summaryrefslogtreecommitdiffstats
path: root/yocto-poky/meta/recipes-connectivity
diff options
context:
space:
mode:
authorPatrick Williams <patrick@stwcx.xyz>2016-06-20 12:57:21 -0500
committerPatrick Williams <patrick@stwcx.xyz>2016-06-24 15:22:19 -0500
commitd8c66bc71e9a0303f1d300b9fa59c60dbfe10056 (patch)
tree0d5c0ade4cc7ae9d8df42bcb3ad376d95398465e /yocto-poky/meta/recipes-connectivity
parent353dbdaaa97d78d064f0638221f57311f21f0bb3 (diff)
downloadtalos-openbmc-d8c66bc71e9a0303f1d300b9fa59c60dbfe10056.tar.gz
talos-openbmc-d8c66bc71e9a0303f1d300b9fa59c60dbfe10056.zip
Squashed 'yocto-poky/' changes from b1f23d1..8358e54
Upgrade subtree to Yocto-2.1. 6c1c013 build-appliance-image: Update to krogoth head revision 5f84d65 syslinux.bbclass: Remove APPEND from variable dependency d9dd864 bitbake: toaster-tests: tests for build dashboard 1cf8f21 bitbake: toaster: add modal to select custom image for editing a40a3e6 bitbake: toaster: add build dashboard buttons to edit/create custom images e65c980 bitbake: toaster-tests: make helper click on input before entering text 484cbf8 bitbake: toaster-tests: add tests for new custom image page 437b728 bitbake: toaster: prevent exception when Project.release is null cfc22d3 bitbake: toaster: only prevent duplicate custom image names within a project 3036413 bitbake: toaster: disable/enable "Add layer" button according to input's content 040dbf6 bitbake: toaster: fix sorting after hiding a column in build tables 1b11b79 bitbake: toaster: ensure ToasterTable headings are reset when order by changes 9855840 image.bbclass: The wrong name is being used for the debug filesystem 38c7e2d image_types: Ensure rootfs dependencies cover DEBUGFS 0c3eaa7 syslinux.bbclass: The AUTO_SYSLINUXMENU value needs to be boolean 9c8a049 perf: pass DESTDIR in EXTRA_OEMAKE 9de7324 buildtools-tarball: set INHIBIT_DEFAULT_DEPS ef09105 xf86-video-omapfb: remove EXTRA_OECONF_armv7a c2f7da2 base.bbclass: Introduce PACKAGECONFIG_CONFARGS variable e1c6890 git: update to 2.7.4 98bf7de license.bbclass: do write_deploy_manifest in image postprocessing 519600c devtool: sdk-update: fix handling of UNINATIVE_CHECKSUM changes c7980b6 bitbake: main: fix processing of BBEVENTLOG ee25d0e toasterconf.json: Update for krogoth release b8e5de2 toasterconf.json: Remove fido from supported configurations c59771e toasterconf.json: Update for krogoth release d0bce0b toasterconf.json: Remove fido from supported configurations d25eea3 poky-tiny.conf: set PREFERRED_VERSION_linux-yocto-tiny to 4.4 9f970b6 dev-manual, profile-manual, ref-manual: Purging Oprofile stuff 1d93104 ref-manual: Added description for the testsdk.bbclass. db47094 ref-manual: Updated the remove-libtool.bbclass description. a16eeca ref-manual: Added gobject-introspection.bbclass description. 3e761b4 ref-manual: Added reference for npm.bbclass. 5e50157 ref-manual: Fixed typo in the nopackages.bbclass description f7b68c7 ref-manual: Added description for bash-completion.bbclass ece900a ref-manual: Added nopackages.bbclass description. Fixed stray typo. 9143e9e ref-manual: Added description for the INSTALL_TIMEZONE_FILE variable. 6391dbf ref-manual: Updated the PREFERRED_PROVIDER variable with a note. 6d86f7a ref-manual: Dropped references to the autotools_stage class 4d5ff5e ref-manual, dev-manual: Scrubbed boot-directdisk and bootimg classes cd2aaaa ref-manual: Updated the uninative.bbclass description. e975d26 documentation: Converted "meta-yocto" to "meta-poky" 84452ee bsp-guide: Updated yocto-bsp create example output. e00a62c ref-manual: Added the migration section for 2.1 02db9e6 yocto-project-qs, ref-manual: Upgraded minimum Git requirement 989841f ref-manual: Added rootfs-postcommands class description. d06b343 ref-manual: Updated the EXTRA_OEMAKE variable description. ecb2eb6 dev-manual: Updated "Additional Implementation Details" section 004b939 bitbake: lib/bb/utils: add docstring for contains() 524d04c ca-certificates: support Toybox ecaf12e oetest: make console output more verbose 4946ecf dhcp: CVE-2016-2774 c219c6d buildtools-tarball: fix perl being included when building with ipk 9fe7738 buildtools-tarball.bb: fix unexpected operator ed07f43 lib/oeqa/selftest/base.py: Correct a reference to meta/lib/oeqa/selftest 8953d83 oe-selftest: Correct the usage examples dee47ad devtool: sdk-update: reset git metadata on update 396e64d build-appliance-image: Load TUN at startup 55068b1 default-providers.inc: set openssl PREFERRED_PROVIDER to openssl 74ab080 bind: CVE-2016-2088 d488d78 rpm: Disable __sync_add_and_fetch_8 on nios2 9d2d1ae kernel: fitimage: Fix do_deploy taskhash mismatch 4693593 images: zero out the rootfs_extra_space in initramfs images 8beb671 ext-sdk-prepare.py: exclude do_rm_work from unexpected output; create unit test 0262bc5 bitbake: bitbake-user-manual: Updated the 'bitbake -h' output example. 890ccd3 bitbake: bitbake-user-manual: Updated "Conditional Metadata" section 20a0121 bitbake: bitbake-user-manual: Updated discussion about using "inherit" 9f374c4 bitbake: providers: Add PREFERRED_RPROVIDER support 4b8b110 bitbake: providers: We don't depend on previous build results 8e7282c bitbake: cooker/knotty: Prefix parse logs with filename being parsed 1131303 bitbake: cooker: pass exception to finishAsyncCommand ffa2ca0 fs-perms.txt: fix ROOT_HOME's permission fd66a38 Revert "fs-perms.txt: fix ROOT_HOME's permission" 9ec9557 buildstats: Fix tracebacks for early task failures 7f9d01e default-providers: Update to use PREFERRED_RPROVIDER 76f4bbc oeqa/selftest/sstatetests: fix no-op sstate test 6326812 buildhistory: don't alter SDK creation stamps bb40b5e dhcp: Enable update-rc.d service 27e202f meta/classes/qemu.bbclass: set -cpu of ppce5500/ppce6500 to e500mc 7c5823a shadow: Disable syslog for more commands 60a8719 devtool: upgrade: handle recipes where source is not first entry in SRC_URI 8353557 devtool: update-recipe: handle where SRC_URI is appended to with += aab3c8d linux-yocto: make aufs4 optional d75d2be linux-yocto: tiny and pin ctrl config updates 8547cbf linux-yocto/4.4: BXT enablement ffad386 linux-yocto/4.1: mainline SPI backports 4ba33a3 linux-yocto/4.4: gpio-pca953x: fix the "drive" property cannot read/write 86571db devtool: don't copy .git when building the eSDK 83eac65 package.bbclass: improve permission handling eeae2ac fs-perms.txt: fix ROOT_HOME's permission 1db3dc8 runqemu: let ramfs equal to cpio.gz a8c8e81 gcc-common.inc: String format tweak for available tunes a7c426a pbzip2: fix LIC_FILES_CHKSUM following 1.1.12 -> 1.1.13 upgrade 1229009 pbzip2: don't skip do_configure 1e4ee30 useradd_base.bbclass: remove flock option '-w' cb45ef3 matchbox-keyboard: Hide desktop launcher 69e20ca npm.bbclass: Stop packagenames containing underscores from being generated c3c55478 bind: CVE-2016-1285 CVE-2016-1286 c4387a8 image.bbclass: add DEB_{PRE, POST}PROCESS_COMMANDS to rootfs_command_variables list 967bc74 rootfs.py: apply ROOTFS_POSTINSTALL_COMMAND to all package formats f7352ca wic: fix bug in handling fsoptions b2f5de5 buildtools-tarball.bb: set TOOLCHAIN_NEED_CONFIGSITE_CACHE to null a460b04 rpm: more verbose errors in rpmTempFile a43991d rootfs-postcommands: handle broken links when writing manifest 2c81e17 socat: Use c_ispeed and c_ospeed based upon libc 5c8124d archiver: Improve debug output e912c46 kbd: remove uclibc-stdarg.patch 965fd3c image.bbclass: use max() instead of indexing booleans 6d85874 linux-yocto-tiny: fix KBRANCH 440d949 sudo: fix pam config on systemd systems 3fd5a6d sysvinit: make lastb.1 an alternative 175263e lib/oe/lsb: sanitise the distro identifier 9262d2f package.bbclass: handle links in sorted order 29cf263 sanity: allow sftp and ssh mirrors f503317 toaster.bbclass: improve package information collection 88f4178 rsync: remove upstream's rebuild logic 8d59d06 rsync: pass cached configure values through the right variable 384e41c rsync: don't install acinclude.m4 e80800e Revert "oeqa/selftest/wic: add test case for sparse images" 45c0763 Revert "wic/utils/partitionedfs.py: assemble .wic images as sparse files" e0e5426 bitbake: runqueue: Improve 'mulitiple .bb files are due to be built' message 380004b archiver: Ensure sstate-inputdir directory is created 3ad70a5 linux-yocto-tiny: fix COMPATIBLE_MACHINE 0e59727 glib-2.0: Put glib-compile-schemas back in -utils d27ca36 oeqa/runexported.py: Fix exported test 85dbd7b oeqa/selftest/sstatetests: split 32/64 build host from no-op action tests 57be6dd util-linux: take ownership of hwclock if installed acc1f96 meta: remove redundant ac_cv_sizeof_off_t assignments 92759d8 meta/site: remove sizeof_off_t 5602f64 archiver: Fix ASSUME_PROVIDED issues fab626c distrodata: Exclude DATETIME reference from sstate checksum faaeaf9 build-appliance-image: Support for VirtualBox guest additions 778121a local.conf.sample: Make it possible to override EXTRA_IMAGE_FEATURES f947c27 poky.conf: add Fedora 23 to supported distros f33a110 maintainers.inc: remove adt-installer 83d4fab local.conf.sample: remove reference to adt 52cfdb6 bitbake: toaster: fixes for customimage package not found dae4ffb bitbake: data_smart: Restrict expansion regexp to not include : characters 7e739ac bitbake: tests/utils.py: test origvalue in a callback matches what is expected e1e459e bitbake: lib/bb/utils.py: Fix a bug in edit_metadata() that could corrupt vars 43150ab oeqa/selftest/wic: add test case for sparse images 29bc2f7 wic/utils/partitionedfs.py: assemble .wic images as sparse files 7fdb061 image-vm.bbclass/image_types.bbclass: IMAGE_NAME -> IMAGE_LINK_NAME 04e1978 image_types.bbclass: fix elf 513ea49 image_types.bbclass: set nodesize for btrfs bad434b libxml2: fix AM_PATH_XML2 9fe3d01 useradd_base.bbclass: prevent variable expansion in $opts fb8e5f9 extrausers.bbclass: drop retry count for perform_user/group* calls f737af4 build-perf-test: add eSDK installed size to metrics 50f5ca3 rpm: brace expansion is a bashism 66ecbd3 openssl.inc: minor packaging cleanup e38ec0c systemd-systemctl-native: fix unit detection 4019058 apr-util: fix path in rules.mk for nativesdk bdf453f bdwgc: installed-vs-shipped for nativesdk 12ca8df libsolv: fix installed-vs-shipped for nativesdk c88c894 desktop-file-utils-native: disable emacs d4f6c0e toaster: add DL_DIR and SSTATE_DIR to oe toasterconf 69b3f87 toaster.bbclass: strip task from the target aa45c75 x11-common: Add PACKAGECONFIG for screen blanking d366a33 opkg-utils: re-do find/ls code to not fail on filenames with spaces 5e360ca image-live.bbclass: fix iso + efi only f5adb23 Add missing runtime dependency to python-pygobject 0720425 devtool: Create unlocked-sigs.inc containing items in the workspace 64cca7e sstatesig.py: Add a method to "unlock" recipes 1cb99dd populate_sdk_ext.bbclass: Enable locked sigs errors 2431ed7 sstatesig.py: Improve the SIGGEN_LOCKEDSIGS_TASKSIG_CHECK message 7e90280 sstatesig.py: Split single locked sigs check into multiple checks 7ce800c toasterconf.json: Set default distro to nodistro 1b7b548 dev-manual: Updated poky-floating-revisions file snippit example. 8d9e233 dev-manual: set correct task name for do_kernel_configme 6971029 poky-floating-revisions: Fix typo 14e2b90 toasterconf.json: Add DL_DIR and SSTATE_DIR to poky toasterconf 296dfbc build-appliance-image: Update to master head revision 00c4c9b poky: Convetion is 2.1, not 2.1.0 8cd1dec build-appliance-image: Update to master head revision ecd58bb poky.conf: Bump version for 2.1.0 krogoth release e955b5d bitbake: Update version to 1.30.0 4fd14e3 build-appliance-image: Update to master head revision 133224f documentation: Fixed references using the DISTRO_NAME variable 3831ca0 documentation: Updated release date in manual history tables. b590fab dev-manual, ref-manual, sdk-manual: Removing oprofile references. d2084cc Makefile: Removed adt-manual support 2677098 mega-manual: Removed the adt title .PNG file. d9b4c80 README: Updated to remove the ADT manual and add the SDK manual. 9796cbb mega-manual.sed: Removed adt-manual processing aa4b72b yocto-project-qs: Updated the minnowboard example. f2505af poky.ent: Added lower-case distro name variable. ee42a9b kernel-dev: Applied review comments to "Adding Recipe-Space Kernel Features" d57fe7c ref-manual: Updated the PREFERRED_VERSION variable description. 53bade8 dev-manual: Added new section describing hardware and non-hardware config 763ae4e ref-manual: Updated verbiage on proxy handling a1295ed ref-manual: Updated PREFERRED_VERSION variable description 879eec2 ref-manual: Updated debugging tips and tricks 23dbf81 kernel-dev: Added new "Adding Recipe-Space Kernel Features" section. f30bfe9 kernel-dev: Updated the "Kernel Metadata Location" section. 53729bc sdk-manual: Removed three sections of writer notes. 9f0c571 sdk-manual: Applied review edits. d4bdafa sdk-manual: Added sections in Appendix B. d94fa00 dev-manual, profile-manual: Removed oprofile section and link 4f3dfa8 bitbake: bitbake: update LICENSE file with QUnit details 013984d bitbake: tests: browser Add test to run the js unit tests 7609888 bitbake: toaster: views jsunittest Add MACHINE and an extra layer to test project fbc2c5d bitbake: toaster: tests Set MACHINE for the test projects cb6b4eb bitbake: toaster: Add quint to project so that it can be used offline 18cb7fe bitbake: toaster: add rev dep column to image detail pages 7a309d9 bitbake: buildinfohelper: work around unicode exceptions 860cba8 bitbake: toasterui: update build in internal state acb9407 bitbake: buildinfohelper: fix KeyError 52c8740 bitbake: toaster: get bitbake location from BBBASEDIR f5d3ef6 bitbake: toaster: export BBBASEDIR variable 71ff9b9 bitbake: toaster: update projectconf.html for DL_DIR and SSTATE_DIR 705d44f bitbake: toaster: update view to support DL_DIR and SSTATE_DIR 4aafcae bitbake: toaster: use empty token 5ce4665 bitbake: toaster: runbuilds Clean up runbuilds 55b6fab bitbake: toaster: runbuilds Make runbuilds aware of the build CANCELLED state f4cee88 bitbake: toaster: models Exclude the CANCELLED builds from get_number_of_builds 296d373 bitbake: toaster: mrb_section template Add build cancel button f1b49dc bitbake: toaster: tables BuildsTable exclude cancelled builds 22242ae bitbake: buildinfohelper: Add handler for cancelling a build 9dcb9cb bitbake: toaster: bldcontrol models Add a cancelling state the BuildRequest dfa8510 bitbake: toaster: models Add cancelled state to build outcome 5f862bb bitbake: toaster: update BuildEnvironmentController and BitbakeController 0db62c5 bitbake: toaster: libtoaster Update implementation of startABuild and cancelABuild afab95c bitbake: toaster: xhr Update the implementation of the build cancellation request eead032 bitbake: toaster: Move xhr calls for starting and stopping builds f5aa970 bitbake: toaster: bldcontrol Add forceShutDown function to BitbakeController d6992a8 bitbake: toasterui: shutdown on BuildCompleted event c4ae028 bitbake: toaster: use bash explicitly 4adddfd bitbake: toaster: fix jethro build b1a919a bitbake: toaster: update conf/local.conf 590a815 bitbake: toaster: stop bitbake server after the build a8f6001 bitbake: toaster: add new parameter to _shellcmd a43a16b bitbake: toaster: reimplement triggerBuild ab18c20 bitbake: toaster: modified setLayers API 22fba9b bitbake: toaster: add brbe parameter to triggerBuild 829a0bd bitbake: toaster: remove release API 7068e8a bitbake: toaster: remove startBBServer API 9d4c62d bitbake: toasterui: fix brbe reporting 5bcce68 bitbake: buildinfohelper: improve handling of providermap 61b6b98 bitbake: uievent: improve BBUIEventQueue code 0b0d754 bitbake: toasterui: add brbe parameter to buildinfohelper 94ac3f0 bitbake: toaster: set BITBAKE_UI environment variable e23a23b bitbake: toaster: get rid of noui option f77baec bitbake: toaster: don't start bitbake server 4127fef image_types: use compress framework to produce checksums for images 60786b8 runqemu-gen-tapdevs: Add note about NetworkManager & tap devices 634aeed libtool: fix contaminated path to lt_truncate_bin 298d875 create-pull-request: fix for newer git 4faeff9 wget: fix build when len(TMPDIR) == 410 b667f4d sanity.bbclass: fix a hardcode in check_path_length() 94b3583 grub: remove unused 0001-Fix-build-with-glibc-2.20.patch ef163ab glibc: remove unused CVE patches b050ab2 clutter-gst-3.0: remove unused enable-tests.patch 064ebd5 cmake: remove unused dont-run-cross-binaries.patch a71db4c tcl: remove unused fix-configure.patch 476eeea rpm: remove two unused patch 3d56864 ffmpeg, gstreamer1.0-libav: add textrel INSANE_SKIPs 8cc10a9 ffmpeg: Make configure options explicit 45c1944 bzip2: set correct soname cbe33ec useradd.bbclass: remove user/group created by the package in clean* task c115740 bitbake: fetch2/git.py: remove .indirectiondir workaround 4f07c22 bitbake: persist_data: Return str instead of unicode for sqlite3 text queries d8f1f42 scripts/oe-selftest: avoid the creation of coverage file when coverage not installed 6e5e225 scripts/oe-selftest: remove coverage file if any coverage option is given 5edfec4 scripts/oe-selftest: remove unneeded coverage warning 8109e93 patch.bbclass: remove useless path assignment 7963613 gstreamer: remove now-redundant expansion in do_split_packages 37f4f5b package: do_split_packages: expand variables in extra_depends 2ed2089 xf86-video-intel: Add patch to fix some poor image quality c1436b3 sanity: Increase minimum git version to 1.8.3.1 672545b scripts/oe-buildenv-internal: Fix regression in BB_ENV_EXTRAWHITE setting f7fed7c license.bbclass: fix warnings when run in unprivileged "container" env 43071a0 externalsrc: avoid race in temporary git index file f4f1d20 scripts/lib/bsp/help.py: Typo in help for yocto-bsp create 1bd2c8e bdwgc: use github repo for source location 0e6743b xf86-video-intel: Add patch to allow UXA to build 21e31c2 package_manager.py: better error handling in opkg's package listing f2d5e20 systemd: make systemd-serialgetty optional e699404 ncurses: reorder PACKAGES f94ad4d bluez5.inc: remove obsolete workaround a0cd8c0 buildtools-tarball: Add texinfo (for makeinfo) 9877795 cogl: fix G-I .typelib installation b13184c classes/buildhistory: fix grammar in comments e5c0a9f classes/buildhistory: fix filtering of depends-nokernel.dot 4d364f2 classes/buildhistory: optimise getting package size list af5f423 bitbake: siggen: Ensure tainted stamps are accounted for with writing custom stamps 47e9e12 bitbake: siggen: Fix nostamp taint handling 8033627 bitbake: siggen: Add checksum recalculation/checking code 3e1b5e0 bitbake: siggen: Fix check calculation problem with file_checksums 39b637c bitbake: siggen: Drop misleading duplicate method 2c722e2 bitbake: tests/fetch.py: Improve unit tests for trusted network check cf6d12d bitbake: fetch2: BB_ALLOWED_NETWORKS should not care about port numbers 158575c bitbake: toaster: orm better detect requires during CustomImageRecipe generation c634473 bitbake: toaster: Correct typo on build form help text c9ad1e6 bitbake: toaster: buildinfohelper Add additional metadata to the built layer 072a0b3 poky: Exclude DATE from DISTRO/SDK_VERSION checksums f3c029f build-appliance-image: Exclude DDATETIME from task signature 7833eb4 image-vm: Exclude DISK_SIGNATURE_GENERATED from task signature 85ff4ff populate_sdk_ext: Exclude BBTASKDEPDATA from task signature 66412ab opkg-utils: opkg-build exit when fail to list files. 6b8f8a4 kernel-yocto: enforce SRC_URI specified branch 6ebd43c linux-yocto/4.4: UVC: Add support for R200 depth camera 6d2299f linux-yocto/4.4: fix PAT for 32bit x86 5559301 Revert "linux-yocto: Work around PAT issue on qemux86" 686c74f linux-yocto-dev: bump to v4.6-rcX b3ba813 linux-yocto/4.1: ahci: backport AHCI runtime PM 8f7bbea linux-yocto/4.4: gpio-pca953x: add PCAL9535 interrupt support 4a50c05 linux-yocto/4.1: telemetry and dmaengine backports 31a10cb wic/isoimage-isohybrid.py: change cpio generated uid&gid to root 5cabf3b wic/isoimage-isohybrid.py: use glob to find initramfs location 5c60c36 bluez5: add ptest support fc8b24d oe/patch: print cleaner error message when patch fails to apply bf14014 oe/patch: more detailed error reporting a2bf9e3 insane.bbclass: avoid false positives on library location 1f2f43c grub-efi.bbclass: use GRUB_ROOT rather than APPEND for root device bf58526 bitbake.conf: Add BB_WORKERCONTEXT to HASHBASE_WHITELIST 1c1e851 gdb-cross-canadian: use PACKAGECONFIG for python and readline 370a50a base: Fixup PACKAGECONFIG incorrect mappings dea3423 classes/packagegroup: Refactor code to be simpler 5defbcd default-distrovars.inc: remove libassuan from LGPLv2_WHITELIST_GPL-3.0 58d8123 libassuan: use package specific licensing 1f2a01b init-install-efi.sh: remove all root=foo from grub.cfg 3ce7d8c init-install.sh: fix disk_size 46eed0a ltp: fix test_proc_kill hanging 207ee90 ltp: add periodic output for memcg stress test feafad1 epiphany: Depend on intltool-native for configure 2510239 image: Fix debugfs image type recursion loop 7dcb4c4 bitbake: toaster: tests Migrate landing page tests to Selenium 5b848fa bitbake: toaster: tests Migrate all projects page tests to Selenium f2a38ea bitbake: toaster: tests Migrate project builds page tests to Selenium 961cd90 bitbake: toaster: tests Migrate all builds page and project page tests to Selenium f859a3d bitbake: toaster: tests Migrate to Selenium for UI tests 965c72c yocto-bsp: Set correct default branches and branches base for i386, qemu and x86_64 archs d110eba selftest/signing: Use packagedata to obtain PR value for signing test 34f11b5 lib/oe/packagedata: Add import os 0012b90 base.bbclass: avoid duplicate call to d.getVar('LICENSE', True) efe73cb base.bbclass: drop obsolete HOSTTOOLS_WHITELIST_GPL-3.0 5293b83 man: use BUILD_CC and target include files for configure 5121705 scripts, lib: Don't limit traceback lengths to arbitrary values 3168134 bitbake: bitbake: Don't limit traceback lengths to arbitrary values 88ea0b9 image-vm.bbclass: remove invalid code 4d1df2c image-live.bbclass/image-vm.bbclass: remove duplicated code d6d7526 bootimg.bbclass: merge it into image-live.bbclass 723fa56 boot-directdisk.bbclass: merge it into image-vm.bbclass 9e588481 man: fix several annoying compile/build warnings aa13b97 image.bbclass: Make unneeded packages for a read-only rootfs configurable 4dde12f relocate_sdk: additional error checks 22bd875 systemd: fix build with gcrypt PACKAGECONFIG disabled 4b77909 devtool: modify: call shutdown on tinfoil when done 43da712 toolchain-shar-extract.sh: ensure all_proxy is allowed through 2aec71e oe-publish-sdk: exclude sstate-cache if publishing minimal SDK 8ef7016 oe-publish-sdk: prevent specifying a directory for the SDK argument 591b97c classes/populate_sdk_ext: support setting vars from environment at build time c37d542 scripts, lib: Don't limit traceback lengths to arbitrary values 8049f25 pyton-numpy: Add definition of off_t size b75505e image-live.bbclass: DEPENDS on syslinux 3ece012 ldconfig-native: Fix ELF flags on 64-bit binaries d492aec recipes-support/rng-tools: Change runlevel start from S to 2, 3, 4, 5. ab5c62e oeqa/runtime/parselogs.py: Add systemd unit circular dependencies errors. 9be3fb2 systemd-serialgetty: allow baud rate overriding cf6788c psmisc: Remove including sys/user.h and __WORDSIZE ede11b6 selftest: Added testcase decorator to tests ccfe48c linux-yocto: add overlayfs feature 6ae0224 linux-yocto/4.4: broxton and usb type-c backports e1ae3ee linux-yocto/4.4: drm/i915/skl: Fix DMC load on Skylake J0 and K0 0a1d621 linux-yocto/4.1: Intel Broxton: pwm backports 6ce8802 linux-yocto/4.1: Apollo Lake/Broxton mmc backports a256628 linux-yocto/4.1: i2c: designware: Backport i2c patches fbd209d linux-yocto/4.1: device property backports ccf1b33 linux-yocto/qemuarm64: enable 32 bit compatibility dacf9f2 linux-yocto/4.1: SMBus/iTCO backports ab6fd48 default-distrovars.inc: remove gnutls + libtasn1 from LGPLv2_WHITELIST_GPL-3.0 2123a7e sanity.bbclass: Use pythonexception to raise real exceptions without backtraces 6af88d8 sanity: Require bitbake 1.29.1 1b2df6e uninative: Switch md5sum -> sha256 f719386 bitbake: cookerdata.py: remove slash in the end e26087f bitbake: Bump version to 1.29.1 d73da22 bitbake: build/utils: Allow python functions to execute with real exception handling 672c07d bitbake: fetch2: Ensure that incorrect checksumed files are always renamed 2554be4 bitbake: cooker: fix CookerParser.shutdown() 53b5dc0 gcc: Fix musl ldso name for mips64 dd31bca selftest/buildoptions.py: use INHERIT += 71db079 archiver.bbclass: addtask do_deploy_archives_setscene 1ca71e5 bitbake: cooker: Ensure bbappend order is deterministic 292c3e8 bitbake: checksum: In FileChecksumCache don't follow directory symlinks 326fc29 gcc-5.3/gcc-4.9: -fdebug-prefix-map support to remap relative path 9e20f94 ptest-runner_2.0.bb: Update recipe to point git.yoctoproject.org repo. 437841c man: fix src/Makefile to work with parallel make abb5b46 oeqa/selftest/bbtests: Test bbappend order ddbeb56 bitbake: cookerdata: Improve handling of ParseError 6dff639 gcc: Backport fixes for musl ssp configuration ab20659 siteinfo: Fix musl 64bit targets cd16b65 musl: Update to tip 0883aff buildhistory.bbclass: create image directory when needed c093f7c runqemu: fix for iso f1f9f89 init-live.sh: fix overlay fs 4e7eaed init-live.sh: fix ROOT_MOUNT 1622077 no-static-libs.inc: build static libusb1-native b3e4a31 sstatesig: Ensure we keep native depends for allarch recipes 528a890 oe-selftest: generate .env only in test_image_env 21823cb build-appliance-image: Update to master head revision 7d251f7 build-appliance-image: Fix permissions 60656d0 bitbake: fetch2/wget.py: _check_latest_version_by_dir fix prefix detection 45ee2b1 bitbake: fetch2/wget.py: _check_latest_version_by_dir use group names 55cd35b conf/bitbake.conf package.bbclass: fix dbg package not contain sources while -fdebug-prefix-map used e2b919c externalsrc: remove nostamp from do_configure bbfc210 externalsrc: do not use do_configure[nostamp] for git srctrees 9ee403b archiver.bbclass: Just archive gcc-source for all gcc recipes 37683ef oeqa/utils/ftools: improve remove_from_file algorithm 3a934a8 scripts:/oe-selftest: Use timestamp instead of test names in coverage data file 71304d8 xcursor-transparent-theme: upgrade to latest git revision 7c5343a gdb: Fix build on mips64/musl 856be1f libunwind: Fix build on mips/mips64 for musl targets dd61341 toolchain-shar-extract.sh: check the length for target_sdk_dir c3c793b relocate_sdk: fixed .gccrelocprefix section handling cc97d57 glib-2.0: Fix packaging cef8bc9 gio-module-cache: Add class for Gio modules 0cda9d8 glib-2.0: Install gio-querymodules in main package 9ac1b6f oe-git-proxy: support username / password in http proxy a15541d oe-git-proxy: also check all_proxy and http_proxy env variables 92b2bc5 wic: Update after task ordering changes d6cb46c image.bbclass: run wicenv task only for wic images 5cb7705 wic: fix type of no-table option 1209eb2 matchbox-desktop: Do not close desktop on alt-F4 0361676 rootfs-postcommands: don't write manifest when IMAGE_MANIFEST empty abd5b24 bitbake.conf: rename 'gobject-introspection-data' machine feature to 'qemu-usermode' f81065f selftest/devtool: Update after make PROVIDER changes 25a04ee make, remake: make them properly exclude each other f3a92ff kernel.bbclass: consider .csp firmware files 0569b69 tzdata: update to 2016c a7e726a tzcode: update to 2016c 201d9d3 icecc.bbclass: replace icc with icecc da00f6c icecc.bbclass: expand package arch 3f1702c icecc.bbclass: add icc_is_allarch inherit check 39170fe classes/sanity: use proper multi-line string literals 33a6135 oe-buildenv-internal: simplify derivation of BB_ENV_EXTRAWHITE c6ab828 u-boot.inc: Add sub-dir support for SPL_BINARY ddedab4 quilt: run ptest as normal user afa4d5e site: Cache config vars for ccache 04344eb gdb-cross: use PACKAGECONFIG for python and readline 5005cab add !meta-poky to .gitignore file 1dd9348 scripts/lib/bsp/help.py: Add missing options to yocto-bsp help and usage 54eca75 poky-sanity.bbclass: update conf/templateconf.cfg for existing installations 2b992f3 site.conf.sample: fix reference to oe-git-proxy script af63b49 conf-notes: remove reference to adt-installer 1d219ce linux-yocto: Update SRCREV for genericx86* for 4.4 8d4f43e linux-yocto: Update SRCREV for genericx86* for 4.1 84d5924 bitbake: fetch2: Handle lockfiles for file:// urls redirected to mirrors b036afb bitbake: toaster: get all dependents for pkg for removal 9bf98a9 bitbake: toaster: new customise package-remove modal dlg d5a419d bitbake: toaster: show full list of dependents to remove fda94f4 bitbake: bitbake: fetch2/gitsm: Fix fetch when the repository contains nested submodules 1341c17 pseudo: backport a patch to fix xattr removal 07f0af3 uninative: don't try to relocate static binaries c3c0d0a lib/oe/qa: add method to check if static or dynamic linked 10b6037 uninative: ensure patchelf errors are visible 86d7e44 libmad: remove use of obsolete _thumb over-ride e7395c8 perf: package python modules into perf-python b47225f perf: fix python scripts QA errors ea8b914 linux-yocto/4.1: MFD backports b6563a1 linux-yocto/4.1: device property : Backport device property patches 46baceb linux-yocto: ktypes/standard: Add tmpfs-posix-acl feature bdf6b20 linux-firmware: Break out some additional firmware 6d8141f linux-firmware: Clean-up and sync license data cea2a21 linux-firmware: Collapse iwlwifi firmware blobs for 7260 and 7265 3b3fe1d linux-firmware: Update to latest HEAD d7cf2c3 archiver.bbclass: Fix tar name for git repositories 2cb4cb7 archiver.bbclass: Fix gcc-source corner case c29eea0 archiver.bbclass: Fix use of ARCHIVER_WORKDIR and ARCHIVER_OUTDIR 8b7ee6e archiver.bbclass: Don't expand python functions in dumpdata bc100b3 bind: /var/cache/bind 04d883c sysvinit: downgrade ALTERNATIVE_PRIORITY[mountpoint] 688d9a6 util-linux: split out util-linux-mountpoint 85ff75d gconf: fix buildpaths QA issue 7f7c9ab python-pygobject: use Python 2 instead of Python 3 e33124f sanity.bbclass: check host tool dependencies on change in NATIVELSBSTRING 4fe64d7 libunwind: Fix build with fstack-protector on musl 4aa08b8 ltp: Fix build on x86/musl 959b7f2 package.bbclass: Treat .node files same as .so when checking what to strip e0bc781 bootimg.bbclass: only inherit syslinux when pcbios 1b1de89 grub-efi.bbclass: make it can build vm and live together 4ebaeb2 bootimg.bbclass: fix settings for grub-efi.bbclass af1f77a pixz: Fix build on big-endian/musl systems 421289c sanity.bbclass cleanup 93e411e matchbox-wm: Update to fix XChangeProperty datatype issue c843022 matchbox-panel-2: Fix Home-button icon load issue 01f6818 gstreamer1.0: fix introspection support also for git recipes 171adb1 gstreamer1.0-plugins-bad: fix incorrect handling of Cflags in gstreamer-gl.pc file 6462d08 x86-base.inc: suggest the latest kernel c5c9ed6 at: fix configure option with/without-selinux 9b2b1f0 no-static-libs: just like target and native, nativesk-libcap doesn't like unrecognised options bf90d0c linux-firmware: package firmware for Marvell 88W8688 cd17ab0 tune-arm926ejs: Handle missing thumb suffix 5b70c7e nativesdk-coreutils: a lot of warnings fixed b47c53b runqemu-internal: split the code into functions fae732f runqemu-internal: cleanup unsed code e469bb7 runqemu: simplify checking for iso and ramfs 3610329 runqemu: add support for qcow2 and vdi d85ca4a runqemu: remove ISO and RAMFS from help text 58bc854 runqemu: simplify the checking for vm images 6716eb2 runqemu: fix ROOTFS for vmdk 258cfa8 python(3): Disable tkinter 5988b5c selftest/signing.py: RPM_GPG_PASSPHRASE_FILE -> RPM_GPG_PASSPHRASE 3e5c5fe gpg_sign.py: get rid of pexpect 05d7e0d rpm: check _gpg_passphrase before ask for input 13a31b1 oe-publish-sdk: fix remote publishing 9926425 oe-publish-sdk: improve help output slightly 905286c oe-publish-sdk: drop SDK installer file from published output 0523378 devtool: add: create git repository if URL specified as positional argument 11c1d30 devtool: add: delete externalsrc files on npm recipe do_install 552a68a devtool: configure-help: fix error if do_configure not already run eab3f06 bitbake.conf: whitelist proxy variables in config hash 58d2e56 classes/populate_sdk_ext: parse metadata on minimal SDK install 0684572 devtool: sdk-install: add option to allow building from source 50addfb classes/distutils*: don't hide logs when setup script fails 0ec30c7 classes/packagegroup: drop complementary -ptest if ptest not in DISTRO_FEATURES d96ea29 classes/packagegroup: fix dbg/dev/ptest complementary packages b58e5b1 bitbake: bitbake: xmlrpc: set single use mode differently 2df514b sdk-manual: Added note for running remote apps with SSH port forw enabled. 12f5c25 poky.ent: Added code name for 2.1 release to the variable 64241e0 sdk-manual: Applied more review edits to the manual per Eggleton. b44d9e5 ref-manual: Created distrodata and checkpkg tasks, updated distrodata class 54050ff sdk-manual: Applied 2nd round of review edits. 6db8cbc sdk-manual: Applied review edits to the manual. 922eaeb sdk-manual: Updated the SDK devtool modify flow diagram. 2bbf77a dev-manual: Fixed a grammar error 286b76f sdk-manual, mega-manual: Updated the SDK devtool modify diagram c3946bc dev-manual, profile-manual, ref-manual: Updates to remove meta-toolchain 7233e35 sdk-manual: Edits to add extensible SDK configuration sections. b31bf7c ref-manual, sdk-manual: Changed section heading. 670735e ref-manual: Added some SDK manual support to introduction 266742b profile-manual: Updated screen output for oe-init-build-env 0654224 kernel-dev: Changed a link from an example to in-text. 19e3648 dev-manual: Edits from a 2.1 read-through. a389684 poky.ent: Fixed a typo in one of the variables "ftar" to "tar" b5d3065 poky.ent, bsp-guide: Removed eMenlow example and updated 2.1 variables 884b528 yocto-project-qs: Performed a read-through edit. 4b42385 poky.ent: Updated copyright year and version variables. ae48b1f mega-manual: Added two new sections for the sdk manual 815d686 sdk-manual: Added some intro stuff about the SDK 4c5157f ref-manual: Resolving a conflict 4306f7f sdk-manual, mega-manual: Added new figure for Eclipse flow. 0bb6e48 sdk-manual: WIP on the book. 5a64701 sdk-manual, mega-manual, Makefile: Added new figures 32629e0 Makefile: Resolving a conflict af40e9a sdk-manual: Added a new figure for installed extensible sdk directory. 62477889 sdk-manual: Applied some "red" text formatting to indicate notes 7ab8afa Makefile: Added the ".png" part to a figure I forgot. fc43555 sdk-manual: Added a red-text "role" to the style sheet. d07100d sdk-manual: Added new section detailing installed SDK directory. b750729 sdk-manual-customization: Fixed XSL Appendix numbering parameter ad7a994 Makefile: Updated the figure list for the mega-manual. 890f721 sdk-manual: WIP - Various small edits as WIP f15f96c sdk-manual: New content for outline purposes. 4643b04 sdk-manual: Updated with two new appendices for new files. d05566b sdk-manual: Added sdk-environment.png diagram. 0936eed sdk-manual: Added two appendix files to SDK Manual. 6996a1c Makefile: Added sdk-environment.png to figure list for SDK Manual 6cdb356 toaster-manual: Edits to a previous patch. 77594c0 mega-manual, Makefile: Added support for three new toaster figures. 00fe95d toaster-manual: Explain the local release d06c7b8 documentation: remove all references to Hob be8af37 ref-manual: Updated COREBASE_FILES variable. 5c7e5aa bitbake: bitbake-user-manual: include/require checks current directory 7ec8f28 bitbake: bitbake-user-manual: Updated the "inherit Directive" section. 