEY_meth_set_signctx; ++ EVP_PKEY_asn1_copy; ++ ASN1_TYPE_cmp; ++ EVP_CIPHER_do_all_sorted; ++ EVP_PKEY_CTX_free; ++ ISSUING_DIST_POINT_it; ++ d2i_TS_MSG_IMPRINT_fp; ++ X509_STORE_get1_certs; ++ EVP_PKEY_CTX_get_operation; ++ d2i_ESS_SIGNING_CERT; ++ TS_CONF_set_ordering; ++ EVP_PBE_alg_add_type; ++ TS_REQ_set_version; ++ EVP_PKEY_get0; ++ BIO_asn1_set_suffix; ++ i2d_TS_STATUS_INFO; ++ EVP_MD_do_all; ++ TS_TST_INFO_set_accuracy; ++ PKCS7_add_attrib_content_type; ++ ERR_remove_thread_state; ++ EVP_PKEY_meth_add0; ++ TS_TST_INFO_set_tsa; ++ EVP_PKEY_meth_new; ++ WHIRLPOOL_Update; ++ TS_CONF_set_accuracy; ++ ASN1_PCTX_set_oid_flags; ++ ESS_SIGNING_CERT_dup; ++ d2i_TS_REQ_bio; ++ X509_time_adj_ex; ++ TS_RESP_CTX_add_flags; ++ d2i_TS_STATUS_INFO; ++ TS_MSG_IMPRINT_set_msg; ++ BIO_asn1_get_suffix; ++ TS_REQ_free; ++ EVP_PKEY_meth_free; ++ TS_REQ_get_exts; ++ TS_RESP_CTX_set_clock_precision_digits; ++ TS_RESP_CTX_set_clk_prec_digits; ++ TS_RESP_CTX_add_failure_info; ++ i2d_TS_RESP_bio; ++ EVP_PKEY_CTX_get0_peerkey; ++ PEM_write_bio_CMS_stream; ++ TS_REQ_new; ++ TS_MSG_IMPRINT_new; ++ EVP_PKEY_meth_find; ++ EVP_PKEY_id; ++ TS_TST_INFO_set_serial; ++ a2i_GENERAL_NAME; ++ TS_CONF_set_crypto_device; ++ EVP_PKEY_verify_init; ++ TS_CONF_set_policies; ++ ASN1_PCTX_new; ++ ESS_CERT_ID_free; ++ ENGINE_unregister_pkey_meths; ++ TS_MSG_IMPRINT_free; ++ TS_VERIFY_CTX_init; ++ PKCS7_stream; ++ TS_RESP_CTX_set_certs; ++ TS_CONF_set_def_policy; ++ ASN1_GENERALIZEDTIME_adj; ++ NETSCAPE_X509_new; ++ TS_ACCURACY_free; ++ TS_RESP_get_tst_info; ++ EVP_PKEY_derive_set_peer; ++ PEM_read_bio_Parameters; ++ TS_CONF_set_clock_precision_digits; ++ TS_CONF_set_clk_prec_digits; ++ ESS_ISSUER_SERIAL_dup; ++ TS_ACCURACY_get_micros; ++ ASN1_PCTX_get_str_flags; ++ NAME_CONSTRAINTS_check; ++ ASN1_BIT_STRING_check; ++ X509_check_akid; ++ ENGINE_unregister_pkey_asn1_meths; ++ ENGINE_unreg_pkey_asn1_meths; ++ ASN1_PCTX_free; ++ PEM_write_bio_ASN1_stream; ++ i2d_ASN1_bio_stream; ++ TS_X509_ALGOR_print_bio; ++ EVP_PKEY_meth_set_cleanup; ++ EVP_PKEY_asn1_free; ++ ESS_SIGNING_CERT_free; ++ TS_TST_INFO_set_msg_imprint; ++ GENERAL_NAME_cmp; ++ d2i_ASN1_SET_ANY; ++ ENGINE_set_pkey_meths; ++ i2d_TS_REQ_fp; ++ d2i_ASN1_SEQUENCE_ANY; ++ GENERAL_NAME_get0_otherName; ++ d2i_ESS_CERT_ID; ++ OBJ_find_sigid_algs; ++ EVP_PKEY_meth_set_keygen; ++ PKCS5_PBKDF2_HMAC; ++ EVP_PKEY_paramgen; ++ EVP_PKEY_meth_set_paramgen; ++ BIO_new_PKCS7; ++ EVP_PKEY_verify_recover; ++ TS_ext_print_bio; ++ TS_ASN1_INTEGER_print_bio; ++ check_defer; ++ DSO_pathbyaddr; ++ EVP_PKEY_set_type; ++ TS_ACCURACY_set_micros; ++ TS_REQ_to_TS_VERIFY_CTX; ++ EVP_PKEY_meth_set_copy; ++ ASN1_PCTX_set_cert_flags; ++ TS_TST_INFO_get_ext; ++ EVP_PKEY_asn1_set_ctrl; ++ TS_TST_INFO_get_ext_by_critical; ++ EVP_PKEY_CTX_new_id; ++ TS_REQ_get_ext_by_OBJ; ++ TS_CONF_set_signer_cert; ++ X509_NAME_hash_old; ++ ASN1_TIME_set_string; ++ EVP_MD_flags; ++ TS_RESP_CTX_free; ++ DSAparams_dup; ++ DHparams_dup; ++ OCSP_REQ_CTX_add1_header; ++ OCSP_REQ_CTX_set1_req; ++ X509_STORE_set_verify_cb; ++ X509_STORE_CTX_get0_current_crl; ++ X509_STORE_CTX_get0_parent_ctx; ++ X509_STORE_CTX_get0_current_issuer; ++ X509_STORE_CTX_get0_cur_issuer; ++ X509_issuer_name_hash_old; ++ X509_subject_name_hash_old; ++ EVP_CIPHER_CTX_copy; ++ UI_method_get_prompt_constructor; ++ UI_method_get_prompt_constructr; ++ UI_method_set_prompt_constructor; ++ UI_method_set_prompt_constructr; ++ EVP_read_pw_string_min; ++ CRYPTO_cts128_encrypt; ++ CRYPTO_cts128_decrypt_block; ++ CRYPTO_cfb128_1_encrypt; ++ CRYPTO_cbc128_encrypt; ++ CRYPTO_ctr128_encrypt; ++ CRYPTO_ofb128_encrypt; ++ CRYPTO_cts128_decrypt; ++ CRYPTO_cts128_encrypt_block; ++ CRYPTO_cbc128_decrypt; ++ CRYPTO_cfb128_encrypt; ++ CRYPTO_cfb128_8_encrypt; ++ SSL_renegotiate_abbreviated; ++ TLSv1_1_method; ++ TLSv1_1_client_method; ++ TLSv1_1_server_method; ++ SSL_CTX_set_srp_client_pwd_callback; ++ SSL_CTX_set_srp_client_pwd_cb; ++ SSL_get_srp_g; ++ SSL_CTX_set_srp_username_callback; ++ SSL_CTX_set_srp_un_cb; ++ SSL_get_srp_userinfo; ++ SSL_set_srp_server_param; ++ SSL_set_srp_server_param_pw; ++ SSL_get_srp_N; ++ SSL_get_srp_username; ++ SSL_CTX_set_srp_password; ++ SSL_CTX_set_srp_strength; ++ SSL_CTX_set_srp_verify_param_callback; ++ SSL_CTX_set_srp_vfy_param_cb; ++ SSL_CTX_set_srp_cb_arg; ++ SSL_CTX_set_srp_username; ++ SSL_CTX_SRP_CTX_init; ++ SSL_SRP_CTX_init; ++ SRP_Calc_A_param; ++ SRP_generate_server_master_secret; ++ SRP_gen_server_master_secret; ++ SSL_CTX_SRP_CTX_free; ++ SRP_generate_client_master_secret; ++ SRP_gen_client_master_secret; ++ SSL_srp_server_param_with_username; ++ SSL_srp_server_param_with_un; ++ SSL_SRP_CTX_free; ++ SSL_set_debug; ++ SSL_SESSION_get0_peer; ++ TLSv1_2_client_method; ++ SSL_SESSION_set1_id_context; ++ TLSv1_2_server_method; ++ SSL_cache_hit; ++ SSL_get0_kssl_ctx; ++ SSL_set0_kssl_ctx; ++ SSL_set_state; ++ SSL_CIPHER_get_id; ++ TLSv1_2_method; ++ kssl_ctx_get0_client_princ; ++ SSL_export_keying_material; ++ SSL_set_tlsext_use_srtp; ++ SSL_CTX_set_next_protos_advertised_cb; ++ SSL_CTX_set_next_protos_adv_cb; ++ SSL_get0_next_proto_negotiated; ++ SSL_get_selected_srtp_profile; ++ SSL_CTX_set_tlsext_use_srtp; ++ SSL_select_next_proto; ++ SSL_get_srtp_profiles; ++ SSL_CTX_set_next_proto_select_cb; ++ SSL_CTX_set_next_proto_sel_cb; ++ SSL_SESSION_get_compress_id; ++ ++ SRP_VBASE_get_by_user; ++ SRP_Calc_server_key; ++ SRP_create_verifier; ++ SRP_create_verifier_BN; ++ SRP_Calc_u; ++ SRP_VBASE_free; ++ SRP_Calc_client_key; ++ SRP_get_default_gN; ++ SRP_Calc_x; ++ SRP_Calc_B; ++ SRP_VBASE_new; ++ SRP_check_known_gN_param; ++ SRP_Calc_A; ++ SRP_Verify_A_mod_N; ++ SRP_VBASE_init; ++ SRP_Verify_B_mod_N; ++ EC_KEY_set_public_key_affine_coordinates; ++ EC_KEY_set_pub_key_aff_coords; ++ EVP_aes_192_ctr; ++ EVP_PKEY_meth_get0_info; ++ EVP_PKEY_meth_copy; ++ ERR_add_error_vdata; ++ EVP_aes_128_ctr; ++ EVP_aes_256_ctr; ++ EC_GFp_nistp224_method; ++ EC_KEY_get_flags; ++ RSA_padding_add_PKCS1_PSS_mgf1; ++ EVP_aes_128_xts; ++ EVP_aes_256_xts; ++ EVP_aes_128_gcm; ++ EC_KEY_clear_flags; ++ EC_KEY_set_flags; ++ EVP_aes_256_ccm; ++ RSA_verify_PKCS1_PSS_mgf1; ++ EVP_aes_128_ccm; ++ EVP_aes_192_gcm; ++ X509_ALGOR_set_md; ++ RAND_init_fips; ++ EVP_aes_256_gcm; ++ EVP_aes_192_ccm; ++ CMAC_CTX_copy; ++ CMAC_CTX_free; ++ CMAC_CTX_get0_cipher_ctx; ++ CMAC_CTX_cleanup; ++ CMAC_Init; ++ CMAC_Update; ++ CMAC_resume; ++ CMAC_CTX_new; ++ CMAC_Final; ++ CRYPTO_ctr128_encrypt_ctr32; ++ CRYPTO_gcm128_release; ++ CRYPTO_ccm128_decrypt_ccm64; ++ CRYPTO_ccm128_encrypt; ++ CRYPTO_gcm128_encrypt; ++ CRYPTO_xts128_encrypt; ++ EVP_rc4_hmac_md5; ++ CRYPTO_nistcts128_decrypt_block; ++ CRYPTO_gcm128_setiv; ++ CRYPTO_nistcts128_encrypt; ++ EVP_aes_128_cbc_hmac_sha1; ++ CRYPTO_gcm128_tag; ++ CRYPTO_ccm128_encrypt_ccm64; ++ ENGINE_load_rdrand; ++ CRYPTO_ccm128_setiv; ++ CRYPTO_nistcts128_encrypt_block; ++ CRYPTO_gcm128_aad; ++ CRYPTO_ccm128_init; ++ CRYPTO_nistcts128_decrypt; ++ CRYPTO_gcm128_new; ++ CRYPTO_ccm128_tag; ++ CRYPTO_ccm128_decrypt; ++ CRYPTO_ccm128_aad; ++ CRYPTO_gcm128_init; ++ CRYPTO_gcm128_decrypt; ++ ENGINE_load_rsax; ++ CRYPTO_gcm128_decrypt_ctr32; ++ CRYPTO_gcm128_encrypt_ctr32; ++ CRYPTO_gcm128_finish; ++ EVP_aes_256_cbc_hmac_sha1; ++ PKCS5_pbkdf2_set; ++ CMS_add0_recipient_password; ++ CMS_decrypt_set1_password; ++ CMS_RecipientInfo_set0_password; ++ RAND_set_fips_drbg_type; ++ X509_REQ_sign_ctx; ++ RSA_PSS_PARAMS_new; ++ X509_CRL_sign_ctx; ++ X509_signature_dump; ++ d2i_RSA_PSS_PARAMS; ++ RSA_PSS_PARAMS_it; ++ RSA_PSS_PARAMS_free; ++ X509_sign_ctx; ++ i2d_RSA_PSS_PARAMS; ++ ASN1_item_sign_ctx; ++ EC_GFp_nistp521_method; ++ EC_GFp_nistp256_method; ++ OPENSSL_stderr; ++ OPENSSL_cpuid_setup; ++ OPENSSL_showfatal; ++ BIO_new_dgram_sctp; ++ BIO_dgram_sctp_msg_waiting; ++ BIO_dgram_sctp_wait_for_dry; ++ BIO_s_datagram_sctp; ++ BIO_dgram_is_sctp; ++ BIO_dgram_sctp_notification_cb; ++ CRYPTO_memcmp; ++ SSL_CTX_set_alpn_protos; ++ SSL_set_alpn_protos; ++ SSL_CTX_set_alpn_select_cb; ++ SSL_get0_alpn_selected; ++ SSL_CTX_set_custom_cli_ext; ++ SSL_CTX_set_custom_srv_ext; ++ SSL_CTX_set_srv_supp_data; ++ SSL_CTX_set_cli_supp_data; ++ SSL_set_cert_cb; ++ SSL_CTX_use_serverinfo; ++ SSL_CTX_use_serverinfo_file; ++ SSL_CTX_set_cert_cb; ++ SSL_CTX_get0_param; ++ SSL_get0_param; ++ SSL_certs_clear; ++ DTLSv1_2_method; ++ DTLSv1_2_server_method; ++ DTLSv1_2_client_method; ++ DTLS_method; ++ DTLS_server_method; ++ DTLS_client_method; ++ SSL_CTX_get_ssl_method; ++ SSL_CTX_get0_certificate; ++ SSL_CTX_get0_privatekey; ++ SSL_COMP_set0_compression_methods; ++ SSL_COMP_free_compression_methods; ++ SSL_CIPHER_find; ++ SSL_is_server; ++ SSL_CONF_CTX_new; ++ SSL_CONF_CTX_finish; ++ SSL_CONF_CTX_free; ++ SSL_CONF_CTX_set_flags; ++ SSL_CONF_CTX_clear_flags; ++ SSL_CONF_CTX_set1_prefix; ++ SSL_CONF_CTX_set_ssl; ++ SSL_CONF_CTX_set_ssl_ctx; ++ SSL_CONF_cmd; ++ SSL_CONF_cmd_argv; ++ SSL_CONF_cmd_value_type; ++ SSL_trace; ++ SSL_CIPHER_standard_name; ++ SSL_get_tlsa_record_byname; ++ ASN1_TIME_diff; ++ BIO_hex_string; ++ CMS_RecipientInfo_get0_pkey_ctx; ++ CMS_RecipientInfo_encrypt; ++ CMS_SignerInfo_get0_pkey_ctx; ++ CMS_SignerInfo_get0_md_ctx; ++ CMS_SignerInfo_get0_signature; ++ CMS_RecipientInfo_kari_get0_alg; ++ CMS_RecipientInfo_kari_get0_reks; ++ CMS_RecipientInfo_kari_get0_orig_id; ++ CMS_RecipientInfo_kari_orig_id_cmp; ++ CMS_RecipientEncryptedKey_get0_id; ++ CMS_RecipientEncryptedKey_cert_cmp; ++ CMS_RecipientInfo_kari_set0_pkey; ++ CMS_RecipientInfo_kari_get0_ctx; ++ CMS_RecipientInfo_kari_decrypt; ++ CMS_SharedInfo_encode; ++ DH_compute_key_padded; ++ d2i_DHxparams; ++ i2d_DHxparams; ++ DH_get_1024_160; ++ DH_get_2048_224; ++ DH_get_2048_256; ++ DH_KDF_X9_42; ++ ECDH_KDF_X9_62; ++ ECDSA_METHOD_new; ++ ECDSA_METHOD_free; ++ ECDSA_METHOD_set_app_data; ++ ECDSA_METHOD_get_app_data; ++ ECDSA_METHOD_set_sign; ++ ECDSA_METHOD_set_sign_setup; ++ ECDSA_METHOD_set_verify; ++ ECDSA_METHOD_set_flags; ++ ECDSA_METHOD_set_name; ++ EVP_des_ede3_wrap; ++ EVP_aes_128_wrap; ++ EVP_aes_192_wrap; ++ EVP_aes_256_wrap; ++ EVP_aes_128_cbc_hmac_sha256; ++ EVP_aes_256_cbc_hmac_sha256; ++ CRYPTO_128_wrap; ++ CRYPTO_128_unwrap; ++ OCSP_REQ_CTX_nbio; ++ OCSP_REQ_CTX_new; ++ OCSP_set_max_response_length; ++ OCSP_REQ_CTX_i2d; ++ OCSP_REQ_CTX_nbio_d2i; ++ OCSP_REQ_CTX_get0_mem_bio; ++ OCSP_REQ_CTX_http; ++ RSA_padding_add_PKCS1_OAEP_mgf1; ++ RSA_padding_check_PKCS1_OAEP_mgf1; ++ RSA_OAEP_PARAMS_free; ++ RSA_OAEP_PARAMS_it; ++ RSA_OAEP_PARAMS_new; ++ SSL_get_sigalgs; ++ SSL_get_shared_sigalgs; ++ SSL_check_chain; ++ X509_chain_up_ref; ++ X509_http_nbio; ++ X509_CRL_http_nbio; ++ X509_REVOKED_dup; ++ i2d_re_X509_tbs; ++ X509_get0_signature; ++ X509_get_signature_nid; ++ X509_CRL_diff; ++ X509_chain_check_suiteb; ++ X509_CRL_check_suiteb; ++ X509_check_host; ++ X509_check_email; ++ X509_check_ip; ++ X509_check_ip_asc; ++ X509_STORE_set_lookup_crls_cb; ++ X509_STORE_CTX_get0_store; ++ X509_VERIFY_PARAM_set1_host; ++ X509_VERIFY_PARAM_add1_host; ++ X509_VERIFY_PARAM_set_hostflags; ++ X509_VERIFY_PARAM_get0_peername; ++ X509_VERIFY_PARAM_set1_email; ++ X509_VERIFY_PARAM_set1_ip; ++ X509_VERIFY_PARAM_set1_ip_asc; ++ X509_VERIFY_PARAM_get0_name; ++ X509_VERIFY_PARAM_get_count; ++ X509_VERIFY_PARAM_get0; ++ X509V3_EXT_free; ++ EC_GROUP_get_mont_data; ++ EC_curve_nid2nist; ++ EC_curve_nist2nid; ++ PEM_write_bio_DHxparams; ++ PEM_write_DHxparams; ++ SSL_CTX_add_client_custom_ext; ++ SSL_CTX_add_server_custom_ext; ++ SSL_extension_supported; ++ BUF_strnlen; ++ sk_deep_copy; ++ SSL_test_functions; ++ ++ local: ++ *; ++}; ++ ++OPENSSL_1.0.2g { ++ global: ++ SRP_VBASE_get1_by_user; ++ SRP_user_pwd_free; ++} OPENSSL_1.0.2d; ++ +Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/openssl.ld +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/openssl.ld 2014-02-24 21:02:30.000000000 +0100 +@@ -0,0 +1,10 @@ ++OPENSSL_1.0.2 { ++ global: ++ bind_engine; ++ v_check; ++ OPENSSL_init; ++ OPENSSL_finish; ++ local: ++ *; ++}; ++ +Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/ccgost/openssl.ld +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/ccgost/openssl.ld 2014-02-24 21:02:30.000000000 +0100 +@@ -0,0 +1,10 @@ ++OPENSSL_1.0.2 { ++ global: ++ bind_engine; ++ v_check; ++ OPENSSL_init; ++ OPENSSL_finish; ++ local: ++ *; ++}; ++ diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/parallel.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/parallel.patch new file mode 100644 index 000000000..b6c2c148b --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/openssl/openssl/parallel.patch @@ -0,0 +1,326 @@ +Fix the parallel races in the Makefiles. + +This patch was taken from the Gentoo packaging: +https://gitweb.gentoo.org/repo/gentoo.git/plain/dev-libs/openssl/files/openssl-1.0.2g-parallel-build.patch + +Upstream-Status: Pending +Signed-off-by: Ross Burton <ross.burton@intel.com> + +--- openssl-1.0.2g/crypto/Makefile ++++ openssl-1.0.2g/crypto/Makefile +@@ -85,11 +85,11 @@ + @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi + + subdirs: +- @target=all; $(RECURSIVE_MAKE) ++ +@target=all; $(RECURSIVE_MAKE) + + files: + $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO +- @target=files; $(RECURSIVE_MAKE) ++ +@target=files; $(RECURSIVE_MAKE) + + links: + @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER) +@@ -100,7 +100,7 @@ + # lib: $(LIB): are splitted to avoid end-less loop + lib: $(LIB) + @touch lib +-$(LIB): $(LIBOBJ) ++$(LIB): $(LIBOBJ) | subdirs + $(AR) $(LIB) $(LIBOBJ) + test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o + $(RANLIB) $(LIB) || echo Never mind. +@@ -111,7 +111,7 @@ + fi + + libs: +- @target=lib; $(RECURSIVE_MAKE) ++ +@target=lib; $(RECURSIVE_MAKE) + + install: + @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... +@@ -120,7 +120,7 @@ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; +- @target=install; $(RECURSIVE_MAKE) ++ +@target=install; $(RECURSIVE_MAKE) + + lint: + @target=lint; $(RECURSIVE_MAKE) +--- openssl-1.0.2g/engines/Makefile ++++ openssl-1.0.2g/engines/Makefile +@@ -72,7 +72,7 @@ + + all: lib subdirs + +-lib: $(LIBOBJ) ++lib: $(LIBOBJ) | subdirs + @if [ -n "$(SHARED_LIBS)" ]; then \ + set -e; \ + for l in $(LIBNAMES); do \ +@@ -89,7 +89,7 @@ + + subdirs: + echo $(EDIRS) +- @target=all; $(RECURSIVE_MAKE) ++ +@target=all; $(RECURSIVE_MAKE) + + files: + $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO +@@ -128,7 +128,7 @@ + mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ + done; \ + fi +- @target=install; $(RECURSIVE_MAKE) ++ +@target=install; $(RECURSIVE_MAKE) + + tags: + ctags $(SRC) +--- openssl-1.0.2g/Makefile.org ++++ openssl-1.0.2g/Makefile.org +@@ -279,17 +279,17 @@ + build_libssl: build_ssl libssl.pc + + build_crypto: +- @dir=crypto; target=all; $(BUILD_ONE_CMD) ++ +@dir=crypto; target=all; $(BUILD_ONE_CMD) + build_ssl: build_crypto +- @dir=ssl; target=all; $(BUILD_ONE_CMD) ++ +@dir=ssl; target=all; $(BUILD_ONE_CMD) + build_engines: build_crypto +- @dir=engines; target=all; $(BUILD_ONE_CMD) ++ +@dir=engines; target=all; $(BUILD_ONE_CMD) + build_apps: build_libs +- @dir=apps; target=all; $(BUILD_ONE_CMD) ++ +@dir=apps; target=all; $(BUILD_ONE_CMD) + build_tests: build_libs +- @dir=test; target=all; $(BUILD_ONE_CMD) ++ +@dir=test; target=all; $(BUILD_ONE_CMD) + build_tools: build_libs +- @dir=tools; target=all; $(BUILD_ONE_CMD) ++ +@dir=tools; target=all; $(BUILD_ONE_CMD) + + all_testapps: build_libs build_testapps + build_testapps: +@@ -544,7 +544,7 @@ + (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ + chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ + done; +- @set -e; target=install; $(RECURSIVE_BUILD_CMD) ++ +@set -e; target=install; $(RECURSIVE_BUILD_CMD) + @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ + do \ + if [ -f "$$i" ]; then \ +--- openssl-1.0.2g/Makefile.shared ++++ openssl-1.0.2g/Makefile.shared +@@ -105,6 +105,7 @@ + SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \ + LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \ + LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \ ++ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \ + LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \ + $${SHAREDCMD} $${SHAREDFLAGS} \ + -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \ +@@ -122,6 +123,7 @@ + done; \ + fi; \ + if [ -n "$$SHLIB_SOVER" ]; then \ ++ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \ + ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \ + ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \ + fi; \ +--- openssl-1.0.2g/test/Makefile ++++ openssl-1.0.2g/test/Makefile +@@ -139,7 +139,7 @@ + tags: + ctags $(SRC) + +-tests: exe apps $(TESTS) ++tests: exe $(TESTS) + + apps: + @(cd ..; $(MAKE) DIRS=apps all) +@@ -421,130 +421,130 @@ + link_app.$${shlib_target} + + $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO) +- @target=$(RSATEST); $(BUILD_CMD) ++ +@target=$(RSATEST); $(BUILD_CMD) + + $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO) +- @target=$(BNTEST); $(BUILD_CMD) ++ +@target=$(BNTEST); $(BUILD_CMD) + + $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO) +- @target=$(ECTEST); $(BUILD_CMD) ++ +@target=$(ECTEST); $(BUILD_CMD) + + $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO) +- @target=$(EXPTEST); $(BUILD_CMD) ++ +@target=$(EXPTEST); $(BUILD_CMD) + + $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO) +- @target=$(IDEATEST); $(BUILD_CMD) ++ +@target=$(IDEATEST); $(BUILD_CMD) + + $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO) +- @target=$(MD2TEST); $(BUILD_CMD) ++ +@target=$(MD2TEST); $(BUILD_CMD) + + $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO) +- @target=$(SHATEST); $(BUILD_CMD) ++ +@target=$(SHATEST); $(BUILD_CMD) + + $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO) +- @target=$(SHA1TEST); $(BUILD_CMD) ++ +@target=$(SHA1TEST); $(BUILD_CMD) + + $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO) +- @target=$(SHA256TEST); $(BUILD_CMD) ++ +@target=$(SHA256TEST); $(BUILD_CMD) + + $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO) +- @target=$(SHA512TEST); $(BUILD_CMD) ++ +@target=$(SHA512TEST); $(BUILD_CMD) + + $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO) +- @target=$(RMDTEST); $(BUILD_CMD) ++ +@target=$(RMDTEST); $(BUILD_CMD) + + $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO) +- @target=$(MDC2TEST); $(BUILD_CMD) ++ +@target=$(MDC2TEST); $(BUILD_CMD) + + $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO) +- @target=$(MD4TEST); $(BUILD_CMD) ++ +@target=$(MD4TEST); $(BUILD_CMD) + + $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO) +- @target=$(MD5TEST); $(BUILD_CMD) ++ +@target=$(MD5TEST); $(BUILD_CMD) + + $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO) +- @target=$(HMACTEST); $(BUILD_CMD) ++ +@target=$(HMACTEST); $(BUILD_CMD) + + $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO) +- @target=$(WPTEST); $(BUILD_CMD) ++ +@target=$(WPTEST); $(BUILD_CMD) + + $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO) +- @target=$(RC2TEST); $(BUILD_CMD) ++ +@target=$(RC2TEST); $(BUILD_CMD) + + $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO) +- @target=$(BFTEST); $(BUILD_CMD) ++ +@target=$(BFTEST); $(BUILD_CMD) + + $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO) +- @target=$(CASTTEST); $(BUILD_CMD) ++ +@target=$(CASTTEST); $(BUILD_CMD) + + $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO) +- @target=$(RC4TEST); $(BUILD_CMD) ++ +@target=$(RC4TEST); $(BUILD_CMD) + + $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO) +- @target=$(RC5TEST); $(BUILD_CMD) ++ +@target=$(RC5TEST); $(BUILD_CMD) + + $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO) +- @target=$(DESTEST); $(BUILD_CMD) ++ +@target=$(DESTEST); $(BUILD_CMD) + + $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO) +- @target=$(RANDTEST); $(BUILD_CMD) ++ +@target=$(RANDTEST); $(BUILD_CMD) + + $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO) +- @target=$(DHTEST); $(BUILD_CMD) ++ +@target=$(DHTEST); $(BUILD_CMD) + + $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO) +- @target=$(DSATEST); $(BUILD_CMD) ++ +@target=$(DSATEST); $(BUILD_CMD) + + $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO) +- @target=$(METHTEST); $(BUILD_CMD) ++ +@target=$(METHTEST); $(BUILD_CMD) + + $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO) +- @target=$(SSLTEST); $(FIPS_BUILD_CMD) ++ +@target=$(SSLTEST); $(FIPS_BUILD_CMD) + + $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO) +- @target=$(ENGINETEST); $(BUILD_CMD) ++ +@target=$(ENGINETEST); $(BUILD_CMD) + + $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO) +- @target=$(EVPTEST); $(BUILD_CMD) ++ +@target=$(EVPTEST); $(BUILD_CMD) + + $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO) +- @target=$(EVPEXTRATEST); $(BUILD_CMD) ++ +@target=$(EVPEXTRATEST); $(BUILD_CMD) + + $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO) +- @target=$(ECDSATEST); $(BUILD_CMD) ++ +@target=$(ECDSATEST); $(BUILD_CMD) + + $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO) +- @target=$(ECDHTEST); $(BUILD_CMD) ++ +@target=$(ECDHTEST); $(BUILD_CMD) + + $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO) +- @target=$(IGETEST); $(BUILD_CMD) ++ +@target=$(IGETEST); $(BUILD_CMD) + + $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO) +- @target=$(JPAKETEST); $(BUILD_CMD) ++ +@target=$(JPAKETEST); $(BUILD_CMD) + + $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO) +- @target=$(ASN1TEST); $(BUILD_CMD) ++ +@target=$(ASN1TEST); $(BUILD_CMD) + + $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO) +- @target=$(SRPTEST); $(BUILD_CMD) ++ +@target=$(SRPTEST); $(BUILD_CMD) + + $(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO) +- @target=$(V3NAMETEST); $(BUILD_CMD) ++ +@target=$(V3NAMETEST); $(BUILD_CMD) + + $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO) +- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) ++ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC) + + $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o +- @target=$(CONSTTIMETEST) $(BUILD_CMD) ++ +@target=$(CONSTTIMETEST) $(BUILD_CMD) + + $(VERIFYEXTRATEST)$(EXE_EXT): $(VERIFYEXTRATEST).o +- @target=$(VERIFYEXTRATEST) $(BUILD_CMD) ++ +@target=$(VERIFYEXTRATEST) $(BUILD_CMD) + + $(CLIENTHELLOTEST)$(EXE_EXT): $(CLIENTHELLOTEST).o +- @target=$(CLIENTHELLOTEST) $(BUILD_CMD) ++ +@target=$(CLIENTHELLOTEST) $(BUILD_CMD) + + $(SSLV2CONFTEST)$(EXE_EXT): $(SSLV2CONFTEST).o +- @target=$(SSLV2CONFTEST) $(BUILD_CMD) ++ +@target=$(SSLV2CONFTEST) $(BUILD_CMD) + + #$(AESTEST).o: $(AESTEST).c + # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c +@@ -557,7 +557,7 @@ + # fi + + dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) +- @target=dummytest; $(BUILD_CMD) ++ +@target=dummytest; $(BUILD_CMD) + + # DO NOT DELETE THIS LINE -- make depend depends on it. +
\ No newline at end of file diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb b/yocto-poky/meta/recipes-connectivity/openssl/openssl_1.0.2g.bb index 8defa5b74..290f129fc 100644 --- a/yocto-poky/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb +++ b/yocto-poky/meta/recipes-connectivity/openssl/openssl_1.0.2g.bb @@ -6,12 +6,14 @@ DEPENDS += "cryptodev-linux" CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS" -LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" +LIC_FILES_CHKSUM = "file://LICENSE;md5=27ffa5d74bb5a337056c14b2ef93fbf6" export DIRS = "crypto ssl apps engines" export OE_LDFLAGS="${LDFLAGS}" -SRC_URI += "file://configure-targets.patch \ +SRC_URI += "file://find.pl;subdir=${BP}/util/ \ + file://run-ptest \ + file://configure-targets.patch \ file://shared-libs.patch \ file://oe-ldflags.patch \ file://engines-install-in-libdir-ssl.patch \ @@ -25,44 +27,25 @@ SRC_URI += "file://configure-targets.patch \ file://debian/no-rpath.patch \ file://debian/no-symbolic.patch \ file://debian/pic.patch \ - file://debian/version-script.patch \ + file://debian1.0.2/version-script.patch \ file://openssl_fix_for_x32.patch \ file://fix-cipher-des-ede3-cfb1.patch \ file://openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch \ - file://find.pl \ file://openssl-fix-des.pod-error.patch \ file://Makefiles-ptest.patch \ file://ptest-deps.patch \ - file://run-ptest \ file://crypto_use_bigint_in_x86-64_perl.patch \ file://openssl-1.0.2a-x32-asm.patch \ file://ptest_makefile_deps.patch \ - file://CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch \ - file://CVE-2015-3194-1-Add-PSS-parameter-check.patch \ - file://0001-Add-test-for-CVE-2015-3194.patch \ - file://CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch \ - file://CVE-2015-3197.patch \ - file://CVE-2016-0701_1.patch \ - file://CVE-2016-0701_2.patch \ + file://configure-musl-target.patch \ + file://parallel.patch \ " -SRC_URI[md5sum] = "38dd619b2e77cbac69b99f52a053d25a" -SRC_URI[sha256sum] = "671c36487785628a703374c652ad2cebea45fa920ae5681515df25d9f2c9a8c8" - -PACKAGES =+ " \ - ${PN}-engines \ - ${PN}-engines-dbg \ - " +SRC_URI[md5sum] = "f3c710c045cdee5fd114feb69feba7aa" +SRC_URI[sha256sum] = "b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33" +PACKAGES =+ "${PN}-engines" FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines" -FILES_${PN}-engines-dbg = "${libdir}/ssl/engines/.debug" - -PARALLEL_MAKE = "" -PARALLEL_MAKEINST = "" - -do_configure_prepend() { - cp ${WORKDIR}/find.pl ${S}/util/find.pl -} # The crypto_use_bigint patch means that perl's bignum module needs to be # installed, but some distributions (for example Fedora 23) don't ship it by diff --git a/yocto-poky/meta/recipes-connectivity/portmap/portmap_6.0.bb b/yocto-poky/meta/recipes-connectivity/portmap/portmap_6.0.bb index e727fe3cb..999b4a937 100644 --- a/yocto-poky/meta/recipes-connectivity/portmap/portmap_6.0.bb +++ b/yocto-poky/meta/recipes-connectivity/portmap/portmap_6.0.bb @@ -1,5 +1,7 @@ require portmap.inc +DEPENDS_append_libc-musl = " libtirpc " + PR = "r9" SRC_URI = "http://www.sourcefiles.org/Networking/Tools/Miscellanenous/portmap-6.0.tgz \ @@ -19,6 +21,8 @@ PACKAGECONFIG[tcp-wrappers] = ",,tcp-wrappers" CPPFLAGS += "-DFACILITY=LOG_DAEMON -DENABLE_DNS -DHOSTS_ACCESS" CFLAGS += "-Wall -Wstrict-prototypes -fPIC" EXTRA_OEMAKE += "'NO_TCP_WRAPPER=${@bb.utils.contains('PACKAGECONFIG', 'tcp-wrappers', '', '1', d)}'" +CFLAGS_append_libc-musl = " -I${STAGING_INCDIR}/tirpc " +LDFLAGS_append_libc-musl = " -ltirpc " do_install() { install -d ${D}${mandir}/man8/ ${D}${base_sbindir} ${D}${sysconfdir}/init.d diff --git a/yocto-poky/meta/recipes-connectivity/ppp/ppp/0001-Fix-build-with-musl.patch b/yocto-poky/meta/recipes-connectivity/ppp/ppp/0001-Fix-build-with-musl.patch new file mode 100644 index 000000000..763e37448 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/ppp/ppp/0001-Fix-build-with-musl.patch @@ -0,0 +1,163 @@ +From 52a1e41d7541b2c936285844c59bd1be21797860 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Fri, 29 May 2015 14:57:05 -0700 +Subject: [PATCH] Fix build with musl + +There are several assumption about glibc + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- +Upstream-Status: Pending + + include/net/ppp_defs.h | 2 ++ + pppd/Makefile.linux | 2 +- + pppd/magic.h | 6 +++--- + pppd/plugins/rp-pppoe/config.h | 5 ++++- + pppd/plugins/rp-pppoe/plugin.c | 1 - + pppd/plugins/rp-pppoe/pppoe-discovery.c | 8 ++++---- + pppd/plugins/rp-pppoe/pppoe.h | 2 +- + pppd/sys-linux.c | 3 ++- + 8 files changed, 17 insertions(+), 12 deletions(-) + +diff --git a/include/net/ppp_defs.h b/include/net/ppp_defs.h +index b06eda5..dafa36c 100644 +--- a/include/net/ppp_defs.h ++++ b/include/net/ppp_defs.h +@@ -38,6 +38,8 @@ + #ifndef _PPP_DEFS_H_ + #define _PPP_DEFS_H_ + ++#include <sys/time.h> ++ + /* + * The basic PPP frame. + */ +diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux +index 8ab2102..d7e2564 100644 +--- a/pppd/Makefile.linux ++++ b/pppd/Makefile.linux +@@ -126,7 +126,7 @@ LIBS += -lcrypt + #endif + + ifdef USE_LIBUTIL +-CFLAGS += -DHAVE_LOGWTMP=1 ++#CFLAGS += -DHAVE_LOGWTMP=1 + LIBS += -lutil + endif + +diff --git a/pppd/magic.h b/pppd/magic.h +index c81213b..9d399e3 100644 +--- a/pppd/magic.h ++++ b/pppd/magic.h +@@ -42,8 +42,8 @@ + * $Id: magic.h,v 1.5 2003/06/11 23:56:26 paulus Exp $ + */ + +-void magic_init __P((void)); /* Initialize the magic number generator */ +-u_int32_t magic __P((void)); /* Returns the next magic number */ ++void magic_init (void); /* Initialize the magic number generator */ ++u_int32_t magic (void); /* Returns the next magic number */ + + /* Fill buffer with random bytes */ +-void random_bytes __P((unsigned char *buf, int len)); ++void random_bytes (unsigned char *buf, int len); +diff --git a/pppd/plugins/rp-pppoe/config.h b/pppd/plugins/rp-pppoe/config.h +index 5703087..fff032e 100644 +--- a/pppd/plugins/rp-pppoe/config.h ++++ b/pppd/plugins/rp-pppoe/config.h +@@ -78,8 +78,9 @@ + #define HAVE_NET_IF_ARP_H 1 + + /* Define if you have the <net/ethernet.h> header file. */ ++#ifdef __GLIBC__ + #define HAVE_NET_ETHERNET_H 1 +- ++#endif + /* Define if you have the <net/if.h> header file. */ + #define HAVE_NET_IF_H 1 + +@@ -102,7 +103,9 @@ + #define HAVE_NETPACKET_PACKET_H 1 + + /* Define if you have the <sys/cdefs.h> header file. */ ++#ifdef __GLIBC__ + #define