75cba54 bitbake: bitbake-user-manual: Updated the copyright year to 2016 2918b50 bitbake: toasterui: remove ParseStarted from the event list ab2abd4 bitbake: toasterui: Remove the excessive exception logging d8137be bitbake: cache: Make BB_DONT_CACHE variable external 1d1aaa2 bitbake: toaster: orm generate CustomImageRecipe contents try secondary path 5c49230 bitbake: toaster: localhostbecontroller put generated layer in the builddir b60c994 bitbake: toaster: localhostbecontroller Allow file:/// uri type for git repo 3025092 bitbake: toaster: orm Add a constant for the CustomImageRecipe's layer name 3df6551 bitbake: toaster: localhostbecontroller Don't clear out toaster custom layer dir 2f2f784 parselogs: add new whitelist entries to address 4.4.3 issues 8037ba4 bitbake: bb/tests/fetch: Update cups url dab6d59 oe-buildenv-internal: Correct the sed expression which updates $PATH 068afc5 tzdata: update to 2016b e140272 tzcode: update to 2016b c0b3667 ffmpeg: Remove RSUGGEST=mplayer e528a0a lttng-tools: Remove lttng-ust from PACKAGECONFIG for musl 42b9bdf packagegroup: Disable packages not available on musl f148a2e world-broken: Add packages broken on musl 624ca6a siteinfo: Move apr configure cache to common-linux 90234f1 parselogs: add new whitelist entries to address 4.4.3 issues 13a2a3f u-boot: Upgrade to 2016.03 release ecf3396 grub: add -Wno-error=trampolines to native CFLAGS 07515b0 dhcpd: create dhcpd user for dhcp dameon b9ad80d valgrind: fix buildpath QA issue 7985006 gcc-5.3/gcc-4.9:Reuse -fdebug-prefix-map to replace -ffile-prefix-map 2faa718 gcc-5.3/gcc-4.9:replace build path with target path in __FILE__ 76f10fd oe-buildenv-internal: Some clean up 4d1efc3 oe-buildenv-internal: Add variables individually to BB_ENV_EXTRAWHITE 39ac332 oe-buildenv-internal: Add paths to $PATH individually dd5f2f7 oe-init-build-env*: Make them actually return failures ea28de6 oe-init-build-env*: Remove unnecessary differences between the scripts 51aa00f oe-init-build-env*: Update/correct comment about specifying arguments 16fb9b8 oe-init-build-env*: Allow $OEROOT to be predefined 3173979 bluez5: allow D-Bus to spawn obexd in systems without systemd 10ef68f oeqa: remove RPM 4 self test d915965 lib/package_manager: remove RPM4 support code 03fce73 smartpm: remove rpm4 patch 1e9de52 rpm: remove RPM 4 a7dd04d grub: fix documentation rebuilds ee4f61b oe-selftest: Fixed --list-tests-by tag option 068e898 gcc-runtime.inc: set LICENSE for all gcc-runtime packages 788dfdd ParaTypeFFL-1.3: Add license file 62ddde6 externalsrc: use shared stamp directory if B=S 1969332 rpm: fix error when 'lua' is enabled a31301e matchbox-keyboard: Update to latest HEAD to fix 64bit issue 40a55f1 oeqa/selftest/buildoptions: test read-only-rootfs f64fdd2 oeqa/selftest/sstatetests: verify more variables don't impact the hash ac347da gobject-introspection.bbclass: wrap comments at 80 columns ae63b88 qemuarm64.conf: don't clear MACHINE_FEATURES cad415d sanity.bbclass: allow customizing config file update error messages 96a5cb4 sanity.bbclass: fix success message when config file was updated 805aca8 sanity.bbclass: expand error messages for version checks 7d6801c lighttpd: fix /usr/lib/mod_cgi.so: undefined symbol: chunkqueue_written 5f7b9f0 valgrind: Disable nios2 support aaaccc4 systemtap: Disable nios2 support 5857b20 lttng-modules: Add nios2 support 26248cd kexec: Disable on nios2 3e4d99b packagegroup-core-sdk: Disable sanitizers for nios2 797ffc8 bdgwc: Backport nios2 support 238e2c1 libatomic-ops: Backport nios2 support 7e83af3 selftest/buildoptions: Renamed one test case 0d9f515 python-numpy: Fix build on musl e1f3f4c socat: Access c_ispeed and c_ospeed via APIs bb4e6e0 watchdog: Disable nfs on musl targets f00cca8 bdwgc: Check for getcontext() API during configure 51464e7 devtool: change config symlink name to .config.new 8c0148f systemd: Fix and expand ptests 427e369 oeqa/utils/testexport.py: add functionality for exporting binaries 2191623 init-live : make it easier to add custom boot targets 57a525c useradd_base.bbclass: replace retry logic with flock 5d06f00 image.bbclass: track ROOTFS_POSTUNINSTALL_COMMAND in do_rootfs vardeps 6129d86 eudev: split eudev-hwdb from eudev 9aa27fe openssl: don't move libcrypto to base_libdir 370419e xcb-util-image: Fix build with clang 8727975 musl: Update to get mips64 port 4653fdd dhcp: enable gentle shutdown e382d96 coreutils: fix reporting 'unknown' by `uname -p' and `uname -i' 3b8cd1d ncurses_6: Improve installation 9cc65ed Revert "selftest: Added MACHINE = "qemux86" to tests that use runqemu" 3c5ee61 busybox: Drop -r passthrough patch 2c666af linux-yocto/4.1: usb: add usb_otg_caps to usb_gadget structure. 8dc9162 linux-yocto/4.1: Intel Broxton and Sunrisepoint-H: pinctrl and drm 99ad4c9 linux-yocto/4.1: powercap/RAPL: Backport powercap/RAPL c4f544e linux-yocto/4.1: Thermal: Enable Broxton SoC thermal reporting device 123c2c6 linux-yocto/4.1: usb backports for Apollo Lake/Broxton 600b700 recipetool: create: don't create extra files directory unconditionally 8debfea local.conf.sample: Disable prelink by default efa0881 oeqa/selftest/recipetool: Fix test_recipetool_create_simple c9d269c Revert "packagegroup-core-x11-sato: add python-pygobject and gtk+3" d24a39a oeqa/recipetool: Fix syntax error 55a1e52 oeqa/recipetool: Improve debugging output by adding dirlist 637b3c8 uninative: Add a fix for icu-native to use the correct ABI 9dbfbe9 scripts/oe-selftest: Add short names to most common options 681a452 gcc: Fix the license on GNU OpenMP 15c5b2a Revert "gcc: Fix the license on GNU OpenMP" d5cdb48 perl: fix missing dependency for perl-misc 0eb52b9 classes/buildhistory: record a few more variables for extensible SDK cbb4c5b package-deb: Ignore circular dependencies fcc7ff0 package_deb: Fix python runtime error 9155b24 python-numpy: fix buildpaths QA issue 9e69963 python: move ast module into python-core 1a35166 xserver: require sufficiently new libdrm 36bf666 package_manager.py: Fix race condition in OpkgIndexer.write_index() 35be679 scripts/oe-selftest: Add search expression matching to run/list options 4489ef1 glib-2.0: relocate the GIO module directory for native builds cf3402e image-buildinfo.bbclass: fix performance problems e2fe28c linux-yocto/4.4: gpio-pca953x: add "drive" property 3d45853 python3: fix do_configure check platform triplet error 03b167d ncurses_6: Fix an install race condition 09eab6b build-appliance: make the inclusion of downloaded sources optional 8ea5cdc builder: remove hob from autostart ff5d9f7 Revert "gstreamer1.0-plugins-XXX: move inherit gettext into common .inc file" c99da8d musl: disable building of gobject introspection data 0dea50e machine/include/arch-x86: Make x32 ABI not supporting gobject-introspection-data 8c14c74 bitbake.conf: add 'gobject-introspection-data' to DISTRO/MACHINE_FEATURES_BACKFILL 2e27994 packagegroup-core-x11-sato: add python-pygobject and gtk+3 8b1fa2a webkitgtk: enable gobject introspection 7bd32b9 recipes-gnome: fix introspection support efd37c5 python-pygobject: update to 3.18.2 ff3500b gnomebase.bbclass: do not disable gobject introspection ac5cc0c gstreamer: enable gobject introspection 03cd714 libsoup-2.4: enable gobject introspection c1d67e4 clutter: enable gobject introspection 0ec412b gtk+3: enable gobject-introspection d6f8028 gtk+: enable gobject introspection 0d1e4b2 avahi: enable gobject-introspection d2e0dc1 python-pygtk: remove the recipe 0c6d7cb avahi-ui: remove the dependency on python-pygtk by disabling avahi-discover 4fbf761 vala.bbclass: remove pre-packaged vapigen.m4 from tarballs 235455d vala: enable the use of vapigen by packages with vala support d1b96f1 gobject-introspection.bbclass: add a class that enables gobject introspection 96b5847 gtk-doc-stub: remove introspection stubs 3a1d9fb gobject-introspection: Override GIO_MODULE_DIR when scanning 10e9977 gobject-introspection: add the recipe 3c66619 bitbake: fetch2/npm: fix ud.registry so that alternative registries can be handled 0155472 ref-manual: Updated "Application Development SDK" section. 4438460 ref-manual: Applied review edits to several SDK variables. 3c727ff ref-manual: Updated "Cross-Development Toolchain Development" section. af1517c ref-manual: Updated "Build History SDK Information" section. d9fc04b dev-manual, mega-manual: Updated "Application Development SDK" section. 357aa33 ref-manual, mega-manual: Updated "SDK Generation" section. 54490c0 ref-manual: Added several extensible SDK variables to glossary. 6dfd441 ref-manual: Updated IMAGE_PKGTYPE variable. 77f002c ref-manual: Updated "Cross-Development Toolchain Generation" ee90cc6 ref-manual: Updated the "Build History SDK Information" section. 53dd8a0 dev-manual: Moved "Optionally Using an External Toolchain" to Tasks chapter. 9d76cfe meta: toolchain-shar-relocate.sh: Fix for extracting SDK in the same directory as SDK script. 054abad nettle: The variable named p in the patch file was incorrectly named. 93a5417 valgrind: Make dep on glibc-utils conditional on TCLIBC = glibc 40c9774 make 4.1: fix segfault when ttyname fails 7f27713 gcc: Disable libitm for MicroBlaze 81d58d6 sign_package_feed: add feed signature type 42f612c package_manager: sign IPK package feeds c637783 signing-keys: create ipk package 14e809e gpg_sign: export_pubkey: add signature type support 0b088e0 gpg_sign: detach_sign: fix gpg > 2.1 STDIN file descriptor 2fccd8a gpg_sign: add local ipk package signing functionality 6bd6a2b systemd: add comment stating that resolved needs gcrypt a5fd57d selftest/bblayers.py: Remove harcoded recipe files dce7290 selftest/prservice.py: Sanitize package version when looking for stamp cbd87f3 lsof: update UPSTREAM_CHECK_URI 57fb05a eudev: provide UPSTREAM_CHECK_URI 3f8d5bf toaster.bbclass: show packages that were setscened into existence too 39e1351 gcc: Fix the license on GNU OpenMP c6aeef3 linux-yocto/4.4: Galileo updates 37b61b0 siteinfo: Add ppc64le support. 0265fcc nettle: disable static for 2.7.1 8660cd1 nettle: Security fix CVE-2015-8804 dae5715 nettle: Security fix CVE-2015-8803 and CVE-2015-8805 24aea3a glib-2.0: silence warnings when parsing headers for introspection 3331992 qemu: Limit paths searched during user mode emulation b578a06 image-mklibs: handle position independent binaries c706b5e libpam: define limits.conf as CONFFILES of package libpam-runtime 82dec46 perl-rdepends: Remove circular dependencies 815c36f rpm: Sync CVS to regular version 775f22e rpm: Fix musl integration with RPM5 001bdef gcc: Disable libitm for nios2 d53413d bitbake: server/process: Try connecting 4 times before giving up 0f01059 bitbake: toaster: models List only have the specified project's imported layers 0dcab02 bitbake: toaster: rework task buildstats storage and display cc74a8a bitbake: toaster: use force_bytes to display non-ascii project names aebc22d bitbake: fetch2: Make SRC_URI[md5sum] and SRC_URI[sha256sum] expand their values d405f97 bitbake: xmlrpc: fix bug in setting XMLRPCServer.single_use c50bdb3 bitbake: fetch2/npm: add missing URL argument to ParameterError fbf27c4 bitbake: fetch2/npm: properly handle npm dependencies ef6a451 bitbake: fetch2/npm: fix errors with some version specifications ad50ce9 populate_sdk_ext: Correct commit 8b81bb56c69aabdea984352f8e267a9783c0bdbc bc0e99d recipetool: create: shrinkwrap and lockdown npm modules 309b2e6 recipetool: create: support creation of additional files by plugins 2279eb2 recipetool: create: check if npm available if npm:// URL specified 9145500 recipetool: create: split npm module dependencies into packages d46827c recipetool: create: add license file crunching 3fd244b recipetool: create: match *LICENSE* as a license file 2b6a352 recipetool: create: improve mapping for autotools program macros 1607fac recipetool: create: be more tolerant of spacing in configure.ac 9dca5c8 lib/sstatesig: skip shared_workdir when checking locked sigs 142bad3 python3: fix patching get_python_lib() in distutils/sysconfig.py 50d07e9 python3-native: use the previous version of python-config script 5dce2e3 qemu.bbclass: add qemu_wrapper_cmdline() 8b5afcd db: remove the NO_UPDATE_REASON and replace it a comment about RPM 5699c67 rpmresolve: It is not necessary to manually specify -lpopt 8ea55ba rpm: A number of the patches have been submitted upstream 6833c5d rpm: Enable specific crypto and digest settings via variables 59a4d99 security_flags.inc: Special flags are needed for RPM 007c284 rpm: Uprev to rpm-5.4.16 (pre) and rpm-5.4+cvs to current CVS head a27ca6d yocto-bsp: Update templates to 4.4 kernel 2d0933c conf/distro/include: drop old recipes 1fd183e bblayers.conf.sample: remove BBLAYERS_NON_REMOVABLE 477b8fb poky: Enable uninative 1b7cc9c linux-yocto/4.4: explicitly enable ftrace in tracing fragment aee7482 linux-yocto/4.4: iwlwifi: mvm: don't allow sched scans without matches to be started 2408f49 linux-yocto/kernel-meta: ktype refactoring: move DEBUG_KERNEL, EXPERT and EMBEDDED 9ac029b xmlto: tell xmlto where cp is 6d89b52 toaster.bbclass: improve how we gather buildstats for Toaster 4dd3e40 image-prelink: use STAGING_*_NATIVE variables 2193e9d strace: Backport fixes for compiling with clang ee8ff42 ghostscript: 9.16 -> 9.18 3f5725c fontconfig: Revert changes made to FcConfigAppFontAddDir() recently 433d866 populate_sdk_ext: Make populate_sdk_ext nostamp e186d6d systemd: binfmt should be added to SYSTEMD_PACKAGES only if binfmt is enabled b051a95 license.bbclass: fix host contamination warnings for license files f8a9774 oeqa/selftest/buildoptions: Test build does not fail without git rev 656aeff busybox.inc: add tail symlink so busybox can commit suicide cleanly a321f4e avahi-ui: add dbus to PACKAGECONFIG 1bd4b72 avahi: add missing intltool-native build dependency 72f9e39 avahi: make dbus optional but default 424466b oe-setup-builddir: tidy up local.conf and bblayers.conf commentary 07919e9 net-tools: Add SCTP option support e8254bc tune-corei7.inc: Fix PACKAGE_EXTRA_ARCHS for corei7-32 5346675 eudev: remove redundant udev_run assignment adad264 xcursor-transparent-theme: use a version glob in the selftest bbappend 946d00c populate_sdk_ext: Update after uninative changes ba57ba1 image.bbclass: support chaining compression (aka conversion) commands 5ac3dc7 image.bbclass: fix incomplete .rootfs customization 3322fa7 bitbake: toasterui: fix warning 'Unknown event' 621cbc8 bitbake: toasterui: exit on final events 8e138b7 bitbake: toasterui: make toasterui to work in build mode 0a61306 bitbake: toasterui: check if setEventMask succeeded ac941ac bitbake: command: make setEventMask readonly dd3da9a bitbake: toasterui: update list of events f56fa5d bitbake: toasterui: reformat list of events a71d32a bitbake: toaster: remove sshbecontroller module 3db71b4 bitbake: toaster: don't use sshbecontroller 790b2d1 bitbake: toaster: raise NotImplementedError 96535ba bitbake: toaster: bring back the strict directive 5b8b399 bitbake: toaster: change 'revision' to 'Git revision' 07ead98 bitbake: toaster: views api Package info return both kinds of RDEPENDS 9cda2ab bitbake: toaster: fixup dependency excludes for customimage a54cebe bitbake: fetch2/npm: ignore unknown headers in tarballs 0cd1be1 bitbake: fetch2/npm: handle alternative dependency syntax d999927 bitbake: fetch2/npm: fix indentation 26ee4dd image creation: allow overriding .rootfs suffix e43fcdf scripts/hob: drop 59b4cef classes/packageinfo: remove bbf2a5d conf/documentation.conf: remove BBLAYERS_NON_REMOVABLE 7054882 yocto-uninative: Add common include for uninative d2c96ca mtools: Drop GCONV_PATH manipulation d27644e uninative: Handle relocate of GCONV_PATH in libc 0523499 uninative: Add checksum support 73265d1 uninative: Refactor common code 4feb00d uninative: Use CXX11 ABI for interoperation between gcc4 and gcc5 013dd24 uninative: correctly enable uninative 034618d glibc: Add relocation of GCONV_PATH 8dca343 uninative-tarball: Add glibc-gconv-iso8859-1 for guile 1f50f29 dkpg: Use tar everywhere (not gtar) b158d6c gtk3+: Add missing DEPENDS on wayland-native e395e81 tune-cortexa17.inc: apply changes similar to a15 ea53d1e sstate: Allow late expansion of NATIVELSBSTRING bd3a1d5 linux-yocto: Update SRCREV for genericx86* for 4.4 70c6df2 linux-yocto: Update SRCREV for genericx86* for 4.1 ae85c4b linuxloader/image-prelink/image-mklibs: Fix non-standard path prelinking 0b84897 insane/prelink: Handle nonstandard library paths 6b564ae ext-sdk-prepare: Catch setscene tasks which should have run but didn't d8efd2e createrepo: Fix stat floating timestamps ce5a9df xmlto: ensure /bin/bash is used as bash 70b4f36 openssl: add a patch to fix parallel builds 1632742 xdg-utils: remove trailing whitespace in multiline string 816391a btrfs-tools: Add libgcc to RDEPENDS e467156 bitbake.conf: Add libgcc-native to ASSUME_PROVIDED a91713f net-tools: Override CFLAGS/LDFLAGS in do_install too fb0c3c5 nspr: Fix build regression on musl from last upgrade 37f5fb9 gdb: fix builds with internal readline and no static libraries 6518db4 feature-arm-thumb.inc: Fix thumb tune override warning afb1d09 recipetool: create: fix support for AX_CHECK_LIBRARY 463fd5e formfactor: assume a keyboard is plugged in e2107f5 acl: Fix re pattern in test cases 82a8064 gcc-runtime.inc: disable libitm for little endian MIPS too 25d9c4e devtool: add build-sdk subcommand 41eb36d devtool: build-image: rename module 82d0c8a oeqa/buildoptions: Improve unsafe references tests 4284fdf insane.bbclass: make the checking stricter for unsafe references in scripts 5cd71fe yocto-project-qs: Updated flow to mention Toaster cd041b7 dev-manual: Applied review comments to the devshell section. f54fe56 ref-manual: Updates for nativesdk clarifications. a882267 dev-manual: Fixed typo in the devshell section. 70c7e36 dev-manual: Created devtool upgrade section. b2b22d5 dev-manual, mega-manual, Makefile: Added support for new upgrade flow 0b7d8a4 dev-manual, mega-manual: Updated the workspace directory structure image 050e021 dev-manual: Applied review changes to the devtool section. 09ecf38 dev-manual, mega-manual: Updated three figures for devtool f33ffaa dev-manual: Applied more review comments to the section. fe70eb2 dev-manual, mega-manual: Updated the devtool modify flow diagram. eb3b414 dev-manual, mega-manual: Updated the devtool add flow diagram. 4c5bd3f dev-manual, mega-manual: Updated the devtool workspace figure. 9cee16b dev-manual: Applied review comments to the devtool section c678d1a dev-manual: Updated the devtool add section. a09238a dev-manual, mega-manual: Updated devtool add flow diagram 7699f0a dev-manual: Added section for devtool modify flow 1eecaea dev-manual, mega-manual: Added new figure for devtool modify flow 9582da6 dev-manual: Edits to the devtool-add section. 740369f dev-manual, mega-manual: Updated the devtool add flow figure a848e9f dev-manual, mega-manual: Updated the workflow layer content figure. 34e08b3 dev-manual: Added new "writernotes" style. 17a21e6 Makefile, dev-manual, mega-manual: Added new figure support d346c35 dev-manual: Applied review comments to devshell section. 3b41049 ref-manual, dev-manual: Clarifying "native" and "sdknative" a1970eb dev-manual: Updated devshell section. a58cde0 toaster-manual: Updated how manage.py createsuperuser command is run c5b4f69 ref-manual, dev-manual: Clarification of "native" and "sdknative" 952bcc7 toaster-manual: Removed prompts for json file. 34c75fa ref-manual: Updated the S variable description with feedback 2b2ced0 ref-manual: Updated the staging.bbclass description b9dddd5 ref-manual: Updated the S variable description. 41e9f7c dev-manual, ref-manual: Updated licensing text information. 5066fbc ref-manual: Added order information for conf file parsing. ad6b2f2 toaster-manual: Removed typo - double "allow" words. c8c533e ref-manual: Updated the do_populate_sysroot task. 2a3942b dev-manual: Updated section on adding license text. 77b3d06 ref-manual: Updated the S variable entry in the glossary. a1a4808 toaster-manual: Applied a patch to weed out build mode (modes). 353b755 bitbake: bitbake-user-manual: Added expand() function to list. 638ad17 bitbake: bitbake-user-manual: Added note for Python variable ref expansion. da22add bitbake: bitbake-user-manual: Enhance environment variable discussion. f11de9d e2fsprogs: do not enable non-stable features by default b04280a sdk_update.py: Enable local sdk-update tests 14dd07c sdk.py: Fix undefined variable c12e919 eudev: recipe formatting improvements 73a43fc openssl: Security fix Drown via 1.0.2g update ed14aef layer.conf: Update after replacement of udev with eudev e72233a bootimg: set default value for LABELS variable 4eaef67 sanity: Do not mistake meta-yocto-bsp for meta-yocto 86759de sanity.bbclass: remove conflict checking for image vm and live bb1c719 syslinux.bbclass: make vm and live can be built together 5c5c13d recipetool: create: add basic support for new npm fetcher/class 2be37a9 recipetool: create: add basic support for generating linux kernel recipes 5cf15ff recipetool: create: add support for out-of-tree kernel modules 937ecd0 bitbake: toaster: cleanup of bin/toaster startup code a7d1b95 bitbake: ui: remove the puccho ui a9dc72f bitbake: hob: removal of hob ui and associated ui files 27468db bitbake: fetch2/npm: Add missing ParameterError import 44e3461 bitbake: npm: in cases where shrinkwrap resolved a git URL, ignore it and grab dist.tarball 2a73181 bitbake: fetch2: Fix unpack for absolute file urls 865d2fe bitbake: fetch2: fixes copying of file://dir; subdir=foo, bug 6128 and bug 6129 fb437d3 meta-yocto-bsp: bump to linux-yocto 4.4 for the non-x86 BSPs fbedac4 maintainers.inc: Add new eudev package and change maintainership for udev 0138874 gcc: Add support for atomic opertions (libitm) where available 70153b4 classes/externalsrc: fix symlinking if symlink exists pointing to another path eac4061 populate_sdk_ext: Only write LCONF_VERSION to bblayers if it is set c366343 automake: don't delete .pyc files d6e63be cracklib: fix Python packaging a005d25 populate_sdk_base: handle empty SDK_PACKAGING_FUNC ec3be9f linux-yocto/4.4: update to 4.4.3 6ed16ff linux-yocto/4.1: iwlwifi: mvm: don't allow sched scans without matches to be started 2497e80 linux-yocto/4.4: update to -stable 4.4.2 aa2c1f7 linux-yocto: braswell: Remove feature and move DRM_I915_PRELIMINARY_HW_SUPPORT option 702701d linux-yocto/4.4: yaffs2 build fixes c2152b8 linux-yocto/4.1: update to 4.1.18 45d4cd7 linux-yocto/4.1: clkdev updates 79ecef6 linux-yocto/4.1: Galileo updates 5f61693 usbutils: Fix for new eudev implementation c89b777 libgudev: Fix for new eudev implementation 3e5e540 eudev: Replaces udev with eudev for compatibility when using sysvinit on newer kernels 674e55f populate_sdk_ext: Delete the buildtools tar file after installation d8acef2 libarchive: Set xattrs after setting times 431c1e1 combo-layer: handle empty commits during "init --history" 695cc45 classes/populate_sdk_ext: prepend to PATH rather than appending b145480 classes/module: allow substitution of the modules_install target name b03936c grub2.inc: drop bogus dependency on xz 7328765 grub2.inc: avoid passing -isystem to native builds 576587d grub2.inc: dont export TARGET_CFLAGS etc to grub2 configure 97a3322 harfbuzz: update 1.2.1 -> 1.2.3 edf93a0 gstreamer1.0-plugins-bad.inc: limit ARM_INSTRUCTION_SET over-rides to armv4/armv5 89140b0 dhcp: CVE-2015-8605 6ccd8cd sato/images: Add ptest image f38debb layer.conf: Whitelist cantarell-fonts fontconfig dependency b307937 pango: make ${PN}-ptest RDEPENDS on cantarell-fonts 0c80f29 cantarell-fonts: Add recipe 4006a7f sanity: Fix int verses string reference 2e27c4b bitbake: fetch2/npm: Enable fetcher 1c060d7 pseudo: Increase number of retries 030d920 bitbake: providers: Fix PREFERRED_VERSION lookup for '_' in PN c679a3d bitbake: fetch2: Skip lockfiles and donestamps for local files d01042e bitbake: fetch2/__init__.py: Error if lockfile path invalid ab7b7bf bitbake: fetch2/__init__: Fix decodeurl to better handle urls without paths 06b4d8f bitbake: fetch2/wget: Set localfile for directories 8d7e799 genericx86-common: Update PREFERRED_VERSION_linux-yocto to 4.4 65d6a62 gstreamer1.0-plugins-bad.inc: enable webp PACKAGECONFIG by default cd00748 gettext: Delete libintl.la file from install b33efa9 systemctl: handle RequiredBy dependencies 8caa592 ffmpeg: add bzlib, lzma and xv PACKAGECONFIGs 0011760 rootfs-postcommands: fix ssh_allow_empty_password checking 96f5f89 musl: Add linux-libc-headers to deps 3354878 mesa: Fix build on musl 7651342 dosfstools_2.11: fix build following removal of -e from EXTRA_OEMAKE 6c8abea uclibc support for rng-tools c7e5a38 oeqa/sdkext: Add sdk_update.SDKUpdateTest class. 738bd1a classes/testsdk: Pass tcname to SDK and SDKExt contexts 2a410b2 classes/testsdk: Move the removal of bitbake PATH to eSDK context only eb1f8b9 classes/testsdk: Move code for avoid PATHs to oeqa.utils 55d4849 gstreamer1.0-plugins-XXX: control orc PACKAGECONFIG via GSTREAMER_ORC 083c63d boost.inc: fix BJAM_OPTS --build-dir option f4e17c6 shared-mime-info: update to 1.6 4ffdfdf vala: update to 0.30.1 f53f374 python-git: update to 1.0.2 ec73437 pax-utils: update to 1.1.5 447ddb9 nettle: update to 3.2 26a3d25 ncurses: update to revision 20160213 dc42d30 libdrm: update to 2.4.67 0296e0a gtk+3: update to 3.18.8 e08ad62 gtk-icon-utils-native: update to 3.18.8 9daf153 git: update to 2.7.2 927dfaf gnupg: update to 2.1.11 2c39358 clutter-gst-3.0: update to 3.0.16 b8a1e59 ccache: update to 3.2.4 4d4aa1f libsolv: update to 0.6.19 8c2e420 ffmpeg: update to 3.0 afce247 nspr: update to 4.12 b19dbe5 pcmanfm: update to 1.2.4 6b41608 libfm: update to 1.2.4 325a9d3 epiphany: update to 3.18.4 d4da534 wic: don't throw away our created swap partition 5f82d17 automake: set test-driver path relative to top_builddir b41862d uninative-tarball: respect SDKMACHINE when building 4d1c14f boost.inc: enable more verbose build logs 7f84ad0 gstreamer1.0-plugins-XXX: move inherit gettext into common .inc file 2ce48e6 gstreamer1.0.inc: add explicit PACKAGECONFIG init 935d88a gstreamer1.0-libav: move LIBAV_EXTRA_CONFIGURE_COMMON_ARG into .inc 3a8ff19 gstreamer1.0-libav_git: add --ranlib option to LIBAV_EXTRA_CONFIGURE_COMMON_ARG b8bdb99 boost.inc: limit ARM_INSTRUCTION_SET over-rides to armv4/armv5 9ca8f30 populate_sdk_ext: Add images to SDK_INSTALL_TARGETS 07dc765 boot-directdisk.bbclass: drop IS_VM chechking a87574c image-live/boot-directdisk.bbclass: remove AUTO_SYSLINUXCFG 76eb815 testimage.bbclass: reuse generic test suites 6571a84 testimage.bbclass: add generic, image test suites 8c45747 gconf: remove redundant dependencies a74c389 gtk-doc-stub: don't inherit autotools 2269f90 os-release: sanitise VERSION_ID field 9d86b26 apr-util: add ldap crypto and sqlite3 to PACKAGECONFIG d8d2f57 apr-util: fix loadable module packaging 77cfa2b glibc.inc: improve optimisation level sanity checking 04c4719 rsync: add native variant 2c20fe4 core-tools-profile: add lttng tools for aarch64 8a0b997 lttng-ust: add support for aarch64_be 6081c35 liburcu: add support for aarch64_be 07a3c71 harfbuzz: add explicit dependency on fontconfig 73cc8b8 harfbuzz: update 1.2.0 -> 1.2.1 bb151b8 fontconfig: Don't add font directories from host e9f5134 musl: Upgrade to 1.1.14 bf4d380 oe-selftest: devtool: add an additional test for devtool upgrade 4bae2f2 oe-selftest: devtool: rework devtool upgrade test 10290f2 devtool: upgrade: print new recipe name 5cd3be3 devtool: upgrade: drop PR on upgrade e6f684b devtool: upgrade: eliminate unnecessary datastore copy 860574e devtool: upgrade: fix several issues with extraction of new source 66a781c devtool: upgrade: fix constructing new branch from tarball releases d30cc76 devtool: upgrade: fix renaming of recipe if PV is not in name 75eeeab devtool: upgrade: fix moving version-specific files directory 81ebb0b devtool: upgrade: fix version argument checking e953b57 devtool: upgrade: drop superfluous call to validate_pn 492b1eb devtool: upgrade: make source tree path optional 942ae25 devtool: modify: fix source tree default name when mapping virtuals e2334e1 devtool: add: tweak auto-determining name failure message 55ae566 uninative.bbclass: if the loader can't be found disable instead of failing 50b8740 uninative: use check_output instead of Popen directly 4495e8b lib/oe/qa: add explicit exception for 'file isn't an ELF' 4553bb1 libdrm: fix build with uclibc 4e5a871 strace: fix ptest execution e8e0489 clutter-1.0: Fix confgure test errors found by clang b748f40 oeqa/parselogs: Updated whitelist 4b32351 buildstats.bbclass: Don't assume /proc/<pid>/io present 07e1f10 sysvinit-inittab: Move start_getty scrip to base_bindir. 8d07e14 oeqa/selftest/prservice: Added new TC: check pr-server starts and stop correctly on localhost. d2a563c oe-selftest: Add support for lib/oeqa/selftest subdirectories 7f58b92 musl: Upgrade to 1.1.14 73bf792 devtool: update-recipe: create config fragment 2fbd1d7 devtool: sync: update kernel config 26f951b git: fix installed-vs-shipped QA Issue 033db24 btrfs-tools: fix symlink creation multiple times 9af773f bison/gettext: add --with-bisonlocaledir to assign BISON_LOCALEDIR b14e2ae gcc: use relative path for configure script 1f00fb2 depmodwrapper-cross: nopackages to avoid QA [buildpaths] issue 00a6f5a oeqa/utils: added new network module 3f7aa6f scripts/oe-selftest: Use site.USER_SITE to run coverage configuration code for sub-process 1c6c76e scripts/oe-selftest: Add filtering to the coverage data gathered by oe-selftest 4a21827 oeqa/selftest/signing: Added test for locked signatures 604dc1c package: check inherit instead of PN to decide if a recipe is a packagegroup b4df005 tune-cortexa9.inc: add vfpv3 tunes 889a5cc mirrors/own-mirrors/sanity: Updates after npm fetcher addition 28d17cf npm.bbclass: Add npm class to match fetcher bc5a1d1 base: Add nodejs-native dependency for npm:// urls 9d5483c meta-yocto: Rename to meta-poky to better match its purpose ab3a718 adt-installer: Drop since its replaced by the extensible SDK c1c6a9d sanity: Improve configuration upgrade capabilities (support meta-yocto -> poky transition) 2587101 image: Run do_rootfs_wicenv after do_image e0fd964 bitbake: toaster: change 'delete layer' to 'remove layer' 6e82820 bitbake: toaster: rename 'run again' button c8dd72c bitbake: toaster: fix banner after customimage package add 149f574 bitbake: toaster: custom breadcrumb for the default project 4a12865 bitbake: prserv: Add dump_db() bdb51ab bitbake: toaster: remove custom images from Image Recipes 98d462c bitbake: toaster: show suffix for image files and basename for artifact files 88b5660 bitbake: toaster: add missing link to image recipe details 25b179d bitbake: toaster: adjust the search field width a97081b bitbake: toaster: make 'configuration' the first tab e1fc319 bitbake: toaster: link to configuration in all breadcrumbs df2808f bitbake: toaster: reduce max height of modal dialogs 6c51f08 bitbake: toaster: disable add layer button on click d4a663a bitbake: toaster: apply error class to name field 48f0ae2 bitbake: toaster: fix custom image name form 07eb4f2 bitbake: toaster: comment out project release change 12ade9b bitbake: fetch2/npm: Add mirroring support for npm fetcher ca5b6d6 bitbake: fetch2/npm: Add npm fetcher 813bd1f bitbake: utils.py: Add sha1_file call 7bb9e8d signing-keys: Make signing keys the only publisher of keys 64ab17b systemd: Upgrade to 229 44248af harfbuzz: update to version 1.2.0 f4f5573 perf: add sysroot handling to subcmd 7a95c2c oeqa/selftest/buildoptions: build -minimal instead of -sato images 2980ac0 bitbake.conf: add findutils-native to ASSUME_PROVIDED 2e152ff findutils: upgrade to 4.6.0 951ce18 mesa: add missing space to RRECOMMENDS append 2305610 uclibc: Do not use immediate expansion operator aab3900 security_flags: Disable ssp when compiling uclibc afb954e rpm: fix building rpm 5 with internal beecrypt 069cdbe alsa-lib: topology: Add missing include sys/stat.h b879aed libsdl2: Fix patch after upgrade 3d4f71d gstreamer1.0-libav_git: update 1.7.1 -> 1.7.2 9d83a3e gstreamer1.0-plugins-ugly_git: update 1.7.1 -> 1.7.2 6456a6f gstreamer1.0-plugins-bad_git: update 1.7.1 -> 1.7.2 821498f gstreamer1.0-plugins-good_git: update 1.7.1 -> 1.7.2 04e77c1 gstreamer1.0-plugins-base_git: update 1.7.1 -> 1.7.2 e67c91d gstreamer1.0_git: update 1.7.1 -> 1.7.2 ea8c34e libnewt: Fix build with PIE flags 66a833a pseudo: Fix build when security flags are enabled 91a1baa glibc: Upgrade to 2.23 c1f9507 no-static-libs: remove eglinfo 0ab67d6 freetype: use autotools instead of a manual do_configure 4883ccc classes/populate_sdk_ext: add a better config extension mechanism 524ee08 recipetool: create: improve CMake package mapping 7b6e5b0 recipetool: create: add additional extension mechanisms b2d4472 devtool: modify: tweak help description for behaviour change a8e0e5e devtool: deploy-target: preserve existing files 2059a34 devtool: undeploy-target: support undeploying all recipes b95c72c devtool: deploy-target: write deployed files list to target 62989ef devtool: sdk-update: tweak command-line handling of updateserver cada5a8 devtool: (un)deploy-target: add help descriptions 6bd88e6 scripts/lib/argparse_oe: tweak title above options 32ef523 devtool: categorise and order subcommands in help output 9f7df76 devtool: update-recipe: don't show workspace recipe warning if no update 51972ed devtool: reset: fix preserving patches/other files next to recipes e54f9c1 devtool / recipetool: use common code for launching editor dd35f69 devtool: minor fix for error message 41242a2 staging.bbclass: remove trail slash from SYSROOT_DESTDIR aeb8964 terminal.bbclass: import oe.terminal for oe.terminal.prioritized() bee556a recipe_sanity.bbclass: skip DataSmart in recipe_sanity_eh() 2d293bd image.bbclass: fix circular dependency when IMAGE_FSTYPES append hddimg a332360 toolchain-scripts.bbclass: add three other path to PATH in env.sh 4d2910f libsoup-2.4: disable libsoup-gnome by default 619f6c6 libsoup-2.4: prevent PACKAGECONFIG dependant package renaming 13e726f libsoup-2.4: minor formatting improvements dd0ef3c populate_sdk_ext.bbclass: Add SDK_RECRDEP_TASKS variable 4c5c40d devtool: Don't recursively look for .devtoolbase in --basepath 0220180 populate_sdk_ext: Don't ignore SDK_TARGETS value 8c0ba8d bitbake: toaster: toastergui Fix invalid char test and implementation 913e9b1 bitbake: toaster: PackagesTable show only installed packages 94bca58 bitbake: toaster: toastergui unit tests convert to use fixtures 8796ac8 bitbake: toaster: SoftwareRecipesTable apply default order_by 8469e58 bitbake: toaster: orm migrations Sort out migrations mess 78b6109 cml1/sstate: Fix missing getVar parameter 7e19f88 linux-yocto/4.1: capabilities backports 54bfbcc waf.bbclass: Remove --disable-static from EXTRA_OECONF 51fc304 gcc-5.3: backport fix for PR-target-65358 ed20c6c epiphany: Add libxml2-native to DEPENDS 2021f63 libsdl2: update to 2.0.4 947b3bf cmake: Update to 3.4.3. 4699483 sstate.bbclass: use oe.gpg_sign for gpg signing db7c7c2 oe/gpg_sign: add 'passphrase' argument to detach_sign method e845b75 sign_rpm.bbclass: do not store key details in signer instance d5be866 oe/gpg_sign: add 'armor' argument to detach_sign() 03554b7 oe/gpg_sign: add verify() method af7e516 ruby: break out ri-docs and rdoc into separate packages 8bcf139 insane.bbclass: print more info for build-deps and file-rdeps 5f3dfea curl: re-enable proxy support by default 1f61888 libtool: Don't hardcode grep paths a3b996a cml1.bbclass: fix do_menuconfig 91bfe50 cups: upgrade to 2.1.3 eeac0a9 coreutils: upgrade to 8.25 01dc859 findutils: upgrade to 4.5.19 bf7d5f6 diffstat: upgrade to 1.61 247f3b4 grep: upgrade to 2.23 4e5e501 bitbake: data_smart: Drop default expand=False to getVarFlag [API change] c7610aa bitbake: data_smart: Drop default expand=False to getVar [API change] 4f0ab27 bitbake: SignatureGeneratorBasic: make checksum cache file configurable 0cdf193 bitbake: MultiProcessCache: make cache filename configurable ca552bb bitbake: FileChecksumCache: add get_checksums() method 8f61f2d bitbake: bb/runqueue: save task file dependency cache onto disk 5177b1e bitbake: SignatureGenerator: add method for saving the file checksum cache 97617fd bitbake: bb/cache: drop some unused arguments 5a87d8c bitbake: Allow Hob to run images on a custom simulator, other than qemu 7fc38ea gma500-gfx-check: Fixes infinite calling to modprobe gma500_gfx be7b52a pulseaudio: 6.0 -> 8.0 c52b8f6 alsa-plugins: 1.0.29 -> 1.1.0 a231a4e alsa-utils: 1.0.29 -> 1.1.0 1adbb73 alsa-tools: 1.0.29 -> 1.1.0 3a82e2e avahi: update to version 0.6.32 14daeb5 no-static-libs.inc: Add libcap-native c001863 libsdl2: Fix build with static libraries disabled a46dc87 uboot-inc: Backport patch to fix Beaglebone Black bootloader c7355b9 busybox: drop patches that are not valid anymore 47d0119 pcmciautils: Update SRC_URI f37ac5b debianutils: Upgrade 4.5.1 -> 4.7 adfcaf2 busybox: Add musl config for _git recipe 46824dc debianutils: Fix SRC_URI to use debian snapshot 3df8701 nfs-utils: bugfix: adjust name of statd service unit c15bf55 musl: Upgrade to 1.1.13+ 07e7879 dpkg: Update to 1.18.4 5794b56 glew: upgrade to 1.13.0. aea0746 glew: rewrite to use upstream build system 0b1c324 socat: Fix build with musl 04c6a48 binutils: Fix useless rpaths QA warning eb6d14e image/populate_sdk: seprate variables to fix dependency c9e5e34 gcc: Backport nios2 r31 fix 012460d sqlite3: update 3.10.2 -> 3.11.0 f770a6e insane: wrap autotools checks in inherits_class(autotools) checks 35011d9 cmake: don't inherit autotools 9cd64ed oeqa/selftest/bbtests: Test bitbake --setscene-only option 7e5b451 glew: don't put our CFLAGS into the pkgconfig file b1145cc dbus: update large file patch fad63e3 coreutils: fix problem with acl for 6.9 version 351039f gcc-4.9/5.3: Ignore -fdebug-prefix-map in producer string 7a11650 bitbake.conf: use target path as compile dir in debugging info ef30119 glibc: Security fix CVE-2015-7547 c834ebc glibc: CVE-2015-8776 842177a glibc: CVE-2015-9761 efa1ae5 glibc: CVE-2015-8779 aefe1fa glibc: CVE-2015-8777.patch 152914f oeqa/parselogs: Whitelist dmi firmware failure message in 4.4 kernels 683ea31 rng-tools: Fix underquoted m4 and libgcrypt floating dependency 7a700f5 lib/qa.py: raise ValueError if file isn't an ELF 334e1b5 lib/oe/qa: ELFFile: check that a path is a file before opening it 11359e9 rng-tools: fix the build with musl a258589 bitbake: bb.ui.knotty: prefix task messages with recipe/task 4bf8b21 bitbake: Move bb.{debug,note,..