HAVE_SYS_CDEFS_H 1 ++#endif + + /* Define if you have the <sys/dlpi.h> header file. */ + /* #undef HAVE_SYS_DLPI_H */ +diff --git a/pppd/plugins/rp-pppoe/plugin.c b/pppd/plugins/rp-pppoe/plugin.c +index a8c2bb4..ca34d79 100644 +--- a/pppd/plugins/rp-pppoe/plugin.c ++++ b/pppd/plugins/rp-pppoe/plugin.c +@@ -46,7 +46,6 @@ static char const RCSID[] = + #include <unistd.h> + #include <fcntl.h> + #include <signal.h> +-#include <net/ethernet.h> + #include <net/if_arp.h> + #include <linux/ppp_defs.h> + #include <linux/if_pppox.h> +diff --git a/pppd/plugins/rp-pppoe/pppoe-discovery.c b/pppd/plugins/rp-pppoe/pppoe-discovery.c +index 3d3bf4e..d42f619 100644 +--- a/pppd/plugins/rp-pppoe/pppoe-discovery.c ++++ b/pppd/plugins/rp-pppoe/pppoe-discovery.c +@@ -27,10 +27,6 @@ + #include <linux/if_packet.h> + #endif + +-#ifdef HAVE_NET_ETHERNET_H +-#include <net/ethernet.h> +-#endif +- + #ifdef HAVE_ASM_TYPES_H + #include <asm/types.h> + #endif +@@ -47,6 +43,10 @@ + #include <net/if_arp.h> + #endif + ++#ifndef __GLIBC__ ++#define error(x...) fprintf(stderr, x) ++#endif ++ + char *xstrdup(const char *s); + void usage(void); + +diff --git a/pppd/plugins/rp-pppoe/pppoe.h b/pppd/plugins/rp-pppoe/pppoe.h +index 9ab2eee..75b9004 100644 +--- a/pppd/plugins/rp-pppoe/pppoe.h ++++ b/pppd/plugins/rp-pppoe/pppoe.h +@@ -92,7 +92,7 @@ typedef unsigned long UINT32_t; + #ifdef HAVE_SYS_SOCKET_H + #include <sys/socket.h> + #endif +-#ifndef HAVE_SYS_DLPI_H ++#if !defined HAVE_SYS_DLPI_H && defined HAVE_NET_ETHERNET_H + #include <netinet/if_ether.h> + #endif + #endif +diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c +index a105505..49b0273 100644 +--- a/pppd/sys-linux.c ++++ b/pppd/sys-linux.c +@@ -112,7 +112,7 @@ + #include <linux/types.h> + #include <linux/if.h> + #include <linux/if_arp.h> +-#include <linux/route.h> ++/* #include <linux/route.h> */ + #include <linux/if_ether.h> + #endif + #include <netinet/in.h> +@@ -145,6 +145,7 @@ + #endif + + #ifdef INET6 ++#include <net/route.h> + #ifndef _LINUX_IN6_H + /* + * This is in linux/include/net/ipv6.h. +-- +2.1.4 + diff --git a/yocto-poky/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch b/yocto-poky/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch index c9edb3059..c5a0be86f 100644 --- a/yocto-poky/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch +++ b/yocto-poky/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch @@ -3,6 +3,7 @@ ppp: Buffer overflow in radius plugin From: https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=5;bug=782450 Upstream-Status: Backport +CVE: CVE-2015-3310 On systems with more than 65535 processes running, pppd aborts when sending a "start" accounting message to the RADIUS server because of a diff --git a/yocto-poky/meta/recipes-connectivity/ppp/ppp_2.4.7.bb b/yocto-poky/meta/recipes-connectivity/ppp/ppp_2.4.7.bb index adc38e10b..4437b5c51 100644 --- a/yocto-poky/meta/recipes-connectivity/ppp/ppp_2.4.7.bb +++ b/yocto-poky/meta/recipes-connectivity/ppp/ppp_2.4.7.bb @@ -32,6 +32,9 @@ SRC_URI = "http://ppp.samba.org/ftp/ppp/ppp-${PV}.tar.gz \ file://fix-CVE-2015-3310.patch \ " +SRC_URI_append_libc-musl = "\ + file://0001-Fix-build-with-musl.patch \ +" SRC_URI[md5sum] = "78818f40e6d33a1d1de68a1551f6595a" SRC_URI[sha256sum] = "02e0a3dd3e4799e33103f70ec7df75348c8540966ee7c948e4ed8a42bbccfb30" @@ -78,7 +81,6 @@ do_install_append () { CONFFILES_${PN} = "${sysconfdir}/ppp/pap-secrets ${sysconfdir}/ppp/chap-secrets ${sysconfdir}/ppp/options" PACKAGES =+ "${PN}-oa ${PN}-oe ${PN}-radius ${PN}-winbind ${PN}-minconn ${PN}-password ${PN}-l2tp ${PN}-tools" FILES_${PN} = "${sysconfdir} ${bindir} ${sbindir}/chat ${sbindir}/pppd ${systemd_unitdir}/system/ppp@.service" -FILES_${PN}-dbg += "${libdir}/pppd/${PV}/.debug" FILES_${PN}-oa = "${libdir}/pppd/${PV}/pppoatm.so" FILES_${PN}-oe = "${sbindir}/pppoe-discovery ${libdir}/pppd/${PV}/rp-pppoe.so" FILES_${PN}-radius = "${libdir}/pppd/${PV}/radius.so ${libdir}/pppd/${PV}/radattr.so ${libdir}/pppd/${PV}/radrealms.so" diff --git a/yocto-poky/meta/recipes-connectivity/resolvconf/resolvconf_1.77.bb b/yocto-poky/meta/recipes-connectivity/resolvconf/resolvconf_1.78.bb index 916b9f2ae..f4c58514a 100644 --- a/yocto-poky/meta/recipes-connectivity/resolvconf/resolvconf_1.77.bb +++ b/yocto-poky/meta/recipes-connectivity/resolvconf/resolvconf_1.78.bb @@ -11,13 +11,17 @@ AUTHOR = "Thomas Hood" HOMEPAGE = "http://packages.debian.org/resolvconf" RDEPENDS_${PN} = "bash" -SRC_URI = "http://snapshot.debian.org/archive/debian/20150511T214718Z/pool/main/r/${BPN}/${BPN}_${PV}.tar.xz \ +SRC_URI = "http://snapshot.debian.org/archive/debian/20150828T220730Z/pool/main/r/${BPN}/${BPN}_1.78.tar.xz \ file://fix-path-for-busybox.patch \ file://99_resolvconf \ " -SRC_URI[md5sum] = "7362d766e47bfc253500f42b30330d9f" -SRC_URI[sha256sum] = "5a6e21e8ba6822a5f93075c8c8fe7977e34780ba551af51930d0b31fdd99ab56" +SRC_URI[md5sum] = "373a9f9544c84aa477a7425ae773b8b5" +SRC_URI[sha256sum] = "961b22e8fcf0c7de7e90a050323e6fa221bc8b25a5348c160be3506f7e73a7a3" + +# the package is taken from snapshots.debian.org; that source is static and goes stale +# so we check the latest upstream from a directory that does get updated +UPSTREAM_CHECK_URI = "${DEBIAN_MIRROR}/main/r/resolvconf/" inherit allarch diff --git a/yocto-poky/meta/recipes-connectivity/socat/socat/0001-Access-c_ispeed-and-c_ospeed-via-APIs.patch b/yocto-poky/meta/recipes-connectivity/socat/socat/0001-Access-c_ispeed-and-c_ospeed-via-APIs.patch new file mode 100644 index 000000000..c0e27f3d7 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/socat/socat/0001-Access-c_ispeed-and-c_ospeed-via-APIs.patch @@ -0,0 +1,52 @@ +From fb10ab134d630705cae0c7be42437cc289af7d32 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Tue, 15 Mar 2016 21:36:02 +0000 +Subject: [PATCH] Use __c_ispeed and __c_ospeed on musl + +Original intention of these asserts is to find if termios structure +is mapped correctly to locally define union, the get* APIs for +baudrate would not do the right thing since they do not return the +value from c_ospeed/c_ispeed but the value which is stored in iflag +for baudrate. + +So we check if we are on Linux but not using glibc then we use +__c_ispeed and __c_ospeed as defined in musl, however these are +internal elements of structs it should not have been used this +way. + +Signed-off-by: Khem Raj <raj.khem@gmail.com> + +--- +Upstream-Status: Pending + + xioinitialize.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/xioinitialize.c b/xioinitialize.c +index 9f50155..8fb2e4c 100644 +--- a/xioinitialize.c ++++ b/xioinitialize.c +@@ -65,6 +65,12 @@ int xioinitialize(void) { + #if HAVE_TERMIOS_ISPEED && (ISPEED_OFFSET != -1) && (OSPEED_OFFSET != -1) + #if defined(ISPEED_OFFSET) && (ISPEED_OFFSET != -1) + #if defined(OSPEED_OFFSET) && (OSPEED_OFFSET != -1) ++#if defined(__linux__) && !defined(__GLIBC__) ++ tdata.termarg.__c_ispeed = 0x56789abc; ++ tdata.termarg.__c_ospeed = 0x6789abcd; ++ assert(tdata.termarg.__c_ispeed == tdata.speeds[ISPEED_OFFSET]); ++ assert(tdata.termarg.__c_ospeed == tdata.speeds[OSPEED_OFFSET]); ++#else + tdata.termarg.c_ispeed = 0x56789abc; + tdata.termarg.c_ospeed = 0x6789abcd; + assert(tdata.termarg.c_ispeed == tdata.speeds[ISPEED_OFFSET]); +@@ -72,6 +78,7 @@ int xioinitialize(void) { + #endif + #endif + #endif ++#endif + } + #endif + +-- +2.8.0 + diff --git a/yocto-poky/meta/recipes-connectivity/socat/socat/0001-define-NETDB_INTERNAL-to-1-if-not-available.patch b/yocto-poky/meta/recipes-connectivity/socat/socat/0001-define-NETDB_INTERNAL-to-1-if-not-available.patch new file mode 100644 index 000000000..4bbd36766 --- /dev/null +++ b/yocto-poky/meta/recipes-connectivity/socat/socat/0001-define-NETDB_INTERNAL-to-1-if-not-available.patch @@ -0,0 +1,32 @@ +From e6a7d96fa3675bdd3f4d7a3d7682381789eef22f Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Mon, 15 Feb 2016 20:25:34 +0000 +Subject: [PATCH] define NETDB_INTERNAL to -1 if not available + +helps build with musl + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- +Upstream-Status: Pending + + compat.h | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/compat.h b/compat.h +index c8bee4d..bfb013a 100644 +--- a/compat.h ++++ b/compat.h +@@ -666,6 +666,10 @@ typedef int sig_atomic_t; + # define NETDB_INTERNAL h_NETDB_INTERNAL + #endif + ++#if !defined(NETDB_INTERNAL) ++# define NETDB_INTERNAL (-1) ++#endif ++ + #ifndef INET_ADDRSTRLEN + # define INET_ADDRSTRLEN sizeof(struct sockaddr_in) + #endif +-- +2.7.1 + diff --git a/yocto-poky/meta/recipes-connectivity/socat/socat/CVE-2016-2217.patch b/yocto-poky/meta/recipes-connectivity/socat/socat/CVE-2016-2217.patch deleted file mode 100644 index 0cd417944..000000000 --- a/yocto-poky/meta/recipes-connectivity/socat/socat/CVE-2016-2217.patch +++ /dev/null @@ -1,372 +0,0 @@ -Upstream-Status: Backport - -http://www.dest-unreach.org/socat/download/socat-1.7.3.1.patch - -CVE: CVE-2016-2217 -[Yocto # 9024] -Singed-off-by: Armin Kuster <akuster@mvista.com> - -Index: socat-1.7.3.0/CHANGES -=================================================================== ---- socat-1.7.3.0.orig/CHANGES -+++ socat-1.7.3.0/CHANGES -@@ -1,8 +1,39 @@ - -+####################### V 1.7.3.1: -+ -+security: -+ Socat security advisory 8 -+ A stack overflow in vulnerability was found that can be triggered when -+ command line arguments (complete address specifications, host names, -+ file names) are longer than 512 bytes. -+ Successful exploitation might allow an attacker to execute arbitrary -+ code with the privileges of the socat process. -+ This vulnerability can only be exploited when an attacker is able to -+ inject data into socat's command line. -+ A vulnerable scenario would be a CGI script that