} into their own logging domain 3b35de3 layer.conf: Add gstreamer1.0-meta-base to SIGGEN_EXCLUDERECIPES_ABISAFE 14e9385 sstate: Add ca-certificates-native to postinst recipes list 73e53e4 nss: define RPATH variable for nss-native 6e4e9f7 Revert "lsbinitscripts: fix the path for mountpoint" 6db39e1 libunwind: Fix build on ppc 47896a7 dbus-glib: 0.104 -> 0.106 93d8fc1 conf/no-static-libs: add explicit rule for libical 637b44c runtime/systemd: Fix for boot time string parse error ef5b8b4 security_flags: Add SECURITY_CFLAGS to TARGET_CC_ARCH for binutils 1387785 binutils: Use tip of 2.26 branch da13f0b buildhistory.bbclass: remove out-dated information on request a56da4a Remove obsolete references to exmap 8b21720 bitbake: knotty: Set exit failure code on runQueueTaskFailed events a9223e2 bitbake: taskdata: Fix traceback issue with missing provider 7593756 bitbake: cooker: Improve cache handling 9cb38c1 poky: Disable static libs by default f852014 bitbake.conf: Remove unhelpful default value for EXTRA_OEMAKE b050c50 apmd: fix build with static libraries disabled d585a71 oeqa: Update to handle domain specific references in build logs 9300749 libpng12: Handle no static libs 67ea65e ed_0.5: Handle --disable-static option 438d6d6 conf/distro/include: Add no-static-libs.inc 2eb19cc classes/buildhistory: fix for python function parsing change 1a3204c valgrind: Fix build with musl e8b0da1 rpm: Fix build with musl 48144e0 gstreamer1.0-meta-base: Mark as machine specific due to COMBINED_FEATURES ff8ca89 gdb-cross-canadian: Add missing virtual/* DEPENDS 120a160 e2fsprogs: Update to upstream version of a patch 5394ada gdb: Rationalise PACKAGECONFIG ce0f8ab insane: Add --disable-static to UNKNOWN_CONFIGURE_WHITELIST 94abdb2 linux-yocto: Work around PAT issue on qemux86 6fb493a libgcrypt: update 1.6.4 -> 1.6.5 bf9ad22 musl: Upgrade to tip of tree 5d156bc oe-selftest: don't use specific tasks 80e8928 oe-selftest: pylinted wic tests 9b6dc9b wic-image-minimal: use uuid for root partition ab7cb65 wic: fix processing of --use-uuid 51e0a8a oe-selftest: add new wic testcase 2100f82 wic-image-minimal: update .wks to boot by qemu 4b26601 wic-image-minimal: change IMAGE_FSTYPES f799e21 oeqa/targetcontrol: support wic image type 7066f16 oeqa/targetcontrol: make ssh control optional 0ade658 qemurunner: add parameter to method 'start' d083fec oe-selftest: remove unused parameter c26a9c3 runqemu: support path/to/<image>-<machine>.wic c7f0578 runqemu: don't set KERNEL for wic images 2c3a009 runqemu: add support for wic images 64d2f13 scripts/sstate-cache-management.sh: Change wording 6740dd5 qemu.inc: Add rng-tools to qemu images ce3df21 rng-tools: Import recipe from meta-openembedded 36b43b2 lib/oe/terminal: set workdir for konsole terminal 03e1950 mmc-utils: upgrade to latest git version b5b8003 ltp: Upgrade to 20160126 and fix build on musl f6b3957 initscripts: start urandom after populate-volatiles 85ac8eb initscripts: populate-volatiles.sh: add mount-bind feature be5b72c libdrm: don't detect components that have been disabled 5fc5996 buildhistory: Fix regex to handle versions without spaces 7c3d4c0 debian: Fix superfluous setting for RPROVIDES 2eba066 autotools: Fix interaction with bitbake -b 9c8fee9 autotools: Correct dependency search logic error 971fafb maintainers.inc: include libjpeg-turbo and mmc-utils 4e0b334 scripts/runqemu-internal: Work around qemux86 PAT bugs in linux 4.4.1 283a302 sanity: Bump minimum version to 1.29.0 1c2d632 bitbake: Bump version post release to 1.29.0 a12dcc4 base.bbclass: fix support for gitsm:// bc72f64 linux-yocto: Update SRCREV for genericx86* for 4.4 be89a1d linux-yocto: Update SRCREV for genericx86* for 4.1 4a8d20a poky: update qemu* to prefer 4.4 kernel d255f4f linux-yocto/4.1: galileo backports and support fdcb373 linux-yocto/4.1: update to v4.1.17 5688cab linux-yocto/4.4: update to v4.4.1 f9f93ae bitbake: cooker: gracefully shutdown parsers 1f7f077 bitbake: buildinfohelper: unset brbe variable when build finishes 9a6cb10 nativesdk-buildtools-perl-dummy.bb: Fix variable expansion in python code 5e978d7 classes/testsdk: do_testsdkext avoid STAGING_DIR/BASE_WORKDIR in PATH f56e9aa freetype: update 2.6.2 -> 2.6.3 1ba1aa3 freetype: minor formatting improvements 0d5e611 piglit: upgrade SRCREV 72c6b62 libbsd: Security fix and update 0.8.2 78be954 gstreamer1.0-plugins-bad_git: fix gst_structure_get() etc compiler warnings fdd8979 gstreamer1.0-plugins-good_git: fix gst_structure_get() compiler warning a23a50e python-setuptools: Add python-compile on RDEPENDS 914ff14 qemu: Security fix CVE-2016-2198 0938353 qemu: Security fix CVE-2016-2197 1f3e1d1 curl: add PACKAGECONFIG options for less common / legacy protocols 19045ba toaster: tests Remove symlinks from toasteruitest folder 738a9b7 classes/sanity: check_perl_modules provide output when fail e64ce73 oe-selftest: devtool: add another devtool add test a5095d1 recipetool: create: set S when we set SRC_URI from local git repo ca5a36c recipetool: create: convert http git URLs that don't end in .git but contain /git/ 4c71afb recipetool: create: ensure URL parameters don't make it into the name 86f3464 devtool: add: fix adding from a local source directory fa50153 devtool: modify: make -x the default behaviour f767757 recipetool: create: determine name/version from github/bitbucket URLs d94c7e3 recipetool: create: support cmake find_library directive ddfe744 devtool: commit for extra tasks that modify source when extracting e36cb6c classes/externalsrc: create symlinks for workdir and logs 20034c3 classes/externalsrc: disable rm_work when active c38f253 uninative.bbclass: capture stdout/err from patchelf-uninative 9065222 db: update HOMEPAGE f0d5478 mdadm: update to version 3.4 79d5041 iproute2: update to version 4.4.0 21e3b2a image_types_uboot: add cpio.gz.uboot to supported IMAGE_TYPES 6fab5fc recipetool.newappend: add -e/--edit argument 252f97e liburcu: Add nios2 support e72ab70 strace: Fix build for arc, metag, nios2, or1k, tile 691277f udhcpc: specify full path for ip command calls f141f0b alsa-lib: avoid including <sys/poll.h> directly a1ad3d0 oprofile: Add nios2 support fd7dd07 nspr: Add nios2 support 954dc45 guile: Fix nios2 support 611e3d8 binutils: Repair nios2 PLT and GP handling 027eac5 gstreamer1.0-meta-base: make gstreamer1.0-plugins-base-alsa conditional 056d82c curl: drop obsolete pkgconfig_fix.patch 0e62f01 iproute2: update to version 4.4.0 216e618 quota: update to version 4.03 25d2956 oeqa/selftest/sstatetests.py: check that PARALLEL_MAKE doesn't change signatures 2966016 bitbake.conf: remove unused ALLOWED_FLAGS 3bdeda5 libproxy: remove GPLv3 logic and spurious exports 86994fd libproxy: add PACKAGECONFIG control for gnome3 033d754 libproxy: replace PACKAGECONFIG equivalent with the real thing e65a29e openssh: Properly skip ptrace test if tools are missing e1a1e0b openssh: Fix regex that sets sftp-server path for tests d7faf67 insane.bbclass: Support MicroBlaze with musl 9937c93 hdparm: Explicitly set EXTRA_OEMAKE as required 7475c4c qemu: Security fix CVE-2016-1568 4857511 xserver-xorg: Add PACKAGECONFIG for crypto libraries 34798fa mesa: upgrade 10.6.3 -> 11.1.1 7edea7c initrdscripts: fix mmc device as install target c3ef2bb libsoup-2.4: Remove unnecessary gnutls dependency 04454b2 wpa-supplicant: Only depend on libgcrypt when needed 4de0ee6 systemd: Don't depend on gcrypt unnecessarily 0da96bf buildstats.bbclass: remove dead URL from comment 326592d Remove obsolete references to exmap a0cc1c3 curl: update 7.47.0 -> 7.47.1 a0d3eb9 sign_package_feed.bbclass: fix task dependencies 8cb1e83 oe/gpg_sign: fix incorrect variable name 902a68f meta/conf/layer.conf: adapt to more flexible initramfs-framework RDEPENDS 5b2b343 tune-corei7.inc: tell qemu to emulate a matching processor 5b70ee4 pixz: fix upstream version check 62a6f97 webkitgtk: update to 2.10.7 1cd6912 libwnck3: update to 3.14.1 e53eef9 iso-codes: update to 3.65 30cf8aa bash-completion: fix upstream version check 8098256 gstreamer1.0: fix upstream check for unstable versions from git c24b0ab ffmpeg: update to 2.8.6 9237097 python: merge python-elementtree into python-xml 5ac4172 piglit: add missing dependency on python-xml 4d3ca42 systemd: tighten timesyncd and journal-gateway user accounts 6be3031 systemd: extend PACKAGECONFIG flags 85728ec systemd: rename systemd-zsh to systemd-zsh-completion 22a2866 systemd: move some tools into systemd-extra-utils package 9909104 classes/useradd: handle whitespace only USERADD/GROUPADD/GROUPMEMS e485686 systemd: realign packages list 41d0f83 systemd: move bash completion into separate package 9a80afd nettle.inc: drop duplicate LIC_FILES_CHKSUM and SRC_URI hashes 72ec267 gdb: drop unnecessary CC_FOR_BUILD etc exports 00d6b67 gdb: build fix for MIPS + musl libc 40e4e8c strace: build fix for MIPS + musl libc 299b426 uclibc: fetch from master branch not 1.0 4ac4d28 uclibc-ng: Bump up to 1.0.12 release 70bfd4c musl: Upgrade to tip of tree d1496b4 e2fsprogs: Fix multiple xattr handling 9d4b526 cdrtools-native: Explicitly set EXTRA_OEMAKE as required 864797a oeqa/prservice: Fix whitespace problem 7cd8351 pseudo: uprev to 1.7.5 246b02e ptest-runner: Explicitly set EXTRA_OEMAKE as required 7932525 unzip: Explicitly set EXTRA_OEMAKE as required 4ef055c sysklogd: Explicitly set EXTRA_OEMAKE as required 625066b stat: Explicitly set EXTRA_OEMAKE as required 07e81c8 pigz: Explicitly set EXTRA_OEMAKE as required 936223b iputils: Explicitly set EXTRA_OEMAKE as required 1e3fdbb ed: Explicitly set EXTRA_OEMAKE as required ef36b6f gptfdisk: Explicitly set EXTRA_OEMAKE as required 59ee206 dmidecode: Explicitly set EXTRA_OEMAKE as required d17758a libacpi: Explicitly set EXTRA_OEMAKE as required 44e8d0f apmd: Explicitly set EXTRA_OEMAKE as required 961d898 perl: Explicitly set EXTRA_OEMAKE as required ecb9c34 oeqa: Improve test failure messages ae2f3a3 sstate: Ensure populate_lic sstate objects are cleaned 26f26e5 package_deb: Ensure allarch deb packages aren't target specific b3a2065 base: Make do_cleansstate nostamp 37357ab classes/testimage: Fix exportTests function. f895a61 classes/testsdk: Add help information on how to run tests. e22fbce oeqa/sdkext/devtool.py: Add location test to ensure that devtool is the eSDK one. 92d0cc5 oeqa/sdkext: Add devtool basic tests for eSDK. a619ea2 oeqa/oetest: Fix compatibility SDK tests using eSDK. 062dbd6 classes/populate_sdk_ext: Add SDK_EXT_TARGET_MANIFEST and SDK_EXT_HOST_MANIFEST 4cfdf17 testsdkext: Add skeleton for support Extensible SDK tests. 5580d7b classes/testsdk: Add compatibility SDK testsuite to eSDK 7181da7 oeqa/oetest: oeSDKTest when run a command redirect env output to null f3c2ce2 classes/testsdk: Add function run_test_context 3577c35 oetest.py/TestContext: Move loadTests and runTests inside it. 8009418 testimage/testsdk: Move get test suites routine inside TestContext. b588b80 testimage/testsdk: Modularize TestContext. 59791d1 toolchain-shar-extract.sh: Add proxy variable to new env. abd8158 classes/testsdk: Add call to export_proxies on testsdkext. 42f2ac4 classes/testsdk: Add testsdkext task only install. 90590ab get_test_suites: Add sdkext type for load test suites. 2ecc319 populate_sdk_ext: Set TOOLCHAINEXT_OUTPUTNAME. 7b459be classes/testimage: Add defeault inherit for testsdk. 24326a9 classes/testsdk: Add new class testsdk. 3d1d30b testimage: Modularize helper functions for get test lists. 8b5ee36 bitbake.conf/base: Improve handling of SRCPV 947e526 oeqa: setup bitbake logger after tinfoil.shutdown 400f530 bitbake: build: Improve python execution tracebacks aece748 bitbake: build/data: Don't expand python functions before execution [API change] e39cfb1 bitbake: cooker: Don't expand python functions in variable dumps f652b6b bitbake: data: Don't expand python functions for variable dependencies d3e0c44 bitbake: data_smart: Avoid expanding anonymous python functions e0eb2ea bitbake: toaster: models Remove manual transaction control from lsupdates 48622e1 bitbake: toaster: build section Improve display of builds when > 1 targets 4d0ba0f bitbake: toaster: templates make build data breadcrumb consistent 99184d7 bitbake: BBHandler/ast: Merge handMethod and handleMethodFlags 6ba69b4 bitbake: utils: Drop datastore function inspection during exception f8a44b1 bitbake: cooker: extended dot styling 30c132b bitbake: toaster: Enable Image Customisation feature 5e14a8f bitbake: toaster: xhr_customrecipe_packages Add dependencies to included packages 749f5a6 bitbake: toaster: orm generate_recipe_content only exclude locale packages 6269411 bitbake: toaster: customrecipe page Add last successful build link and conditionals 8d5b61e bitbake: toaster: models Add update_package_list for CustomImageRecipe 86db0bd bitbake: toaster: orm Add last_updated field to CustomImageRecipe 18d8b17 bitbake: toaster: models add get_last_successful_built_target method 8885b7b bitbake: toaster: pkg_dependencies_popover just show direct dependencies 40f6eff bitbake: toaster: models add all_depends method for Package_DependencyManager a8ab1c6 bitbake: toaster: buildinfohelper CustomImagePackage update dependency info 0fee829 bitbake: toaster: newcustomimage_modal add frontend name validation cb6d290 bitbake: toaster: API CustomImageRecipe check the recipe name supplied is valid 5634a25 bitbake: toaster: views CustomRecipe API add size information to the package lists 6fbceb0 bitbake: toaster: models Invalidate ToasterTables cache when a m2m field changes 998f9af bitbake: toaster: customrecipe Add dependency tracking to package selection 9976e4f bitbake: toaster: tables move template logic into the pkg_add_rm_btn d77c247 bitbake: toaster: CustomImageRecipe generate overwrite IMAGE_FEATURES 481dc11 bitbake: toaster: make locale packages uneditable in custom image page a757d39 bitbake: toaster: include locale and packagegroup packages in custom image baac458 bitbake: toaster: update custom image package table filters efbffe3 bitbake: toaster: move recent builds query to model b514785 bitbake: toaster: update customimagerecipe migration df58f5b bitbake: toaster: add merge migration to resolve conflict 38f4913 bitbake: toaster: orm generate_recipe_file_contents Handler for require recipe 769017e bitbake: toaster: project builds Poll the server to get latest progress for build 971d65c bitbake: toaster: localhostbectrl Update the dirpath of customrecipe's base layer 6d9f342 bitbake: toaster: tables Check layer presence in project for customise_btn 76c0008 bitbake: toaster: toastergui tests Add addtional data to the setUp for new tables 70a078e bitbake: toaster: tables SelectPackagesTable rename recipe_id to custrecipeid 7e4c231 bitbake: toaster: toastergui tests Update package test to use CustomImagePackage 4b3c9d6 bitbake: toaster: customrecipe Add further front end features using new API b213907 bitbake: toaster: xhr_customrecipe_packages add GET info for package response a9668ee bitbake: toaster: xhr_customrecipe_id change to use CustomImagePackage 439314c bitbake: toaster: API allow CustomImageRecipe to be updated after creation 9ea4de6 bitbake: toaster: tables Change SelectPackagesTable to use ProjectPackage 20f400b bitbake: toaster: tables add recipe download link to CustomImagesTable 1c9ce1c bitbake: toaster: newcustomimage_modal use libtoaster method for new CustomRecipe 8b1d043 bitbake: toaster: libtoaster Add createCustomRecipe method 32048fa bitbake: toaster: orm Add convenience method to get all pkgs in a CustomImageRecipe c80b7df bitbake: toaster: orm get_project_layer_versions to return layer_version objects 796e348 bitbake: toaster: toastergui tests Add unit test for download custom recipe 04d8c94 bitbake: toaster: toastergui tests Update to reflect changes to CustomImageRecipe 4e8a0aa bitbake: toaster: views xhr_customrecipe_packages clean up API 66b5608 bitbake: toaster: toastertable remove title from Show all in table ce72896 bitbake: toaster: Add recipe details page 5f52614 bitbake: toaster: newcustomimage Move modal dialog out of newcustomimage template 2a3dd32 bitbake: toaster: Continue front end features to custom image recipe page. d6e7e4a bitbake: toaster: tables Add table for Packages and update SelectPackagesTable 43f0a05 bitbake: toaster: views Add view to download custom recipe 2cf55af bitbake: toaster: move CustomImageRecipe generation to API entry point c402ac2 bitbake: toaster: orm add CustomImageRecipe generate contents function a6e4f94 bitbake: toaster: buildinfohelper Add the concept of CustomImagePackage e1bfe1c bitbake: toaster: orm: Add db migration for new CustomImagePackage table f760a78 bitbake: toaster: orm Add CustomImagePackage table 4117af2 bitbake: toaster: orm: Add db migration for new CustomImageRecipe inheritance change 1f10289 bitbake: toaster: orm make CustomImageRecipe inherit from Recipe 648753b bitbake: toaster: orm Add sum of dependencies size function to PackageDependencyManager a92fc30 bitbake: toaster: tablejs Add an event handler to manually trigger a data reload 4c82878 bitbake: toaster: ToasterTables simplify filter function move common part to widget 3e1e8e6 bitbake: toaster: models fall back to a sensible string for no vcs reference 14d09c8 bitbake: toaster: localhostbecontroller CustomRecipe now base_recipe is Recipe 7d5d8d0 scripts/lib/bsp/engine: trailing whitespace cleanup dfeda17 scripts/lib/bsp/engine: fix path separator d482d84 maintainers: remove gtk-theme-torturer and gnome-mime-data d0d85a4 bitbake: bb/fetch2: Move export_proxies function from wget to utils. 7226ce2 glibc-locale: fix QA warning 4a2f42f formfactor: add machconfig for Beaglebone eb53c54 sstatetests: Fix after change to sstate populate_lic SWSPEC a43b9ef gstreamer1.0-plugins-base: move freetype dependency into 1.6.3 recipe fb4f05b gstreamer1.0-plugins-base_git: update to git master 1.7.1-79-g6414289 fc81c80 gstreamer1.0-plugins-bad_git: avoid including <sys/poll.h> directly 3f02474 gstreamer1.0-plugins-good_git: avoid including <sys/poll.h> directly 9b0a74a gstreamer1.0: avoid including <sys/poll.h> directly f9e565e gmp_4.2.1: fix build for MIPS 6d570c8 gmp.inc: limit ARM_INSTRUCTION_SET over-rides to armv4/armv5 3aecdd9 gmp: move BBCLASSEXTEND = "native nativesdk" from gmp.inc into 6.1.0 recipe 263a65d gmp: move SRC_URI out of gmp.inc + minor reformatting aacae25 image_types.bbclass: Embed IMAGE_NAME in ubinize config file 9c0d4ec toolchain-scripts: drop PYTHONHOME 6560f80 python: set PYTHONHOME for nativesdk 92ae4e2 gcc: musl related fixes for ppc/secure-plt and gthr 9e5222c gcc: Assume libssp and dl_iterate_phdr on musl 281bd41 security_flags: wipe security flags for gcc/glibc and related libraries 61a5875 security_flags: use -fstack-protector-strong a07f2fd security_flags: ensure security flags only apply to target builds 8d57d1d gcc: Fix build on musl with -fstack-protector eb134c6 isoimage-isohybrid.py: fix cpio working directory 8bedf76 glib-2.0: use the system libpcre 1ae132e libpcre: enable unicode properties by default 3adb8d5 python3: remove optimize by default patch 1df1ac9 security_flags.inc: don't do -pie for syslinux 562c75c neon: convert to PACKAGECONFIG 6228cf8 bitbake: toaster: reinstate ID on edit columns button 916c73d bitbake: cooker: shutdown cooker parser on shutdown 8857498 bitbake: fetch2/osc: Clean up old variable syntax 54da829 bitbake: fetch2/osc: Remove hardcoded url c57ba52 cross-localedef-native: add ABI breaking glibc patch 0cc825f uninative: Improve error handling 576a248 patchelf: Add patch to handle large files bbdbe00 package_manager.py: fix python indentation bug (opkg) ea40a0b populate_sdk_ext: Make populate_sdk_ext depend on sdk_extra_conf 4f7656a populate_sdk_ext: Add support for a "minimal" type 71bb332 populate_sdk_ext: Don't set sdk_update_targets in the config 5b7a43e toolchain-scripts.bbclass: Use PYTHONPATH instead of PYTHONHOME f1f8447 copy_buildsystem.py: Pass the nativelsb argument to gen-lockedsig-cache b130805 gnome-mime-data: remove 12d5fa8 gtk-theme-torturer: remove from oe-core 659d755 openssl.inc: drop obsolete mtx-1 and mtx-2 over-rides 32b498c scripts/devtool: Add getVarFlag expand argument ed5daa1 bitbake.conf/native/nativesdk: Set PKG_CONFIG_SYSTEM_ at top level 8fa2d52 pango: unset LDFLAGS when building gen_all_unicode edfaa04 pango: merge bb and inc 00ccf51 e2fsprogs: Ensure we use the right mke2fs.conf when restoring from sstate 66a6ec2 nativesdk: Set PKG_CONFIG_SYSTEM_ variables 34e95b0 local.conf.sample.extended: Document HOW-TO enable systemd or busbox for init system 077d32e local.conf.sample: Remove trailing whitespaces 6ae662a bitbake: parse/ast: Mark anonymous functions as python functions 9913fd8 bitbake: codeparser: Improve handling of data.expand() dependencies 4628fe1 bitbake: lib/bb: Add expansion parameter to getVarFlag b98866d bitbake: fetch2/gitsm: Fix when repository change submodules 390c2c1 bitbake: data_smart: Add missing expand parameter to getVar call 56454f6 bitbake: bitbake: prserv: do not clear umask when daemonizing abf8a8f bitbake: bitbake: prserv: SIGTERM handling hung process be032fc bitbake: bitbake: prserv: -wal and -shm sqlite lost when daemonizing 1e95ebd poky-tiny: Use musl for default system C library 6594bd5 maintainers.inc: Set me as Maintainer of QEMU. 86851d5 insane: Fix populate_sysroot sanity test path d09a25e socat: upgrade to 1.7.3.1 fad264b libffi: move from recipes-gnome to recipes-support d3753dd libffi: ensure sysroot paths are not in libffi.pc c72614b syslinux: remove LDFLAGS manipulation 8ad11fc lttng-tools: Fix ptest installed la files 66ed16b gnutls: update 3.4.8 -> 3.4.9 149cb17 python-distutils: add missing dependency on python-email 3473962 nss-myhostname: Fix build on musl 42e37d7 linux-firmware: update to latest revision 52442afee ce1bed7 license.bbclass: add LICENSE_CREATE_PACKAGE to perform_packagecopy vardeps e43504b i2c-tools: point SRC_URI at Yocto source mirrors 2d7622c gnutls.inc: allow libidn support to be controlled via PACKAGECONFIG 60ebe1c gnutls.inc: add gmp to DEPENDS 935aa96 gnutls.inc: minor formatting improvements 3fa1c54 Revert "kernel/kernel-arch: Explicitly mapping between i386/x86_64 and x86 for kernel ARCH" 0b82af2 wic: isoimage-isohybrid: check for syslinux-native 9699441 formfactor: add machconfig for qemumips64 4701dc9 ncurses: use closing curly brackets in FILES_${PN}-tools variable 9d9f233 util-linux: Change ALTERNATIVE_PRIORITY above busybox 8f2306c mktemp: lower the priority of standalone mktemp package 6251846 libxsettings-client: drop obsolete disable_Os_option.patch 7894633 wic: default to empty bootloader config 090fb51 copy_buildsystem: add ability to exclude layers 8dc600f toaster.bbclass: reinstate scan for artifacts in the sdk directory eee675b toaster.bbclass: attach image file scan postfunc to do_image_complete 0c0b072 meta: add ASSUME_PROVIDED dependency on wget-native for http fetches f926610 gtk+3: Tweak getVar to use True, not 1 7fa6eeb classes/lib: Add expand parameter to getVarFlag 252e645 python-pycurl: remove unnecessary exports 9fd214d sstate: Fix SSTATE_SWSPEC only used by populate_lic tasks 4ea6a64 package.bbclass: Add data expansion to do_split_packages() 6ab5001 busybox/gtk/perl/base-passwd: Ensure data is correctly expanded e8860f7 ref-manual: Fixed typo in FAQ 14.15 section. 9d2925e ref-manual: Updated FAQ entry regarding Proxy for SOCKS 29a44da ref-manual: Fixed type in LICENSE_CREATE_PACKAGE variable description 4181e58 ref-manual: Updated warning regarding libexecdir 0d8bd7d ref-manual: Added description for LICENSE_CREATE_PACKAGE variable. 6aca5b8 ref-manual: Added remove-libtool class 5e2201e toaster-manual: Updated the "Installation" to have TOASTER_DIR information 3aa162a p11-kit: fix packaging warnings 60c9759 piglit: don't use /tmp to write generated sources to b33e440 libical: Work around hardcoded paths in pkgconfig file a131b6e documentation.conf: align the documentation for DEBUG_OPTIMIZATION and FULL_OPTIMIZATION with bitbake.conf 974a8c0 pciutils: Explicitly set EXTRA_OEMAKE as required 2d3e6f3 openssl: Explicitly set EXTRA_OEMAKE as required b07e161 dbus: add user sessions support 877eae1 dbus: use ${systemd_system_unitdir} 6010088 populate_sdk_ext: Add SSTATE_MIRRORS to config blacklist 70ec867 insane: add test for -dev packaging containing real libraries 38d6f1f python3: set INSANE_SKIP as libpython3.so is a trampoline library 4ac4023 p11-kit: fix module packaging 9a27010 libnl: package the libnl-cli modules in libnl-cli 111af1d remove-libtool: add new class 333dce4 gtk-immodules-cache.bbclass: fix immodules-cache path b1e41f4 Revert "matchbox-keyboard: export GTK_IM_MODULE_FILE location" ac1f311 directfb: use Yocto source mirrors for SRC_URI 4d80f7a gcc-configure-common.inc: drop --enable-target-optspace from configure 654eddc machine/include: drop tune-cortexm*.inc and tune-cortexr4.inc 322015a liboil: drop recipe from oe-core 41d50f9 boost: Fix build on soft-float ABI arm systems 07a91a6 libnss-mdns: Check for nss.h before using 1b34f55 db: Use cross libtool 64089c6 libtool-cross: Unset pre|post dep objects 457f417 docbook-xsl-stylesheets: create a link for easy refer 1ba62f9 pth: Remove dead code a4a5d1f3 bitbake: cooker, bitbake-worker: Fix spelling of "received" 8f6b9c7 bitbake: cooker: Only start as many parse threads as we need 602da7c bitbake: knotty: Don't show errors for universe provider issues 1dd2d76 linux-yocto: Adds new genericx86 and genericx86-64 SRCREVs for kernel 4.4 b8fa9d3 poky: Add poky-world-exclude.inc and add qwt-as 5503a22 sstate: Revert using -m option to tar in sstate 6023798 libarchive-native: Disable libxml2 support b09b054 pcmciautils: Fix makefile race 89df5f1 binutils: Use target provided zlib c85c54f binutils: Upgrade to 2.26 ba2fdcd native.bbclass: Set CXXFLAGS from BUILD_CXXFLAGS not BUILD_CFLAGS 2394b15 gstreamer1.0-plugins-base: Add video crop supporting when convert frame 2724908 gstreamer1.0-plugins-bad: Fix memory leak of navigation thread db81fc9 lib/oe/package_manager: remove package feed lists c43da12 externalsrc: use shared CONFIGURESTAMPFILE if B=S c6b8227 Make sure that the directory for CONFIGURESTAMPFILE exists ca06179 autotools.bbclass: use oe_runmake instead of ${MAKE} f4f9f2f gcc, qemuppc: Explicitly disable forcing SPE flags 691f7e4 pango.inc: misc dependency fixes 70efb8d pango.inc: limit ptest specific do_compile_prepend to target builds c1273d4 systemtap_git.inc: do not immediate expand SELECTED_OPTIMIZATION e631be2 glibc.inc: do not immediate expand SELECTED_OPTIMIZATION 770d9ff mkelfimage: fix target cflags leaks to host c936bf0 base: Move COMPATIBLE_MACHINE out the scope of SOURCE_MIRROR_FETCH 3072361 bitbake: bitbake: BBUIHelper: Remove function findServerDetails 28c041c bitbake: fetch2: Simplify logic in verify_checksum() 5375e64 bitbake: bitbake: Set process names to be meaninful 5b234d1 bitbake: utils: Add ability to change the process name 0b06924 bitbake: data.py: avoid double newlines at the end of functions in emit_var() 68600ae bitbake: build.py: minor shell_trap_code() formatting tweaks 423a264 conf/distro/poky.conf: use example.com for connectivity check 6c058ce curl: update 7.46.0 -> 7.47.0 ( CVE-2016-0754 CVE-2016-0755 ) adbe63d openssl: update 1.0.2e -> 1.0.2f ( CVE-2016-0701 CVE-2015-3197 ) 85b6679 autotools.bbclass: don't create subshell to delete configure scripts 2f1bcc1 sstate: Add back packagedata on packagedata dependencies 346b225 libical: update to 2.0.0 b696bb3 kexec: package kdump init script/configuration file correctly 51cebbf connman: fix crash with iptables 1.6 7f54fab autotools_stage.bbclass: remove it 07c4bc1 gdb-common.inc: add PACKAGECONFIG for readline 5869e35 tzdata: update to 2016a c9cc707 tzcode: update to 2016a aff2f58 glibc-testing.inc: drop pruning of PATCH_GET from the testglibc script dfb9d41 gcc-cross.inc: drop pruning of PATCH_GET from the testgcc script 9e7d929 bitbake.conf: stop exporting PATCH_GET = "0" 5410aff sstate: Improve handling of useradd dependencies 9823802 gtk-icon-utils-native: Drop problematic dependency 6c04e0d glib.inc: limit ARM_INSTRUCTION_SET over-rides to armv4/armv5 83476b5 glib-2.0: drop add-march-i486-into-CFLAGS-automatically.patch fab76ae glib-2.0: refresh configure-libtool.patch 593dcd4 systemd: fix systemctl enable script for template units 3c90507 glib: use bash-completion.bbclass d88ed5d kmod: use bash-completion.bbclass 0f3780c git: use bash-completion.bbclass 9d20661 util-linux: use bash-completion.bbclass 0e5b0bf dbus-glib: use bash-completion.bbclass 9cddc0a bash-completion.bbclass: add class ddb786c bash-completion: move in recipe from meta-oe 74e2f68 ffmpeg: add a recipe, and remove the libav recipe eb7e554 lib/oe/patch: Make GitApplyTree._applypatch() support read-only .git/hooks 3ed566e gcc: fix hidden weak symbols by removing buggy gcc patch 51d9ba6 dpkg: fix CVE-2015-0860 f80d16e qemu.bbclass: clarify QEMU_EXTRAOPTIONS 3dca294 pango.inc: drop obsolete dependency on qemu-native a16e9a2f dbus: upgrade to 1.10.6 7081458 buildhistory: fix the check for existence of a git repo d74325e connman: tidy up connman-conf usage 79f4495 connman-conf: convert to systemd oneshot 5c35883 bitbake-whatchanged: avoid double do_ task name prefix 7881c02 netbase: add ipv6 host to /etc/hosts 93fcee6 linux-yocto/4.4: CVEs and preempt-rt update 07c182f linux-yocto/4.1: update to 4.1.16 7003698 gstreamer1.0-plugins-bad: fix compiler warnings with -Os in 1.7.1 6e90145 gstreamer1.0-plugins-good: fix compiler warnings with -Os in 1.7.1 3cd70c8 libsoup-2.4: add glib-2.0-native dependency d5b3b97 libtirpc: remove stray .orig file from Use-netbsd-queue.h.patch 209066c ptest-runner: Add ptest-runner_2.0 recipe. 4953e26 musl: Upgrade to tip of tree 52413d0 libdrm: Refresh patch to match upstream submission 66e215f fts: Correct LIC_FILES_CHKSUM be4c446 pth: Delete df95988 elfutils: Fix build with uclibc/musl 047ad2c grub: Backport fix for largefile detection/use 956be0c oeqa/runtime/rpm: be more verbose if test_rpm_query_nonroot fails 3b5288f libc-package.bbclass: add LOCALE_UTF8_IS_DEFAULT 4f3ef90 ref-manual: Updated the BBMASK variable description. b2b7214 dev-manual: Restored ptest-runner2 to ptest-runner d484e58 ref-manual: Removed obsolete do_deploy statement from "Shared State" 7705b87 toaster-manual: Updated instructions for production setup. 4b4a8a6 ref-manual: Updated the SDK figure. d7481ce ref-manual: Added do_image and do_image_complete tasks d39e9d1 ref-manual: Rewrite of "Image Generation" and devtool text. 1e7735e ref-manual, mega-manual: Updated the Image Creation figure fded4fa ref-manual: Updated configuration of auto.conf in closer look 9f192c8 dev-manual: Updated the devtool help examples. 4bbd39d dev-manual: Grammar fix to kickstart section. 75078dd dev-manual: Updated wic reference section 9ed7881 poky-ent: Grouped Fedora perl packages for niceness 3ac0416 local.conf.sample.extended: Update the info about BBMASK d61d290 bitbake: bitbake-user-manual-ref-variables: Update the help for BBMASK a948f52 bitbake: cooker: Allow BBMASK to contain multiple regular expressions e82101a bitbake: bitbake-user-manual-metadata: Updated 'dir' flag 100d6c2 bitbake: bitbake-user-manual: Updated the example BitBake directory 11be341 documentation.conf: Update the help for BBMASK 3d2c0f5 cmake: update to 3.4.2 4364850 at-spi2-core: update to 2.18.3 c763940 webkitgtk: update to 2.10.5 1e95815 libsecret: update to 0.18.4 9259a43 freetype: update to 2.6.2 5ec6dbb gdk-pixbuf: update to 2.32.3 9c84fbc glib-2.0: update to 2.46.2 bd7278c gtk+3: update to 3.18.6 d609cd5 gtk+: update to 2.24.29 6197313 gtk-icon-utils-native: update to 3.18.6 1556f0e libsoup-2.4: update to 2.52.2 dff038a waffle: update to 1.5.2 89bd19f vala: update to 0.30.0 6c02099 rxvt-unicode: update to 9.22 245af2b btrfs-tools: Disable backtrace on musl fa01d37 bsd-headers: Fix LICENCE and dev package RDEPENDS 05e11a5 gdb: Fix build failures on musl 72c1aa2 ltp: Add rdep on ldd 1d0332d argp-standalone: Fix build when S != B 9f22898 bitbake: fetch2/wget: fallback to GET if HEAD is rejected in checkstatus() d11cc29 busybox: fix stop -vs- start typo in rcS script 9f4b088 mtools: keep v3.9.9 recipe in sync with the v4.0.18 version 2c14be3 gen-lockedsig-cache: fix bad destination path joining 9dea876 distutils-common-base: do not set PACKAGES - use defaults from bitbake.conf 4ead707 insane: remove unused variable assignment 44e9c3b meta: fix capitalisation in Upstream-Status 06b4572 pixman: only check even upstream versions 0f74387 gcr: check only even upstream versions a2848ee avahi: Add patch to fix Win10 mDNS issues 04ef34f xf86-input-libinput: initial add 0.16.0 8a2dfa1 image.bbclass: check INITRAMFS_MAXSIZE 962cc37 systemd: make TEST_DIR configurable 9967746 bind: update to 9.10.3-P3 cac47db uninative: handle UNINATIVE_URL being file:/// 9995814 uninative: fix path to patchelf-uninative 2495dfa scripts/wipe-sysroot: also delete uninative sysroot bb97157 meta/lib: new module for handling GPG signing aadb879 devtool: extract: use the correct datastore for builddir fa801e7 busybox: backport upstream truncate open mode fix 6996b26 gstreamer1.0-plugins-base.inc: drop obsolete dependency on liboil 1c4a8cc e2fsprogs: disable blkid 0de8766 pango.inc: drop obsolete FULL_OPTIMIZATION over-ride 89a7ed5 devtool: add configure-help subcommand 84720c8 devtool: properly handle bb.build.FuncFailed when extracting source c3f0f7b devtool: add: warn if modified recipe found in attic directory e559b66 devtool: build-image: allow specifying packages to add to image e00eac8 devtool: move edit-recipe to a separate module 6720bda image: Don't create tasks with '.' in the name 88ca227 rootfs-postcommands: fix allow-empty-password on read-only rootfs fdac363 kernel: Clean DEPLOYDIR before do_deploy runs c2231de gcc-cross-canadian: Add missing DEPENDS on virtual/${HOST_PREFIX}gcc-crosssdk 5fdedb6 libtirpc: Drop unneeded xz-native dependency 7a98fb7 libuser: Drop unneeded xz-native dependency 72f98ba bitbake: toaster: Update UI test runner c192bd6 Revert "xz: Allow to work with ASSUME_PROVIDED xz-native" 6df607b acpid: upgrade to 2.0.26 7a52f67 build-perf-test.sh: add eSDK testing 5c367ec build-perf-test.sh: more generic timing function 44fee2b python3-pip: Upgrade to 8.0.0 9d95a9d orc: update HOMEPAGE 0c1c93e gstreamer1.0-plugins.inc: drop obsolete ${S}/po/Makefile.in.in workaround be145ad busybox: Add support for busybox-init 716fa93 pulseaudio.inc: drop obsolete dependency on liboil 55bfaa2 sqlite3: update 3.10.0 -> 3.10.2 6bb1dd1 sqlite3.inc: add PACKAGECONFIG to support building against libedit 39f6a9e sqlite3.inc: dynamically link the sqlite3 command-line utility 9b2835e sqlite: formatting improvements, move more stuff into sqlite3.inc 89ed462 sqlite3.inc: drop obsolete config_BUILD_CC, etc exports 6188419 sqlite3.inc: fix readline PACKAGECONFIG 939de8d sqlite3: fix the parallel build fix patch a304b82 weston: Add missing DEPENDS on wayland-native 4a5458f bitbake: fetch2: Don't show checksum warnings if a single checksum was supplied e66599f uninative: Fix conflicts with normal sysroot 4833bee insane: Drop do_stage test 861c916 populate_sdk: Use pixz instead of xz a1c35f3 lib/oe/sdk: Partially revert "sdk.py: fix conflicts of packages" 29c5eda uninative: Add fetch capability b54fa25 pixz: Add 1.0.6 d47572d xz: Allow to work with ASSUME_PROVIDED xz-native 0aeb33f lib/oe/package_manager: prevent testing an undefined variable c1f4e92 recipetool: create: better fix for fetch error handling 10c8d14 recipetool: create: fix extraction of name from URLs ending in / b307e0a recipetool: create: extract SRC_URI from local git repositories 50e40fc devtool / recipetool: support specifying a subdirectory within the fetched source 7e1691d recipetool: create: strip quotes from values extracted from CMakeLists.txt 477fa84 gen-lockedsig-cache: copy correct native sstate into ext SDK 204e4ab toolchain-shar-extract.sh: improve behaviour when xz is not installed 979c8fb classes/populate_sdk*: add dependencies on script files f220abc classes/populate_sdk_ext: drop ext-sdk-prepare.py when installing b435225 devtool: add sdk-install subcommand 44d1a2a devtool: sdk-update: improve SDK update process robustness 3360baa devtool: sdk-update: improve temp directory handling d193531 devtool: build: ensure pkgdata is written out d3a4f72 classes/populate_sdk_ext: add option to bring in pkgdata for world a9dfced linux-libc-headers: Port patches for linux-headers for musl 3cffa6d libsolv: Update to 0.6.17+ d9134cf glib-2.0: Fix locale location on musl 527cd95 syslinux: Set LD to avoid using build host ld 136db70 binutils: Fix gold linking errors due to unresolved R_ARM_MOVW_ABS_NC 704e342 puzzles: Silence warning on arm with clang bee65f9 eglinfo: Fix build on raspberrypi 6296c0f mdadm: Fix build with musl 67eef11 gpgme: Define __error_t_defined on musl 368e838 console-tools: Fix header inclusion when not using glibc 5a8c935 uclibc: Update to 1.0.11 1113d58 unfs3: Depend on libtirpc when building on musl 2ecfc02 guile: Fix build with musl 2df08b8 bsd-headers: Package cdefs.h 29deaf0 musl: Create ld.so as a relative symlink 2d028b3 fts: Fix linker hash-style option 8dd1aa8 dosfstools: Correct cross-compile CFLAGS and fix build with musl 21550d1 nss: Undefine HAVE_SYS_CDEFS_H 92e6a7a apmd: Fix build with musl 5d661c5 pcmciautils: Fix parallel build and include sys/types.h 86795ff kexec-tools: Define _GNU_SOURCE for getting loff_t definition ff8006f systemd: Skip parsing on musl based targets f2856a1 oprofile: fix build with musl 226c450 portmap: Point to tirpc headers and libraries on musl 5512c2f nfs-utils: Disable tcp-wrappers for musl 06d0204 bsd-headers,musl: Add recipe for bsd missing features c2c9202 tcf-agent: Implement canonicalize_file_name() for musl as well f294813 chkconfig: Avoid using caddr_t b2aca09 nspr: Drop older glibc code c0976fc irda-utils: Fix header inclusions a3f9721 iproute2: Fix build with musl 22333f0 libuser: Fix build when secure getenv is not there ea9dc99 iputils: Use member based initialization for mrghdr struct b207868 pax: Fix build with musl 1076499 tar: Fix build for musl based targets e451023 rt-tests: Fix build with non-gcc compilers 68da390 webkitgtk: Fix build with clang/musl da81635 console-tools: Include sys/types.h for u_char and u_short defs 205a07a sysklogd: untangle header inclusion maze 9f40dba babeltrace: Add missing header for MAXNAMLEN define 2458850 libunwind: backtrace APIs are glibc specific abdfacb apt: Add support for building for musl targets ec187d3 puzzles: Zero'ise structs before use 3cd0a8c dpkg: Add musleabi to known architectures aaa8516 xinetd: Fix build with musl 93fb408 watchdog: Fix build with musl 7509ffd gzip: Fix build with musl 1d28cbc directfb: Fix build with musl 7b6b312 net-tools: Link with libintl on uclibc ee1bfdb parted: Fix build with uclibc ed5da2a mtools: Fix build with uclibc 5384f08 gnutls: Link with libuargp on uclibc 493e557 guile: Fix build with uclibc 1636f6f packagegroup-self-hosted.bb: Move glibc-gconv-ibm850 to glibc only case 3e7d7ab util-linux: Fix ptest builds on musl 77825f8 gnutls: Link with libargp on musl and depend on argp-standalone 1a6fe71 argp-standalone: Add recipe a7d780c gdk-pixbuf: Fix latent build issue exposed by musl f2cf5d3 xserver-xorg: Fix build with musl b8de631 libcgroup: Add dependency on fts when building on musl 87c3e98 connman: include config.h for HAVE_STRUCT_IN6_PKTINFO_IPI6_ADDR cc55fc7 fts: Add recipe 6e3950b tcp-wrappers: Fix build with musl 68f88a5 ppp: Fix build with musl 4972edd blktrace: Include <sys/types.h for dev_t d629fa1 powertop: Include right headers for timval struct 063dc38 update-alternatives: when warning about alt_link==alt_target, say what PN 6baafa1 python-setuptools: Unify and upgrade python-setuptools and python3-setuptools to 19.4 f0e500e gstreamer1.0-libav: update git recipe to 1.7.1 90cbdfb gstreamer1.0-plugins-ugly: update git recipe to 1.7.1 6752484 gstreamer1.0-plugins-bad: update git recipe to 1.7.1 ad8f201 gstreamer1.0-plugins-good: update git recipe to 1.7.1 2ca9f20 gstreamer1.0-plugins-base: update git recipe to 1.7.1 3c7f2b8 gstreamer1.0: update git recipe to 1.7.1 7c810d0 gstreamer1.0-libav: update 1.6.2 -> 1.6.3 a4b8e9a gstreamer1.0-plugins-ugly: update 1.6.2 -> 1.6.3 8170e06 gstreamer1.0-plugins-bad: update 1.6.2 -> 1.6.3 497ebc9 gstreamer1.0-plugins-good: update 1.6.2 -> 1.6.3 3d87902 gstreamer1.0-plugins-base: update 1.6.2 -> 1.6.3 1e256ee gstreamer1.0: update 1.6.2 -> 1.6.3 dacf2aa gst-plugins-package.inc: drop perl RDEPEND for XXX-apps packages 676275f gstreamer1.0-plugins.inc: don't set base SRC_URI via python 852f098 gstreamer1.0-plugins.inc: drop obsolete lib-link.m4 workaround a32ac26 gstreamer1.0-plugins-bad.inc: update hls dependency gnutls -> nettle 97e0752 gstreamer1.0-plugins-bad.inc: don't set ${S} or apply version specific patch 78e9361 gstreamer1.0-plugins-good.inc: remove duplicate --disable-examples 0edabfd gstreamer1.0-plugins.inc: convert GSTREAMER_1_0_DEBUG to a PACKAGECONFIG 81cd227 gstreamer1.0-plugins.inc: add missing glib-2.0-native dependency a0b1e66 gstreamer1.0.inc: add missing glib-2.0-native dependency e5fb79d gstreamer1.0-rtsp-server.inc: minor formatting improvements 434aa8e gstreamer1.0-omx: minor formatting improvements + update HOMEPAGE 69bcd33 gstreamer1.0-libav: minor formatting improvements + update HOMEPAGE 1d6e61a gstreamer1.0-plugins-ugly: minor formatting improvements c45ce26 gstreamer1.0-plugins-bad: minor formatting improvements c1ea981 gstreamer1.0-plugins-good: minor formatting improvements beb8091 gstreamer1.0-plugins-base: minor formatting improvements 61f30b4 gstreamer1.0-plugins.inc: minor formatting improvements 981145a gstreamer1.0: minor formatting improvements 9f1a943 gst-plugins-package.inc: minor formatting improvements 9e08b69 gst-player: minor formatting improvements a8ed2c8 valgrind: remove unused valgrind-remove-rpath.patch e24123d emptytest: exclude from world builds 6808035 build-appliance-image: bump version to 14.0.0 eb418c3 insane.bbclass: fix package_qa_walk() e185004 insane.bbclass: print all the QA messages 95fa36e weston: upgrade 1.8.0 -> 1.9.0 1bc0c89 wayland: upgrade 1.8.1 -> 1.9.0 03dae8e glib-2.0: fix the ptest 68c5e6d insane.bbclass:buildpaths: ignore ipkg/dpkg's CONTROL dir 258676b sstate: display the sysroot name when cleaning for clarity f35b2e2 bitbake: set default libexecdir to $prefix/libexec 40f0c2d gawk: fix libexecdir/libdir/BPN confusion 2458f41 mesa: update SRC_URI fdb12f9 e2fsprogs: set PV to 1.42.99+1.43+git${SRCPV} 9cf1ec0 valgrind: avoid neon for targets which don't support it b191f58 valgrind: re-enable ARM intdiv and vcvt_fixed_float_VFP tests b0b3412 valgrind: let valgrind determine its own optimisation flags 92abb5f meta/files/toolchain-shar-relocate.sh: Detect different python binaries and select one that exists. 924e2c3 python-nose: upgrade to 1.3.7 02440b5 python-native: Make python-native also RPROVIDE python-unittest-native b7ca05d linux-libc-headers: update to 4.4 f73ee59 libpng12: upgrade to 1.2.56 3a59486 libpng: upgrade to 1.6.21 63a49f8 libtirpc: remove redundant va_list patch 55a8df2 perl: Upgrade to 5.22.1 a840588 oeqa/selftest/signing: use temporary rpmdb 65c1de9 kexec-tools: inherit update-rc.d ba837f1 autotools: don't output the full config.log on configure failure 3e3cb62 bitbake.conf: Remove horrible variable expansion hacks b963efb mesa: add missing wayland-native build dependency 9dd6c81 maintainers.inc: Correct maintainership for several packages bd1a534 bitbake: toaster: run bitbake server with --read option 76a281c bitbake: taskdata: add the ability to access world targets list 11a1f49 bitbake: cache.py: check existence before add to cachedata.rproviders 05c1775 bitbake: taskdata.py: add RuntimeProviders to close matches cf9cb65 bitbake: data_smart: Don't show exceptions for EOL literals b80219e udev: Add 2 patches to support 4.4 kernel 1013385 gcc-runtime.inc: provide libquadmath 60b237f kexec: update supported architecture list 92a0032 strace: update 4.10 -> 4.11 0aa8169 strace: fix ARCH definition in tests/Makefile 2408149 strace: remove need for git-version-gen script 9ca6a5f strace: fix --disable-aio configure option dd90f32 strace: drop unnecessary dependency on acl aadae7b libnewt: Fix linking error due missing symbols 571289d lib/oe/package_manager.py: Remove list() from PkgsList class 6ebda8e lib/oe/rootfs: Use list_pkgs() instead of list() 03075f6 lib/oe/utils: Add function format_pkg_list() c708411 lib/oe/package_manager: Add list_pkgs() to PkgsList class 113e136 python3: Minor upgrade 3.5.0 -> 3.5.1 918149d python-numpy: upgrade to 1.10.4 eae7584 swig: upgrade to 3.0.8 21f7677 python-scons: upgrade to 2.4.1 7721652 python-pycurl: upgrade to 7.21.5 2ef401f python-mako: upgrade to 1.0.3 2a608cc python-setuptools: Upgrade to 19.2 6395bc8 python3-setuptools: upgrade to 19.2 40738af python: Upgrade 2.7.9 > 2.7.11 35855a0 wic: pylinted ksparser module e3b3bcf wic: add help for 'include' command bfaabe5 wic: move parts of canned .wks into common.wks.inc 50a3dc5 wic: implement search of includes 15ea180 wic: refactor get_boot_config d304162 wic: ksparser: add support for include 3fc6aaa wic: do not remove build dir in source plugins 8d34eea wic: use unique partition number 43b4058 wic: move wks parsing code to KickStart._parse 3860640 nss: update to 3.21 ea39ad0 libjpeg-turbo: fix upstream version check (sort of) 48a8a89 libical: fix upstream version check c6f71c5 gnutls: update to 3.4.8 7a80f84 sysstat: fix upstream version check 2aabf9a pbzip2: update to 1.1.13 77aee28 ncurses: fix upstream version check 56e4ff6 libsolv: fix upstream version check d46bc77 e2fsprogs: fix upstream version check 0436e3f build-appliance-image: bump version to 14.0 a206a19 btrfs-tools: update to 4.4 a1790bc bootchart2: update to 0.14.8 68c7113 poky.conf: Delete BB_SIGNATURE_HANDLER settings 0916235 rpm: remove bashisms: [ x == x ] -> [ x = x ] 2dbd61f uclibc: remove a use of immediate expansion and oe_filter_out () 32eeb00 gcc-runtime: switch to removal override syntax to modify CXXFLAGS c886a78 bitbake: tests/codeparser.py: Add filename/lineno flags to test variable f130033 bitbake: toaster: write variables to toaster.conf 1835768 sstate: replace verbose manifest removal with a single count d4c721a libdrm: Upgrade 2.4.65 -> 2.4.66 b5508a8 slang: Add dependency on ncurses 27b2df2 valgrind: make it explicit that valgrind supports armv7a and above 5dc38a3 sign_rpm.bbclass: fix task dependencies 27c39c4 opkg-utils: store alternatives in nonarch_libdir 77fde15 security_flags.inc: remove obsolete workarounds for curl 31ce027 cups: update systemd support a4b48c2 coreutils: Add xattr PACKAGECONFIG 7a0b1c1 oeqa/runtime/parselogs: use -F to search fixed strings for grep b8e11e2 libinput: Upgrade 0.21.0 -> 1.1.4 a9f2e87 postinst-intercepts: always use set -e de0848f maintainers: mark Khem as nominal owner for uclibc 3235f5e formfactor: remove unused beagleboard configuration 6c64700 alsa-state: remove beagleboard configuration f0d47a6 bitbake: Revert "runqueue.py: Ensure one setscene function doesn't mask out another which needs to run" 9e867ef sstate: Add packagedata to list of tasks not to recurse 5e881c1 classes/populate_sdk_ext: fix task dependency regression 2e9f092 image: Handle image types containing '-' correctly 0612ca4 oe-selftest: devtool: fix test_devtool_add_library if python was built first c1492c4 recipetool: create: add a couple more license checksums 2c8c9fe recipetool: create: add basic support for extracting dependencies from cmake 3eb397f recipetool: create: force GL libraries to virtual/* 726dbda recipetool: create: move dependency mapping code to RecipeHandler 788e4bb recipetool: create: fix overzealous mapping of git URLs ece0a2e recipetool: create: support additional autoconf macros from autoconf-archive 903d471 recipetool: create: detect flex/bison dependency a66f4ac recipetool: create: pick up boost macros in configure.ac dbe91a3 recipetool: create: improve extraction of pkg-config / lib deps e7bedb9 wic: rename kickstarter.py -> ksparser.py 3bb6ea6 wic: override ArgumentParser.error d652203 wic: removed unused imports d2090a6 wic: improve processing of parseing errors 1ed97cc wic: catch KickStartError bda77fd wic: add custom exception KickStartError ef211a5 bootimg/image-vm/image-live: Improve image dependencies 0910bc6 image: Always run do_rootfs_wicenv 12e37e7 selftest/buildhistory: Improve test to remove sources of error 05716dd bootimg/image: Enhance bootimg to respect RM_OLD_IMAGE 1c869a9 rootfs-postcommands: Ensure license manifests respect RM_OLD_IMAGE d27491b image: Ensure we don't expand TMPDIR in image commands ce8a206 image: Fix instability of do_image_* checksums fb1654f image: Fix wic environment issues 1da8f52 insane: Start to clean up do_configure_qa code dd28695 insane: Clean up horrible return value processing code 839fb18 e2fsprogs: fix PV b1236dc e2fsprogs: add PACKAGECONFIG for fuse f98e11c bitbake: toastergui: make artifact download more robust 68f3e1e bitbake: toasterui: log OSErrorException metadata events fb94754 bitbake: toasterui: listen for bb.event.MetadataEvent a2f23fa openssh: CVE-2016-1907 320a319 license.bbclass: fix license manifest 4339a82 wic/help.py: document requirements for valid fstab generation d688df8 glib-2.0: add dependency glib-2.0-native back 76e35f1 kernel-yocto.bbclass: move do_kernel_link_vmlinux() into kernel.bbclass d453fa1 kernel-yocto.bbclass: remove do_kernel_link_vmlinux from SRCTREECOVEREDTASKS 2b92f88 libarchive: Add bsdtar and bsdcpio packages e246905 toaster.bbclass: Separate artifact dump from image file dump 4f481bc pax-utils: 1.0.5 -> 1.1.4 f9974f2 sqlite3: upgrade to version 3.10.0 cd7910d connman: upgrade to 1.31 b9169b7 python3: add missing dependency on PN-misc to PN-modules 4b4dea7 useradd-staticids.bbclass: Remove unnecessary spaces 4f2c352 useradd-staticids.bbclass: Read passwd/group files before parsing 4cbdb15 useradd-staticids.bbclass: Simplify the logic for when to add groups b18e40c useradd-staticids.bbclass: Simplify some logic b689aa0 useradd-staticids.bbclass: Make --no-user-group have effect c03ea8d useradd-staticids.bbclass: Treat mutually exclusive options as such af8b005 wic: get rid of 2 getters 2573e28 wic: get rid of set_size and set_source_file setters 5cd222b wic: get rid of get_rootfs and set_rootfs 4d5d5dd wic: get rid of get_timeout getter 26fb2a1 wic: adjust code for new data structure c827238 wic: remove pykickstart code c15ea82 wic: use new kickstart parser f572f44 wic: add kickstart parser module e5e1905 wic: add partition module 180f170 alsa-lib: 1.0.29 -> 1.1.0 a8c25af matchbox-keyboard: export GTK_IM_MODULE_FILE location d75cb1f xf86-input-evdev: upgrade to 2.10.1 2283732 menu-cache: upgrade to 1.0.1 ec7e406 libxi: upgrade to 1.7.6 86f3f25 librsvg: upgrade to 2.40.13 72dd806 libgpg-error: upgrade to 1.21 3c02fe0 libevdev: upgrade to 1.4.6 33e9930 libcroco: upgrade to 0.6.11 5b63c44 gsettings-desktop-schemas: upgrade to 3.19.3 dfff167 gpgme: upgrade to 1.6.0 5abb691 u-boot: Update to 2016.01 release e9280d1 linux-yocto: introduce v4.4 standard/preempt-rt/standard kernel 8c3276e e2fsprogs: 1.42.9 -> 1.43 (master) b248e55 bitbake.conf: rename python-native-runtime 65d0bfc net-tools_1.60-26.bb: Fix do_patch dependency error 99923fc ncurses: 5.9 0 -> 6.0 44d283a autotools.bbclass: use relative path to run configure script b2f1de3 glibc-initial.inc: use relative path to run configure 0fe6e2d bitbake: toaster: increase timeout a5f34bc poky.ent: Added "perl-bignum" package for Fedora afc6cba dev-manual: Updated "Running ptset" section ec047ad yocto-project-qs: Updated the "Next Steps" section 57ddbe8 ref-manual: Removed all variables related to "QMAKE" 7814b33 ref-manual: Updates to cull out qt4 stuff. bf81969 toaster-manual: Updates on how to start Toaster. 798e8b8 bitbake: toastergui: code formatting and clean-up c4b5011 bitbake: toaster tests: fix Django tests for new ToasterTable pages 88a262c bitbake: toastergui: remove unused views and template code 059a274 bitbake: toastergui: fix error and warning counts for builds 4103e0c bitbake: toastergui: make "Apply" button state depend on filter range 6c2d88f bitbake: toastergui: mute label for filter actions with no records f08730a bitbake: toastergui: set default visible and hideable columns 112f374 bitbake: toastergui: serialise decimals correctly e024aab bitbake: toastergui: streamline construction of filter objects fcb20f9 bitbake: toastergui: ensure filter_value updates f9c46f5 bitbake: toastergui: don't hide all elements with .col class eaae82a bitbake: toastergui: convert project builds page to ToasterTable 33b011c bitbake: toastergui: implement "today" and "yesterday" filters f8d383d bitbake: toastergui: implement date range filters for builds b929889 bitbake: toastergui: show recent builds on all builds page 1a4b203 bitbake: toastergui: switch off filter highlights when inactive 809046c bitbake: toastergui: refactor ToasterTable filtering 294579b bitbake: toastergui: convert all builds page to ToasterTable 6c12ca7 bitbake: toastergui: use event delegates for hover help elements ef93dce bitbake: toastergui: switch projects/ view to ToasterTable 417f1d3 bitbake: toaster: check inferred file suffixes against list of known types c02ee05 bitbake: toaster: move image file suffix list to model d29e4cd bitbake: toastergui: use ToasterTable for projects page b1256db openssh: update to 7.1p2 c0e9f2d kernel/kernel-arch: Explicitly mapping between i386/x86_64 and x86 for kernel ARCH f8508de bitbake: Revert "fetch/git: Change to use clearer ssh url syntax for broken servers" b567235 image/image-live: Add back IMAGE_TYPES_MASKED support e914e2a image.bbclass: Handle image base type dependency properly ad32f65 autoconf: add missing perl-module-file-find to RDEPENDS d83dfe6 ca-certificates: update to 20160104 4440560 epiphany: upgrade to 3.18.3 dcf54b4 iso-codes: upgrade to 3.64 d7bee35 lighttpd: upgrade to 1.4.39 08c8923 libwebp: upgrade to 0.5.0 cf0aea7 classes/populate_sdk_ext: avoid unnecessary sstate being brought in ea29bec insane/package: Fix cases where QA errors aren't fatal 2e620a4 classes/populate_sdk_ext: check that extensible SDK prepared correctly 4685c33 classes/buildhistory: save auto.conf and bblayers.conf for extensible SDK 39f6472 classes/populate_sdk_ext: support auto.conf 91877aa classes/populate_sdk_ext.bbclass: handle if local.conf doesn't end with a newline 764c927 util-linux: create util-linux-runuser iff pam in DISTRO_FEATURES 95dce70 rsync: 3.1.1 -> 3.1.2 38aa0fc less: 479 -> 481 4cb2269 iputils: s20121221 -> s20151218 fe47dd7 wget: 1.17 -> 1.17.1 79886e9 git: 2.5.0 -> 2.7.0 d3e16b8 file: 5.24 -> 5.25 3549abc autogen-native: 5.18.5 -> 5.18.6 fb14627 curl: upgrade to 7.46 eaf88d7 xz: upgrade to 5.2.2 8516ff7 sysstat: upgrade to 11.2.0 ae73be1 at: upgrade to 3.18 21efab7 kmod: upgrade to 22 c88efae resolvconf: upgrade to 1.78 6729889 pciutils: upgrade to 3.4.1 edd319c gnupg: 2.1.7 -> 2.1.10 78b58b8 help2man-native: 1.47.1 -> 1.47.3 ac0e0d5 man-pages: 4.02 -> 4.04 1e0cbb9 libgcrypt: 1.6.3 -> 1.6.4 372c23d xmlto: 0.0.26 -> 0.0.28 aaafe33 elfutils: 0.163 -> 0.164 38901a7 dhcp: 4.3.2 -> 4.3.3 ea05e05 image.bbclass: Unconditional includes of populate_sdk_ext fails c08f272 tcmode-default.inc: Fix preferred provider nativesdk-sdk_prefix-libc-initial 5d2f783 dhcp: search libxml2 for bind b69652d tzdata: remove bashism 7c7c249 harfbuzz: update 1.1.2 -> 1.1.3 84623dc libpostproc: duplicate armv7a over-rides for armv7ve 1744198 libav.inc: duplicate armv7a over-rides for armv7ve 102dfa1 gcc-configure-common.inc: duplicate armv7a over-ride for armv7ve b08dfb5 subversion: Upgrade 1.9.2 -> 1.9.3 d6fae0c lttng-ust: Upgrade to 2.7.1 a9cc9b5 lttng-tools: Upgrade to 2.7.1 6b02575 lttng-modules: Upgrade to 2.7.1 a378430 gdb: upgrade to 7.10.1 92cc02f linux-yocto: Update Genericx86* BSPs to 4.1.15 da43a56 bitbake: Revert "fetch2/local.py: avoid using PREMIRROR" 96a34e7 conf/distro/poky-tiny: correctly disable python in opkg-utils 1724ffd bitbake: fetch2/git.py: Add missing "errno" module import. 74fa824 bitbake: bitbake: clean up stamp-base related codes f3f769a local.conf.sample: add qemumips64 43328fe bitbake: runqueue: Fix setscene task dependencies 7b905ca bitbake: toaster: settings Add uid to the toaster cache dir dff7a27 bitbake: toaster: show 'satisfied via' text for reverse deps 89f4932 bitbake: toaster: show 'satisfied via' text for build deps febb898 bitbake: toaster: show list of provides for the recipe 2ff4ccb bitbake: buildinfohelper: add provides info to the db 16a81fb bitbake: toaster: add Provider model 6a28ed3 bitbake: buildinfohelper: use providermap f2b7252 bitbake: cooker: add providermap to dep_tree 7e380d4 bitbake: taskdata: refactor get_providermap 46731da bitbake: main/runqueue: Add --setscene-only option to bitbake 34f8db9 update_font_cache: only scan system font directories e5c011b Add "CVE:" tag to current patches in OE-core f04fb88 scripts/create-pull-request: fix git request-pull syntax 928ceb6 qt4: fix-for-mips-n32.patch: remove it c4a3258 util-linux: create util-linux-runuser package 554ca68 valgrind: include aarch64 in COMPATIBLE_HOST 0ce775a valgrind: update to 3.11.0 21a94f6 valgrind: don't restrict to armv7a b8ebac9 DpkgRootfs: Fix logcheck_error false-positive when use multilib e265fbb package_deb.bbclass: add 'Multi-Arch: foreign' tag to allarch packages 4aeb69d package_manager.py: fixes for multilib deb packaging builds 9ea7428 package_deb.bbclass, cross-canadian.bbclass: DPKG_ARCH mapping function 72e6932 connman.inc: add missing RDEPENDS 675ff42 meta: rename perl-native-runtime 3f4fb39 dbus: support large-file for stat64 0d5e41f freetype: enable out-of-tree builds, and use host zlib 8f2ab19 bluez5: upgrade to 5.37 11f5a42 cogl-1.0: fix may be used uninitialized error 235606f oeqa/runtime/logrotate: fix hardcoded root directory cce6c3e oeqa/runtime/smart: fix hardcoded root directory cd2cf1f boost: update to 1.60.0 afc0255 bitbake.conf: remove 'stamp-base' c8fef7f gcc5: Fix build on NIOS2 eda3947 rpmresolve.c: Fix unfreed pointers that keep DB opened 3c8a451 tzdata: Make /etc/timezone optional b80da02 systemd: arrange for volatile /etc/resolv.conf 5548a76 systemd: add myhostname to nsswitch.conf d6bc841 opkg-utils: add update-alternatives PACKAGECONFIG c3b96ff linux-dtb.inc: use absolute upd-alt paths 3ad08c0 uclibc: Upgrade to 1.0.10 74c3667 populate_sdk_ext: Pass excluded_targets as a list to prune_lockedsigs e306d54 populate_sdk_ext: Change to include siginfo and non sstate task sigs e1a558a populate_sdk: Switch from bzip2 to xz 3341f3f classes: Fix do_rootfs references 0a4e1f9 image: Create separate tasks for rootfs construction fdced52 image: Move pre/post process commands to bbclass cdc0aee image.bbclass: Separate out image generation into a new task, do_image 0269219 populate_sdk_ext: Use new --setscene-only option to bitbake instead of workarounds 1ee0842 sstatesig: Handle special case of gcc-source shared-workdir for printdiff d93c212 bitbake.conf: add virtual/libiconv-native to ASSUME_PROVIDED b2fe2a8 devtool: build: support using BBCLASSEXTENDed names 38ed039 devtool: reset: support recipes with BBCLASSEXTEND 532f429 devtool: refactor code for getting local recipe file ec90168 devtool: add: support adding a native variant 99e3872 devtool: reset: do clean for multiple recipes at once with -a 5ef716c recipetool: create: support creating standalone native/nativesdk recipes 1e503c0 recipetool: create: lower case name when determining from filename 4deed25 devtool: sdk-update: add option to skip preparation step d586a11 devtool: sdk-update: fix error checking c1b7d83 devtool: sdk-update: fix metadata update step efead10 devtool: sdk-update: fix not using updateserver config file option 9348c91 classes/populate_sdk_ext: disable signature warnings d44dcd7 classes/populate_sdk_ext: fix cascading from preparation failure d11051c scripts/oe-publish-sdk: add missing call to git update-server-info fbc2147 libbsd: upgrade to 0.8.1 221d864 bitbake: fetch/git: Change to use clearer ssh url syntax for broken servers 46d62d0 bitbake: knotty: Use non-interactive mode as fallback for dumb terminals bfa7859 bitbake: cooker: fix findFilesMatchingInDir documentation 3d42737 bitbake: cooker: use in instead of count 0e83229 maintainers.inc: remove x11vnc d914c7f meta-yocto: drop qt4 references 0f3ad7c scripts/yocto-layer: Avoids duplication of "meta-" prefix 220ef32 poky-lsb/poky-tiny: update preferred kernel to 4.1 b82e228 yocto-bsp: remove 3.14 and 3.19 bbappends 685daeb conf/local.conf.sample: comment out ASSUME_PROVIDED=libsdl-native 2c5e7e0 image: Really remove lockfiles flag a500e3a boost: ensure boost to remain an empty metapackage b151506 image_types.bbclass: Rebuild when WICVARS change eb4159c gccmakedep: fix buildpaths qa check f54e53c bash: fix buildpaths qa check error 6d111c8 testimage: remove VNC test, x11vnc isn't in oe-core anymore 8bec5c5 x11vnc: remove all references to moved package 8f865e2 x11vnc: move recipe to meta-oe ae1fc96 classes/buildhistory: actually use KiB in extensible SDK sizes files 84f66b5 x11vnc: move recipe to meta-oe c44599d readline: move inputrc into readline f29d642 tune-*: use mcpu instead of mtune for ARM tunes c6a1991 arch-armv7ve: add tune include for armv7ve and use it from cortexa7 and cortexa15 21d61fa cortexa{7,15,17}: add VFPv4 tunes 7f2cb68 feature-arm-vfp.inc: Further simplify with TUNE_CCARGS_MFLOAT e9b2ffc feature-arm-{neon,vfp}.inc: refactor and fix issues 45f726c arch-armv7a.inc: add vfpv4 support also to softfp and big endiand tunes ebe8358 arch-armv7a.inc: Fix PACKAGE_EXTRA_ARCHS for tune-armv7atb-vfpv3, tune-armv7atb-vfpv3d16, cortexa7thf-neon-vfpv4 9280a8e arch-armv5.inc: drop duplicate ARMPKGSFX_DSP and PACKAGE_EXTRA_ARCHS_tune-armv5tehf-vfp 46d6b0e arch-armv[456]*.inc: improve indentation like armv7a 860663a arm/arch-arm*, tune-cortexa*, tune-thunderx.inc, powerpac/arch-powerpc64.inc: Use normal assignment 8c483a1 arch-armv7a, tune-cortexa*: improve indentation 7498b91 arch-armv7a, tune-cortexa*: improve comment VFP -> HF bb9b581 arch-armv7a: add missing space before ?= 15f8344 tune-cortexr4.inc: fix PACKAGE_EXTRA_ARCHS e2736f7 sanity.bbclass: add more information to error message about TUNE_PKGARCH missing in PACKAGE_ARCHS b68d947 mkefidisk.sh: add boot log on console 62d7c97 mkefidisk.sh: add startup script for automated boot 5aa3b93 oeqa/selftest/recipetool: update for libjpeg-turbo migration ffa7469 libjpeg: Replace libjpeg with libjpeg-turbo 29d273f python3: fix installed-vs-shipped when 64bit + multilib db7cee6 pulseaudio: add PACKAGECONFIG for lirc b900ec8 sstate-sysroot-cruft.sh: Extend the whitelist 20843fa iptables: upgrade to 1.6.0 c2bda6c scripts/oe-selftest: Allow to run tests on random/all MACHINEs 8e1435e selftest: Added testcase decorators for 2 tests 32f332c oe-selftest: New option --list-tests 17d886b oe-selftest: Improved --list-classes when determining test names 4ec2da7 selftest: moved tc test_buildhistory_does_not_change_signatures 02d259c scripts/oe-selftest: Remove extra coverage data added to unittests 30c06a4 expat: CVE-2015-1283 315bdc8 packagegroup-core-x11-sato: enable pcmanfm on mips a3e26f9 wic: rawcopy: Copy source file to build folder d6e0da4 grub2: Fix CVE-2015-8370 bb663b0 systemd: enable compatibility libraries by default 3fea163 systemd: add more compression and importd PACKAGECONFIGs d462b70 gcc-sanitizers: link directly against sysroot libstc++ 3eb6135 openjade: Fix build if not installing libtool .la files 6308c47 valgrind: Define __UCLIBC__ for uclibc based systems 3d19a1e security_flags.inc: disable -fstack-protector-XXX for valgrind 807ed8a meta/conf/layer.conf: bump layer version due to Qt4 removal 4fb3e05 packagegroup-core-lsb: treat qt4 packages same as qt3 packages 8b11ed8 qt4: remove recipes and classes 0baadc8 toaster-manual: Updates to toaster use chapter. 908bbff ref-manual: Updated the list of supported image types. 5d27451 dev-manual: Added the --configfile bootloader option. 7b3b1f9 dev-manual: Added three new wic option descriptions. eeffa64 dev-manual: Added the --overhead-factor wic option description. 2beb19b dev-manual: Added the --extra-space wic option description. 95851df dev-manual: Added wic --notable option description. 88a2794 dev-manual: 8bdc707 sdk-manual: Initial Manual framework f1f7625 bsp-guide: Updated the license statement. 6686a31 dev-manual: Correction to the KVM stuff in the runqemu commands. ccc830d documentation: Prepare for 2.1 builds 7af9314 mega-manual: Added four new figures for GUI example. f8185ff bitbake: ast: Add filename/lineno to mapped functions a178c5a bitbake: main: kill server without queue setup 773700d bitbake: xmplrpc: split connect method 05b4fbc bitbake: uievent: refactor retry loop ebc169c bitbake: uievent: get rid of EventHandler attribute 4e0de6e bitbake: uievent: add error to registerEventHandler return 01419d5 bitbake: cooker: add state.get_name method 763506d bitbake: fetch2/__init__.py: Add support for 7-Zip f5bfc1c bitbake: utils: Remove double compile from better_compile b4141f6 bitbake: fetch2/local.py: avoid using PREMIRROR 1ad3595 bitbake: siggen: Change exception note into a warning 4ba49ac bitbake: data: Drop misleading ExpansionError exception 2c94311 bitbake: cooker: Drop useless parsing exception a16b543 bitbake: data: Pass lineno/filename data from build_dependencies 958f0ff bitbake: codeparser: Add support for correct linenumbers db4376e udev-extraconf: introduce multiple blacklist files for more complex setups a8fb429 uclibc: disable parallel builds 401c632 image: Condense do_rootfs function/flags 0051510 image/rootfs-postcommands: Separate out post rootfs commands to separate class 3428edd image: Remove pointless rootfs lock eb5bb0e packagegroup-core-boot:replace busybox to variable cc7bb6c initramfs-framework_1.0:replace busybox for variable. d9ffa59 core-image-minimal-initramfs: replace base-utils 9349f42 base-utils:flexible dependency for command utilities c44b76a orc: Add missing PACKAGES_DYNAMIC 2cd061a bluez5: include the patch only for 5.36 4c35473 meta-yocto-bsp: remove 3.14 and 3.19 bbappends 6af8981 meta-yocto-bsp: Remove uvesafb (v86d) from generic x86 features 614e9ec qemu: add PACKAGECONFIG for Nettle crypto support 09705a4 oeqa/selftest: support sets in devtool comparisons 4b543f7 packagegroup-core-x11-sato: include pulseaudio-misc 23302ee devtool: use cp instead of shutil.copytree d6e7b5b xorg-lib: allow native building without x11 DISTRO_FEATURES 4cba706 busybox: generalize recipe to work with arbitrary install directories 9d001ae cairo: update 1.14.4 -> 1.14.6 6d561fb libdrm: Upgrade to 2.4.65 0f516f0 image-vm.bbclass: uses IMAGE_LINK_NAME c851096 image-live.bbclass: uses IMAGE_LINK_NAME 907b87d rpm: Generate per distribution and multilib macro files c910789 package_manager.py: add debugging support for rpm scriptlet execution 8dd27ef xinput-calibrator: get screen geometry when calibrating e8d36f4 scripts: hand the TEMPLATECONF local over to setup-builddir 0f4fb26 util-linux: Fix floating dependency upon 'readline' 2cb434a linux-firmware: package Broadcom BCM43340 firmware f70d46f rpcbind: Fix build with libtirpc 1.0.1 866c693 libtirpc: upgrade to 1.0.1 5754b83 gstreamer1.0-libav: upgrade to version 1.6.2 6ac601f gstreamer1.0-rtsp-server: upgrade to version 1.6.2 3ac3d33 gstreamer1.0-plugins-ugly: upgrade to version 1.6.2 823b623 gstreamer1.0-plugins-bad: upgrade to version 1.6.2 6d13f30 gstreamer1.0-plugins-good: upgrade to version 1.6.2 05896a5 gstreamer1.0-plugins-base: upgrade to version 1.6.2 a8eb77b gstreamer1.0: upgrade to version 1.6.2 dd5756b mirrors: add archive.apache.org to Apache mirrors cfbd804 guile: remove redundant replacement of .pc file c2e8079 bind: 9.10.2-P4 -> 9.10.3-P2 7204a0f libsndfile1: enable FLAC/Ogg/Vorbis support 35bd254 buildhistory: improve support for extensible SDK ea0abcd buildhistory: fix not recording SDK information b6d191d scripts/oe-selftest: Add support for selftest log with timestamp ab79287 selftest: Added MACHINE = "qemux86" to tests that use runqemu b09080d ncurses: fixes wrong paths in BINCONFIG 8df88fb xcb: don't build-depend on python-native d7759a5 tcmode-default: Use glibc for nativesdk version even on uclibc and musl a7eadc3 qemu: upgrade to 2.5.0 9988ab3 webkitgtk: update to 2.10.4 cedb027 epiphany: update to 3.18.2 6e27dd8 libwebp: update to 0.4.4 efcf4b4 libsecret: update to 0.18.3 0112274 gnome-desktop3: update to 3.18.2 88a656e gcr: update to 3.18.0 883193a linux-yocto: remove 3.14 and 3.19 recipes 4487e3a kernel-yocto: fix checkout bare-cloned kernel repositories 5161944 linux-yocto/4.1: update to v4.1.15 a462d16 linux-yocto-dev: bump to 4.4-rcX 862b3b3 lttng-modules: fix build issue against kernel 4.4 9563aa8 yaffs2: fix checkpoint functionality cefc24d mobile-broadband-provider-info: update to tagged release 20151214 04aa27c icu: fix upstream version check 2865e5f btrfs-tools: update to 4.3.1 5beb3bc iso-codes: update to 3.63 503c08d kexec-tools: update to 2.0.11 4fa2e4b lighttpd: update to 1.4.38 f7a7796 tiff: update to 4.0.6 2498065 libassuan: update to 2.4.2 f2192fa msmtp: update to 1.6.3 7fc3066 liburcu: update to 0.9.1 10d14bc trace-cmd: update to 2.6 fc774e9 python3-pip: update to 7.1.2 c3330aa pytnon-pexpect: update to 4.0.1 aa90b5d ifupdown: update to 0.8.2 4c98105 gptfdisk: update to 1.0.1 edde9af cryptodev: update to 1.8 9da9308 oe-selftest: devtool: add more explicit check for ls output c2435b1 oe-selftest: add tests for simple devtool add / recipetool create URL case 8916731 recipetool: create: fix error when extracting source to a specified directory fe28c25 recipetool: create: improve autotools support 498e483 devtool: sync: tweak help / messages b272c51 devtool: reset: print message about leaving source tree behind 95a234e devtool: status: list recipe file within workspace if one exists e116739 devtool: modify: default source tree path 110f433 devtool: add: allow specifying URL as positional argument ceaa4bf devtool: add: figure out recipe name from recipetool ee0d5a1 devtool: add: allow source tree to be omitted 0d8751f scripts/lib/argparse_oe: handle intermixing of optional positional arguments 1bd7793 devtool: update-recipe: use correct method to get bbappend filename 2074654 devtool: split out function for naming bbappend 6acbdc9 devtool: add: tweak help text 316b57b devtool: edit-recipe: add new subcommand ebe5f0b recipetool: create: basic extraction of name/version from filename db5f964 recipetool: create: support extracting name and version from build scripts 6a7661b recipetool: create: set up priority system for recipe handlers 38803e3 recipetool: create: detect when specified URL returns a web page e78a039 recipetool: create: prevent attempting to unpack entire DL_DIR e61645b recipetool: create: minor fix for potential issue in python handling ae2141b recipetool: create: fix do_install handling for makefile-only software c2f1742 recipetool: create: avoid traceback on fetch error 470f20b recipetool: create: handle https://....git URLs 8e0a84c scripts: print usage in argparse-using scripts when a command-line error occurs 548d433 directfb.inc: enable bfd linker workaround for all arm targets 2381f4a devtool: sdk-update: fix traceback without update server set 7540550 classes/populate_sdk_ext: error out of install if buildtools install fails ecce3d3 classes/populate_sdk_ext: hide build configuration in devtool build* output fd84d0f classes/base: don't print header if BUILDCFG_HEADER not set a4f496a classes/populate_sdk_ext: use uninative to set NATIVELSBSTRING a6f8a3f toaster.bbclass: fix TypeError when parsing build stats 937b7fd libxcb: Add a workaround for gcc5 bug on mips 86c8b8b flex: update to 2.6.0 dad130b opkg: upgrade to v0.3.1 d2b770c systemd: remove merge conflicts accidently left in ca69643 wic/help.py: document that mountpoint is optional for part command 5628dde pixman: check neon support via TUNE_FEATURES, not the _armv7a over-ride 9a74388 xdg-utils: Do not build the in-script documentation 520b37d gettext: Upgrade 0.19.4 -> 0.19.6 cae0e0f gcc-configure-common.inc: add gcc-runtime ABI fixes for armv7m and armv7r cba8fb3 tune-cortexr4.inc: provide an _armv7r over-ride via MACHINEOVERRIDES fd10723 tune-cortexm3.inc: provide an _armv7m over-ride via MACHINEOVERRIDES b6fe440 feature-arm-thumb.inc: drop 'no-thumb-interwork' tuning feature 1d5a4cf feature-arm-thumb.inc: drop legacy _thumb and _thumb-interwork over-rides ca64c16 feature-arm-thumb.inc: drop ARM -vs- thumb comments 95a79a5 rpm: Fix support for db5 and db6 75cec07 oe-buildenv-internal: fix return code 606c9e7 staging.bbclass: make already-stripped can be skipped 647e0e4 buildhistory-collect-srcrevs: hide empty sections d4b5a1f selftest/buildhistory.py: Test buildhistory does not change sigs 4b83f1f gcc5: Upgrade gcc-5.2 -> gcc-5.3 0381b78 bitbake: event/utils/methodpool: Add a cache of compiled code objects c61c1eb bitbake: BBHandler: Improve IN_PYTHON_EOF handling 2a94194 bitbake.conf: Add filename and lineno to BB_SIGNATURE_EXCLUDE_FLAGS 5f40691 bitbake: toaster: remove 2 confusing parameters 3960b6e bitbake: toaster: move setting of default values b194c0c bitbake: toaster: move startup checks to a better place 064d2c7 bitbake: toaster: remove 2 unused functions c505f24 bitbake: toaster: remove addtoConfiguration function c7e4404 bitbake: toaster: updated header of the toaster script af34920 bitbake: toaster: add MANAGE variable 563b786 bitbake: toaster: remove unused variable aa3cc12 bitbake: toaster: split long lines, add/remove whitespace 8e4acac bitbake: toaster: check if address:port is in use 847b935 bitbake: toaster: implement checksocket command 9f3681d buildstats-summary/toaster: Cope with removal of get_bn() 522dcaa bitbake: knotty: Improve exception error message 01d67bf bitbake: knotty: Fix row/column function return value issue 6c12efa bitbake: buildinfohelper: Update for buildstats layout change 28ea1a1 bitbake: fetch: use orig localpath when calling orig method 5cb6d83 bitbake: utils: Improve traceback from better_exec internal errors 0019edc bitbake: ast/event/utils: Improve tracebacks to include file and line numbers more correctly b14ccb2 bitbake: runqueue: Add support for <task>- syntax 5069ab6 m4: Drop unused/unreferenced patch d7e766b toaster: Update for buildstats changes adfdca4 buildstats: Improve to add getrusage data and corrected IO stats 3187647 buildstats: Separate out the build and task data to allow improvements 38a2553 buildstats: Clean up e.data and bb.data references 7b1e48f buildstats: Drop get_bn/set_pn and just use BUILDNAME 7837162 buildstats: Drop disk data from buildstats 030c033 nativesdk-buildtools-perl-dummy: Bump PR e6f2761 combo-layer: Stop using filterdiff f1f3716 meta: more removals of redunant FILES_${PN}-dbg 5fb8fea clutter-gst-3.0: add dependency on libgudev 54f01ca systemd: Upgrade to 228 63bdadc uclibc: Switch to using uclibc-ng 0b5cddd cdrtools-native: update to 3.01 final c4dfb92 grep: update to 2.22 d8608bc procps: update to 3.3.11 52f6a01 babeltrace: update to 1.3.1 0c705d6 powertop: update to 2.8 516d8c9 nfs-utils: update to 1.3.3 9c39a4f systemtap: update to 2.9 fef0ec6 kbd: update to 2.0.3 8668e17 gmp: update to 6.1.0 86e02d0 docbook-xsl-stylesheets: fix UPSTREAM_CHECK_REGEX f065766 mtd-utils: update to 1.5.2 5d32aeb unfs3: update to r497 4e653b5 python-numpy: update to 1.10.1 90b7212 libxml-simple-perl: update to 2.22 689db13 dmidecode: update to 3.0 d301451 cpio: update to 2.12 2bea006 puzzles: update to current commit 2d04c83 gnutls: update to 3.4.7 cf1eb2b libidn: add native and nativesdk support dd58b3b libpng: Update SRC_URI to use GENTOO_MIRROR b763668 libpng12: Upgrade 1.2.54 -> 1.2.55 91c92fc libical: Upgrade 1.0.0 -> 1.0.1 5c6ff26 libxslt: use proper SRC_URI a444eb5 kexec-tools: added the script kdump be9f7f9 ltp: Upgrade 20150420 -> 20150903 81f1e41 musl: Update to latest 1.1.12 release c529e66 util-linux: Upgrade to 2.27.1 bdbc5ee packagegroup-core-sdk: Disable sanitizers for uclibc 692853d libsolv: add new recipe 8bba7de curl: upgrade to 7.45 2e3a172 libsndfile1: 1.0.25 -> 1.0.26 df18352 wget: Upgrade 1.16.3 -> 1.17 81eb101 unifdef: upgrade to 2.11 19c76ad sstate-sysroot-cruft: Add php, python, lua, fontcache generated files to whitelist f80f8ba oeqa/selftest: Added testcase decorators for 2 testcases a5dd1dd uninative.bbclass: Choose the correct loader based on BUILD_ARCH 388e580 license: Fix BB_TASKDEPDATA references f19e8de coreutils/procps: Revert priority change since coreutils > busybox 455ff32 meta: more removals of redunant FILES_${PN}-dbg e0890b6 meta: Drop now pointless manual -dbg packaging b7766e4 package: Add auto package splitting of .debug files 89f13c7 meta/conf/toasterconf.json: remove SDKMACHINE variable as it no longer used 03d715e bitbake: toaster: tables Set a default order for the software recipes table 4ff0d60 bitbake: toaster: rework checking of Django version 4a78416 bitbake: toaster: monkey patch Queryset c1c8eff bitbake: toaster: removed extra calls of migrate 507aafb bitbake: toaster: work around 'database is locked' error 322b470 bitbake: toaster: fixed format strings 84daa40 bitbake: toaster: use OneToOneField instead of ForeignKey c464f34 bitbake: toaster: Amend regex for MySQL database URLs f001a4a bitbake: toaster: Remove compatible_layerversions() method 0adffdf bitbake: toaster: Check Django version against toaster-requirements.txt 8d058cf bitbake: toaster: Update deprecated manage.py command 717c636 bitbake: toaster: Prevent deprecation warnings for RedirectView 0f602c1 bitbake: toaster: Update API used to make runbuilds methods run in transactions 93f5738 bitbake: toaster: rename get_query_set -> get_queryset 23c4806 bitbake: toaster: Start Django machinery for database access 7a0c45e bitbake: toaster: Create default project with get_or_create* method 9de8dfa bitbake: toaster: Fix references to app paths 535fc9b bitbake: toaster: Remove South migrations 8ca4664 bitbake: toaster: Upgrade to Django 1.8.6 and remove South b322dec bitbake: toasterui: process SetBRBE event 0274b68 bitbake: toaster: trigger SetBRBE event fdb8e74 bitbake: toaster: implement BitbakeController.triggerEvent 5de3800 bitbake: event: Fix subprocess event error traceback failures 0da1d71 nopackages: Add class for recipes which don't generate packages 5003d14 sstate: Ensure populate_lic dependencies are not followed 48aad51 populate_sdk_ext/sign_rpm/sign_package_feed: Add missing getVar parameter 98dcdcb autoconf: Disable macro which causes excessive delays when using dash as sh 28fa304 automake: Remove delays in configure scripts using automake f5e681d site/common-linux: Add some macros to avoid sleeps during configure 93adf46 meta-yocto/conf/toasterconf.json: remove SDKMACHINE variable as it no longer used b3d6872 lttng-tools: Revert wrong enforcement of Python 3.0 use 2c11bdd attr: Add patch to account for use of internal glibc header f1c034b libpam: Fix build with musl 33bab59 openssl: Add musl configuration support c4207ee busybox: Add config for musl 083d9d1 gettext: Delete libintl.h and charset.alias 3a0797f sysvinit: Fix build with musl fd21402 musl: Add recipe 781d34f mtools: Use proper glibc override to add glibc packages to recommendations 1b90d67 squashfs-tools: Define FNM_EXTMATCH if not defined 36a709a mtd-utils: Backport and create patches to support musl 41fd73f gdb: Fix build with musl 1ee97d8 autoconf: Add musl support a2ea58b gcc: Add support for building musl configuration 37c74e2 gstreamer1.0: Split bash completion information into separate package fc32a3b attr: add attr dependency to attr-ptest 9205f0a valgrind: import Debian link_tool patch for MIPS c27bbb4 slang: update upstream URI to (official) jedsoft.org 21e35df subversion: update to 1.9.2 39260c3 json-c: add manual upstream version check 4ff0017 mirrors: replace references to archive.apache.org 1672a18 mobile-broadband-provider-info: update to current commit b699b15 nspr: update to 4.11 dec8d20 python-setuptools: update to 18.7.1 b3535e2 openssl: update to 1.0.2e fce2ee7 dropbear.inc: drop legacy CFLAGS and LD tweaks f87063b dropbear: update 2015.70 -> 2015.71 a520495 texinfo: don't create dependency on INHERIT variable 2b2774b sudo: upgrade to 1.8.15 5eb0e90 linux-firmware: update to latest revision bbe4917 c147782 bluez5: upgrade to 5.36 64c3a09 sudo: remove libdir INSANE_SKIP b407a80 libsdl: expand PACKAGECONFIG and enable native builds 39facf9 buildtools-tarball.bb: 32bit tools need pseudo 32bit library bc26a7d rpm: fix file conflicts for MIPS64 N32 01c0285 rpm: Enable MIPS64 N32 transactions a742586 bash: fix testcase run-coproc/run-execscript/run-test/run-heredoc failed a6bb872 cpio: fix test case of symlink-bad-length 787d82b linux-libc-headers: update default KORG_ARCHIVE_COMPRESSION bz2 -> xz 94c0332 linux-libc-headers.inc: remove '-e MAKEFLAGS=' from EXTRA_OEMAKE c7ad779 gcc-4.9: import patch fixing compilation in thumb mode 1260ded gcc-5.2: import patch fixing compilation in thumb mode b4db53a dropbear: Upgrade 2015.68 -> 2015.70 e0162c1 gcc-cross-initial: make dependency on gnu-config-native and autoconf-native explicit fccb128 weston-init: add a native systemd unit file a1fa8d9 python: Fix cross compiling issue c9fdc1b icu: Upgrade 55.1 -> 56.1 95909bc kernel.bbclass: drop unnecessary 'eval' from kernel_do_configure() ec79a19 insane: in libdir test allow libraries in libexecdir 9c0186f rootfs.py: Change logic to unistall packages 23083e7 oeqa/systemd: get runtest target boot time and log c6330a2 oeqa/systemd: journalctl helper function 220a78b scripts: oe-selftest Added new features. 