reads data from clients -+ and uses (parts of) this data as hostname for a Socat invocation. -+ Test: NESTEDOVFL -+ Credits to Takumi Akiyama for finding and reporting this issue. -+ -+ Socat security advisory 7 -+ MSVR-1499 -+ In the OpenSSL address implementation the hard coded 1024 bit DH p -+ parameter was not prime. The effective cryptographic strength of a key -+ exchange using these parameters was weaker than the one one could get by -+ using a prime p. Moreover, since there is no indication of how these -+ parameters were chosen, the existence of a trapdoor that makes possible -+ for an eavesdropper to recover the shared secret from a key exchange -+ that uses them cannot be ruled out. -+ Futhermore, 1024bit is not considered sufficiently secure. -+ Fix: generated a new 2048bit prime. -+ Thanks to Santiago Zanella-Beguelin and Microsoft Vulnerability -+ Research (MSVR) for finding and reporting this issue. -+ - ####################### V 1.7.3.0: - - security: -- (CVE Id pending) -+ Socat security advisory 6 -+ CVE-2015-1379: Possible DoS with fork - Fixed problems with signal handling caused by use of not async signal - safe functions in signal handlers that could freeze socat, allowing - denial of service attacks. -@@ -240,6 +271,7 @@ docu: - ####################### V 1.7.2.3: - - security: -+ Socat security advisory 5 - CVE-2014-0019: socats PROXY-CONNECT address was vulnerable to a buffer - overflow with data from command line (see socat-secadv5.txt) - Credits to Florian Weimer of the Red Hat Product Security Team -@@ -247,6 +279,7 @@ security: - ####################### V 1.7.2.2: - - security: -+ Socat security advisory 4 - CVE-2013-3571: - after refusing a client connection due to bad source address or source - port socat shutdown() the socket but did not close() it, resulting in -@@ -258,6 +291,7 @@ security: - ####################### V 1.7.2.1: - - security: -+ Socat security advisory 3 - CVE-2012-0219: - fixed a possible heap buffer overflow in the readline address. This bug - could be exploited when all of the following conditions were met: -@@ -391,6 +425,7 @@ docu: - ####################### V 1.7.1.3: - - security: -+ Socat security advisory 2 - CVE-2010-2799: - fixed a stack overflow vulnerability that occurred when command - line arguments (whole addresses, host names, file names) were longer -@@ -892,6 +927,7 @@ further corrections: - ####################### V 1.4.0.3: - - security: -+ Socat security advisory 1 - CVE-2004-1484: - fix to a syslog() based format string vulnerability that can lead to - remote code execution. See advisory socat-adv-1.txt -Index: socat-1.7.3.0/VERSION -=================================================================== ---- socat-1.7.3.0.orig/VERSION -+++ socat-1.7.3.0/VERSION -@@ -1 +1 @@ --"1.7.3.0" -+"1.7.3.1" -Index: socat-1.7.3.0/nestlex.c -=================================================================== ---- socat-1.7.3.0.orig/nestlex.c -+++ socat-1.7.3.0/nestlex.c -@@ -1,5 +1,5 @@ - /* source: nestlex.c */ --/* Copyright Gerhard Rieger 2006-2010 */ -+/* Copyright Gerhard Rieger */ - /* Published under the GNU General Public License V.2, see file COPYING */ - - /* a function for lexical scanning of nested character patterns */ -@@ -9,6 +9,17 @@ - - #include "sysincludes.h" - -+static int _nestlex(const char **addr, -+ char **token, -+ ptrdiff_t *len, -+ const char *ends[], -+ const char *hquotes[], -+ const char *squotes[], -+ const char *nests[], -+ bool dropquotes, -+ bool c_esc, -+ bool html_esc -+ ); - - /* sub: scan a string and copy its value to output string - end scanning when an unescaped, unnested string from ends array is found -@@ -33,6 +44,22 @@ int nestlex(const char **addr, /* input - bool c_esc, /* solve C char escapes: \n \t \0 etc */ - bool html_esc /* solve HTML char escapes: %0d %08 etc */ - ) { -+ return -+ _nestlex(addr, token, (ptrdiff_t *)len, ends, hquotes, squotes, nests, -+ dropquotes, c_esc, html_esc); -+} -+ -+static int _nestlex(const char **addr, -+ char **token, -+ ptrdiff_t *len, -+ const char *ends[], -+ const char *hquotes[], -+ const char *squotes[], -+ const char *nests[], -+ bool dropquotes, -+ bool c_esc, -+ bool html_esc -+ ) { - const char *in = *addr; /* pointer into input string */ - const char **endx; /* loops over end patterns */ - const char **quotx; /* loops over quote patterns */ -@@ -77,16 +104,18 @@ int nestlex(const char **addr, /* input - if (--*len <= 0) { *addr = in; *token = out; return -1; } - } - } -- /* we call nestlex recursively */ -+ /* we call _nestlex recursively */ - endnest[0] = *quotx; - endnest[1] = NULL; - result = -- nestlex(&in, &out, len, endnest, NULL/*hquotes*/, -+ _nestlex(&in, &out, len, endnest, NULL/*hquotes*/, - NULL/*squotes*/, NULL/*nests*/, - false, c_esc, html_esc); - if (result == 0 && dropquotes) { - /* we strip this quote */ - in += strlen(*quotx); -+ } else if (result < 0) { -+ *addr = in; *token = out; return result; - } else { - /* we copy the trailing quote */ - for (i = strlen(*quotx); i > 0; --i) { -@@ -110,7 +139,7 @@ int nestlex(const char **addr, /* input - if (!strncmp(in, *quotx, strlen(*quotx))) { - /* this quote pattern matches */ - /* we strip this quote */ -- /* we call nestlex recursively */ -+ /* we call _nestlex recursively */ - const char *endnest[2]; - if (dropquotes) { - /* we strip this quote */ -@@ -124,13 +153,15 @@ int nestlex(const char **addr, /* input - endnest[0] = *quotx; - endnest[1] = NULL; - result = -- nestlex(&in, &out, len, endnest, hquotes, -+ _nestlex(&in, &out, len, endnest, hquotes, - squotes, nests, - false, c_esc, html_esc); - - if (result == 0 && dropquotes) { - /* we strip the trailing quote */ - in += strlen(*quotx); -+ } else if (result < 0) { -+ *addr = in; *token = out; return result; - } else { - /* we copy the trailing quote */ - for (i = strlen(*quotx); i > 0; --i) { -@@ -162,7 +193,7 @@ int nestlex(const char **addr, /* input - } - - result = -- nestlex(&in, &out, len, endnest, hquotes, squotes, nests, -+ _nestlex(&in, &out, len, endnest, hquotes, squotes, nests, - false, c_esc, html_esc); - if (result == 0) { - /* copy endnest */ -@@ -175,6 +206,8 @@ int nestlex(const char **addr, /* input - } - --i; - } -+ } else if (result < 0) { -+ *addr = in; *token = out; return result; - } - break; - } -@@ -211,7 +244,7 @@ int nestlex(const char **addr, /* input - } - *out++ = c; - --*len; -- if (*len == 0) { -+ if (*len <= 0) { - *addr = in; - *token = out; - return -1; /* output overflow */ -@@ -222,7 +255,7 @@ int nestlex(const char **addr, /* input - /* just a simple char */ - *out++ = c; - --*len; -- if (*len == 0) { -+ if (*len <= 0) { - *addr = in; - *token = out; - return -1; /* output overflow */ -Index: socat-1.7.3.0/nestlex.h -=================================================================== ---- socat-1.7.3.0.orig/nestlex.h -+++ socat-1.7.3.0/nestlex.h -@@ -1,5 +1,5 @@ - /* source: nestlex.h */ --/* Copyright Gerhard Rieger 2006 */ -+/* Copyright Gerhard Rieger */ - /* Published under the GNU General Public License V.2, see file COPYING */ - - #ifndef __nestlex_h_included -Index: socat-1.7.3.0/socat.spec -=================================================================== ---- socat-1.7.3.0.orig/socat.spec -+++ socat-1.7.3.0/socat.spec -@@ -1,6 +1,6 @@ - - %define majorver 1.7 --%define minorver 3.0 -+%define minorver 3.1 - - Summary: socat - multipurpose relay - Name: socat -Index: socat-1.7.3.0/test.sh -=================================================================== ---- socat-1.7.3.0.orig/test.sh -+++ socat-1.7.3.0/test.sh -@@ -2266,8 +2266,8 @@ gentestcert () { - gentestdsacert () { - local name="$1" - if [ -s $name.key -a -s $name.crt -a -s $name.pem ]; then return; fi -- openssl dsaparam -out $name-dsa.pem 512 >/dev/null 2>&1 -- openssl dhparam -dsaparam -out $name-dh.pem 512 >/dev/null 2>&1 -+ openssl dsaparam -out $name-dsa.pem 1024 >/dev/null 2>&1 -+ openssl dhparam -dsaparam -out $name-dh.pem 1024 >/dev/null 2>&1 - openssl req -newkey dsa:$name-dsa.pem -keyout $name.key -nodes -x509 -config $TESTCERT_CONF -out $name.crt -days 3653 >/dev/null 2>&1 - cat $name-dsa.pem $name-dh.pem $name.key $name.crt >$name.pem - } -@@ -10973,6 +10973,42 @@ CMD0="$TRACE $SOCAT $opts OPENSSL:localh - printf "test $F_n $TEST... " $N - $CMD0 </dev/null 1>&0 2>"${te}0" - rc0=$? -+if [ $rc0 -lt 128 ] || [ $rc0 -eq 255 ]; then -+ $PRINTF "$OK\n" -+ numOK=$((numOK+1)) -+else -+ $PRINTF "$FAILED\n" -+ echo "$CMD0" -+ cat "${te}0" -+ numFAIL=$((numFAIL+1)) -+ listFAIL="$listFAIL $N" -+fi -+fi # NUMCOND -+ ;; -+esac -+PORT=$((PORT+1)) -+N=$((N+1)) -+ -+# socat up to 1.7.3.0 had a stack overflow vulnerability that occurred when -+# command line arguments (whole addresses, host names, file names) were longer -+# than 512 bytes and specially crafted. -+NAME=NESTEDOVFL -+case "$TESTS" in -+*%$N%*|*%functions%*|*%bugs%*|*%security%*|*%exec%*|*%$NAME%*) -+TEST="$NAME: stack overflow on overly long nested arg" -+# provide a long host name to TCP-CONNECT and check socats exit code -+if ! eval $NUMCOND; then :; else -+tf="$td/test$N.stdout" -+te="$td/test$N.stderr" -+tdiff="$td/test$N.diff" -+da="test$N $(date) $RANDOM" -+# prepare long data - perl might not be installed -+rm -f "$td/test$N.dat" -+i=0; while [ $i -lt 64 ]; do echo -n "AAAAAAAAAAAAAAAA" >>"$td/test$N.dat"; i=$((i+1)); done -+CMD0="$TRACE $SOCAT $opts EXEC:[$(cat "$td/test$N.dat")] STDIO" -+printf "test $F_n $TEST... " $N -+$CMD0 </dev/null 1>&0 2>"${te}0" -+rc0=$? - if [ $rc0 -lt 128 ] || [ $rc0 -eq 255 ]; then - $PRINTF "$OK\n" - numOK=$((numOK+1)) -Index: socat-1.7.3.0/xio-openssl.c -=================================================================== ---- socat-1.7.3.0.orig/xio-openssl.c -+++ socat-1.7.3.0/xio-openssl.c -@@ -912,20 +912,27 @@ int - } - - { -- static unsigned char dh1024_p[] = { -- 0xCC,0x17,0xF2,0xDC,0x96,0xDF,0x59,0xA4,0x46,0xC5,0x3E,0x0E, -- 0xB8,0x26,0x55,0x0C,0xE3,0x88,0xC1,0xCE,0xA7,0xBC,0xB3,0xBF, -- 0x16,0x94,0xD8,0xA9,0x45,0xA2,0xCE,0xA9,0x5B,0x22,0x25,0x5F, -- 0x92,0x59,0x94,0x1C,0x22,0xBF,0xCB,0xC8,0xC8,0x57,0xCB,0xBF, -- 0xBC,0x0E,0xE8,0x40,0xF9,0x87,0x03,0xBF,0x60,0x9B,0x08,0xC6, -- 0x8E,0x99,0xC6,0x05,0xFC,0x00,0xD6,0x6D,0x90,0xA8,0xF5,0xF8, -- 0xD3,0x8D,0x43,0xC8,0x8F,0x7A,0xBD,0xBB,0x28,0xAC,0x04,0x69, -- 0x4A,0x0B,0x86,0x73,0x37,0xF0,0x6D,0x4F,0x04,0xF6,0xF5,0xAF, -- 0xBF,0xAB,0x8E,0xCE,0x75,0x53,0x4D,0x7F,0x7D,0x17,0x78,0x0E, -- 0x12,0x46,0x4A,0xAF,0x95,0x99,0xEF,0xBC,0xA6,0xC5,0x41,0x77, -- 0x43,0x7A,0xB9,0xEC,0x8E,0x07,0x3C,0x6D, -+ static unsigned char dh2048_p[] = { -+ 0x00,0xdc,0x21,0x64,0x56,0xbd,0x9c,0xb2,0xac,0xbe,0xc9,0x98,0xef,0x95,0x3e, -+ 0x26,0xfa,0xb5,0x57,0xbc,0xd9,0xe6,0x75,0xc0,0x43,0xa2,0x1c,0x7a,0x85,0xdf, -+ 0x34,0xab,0x57,0xa8,0xf6,0xbc,0xf6,0x84,0x7d,0x05,0x69,0x04,0x83,0x4c,0xd5, -+ 0x56,0xd3,0x85,0x09,0x0a,0x08,0xff,0xb5,0x37,0xa1,0xa3,0x8a,0x37,0x04,0x46, -+ 0xd2,0x93,0x31,0x96,0xf4,0xe4,0x0d,0x9f,0xbd,0x3e,0x7f,0x9e,0x4d,0xaf,0x08, -+ 0xe2,0xe8,0x03,0x94,0x73,0xc4,0xdc,0x06,0x87,0xbb,0x6d,0xae,0x66,0x2d,0x18, -+ 0x1f,0xd8,0x47,0x06,0x5c,0xcf,0x8a,0xb5,0x00,0x51,0x57,0x9b,0xea,0x1e,0xd8, -+ 0xdb,0x8e,0x3c,0x1f,0xd3,0x2f,0xba,0x1f,0x5f,0x3d,0x15,0xc1,0x3b,0x2c,0x82, -+ 0x42,0xc8,0x8c,0x87,0x79,0x5b,0x38,0x86,0x3a,0xeb,0xfd,0x81,0xa9,0xba,0xf7, -+ 0x26,0x5b,0x93,0xc5,0x3e,0x03,0x30,0x4b,0x00,0x5c,0xb6,0x23,0x3e,0xea,0x94, -+ 0xc3,0xb4,0x71,0xc7,0x6e,0x64,0x3b,0xf8,0x92,0x65,0xad,0x60,0x6c,0xd4,0x7b, -+ 0xa9,0x67,0x26,0x04,0xa8,0x0a,0xb2,0x06,0xeb,0xe0,0x7d,0x90,0xdd,0xdd,0xf5, -+ 0xcf,0xb4,0x11,0x7c,0xab,0xc1,0xa3,0x84,0xbe,0x27,0x77,0xc7,0xde,0x20,0x57, -+ 0x66,0x47,0xa7,0x35,0xfe,0x0d,0x6a,0x1c,0x52,0xb8,0x58,0xbf,0x26,0x33,0x81, -+ 0x5e,0xb7,0xa9,0xc0,0xee,0x58,0x11,0x74,0x86,0x19,0x08,0x89,0x1c,0x37,0x0d, -+ 0x52,0x47,0x70,0x75,0x8b,0xa8,0x8b,0x30,0x11,0x71,0x36,0x62,0xf0,0x73,0x41, -+ 0xee,0x34,0x9d,0x0a,0x2b,0x67,0x4e,0x6a,0xa3,0xe2,0x99,0x92,0x1b,0xf5,0x32, -+ 0x73,0x63 - }; -- static unsigned char dh1024_g[] = { -+ static unsigned char dh2048_g[] = { - 0x02, - }; - DH *dh; -@@ -938,8 +945,8 @@ int - } - Error("DH_new() failed"); - } else { -- dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL); -- dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL); -+ dh->p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL); -+ dh->g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL); - if ((dh->p == NULL) || (dh->g == NULL)) { - while (err = ERR_get_error()) { - Warn1("BN_bin2bn(): %s", diff --git a/yocto-poky/meta/recipes-connectivity/socat/socat_1.7.3.0.bb b/yocto-poky/meta/recipes-connectivity/socat/socat_1.7.3.1.bb index 6d76d0fd0..6da9a17b3 100644 --- a/yocto-poky/meta/recipes-connectivity/socat/socat_1.7.3.0.bb +++ b/yocto-poky/meta/recipes-connectivity/socat/socat_1.7.3.1.bb @@ -14,11 +14,12 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ SRC_URI = "http://www.dest-unreach.org/socat/download/socat-${PV}.tar.bz2 \ file://Makefile.in-fix-for-parallel-build.patch \ - file://CVE-2016-2217.patch \ + file://0001-define-NETDB_INTERNAL-to-1-if-not-available.patch \ + file://0001-Access-c_ispeed-and-c_ospeed-via-APIs.patch \ " -SRC_URI[md5sum] = "b607edb65bc6c57f4a43f06247504274" -SRC_URI[sha256sum] = "0767e850c0329b9fdf711c6cd468565cbbb28786ba1a8a1cbd5531d4016b3e04" +SRC_URI[md5sum] = "334e46924f2b386299c9db2ac22bcd36" +SRC_URI[sha256sum] = "d2da659540c38139f388e9437bfaae16bb458d174d056cb3228432a8f489fbaa" inherit autotools diff --git a/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools/wireless-tools.if-pre-up b/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools/wireless-tools.if-pre-up deleted file mode 100755 index 2518a5c83..000000000 --- a/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools/wireless-tools.if-pre-up +++ /dev/null @@ -1,122 +0,0 @@ -#!/bin/sh - -case "$METHOD" in loopback) exit 0 ;; esac - -IWCONFIG=/sbin/iwconfig -IWPRIV=/sbin/iwpriv - -if [ ! -x $IWCONFIG ]; then - exit 0 -fi - -# Detect and do nothing for linux-wlan-ng interfaces; -# which are configured by thier own if-pre-up script. -if [ -n "$IF_WIRELESS_TYPE" -a "$IF_WIRELESS_TYPE" = "wlan-ng" ]; then - exit 0 -fi - -if [ -n "$IF_NEEDS_RESET" ]; then - $IWPRIV "$IFACE" reset 1 - sleep 1 -fi - -if [ -n "$IF_NEEDS_FIRMWARE" ]; then - $IF_NEEDS_FIRMWARE "$IFACE" -fi - -if [ -n "$IF_WIRELESS_SENS" ]; then - $IWCONFIG "$IFACE" sens $IF_WIRELESS_SENS -fi - -if [ -n "$IF_WIRELESS_RATE" ]; then - $IWCONFIG "$IFACE" rate $IF_WIRELESS_RATE -fi - -if [ -n "$IF_WIRELESS_RTS" ]; then - $IWCONFIG "$IFACE" rts $IF_WIRELESS_RTS -fi - -if [ -n "$IF_WIRELESS_FRAG" ]; then - $IWCONFIG "$IFACE" frag $IF_WIRELESS_FRAG -fi - -if [ -n "$IF_WIRELESS_POWER" ]; then - $IWCONFIG "$IFACE" power $IF_WIRELESS_POWER -fi - -if [ -n "$IF_WIRELESS_POWERPERIOD" ]; then - $IWCONFIG "$IFACE" power period $IF_WIRELESS_POWERPERIOD -fi - -if [ -n "$IF_WIRELESS_POWERTIMEOUT" ]; then - $IWCONFIG "$IFACE" power timeout $IF_WIRELESS_POWERTIMEOUT -fi - -if [ -n "$IF_WIRELESS_TXPOWER" ]; then - $IWCONFIG "$IFACE" txpower $IF_WIRELESS_TXPOWER -fi - -if [ -n "$IF_WIRELESS_RETRY" ]; then - $IWCONFIG "$IFACE" retry $IF_WIRELESS_RETRY -fi - -if [ -n "$IF_WIRELESS_NICK" ]; then - $IWCONFIG "$IFACE" nick "$IF_WIRELESS_NICK" -fi - -if [ -n "$IF_WIRELESS_NWID" ]; then - $IWCONFIG "$IFACE" nwid "$IF_WIRELESS_NWID" -fi - -if [ -n "$IF_WIRELESS_ENC" ]; then - eval $IWCONFIG "$IFACE" enc $IF_WIRELESS_ENC -fi - -if [ -n "$IF_WIRELESS_KEY" ]; then - eval $IWCONFIG "$IFACE" key $IF_WIRELESS_KEY -fi - -if [ -n "$IF_WIRELESS_KEY1" ]; then - $IWCONFIG "$IFACE" key [1] "$IF_WIRELESS_KEY1" -fi - -if [ -n "$IF_WIRELESS_KEY2" ]; then - $IWCONFIG "$IFACE" key [2] "$IF_WIRELESS_KEY2" -fi - -if [ -n "$IF_WIRELESS_KEY3" ]; then - $IWCONFIG "$IFACE" key [3] "$IF_WIRELESS_KEY3" -fi - -if [ -n "$IF_WIRELESS_KEY4" ]; then - $IWCONFIG "$IFACE" key [4] "$IF_WIRELESS_KEY4" -fi - -if [ -n "$IF_WIRELESS_DEFAULTKEY" ]; then - $IWCONFIG "$IFACE" key ["$IF_WIRELESS_DEFAULTKEY"] -fi - -if [ -n "$IF_WIRELESS_KEYMODE" ]; then - $IWCONFIG "$IFACE" key "$IF_WIRELESS_KEYMODE" -fi - -if [ -n "$IF_WIRELESS_MODE" ]; then - $IWCONFIG "$IFACE" mode $IF_WIRELESS_MODE -fi - -if [ -n "$IF_WIRELESS_FREQ" ]; then - $IWCONFIG "$IFACE" freq $IF_WIRELESS_FREQ -fi - -if [ -n "$IF_WIRELESS_CHANNEL" ]; then - $IWCONFIG "$IFACE" channel $IF_WIRELESS_CHANNEL -fi - -if [ -n "$IF_WIRELESS_ESSID" ]; then - $IWCONFIG "$IFACE" essid "$IF_WIRELESS_ESSID" -fi - -if [ -n "$IF_WIRELESS_COMMIT" ]; then - $IWCONFIG "$IFACE" commit -fi - diff --git a/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools/zzz-wireless.if-pre-up b/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools/zzz-wireless.if-pre-up deleted file mode 100644 index 4c8e95bf2..000000000 --- a/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools/zzz-wireless.if-pre-up +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh -# -# /etc/network/if-pre-up.d/zzz-wireless -# by Stefan Tomanek (stefan@pico.ruhr.de) - - -IWCONFIG=/sbin/iwconfig -IFCONFIG=/sbin/ifconfig -GREP=/bin/grep -LOGGER=/usr/bin/logger -SLEEP=/bin/sleep - -# How long do we wait for association? -RETRIES=15 -SLEEPTIME=1 - -# Only sleep if we use DHCP (add others methods seperated by spaces) -ONLY_FOR="static dhcp" - -if [ -z "$IF_WIRELESS_TYPE" ] && echo "$ONLY_FOR" | grep -q "$METHOD" ; then - $IFCONFIG $IFACE up - $LOGGER Checking for WLAN association... - while ( [ $RETRIES -gt 0 ] && ($IWCONFIG "$IFACE" | $GREP -q "Access Point: Not-Associated") ); do - $LOGGER No association yet, $RETRIES retries until timeout - RETRIES=$(($RETRIES-1)) - $SLEEP $SLEEPTIME - done - - if [ $RETRIES -eq 0 ]; then - $LOGGER Timeout waiting for association, continuing anyway... - else - $LOGGER Found association! - fi -fi diff --git a/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb b/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb index 26ecdf3b4..c3b8f665b 100644 --- a/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb +++ b/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb @@ -9,8 +9,6 @@ SECTION = "base" PE = "1" SRC_URI = "http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/wireless_tools.${PV}.tar.gz \ - file://wireless-tools.if-pre-up \ - file://zzz-wireless.if-pre-up \ file://remove.ldconfig.call.patch \ file://man.patch \ file://avoid_strip.patch \ @@ -19,6 +17,9 @@ SRC_URI = "http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/wireless_tools.$ SRC_URI[md5sum] = "ca91ba7c7eff9bfff6926b1a34a4697d" SRC_URI[sha256sum] = "abd9c5c98abf1fdd11892ac2f8a56737544fe101e1be27c6241a564948f34c63" +UPSTREAM_CHECK_URI = "http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Tools.html" +UPSTREAM_CHECK_REGEX = "wireless_tools\.(?P<pver>(\d+)(\..*|))\.tar\.gz" + S = "${WORKDIR}/wireless_tools.30" CFLAGS =+ "-I${S}" @@ -36,17 +37,10 @@ do_install() { oe_runmake PREFIX=${D} install-iwmulticall install-dynamic install-man install-hdr install -d ${D}${sbindir} install -m 0755 ifrename ${D}${sbindir}/ifrename - # Disabled by RP - 20/8/08 - We don't seem to need/use these - #install -d ${D}${sysconfdir}/network/if-pre-up.d - #install ${WORKDIR}/wireless-tools.if-pre-up ${D}${sysconfdir}/network/if-pre-up.d/wireless-tools - #install ${WORKDIR}/zzz-wireless.if-pre-up ${D}${sysconfdir}/network/if-pre-up.d/zzz-wireless } -PACKAGES = "libiw-dbg ifrename-dbg ${PN}-dbg \ -libiw libiw-dev libiw-doc ifrename-doc ifrename ${PN} ${PN}-doc" +PACKAGES = "libiw libiw-dev libiw-doc ifrename-doc ifrename ${PN} ${PN}-doc ${PN}-dbg" -FILES_libiw-dbg = "${libdir}/.debug/*.so.