98d2485 oe-buildenv-internal: preserve existing BB_ENV_EXTRAWHITE 9cab798 toolchain-shar-extract.sh: fix ~ not working in path f27401d nativesdk-buildtools-perl-dummy: properly set PACKAGE_ARCH 5e3e2e0 poky.conf: Bump for 2.1 development 7e8ff7b bitbake: toaster: toasterui Add ParseStarted/ParseProgress events to mask f823601 build-appliance-image: Update to master head revision 992e577 linux-yocto: Update genericx86* BSPs to v4.1.13 b4f6950 cmake: Add nios2 support 27b9f04 boost: adjust hard-coded path after python3 upgrade 639cadd sdk.py / OpkgSdk: remove_packaging_data() after install fd4894f devtool: extract: update SRCTREECOVEREDTASKS for kernel 34f1d81 devtool: extract: copy kernel config to srctree 6650357 lib/oe/package_manager: Introducing PACKAGE_FEED_BASE_PATHS/PACKAGE_FEED_ARCHS d7baeb5 selftest/wic.py: Add test for custom bootloader config 8612f26 directdisk-bootloader-config.wks: Add example for custom bootloader config c59dc3b wic/help.py: Document the new option "configfile" 7033873 wic: Allow to use a custom config for bootloaders f95f729 wic/utils/misc.py: Added function to search for files in canned-wks 9773faa wic: Prepare wicboot to allow custom bootloader config 4515186 package_ipk: allow to specify OPKG_ARGS in local.conf 7cf7156 systemd.bbclass: Allow enabling of parameterised services 551cda0 base: check for existing prefix when expanding names in PACKAGECONFIG c093fd8 linux-yocto/4.1: Fix kernel oops on qemuarm boot cda3905 toolchain-shar-extract.sh: ensure cleaned environment will work for ext SDK f9384b0 bitbake: knotty: Enforce terminal line limit to stop crazy scrolling 7a775a1 initramfs-framework: create directory /var/run 2861399 libpcre: drop UPSTREAM_CHECK_ variables 35c28e3 libpcre: upgrade to 8.38 d50ef65 libpng: update 1.6.19 -> 1.6.20 (CVE-2015-8126) 2b736f2 ghostscript: add dependency for pnglibconf.h 976f0e3 package_regex.inc: split the rest of the entries to their recipes 74bfa62 package_regex.inc: split entries which blacklist specific versions to their recipes 75c6929 package_regex.inc: split sourceforge related entries to their own recipes cefeac2 package_regex.inc: split PyPi related entries to their own recipes aa5df2a package_regex.inc: split Debian-related entries into their own recipes 12ba5cc package_regex.inc: split GITTAGREGEX entries into recipe files 642e92f package_regex.inc: split entries with odd-even versioning into their own recipes 96eac69 package_regex.inc: deprecate the file b0bbea5 gstreamer: really fix the helper install race b822216 neard: fix libdir/libexecdir confusion cbfccc6 glibc: fix libdir/libexecdir path confusion d0577f9 sudo: handle libexecdir != libdir/PN. 6f837cc util-linux: Add ptest dbd02bd libav: Correctly handle prefix="" fda9859 libav: Add PACKAGECONFIG options: avdevice, avfilter, avplay, gpl 7ba85f1 libav: Remove deprecated --disable-avserver 2739ed0 busybox: backport upstream fixes for unzip 6decbbb qt4-4.8.7: fix build for mips n32 f1e8938 gstreamer1.0: Convert tests and valgrind config opts to PACKAGECONFIGs 11b9524 cracklib: fix for base_libdir == libdir d9f73ca libbsd: Upgrade to 0.8.0 10d6dc4 libcroco: Upgrade 0.6.8 -> 0.6.9 79b823a shared-mime-info: Upgrade 1.4 -> 1.5 f6ec8a4 xdg-utils: Upgrade to 1.1.1 a3f63f9 gsettings-desktop-schemas: Upgrade 2.16.1 -> 3.18.1 754f6b6 gnome-common: Upgrade 3.14.0 -> 3.18.0 75aba18 clutter-gtk-1.0: Upgrade 1.6.2 -> 1.6.6 c6a6212 clutter-gst-3.0: Upgrade 3.0.8 -> 3.0.14 2da6cd5 clutter-1.0: Upgrade 1.24.2 148c953 cogl-1.0: Upgrade 1.20.0 -> 1.22.0 f54d4e4 ghostscript: Add NIOS2 support 21ba42b harfbuzz: update 1.1.0 -> 1.1.2 058b91e xvideo-tests: move to the latest release 70d459c scripts/oe-pkgdata-util: sort the packages in list-pkg-files 80e3919 wic: insert local Python paths at front 9d788d7 toolchain-scripts.bbclass: unset command_not_found_handle 82ab99f waf.bbclass: remove unused parameter from get_waf_parallel_make() 68d3dfe toolchain-shar-extract.sh: proper fix for additional env setup scripts 0c5d239 base: Improve handling of switching virtual/x providers 3745479 bitbake: bitbake: rename REGEX, REGEX_URI, and GITTAGREGEX. dd282d4 bitbake: toaster: return back 'New project' button 2a8e970 bitbake: toaster: tests Update UI tests to work with 2.0 changes fe8a0a3 bitbake: toaster: tests Automated build-mode backend tests 0497b57 bitbake: toaster: unset environment variables 8b7a548 bitbake: toaster: get rid of complicated heuristics 556b8b6 bitbake: toaster: remove SDKMACHINE from project variables 4186f5b bitbake: toaster: stop using toaster-pre.conf 361faa3 bitbake: toaster: remove writeConfFile API fcbba5a bitbake: toaster: set varibales on bitbake server 993bc7e bitbake: toaster: implement BitbakeController.getVariable 53e981e bitbake: toaster: buildinfohelper Broaden the toaster created recipe data case 57e5f24 bitbake: toaster: do not create duplicate HelpText objects 4c1e5ec bitbake: toaster: remove usage of BUILD_MODE variable 9902895 bitbake: toaster: do not terminate bb server 58765a8 bitbake: toaster: remove stopBBServer API 95a3cf7 bitbake: toaster: reimplemented startBBServer method 76d53b5 bitbake: toaster: remove _setupBE function 87b2f95 bitbake: toaster: implement 'toaster restart-bitbake' 891484a bitbake: toaster: implement start_bitbake function bf25471 bitbake: toaster: implement stop_bitbake function 7c2b225 bitbake: toaster: update brbe and project attributes de812d0 bitbake: toaster: start 'manage.py runbuilds' in the script 28e8ccf bitbake: toaster: make runbuilds to loop a3871a3 bitbake: toaster: use parent of the build dir 2a96d35 bitbake: toaster: check for toaster configuration later d87a534 bitbake: toaster: remove unused variable dc6a489 bitbake: toaster: change toasterconf.json logic to use TEMPLATECONF, like oe-setup-builddir 5a42c2d bitbake: toaster: run bitbake the same way cac91db bitbake: toaster: set DATABASE_URL in toaster script a464bf2 bitbake: toaster: implement get-dburl command e473151 bitbake: toaster: don't allow to run toaster as a script 4de214f bitbake: lib/bb/utils: improve edit_bblayers_conf() handling of bblayers.conf formatting 0debb11 bitbake: lib/bb/utils: fix error in edit_metadata() when deleting first line 9d19dd9 bitbake: wget.py: parse only <a> tags 71ede7b bitbake: toaster: toastergui tests Add generic test for ToasterTables widget 34b22cf bitbake: toaster: tables Fix invalid field name on NewCustomImagesTable 1c59846 bitbake: toaster: tables Add default_orderby field where it was missing or unset d82c541 bitbake: toaster: CustomImageRecipe add search_allowed_fields to this model bdf6241 bitbake: toaster: machines table Fix missing layers information needed for filter b90a8dc bitbake: toaster: tablejs Make sure click handlers consume click event c075bcf bitbake: toaster: projectpage Make sure build targets are space separated 698c74c libsdl: remove redundant configure_tweak patch 35945fd iw: upgrade to version 4.3 15969ae gstreamer1.0-plugins-good: fix PACKAGECONFIG for gudev and add one for v4l2 and libv4l2 e601b38 gstreamer1.0-plugins-bad: fix dependencies for uvch264 PACKAGECONFIG ddf2501 gudev: Add from meta-oe e406fa8 lsb: fix installed-vs-shipped for mips 39ecdce rpm: fix for N32 MIPS64 09b4da6 glibc/0029-fix-getmnt-empty-lines.patch: fix getmntent() 1781a9a init-install-efi: fix script for eMMC installation f808747 init-install-efi: fix script for gummiboot loader 2a55036 linux-firmware: rtl8192cx: Add latest available firmware b60af3b libsdl2: add missing dependency on libxkbcommon for PACKAGECONFIG[wayland] ed31874 libxml2: upgrade to 2.9.3 ecb1c71 libxml2: merge pointless bb/inc split 19a626d openssh: redesign ssh-agent.sh regression test case 81b59e7 gcr: Require x11 DISTRO_FEATURE 934e486 psplash: update to latest git version ccb2a57 sysvinit-inittab: Add wrapper script to verify console exists b7f610d linux-yocto/4.1: Bluetooth:Fix the connection fail of 6lowpan over BT LE d08e761 linux-yocto-rt/4.1: update to -rt15 6aa464c linux-yocto/4.1: fsl-mpc8315e-rdb: Enable EEPROM bd29006 linux-yocto/4.1: update to v4.1.13 5561407 uClibc: enable utmp for shadow compatibility 533fc01 glibc: Backported a patch to fix glibc's bug(18589) 598e372 ncurses: update SRC_URI 51b64ee openssl: enable parallel make 88e45cd busybox: enable resize applet 87de4a1 busybox: disable support for mounting NFS file systems on Linux < 2.6.23 73cc839 busybox: update 1.23.2 -> 1.24.1 f8ac408 busybox: re-order defconfig to align with busybox 1.24.1 3648a37 busybox.inc: remove '-e MAKEFLAGS=' from EXTRA_OEMAKE bf28ea9 busybox.inc: set CC=${CC} via make command line f21dce1 busybox.inc: fix CONFIG_EXTRA_CFLAGS configmangle 6167669 busybox.inc: don't set .config CROSS_COMPILER_PREFIX e1ecccd busybox: move EXTRA_OEMAKE etc into busybox.inc 0e63300 busybox.inc: don't export EXTRA_OEMAKE 3735776 busybox_git: Enable getopt applet b1774f4 harfbuzz: update 1.0.6 -> 1.1.0 31f803a sqlite3: update 3.9.0 -> 3.9.2 7e3474c readline: apply missing upstream patches 99b9d52 readline: prepare for readline6.3 upstream patches e0b6d0c dbus: merge .bb and .inc d99958a pulseaudio: Fix HDMI profile selection 2ba954f initscripts: hide the error in case system is not writeable 4ed84ff nativesdk-buildtools-perl-dummy: fix rebuilding when SDKMACHINE changes b8fdd09 xf86-video-vmware: Add vmwgfx PACKAGECONFIG option dfd5c4d pkgconfig: merge .bb and .inc 61c6887 pkgconfig: upgrade to version 0.29 744e89f ofono: upgrade to version 1.17 996f843 libxml2: remove legacy LDFLAGS += "-ldl" workaround dedabc1 apr: fix LTFLAGS to make it work with ccache 9470956 iproute2: install bridge tool by default 1b8f6a2 lttng-tools: add libgcc to RDEPENDS 22dd6e7 lttng-tools: Upgrade to 2.7 release ef73f21 lttng-tools: Drop unused patch c375976 lttng-ust: Upgrade to 2.7 release f5c1b57 lttng-modules: Upgrade to 2.7 release 8d708a5 libunistring: upgrade to version 0.9.6 f840e59 libtasn1: upgrade to 4.7 012ca02 wpa-supplicant: upgrade to 2.5 872e153 mesa: Make gl libraries RRECOMMEND mesa-megadriver a62fa23 directfb.inc: force bfd linker for armv7a 9b075ca libpng12: update to 1.2.54 6d1eb34 libpng: update to 1.6.19 92a881f orc: update to 0.4.24 2f479b1 libpcap: update to 1.7.4 bd4058f apr-util: add missing RDEPENDS for ptest 1408642 iproute2: update to 4.3.0 e677c25 ruby-native: Depend on openssl-native 9e37812 db: fix race issue for libdb-6.0.la c19036a pango: use ptest-gnome 43b29d9 gst-plugins-bad: improve FILES variables 9fc877f gstreamer1.0-plugins-base: add PACKAGECONFIG for libvisual 7a2bb0d python3: fix building nativesdk-python3 2268a70 python3: Upgrade from 3.4.3 to 3.5 ed8d1be python-git: Add missing dependency dee2a8c guile, mailx, gcc, opensp, gstreamer1.0-libav, libunwind: disable thumb where it fails for qemuarm c0b822f icu: force arm mode f42ef3f rpcbind: Security Advisory - rpcbind - CVE-2015-7236 04034e7 subversion: fix CVE-2015-3187 f91aedf subversion: fix CVE-2015-3184 40cd228 oeqa/sshcontrol: don't source profile d39192a oeqa/runtime/multilib: refactor ELF class extraction cc34104 oe-selftest: Enable code coverage on unit tests 06859de meta/conf/machine: use ' inside quoted values 6be94ec runqemu-internal: Replace wacom-tablet with tablet for usbdevice 0cc3810 recipetool: make plugin registration function name consistent with devtool b381f80 recipetool: add setvar subcommand 1fbd760 lib/oe/recipeutils: refactor patch_recipe_file() to use edit_metadata() 0b850cb devtool: clarify help text 5001f23 devtool: build: enable showing default task in help f79022d devtool: build: use bbappend to set PARALLEL_MAKE 21481bc lib/oe/recipeutils: check in validate_pn() for names instead of filenames 671f41e devtool: ensure we change back to the original dir on error 74505b4 devtool: search: print SUMMARY value 3f46af2 devtool: drop unused plugin_init() functions 176211a devtool: package: use DEPLOY_DIR_<pkgtype> to get deploy directory 0fe7426 devtool: disable creating workspace for extract and search subcommands a360fa7 lib/oe/patch: improve extraction of patch header f79cc4d devtool: upgrade: provide a means to update the source branch b4d4d21 devtool: upgrade: fetch remote repository before checking out new revision 9b7d45c devtool: upgrade: remove erroneous error when not renaming recipe 9a70444 devtool: upgrade: fix updating PV and SRCREV 6a52c73 devtool: upgrade: fix removing other recipes from workspace on reset 44ef78a devtool: include do_patch in SRCTREECOVEREDTASKS 804f5b8 image.py: avoid mkdir race when building multiple images 312862f package_manager.py: define info_dir and status_file when OPKGLIBDIR isn't the default b00f734 image.py: Avoid creating empty .env file in _write_wic_env a88505b lib/oe/terminal: use C locale when determining version 8d784ba toolchain-shar-extract.sh: Ensure it's ran in clean environment 7f3c20f toolchain-shar-extract.sh: do not allow $ in paths for ext SDK 2d21e5d create-pull-request: handle empty ODIR c63b36f scripts/gen-lockedsig-cache: improve output 67af6d6 wic: exec_native_cmd: implement support for pseudo 8ffba25 toolchain-shar-relocate: don't assume last state of env_setup_script is good b8ee7ae sanity: don't enforce DISPLAY for testimage b364183 oeqa/qemurunner: pass nographic to runqemu if DISPLAY isn't set 46755cc base: add automatic dependency on lzip-native for .lz SRC_URI 6ea39c2 base: decode SRC_URI before adding implicit fetch dependencies eded9c2 buildhistory.bbclass: support extending the content of the build history d95df11 license.bbclass: Create image license manifest efdab52 license.bbclass: Add function get_deployed_files cc0d044 license.bbclass: Added function get_deployed_dependencies d45e10e license.bbclass: Added get_boot_dependencies function 8b1e7bc license.bbclass: Split license create manifest 1a210e6 license.bbclass: Write recipeinfo file in license folder 74c7cd5 populate_sdk_ext.bbclass: Be more permissive on the name of the buildtools 5ba6382 populate_sdk_base: Add sysroot symlink check 7fed655 classes/populate_sdk_ext: fail if SDK_ARCH != BUILD_ARCH 2948169 classes/populate_sdk_ext: tweak reporting of workspace exclusion 28a2ea7 classes/populate_sdk_ext: make it clear when SDK installation has failed 124c6aa classes/populate_sdk_ext: tidy up preparation log file writing d348624 boot-directdisk.bbclass: remove HDDIMG before create 03f15e5 sstate: Ensure siginfo and sig files are also touched 615ccae weston: Add PACKAGECONFIG option for colord CMS cdad67c opkg: add cache filename length fixes 2ec77de openjade-native: statically link local libs 29747d4 sysklogd: inhibit updatercd for non-sysvinit add3451 connman: depend on readline 7a557a2 latencytop: obey LDFLAGS 8aeec87 tcf-agent: obey LDFLAGS 9025d2e blkspace: fix ldflags for iowatcher 1732a8a bluez5: enable sysvinit support 160fdd8 sysprof: use packageconfig for the gui 425d020 mc: upgrade to 4.8.15 7386647 packagegroup-core-directfb: Don't depend on pango-modules ac5ed8e xkeyboard-config: Upgrade 2.15 -> 2.16 3a71fab xkbcomp: Upgrade 1.3.0 -> 1.3.1 b7cb308 xinput: Upgrade 1.6.1 -> 1.6.2 05eca73 xf86-video-omap: Upgrade 0.4.3 -> 0.4.4 cfcc5e5 xf86-input-synaptics: Upgrade 1.8.2 -> 1.8.3 4c9256f xf86-input-evdev: Upgrade 2.9.2 -> 2.10.0 96ddcc5 xorg-driver-input: add xorg configuration to FILES a1003f5 xserver-xorg: Upgrade 1.17.2 -> 1.18.0 a336b8a libxcb: Remove unused git-version of the recipe 05ba0db libxcb: Upgrade 1.11 -> 1.11.1 44233d3 pixman: Upgrade 0.32.6 -> 0.32.8 7ab0466 libxi: Upgrade 1.7.4 -> 1.7.5 63feef0 gtk-icon-utils-native: Upgrade 3.16.6 -> 3.18.2 38924d9 package_regex.inc: Add gtk-icon-utils-native 060b482 gtk+3: Upgrade 3.16.6 -> 3.18.2 4f3d2b3 adwaita-icon-theme: Upgrade 3.16.2.1 -> 3.18.0 c8849ac librsvg: Upgrade 2.40.10 -> 2.40.11 81769ca pango: add RPROVIDES for removed packages c9b06f5 pango: Upgrade 1.36.8 -> 1.38.1 ced8d49 gdk-pixbuf: Upgrade 2.30.8 -> 2.32.1 918c773 libsoup-2.4: Upgrade 2.50.0 -> 2.52.1 5bd9305 at-spi2-atk: Upgrade 2.16.0 -> 2.18.1 8eb0c8f atk-spi2-core: Upgrade 2.16.0 -> 2.18.1 78130eb atk: Upgrade 2.16.0 -> 2.18.0 e7141ab glib-networking: Upgrade 2.44.0 -> 2.46.1 fcd7494 glib-2.0: build dependency cleanup 5357764 glib-2.0: Enable more tests while cross-compiling 1e271af glib-2.0: Upgrade 2.44.1 -> 2.46.1 bc1be07 qemu: Backport malloc-trace disabling bca5a7a logrotate: do not move binary logrotate to /usr/bin 0069c0d systemd: drop unneeded $D check in prerm cd1f2b4 systemd: chown hwdb.bin to root:root for do_rootfs 7ca8cd9 systemd: for valgrind, define VALGRIND=1 46fa8ab systemd: make coredump a PACKAGECONFIG ac34784 systemd: add machine-id to conffiles 04937cc systemd: ignore .so filenames in systemd-doc 6821854 systemd: fix Upstream-Status tag 82107b1 mdadm: fix CFLAGS and ptest issues d8adfd2 gcc-4.9: Fix various _FOR_BUILD and related variables 8ae27fa devtool: add sync command 6bfa1dc boost.inc: remove unused parameter from get_boost_parallel_make() 16d7bfd wireless-tools: remove unused files ee923bf gstreamer1.0: fix install race 0ae52c8 gcc-multilib-config: make aarch64 support multilib 8514d21 libxml2: fix CVE-2015-7942 and CVE-2015-8035 e864f71 terminal: Open a new window instead of split on older tmux versions (<1.9) 5056581 flex: fix test-bison-yylval and test-bison-yylloc failed c54540e gdbm 1.8.3: install libgdbm_compat b9f87ed harfbuzz: update to 1.0.6 3f75537 ethtool: bump version to 4.2 9a4da3c openssl: fix ptest issues 9163a5d base-files: stage /etc/skel d60c5ff mktemp: raise the priority to avoid conflicting with coreutils b06eacd libunwind: fix build for qemuarm c4acace gma500_gfx: Avoid inserting gma500_gfx module for certain devices 6c3f680 libsndfile: fix CVE-2014-9756 aa07eb1 python-pycurl: update version to 7.19.5.2 696aa7e rt-tests: upgrade to version 0.96 6ec7dc2 rpcbind: don't use '-w' for starting rpcbind eddd88f libsecret: add dependency on intltool-native 2e8efb1 openssl: use subdir= instead of moving files in do_configure_prepend() 036d2dc openssl: sanity check that the bignum module is present cf366d8 libsdl2: require GLES when building Wayland support 4b38be6 meta: add some missing Upstream-Status tags to patches 42c75cd weston: delete unused patch 521fac6 glibc: fix Upstream-Status tag 44a7bbc linux-firmware: package Broadcom BCM4339 firmware f9d51cd libusb1: fix make install race cb01f6d libusb1: upgrade from 1.0.19 to 1.0.20 b4e6f63 perl: fix spaces in brackets while using CC version a59d019 u-boot: Update to 2015.10 release e67c5b0 bitbake-prserv-tool: check file name 4e2c5e1 recipetool.append: don't choke on a trailing ; in a url a35f79d yocto-bsp: Set SRCREV meta/machine revisions to AUTOREV 9d585b5 yocto-bsp: Set KTYPE to user selected base branch 1542c2a yocto-bsp: Typo on the file extension f674ffa yocto-bsp: Avoid duplication of user patches ({{=machine}}-user-patches.scc) 49a465c package_manager.py: Delete installed_pkgs.txt file ace895d rootfs.py: Stop using installed_pkgs.txt ccb1616 lib/oe/distro_check: don't set empty proxy keys 8137a84 lib/oe/copy_buildsystem: Don't expand BB_TASKDEPDATA a6c68d8 oeqa/selftest/sstatetests: prettier output for allarch test 92328b4 oeqa/selftest/signing: Added new test for signing sstate. fbb03a8 oeqa/selftest/signing: New test for Signing packages in the package feeds. 13a4c38 qemu.bbclass: fix vardeps of QEMU_OPTIONS 51bd011 qemu.bbclass: correct the fsl ppc QEMU_EXTRAOPTIONS 753f31e autotools: Allow recipe-individual configure scripts e281791 allarch: Force TARGET_*FLAGS variable values e28e17e distro/maintainers.inc: include stress package details 76d2e46 image_types: improve wks path specification 70ae7a6 insane.bbclass: Avoid libdir QA check if PACKAGE_DEBUG_SPLIT_STYLE='debug-file-directory' cf0dfdb classes/cpan-base: fix libdir for nativesdk a205c4c bbclass: fix spelling mistakes cf218e5 rootfs_*.bbclass: don't add BUILDNAME to do_rootfs vardepsexclude 7d8616c insane: Don't depend on BB_TASKDEPDATA a9cc27e kernel: fix race condition between compile_kernelmodules and shared_workdir fecb077 classes: Ensure pass setVar/setVarFlag strings, not integers 9167f20 classes/license: fix intermittent license collection warning 43c8867 classes/metadata_scm: fix git errors showing up on non-git repositories 59b27d5 sstate: respect GPG_BIN and GPG_HOME 4415dc5 archiver.bbclass: add bbappend when do_ar_recipe kernel and gcc packages 2f0ff3a archiver.bbclass: fix previous issue regarding work-shared for linux-yocto 0cc4eef waf.bbclass: filter out non -j from PARALLEL_MAKE 95719b0 ptest-gnome: extend EXTRA_OECONF in all builds, not just target 1b25a70 yocto-project-qs, ref-manual, poky.ent: CentOS Package updates 2e649d7 dev-manual: Updated runqemu command options list bd62289 toaster-manual: Removed SDKMACHINE from the json file example. c674cd7 ref-manual: Updated list of supported distros. 33d8cff ref-manual: Updated the GCC 5 migration section for 2.0 d9aabf9 gcc: Drop 4.8 2cb1aee layer.conf: Correct gcc-cross dependency 88f9310 bitbake: toaster: builds pages Fix the download cooker log link d04af8b bitbake: toaster: project pages Link to image recipes table in notifications 70465c7 bitbake: toaster: tests: Re-write some cases to make them more maintainable 536b73f bitbake: data_smart: Only support lowercase OVERRIDES fb01a66 bitbake: fetch2: Remove crazy code in unpack 7db88aa bitbake: parse: Don't try to expand __base_depends/__depends 4c04ce0 bitbake: cache: Don't try to expand __inherit_data 9d8e36a bitbake: toaster: localhostbectrl Pass DATABASE_URL in via the process environment 4677d8b bitbake: toaster: Remove the new-build-input button widget 55f4494 bitbake: toaster: projecttopbar Use the project in context to get num builds e9d4962 bitbake: toaster: projectpage Disable/Enable build input if we have 0 layers 5fa4c73 bitbake: toaster: orm Fix get_number_of_builds to count all apart from IN_PROGRESS c4032f4 bitbake: codeparser: Only load the codeparser cache once e3b66c1 maintainers: mass reassign and cleanup 37ddd3e Revert "local.conf.sample: Disable image-prelink by default" 9cc221d yocto-bsp: Default kernel version to 4.1 on x86_64 7100c42 scripts: runqemu: remove QEMUARCH from help message f47e4ad cairo: update 1.14.2 -> 1.14.4 603b4de cairo.inc: drop obsolete CFLAGS += "-ffat-lto-objects" workaround e8833a6 cmake: update 3.3.1 -> 3.3.2 8b2b068 oe-selftest: add test for bitbake-layers show-recipes 480bbae oeqa/selftest/layerappend: fix test if build directory is not inside COREBASE a301f6e oeqa/selftest/devtool: fix test if build directory is not inside COREBASE fd6bf77 classes/distrodata: split SRC_URI properly before determining type 7cebff6 classes/buildhistory: split package history values only once 10fc534 conf/distro/include: drop old recipes from include files 37cfd80 gitignore: fix overzealous exclusion 1f6599b meta: Fix typos in Upstream-Status labels 7cace4c meta/conf/layer.conf: fix typo ca8e1e5 texinfo-dummy-native: set SUMMARY instead of DESCRIPTION 64cd113 gstreamer1.0-meta-base: set SUMMARY instead of DESCRIPTION 1d42d59 mmc-utils: set SUMMARY instead of DESCRIPTION 6692540 swig: set SUMMARY instead of DESCRIPTION 47ae8eb alsa-plugins: set SUMMARY instead of DESCRIPTION eac5fa9 tzcode-native: set SUMMARY instead of DESCRIPTION 0a30a1f linux-yocto.inc: set SUMMARY instead of DESCRIPTION 19e1a73 python-nose: add SUMMARY b5f58c1 stress: add SUMMARY 5f9392a libunwind: add SUMMARY 1460e01 gptfdisk: add SUMMARY 0821c36 verify-homepage: fix recipe file selection 0c48921 verify-homepage: tidy up output and comments 0e348e7 verify-homepage: get expanded HOMEPAGE value caaca00 verify-homepage: use scriptpath to find bitbake path 649b6bc libaio: don't disable linking to the system libraries 11a9c24 runqemu: don't specify IP when starting a VNC server 3b95964 qemurunner: Remove the timeout in run_serial bbd6d07 libxslt: CVE-2015-7995 a0d2ea9 gstreamer1.0-rtsp-server: upgrade to version 1.6.1 2459ec2 gstreamer1.0-libav: upgrade to version 1.6.1 bce06e7 gstreamer1.0-plugins-ugly: upgrade to version 1.6.1 0ec3c62 gstreamer1.0-plugins-bad: upgrade to version 1.6.1 ba1bc63 gstreamer1.0-plugins-good: upgrade to version 1.6.1 4a55d12 gstreamer1.0-plugins-base: upgrade to version 1.6.1 8360f23 gstreamer1.0: upgrade to version 1.6.1 8800033 prelink: Fix various prelink issues on IA32, ARM, and MIPS. 920fb96 gcc: Update default Power GCC settings to use secure-plt 7b1763a glibc: Fix ld.so / prelink interface for ELF_RTYPE_CLASS_EXTERN_PROTECTED_DATA e63e191 qemurunner: Enable timestamps on kernel boot-up a1ca788 openssl: fix mips64 configure support 5a10a6f at: modify sources in do_patch 78e0598 unzip: rename patch to reflect CVE fix b80935a readline: rename patch to contain CVE reference 86d84ff qemu: upgrade to 2.4.0.1 4f0d756 gnome-desktop-testing: fix ptest output format 834de84 default-distrovars: remove less from WHITELIST_GPL-3.0 29bba95 lsof: don't export EXTRA_OEMAKE 3d37768 cmake.bbclass: don't duplicate CMAKE_C_FLAGS in CMAKE_C_FLAGS_RELEASE efc07c2 rm_work.bbclass: Exclude do_rootfs stamp removal 5f9d16b cairo: fix license for cairo-script-interpreter 7328479 openssh: enable X11Forwarding if distro feature x11 is set adeb820 acpid: Upgrade to 2.0.25 781dfd8 libidn: 1.30 -> 1.32 351c69a sqlite: 3.8.10.2 -> 3.9.0 c0fe43c rt-tests: bump to v0.94 cf972f9 gbm: Fix "configure: error: gbm requires --enable-dri" 17733cc xinetd: install xinetd supported services configuration aa1844e combo-layer: introduce ability to exclude component from mass update dcc446f linux-dtb.inc: refactor common code to function get_real_dtb_path_in_kernel af9c7a4 linux-dtb.inc: refactor common code to function normalize_dtb 7eecb81 linux-dtb.inc: explicit test for empty string not needed 54df911 ptest-runner: Allow running of specific tests 54325b2 oeqa/testimage: Add support for test folder export. ecbe135 oeqa/runtime/multilib: run the arch tests on connmand not connman-applet 2d1071e oeqa/runtime: remove dmesg test 42a5378 nfs-utils/statd: fix a segfault 77e3246 qemu: enable user mode for mips64 and mips64el 70600fb gnupg: fix find-version for beta checking ab123ef rpm: define EM_AARCH64 for debugedit af8c136 xserver-xorg: drop empty ${PN}-security-policy package b667067 xserver-xorg: add Xwayland RRECOMMENDS 80f4d71 weston: add a PACKAGECONFIG option for xwayland support 883ab0f systemd: make dbus an optional build time dependency 2c5047f weston: add PACKAGECONFIG to build with systemd-login support 65ffeb5 systemd: add PACKAGECONFIG to build with compatibility libraries 4b29c80 os-release: put double-quotes around variable contents 0f516a5 cpio: fix testcase symlink-bad-lengths [ LIN8-947 ] bceb9cb cpio: Fix symlink-bad-length test for 64-bit [ LIN8-947 ] architectures. 0ff3fc7 gtk+3: fix ALTERNATIVE_PRIORITY conflict with gtk+ eca12a6 coreutils: fix ALTERNATIVE_PRIORITY conflict with procps and mktemp 8de5315 util-linux: fix ALTERNATIVE_PRIORITY conflict with ncurses procps and e2fsprogs 3befb43 console-tools: fix ALTERNATIVE_PRIORITY conflict with kbd 5385ea8 debianutils: fix ALTERNATIVE_PRIORITY conflict with which 3a0bd40 linux-dtb.inc: use same variable name DTB for all elements of KERNEL_DEVICETREE a879312 linux-dtb.inc: remove unneeded 'cd' a23d1ca webkitgtk: Add upstream patch to fix build problem 69836e8 python: don't append -D__SOFTFP__ to TARGET_CC_ARCH for armv6/armv7a 38d1d63 prexport.bbclass: avoid export for native and crosssdk d3da006 recipes: add distro_features_check for some packages 63690f0 scons.bbclass: SCons packages don't require do_configure bffdc65 busybox: Schedule mdev after mountall 13ce7c2 busybox: Fix mdev block device automounting b09f0f2 libarchive: rename patch to reflect CVE 116360f binutils: Fix XLP / Octeon 3 instruction clash fd4f4d2 binutils: Fix octeon3 disassembly patch REVERT: b1f23d1 build-appliance-image: Update to jethro head revision REVERT: 7fe17a2 qemu: Security fix CVE-2016-2198 REVERT: 50700a7 qemu: Security fix CVE-2016-2197 REVERT: 1f0e615 libgcrypt: Security fix CVE-2015-7511 REVERT: dc5f155 uclibc: Security fix CVE-2016-2225 REVERT: ef13511 uclibc: Security fix CVE-2016-2224 REVERT: ae57ea0 libbsd: Security fix CVE-2016-2090 REVERT: eb9666a glibc: Security fix CVE-2015-7547 REVERT: 5b12268 build-appliance-image: Update to jethro head revision REVERT: a3a374a curl: Secuirty fix CVE-2016-0755 REVERT: f4341a9 curl: Security fix CVE-2016-0754 REVERT: 35f4306 nettle: Security fix CVE-2015-8804 REVERT: 3e8a07b nettle: Security fix CVE-2015-8803 and CVE-2015-8805 REVERT: 5ffc326 socat: Security fix CVE-2016-2217 REVERT: 5cc5f99 libpng: Security fix CVE-2015-8472 REVERT: 21a816c libpng: Security fix CVE-2015-8126 REVERT: 6a0fbfa foomatic-filters: Security fixes CVE-2015-8327 REVERT: d57aaf7 foomatic-filters: Security fix CVE-2015-8560 REVERT: 941874a build-appliance-image: Update to jethro head revision REVERT: d74a3cb cross-localedef-native: add ABI breaking glibc patch REVERT: 12fae23 build-appliance-image: Update to jethro head revision REVERT: 67ac9d6 e2fsprogs: Ensure we use the right mke2fs.conf when restoring from sstate REVERT: 5812fc9 build-appliance-image: Update to jethro head revision REVERT: 3de2492 ref-manual: Updated host package install requirements CentOS REVERT: 79de8cf toaster-manual: Updated the "Installation" to have TOASTER_DIR information REVERT: a23d262 toaster-manual: Updated instructions for production setup. REVERT: b6def81 linux-yocto: Update SRCREV for genericx86* for 4.1, fixes CVE-2016-0728 REVERT: db0f8ac linux-yocto: Update SRCREV for genericx86* for 3.19, fixes CVE-2016-0728 REVERT: c8122a0 linux-yocto: Update SRCREV for genericx86* for 3.14, fixes CVE-2016-0728 REVERT: cdeb241 meta-yocto-bsp: Remove uvesafb (v86d) from generic x86 features REVERT: 52cd219 yocto-bsp: Set SRCREV meta/machine revisions to AUTOREV REVERT: a88d6cb yocto-bsp: Set KTYPE to user selected base branch REVERT: 4e74b36 yocto-bsp: Avoid duplication of user patches ({{=machine}}-user-patches.scc) REVERT: 6680773 yocto-bsp: Default kernel version to 4.1 on x86_64 REVERT: 4c075e7 piglit: don't use /tmp to write generated sources to REVERT: ee52ac6 gen-lockedsig-cache: fix bad destination path joining REVERT: e9f95df linux-yocto: Update SRCREV for qemux86* for 4.1, fixes CVE-2016-0728 REVERT: e63bab1 linux-yocto: Update SRCREV for qemux86* for 3.19, fixes CVE-2016-0728 REVERT: 64a4920 linux-yocto: Update SRCREV for qemux86* for 3.14, fixes CVE-2016-0728 REVERT: 5b043da libpng12: update URL that no longer exists REVERT: 655c8a5 libpng: update URL that no longer exists REVERT: 96fda8c busybox: fix build of last applet REVERT: ae037d9 ghostscript: add dependency for pnglibconf.h REVERT: 26eb877 gcr: Require x11 DISTRO_FEATURE REVERT: e632cdb uClibc: enable utmp for shadow compatibility REVERT: e8c9613 git: Security fix CVE-2015-7545 REVERT: 108ea6d glibc-locale: fix QA warning REVERT: 9a88c1d grub: Security fix CVE-2015-8370 REVERT: 443b09a gdk-pixbuf: Security fix CVE-2015-7674 REVERT: 6c91068 librsvg: Security fix CVE-2015-7558 REVERT: 9fd2349 bind: Security fix CVE-2015-8461 REVERT: 5a40d9f bind: Security fix CVE-2015-8000 REVERT: 1bbf183 libxml2: Security fix CVE-2015-8710 REVERT: 2ec6d1d libxml2: Security fix CVE-2015-8241 REVERT: 55aafb5 dpkg: Security fix CVE-2015-0860 REVERT: 029948b tzdata: update to 2016a REVERT: 2bcf141 tzcode: update to 2016a REVERT: cc3a391 kernel-yocto: fix checkout bare-cloned kernel repositories REVERT: 049be17 libpcre: bug fixes include security REVERT: 5e94ac7 qemu: Security fix CVE-2015-7295 REVERT: 7ee1828 qemu: Security fix CVE-2016-1568 REVERT: ca6ec2e qemu: Security fix CVE-2015-8345 REVERT: b55a677 qemu: Security fix CVE-2015-7512 REVERT: 4922f47 qemu: Security fix CVE-2015-7504 REVERT: 3ec0e95 qemu: Security fix CVE-2015-8504 REVERT: 942ce53 openssl: Security fix CVE-2016-0701 REVERT: ce8ae1c openssl: Security fix CVE-2015-3197 REVERT: 080e027 tiff: Security fix CVE-2015-8784 REVERT: c6ae9c1 tiff: Security fix CVE-2015-8781 REVERT: 049b7db bind: CVE-2015-8704 and CVE-2015-8705 REVERT: d632a92 rpmresolve.c: Fix unfreed pointers that keep DB opened REVERT: 5b993ed openssh: CVE-2016-1907 REVERT: 27ee5b4 glibc: CVE-2015-8776 REVERT: a4134af glibc: CVE-2015-9761 REVERT: e10ec6f glibc: CVE-2015-8779 REVERT: a5a965d glibc: CVE-2015-8777.patch REVERT: 2fb7ee2 bitbake: toaster: make runbuilds loop REVERT: b9ad87b nativesdk-buildtools-perl-dummy: Bump PR REVERT: 0a1c63a nativesdk-buildtools-perl-dummy: properly set PACKAGE_ARCH REVERT: d4b400e nativesdk-buildtools-perl-dummy: fix rebuilding when SDKMACHINE changes REVERT: 8c8c4ed Revert "gstreamer1.0-plugins-good.inc: add gudev back to PACKAGECONFIG" REVERT: b832202 Revert "gstreamer: Deal with merge conflict which breaks systemd builds" REVERT: dd0ba9e build-appliance-image: Update to jethro head revision REVERT: 325d205 gstreamer: Deal with merge conflict which breaks systemd builds REVERT: 53b114b build-appliance-image: Update to jethro head revision REVERT: 02be35d poky.conf: Bump version for 2.0.1 jethro release REVERT: f5551f8 ref-manual: Updated the list of supported image types. REVERT: aa179ae dev-manual: Added three new wic option descriptions. REVERT: 20007c8 dev-manual: Added the --overhead-factor wic option description. REVERT: 2dd7f46 dev-manual: Added the --extra-space wic option description. REVERT: 81cc737 dev-manual: Added wic --notable option description. REVERT: 2b1dce5 dev-manual: REVERT: a6f5293 kernel/kernel-arch: Explicitly mapping between i386/x86_64 and x86 for kernel ARCH REVERT: e79a538 openssh: update to 7.1p2 REVERT: b171076 devtool: reset: do clean for multiple recipes at once with -a REVERT: 255115f devtool: sdk-update: fix error checking REVERT: 3f69105 devtool: sdk-update: fix metadata update step REVERT: 5ba94af devtool: sdk-update: fix not using updateserver config file option REVERT: d03d145 classes/populate_sdk_ext: disable signature warnings REVERT: 00ff950 classes/populate_sdk_ext: fix cascading from preparation failure REVERT: 22446c6 scripts/oe-publish-sdk: add missing call to git update-server-info REVERT: 8597a61 devtool: use cp instead of shutil.copytree REVERT: 95cc641 buildhistory: fix not recording SDK information REVERT: 84d48ac recipetool: create: fix error when extracting source to a specified directory REVERT: 4369329 recipetool: create: detect when specified URL returns a web page REVERT: 4c3191f recipetool: create: prevent attempting to unpack entire DL_DIR REVERT: caca77e recipetool: create: fix do_install handling for makefile-only software REVERT: 383159e recipetool: create: avoid traceback on fetch error REVERT: be40baa recipetool: create: handle https://....git URLs REVERT: a897bfd devtool: sdk-update: fix traceback without update server set REVERT: 9c4b61e classes/populate_sdk_ext: error out of install if buildtools install fails REVERT: 4c07dd2 gstreamer1.0-plugins-good.inc: add gudev back to PACKAGECONFIG REVERT: 83b72d8 linux-yocto: Update Genericx86* BSP to 4.1.15 kernel REVERT: 44639bd libaio: don't disable linking to the system libraries REVERT: a0be9bd linux-yocto/4.1: update to v4.1.15 REVERT: 53f0290 libxml2: security fix CVE-2015-5312 REVERT: f4b0c49 libxml2: security fix CVE-2015-8242 REVERT: fb409c9 libxml2: security fix CVE-2015-7500 REVERT: 55d097a libxml2: security fix CVE-2015-7499 REVERT: 8e6b2d6 libxml2: security fix CVE-2015-7497 REVERT: 332eb1d libxml2: security fix CVE-2015-7498 REVERT: cbc4e83 libxml2: security fix CVE-2015-8035 REVERT: c4b71e1 libxml2: security fix CVE-2015-7942 REVERT: fdea03d libxml2: security fix CVE-2015-8317 REVERT: 6fc1109 libxml2: security fix CVE-2015-7941 REVERT: 9eb4ce0 openssl: fix for CVE-2015-3195 REVERT: 6880f82 openssl: fix for CVE-2015-3194 REVERT: 7dcaa84 openssl: fix for CVE-2015-3193 REVERT: 435139b logrotate: do not move binary logrotate to /usr/bin REVERT: 5f49c0a cairo: fix license for cairo-script-interpreter REVERT: a29ec81 glibc: Fix ld.so / prelink interface for ELF_RTYPE_CLASS_EXTERN_PROTECTED_DATA REVERT: b1e980f gcc: Update default Power GCC settings to use secure-plt REVERT: ed82690 prelink: Fix various prelink issues on IA32, ARM, and MIPS. REVERT: 9a620da autotools: Allow recipe-individual configure scripts REVERT: f828071 toolchain-scripts.bbclass: unset command_not_found_handle REVERT: 49858bd devtool: upgrade: fetch remote repository before checking out new revision REVERT: d213452 devtool: upgrade: remove erroneous error when not renaming recipe REVERT: fec97f6 devtool: upgrade: fix updating PV and SRCREV REVERT: 3b4f659 devtool: upgrade: fix removing other recipes from workspace on reset REVERT: 61a7de0 devtool: include do_patch in SRCTREECOVEREDTASKS REVERT: 82c0072 toolchain-shar-extract.sh: do not allow $ in paths for ext SDK REVERT: f181e72 scripts/gen-lockedsig-cache: improve output REVERT: 4b5d4ca toolchain-shar-extract.sh: proper fix for additional env setup scripts REVERT: d2ea8f1 toolchain-shar-relocate: don't assume last state of env_setup_script is good REVERT: 02ef437 populate_sdk_ext.bbclass: Be more permissive on the name of the buildtools REVERT: 3653b17 classes/populate_sdk_ext: fail if SDK_ARCH != BUILD_ARCH REVERT: 8879571 classes/populate_sdk_ext: tweak reporting of workspace exclusion REVERT: eeda3c6 classes/populate_sdk_ext: make it clear when SDK installation has failed REVERT: dee9fbe classes/populate_sdk_ext: tidy up preparation log file writing REVERT: d001d46 classes/license: fix intermittent license collection warning REVERT: 777451c classes/metadata_scm: fix git errors showing up on non-git repositories REVERT: cb0ca72 oeqa/selftest/layerappend: fix test if build directory is not inside COREBASE REVERT: 8970ad6 oeqa/selftest/devtool: fix test if build directory is not inside COREBASE REVERT: 4f7fdd0 classes/distrodata: split SRC_URI properly before determining type REVERT: 3b7df55 uninative.bbclass: Choose the correct loader based on BUILD_ARCH REVERT: f3d7c3f openssl: sanity check that the bignum module is present REVERT: 96b1b5c glibc: Backported a patch to fix glibc's bug(18589) REVERT: 7aecb57 directfb.inc: force bfd linker for armv7a REVERT: 75ca2c8 texinfo: don't create dependency on INHERIT variable REVERT: 02c7b3f package_manager.py: define info_dir and status_file when OPKGLIBDIR isn't the default REVERT: 003c94f libsdl2: require GLES when building Wayland support REVERT: ad6db01 gst-plugins-bad: add PACKAGECONFIGs for voamrwbenc, voaacenc, resindvd REVERT: f0d87fe gstreamer1.0-plugins-good: fix PACKAGECONFIG for gudev and add one for v4l2 and libv4l2 REVERT: 35f34a6 gstreamer1.0-plugins-bad: fix dependencies for uvch264 PACKAGECONFIG REVERT: 3b77e20 gstreamer1.0-plugins-{base,good}: update PACKAGECONFIGs REVERT: e2d4412 libunwind: fix build for qemuarm REVERT: ef69078 guile, mailx, gcc, opensp, gstreamer1.0-libav, libunwind: disable thumb where it fails for qemuarm REVERT: 4700e40 icu: force arm mode REVERT: 743ee04 libxcb: Add a workaround for gcc5 bug on mips REVERT: 8a3deca bitbake: fetch: use orig localpath when calling orig method REVERT: 0073b23 yocto-bsp: Typo on the file extension REVERT: 71dbbcd bsp-guide: Updated the license statement. REVERT: 41f1026 dev-manual: Correction to the KVM stuff in the runqemu commands. REVERT: 38e3c6e mega-manual: Added four new figures for GUI example. REVERT: b99ec28 poky.ent: Fixed POKYVERSION variable. REVERT: c670dc7 yocto-project-qs, ref-manual, poky.ent: CentOS Package updates REVERT: b968190 dev-manual: Updated runqemu command options list REVERT: 1278753 toaster-manual: Removed SDKMACHINE from the json file example. REVERT: 7b25b70 ref-manual: Updated list of supported distros. REVERT: d9423fb ref-manual: Updated the GCC 5 migration section for 2.0 REVERT: 347347a bitbake: lib/bb/utils: improve edit_bblayers_conf() handling of bblayers.conf formatting REVERT: 5935783 bitbake: lib/bb/utils: fix error in edit_metadata() when deleting first line REVERT: 7fdad70 rpcbind: Security Advisory - rpcbind - CVE-2015-7236 REVERT: 0cb2fa5 subversion: fix CVE-2015-3187 REVERT: 5b52e9b subversion: fix CVE-2015-3184 REVERT: 59bdde4 linux-firmware: rtl8192cx: Add latest available firmware REVERT: 8ad2bcc init-install-efi: fix script for gummiboot loader REVERT: c3087bd init-install-efi: fix script for eMMC installation REVERT: d2bf9fb pulseaudio: Fix HDMI profile selection REVERT: 0556c58 allarch: Force TARGET_*FLAGS variable values REVERT: e683dac libsndfile: fix CVE-2014-9756 REVERT: 092757e libxslt: CVE-2015-7995 REVERT: dab5555 unzip: rename patch to reflect CVE fix REVERT: 1753d4a readline: rename patch to contain CVE reference REVERT: 9dd3422 libarchive: rename patch to reflect CVE REVERT: 1401976 binutils: Fix octeon3 disassembly patch REVERT: a54a0db opkg: add cache filename length fixes git-subtree-dir: yocto-poky git-subtree-split: 8358e543ab95a1d2b1d19c1e944275daa17378c1 Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Diffstat (limited to 'yocto-poky/meta/recipes-connectivity')
-rw-r--r--yocto-poky/meta/recipes-connectivity/avahi/avahi-ui_0.6.32.bb (renamed from yocto-poky/meta/recipes-connectivity/avahi/avahi-ui_0.6.31.bb)25
-rw-r--r--yocto-poky/meta/recipes-connectivity/avahi/avahi.inc35
-rw-r--r--yocto-poky/meta/recipes-connectivity/avahi/avahi_0.6.32.bb (renamed from yocto-poky/meta/recipes-connectivity/avahi/avahi_0.6.31.bb)6
-rw-r--r--yocto-poky/meta/recipes-connectivity/avahi/files/0001-avahi-fix-avahi-status-command-error-prompt.patch52
-rw-r--r--yocto-poky/meta/recipes-connectivity/avahi/files/avahi_fix_install_issue.patch32
-rw-r--r--yocto-poky/meta/recipes-connectivity/avahi/files/fix_for_automake_1.12.x.patch34
-rw-r--r--yocto-poky/meta/recipes-connectivity/avahi/files/out-of-tree.patch32
-rw-r--r--yocto-poky/meta/recipes-connectivity/avahi/files/reuseport-check.patch30
-rw-r--r--yocto-poky/meta/recipes-connectivity/bind/bind/0001-build-use-pkg-config-to-find-libxml2.patch20
-rw-r--r--yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8000.patch278
-rw-r--r--yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch44
-rw-r--r--yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8704.patch28
-rw-r--r--yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8705.patch44
-rw-r--r--yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1285.patch154
-rw-r--r--yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch79
-rw-r--r--yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_2.patch314
-rw-r--r--yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-2088.patch247
-rw-r--r--yocto-poky/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb (renamed from yocto-poky/meta/recipes-connectivity/bind/bind_9.10.2-P4.bb)22
-rw-r--r--yocto-poky/meta/recipes-connectivity/bluez5/bluez5.inc30
-rw-r--r--yocto-poky/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch63
-rw-r--r--yocto-poky/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch28
-rw-r--r--yocto-poky/meta/recipes-connectivity/bluez5/bluez5/init68
-rw-r--r--yocto-poky/meta/recipes-connectivity/bluez5/bluez5/run-ptest31
-rw-r--r--yocto-poky/meta/recipes-connectivity/bluez5/bluez5_5.37.bb (renamed from yocto-poky/meta/recipes-connectivity/bluez5/bluez5_5.33.bb)7
-rw-r--r--yocto-poky/meta/recipes-connectivity/connman/connman-conf.bb12
-rw-r--r--yocto-poky/meta/recipes-connectivity/connman/connman-conf/qemuall/wired-connection.service10
-rw-r--r--yocto-poky/meta/recipes-connectivity/connman/connman.inc29
-rw-r--r--yocto-poky/meta/recipes-connectivity/connman/connman/0001-iptables-Add-missing-function-item-of-xtables-to-mat.patch42
-rw-r--r--yocto-poky/meta/recipes-connectivity/connman/connman/0003-Fix-header-inclusions-for-musl.patch79
-rw-r--r--yocto-poky/meta/recipes-connectivity/connman/connman_1.31.bb (renamed from yocto-poky/meta/recipes-connectivity/connman/connman_1.30.bb)5
-rw-r--r--yocto-poky/meta/recipes-connectivity/dhcp/dhcp.inc16
-rw-r--r--yocto-poky/meta/recipes-connectivity/dhcp/dhcp/0001-site.h-enable-gentle-shutdown.patch25
-rw-r--r--yocto-poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605.patch99
-rw-r--r--yocto-poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2016-2774.patch65
-rw-r--r--yocto-poky/meta/recipes-connectivity/dhcp/dhcp/define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch2
-rw-r--r--yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fix-external-bind.patch79
-rw-r--r--yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch19
-rw-r--r--yocto-poky/meta/recipes-connectivity/dhcp/dhcp/search-for-libxml2.patch23
-rw-r--r--yocto-poky/meta/recipes-connectivity/dhcp/dhcp_4.3.3.bb (renamed from yocto-poky/meta/recipes-connectivity/dhcp/dhcp_4.3.2.bb)7
-rw-r--r--yocto-poky/meta/recipes-connectivity/dhcp/files/init-server2
-rw-r--r--yocto-poky/meta/recipes-connectivity/iproute2/iproute2.inc12
-rw-r--r--yocto-poky/meta/recipes-connectivity/iproute2/iproute2/iproute2-4.3.0-musl.patch97
-rw-r--r--yocto-poky/meta/recipes-connectivity/iproute2/iproute2/iproute2-fix-building-with-musl.patch24
-rw-r--r--yocto-poky/meta/recipes-connectivity/iproute2/iproute2_4.4.0.bb (renamed from yocto-poky/meta/recipes-connectivity/iproute2/iproute2_4.1.1.bb)6
-rw-r--r--yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/musl.patch29
-rw-r--r--yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils_0.9.18.bb1
-rw-r--r--yocto-poky/meta/recipes-connectivity/iw/iw/0001-iw-version.sh-don-t-use-git-describe-for-versioning.patch20
-rw-r--r--yocto-poky/meta/recipes-connectivity/iw/iw/separate-objdir.patch36
-rw-r--r--yocto-poky/meta/recipes-connectivity/iw/iw_4.3.bb (renamed from yocto-poky/meta/recipes-connectivity/iw/iw_4.1.bb)4
-rw-r--r--yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns/0001-check-for-nss.h.patch56
-rw-r--r--yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb4
-rw-r--r--yocto-poky/meta/recipes-connectivity/libpcap/libpcap.inc2
-rw-r--r--yocto-poky/meta/recipes-connectivity/libpcap/libpcap_1.7.4.bb (renamed from yocto-poky/meta/recipes-connectivity/libpcap/libpcap_1.6.2.bb)4
-rw-r--r--yocto-poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb4
-rw-r--r--yocto-poky/meta/recipes-connectivity/neard/neard_0.15.bb1
-rw-r--r--yocto-poky/meta/recipes-connectivity/nfs-utils/files/bugfix-adjust-statd-service-name.patch34
-rw-r--r--yocto-poky/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb2
-rw-r--r--yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-nfs-utils-statd-fix-a-segfault-caused-by-improper-us.patch113
-rw-r--r--yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.3.bb (renamed from yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.1.bb)10
-rw-r--r--yocto-poky/meta/recipes-connectivity/ofono/ofono/0001-backtrace-Disable-for-non-glibc-C-libraries.patch40
-rw-r--r--yocto-poky/meta/recipes-connectivity/ofono/ofono_1.16.bb12
-rw-r--r--yocto-poky/meta/recipes-connectivity/ofono/ofono_1.17.bb11
-rwxr-xr-xyocto-poky/meta/recipes-connectivity/openssh/openssh/run-ptest37
-rw-r--r--yocto-poky/meta/recipes-connectivity/openssh/openssh_7.1p2.bb8
-rw-r--r--yocto-poky/meta/recipes-connectivity/openssl/openssl.inc39
-rw-r--r--yocto-poky/meta/recipes-connectivity/openssl/openssl/0001-Add-test-for-CVE-2015-3194.patch66
-rw-r--r--yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch101
-rw-r--r--yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-1-Add-PSS-parameter-check.patch45
-rw-r--r--yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch66
-rw-r--r--yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3197.patch63
-rw-r--r--yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_1.patch102
-rw-r--r--yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch156
-rw-r--r--yocto-poky/meta/recipes-connectivity/openssl/openssl/configure-musl-target.patch27
-rw-r--r--yocto-poky/meta/recipes-connectivity/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch2
-rw-r--r--yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch17
-rw-r--r--yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/version-script.patch4656
-rw-r--r--yocto-poky/meta/recipes-connectivity/openssl/openssl/parallel.patch326
-rw-r--r--yocto-poky/meta/recipes-connectivity/openssl/openssl_1.0.2g.bb (renamed from yocto-poky/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb)37
-rw-r--r--yocto-poky/meta/recipes-connectivity/portmap/portmap_6.0.bb4
-rw-r--r--yocto-poky/meta/recipes-connectivity/ppp/ppp/0001-Fix-build-with-musl.patch163
-rw-r--r--yocto-poky/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch1
-rw-r--r--yocto-poky/meta/recipes-connectivity/ppp/ppp_2.4.7.bb4
-rw-r--r--yocto-poky/meta/recipes-connectivity/resolvconf/resolvconf_1.78.bb (renamed from yocto-poky/meta/recipes-connectivity/resolvconf/resolvconf_1.77.bb)10
-rw-r--r--yocto-poky/meta/recipes-connectivity/socat/socat/0001-Access-c_ispeed-and-c_ospeed-via-APIs.patch52
-rw-r--r--yocto-poky/meta/recipes-connectivity/socat/socat/0001-define-NETDB_INTERNAL-to-1-if-not-available.patch32
-rw-r--r--yocto-poky/meta/recipes-connectivity/socat/socat/CVE-2016-2217.patch372
-rw-r--r--yocto-poky/meta/recipes-connectivity/socat/socat_1.7.3.1.bb (renamed from yocto-poky/meta/recipes-connectivity/socat/socat_1.7.3.0.bb)7
-rwxr-xr-xyocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools/wireless-tools.if-pre-up122
-rw-r--r--yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools/zzz-wireless.if-pre-up34
-rw-r--r--yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb14
-rw-r--r--yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch45
-rw-r--r--yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch77
-rw-r--r--yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch47
-rw-r--r--yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch53
-rw-r--r--yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch70
-rw-r--r--yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch56
-rw-r--r--yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch54
-rw-r--r--yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch36
-rw-r--r--yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb (renamed from yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.4.bb)24
99 files changed, 7255 insertions, 2509 deletions
diff --git a/yocto-poky/meta/recipes-connectivity/avahi/avahi-ui_0.6.31.bb b/yocto-poky/meta/recipes-connectivity/avahi/avahi-ui_0.6.32.bb
index 0d42b90e7..3966b4c6e 100644
--- a/yocto-poky/meta/recipes-connectivity/avahi/avahi-ui_0.6.31.bb
+++ b/yocto-poky/meta/recipes-connectivity/avahi/avahi-ui_0.6.32.bb
@@ -9,37 +9,32 @@ require avahi.inc
inherit python-dir pythonnative distro_features_check
ANY_OF_DISTRO_FEATURES = "${GTK2DISTROFEATURES}"
-PACKAGECONFIG ??= "python"
+PACKAGECONFIG ??= "dbus python"
PACKAGECONFIG[python] = "--enable-python,--disable-python,python-native python"
-PR = "${INC_PR}.0"
-
-SRC_URI[md5sum] = "2f22745b8f7368ad5a0a3fddac343f2d"
-SRC_URI[sha256sum] = "8372719b24e2dd75de6f59bb1315e600db4fd092805bd1201ed0cb651a2dab48"
+SRC_URI[md5sum] = "22b5e705d3eabb31d26f2e1e7b074013"
+SRC_URI[sha256sum] = "d54991185d514a0aba54ebeb408d7575b60f5818a772e28fa0e18b98bc1db454"
DEPENDS += "avahi gtk+ libglade"
-AVAHI_GTK = "--enable-gtk --disable-gtk3"
+AVAHI_GTK = "--enable-gtk --disable-gtk3 --disable-pygtk"
S = "${WORKDIR}/avahi-${PV}"
-PACKAGES = "${PN} ${PN}-utils ${PN}-dbg ${PN}-dev ${PN}-staticdev ${PN}-doc python-avahi avahi-discover avahi-discover-standalone"
+PACKAGES = "${PN} ${PN}-utils ${PN}-dbg ${PN}-dev ${PN}-staticdev ${PN}-doc python-avahi avahi-discover"
FILES_${PN} = "${libdir}/libavahi-ui*.so.*"
-FILES_${PN}-dbg += "${libdir}/.debug/libavah-ui*"
FILES_${PN}-dev += "${libdir}/libavahi-ui${SOLIBSDEV}"
FILES_${PN}-staticdev += "${libdir}/libavahi-ui.a"
FILES_${PN}-utils = "${bindir}/b* ${datadir}/applications/b*"
FILES_python-avahi = "${PYTHON_SITEPACKAGES_DIR}/avahi ${PYTHON_SITEPACKAGES_DIR}/avahi_discover"
-FILES_avahi-discover = "${bindir}/avahi-discover \
- ${datadir}/applications/avahi-discover.desktop \
- ${datadir}/avahi/interfaces/avahi-discover*"
-FILES_avahi-discover-standalone = "${bindir}/avahi-discover-standalone \
- ${datadir}/avahi/interfaces/avahi-discover.glade"
+FILES_avahi-discover = "${datadir}/applications/avahi-discover.desktop \
+ ${datadir}/avahi/interfaces/avahi-discover* \
+ ${bindir}/avahi-discover-standalone \
+ ${datadir}/avahi/interfaces/avahi-discover.glade"
-RDEPENDS_avahi-discover = "python-avahi python-pygtk"
RDEPENDS_python-avahi = "python-core python-dbus"
@@ -69,5 +64,7 @@ do_install_append () {
rm ${D}${mandir}/man1/a*
rm ${D}${mandir}/man5 -rf
rm ${D}${mandir}/man8 -rf
+ rm ${D}${libdir}/girepository-1.0/ -rf
+ rm ${D}${datadir}/gir-1.0/ -rf
}
diff --git a/yocto-poky/meta/recipes-connectivity/avahi/avahi.inc b/yocto-poky/meta/recipes-connectivity/avahi/avahi.inc
index 825197d61..81aad7935 100644
--- a/yocto-poky/meta/recipes-connectivity/avahi/avahi.inc
+++ b/yocto-poky/meta/recipes-connectivity/avahi/avahi.inc
@@ -7,27 +7,24 @@ configuration from the link-local 169.254.0.0/16 range without the need for a ce
server.'
AUTHOR = "Lennart Poettering <lennart@poettering.net>"
HOMEPAGE = "http://avahi.org"
-BUGTRACKER = "http://avahi.org/report"
+BUGTRACKER = "https://github.com/lathiat/avahi/issues"
SECTION = "network"
# major part is under LGPLv2.1+, but several .dtd, .xsl, initscripts and
# python scripts are under GPLv2+
LICENSE = "GPLv2+ & LGPLv2.1+"
-INC_PR = "r11"
+DEPENDS = "expat libcap libdaemon glib-2.0 intltool-native"
-DEPENDS = "expat libcap libdaemon dbus glib-2.0"
-
-SRC_URI = "http://avahi.org/download/avahi-${PV}.tar.gz \
+SRC_URI = "https://github.com/lathiat/avahi/releases/download/v${PV}/avahi-${PV}.tar.gz \
file://00avahi-autoipd \
file://99avahi-autoipd \
file://initscript.patch \
- file://avahi_fix_install_issue.patch \
- file://fix_for_automake_1.12.x.patch \
- file://out-of-tree.patch \
- file://0001-avahi-fix-avahi-status-command-error-prompt.patch \
- file://reuseport-check.patch \
"
+UPSTREAM_CHECK_URI = "https://github.com/lathiat/avahi/releases/"
+
+PACKAGECONFIG ??= "dbus"
+PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus"
USERADD_PACKAGES = "avahi-daemon avahi-autoipd"
USERADD_PARAM_avahi-daemon = "--system --home /var/run/avahi-daemon \
@@ -40,10 +37,9 @@ USERADD_PARAM_avahi-autoipd = "--system --home /var/run/avahi-autoipd \
-c \"Avahi autoip daemon\" \
avahi-autoipd"
-inherit autotools pkgconfig update-rc.d gettext useradd
+inherit autotools pkgconfig update-rc.d gettext useradd gobject-introspection
-EXTRA_OECONF = "--disable-introspection \
- --with-avahi-priv-access-group=adm \
+EXTRA_OECONF = "--with-avahi-priv-access-group=adm \
--disable-stack-protector \
--disable-gdbm \
--disable-mono \
@@ -52,6 +48,7 @@ EXTRA_OECONF = "--disable-introspection \
--disable-qt4 \
--disable-python \
--disable-doxygen-doc \
+ --disable-manpages \
${EXTRA_OECONF_SYSVINIT} \
${EXTRA_OECONF_SYSTEMD} \
${AVAHI_GTK} \
@@ -68,8 +65,14 @@ LDFLAGS_append_uclinux-uclibc = " -lintl"
do_configure_prepend() {
sed 's:AM_CHECK_PYMOD:echo "no pymod" #AM_CHECK_PYMOD:g' -i ${S}/configure.ac
+
+ # This m4 file will get in the way of our introspection.m4 with special cross-compilation fixes
+ rm "${S}/common/introspection.m4" || true
}
+do_compile_prepend() {
+ export GIR_EXTRA_LIBS_PATH="${B}/avahi-common/.libs:${B}/avahi-client/.libs:${B}/avahi-glib/.libs"
+}
PACKAGES =+ "avahi-daemon libavahi-common libavahi-core libavahi-client avahi-dnsconfd libavahi-glib libavahi-ui avahi-autoipd avahi-utils"
@@ -82,7 +85,7 @@ FILES_avahi-autoipd = "${sbindir}/avahi-autoipd \
${sysconfdir}/udhcpc.d/00avahi-autoipd \
${sysconfdir}/udhcpc.d/99avahi-autoipd"
FILES_libavahi-common = "${libdir}/libavahi-common.so.*"
-FILES_libavahi-core = "${libdir}/libavahi-core.so.*"
+FILES_libavahi-core = "${libdir}/libavahi-core.so.* ${libdir}/girepository-1.0/AvahiCore*.typelib"
FILES_avahi-daemon = "${sbindir}/avahi-daemon \
${sysconfdir}/avahi/avahi-daemon.conf \
${sysconfdir}/avahi/hosts \
@@ -99,7 +102,7 @@ FILES_avahi-dnsconfd = "${sbindir}/avahi-dnsconfd \
${sysconfdir}/avahi/avahi-dnsconfd.action \
${sysconfdir}/init.d/avahi-dnsconfd"
FILES_libavahi-glib = "${libdir}/libavahi-glib.so.*"
-FILES_libavahi-gobject = "${libdir}/libavahi-gobject.so.*"
+FILES_libavahi-gobject = "${libdir}/libavahi-gobject.so.* ${libdir}/girepository-1.0/Avahi*.typelib"
FILES_avahi-utils = "${bindir}/avahi-*"
RDEPENDS_${PN}-dev = "avahi-daemon (= ${EXTENDPKGV}) libavahi-core (= ${EXTENDPKGV}) libavahi-client (= ${EXTENDPKGV})"
@@ -130,7 +133,7 @@ do_install() {
rm -rf ${D}${localstatedir}/run
rmdir --ignore-fail-on-non-empty ${D}${localstatedir}
rm -rf ${D}${datadir}/dbus-1/interfaces
- rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1
+ test -d ${D}${datadir}/dbus-1 && rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1
rm -rf ${D}${libdir}/avahi
install -d ${D}${sysconfdir}/udhcpc.d
diff --git a/yocto-poky/meta/recipes-connectivity/avahi/avahi_0.6.31.bb b/yocto-poky/meta/recipes-connectivity/avahi/avahi_0.6.32.bb
index 5d796a202..6670106b1 100644
--- a/yocto-poky/meta/recipes-connectivity/avahi/avahi_0.6.31.bb
+++ b/yocto-poky/meta/recipes-connectivity/avahi/avahi_0.6.32.bb
@@ -12,10 +12,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \
file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \
file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf"
-PR = "${INC_PR}.1"
-
-SRC_URI[md5sum] = "2f22745b8f7368ad5a0a3fddac343f2d"
-SRC_URI[sha256sum] = "8372719b24e2dd75de6f59bb1315e600db4fd092805bd1201ed0cb651a2dab48"
+SRC_URI[md5sum] = "22b5e705d3eabb31d26f2e1e7b074013"
+SRC_URI[sha256sum] = "d54991185d514a0aba54ebeb408d7575b60f5818a772e28fa0e18b98bc1db454"
DEPENDS += "intltool-native"
diff --git a/yocto-poky/meta/recipes-connectivity/avahi/files/0001-avahi-fix-avahi-status-command-error-prompt.patch b/yocto-poky/meta/recipes-connectivity/avahi/files/0001-avahi-fix-avahi-status-command-error-prompt.patch
deleted file mode 100644
index 7590df79f..000000000
--- a/yocto-poky/meta/recipes-connectivity/avahi/files/0001-avahi-fix-avahi-status-command-error-prompt.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From f774ac25f436a782ccccc4dbe68378a684596799 Mon Sep 17 00:00:00 2001
-From: Lu Chong <Chong.Lu@windriver.com>
-Date: Thu, 7 Nov 2013 14:36:28 +0800
-Subject: [PATCH] avahi: fix avahi status command error prompt
-
-service --status-all command will display wrong status for avahi-daemon.
-This commit fix this error prompt and make service display right status
-for avahi-daemon.
-
-Upstream-Status: Pending
-
-Signed-off-by: Lu Chong <Chong.Lu@windriver.com>
----
- initscript/debian/avahi-daemon.in | 14 +++++++++++---
- 1 file changed, 11 insertions(+), 3 deletions(-)
-
-diff --git a/initscript/debian/avahi-daemon.in b/initscript/debian/avahi-daemon.in
-index 4793b46..49ec358 100755
---- a/initscript/debian/avahi-daemon.in
-+++ b/initscript/debian/avahi-daemon.in
-@@ -153,7 +153,15 @@ d_reload() {
- # Function that check the status of the daemon/service.
- #
- d_status() {
-- $DAEMON -c && echo "$DESC is running" || echo "$DESC is not running"
-+ $DAEMON -c
-+ status=$?
-+ if [ $status = 0 ]; then
-+ echo "$DESC is running"
-+ return 0
-+ else
-+ echo "$DESC is not running"
-+ return 3
-+ fi
- }
-
- case "$1" in
-@@ -182,9 +190,9 @@ case "$1" in
- d_status
- ;;
- *)
-- echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|reload}" >&2
-+ echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload|reload|status}" >&2
- exit 1
- ;;
- esac
-
--exit 0
-+exit $?
---
-1.7.9.5
-
diff --git a/yocto-poky/meta/recipes-connectivity/avahi/files/avahi_fix_install_issue.patch b/yocto-poky/meta/recipes-connectivity/avahi/files/avahi_fix_install_issue.patch
deleted file mode 100644
index 32f20ece4..000000000
--- a/yocto-poky/meta/recipes-connectivity/avahi/files/avahi_fix_install_issue.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-Upstream-Status: Pending
-
-Fixes this install issue
-#| /bin/sh: line 0: cd: /srv/home/nitin/builds/build-gcc47/tmp/work/i586-poky-linux/avahi-0.6.31-r3.0/image//usr/bin: No such file or directory
-
-Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com>
-2012/05/03
-
-Index: avahi-0.6.31/avahi-utils/Makefile.am
-===================================================================
---- avahi-0.6.31.orig/avahi-utils/Makefile.am
-+++ avahi-0.6.31/avahi-utils/Makefile.am
-@@ -54,6 +54,7 @@ avahi_set_host_name_CFLAGS = $(AM_CFLAGS
- avahi_set_host_name_LDADD = $(AM_LDADD) ../avahi-client/libavahi-client.la ../avahi-common/libavahi-common.la
-
- install-exec-local:
-+ $(MKDIR_P) $(DESTDIR)/$(bindir) && \
- cd $(DESTDIR)/$(bindir) && \
- rm -f avahi-resolve-host-name avahi-resolve-address avahi-browse-domains avahi-publish-address avahi-publish-service && \
- $(LN_S) avahi-resolve avahi-resolve-host-name && \
-Index: avahi-0.6.31/avahi-utils/Makefile.in
-===================================================================
---- avahi-0.6.31.orig/avahi-utils/Makefile.in
-+++ avahi-0.6.31/avahi-utils/Makefile.in
-@@ -906,6 +906,7 @@ uninstall-am: uninstall-binPROGRAMS
-
-
- @HAVE_DBUS_TRUE@install-exec-local:
-+@HAVE_DBUS_TRUE@ $(MKDIR_P) $(DESTDIR)/$(bindir) && \
- @HAVE_DBUS_TRUE@ cd $(DESTDIR)/$(bindir) && \
- @HAVE_DBUS_TRUE@ rm -f avahi-resolve-host-name avahi-resolve-address avahi-browse-domains avahi-publish-address avahi-publish-service && \
- @HAVE_DBUS_TRUE@ $(LN_S) avahi-resolve avahi-resolve-host-name && \
diff --git a/yocto-poky/meta/recipes-connectivity/avahi/files/fix_for_automake_1.12.x.patch b/yocto-poky/meta/recipes-connectivity/avahi/files/fix_for_automake_1.12.x.patch
deleted file mode 100644
index 0fc4c290c..000000000
--- a/yocto-poky/meta/recipes-connectivity/avahi/files/fix_for_automake_1.12.x.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-Upstream-Status: Pending
-
-autoamke 1.12.x has depricated use of mkdir_p , and recommends use of MKDIR_P
-instead. Fixed the automake files accordingly to avoid warning-errors.
-Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com>
-2012/07/09
-
-
-Index: avahi-0.6.31/avahi-daemon/Makefile.am
-===================================================================
---- avahi-0.6.31.orig/avahi-daemon/Makefile.am
-+++ avahi-0.6.31/avahi-daemon/Makefile.am
-@@ -169,7 +169,7 @@ xmllint:
- done
-
- install-data-local:
-- test -z "$(localstatedir)/run" || $(mkdir_p) "$(DESTDIR)$(localstatedir)/run"
-+ test -z "$(localstatedir)/run" || $(MKDIR_P) "$(DESTDIR)$(localstatedir)/run"
-
- update-systemd:
- curl http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.c > sd-daemon.c
-Index: avahi-0.6.31/avahi-autoipd/Makefile.am
-===================================================================
---- avahi-0.6.31.orig/avahi-autoipd/Makefile.am
-+++ avahi-0.6.31/avahi-autoipd/Makefile.am
-@@ -76,7 +76,7 @@ dhcliententerdir = $(sysconfdir)/dhcp/dh
- dhclientexitdir = $(sysconfdir)/dhcp/dhclient-exit-hooks.d
-
- install-exec-hook: dhclient-exit-hook dhclient-enter-hook
-- $(mkdir_p) $(DESTDIR)$(dhcliententerdir) $(DESTDIR)$(dhclientexitdir)
-+ $(MKDIR_P) $(DESTDIR)$(dhcliententerdir) $(DESTDIR)$(dhclientexitdir)
- $(INSTALL) dhclient-enter-hook $(DESTDIR)$(dhcliententerdir)/avahi-autoipd
- $(INSTALL) dhclient-exit-hook $(DESTDIR)$(dhclientexitdir)/avahi-autoipd
-
diff --git a/yocto-poky/meta/recipes-connectivity/avahi/files/out-of-tree.patch b/yocto-poky/meta/recipes-connectivity/avahi/files/out-of-tree.patch
deleted file mode 100644
index 43476cde0..000000000
--- a/yocto-poky/meta/recipes-connectivity/avahi/files/out-of-tree.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-Upstream-Status: Pending
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-From a62dc95d75691ea4aefa86d8bbe54c62afd78ff6 Mon Sep 17 00:00:00 2001
-From: Ross Burton <ross.burton@intel.com>
-Date: Tue, 17 Sep 2013 12:27:36 +0100
-Subject: [PATCH] build-sys: fix out-of-tree builds without xmltoman
-
-If manpages are enabled but xmltoman isn't present, out-of-tree builds fail
-because it checks inside the build directory for the pre-generated manpages.
-
-Fix this by using $srcdir when looking for files inside the source directory.
----
- configure.ac | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/configure.ac b/configure.ac
-index 9debce2..047c7ae 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -1021,7 +1021,7 @@ if test x$manpages = xyes ; then
- fi
-
- if test x$have_xmltoman = xno -o x$xmltoman = xno; then
-- if ! test -e man/avahi-daemon.8 ; then
-+ if ! test -e $srcdir/man/avahi-daemon.8 ; then
- AC_MSG_ERROR([*** xmltoman was not found or was disabled, it is required to build the manpages as they have not been pre-built, install xmltoman, pass --disable-manpages or dont pass --disable-xmltoman])
- exit 1
- fi
---
-1.7.10.4
-
diff --git a/yocto-poky/meta/recipes-connectivity/avahi/files/reuseport-check.patch b/yocto-poky/meta/recipes-connectivity/avahi/files/reuseport-check.patch
deleted file mode 100644
index bb81c2cb4..000000000
--- a/yocto-poky/meta/recipes-connectivity/avahi/files/reuseport-check.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-Fix avahi-daemon when running on kernel < 3.9 (patch taken from Ubuntu).
-
-Upstream-Status: Pending (unmaintained upstream)
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-Description: SO_REUSEPORT may not exist in running kernel
- When userspace defines SO_REUSEPORT we will attempt to enable socket
- port number reuse. However if the running kernel does not support
- this call it will fail preventing daemon startup. If this call is
- present but fails ENOPROTOOPT then we know that actually the kernel
- does not support it and we should continue as if we did not have the
- call at all. (LP: #1228204)
- .
- This patch could be removed from the debian package after jessie release.
-Author: Andy Whitcroft <apw@canonical.com>
-
-Index: avahi-0.6.31/avahi-core/socket.c
-===================================================================
---- avahi-0.6.31.orig/avahi-core/socket.c 2013-09-20 16:36:50.000000000 +0100
-+++ avahi-0.6.31/avahi-core/socket.c 2013-09-20 16:38:23.781863644 +0100
-@@ -177,7 +177,8 @@
- yes = 1;
- if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &yes, sizeof(yes)) < 0) {
- avahi_log_warn("SO_REUSEPORT failed: %s", strerror(errno));
-- return -1;
-+ if (errno != ENOPROTOOPT)
-+ return -1;
- }
- #endif
-
diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/0001-build-use-pkg-config-to-find-libxml2.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/0001-build-use-pkg-config-to-find-libxml2.patch
index cb5251d15..805cbb331 100644
--- a/yocto-poky/meta/recipes-connectivity/bind/bind/0001-build-use-pkg-config-to-find-libxml2.patch
+++ b/yocto-poky/meta/recipes-connectivity/bind/bind/0001-build-use-pkg-config-to-find-libxml2.patch
@@ -4,15 +4,18 @@ libxml2.
Upstream-Status: Inappropriate
Signed-off-by: Ross Burton <ross.burton@intel.com>
+Update context for version 9.10.3-P2.
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
---
- configure.in | 18 +++---------------
- 1 file changed, 3 insertions(+), 15 deletions(-)
+ configure.in | 23 +++--------------------
+ 1 file changed, 3 insertions(+), 20 deletions(-)
diff --git a/configure.in b/configure.in
-index d566e1c..c9ef3a6 100644
+index 0db826d..75819eb 100644
--- a/configure.in
+++ b/configure.in
-@@ -2102,21 +2102,9 @@ case "$use_libxml2" in
+@@ -2107,26 +2107,9 @@ case "$use_libxml2" in
DST_LIBXML2_INC=""
;;
auto|yes)
@@ -22,8 +25,13 @@ index d566e1c..c9ef3a6 100644
- libxml2_cflags=`xml2-config --cflags`
- ;;
- *)
-- libxml2_libs=
-- libxml2_cflags=
+- if test "$use_libxml2" = "yes" ; then
+- AC_MSG_RESULT(no)
+- AC_MSG_ERROR(required libxml2 version not available)
+- else
+- libxml2_libs=
+- libxml2_cflags=
+- fi
- ;;
- esac
- ;;
diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8000.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8000.patch
deleted file mode 100644
index e1c805257..000000000
--- a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8000.patch
+++ /dev/null
@@ -1,278 +0,0 @@
-From 8259daad7242ab2af8731681177ef7e948a15ece Mon Sep 17 00:00:00 2001
-From: Mark Andrews <marka@isc.org>
-Date: Mon, 16 Nov 2015 13:12:20 +1100
-Subject: [PATCH] 4260. [security] Insufficient testing when parsing a
- message allowed records with an incorrect class to be
- be accepted, triggering a REQUIRE failure when those
- records were subsequently cached. (CVE-2015-8000) [RT
- #4098]
-
-(cherry picked from commit c8821d124c532e0a65752b378f924d4259499fd3)
-(cherry picked from commit 3a4c24c4a52d4a2d21d2decbde3d4e514e27d51c)
-
-
-Upstream-Status: Backport
-
-https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=8259daad7242ab2af8731681177ef7e948a15ece
-
-CVE: CVE-2015-8000
-
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
----
- CHANGES | 5 +++++
- bin/tests/system/start.pl | 5 ++++-
- doc/arm/notes.xml | 9 +++++++++
- lib/dns/include/dns/message.h | 13 +++++++++++--
- lib/dns/message.c | 45 ++++++++++++++++++++++++++++++++++++++-----
- lib/dns/resolver.c | 9 +++++++++
- lib/dns/xfrin.c | 2 ++
- 7 files changed, 80 insertions(+), 8 deletions(-)
-
-Index: bind-9.10.2-P4/bin/tests/system/start.pl
-===================================================================
---- bind-9.10.2-P4.orig/bin/tests/system/start.pl
-+++ bind-9.10.2-P4/bin/tests/system/start.pl
-@@ -68,6 +68,7 @@ my $NAMED = $ENV{'NAMED'};
- my $LWRESD = $ENV{'LWRESD'};
- my $DIG = $ENV{'DIG'};
- my $PERL = $ENV{'PERL'};
-+my $PYTHON = $ENV{'PYTHON'};
-
- # Start the server(s)
-
-@@ -213,7 +214,9 @@ sub start_server {
- $pid_file = "lwresd.pid";
- } elsif ($server =~ /^ans/) {
- $cleanup_files = "{ans.run}";
-- if (-e "$testdir/$server/ans.pl") {
-+ if (-e "$testdir/$server/ans.py") {
-+ $command = "$PYTHON ans.py 10.53.0.$' 5300";
-+ } elsif (-e "$testdir/$server/ans.pl") {
- $command = "$PERL ans.pl";
- } else {
- $command = "$PERL $topdir/ans.pl 10.53.0.$'";
-Index: bind-9.10.2-P4/doc/arm/notes.xml
-===================================================================
---- bind-9.10.2-P4.orig/doc/arm/notes.xml
-+++ bind-9.10.2-P4/doc/arm/notes.xml
-@@ -62,6 +62,15 @@
- <itemizedlist>
- <listitem>
- <para>
-+ Insufficient testing when parsing a message allowed
-+ records with an incorrect class to be be accepted,
-+ triggering a REQUIRE failure when those records
-+ were subsequently cached. This flaw is disclosed
-+ in CVE-2015-8000. [RT #4098]
-+ </para>
-+ </listitem>
-+ <listitem>
-+ <para>
- An incorrect boundary check in the OPENPGPKEY rdatatype
- could trigger an assertion failure. This flaw is disclosed
- in CVE-2015-5986. [RT #40286]
-Index: bind-9.10.2-P4/lib/dns/include/dns/message.h
-===================================================================
---- bind-9.10.2-P4.orig/lib/dns/include/dns/message.h
-+++ bind-9.10.2-P4/lib/dns/include/dns/message.h
-@@ -15,8 +15,6 @@
- * PERFORMANCE OF THIS SOFTWARE.
- */
-
--/* $Id$ */
--
- #ifndef DNS_MESSAGE_H
- #define DNS_MESSAGE_H 1
-
-@@ -221,6 +219,8 @@ struct dns_message {
- unsigned int free_saved : 1;
- unsigned int sitok : 1;
- unsigned int sitbad : 1;
-+ unsigned int tkey : 1;
-+ unsigned int rdclass_set : 1;
-
- unsigned int opt_reserved;
- unsigned int sig_reserved;
-@@ -1400,6 +1400,15 @@ dns_message_buildopt(dns_message_t *msg,
- * \li other.
- */
-
-+void
-+dns_message_setclass(dns_message_t *msg, dns_rdataclass_t rdclass);
-+/*%<
-+ * Set the expected class of records in the response.
-+ *
-+ * Requires:
-+ * \li msg be a valid message with parsing intent.
-+ */
-+
- ISC_LANG_ENDDECLS
-
- #endif /* DNS_MESSAGE_H */
-Index: bind-9.10.2-P4/lib/dns/message.c
-===================================================================
---- bind-9.10.2-P4.orig/lib/dns/message.c
-+++ bind-9.10.2-P4/lib/dns/message.c
-@@ -439,6 +439,8 @@ msginit(dns_message_t *m) {
- m->free_saved = 0;
- m->sitok = 0;
- m->sitbad = 0;
-+ m->tkey = 0;
-+ m->rdclass_set = 0;
- m->querytsig = NULL;
- }
-
-@@ -1091,13 +1093,19 @@ getquestions(isc_buffer_t *source, dns_m
- * If this class is different than the one we already read,
- * this is an error.
- */
-- if (msg->state == DNS_SECTION_ANY) {
-- msg->state = DNS_SECTION_QUESTION;
-+ if (msg->rdclass_set == 0) {
- msg->rdclass = rdclass;
-+ msg->rdclass_set = 1;
- } else if (msg->rdclass != rdclass)
- DO_FORMERR;
-
- /*
-+ * Is this a TKEY query?
-+ */
-+ if (rdtype == dns_rdatatype_tkey)
-+ msg->tkey = 1;
-+
-+ /*
- * Can't ask the same question twice.
- */
- result = dns_message_find(name, rdclass, rdtype, 0, NULL);
-@@ -1241,12 +1249,12 @@ getsection(isc_buffer_t *source, dns_mes
- * If there was no question section, we may not yet have
- * established a class. Do so now.
- */
-- if (msg->state == DNS_SECTION_ANY &&
-+ if (msg->rdclass_set == 0 &&
- rdtype != dns_rdatatype_opt && /* class is UDP SIZE */
- rdtype != dns_rdatatype_tsig && /* class is ANY */
- rdtype != dns_rdatatype_tkey) { /* class is undefined */
- msg->rdclass = rdclass;
-- msg->state = DNS_SECTION_QUESTION;
-+ msg->rdclass_set = 1;
- }
-
- /*
-@@ -1256,7 +1264,7 @@ getsection(isc_buffer_t *source, dns_mes
- if (msg->opcode != dns_opcode_update
- && rdtype != dns_rdatatype_tsig
- && rdtype != dns_rdatatype_opt
-- && rdtype != dns_rdatatype_dnskey /* in a TKEY query */
-+ && rdtype != dns_rdatatype_key /* in a TKEY query */
- && rdtype != dns_rdatatype_sig /* SIG(0) */
- && rdtype != dns_rdatatype_tkey /* Win2000 TKEY */
- && msg->rdclass != dns_rdataclass_any
-@@ -1264,6 +1272,16 @@ getsection(isc_buffer_t *source, dns_mes
- DO_FORMERR;
-
- /*
-+ * If this is not a TKEY query/response then the KEY
-+ * record's class needs to match.
-+ */
-+ if (msg->opcode != dns_opcode_update && !msg->tkey &&
-+ rdtype == dns_rdatatype_key &&
-+ msg->rdclass != dns_rdataclass_any &&
-+ msg->rdclass != rdclass)
-+ DO_FORMERR;
-+
-+ /*
- * Special type handling for TSIG, OPT, and TKEY.
- */
- if (rdtype == dns_rdatatype_tsig) {
-@@ -1377,6 +1395,10 @@ getsection(isc_buffer_t *source, dns_mes
- skip_name_search = ISC_TRUE;
- skip_type_search = ISC_TRUE;
- issigzero = ISC_TRUE;
-+ } else {
-+ if (msg->rdclass != dns_rdataclass_any &&
-+ msg->rdclass != rdclass)
-+ DO_FORMERR;
- }
- } else
- covers = 0;
-@@ -1625,6 +1647,7 @@ dns_message_parse(dns_message_t *msg, is
- msg->counts[DNS_SECTION_ADDITIONAL] = isc_buffer_getuint16(source);
-
- msg->header_ok = 1;
-+ msg->state = DNS_SECTION_QUESTION;
-
- /*
- * -1 means no EDNS.
-@@ -3706,3 +3729,15 @@ dns_message_buildopt(dns_message_t *mess
- dns_message_puttemprdatalist(message, &rdatalist);
- return (result);
- }
-+
-+void
-+dns_message_setclass(dns_message_t *msg, dns_rdataclass_t rdclass) {
-+
-+ REQUIRE(DNS_MESSAGE_VALID(msg));
-+ REQUIRE(msg->from_to_wire == DNS_MESSAGE_INTENTPARSE);
-+ REQUIRE(msg->state == DNS_SECTION_ANY);
-+ REQUIRE(msg->rdclass_set == 0);
-+
-+ msg->rdclass = rdclass;
-+ msg->rdclass_set = 1;
-+}
-Index: bind-9.10.2-P4/lib/dns/resolver.c
-===================================================================
---- bind-9.10.2-P4.orig/lib/dns/resolver.c
-+++ bind-9.10.2-P4/lib/dns/resolver.c
-@@ -7309,6 +7309,8 @@ resquery_response(isc_task_t *task, isc_
- goto done;
- }
-
-+ dns_message_setclass(message, fctx->res->rdclass);
-+
- if ((options & DNS_FETCHOPT_TCP) == 0) {
- if ((options & DNS_FETCHOPT_NOEDNS0) == 0)
- dns_adb_setudpsize(fctx->adb, query->addrinfo,
-@@ -7391,6 +7393,13 @@ resquery_response(isc_task_t *task, isc_
- &dns_master_style_comment,
- ISC_LOG_DEBUG(10),
- fctx->res->mctx);
-+
-+ if (message->rdclass != fctx->res->rdclass) {
-+ resend = ISC_TRUE;
-+ FCTXTRACE("bad class");
-+ goto done;
-+ }
-+
- /*
- * Process receive opt record.
- */
-Index: bind-9.10.2-P4/lib/dns/xfrin.c
-===================================================================
---- bind-9.10.2-P4.orig/lib/dns/xfrin.c
-+++ bind-9.10.2-P4/lib/dns/xfrin.c
-@@ -1225,6 +1225,8 @@ xfrin_recv_done(isc_task_t *task, isc_ev
- msg->tsigctx = xfr->tsigctx;
- xfr->tsigctx = NULL;
-
-+ dns_message_setclass(msg, xfr->rdclass);
-+
- if (xfr->nmsg > 0)
- msg->tcp_continuation = 1;
-
-Index: bind-9.10.2-P4/CHANGES
-===================================================================
---- bind-9.10.2-P4.orig/CHANGES
-+++ bind-9.10.2-P4/CHANGES
-@@ -1,4 +1,9 @@
-- --- 9.10.2-P4 released ---
-+4260. [security] Insufficient testing when parsing a message allowed
-+ records with an incorrect class to be be accepted,
-+ triggering a REQUIRE failure when those records
-+ were subsequently cached. (CVE-2015-8000) [RT #4098]
-+
-+ --- 9.10.2-P4 released ---
-
- 4170. [security] An incorrect boundary check in the OPENPGPKEY
- rdatatype could trigger an assertion failure.
diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch
deleted file mode 100644
index 88e9c8342..000000000
--- a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8461.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From adbf81335b67be0cebdcf9f1f4fcb38ef4814f4d Mon Sep 17 00:00:00 2001
-From: Mark Andrews <marka@isc.org>
-Date: Thu, 25 Jun 2015 18:36:27 +1000
-Subject: [PATCH] 4146. [bug] Address reference leak that could
- prevent a clean shutdown. [RT #37125]
-
-Upstream-Status: Backport
-
-https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=adbf81335b67be0cebdcf9f1f4fcb38ef4814f4d
-
-CVE: CVE-2015-8461
-Signed-off-by: Armin Kuster <akuster@mvista.com>
----
- CHANGES | 3 +++
- lib/dns/resolver.c | 5 +++++
- 2 files changed, 8 insertions(+)
-
-Index: bind-9.10.2-P4/CHANGES
-===================================================================
---- bind-9.10.2-P4.orig/CHANGES
-+++ bind-9.10.2-P4/CHANGES
-@@ -1,3 +1,6 @@
-+4146. [bug] Address reference leak that could prevent a clean
-+ shutdown. [RT #37125]
-+
- 4260. [security] Insufficient testing when parsing a message allowed
- records with an incorrect class to be be accepted,
- triggering a REQUIRE failure when those records
-Index: bind-9.10.2-P4/lib/dns/resolver.c
-===================================================================
---- bind-9.10.2-P4.orig/lib/dns/resolver.c
-+++ bind-9.10.2-P4/lib/dns/resolver.c
-@@ -1649,6 +1649,11 @@ fctx_query(fetchctx_t *fctx, dns_adbaddr
- if (query->dispatch != NULL)
- dns_dispatch_detach(&query->dispatch);
-
-+ LOCK(&res->buckets[fctx->bucketnum].lock);
-+ INSIST(fctx->references > 1);
-+ fctx->references--;
-+ UNLOCK(&res->buckets[fctx->bucketnum].lock);
-+
- cleanup_query:
- if (query->connects == 0) {
- query->magic = 0;
diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8704.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8704.patch
deleted file mode 100644
index d5bf740e8..000000000
--- a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8704.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-a buffer size check can cause denial of service under certain circumstances
-
-[security]
-The following flaw in BIND was reported by ISC:
-
-A buffer size check used to guard against overflow could cause named to exit with an INSIST failure In apl_42.c.
-
-A server could exit due to an INSIST failure in apl_42.c when performing certain string formatting operations.
-
-Upstream-Status: Backport
-CVE: CVE-2015-8704
-
-[The patch is taken from BIND 9.10.3:
-https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8704]
-
-Signed-off-by: Derek Straka <derek@asterius.io>
-diff --git a/lib/dns/rdata/in_1/apl_42.c b/lib/dns/rdata/in_1/apl_42.c
-index bedd38e..28eb7f2 100644
---- a/lib/dns/rdata/in_1/apl_42.c
-+++ b/lib/dns/rdata/in_1/apl_42.c
-@@ -116,7 +116,7 @@ totext_in_apl(ARGS_TOTEXT) {
- isc_uint8_t len;
- isc_boolean_t neg;
- unsigned char buf[16];
-- char txt[sizeof(" !64000")];
-+ char txt[sizeof(" !64000:")];
- const char *sep = "";
- int n;
diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8705.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8705.patch
deleted file mode 100644
index c4a052d7b..000000000
--- a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2015-8705.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-a crash or assertion failure can during format processing
-
-[security]
-The following flaw in BIND was reported by ISC:
-
-In versions of BIND 9.10, errors can occur when OPT pseudo-RR data or ECS options are formatted to text. In 9.10.3 through 9.10.3-P2, the issue may result in a REQUIRE assertion failure in buffer.c.
-
-This issue can affect both authoritative and recursive servers if they are performing debug logging. (It may also crash related tools which use the same code, such as dig or delv.)
-
-A server could exit due to an INSIST failure in apl_42.c when performing certain string formatting operations.
-
-Upstream-Status: Backport
-CVE: CVE-2015-8705
-
-[The patch is taken from BIND 9.10.3:
-https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-8705]
-
-Signed-off-by: Derek Straka <derek@asterius.io>
-diff --git a/lib/dns/message.c b/lib/dns/message.c
-index ea7b93a..810c58e 100644
---- a/lib/dns/message.c
-+++ b/lib/dns/message.c
-@@ -3310,9 +3310,19 @@
- } else if (optcode == DNS_OPT_SIT) {
- ADD_STRING(target, "; SIT");
- } else if (optcode == DNS_OPT_CLIENT_SUBNET) {
-+ isc_buffer_t ecsbuf;
- ADD_STRING(target, "; CLIENT-SUBNET: ");
-- render_ecs(&optbuf, target);
-- ADD_STRING(target, "\n");
-+ isc_buffer_init(&ecsbuf,
-+ isc_buffer_current(&optbuf),
-+ optlen);
-+ isc_buffer_add(&ecsbuf, optlen);
-+ result = render_ecs(&ecsbuf, target);
-+ if (result == ISC_R_NOSPACE)
-+ return (result);
-+ if (result == ISC_R_SUCCESS) {
-+ isc_buffer_forward(&optbuf, optlen);
-+ ADD_STRING(target, "\n");
-+ }
- continue;
- } else if (optcode == DNS_OPT_EXPIRE) {
- if (optlen == 4) {
diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1285.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1285.patch
new file mode 100644
index 000000000..2149bd180
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1285.patch
@@ -0,0 +1,154 @@
+From 70037e040e587329cec82123e12b9f4f7c945f67 Mon Sep 17 00:00:00 2001
+From: Mark Andrews <marka@isc.org>
+Date: Thu, 18 Feb 2016 12:11:27 +1100
+Subject: [PATCH] 4318. [security] Malformed control messages can
+ trigger assertions in named and rndc. (CVE-2016-1285)
+ [RT #41666]
+
+(cherry picked from commit a2b15b3305acd52179e6f3dc7d073b07fbc40b8e)
+
+CVE: CVE-2016-1285
+Upstream-Status: Backport
+[Removed doc/arm/notes.xml changes from upstream patch]
+
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ CHANGES | 3 +++
+ bin/named/control.c | 2 +-
+ bin/named/controlconf.c | 2 +-
+ bin/rndc/rndc.c | 8 ++++----
+ doc/arm/notes.xml | 11 +++++++++++
+ lib/isccc/cc.c | 14 +++++++-------
+ 6 files changed, 27 insertions(+), 13 deletions(-)
+
+diff --git a/CHANGES b/CHANGES
+index b9bd9ef..2c727d5 100644
+--- a/CHANGES
++++ b/CHANGES
+@@ -1,3 +1,6 @@
++4318. [security] Malformed control messages can trigger assertions
++ in named and rndc. (CVE-2016-1285) [RT #41666]
++
+ --- 9.10.3-P3 released ---
+
+ 4288. [bug] Fixed a regression in resolver.c:possibly_mark()
+diff --git a/bin/named/control.c b/bin/named/control.c
+index 8554335..81340ca 100644
+--- a/bin/named/control.c
++++ b/bin/named/control.c
+@@ -69,7 +69,7 @@ ns_control_docommand(isccc_sexpr_t *message, isc_buffer_t *text) {
+ #endif
+
+ data = isccc_alist_lookup(message, "_data");
+- if (data == NULL) {
++ if (!isccc_alist_alistp(data)) {
+ /*
+ * No data section.
+ */
+diff --git a/bin/named/controlconf.c b/bin/named/controlconf.c
+index 765afdd..a39ab8b 100644
+--- a/bin/named/controlconf.c
++++ b/bin/named/controlconf.c
+@@ -402,7 +402,7 @@ control_recvmessage(isc_task_t *task, isc_event_t *event) {
+ * Limit exposure to replay attacks.
+ */
+ _ctrl = isccc_alist_lookup(request, "_ctrl");
+- if (_ctrl == NULL) {
++ if (!isccc_alist_alistp(_ctrl)) {
+ log_invalid(&conn->ccmsg, ISC_R_FAILURE);
+ goto cleanup_request;
+ }
+diff --git a/bin/rndc/rndc.c b/bin/rndc/rndc.c
+index cb17050..b6e05c8 100644
+--- a/bin/rndc/rndc.c
++++ b/bin/rndc/rndc.c
+@@ -255,8 +255,8 @@ rndc_recvdone(isc_task_t *task, isc_event_t *event) {
+ isccc_cc_fromwire(&source, &response, algorithm, &secret));
+
+ data = isccc_alist_lookup(response, "_data");
+- if (data == NULL)
+- fatal("no data section in response");
++ if (!isccc_alist_alistp(data))
++ fatal("bad or missing data section in response");
+ result = isccc_cc_lookupstring(data, "err", &errormsg);
+ if (result == ISC_R_SUCCESS) {
+ failed = ISC_TRUE;
+@@ -321,8 +321,8 @@ rndc_recvnonce(isc_task_t *task, isc_event_t *event) {
+ isccc_cc_fromwire(&source, &response, algorithm, &secret));
+
+ _ctrl = isccc_alist_lookup(response, "_ctrl");
+- if (_ctrl == NULL)
+- fatal("_ctrl section missing");
++ if (!isccc_alist_alistp(_ctrl))
++ fatal("bad or missing ctrl section in response");
+ nonce = 0;
+ if (isccc_cc_lookupuint32(_ctrl, "_nonce", &nonce) != ISC_R_SUCCESS)
+ nonce = 0;
+diff --git a/lib/isccc/cc.c b/lib/isccc/cc.c
+index 47a3b74..2bb961e 100644
+--- a/lib/isccc/cc.c
++++ b/lib/isccc/cc.c
+@@ -403,13 +403,13 @@ verify(isccc_sexpr_t *alist, unsigned char *data, unsigned int length,
+ * Extract digest.
+ */
+ _auth = isccc_alist_lookup(alist, "_auth");
+- if (_auth == NULL)
++ if (!isccc_alist_alistp(_auth))
+ return (ISC_R_FAILURE);
+ if (algorithm == ISCCC_ALG_HMACMD5)
+ hmac = isccc_alist_lookup(_auth, "hmd5");
+ else
+ hmac = isccc_alist_lookup(_auth, "hsha");
+- if (hmac == NULL)
++ if (!isccc_sexpr_binaryp(hmac))
+ return (ISC_R_FAILURE);
+ /*
+ * Compute digest.
+@@ -728,7 +728,7 @@ isccc_cc_createack(isccc_sexpr_t *message, isc_boolean_t ok,
+ REQUIRE(ackp != NULL && *ackp == NULL);
+
+ _ctrl = isccc_alist_lookup(message, "_ctrl");
+- if (_ctrl == NULL ||
++ if (!isccc_alist_alistp(_ctrl) ||
+ isccc_cc_lookupuint32(_ctrl, "_ser", &serial) != ISC_R_SUCCESS ||
+ isccc_cc_lookupuint32(_ctrl, "_tim", &t) != ISC_R_SUCCESS)
+ return (ISC_R_FAILURE);
+@@ -773,7 +773,7 @@ isccc_cc_isack(isccc_sexpr_t *message)
+ isccc_sexpr_t *_ctrl;
+
+ _ctrl = isccc_alist_lookup(message, "_ctrl");
+- if (_ctrl == NULL)
++ if (!isccc_alist_alistp(_ctrl))
+ return (ISC_FALSE);
+ if (isccc_cc_lookupstring(_ctrl, "_ack", NULL) == ISC_R_SUCCESS)
+ return (ISC_TRUE);
+@@ -786,7 +786,7 @@ isccc_cc_isreply(isccc_sexpr_t *message)
+ isccc_sexpr_t *_ctrl;
+
+ _ctrl = isccc_alist_lookup(message, "_ctrl");
+- if (_ctrl == NULL)
++ if (!isccc_alist_alistp(_ctrl))
+ return (ISC_FALSE);
+ if (isccc_cc_lookupstring(_ctrl, "_rpl", NULL) == ISC_R_SUCCESS)
+ return (ISC_TRUE);
+@@ -806,7 +806,7 @@ isccc_cc_createresponse(isccc_sexpr_t *message, isccc_time_t now,
+
+ _ctrl = isccc_alist_lookup(message, "_ctrl");
+ _data = isccc_alist_lookup(message, "_data");
+- if (_ctrl == NULL || _data == NULL ||
++ if (!isccc_alist_alistp(_ctrl) || !isccc_alist_alistp(_data) ||
+ isccc_cc_lookupuint32(_ctrl, "_ser", &serial) != ISC_R_SUCCESS ||
+ isccc_cc_lookupstring(_data, "type", &type) != ISC_R_SUCCESS)
+ return (ISC_R_FAILURE);
+@@ -995,7 +995,7 @@ isccc_cc_checkdup(isccc_symtab_t *symtab, isccc_sexpr_t *message,
+ isccc_sexpr_t *_ctrl;
+
+ _ctrl = isccc_alist_lookup(message, "_ctrl");
+- if (_ctrl == NULL ||
++ if (!isccc_alist_alistp(_ctrl) ||
+ isccc_cc_lookupstring(_ctrl, "_ser", &_ser) != ISC_R_SUCCESS ||
+ isccc_cc_lookupstring(_ctrl, "_tim", &_tim) != ISC_R_SUCCESS)
+ return (ISC_R_FAILURE);
+--
+1.9.1
+
diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch
new file mode 100644
index 000000000..ae5cc48d9
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_1.patch
@@ -0,0 +1,79 @@
+From a3d327bf1ceaaeabb20223d8de85166e940b9f12 Mon Sep 17 00:00:00 2001
+From: Mukund Sivaraman <muks@isc.org>
+Date: Mon, 22 Feb 2016 12:22:43 +0530
+Subject: [PATCH] Fix resolver assertion failure due to improper DNAME handling
+ (CVE-2016-1286) (#41753)
+
+(cherry picked from commit 5995fec51cc8bb7e53804e4936e60aa1537f3673)
+
+CVE: CVE-2016-1286
+Upstream-Status: Backport
+
+[Removed doc/arm/notes.xml changes from upstream patch.]
+
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+diff -ruN a/CHANGES b/CHANGES
+--- a/CHANGES 2016-04-13 07:28:44.940873629 +0200
++++ b/CHANGES 2016-04-13 07:38:38.923167851 +0200
+@@ -1,3 +1,7 @@
++4319. [security] Fix resolver assertion failure due to improper
++ DNAME handling when parsing fetch reply messages.
++ (CVE-2016-1286) [RT #41753]
++
+ 4318. [security] Malformed control messages can trigger assertions
+ in named and rndc. (CVE-2016-1285) [RT #41666]
+
+diff -ruN a/lib/dns/resolver.c b/lib/dns/resolver.c
+--- a/lib/dns/resolver.c 2016-04-13 07:28:43.088953790 +0200
++++ b/lib/dns/resolver.c 2016-04-13 07:38:20.411968925 +0200
+@@ -6967,21 +6967,26 @@
+ isc_boolean_t found_dname = ISC_FALSE;
+ dns_name_t *dname_name;
+
++ /*
++ * Only pass DNAME or RRSIG(DNAME).
++ */
++ if (rdataset->type != dns_rdatatype_dname &&
++ (rdataset->type != dns_rdatatype_rrsig ||
++ rdataset->covers != dns_rdatatype_dname))
++ continue;
++
++ /*
++ * If we're not chaining, then the DNAME and
++ * its signature should not be external.
++ */
++ if (!chaining && external) {
++ log_formerr(fctx, "external DNAME");
++ return (DNS_R_FORMERR);
++ }
++
+ found = ISC_FALSE;
+ aflag = 0;
+ if (rdataset->type == dns_rdatatype_dname) {
+- /*
+- * We're looking for something else,
+- * but we found a DNAME.
+- *
+- * If we're not chaining, then the
+- * DNAME should not be external.
+- */
+- if (!chaining && external) {
+- log_formerr(fctx,
+- "external DNAME");
+- return (DNS_R_FORMERR);
+- }
+ found = ISC_TRUE;
+ want_chaining = ISC_TRUE;
+ POST(want_chaining);
+@@ -7010,9 +7015,7 @@
+ &fctx->domain)) {
+ return (DNS_R_SERVFAIL);
+ }
+- } else if (rdataset->type == dns_rdatatype_rrsig
+- && rdataset->covers ==
+- dns_rdatatype_dname) {
++ } else {
+ /*
+ * We've found a signature that
+ * covers the DNAME.
diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_2.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_2.patch
new file mode 100644
index 000000000..a31ea81f8
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-1286_2.patch
@@ -0,0 +1,314 @@
+From 7602be276a73a6eb5431c5acd9718e68a55e8b61 Mon Sep 17 00:00:00 2001
+From: Mark Andrews <marka@isc.org>
+Date: Mon, 29 Feb 2016 07:16:48 +1100
+Subject: [PATCH] Part 2 of: 4319. [security] Fix resolver assertion
+ failure due to improper DNAME handling when parsing
+ fetch reply messages. (CVE-2016-1286) [RT #41753]
+
+(cherry picked from commit 2de89ee9de8c8da9dc153a754b02dcdbb7fe2374)
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/dns/resolver.c | 192 ++++++++++++++++++++++++++---------------------------
+ 1 file changed, 93 insertions(+), 99 deletions(-)
+
+diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
+index 70aba87..41e9df4 100644
+--- a/lib/dns/resolver.c
++++ b/lib/dns/resolver.c
+@@ -6074,14 +6074,11 @@ cname_target(dns_rdataset_t *rdataset, dns_name_t *tname) {
+ }
+
+ static inline isc_result_t
+-dname_target(fetchctx_t *fctx, dns_rdataset_t *rdataset, dns_name_t *qname,
+- dns_name_t *oname, dns_fixedname_t *fixeddname)
++dname_target(dns_rdataset_t *rdataset, dns_name_t *qname,
++ unsigned int nlabels, dns_fixedname_t *fixeddname)
+ {
+ isc_result_t result;
+ dns_rdata_t rdata = DNS_RDATA_INIT;
+- unsigned int nlabels;
+- int order;
+- dns_namereln_t namereln;
+ dns_rdata_dname_t dname;
+ dns_fixedname_t prefix;
+
+@@ -6096,21 +6093,6 @@ dname_target(fetchctx_t *fctx, dns_rdataset_t *rdataset, dns_name_t *qname,
+ if (result != ISC_R_SUCCESS)
+ return (result);
+
+- /*
+- * Get the prefix of qname.
+- */
+- namereln = dns_name_fullcompare(qname, oname, &order, &nlabels);
+- if (namereln != dns_namereln_subdomain) {
+- char qbuf[DNS_NAME_FORMATSIZE];
+- char obuf[DNS_NAME_FORMATSIZE];
+-
+- dns_rdata_freestruct(&dname);
+- dns_name_format(qname, qbuf, sizeof(qbuf));
+- dns_name_format(oname, obuf, sizeof(obuf));
+- log_formerr(fctx, "unrelated DNAME in answer: "
+- "%s is not in %s", qbuf, obuf);
+- return (DNS_R_FORMERR);
+- }
+ dns_fixedname_init(&prefix);
+ dns_name_split(qname, nlabels, dns_fixedname_name(&prefix), NULL);
+ dns_fixedname_init(fixeddname);
+@@ -6736,13 +6718,13 @@ static isc_result_t
+ answer_response(fetchctx_t *fctx) {
+ isc_result_t result;
+ dns_message_t *message;
+- dns_name_t *name, *qname, tname, *ns_name;
++ dns_name_t *name, *dname, *qname, tname, *ns_name;
+ dns_rdataset_t *rdataset, *ns_rdataset;
+ isc_boolean_t done, external, chaining, aa, found, want_chaining;
+ isc_boolean_t have_answer, found_cname, found_type, wanted_chaining;
+ unsigned int aflag;
+ dns_rdatatype_t type;
+- dns_fixedname_t dname, fqname;
++ dns_fixedname_t fdname, fqname;
+ dns_view_t *view;
+
+ FCTXTRACE("answer_response");
+@@ -6770,10 +6752,15 @@ answer_response(fetchctx_t *fctx) {
+ view = fctx->res->view;
+ result = dns_message_firstname(message, DNS_SECTION_ANSWER);
+ while (!done && result == ISC_R_SUCCESS) {
++ dns_namereln_t namereln;
++ int order;
++ unsigned int nlabels;
++
+ name = NULL;
+ dns_message_currentname(message, DNS_SECTION_ANSWER, &name);
+ external = ISC_TF(!dns_name_issubdomain(name, &fctx->domain));
+- if (dns_name_equal(name, qname)) {
++ namereln = dns_name_fullcompare(qname, name, &order, &nlabels);
++ if (namereln == dns_namereln_equal) {
+ wanted_chaining = ISC_FALSE;
+ for (rdataset = ISC_LIST_HEAD(name->list);
+ rdataset != NULL;
+@@ -6898,10 +6885,11 @@ answer_response(fetchctx_t *fctx) {
+ */
+ INSIST(!external);
+ if (aflag ==
+- DNS_RDATASETATTR_ANSWER)
++ DNS_RDATASETATTR_ANSWER) {
+ have_answer = ISC_TRUE;
+- name->attributes |=
+- DNS_NAMEATTR_ANSWER;
++ name->attributes |=
++ DNS_NAMEATTR_ANSWER;
++ }
+ rdataset->attributes |= aflag;
+ if (aa)
+ rdataset->trust =
+@@ -6956,6 +6944,8 @@ answer_response(fetchctx_t *fctx) {
+ if (wanted_chaining)
+ chaining = ISC_TRUE;
+ } else {
++ dns_rdataset_t *dnameset = NULL;
++
+ /*
+ * Look for a DNAME (or its SIG). Anything else is
+ * ignored.
+@@ -6963,10 +6953,8 @@ answer_response(fetchctx_t *fctx) {
+ wanted_chaining = ISC_FALSE;
+ for (rdataset = ISC_LIST_HEAD(name->list);
+ rdataset != NULL;
+- rdataset = ISC_LIST_NEXT(rdataset, link)) {
+- isc_boolean_t found_dname = ISC_FALSE;
+- dns_name_t *dname_name;
+-
++ rdataset = ISC_LIST_NEXT(rdataset, link))
++ {
+ /*
+ * Only pass DNAME or RRSIG(DNAME).
+ */
+@@ -6980,20 +6968,41 @@ answer_response(fetchctx_t *fctx) {
+ * its signature should not be external.
+ */
+ if (!chaining && external) {
+- log_formerr(fctx, "external DNAME");
++ char qbuf[DNS_NAME_FORMATSIZE];
++ char obuf[DNS_NAME_FORMATSIZE];
++
++ dns_name_format(name, qbuf,
++ sizeof(qbuf));
++ dns_name_format(&fctx->domain, obuf,
++ sizeof(obuf));
++ log_formerr(fctx, "external DNAME or "
++ "RRSIG covering DNAME "
++ "in answer: %s is "
++ "not in %s", qbuf, obuf);
++ return (DNS_R_FORMERR);
++ }
++
++ if (namereln != dns_namereln_subdomain) {
++ char qbuf[DNS_NAME_FORMATSIZE];
++ char obuf[DNS_NAME_FORMATSIZE];
++
++ dns_name_format(qname, qbuf,
++ sizeof(qbuf));
++ dns_name_format(name, obuf,
++ sizeof(obuf));
++ log_formerr(fctx, "unrelated DNAME "
++ "in answer: %s is "
++ "not in %s", qbuf, obuf);
+ return (DNS_R_FORMERR);
+ }
+
+- found = ISC_FALSE;
+ aflag = 0;
+ if (rdataset->type == dns_rdatatype_dname) {
+- found = ISC_TRUE;
+ want_chaining = ISC_TRUE;
+ POST(want_chaining);
+ aflag = DNS_RDATASETATTR_ANSWER;
+- result = dname_target(fctx, rdataset,
+- qname, name,
+- &dname);
++ result = dname_target(rdataset, qname,
++ nlabels, &fdname);
+ if (result == ISC_R_NOSPACE) {
+ /*
+ * We can't construct the
+@@ -7005,14 +7014,12 @@ answer_response(fetchctx_t *fctx) {
+ } else if (result != ISC_R_SUCCESS)
+ return (result);
+ else
+- found_dname = ISC_TRUE;
++ dnameset = rdataset;
+
+- dname_name = dns_fixedname_name(&dname);
++ dname = dns_fixedname_name(&fdname);
+ if (!is_answertarget_allowed(view,
+- qname,
+- rdataset->type,
+- dname_name,
+- &fctx->domain)) {
++ qname, rdataset->type,
++ dname, &fctx->domain)) {
+ return (DNS_R_SERVFAIL);
+ }
+ } else {
+@@ -7020,73 +7027,60 @@ answer_response(fetchctx_t *fctx) {
+ * We've found a signature that
+ * covers the DNAME.
+ */
+- found = ISC_TRUE;
+ aflag = DNS_RDATASETATTR_ANSWERSIG;
+ }
+
+- if (found) {
++ /*
++ * We've found an answer to our
++ * question.
++ */
++ name->attributes |= DNS_NAMEATTR_CACHE;
++ rdataset->attributes |= DNS_RDATASETATTR_CACHE;
++ rdataset->trust = dns_trust_answer;
++ if (!chaining) {
+ /*
+- * We've found an answer to our
+- * question.
++ * This data is "the" answer to
++ * our question only if we're
++ * not chaining.
+ */
+- name->attributes |=
+- DNS_NAMEATTR_CACHE;
+- rdataset->attributes |=
+- DNS_RDATASETATTR_CACHE;
+- rdataset->trust = dns_trust_answer;
+- if (!chaining) {
+- /*
+- * This data is "the" answer
+- * to our question only if
+- * we're not chaining.
+- */
+- INSIST(!external);
+- if (aflag ==
+- DNS_RDATASETATTR_ANSWER)
+- have_answer = ISC_TRUE;
++ INSIST(!external);
++ if (aflag == DNS_RDATASETATTR_ANSWER) {
++ have_answer = ISC_TRUE;
+ name->attributes |=
+ DNS_NAMEATTR_ANSWER;
+- rdataset->attributes |= aflag;
+- if (aa)
+- rdataset->trust =
+- dns_trust_authanswer;
+- } else if (external) {
+- rdataset->attributes |=
+- DNS_RDATASETATTR_EXTERNAL;
+- }
+-
+- /*
+- * DNAME chaining.
+- */
+- if (found_dname) {
+- /*
+- * Copy the dname into the
+- * qname fixed name.
+- *
+- * Although we check for
+- * failure of the copy
+- * operation, in practice it
+- * should never fail since
+- * we already know that the
+- * result fits in a fixedname.
+- */
+- dns_fixedname_init(&fqname);
+- result = dns_name_copy(
+- dns_fixedname_name(&dname),
+- dns_fixedname_name(&fqname),
+- NULL);
+- if (result != ISC_R_SUCCESS)
+- return (result);
+- wanted_chaining = ISC_TRUE;
+- name->attributes |=
+- DNS_NAMEATTR_CHAINING;
+- rdataset->attributes |=
+- DNS_RDATASETATTR_CHAINING;
+- qname = dns_fixedname_name(
+- &fqname);
+ }
++ rdataset->attributes |= aflag;
++ if (aa)
++ rdataset->trust =
++ dns_trust_authanswer;
++ } else if (external) {
++ rdataset->attributes |=
++ DNS_RDATASETATTR_EXTERNAL;
+ }
+ }
++
++ /*
++ * DNAME chaining.
++ */
++ if (dnameset != NULL) {
++ /*
++ * Copy the dname into the qname fixed name.
++ *
++ * Although we check for failure of the copy
++ * operation, in practice it should never fail
++ * since we already know that the result fits
++ * in a fixedname.
++ */
++ dns_fixedname_init(&fqname);
++ qname = dns_fixedname_name(&fqname);
++ result = dns_name_copy(dname, qname, NULL);
++ if (result != ISC_R_SUCCESS)
++ return (result);
++ wanted_chaining = ISC_TRUE;
++ name->attributes |= DNS_NAMEATTR_CHAINING;
++ dnameset->attributes |=
++ DNS_RDATASETATTR_CHAINING;
++ }
+ if (wanted_chaining)
+ chaining = ISC_TRUE;
+ }
+--
+1.9.1
+
diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-2088.patch b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-2088.patch
new file mode 100644
index 000000000..1b84d46b7
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/bind/bind/CVE-2016-2088.patch
@@ -0,0 +1,247 @@
+CVE-2016-2088
+
+Backport commit d7ff9a1c41bf0ba9773cb3adb08b48b9fd57c956 from the
+v9_10_3_patch branch.
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2088
+https://kb.isc.org/article/AA-01351
+
+CVE: CVE-2016-2088
+Upstream-Status: Backport
+Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
+
+
+Original commit message from Mark Andrews <marka@isc.org> below:
+
+4322. [security] Duplicate EDNS COOKIE options in a response could
+ trigger an assertion failure. (CVE-2016-2088)
+ [RT #41809]
+
+(cherry picked from commit 455c0848f80a8acda27aad1466c72987cafaa029)
+(cherry picked from commit 7cd300abd6ee8b8ee8730593daf742ba53f90bc3)
+---
+ CHANGES | 4 ++++
+ bin/dig/dighost.c | 9 +++++++++
+ bin/named/client.c | 33 +++++++++++++++++++++++----------
+ doc/arm/notes.xml | 7 +++++++
+ lib/dns/resolver.c | 14 +++++++++++++-
+ 5 files changed, 56 insertions(+), 11 deletions(-)
+
+diff --git a/CHANGES b/CHANGES
+index c5b5d2b..d2e3360 100644
+--- a/CHANGES
++++ b/CHANGES
+@@ -1,3 +1,7 @@
++4322. [security] Duplicate EDNS COOKIE options in a response could
++ trigger an assertion failure. (CVE-2016-2088)
++ [RT #41809]
++
+ 4319. [security] Fix resolver assertion failure due to improper
+ DNAME handling when parsing fetch reply messages.
+ (CVE-2016-1286) [RT #41753]
+diff --git a/bin/dig/dighost.c b/bin/dig/dighost.c
+index ca82f8e..340904f 100644
+--- a/bin/dig/dighost.c
++++ b/bin/dig/dighost.c
+@@ -3458,6 +3458,7 @@ process_opt(dig_lookup_t *l, dns_message_t *msg) {
+ isc_buffer_t optbuf;
+ isc_uint16_t optcode, optlen;
+ dns_rdataset_t *opt = msg->opt;
++ isc_boolean_t seen_cookie = ISC_FALSE;
+
+ result = dns_rdataset_first(opt);
+ if (result == ISC_R_SUCCESS) {
+@@ -3470,7 +3471,15 @@ process_opt(dig_lookup_t *l, dns_message_t *msg) {
+ optlen = isc_buffer_getuint16(&optbuf);
+ switch (optcode) {
+ case DNS_OPT_COOKIE:
++ /*
++ * Only process the first cookie option.
++ */
++ if (seen_cookie) {
++ isc_buffer_forward(&optbuf, optlen);
++ break;
++ }
+ process_sit(l, msg, &optbuf, optlen);
++ seen_cookie = ISC_TRUE;
+ break;
+ default:
+ isc_buffer_forward(&optbuf, optlen);
+diff --git a/bin/named/client.c b/bin/named/client.c
+index 683305c..0d7331a 100644
+--- a/bin/named/client.c
++++ b/bin/named/client.c
+@@ -120,7 +120,10 @@
+ */
+ #endif
+
+-#define SIT_SIZE 24U /* 8 + 4 + 4 + 8 */
++#define COOKIE_SIZE 24U /* 8 + 4 + 4 + 8 */
++
++#define WANTNSID(x) (((x)->attributes & NS_CLIENTATTR_WANTNSID) != 0)
++#define WANTEXPIRE(x) (((x)->attributes & NS_CLIENTATTR_WANTEXPIRE) != 0)
+
+ /*% nameserver client manager structure */
+ struct ns_clientmgr {
+@@ -1395,7 +1398,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message,
+ {
+ char nsid[BUFSIZ], *nsidp;
+ #ifdef ISC_PLATFORM_USESIT
+- unsigned char sit[SIT_SIZE];
++ unsigned char sit[COOKIE_SIZE];
+ #endif
+ isc_result_t result;
+ dns_view_t *view;
+@@ -1420,7 +1423,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message,
+ flags = client->extflags & DNS_MESSAGEEXTFLAG_REPLYPRESERVE;
+
+ /* Set EDNS options if applicable */
+- if ((client->attributes & NS_CLIENTATTR_WANTNSID) != 0 &&
++ if (WANTNSID(client) &&
+ (ns_g_server->server_id != NULL ||
+ ns_g_server->server_usehostname)) {
+ if (ns_g_server->server_usehostname) {
+@@ -1453,7 +1456,7 @@ ns_client_addopt(ns_client_t *client, dns_message_t *message,
+
+ INSIST(count < DNS_EDNSOPTIONS);
+ ednsopts[count].code = DNS_OPT_COOKIE;
+- ednsopts[count].length = SIT_SIZE;
++ ednsopts[count].length = COOKIE_SIZE;
+ ednsopts[count].value = sit;
+ count++;
+ }
+@@ -1661,19 +1664,26 @@ compute_sit(ns_client_t *client, isc_uint32_t when, isc_uint32_t nonce,
+
+ static void
+ process_sit(ns_client_t *client, isc_buffer_t *buf, size_t optlen) {
+- unsigned char dbuf[SIT_SIZE];
++ unsigned char dbuf[COOKIE_SIZE];
+ unsigned char *old;
+ isc_stdtime_t now;
+ isc_uint32_t when;
+ isc_uint32_t nonce;
+ isc_buffer_t db;
+
++ /*
++ * If we have already seen a ECS option skip this ECS option.