*" -FILES_ifrename-dbg = "${sbindir}/.debug/ifrename" FILES_libiw = "${libdir}/*.so.*" FILES_libiw-dev = "${libdir}/*.a ${libdir}/*.so ${includedir}" FILES_libiw-doc = "${mandir}/man7" diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch deleted file mode 100644 index 882674fe5..000000000 --- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch +++ /dev/null @@ -1,45 +0,0 @@ -Upstream-Status: Backport - -Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> - -From ef566a4d4f74022e1fdb0a2addfe81e6de9f4aae Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <j@w1.fi> -Date: Wed, 29 Apr 2015 02:21:53 +0300 -Subject: [PATCH] AP WMM: Fix integer underflow in WMM Action frame parser - -The length of the WMM Action frame was not properly validated and the -length of the information elements (int left) could end up being -negative. This would result in reading significantly past the stack -buffer while parsing the IEs in ieee802_11_parse_elems() and while doing -so, resulting in segmentation fault. - -This can result in an invalid frame being used for a denial of service -attack (hostapd process killed) against an AP with a driver that uses -hostapd for management frame processing (e.g., all mac80211-based -drivers). - -Thanks to Kostya Kortchinsky of Google security team for discovering and -reporting this issue. - -Signed-off-by: Jouni Malinen <j@w1.fi> ---- - src/ap/wmm.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/src/ap/wmm.c b/src/ap/wmm.c -index 6d4177c..314e244 100644 ---- a/src/ap/wmm.c -+++ b/src/ap/wmm.c -@@ -274,6 +274,9 @@ void hostapd_wmm_action(struct hostapd_data *hapd, - return; - } - -+ if (left < 0) -+ return; /* not a valid WMM Action frame */ -+ - /* extract the tspec info element */ - if (ieee802_11_parse_elems(pos, left, &elems, 1) == ParseFailed) { - hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211, --- -1.9.1 - diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch deleted file mode 100644 index a2bafc8c4..000000000 --- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch +++ /dev/null @@ -1,77 +0,0 @@ -Upstream-Status: Backport - -Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> - -From dd2f043c9c43d156494e33d7ce22db96e6ef42c7 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <j@w1.fi> -Date: Fri, 1 May 2015 16:37:45 +0300 -Subject: [PATCH 1/5] EAP-pwd peer: Fix payload length validation for Commit - and Confirm - -The length of the received Commit and Confirm message payloads was not -checked before reading them. This could result in a buffer read -overflow when processing an invalid message. - -Fix this by verifying that the payload is of expected length before -processing it. In addition, enforce correct state transition sequence to -make sure there is no unexpected behavior if receiving a Commit/Confirm -message before the previous exchanges have been completed. - -Thanks to Kostya Kortchinsky of Google security team for discovering and -reporting this issue. - -Signed-off-by: Jouni Malinen <j@w1.fi> ---- - src/eap_peer/eap_pwd.c | 29 +++++++++++++++++++++++++++++ - 1 file changed, 29 insertions(+) - -diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c -index f2b0926..a629437 100644 ---- a/src/eap_peer/eap_pwd.c -+++ b/src/eap_peer/eap_pwd.c -@@ -355,6 +355,23 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data, - BIGNUM *mask = NULL, *x = NULL, *y = NULL, *cofactor = NULL; - u16 offset; - u8 *ptr, *scalar = NULL, *element = NULL; -+ size_t prime_len, order_len; -+ -+ if (data->state != PWD_Commit_Req) { -+ ret->ignore = TRUE; -+ goto fin; -+ } -+ -+ prime_len = BN_num_bytes(data->grp->prime); -+ order_len = BN_num_bytes(data->grp->order); -+ -+ if (payload_len != 2 * prime_len + order_len) { -+ wpa_printf(MSG_INFO, -+ "EAP-pwd: Unexpected Commit payload length %u (expected %u)", -+ (unsigned int) payload_len, -+ (unsigned int) (2 * prime_len + order_len)); -+ goto fin; -+ } - - if (((data->private_value = BN_new()) == NULL) || - ((data->my_element = EC_POINT_new(data->grp->group)) == NULL) || -@@ -554,6 +571,18 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data, - u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr; - int offset; - -+ if (data->state != PWD_Confirm_Req) { -+ ret->ignore = TRUE; -+ goto fin; -+ } -+ -+ if (payload_len != SHA256_MAC_LEN) { -+ wpa_printf(MSG_INFO, -+ "EAP-pwd: Unexpected Confirm payload length %u (expected %u)", -+ (unsigned int) payload_len, SHA256_MAC_LEN); -+ goto fin; -+ } -+ - /* - * first build up the ciphersuite which is group | random_function | - * prf --- -1.9.1 - diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch deleted file mode 100644 index e108a931c..000000000 --- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 9ed4eee345f85e3025c33c6e20aa25696e341ccd Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <jouni@qca.qualcomm.com> -Date: Tue, 7 Apr 2015 11:32:11 +0300 -Subject: [PATCH] P2P: Validate SSID element length before copying it - (CVE-2015-1863) - -This fixes a possible memcpy overflow for P2P dev->oper_ssid in -p2p_add_device(). The length provided by the peer device (0..255 bytes) -was used without proper bounds checking and that could have resulted in -arbitrary data of up to 223 bytes being written beyond the end of the -dev->oper_ssid[] array (of which about 150 bytes would be beyond the -heap allocation) when processing a corrupted management frame for P2P -peer discovery purposes. - -This could result in corrupted state in heap, unexpected program -behavior due to corrupted P2P peer device information, denial of service -due to process crash, exposure of memory contents during GO Negotiation, -and potentially arbitrary code execution. - -Thanks to Google security team for reporting this issue and smart -hardware research group of Alibaba security team for discovering it. - -Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com> - -Upstream-Status: Backport - -Signed-off-by: Yue Tao <yue.tao@windriver.com> - ---- - src/p2p/p2p.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c -index f584fae..a45fe73 100644 ---- a/src/p2p/p2p.c -+++ b/src/p2p/p2p.c -@@ -778,6 +778,7 @@ int p2p_add_device(struct p2p_data *p2p, const u8 *addr, int freq, - if (os_memcmp(addr, p2p_dev_addr, ETH_ALEN) != 0) - os_memcpy(dev->interface_addr, addr, ETH_ALEN); - if (msg.ssid && -+ msg.ssid[1] <= sizeof(dev->oper_ssid) && - (msg.ssid[1] != P2P_WILDCARD_SSID_LEN || - os_memcmp(msg.ssid + 2, P2P_WILDCARD_SSID, P2P_WILDCARD_SSID_LEN) - != 0)) { --- -1.7.9.5 - diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch deleted file mode 100644 index 2568ea112..000000000 --- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch +++ /dev/null @@ -1,53 +0,0 @@ -Upstream-Status: Backport - -Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> - -From 5acd23f4581da58683f3cf5e36cb71bbe4070bd7 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <j@w1.fi> -Date: Tue, 28 Apr 2015 17:08:33 +0300 -Subject: [PATCH] WPS: Fix HTTP chunked transfer encoding parser - -strtoul() return value may end up overflowing the int h->chunk_size and -resulting in a negative value to be stored as the chunk_size. This could -result in the following memcpy operation using a very large length -argument which would result in a buffer overflow and segmentation fault. - -This could have been used to cause a denial service by any device that -has been authorized for network access (either wireless or wired). This -would affect both the WPS UPnP functionality in a WPS AP (hostapd with -upnp_iface parameter set in the configuration) and WPS ER -(wpa_supplicant with WPS_ER_START control interface command used). - -Validate the parsed chunk length value to avoid this. In addition to -rejecting negative values, we can also reject chunk size that would be -larger than the maximum configured body length. - -Thanks to Kostya Kortchinsky of Google security team for discovering and -reporting this issue. - -Signed-off-by: Jouni Malinen <j@w1.fi> ---- - src/wps/httpread.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/src/wps/httpread.c b/src/wps/httpread.c -index 2f08f37..d2855e3 100644 ---- a/src/wps/httpread.c -+++ b/src/wps/httpread.c -@@ -533,6 +533,13 @@ static void httpread_read_handler(int sd, void *eloop_ctx, void *sock_ctx) - if (!isxdigit(*cbp)) - goto bad; - h->chunk_size = strtoul(cbp, NULL, 16); -+ if (h->chunk_size < 0 || -+ h->chunk_size > h->max_bytes) { -+ wpa_printf(MSG_DEBUG, -+ "httpread: Invalid chunk size %d", -+ h->chunk_size); -+ goto bad; -+ } - /* throw away chunk header - * so we have only real data - */ --- -1.9.1 - diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch deleted file mode 100644 index c477c2f93..000000000 --- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch +++ /dev/null @@ -1,70 +0,0 @@ -Upstream-Status: Backport - -Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> - -From e28a58be26184c2a23f80b410e0997ef1bd5d578 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <j@w1.fi> -Date: Fri, 1 May 2015 16:40:44 +0300 -Subject: [PATCH 2/5] EAP-pwd server: Fix payload length validation for Commit - and Confirm - -The length of the received Commit and Confirm message payloads was not -checked before reading them. This could result in a buffer read -overflow when processing an invalid message. - -Fix this by verifying that the payload is of expected length before -processing it. In addition, enforce correct state transition sequence to -make sure there is no unexpected behavior if receiving a Commit/Confirm -message before the previous exchanges have been completed. - -Thanks to Kostya Kortchinsky of Google security team for discovering and -reporting this issue. - -Signed-off-by: Jouni Malinen <j@w1.fi> ---- - src/eap_server/eap_server_pwd.c | 19 +++++++++++++++++++ - 1 file changed, 19 insertions(+) - -diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c -index 66bd5d2..3189105 100644 ---- a/src/eap_server/eap_server_pwd.c -+++ b/src/eap_server/eap_server_pwd.c -@@ -656,9 +656,21 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data, - BIGNUM *x = NULL, *y = NULL, *cofactor = NULL; - EC_POINT *K = NULL, *point = NULL; - int res = 0; -+ size_t prime_len, order_len; - - wpa_printf(MSG_DEBUG, "EAP-pwd: Received commit response"); - -+ prime_len = BN_num_bytes(data->grp->prime); -+ order_len = BN_num_bytes(data->grp->order); -+ -+ if (payload_len != 2 * prime_len + order_len) { -+ wpa_printf(MSG_INFO, -+ "EAP-pwd: Unexpected Commit payload length %u (expected %u)", -+ (unsigned int) payload_len, -+ (unsigned int) (2 * prime_len + order_len)); -+ goto fin; -+ } -+ - if (((data->peer_scalar = BN_new()) == NULL) || - ((data->k = BN_new()) == NULL) || - ((cofactor = BN_new()) == NULL) || -@@ -774,6 +786,13 @@ eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data, - u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr; - int offset; - -+ if (payload_len != SHA256_MAC_LEN) { -+ wpa_printf(MSG_INFO, -+ "EAP-pwd: Unexpected Confirm payload length %u (expected %u)", -+ (unsigned int) payload_len, SHA256_MAC_LEN); -+ goto fin; -+ } -+ - /* build up the ciphersuite: group | random_function | prf */ - grp = htons(data->group_num); - ptr = (u8 *) &cs; --- -1.9.1 - diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch deleted file mode 100644 index e46ce436e..000000000 --- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch +++ /dev/null @@ -1,56 +0,0 @@ -Upstream-Status: Backport - -Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> - -From 477c74395acd0123340457ba6f15ab345d42016e Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <j@w1.fi> -Date: Sat, 2 May 2015 19:23:04 +0300 -Subject: [PATCH 3/5] EAP-pwd peer: Fix Total-Length parsing for fragment - reassembly - -The remaining number of bytes in the message could be smaller than the -Total-Length field size, so the length needs to be explicitly checked -prior to reading the field and decrementing the len variable. This could -have resulted in the remaining length becoming negative and interpreted -as a huge positive integer. - -In addition, check that there is no already started fragment in progress -before allocating a new buffer for reassembling fragments. This avoid a -potential memory leak when processing invalid message. - -Signed-off-by: Jouni Malinen <j@w1.fi> ---- - src/eap_peer/eap_pwd.c | 12 ++++++++++++ - 1 file changed, 12 insertions(+) - -diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c -index a629437..1d2079b 100644 ---- a/src/eap_peer/eap_pwd.c -+++ b/src/eap_peer/eap_pwd.c -@@ -866,11 +866,23 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret, - * if it's the first fragment there'll be a length field - */ - if (EAP_PWD_GET_LENGTH_BIT(lm_exch)) { -+ if (len < 2) { -+ wpa_printf(MSG_DEBUG, -+ "EAP-pwd: Frame too short to contain Total-Length field"); -+ ret->ignore = TRUE; -+ return NULL; -+ } - tot_len = WPA_GET_BE16(pos); - wpa_printf(MSG_DEBUG, "EAP-pwd: Incoming fragments whose " - "total length = %d", tot_len); - if (tot_len > 15000) - return NULL; -+ if (data->inbuf) { -+ wpa_printf(MSG_DEBUG, -+ "EAP-pwd: Unexpected new fragment start when previous fragment is still in use"); -+ ret->ignore = TRUE; -+ return NULL; -+ } - data->inbuf = wpabuf_alloc(tot_len); - if (data->inbuf == NULL) { - wpa_printf(MSG_INFO, "Out of memory to buffer " --- -1.9.1 - diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch deleted file mode 100644 index a4c02b474..000000000 --- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch +++ /dev/null @@ -1,54 +0,0 @@ -Upstream-Status: Backport - -Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> - -From 3035cc2894e08319b905bd6561e8bddc8c2db9fa Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <j@w1.fi> -Date: Sat, 2 May 2015 19:26:06 +0300 -Subject: [PATCH 4/5] EAP-pwd server: Fix Total-Length parsing for fragment - reassembly - -The remaining number of bytes in the message could be smaller than the -Total-Length field size, so the length needs to be explicitly checked -prior to reading the field and decrementing the len variable. This could -have resulted in the remaining length becoming negative and interpreted -as a huge positive integer. - -In addition, check that there is no already started fragment in progress -before allocating a new buffer for reassembling fragments. This avoid a -potential memory leak when processing invalid message. - -Signed-off-by: Jouni Malinen <j@w1.fi> ---- - src/eap_server/eap_server_pwd.c | 10 ++++++++++ - 1 file changed, 10 insertions(+) - -diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c -index 3189105..2bfc3c2 100644 ---- a/src/eap_server/eap_server_pwd.c -+++ b/src/eap_server/eap_server_pwd.c -@@ -942,11 +942,21 @@ static void eap_pwd_process(struct eap_sm *sm, void *priv, - * the first fragment has a total length - */ - if (EAP_PWD_GET_LENGTH_BIT(lm_exch)) { -+ if (len < 2) { -+ wpa_printf(MSG_DEBUG, -+ "EAP-pwd: Frame too short to contain Total-Length field"); -+ return; -+ } - tot_len = WPA_GET_BE16(pos); - wpa_printf(MSG_DEBUG, "EAP-pwd: Incoming fragments, total " - "length = %d", tot_len); - if (tot_len > 15000) - return; -+ if (data->inbuf) { -+ wpa_printf(MSG_DEBUG, -+ "EAP-pwd: Unexpected new fragment start when previous fragment is still in use"); -+ return; -+ } - data->inbuf = wpabuf_alloc(tot_len); - if (data->inbuf == NULL) { - wpa_printf(MSG_INFO, "EAP-pwd: Out of memory to " --- -1.9.1 - diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch deleted file mode 100644 index 407360073..000000000 --- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch +++ /dev/null @@ -1,36 +0,0 @@ -Upstream-Status: Backport - -Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> - -From 28a069a545b06b99eb55ad53f63f2c99e65a98f6 Mon Sep 17 00:00:00 2001 -From: Jouni Malinen <j@w1.fi> -Date: Sat, 2 May 2015 19:26:28 +0300 -Subject: [PATCH 5/5] EAP-pwd peer: Fix asymmetric fragmentation behavior - -The L (Length) and M (More) flags needs to be cleared before deciding -whether the locally generated response requires fragmentation. This -fixes an issue where these flags from the server could have been invalid -for the following message. In some cases, this could have resulted in -triggering the wpabuf security check that would terminate the process -due to invalid buffer allocation. - -Signed-off-by: Jouni Malinen <j@w1.fi> ---- - src/eap_peer/eap_pwd.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c -index 1d2079b..e58b13a 100644 ---- a/src/eap_peer/eap_pwd.c -+++ b/src/eap_peer/eap_pwd.c -@@ -968,6 +968,7 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret, - /* - * we have output! Do we need to fragment it? - */ -+ lm_exch = EAP_PWD_GET_EXCHANGE(lm_exch); - len = wpabuf_len(data->outbuf); - if ((len + EAP_PWD_HDR_SIZE) > data->mtu) { - resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_PWD, data->mtu, --- -1.9.1 - diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.4.bb b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb index a124cf21d..935c8afc9 100644 --- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.4.bb +++ b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb @@ -1,16 +1,16 @@ SUMMARY = "Client for Wi-Fi Protected Access (WPA)" -HOMEPAGE = "http://hostap.epitest.fi/wpa_supplicant/" -BUGTRACKER = "http://hostap.epitest.fi/bugz/" +HOMEPAGE = "http://w1.fi/wpa_supplicant/" +BUGTRACKER = "http://w1.fi/security/" SECTION = "network" LICENSE = "BSD" LIC_FILES_CHKSUM = "file://COPYING;md5=36b27801447e0662ee0138d17fe93880 \ file://README;beginline=1;endline=56;md5=7f393579f8b109fe91f3b9765d26c7d3 \ - file://wpa_supplicant/wpa_supplicant.c;beginline=1;endline=12;md5=3430fda79f2ba1dd545f0b3c4d6e4d24 " -DEPENDS = "dbus libnl libgcrypt" + file://wpa_supplicant/wpa_supplicant.c;beginline=1;endline=12;md5=3430fda79f2ba1dd545f0b3c4d6e4d24" +DEPENDS = "dbus libnl" RRECOMMENDS_${PN} = "wpa-supplicant-passphrase wpa-supplicant-cli" PACKAGECONFIG ??= "gnutls" -PACKAGECONFIG[gnutls] = ",,gnutls" +PACKAGECONFIG[gnutls] = ",,gnutls libgcrypt" PACKAGECONFIG[openssl] = ",,openssl" inherit systemd @@ -18,23 +18,15 @@ inherit systemd SYSTEMD_SERVICE_${PN} = "wpa_supplicant.service wpa_supplicant-nl80211@.service wpa_supplicant-wired@.service" SYSTEMD_AUTO_ENABLE = "disable" -SRC_URI = "http://hostap.epitest.fi/releases/wpa_supplicant-${PV}.tar.gz \ +SRC_URI = "http://w1.fi/releases/wpa_supplicant-${PV}.tar.gz \ file://defconfig \ file://wpa-supplicant.sh \ file://wpa_supplicant.conf \ file://wpa_supplicant.conf-sane \ file://99_wpa_supplicant \ - file://0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch \ - file://0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch \ - file://0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch \ - file://0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch \ - file://0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch \ - file://0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch \ - file://0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch \ - file://0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch \ " -SRC_URI[md5sum] = "f0037dbe03897dcaf2ad2722e659095d" -SRC_URI[sha256sum] = "058dc832c096139a059e6df814080f50251a8d313c21b13364c54a1e70109122" +SRC_URI[md5sum] = "96ff75c3a514f1f324560a2376f13110" +SRC_URI[sha256sum] = "cce55bae483b364eae55c35ba567c279be442ed8bab5b80a3c7fb0d057b9b316" S = "${WORKDIR}/wpa_supplicant-${PV}" |