++ */
++ if ((client->attributes & NS_CLIENTATTR_WANTSIT) != 0) {
++ isc_buffer_forward(buf, optlen);
++ return;
++ }
+ client->attributes |= NS_CLIENTATTR_WANTSIT;
+
+ isc_stats_increment(ns_g_server->nsstats,
+ dns_nsstatscounter_sitopt);
+
+- if (optlen != SIT_SIZE) {
++ if (optlen != COOKIE_SIZE) {
+ /*
+ * Not our token.
+ */
+@@ -1717,14 +1727,13 @@ process_sit(ns_client_t *client, isc_buffer_t *buf, size_t optlen) {
+ isc_buffer_init(&db, dbuf, sizeof(dbuf));
+ compute_sit(client, when, nonce, &db);
+
+- if (!isc_safe_memequal(old, dbuf, SIT_SIZE)) {
++ if (!isc_safe_memequal(old, dbuf, COOKIE_SIZE)) {
+ isc_stats_increment(ns_g_server->nsstats,
+ dns_nsstatscounter_sitnomatch);
+ return;
+ }
+ isc_stats_increment(ns_g_server->nsstats,
+ dns_nsstatscounter_sitmatch);
+-
+ client->attributes |= NS_CLIENTATTR_HAVESIT;
+ }
+ #endif
+@@ -1783,7 +1792,9 @@ process_opt(ns_client_t *client, dns_rdataset_t *opt) {
+ optlen = isc_buffer_getuint16(&optbuf);
+ switch (optcode) {
+ case DNS_OPT_NSID:
+- isc_stats_increment(ns_g_server->nsstats,
++ if (!WANTNSID(client))
++ isc_stats_increment(
++ ns_g_server->nsstats,
+ dns_nsstatscounter_nsidopt);
+ client->attributes |= NS_CLIENTATTR_WANTNSID;
+ isc_buffer_forward(&optbuf, optlen);
+@@ -1794,7 +1805,9 @@ process_opt(ns_client_t *client, dns_rdataset_t *opt) {
+ break;
+ #endif
+ case DNS_OPT_EXPIRE:
+- isc_stats_increment(ns_g_server->nsstats,
++ if (!WANTEXPIRE(client))
++ isc_stats_increment(
++ ns_g_server->nsstats,
+ dns_nsstatscounter_expireopt);
+ client->attributes |= NS_CLIENTATTR_WANTEXPIRE;
+ isc_buffer_forward(&optbuf, optlen);
+diff --git a/doc/arm/notes.xml b/doc/arm/notes.xml
+index ebf4f55..095eb5b 100644
+--- a/doc/arm/notes.xml
++++ b/doc/arm/notes.xml
+@@ -51,6 +51,13 @@
+ <title>Security Fixes</title>
+ <itemizedlist>
+ <listitem>
++ <para>
++ Duplicate EDNS COOKIE options in a response could trigger
++ an assertion failure. This flaw is disclosed in CVE-2016-2088.
++ [RT #41809]
++ </para>
++ </listitem>
++ <listitem>
+ <para>
+ Specific APL data could trigger an INSIST. This flaw
+ was discovered by Brian Mitchell and is disclosed in
+diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c
+index a797e3f..ba1ae23 100644
+--- a/lib/dns/resolver.c
++++ b/lib/dns/resolver.c
+@@ -7502,7 +7502,9 @@ process_opt(resquery_t *query, dns_rdataset_t *opt) {
+ unsigned char *sit;
+ dns_adbaddrinfo_t *addrinfo;
+ unsigned char cookie[8];
++ isc_boolean_t seen_cookie = ISC_FALSE;
+ #endif
++ isc_boolean_t seen_nsid = ISC_FALSE;
+
+ result = dns_rdataset_first(opt);
+ if (result == ISC_R_SUCCESS) {
+@@ -7516,14 +7518,23 @@ process_opt(resquery_t *query, dns_rdataset_t *opt) {
+ INSIST(optlen <= isc_buffer_remaininglength(&optbuf));
+ switch (optcode) {
+ case DNS_OPT_NSID:
+- if (query->options & DNS_FETCHOPT_WANTNSID)
++ if (!seen_nsid &&
++ query->options & DNS_FETCHOPT_WANTNSID)
+ log_nsid(&optbuf, optlen, query,
+ ISC_LOG_DEBUG(3),
+ query->fctx->res->mctx);
+ isc_buffer_forward(&optbuf, optlen);
++ seen_nsid = ISC_TRUE;
+ break;
+ #ifdef ISC_PLATFORM_USESIT
+ case DNS_OPT_COOKIE:
++ /*
++ * Only process the first cookie option.
++ */
++ if (seen_cookie) {
++ isc_buffer_forward(&optbuf, optlen);
++ break;
++ }
+ sit = isc_buffer_current(&optbuf);
+ compute_cc(query, cookie, sizeof(cookie));
+ INSIST(query->fctx->rmessage->sitbad == 0 &&
+@@ -7541,6 +7552,7 @@ process_opt(resquery_t *query, dns_rdataset_t *opt) {
+ isc_buffer_forward(&optbuf, optlen);
+ inc_stats(query->fctx->res,
+ dns_resstatscounter_sitin);
++ seen_cookie = ISC_TRUE;
+ break;
+ #endif
+ default:
+--
+2.1.4
+
diff --git a/yocto-poky/meta/recipes-connectivity/bind/bind_9.10.2-P4.bb b/yocto-poky/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb
index 19f87d793..1e3a20f9a 100644
--- a/yocto-poky/meta/recipes-connectivity/bind/bind_9.10.2-P4.bb
+++ b/yocto-poky/meta/recipes-connectivity/bind/bind_9.10.3-P3.bb
@@ -21,14 +21,14 @@ SRC_URI = "ftp://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.gz \
file://bind-ensure-searching-for-json-headers-searches-sysr.patch \
file://0001-gen.c-extend-DIRNAMESIZE-from-256-to-512.patch \
file://0001-lib-dns-gen.c-fix-too-long-error.patch \
- file://CVE-2015-8704.patch \
- file://CVE-2015-8705.patch \
- file://CVE-2015-8000.patch \
- file://CVE-2015-8461.patch \
+ file://CVE-2016-1285.patch \
+ file://CVE-2016-1286_1.patch \
+ file://CVE-2016-1286_2.patch \
+ file://CVE-2016-2088.patch \
"
-SRC_URI[md5sum] = "8b1f5064837756c938eadc1537dec5c7"
-SRC_URI[sha256sum] = "c00b21ec1def212957f28efe9d10aac52d6ec515e84fbf2c42143f5d71429cb8"
+SRC_URI[md5sum] = "bcf7e772b616f7259420a3edc5df350a"
+SRC_URI[sha256sum] = "690810d1fbb72afa629e74638d19cd44e28d2b2e5eb63f55c705ad85d1a4cb83"
ENABLE_IPV6 = "--enable-ipv6=${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'yes', 'no', d)}"
EXTRA_OECONF = " ${ENABLE_IPV6} --with-randomdev=/dev/random --disable-threads \
@@ -39,11 +39,14 @@ EXTRA_OECONF = " ${ENABLE_IPV6} --with-randomdev=/dev/random --disable-threads \
"
inherit autotools update-rc.d systemd useradd pkgconfig
-PACKAGECONFIG ?= ""
+# PACKAGECONFIGs readline and libedit should NOT be set at same time
+PACKAGECONFIG ?= "readline"
PACKAGECONFIG[httpstats] = "--with-libxml2,--without-libxml2,libxml2"
+PACKAGECONFIG[readline] = "--with-readline=-lreadline,,readline"
+PACKAGECONFIG[libedit] = "--with-readline=-ledit,,libedit"
USERADD_PACKAGES = "${PN}"
-USERADD_PARAM_${PN} = "--system --home /var/cache/bind --no-create-home \
+USERADD_PARAM_${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \
--user-group bind"
INITSCRIPT_NAME = "bind"
@@ -73,7 +76,7 @@ do_install_append() {
rm "${D}${mandir}/man1/nslookup.1"
rmdir "${D}${localstatedir}/run"
rmdir --ignore-fail-on-non-empty "${D}${localstatedir}"
- install -d "${D}${localstatedir}/cache/bind"
+ install -d -o bind "${D}${localstatedir}/cache/bind"
install -d "${D}${sysconfdir}/bind"
install -d "${D}${sysconfdir}/init.d"
install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/"
@@ -81,7 +84,6 @@ do_install_append() {
sed -i -e '1s,#!.*python,#! /usr/bin/env python,' ${D}${sbindir}/dnssec-coverage ${D}${sbindir}/dnssec-checkds
# Install systemd related files
- install -d ${D}${localstatedir}/cache/bind
install -d ${D}${sbindir}
install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir}
install -d ${D}${systemd_unitdir}/system
diff --git a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5.inc b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5.inc
index df42c88b9..a508229a3 100644
--- a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5.inc
+++ b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -18,10 +18,14 @@ PACKAGECONFIG[experimental] = "--enable-experimental,--disable-experimental,"
SRC_URI = "\
${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \
+ file://init \
+ file://run-ptest \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \
+ file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \
"
S = "${WORKDIR}/bluez-${PV}"
-inherit autotools-brokensep pkgconfig systemd
+inherit autotools-brokensep pkgconfig systemd update-rc.d distro_features_check ptest
EXTRA_OECONF = "\
--enable-tools \
@@ -42,6 +46,9 @@ NOINST_TOOLS = " \
"
do_install_append() {
+ install -d ${D}${INIT_D_DIR}
+ install -m 0755 ${WORKDIR}/init ${D}${INIT_D_DIR}/bluetooth
+
install -d ${D}${sysconfdir}/bluetooth/
if [ -f ${S}/profiles/audio/audio.conf ]; then
install -m 0644 ${S}/profiles/audio/audio.conf ${D}/${sysconfdir}/bluetooth/
@@ -53,8 +60,6 @@ do_install_append() {
install -m 0644 ${S}/profiles/input/input.conf ${D}/${sysconfdir}/bluetooth/
fi
- install -m 0644 ${S}/src/bluetooth.conf ${D}/${sysconfdir}/dbus-1/system.d/
-
# Install desired tools that upstream leaves in build area
for f in ${NOINST_TOOLS} ; do
install -m 755 ${B}/$f ${D}/${bindir}
@@ -89,16 +94,19 @@ def get_noinst_tools_paths (d, bb, tools):
FILES_${PN}-noinst-tools = "${@get_noinst_tools_paths(d, bb, d.getVar('NOINST_TOOLS', True))}"
-FILES_${PN}-dbg += "\
- ${libexecdir}/bluetooth/.debug \
- ${libdir}/bluetooth/plugins/.debug \
- ${libdir}/*/.debug \
- */udev/.debug \
- */*/udev/.debug \
- "
-
RDEPENDS_${PN}-testtools += "python python-dbus python-pygobject"
SYSTEMD_SERVICE_${PN} = "bluetooth.service"
+INITSCRIPT_PACKAGES = "${PN}"
+INITSCRIPT_NAME_${PN} = "bluetooth"
EXCLUDE_FROM_WORLD = "1"
+
+do_compile_ptest() {
+ oe_runmake buildtests
+}
+
+do_install_ptest() {
+ cp -r ${B}/unit/ ${D}${PTEST_PATH}
+ rm ${D}${PTEST_PATH}/unit/*.c ${D}${PTEST_PATH}/unit/*.o
+}
diff --git a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch
new file mode 100644
index 000000000..2fde7bc06
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch
@@ -0,0 +1,63 @@
+From: Giovanni Campagna <gcampagna-cNUdlRotFMnNLxjTenLetw@public.gmane.org>
+Date: Sat, 12 Oct 2013 17:45:25 +0200
+Subject: [PATCH] Allow using obexd without systemd in the user session
+
+Not all sessions run systemd --user (actually, the majority
+doesn't), so the dbus daemon must be able to spawn obexd
+directly, and to do so it needs the full path of the daemon.
+
+Upstream-Status: Denied
+
+Not accepted by upstream maintainer for being a distro specific
+configuration. See thread:
+
+http://thread.gmane.org/gmane.linux.bluez.kernel/38725/focus=38843
+
+Signed-off-by: Javier Viguera <javier.viguera@digi.com>
+---
+ Makefile.obexd | 4 ++--
+ obexd/src/org.bluez.obex.service | 4 ----
+ obexd/src/org.bluez.obex.service.in | 4 ++++
+ 3 files changed, 6 insertions(+), 6 deletions(-)
+ delete mode 100644 obexd/src/org.bluez.obex.service
+ create mode 100644 obexd/src/org.bluez.obex.service.in
+
+diff --git a/Makefile.obexd b/Makefile.obexd
+index 2e33cbc72f2b..d5d858c857b4 100644
+--- a/Makefile.obexd
++++ b/Makefile.obexd
+@@ -2,12 +2,12 @@
+ if SYSTEMD
+ systemduserunitdir = @SYSTEMD_USERUNITDIR@
+ systemduserunit_DATA = obexd/src/obex.service
++endif
+
+ dbussessionbusdir = @DBUS_SESSIONBUSDIR@
+ dbussessionbus_DATA = obexd/src/org.bluez.obex.service
+-endif
+
+-EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service
++EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service.in
+
+ obex_plugindir = $(libdir)/obex/plugins
+
+diff --git a/obexd/src/org.bluez.obex.service b/obexd/src/org.bluez.obex.service
+deleted file mode 100644
+index a53808884554..000000000000
+--- a/obexd/src/org.bluez.obex.service
++++ /dev/null
+@@ -1,4 +0,0 @@
+-[D-BUS Service]
+-Name=org.bluez.obex
+-Exec=/bin/false
+-SystemdService=dbus-org.bluez.obex.service
+diff --git a/obexd/src/org.bluez.obex.service.in b/obexd/src/org.bluez.obex.service.in
+new file mode 100644
+index 000000000000..9c815f246b77
+--- /dev/null
++++ b/obexd/src/org.bluez.obex.service.in
+@@ -0,0 +1,4 @@
++[D-BUS Service]
++Name=org.bluez.obex
++Exec=@libexecdir@/obexd
++SystemdService=dbus-org.bluez.obex.service
diff --git a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch
new file mode 100644
index 000000000..24ddae6b6
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch
@@ -0,0 +1,28 @@
+From 4bdf0f96dcaa945fd29f26d56e5b36d8c23e4c8b Mon Sep 17 00:00:00 2001
+From: Alexander Kanavin <alex.kanavin@gmail.com>
+Date: Fri, 1 Apr 2016 17:07:34 +0300
+Subject: [PATCH] tests: add a target for building tests without running them
+
+Upstream-Status: Inappropriate [oe specific]
+Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
+---
+ Makefile.am | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/Makefile.am b/Makefile.am
+index 1a48a71..ba3b92f 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -425,6 +425,9 @@ endif
+ TESTS = $(unit_tests)
+ AM_TESTS_ENVIRONMENT = MALLOC_CHECK_=3 MALLOC_PERTURB_=69
+
++# This allows building tests without running them
++buildtests: $(TESTS)
++
+ if DBUS_RUN_SESSION
+ AM_TESTS_ENVIRONMENT += dbus-run-session --
+ endif
+--
+2.8.0.rc3
+
diff --git a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/init b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/init
new file mode 100644
index 000000000..1606a5c66
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/init
@@ -0,0 +1,68 @@
+#!/bin/sh
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DESC=bluetooth
+
+DAEMON=/usr/lib/bluez5/bluetooth/bluetoothd
+
+# If you want to be ignore error of "org.freedesktop.hostname1",
+# please enable NOPLUGIN_OPTION.
+# NOPLUGIN_OPTION="--noplugin=hostname"
+NOPLUGIN_OPTION=""
+SSD_OPTIONS="--oknodo --quiet --exec $DAEMON -- $NOPLUGIN_OPTION"
+
+test -f $DAEMON || exit 0
+
+# FIXME: any of the sourced files may fail if/with syntax errors
+test -f /etc/default/bluetooth && . /etc/default/bluetooth
+test -f /etc/default/rcS && . /etc/default/rcS
+
+set -e
+
+case $1 in
+ start)
+ echo "Starting $DESC"
+
+ if test "$BLUETOOTH_ENABLED" = 0; then
+ echo "disabled. see /etc/default/bluetooth"
+ exit 0
+ fi
+
+ start-stop-daemon --start --background $SSD_OPTIONS
+ echo "${DAEMON##*/}"
+
+ ;;
+ stop)
+ echo "Stopping $DESC"
+ if test "$BLUETOOTH_ENABLED" = 0; then
+ echo "disabled."
+ exit 0
+ fi
+ start-stop-daemon --stop $SSD_OPTIONS
+ echo "${DAEMON}"
+ ;;
+ restart|force-reload)
+ $0 stop
+ sleep 1
+ $0 start
+ ;;
+ status)
+ pidof ${DAEMON} >/dev/null
+ status=$?
+ if [ $status -eq 0 ]; then
+ echo "bluetooth is running."
+ else
+ echo "bluetooth is not running"
+ fi
+ exit $status
+ ;;
+ *)
+ N=/etc/init.d/bluetooth
+ echo "Usage: $N {start|stop|restart|force-reload|status}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0
+
+# vim:noet
diff --git a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/run-ptest b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/run-ptest
new file mode 100644
index 000000000..21df00c32
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5/run-ptest
@@ -0,0 +1,31 @@
+#! /bin/sh
+
+cd unit
+
+failed=0
+all=0
+
+for f in test-*; do
+ "./$f"
+ case "$?" in
+ 0)
+ echo "PASS: $f"
+ all=$((all + 1))
+ ;;
+ 77)
+ echo "SKIP: $f"
+ ;;
+ *)
+ echo "FAIL: $f"
+ failed=$((failed + 1))
+ all=$((all + 1))
+ ;;
+ esac
+done
+
+if [ "$failed" -eq 0 ] ; then
+ echo "All $all tests passed"
+else
+ echo "$failed of $all tests failed"
+fi
+
diff --git a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5_5.33.bb b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5_5.37.bb
index 23c7397e1..db20f79ff 100644
--- a/yocto-poky/meta/recipes-connectivity/bluez5/bluez5_5.33.bb
+++ b/yocto-poky/meta/recipes-connectivity/bluez5/bluez5_5.37.bb
@@ -1,6 +1,9 @@
require bluez5.inc
-SRC_URI[md5sum] = "78782dc33d9a8b6344c4cc1af70c8a98"
-SRC_URI[sha256sum] = "1801807a13506678cbfeb15c6a4b89ecb5739efe1067eb464da6641d731436d3"
+
+REQUIRED_DISTRO_FEATURES = "bluez5"
+
+SRC_URI[md5sum] = "33177e5743e24b2b3738f72be64e3ffb"
+SRC_URI[sha256sum] = "c14ba9ddcb0055522073477b8fd8bf1ddf5d219e75fdfd4699b7e0ce5350d6b0"
# noinst programs in Makefile.tools that are conditional on READLINE
# support
diff --git a/yocto-poky/meta/recipes-connectivity/connman/connman-conf.bb b/yocto-poky/meta/recipes-connectivity/connman/connman-conf.bb
index 9254ed703..9a519ec86 100644
--- a/yocto-poky/meta/recipes-connectivity/connman/connman-conf.bb
+++ b/yocto-poky/meta/recipes-connectivity/connman/connman-conf.bb
@@ -4,8 +4,11 @@ network interface for a qemu machine."
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
+inherit systemd
+
SRC_URI_append_qemuall = " file://wired.config \
file://wired-setup \
+ file://wired-connection.service \
"
PR = "r2"
@@ -17,10 +20,17 @@ FILES_${PN} = "${localstatedir}/* ${datadir}/*"
do_install() {
#Configure Wired network interface in case of qemu* machines
- if test -e ${WORKDIR}/wired.config && test -e ${WORKDIR}/wired-setup; then
+ if test -e ${WORKDIR}/wired.config &&
+ test -e ${WORKDIR}/wired-setup &&
+ test -e ${WORKDIR}/wired-connection.service; then
install -d ${D}${localstatedir}/lib/connman
install -m 0644 ${WORKDIR}/wired.config ${D}${localstatedir}/lib/connman
install -d ${D}${datadir}/connman
install -m 0755 ${WORKDIR}/wired-setup ${D}${datadir}/connman
+ install -d ${D}${systemd_system_unitdir}
+ install -m 0644 ${WORKDIR}/wired-connection.service ${D}${systemd_system_unitdir}
+ sed -i -e 's|@SCRIPTDIR@|${datadir}/connman|g' ${D}${systemd_system_unitdir}/wired-connection.service
fi
}
+
+SYSTEMD_SERVICE_${PN}_qemuall = "wired-connection.service"
diff --git a/yocto-poky/meta/recipes-connectivity/connman/connman-conf/qemuall/wired-connection.service b/yocto-poky/meta/recipes-connectivity/connman/connman-conf/qemuall/wired-connection.service
new file mode 100644
index 000000000..48adfc08a
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/connman/connman-conf/qemuall/wired-connection.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=Setup a wired interface
+Before=connman.service
+
+[Service]
+Type=oneshot
+ExecStart=@SCRIPTDIR@/wired-setup
+
+[Install]
+WantedBy=network.target
diff --git a/yocto-poky/meta/recipes-connectivity/connman/connman.inc b/yocto-poky/meta/recipes-connectivity/connman/connman.inc
index afdb3f2d0..c3752514c 100644
--- a/yocto-poky/meta/recipes-connectivity/connman/connman.inc
+++ b/yocto-poky/meta/recipes-connectivity/connman/connman.inc
@@ -15,7 +15,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \
inherit autotools pkgconfig systemd update-rc.d bluetooth
-DEPENDS = "dbus glib-2.0 ppp iptables"
+DEPENDS = "dbus glib-2.0 ppp iptables readline"
INC_PR = "r20"
@@ -43,7 +43,7 @@ PACKAGECONFIG ??= "wispr \
# local.conf or distro config
# PACKAGECONFIG_append_pn-connman = " openvpn vpnc l2tp pptp"
-PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/,--with-systemdunitdir="
+PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_unitdir}/system/ --with-tmpfilesdir=${sysconfdir}/tmpfiles.d/,--with-systemdunitdir='' --with-tmpfilesdir=''"
PACKAGECONFIG[wifi] = "--enable-wifi, --disable-wifi, wpa-supplicant, wpa-supplicant"
PACKAGECONFIG[bluez] = "--enable-bluetooth, --disable-bluetooth, ${BLUEZ}, ${BLUEZ}"
PACKAGECONFIG[3g] = "--enable-ofono, --disable-ofono, ofono, ofono"
@@ -68,11 +68,7 @@ python __anonymous () {
SYSTEMD_SERVICE_${PN} = "connman.service"
SYSTEMD_SERVICE_${PN}-vpn = "connman-vpn.service"
-SYSTEMD_WIRED_SETUP = "ExecStartPre=-${datadir}/connman/wired-setup"
-
-do_compile_append() {
- sed -i "s#ExecStart=#${SYSTEMD_WIRED_SETUP}\nExecStart=#" ${B}/src/connman.service
-}
+SYSTEMD_SERVICE_${PN}-wait-online = "connman-wait-online.service"
do_install_append() {
if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then
@@ -142,23 +138,26 @@ python populate_packages_prepend() {
PACKAGES =+ "${PN}-tools ${PN}-tests ${PN}-client"
FILES_${PN}-tools = "${bindir}/wispr"
+RDEPENDS_${PN}-tools ="${PN}"
FILES_${PN}-tests = "${bindir}/*-test ${libdir}/${BPN}/test/*"
-RDEPENDS_${PN}-tests = "python-dbus python-pygobject python-textutils python-subprocess python-fcntl python-netclient"
+RDEPENDS_${PN}-tests = "python-dbus python-pygobject python-textutils python-subprocess python-fcntl python-netclient \
+ ${PN} \
+"
FILES_${PN}-client = "${bindir}/connmanctl"
+RDEPENDS_${PN}-client ="${PN}"
FILES_${PN} = "${bindir}/* ${sbindir}/* ${libexecdir}/* ${libdir}/lib*.so.* \
${libdir}/connman/plugins \
${sysconfdir} ${sharedstatedir} ${localstatedir} \
${base_bindir}/* ${base_sbindir}/* ${base_libdir}/*.so* ${datadir}/${PN} \
- ${datadir}/dbus-1/system-services/*"
-
-FILES_${PN}-dbg += "${libdir}/connman/*/.debug"
+ ${datadir}/dbus-1/system-services/* \
+ ${sysconfdir}/tmpfiles.d/connman_resolvconf.conf"
FILES_${PN}-dev += "${libdir}/connman/*/*.la"
-PACKAGES =+ "${PN}-vpn"
+PACKAGES =+ "${PN}-vpn ${PN}-wait-online"
SUMMARY_${PN}-vpn = "A daemon for managing VPN connections within embedded devices"
DESCRIPTION_${PN}-vpn = "The ConnMan VPN provides a daemon for \
@@ -172,6 +171,12 @@ FILES_${PN}-vpn += "${sbindir}/connman-vpnd \
${datadir}/dbus-1/system-services/net.connman.vpn.service \
${systemd_unitdir}/system/connman-vpn.service"
+SUMMARY_${PN}-wait-online = "A program that will return once ConnMan has connected to a network"
+DESCRIPTION_${PN}-wait-online = "A service that can be enabled so that \
+the system waits until a network connection is established."
+FILES_${PN}-wait-online += "${sbindir}/connmand-wait-online \
+ ${systemd_unitdir}/system/connman-wait-online.service"
+
SUMMARY_${PN}-plugin-vpn-openvpn = "An OpenVPN plugin for ConnMan VPN"
DESCRIPTION_${PN}-plugin-vpn-openvpn = "The ConnMan OpenVPN plugin uses openvpn client \
to create a VPN connection to OpenVPN server."
diff --git a/yocto-poky/meta/recipes-connectivity/connman/connman/0001-iptables-Add-missing-function-item-of-xtables-to-mat.patch b/yocto-poky/meta/recipes-connectivity/connman/connman/0001-iptables-Add-missing-function-item-of-xtables-to-mat.patch
new file mode 100644
index 000000000..1b5a3e440
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/connman/connman/0001-iptables-Add-missing-function-item-of-xtables-to-mat.patch
@@ -0,0 +1,42 @@
+From acea08a0e4234a4c1a87bedc087c73ff36de0c7b Mon Sep 17 00:00:00 2001
+From: Wu Zheng <wu.zheng@intel.com>
+Date: Thu, 28 Jan 2016 18:04:17 +0800
+Subject: [PATCH] iptables: Add missing function item of xtables to match
+ iptables 1.6
+
+The struct of xtables_globals has been modified in iptables 1.6.
+If connman runs with iptables 1.6, it can crash.
+
+Program received signal SIGSEGV, Segmentation fault.
+0x00000000 in ?? ()
+0xb7dea89c in xtables_find_target () from /usr/lib/libxtables.so.11
+0xb7deac1c in ?? () from /usr/lib/libxtables.so.11
+0xb7dea793 in xtables_find_target () from /usr/lib/libxtables.so.11
+
+The the missing function item of xtables is added to xtables_globals.
+
+Upstream-Status: Backport
+
+Signed-off-by: Maxin B. John <maxin.john@intel.com>
+Signed-off-by: Wu Zheng <wu.zheng@intel.com>
+---
+ src/iptables.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/iptables.c b/src/iptables.c
+index bc0c763..5ef757a 100644
+--- a/src/iptables.c
++++ b/src/iptables.c
+@@ -1566,6 +1566,9 @@ struct xtables_globals iptables_globals = {
+ .option_offset = 0,
+ .opts = iptables_opts,
+ .orig_opts = iptables_opts,
++#if XTABLES_VERSION_CODE > 10
++ .compat_rev = xtables_compatible_revision,
++#endif
+ };
+
+ static struct xtables_target *prepare_target(struct connman_iptables *table,
+--
+2.4.0
+
diff --git a/yocto-poky/meta/recipes-connectivity/connman/connman/0003-Fix-header-inclusions-for-musl.patch b/yocto-poky/meta/recipes-connectivity/connman/connman/0003-Fix-header-inclusions-for-musl.patch
index 6327aa2cb..eefc6834b 100644
--- a/yocto-poky/meta/recipes-connectivity/connman/connman/0003-Fix-header-inclusions-for-musl.patch
+++ b/yocto-poky/meta/recipes-connectivity/connman/connman/0003-Fix-header-inclusions-for-musl.patch
@@ -14,10 +14,10 @@ Upstream-Status: Pending
tools/dnsproxy-test.c | 1 +
5 files changed, 3 insertions(+), 5 deletions(-)
-diff --git a/gweb/gresolv.c b/gweb/gresolv.c
-index 3ad8e70..61d6fe8 100644
---- a/gweb/gresolv.c
-+++ b/gweb/gresolv.c
+Index: connman-1.30/gweb/gresolv.c
+===================================================================
+--- connman-1.30.orig/gweb/gresolv.c
++++ connman-1.30/gweb/gresolv.c
@@ -28,6 +28,7 @@
#include <stdarg.h>
#include <string.h>
@@ -26,10 +26,10 @@ index 3ad8e70..61d6fe8 100644
#include <resolv.h>
#include <sys/types.h>
#include <sys/socket.h>
-diff --git a/plugins/wifi.c b/plugins/wifi.c
-index dfe849f..99cff3f 100644
---- a/plugins/wifi.c
-+++ b/plugins/wifi.c
+Index: connman-1.30/plugins/wifi.c
+===================================================================
+--- connman-1.30.orig/plugins/wifi.c
++++ connman-1.30/plugins/wifi.c
@@ -30,9 +30,8 @@
#include <string.h>
#include <sys/ioctl.h>
@@ -41,10 +41,10 @@ index dfe849f..99cff3f 100644
#ifndef IFF_LOWER_UP
#define IFF_LOWER_UP 0x10000
-diff --git a/src/tethering.c b/src/tethering.c
-index ceeec74..c44cb36 100644
---- a/src/tethering.c
-+++ b/src/tethering.c
+Index: connman-1.30/src/tethering.c
+===================================================================
+--- connman-1.30.orig/src/tethering.c
++++ connman-1.30/src/tethering.c
@@ -31,10 +31,8 @@
#include <stdio.h>
#include <sys/ioctl.h>
@@ -56,10 +56,10 @@ index ceeec74..c44cb36 100644
#include <netinet/in.h>
#include <linux/if_bridge.h>
-diff --git a/tools/dhcp-test.c b/tools/dhcp-test.c
-index c34e10a..eae66fc 100644
---- a/tools/dhcp-test.c
-+++ b/tools/dhcp-test.c
+Index: connman-1.30/tools/dhcp-test.c
+===================================================================
+--- connman-1.30.orig/tools/dhcp-test.c
++++ connman-1.30/tools/dhcp-test.c
@@ -33,7 +33,6 @@
#include <arpa/inet.h>
#include <net/route.h>
@@ -68,10 +68,10 @@ index c34e10a..eae66fc 100644
#include <gdhcp/gdhcp.h>
-diff --git a/tools/dnsproxy-test.c b/tools/dnsproxy-test.c
-index 551cae9..226ba86 100644
---- a/tools/dnsproxy-test.c
-+++ b/tools/dnsproxy-test.c
+Index: connman-1.30/tools/dnsproxy-test.c
+===================================================================
+--- connman-1.30.orig/tools/dnsproxy-test.c
++++ connman-1.30/tools/dnsproxy-test.c
@@ -27,6 +27,7 @@
#include <stdlib.h>
#include <string.h>
@@ -80,6 +80,39 @@ index 551cae9..226ba86 100644
#include <arpa/inet.h>
#include <netinet/in.h>
#include <sys/types.h>
---
-2.5.1
-
+Index: connman-1.30/configure.ac
+===================================================================
+--- connman-1.30.orig/configure.ac
++++ connman-1.30/configure.ac
+@@ -173,6 +173,8 @@ AM_CONDITIONAL(PPTP_BUILTIN, test "${ena
+
+ AC_CHECK_HEADERS([execinfo.h])
+
++AC_CHECK_MEMBERS([struct in6_pktinfo.ipi6_addr], [], [], [[#include <netinet/in.h>]])
++
+ AC_CHECK_HEADERS(resolv.h, dummy=yes,
+ AC_MSG_ERROR(resolver header files are required))
+ AC_CHECK_LIB(resolv, ns_initparse, dummy=yes, [
+Index: connman-1.30/gdhcp/common.h
+===================================================================
+--- connman-1.30.orig/gdhcp/common.h
++++ connman-1.30/gdhcp/common.h
+@@ -19,6 +19,7 @@
+ *
+ */
+
++#include <config.h>
+ #include <netinet/udp.h>
+ #include <netinet/ip.h>
+
+@@ -170,8 +171,8 @@ static const uint8_t dhcp_option_lengths
+ [OPTION_U32] = 4,
+ };
+
+-/* already defined within netinet/in.h if using GNU compiler */
+-#ifndef __USE_GNU
++/* already defined within netinet/in.h if using GNU or musl libc */
++#ifndef HAVE_STRUCT_IN6_PKTINFO_IPI6_ADDR
+ struct in6_pktinfo {
+ struct in6_addr ipi6_addr; /* src/dst IPv6 address */
+ unsigned int ipi6_ifindex; /* send/recv interface index */
diff --git a/yocto-poky/meta/recipes-connectivity/connman/connman_1.30.bb b/yocto-poky/meta/recipes-connectivity/connman/connman_1.31.bb
index 7d65ac931..e71d2218a 100644
--- a/yocto-poky/meta/recipes-connectivity/connman/connman_1.30.bb
+++ b/yocto-poky/meta/recipes-connectivity/connman/connman_1.31.bb
@@ -5,10 +5,11 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
file://0001-Detect-backtrace-API-availability-before-using-it.patch \
file://0002-resolve-musl-does-not-implement-res_ninit.patch \
file://0003-Fix-header-inclusions-for-musl.patch \
+ file://0001-iptables-Add-missing-function-item-of-xtables-to-mat.patch \
file://connman \
"
-SRC_URI[md5sum] = "4a3efdbd6796922db9c6f66da57887fa"
-SRC_URI[sha256sum] = "5c5e464bacc9c27ed4e7269fb9b5059f07947f5be26433b59212133663ffa991"
+SRC_URI[md5sum] = "cb1c413fcc4f49430294bbd7a92f5f3c"
+SRC_URI[sha256sum] = "88fcf0b6df334796b90e2fd2e434d6f5b36cd6f13b886a119b8c90276b72b8e2"
RRECOMMENDS_${PN} = "connman-conf"
diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp.inc b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp.inc
index d883a8df4..5e396f159 100644
--- a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp.inc
+++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp.inc
@@ -18,9 +18,16 @@ SRC_URI = "ftp://ftp.isc.org/isc/dhcp/${PV}/dhcp-${PV}.tar.gz \
file://init-server file://default-server \
file://dhclient.conf file://dhcpd.conf \
file://dhcpd.service file://dhcrelay.service \
- file://dhcpd6.service "
+ file://dhcpd6.service \
+ file://search-for-libxml2.patch "
-inherit autotools systemd
+UPSTREAM_CHECK_URI = "ftp://ftp.isc.org/isc/dhcp/"
+UPSTREAM_CHECK_REGEX = "(?P<pver>\d+\.\d+\.(\d+?))/"
+
+inherit autotools systemd useradd update-rc.d
+
+USERADD_PACKAGES = "${PN}-server"
+USERADD_PARAM_${PN}-server = "--system --no-create-home --home-dir /var/run/${PN} --shell /bin/false --user-group ${PN}"
SYSTEMD_PACKAGES = "${PN}-server ${PN}-relay"
SYSTEMD_SERVICE_${PN}-server = "dhcpd.service dhcpd6.service"
@@ -29,12 +36,17 @@ SYSTEMD_AUTO_ENABLE_${PN}-server = "disable"
SYSTEMD_SERVICE_${PN}-relay = "dhcrelay.service"
SYSTEMD_AUTO_ENABLE_${PN}-relay = "disable"
+INITSCRIPT_PACKAGES = "dhcp-server"
+INITSCRIPT_NAME_dhcp-server = "dhcp-server"
+INITSCRIPT_PARAMS_dhcp-server = "defaults"
+
TARGET_CFLAGS += "-D_GNU_SOURCE"
EXTRA_OECONF = "--with-srv-lease-file=${localstatedir}/lib/dhcp/dhcpd.leases \
--with-srv6-lease-file=${localstatedir}/lib/dhcp/dhcpd6.leases \
--with-cli-lease-file=${localstatedir}/lib/dhcp/dhclient.leases \
--with-cli6-lease-file=${localstatedir}/lib/dhcp/dhclient6.leases \
--with-libbind=${STAGING_LIBDIR}/ \
+ --enable-paranoia \
"
do_install_append () {
diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/0001-site.h-enable-gentle-shutdown.patch b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/0001-site.h-enable-gentle-shutdown.patch
new file mode 100644
index 000000000..434421230
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/0001-site.h-enable-gentle-shutdown.patch
@@ -0,0 +1,25 @@
+Upstream-Status: Inappropriate [configuration]
+
+Subject: [PATCH] site.h: enable gentle shutdown
+
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ includes/site.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/includes/site.h b/includes/site.h
+index 73fa4e8..9c33de3 100644
+--- a/includes/site.h
++++ b/includes/site.h
+@@ -280,7 +280,7 @@
+ situations. We plan to revisit this feature and may
+ make non-backwards compatible changes including the
+ removal of this define. Use at your own risk. */
+-/* #define ENABLE_GENTLE_SHUTDOWN */
++#define ENABLE_GENTLE_SHUTDOWN
+
+ /* Include old error codes. This is provided in case you
+ are building an external program similar to omshell for
+--
+1.9.1
+
diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605.patch b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605.patch
new file mode 100644
index 000000000..923d5d5c5
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2015-8605.patch
@@ -0,0 +1,99 @@
+Solves CVE-2015-8605 that caused DoS when an invalid lenght field in IPv4 UDP
+was recived by the server.
+
+Upstream-Status: Backport
+CVE: CVE-2015-8605
+
+Signed-off-by: Mariano Lopez <mariano.lopez@linux.intel.com>
+
+=======================================================================
+diff --git a/common/packet.c b/common/packet.c
+index b530432..e600e37 100644
+--- a/common/packet.c
++++ b/common/packet.c
+@@ -220,7 +220,28 @@ ssize_t decode_hw_header (interface, buf, bufix, from)
+ }
+ }
+
+-/* UDP header and IP header decoded together for convenience. */
++/*!
++ *
++ * \brief UDP header and IP header decoded together for convenience.
++ *
++ * Attempt to decode the UDP and IP headers and, if necessary, checksum
++ * the packet.
++ *
++ * \param inteface - the interface on which the packet was recevied
++ * \param buf - a pointer to the buffer for the received packet
++ * \param bufix - where to start processing the buffer, previous
++ * routines may have processed parts of the buffer already
++ * \param from - space to return the address of the packet sender
++ * \param buflen - remaining length of the buffer, this will have been
++ * decremented by bufix by the caller
++ * \param rbuflen - space to return the length of the payload from the udp
++ * header
++ * \param csum_ready - indication if the checksum is valid for use
++ * non-zero indicates the checksum should be validated
++ *
++ * \return - the index to the first byte of the udp payload (that is the
++ * start of the DHCP packet
++ */
+
+ ssize_t
+ decode_udp_ip_header(struct interface_info *interface,
+@@ -231,7 +252,7 @@ decode_udp_ip_header(struct interface_info *interface,
+ unsigned char *data;
+ struct ip ip;
+ struct udphdr udp;
+- unsigned char *upp, *endbuf;
++ unsigned char *upp;
+ u_int32_t ip_len, ulen, pkt_len;
+ static unsigned int ip_packets_seen = 0;
+ static unsigned int ip_packets_bad_checksum = 0;
+@@ -241,11 +262,8 @@ decode_udp_ip_header(struct interface_info *interface,
+ static unsigned int udp_packets_length_overflow = 0;
+ unsigned len;
+
+- /* Designate the end of the input buffer for bounds checks. */
+- endbuf = buf + bufix + buflen;
+-
+ /* Assure there is at least an IP header there. */
+- if ((buf + bufix + sizeof(ip)) > endbuf)
++ if (sizeof(ip) > buflen)
+ return -1;
+
+ /* Copy the IP header into a stack aligned structure for inspection.
+@@ -257,13 +275,17 @@ decode_udp_ip_header(struct interface_info *interface,
+ ip_len = (*upp & 0x0f) << 2;
+ upp += ip_len;
+
+- /* Check the IP packet length. */
++ /* Check packet lengths are within the buffer:
++ * first the ip header (ip_len)
++ * then the packet length from the ip header (pkt_len)
++ * then the udp header (ip_len + sizeof(udp)
++ * We are liberal in what we accept, the udp payload should fit within
++ * pkt_len, but we only check against the full buffer size.
++ */
+ pkt_len = ntohs(ip.ip_len);
+- if (pkt_len > buflen)
+- return -1;
+-
+- /* Assure after ip_len bytes that there is enough room for a UDP header. */
+- if ((upp + sizeof(udp)) > endbuf)
++ if ((ip_len > buflen) ||
++ (pkt_len > buflen) ||
++ ((ip_len + sizeof(udp)) > buflen))
+ return -1;
+
+ /* Copy the UDP header into a stack aligned structure for inspection. */
+@@ -284,7 +306,8 @@ decode_udp_ip_header(struct interface_info *interface,
+ return -1;
+
+ udp_packets_length_checked++;
+- if ((upp + ulen) > endbuf) {
++ /* verify that the payload length from the udp packet fits in the buffer */
++ if ((ip_len + ulen) > buflen) {
+ udp_packets_length_overflow++;
+ if (((udp_packets_length_checked > 4) &&
+ (udp_packets_length_overflow != 0)) &&
diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2016-2774.patch b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2016-2774.patch
new file mode 100644
index 000000000..4836dbc2a
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/CVE-2016-2774.patch
@@ -0,0 +1,65 @@
+From b9f56d578ebfd649b5d829960540859ac6ca931c Mon Sep 17 00:00:00 2001
+From: Catalin Enache <catalin.enache@windriver.com>
+Date: Tue, 12 Apr 2016 18:23:31 +0300
+Subject: [PATCH] Add patch to limit the value of an fd we accept for a
+ connection.
+
+By limiting the highest value we accept for an fd we limit the number
+of connections.
+
+Upstream-Status: Backport
+CVE: CVE-2016-2774
+
+Author: Shawn Routhier <sar@isc.org>
+Signed-off-by: Catalin Enache <catalin.enache@windriver.com>
+---
+ includes/site.h | 6 ++++++
+ omapip/listener.c | 9 +++++++--
+ 3 files changed, 18 insertions(+), 2 deletions(-)
+
+diff --git a/includes/site.h b/includes/site.h
+index 9c33de3..df020c8 100644
+--- a/includes/site.h
++++ b/includes/site.h
+@@ -290,6 +290,12 @@
+ this option will be removed at some time. */
+ /* #define INCLUDE_OLD_DHCP_ISC_ERROR_CODES */
+
++/* Limit the value of a file descriptor the serve will use
++ when accepting a connecting request. This can be used to
++ limit the number of TCP connections that the server will
++ allow at one time. A value of 0 means there is no limit.*/
++#define MAX_FD_VALUE 200
++
+ /* Include definitions for various options. In general these
+ should be left as is, but if you have already defined one
+ of these and prefer your definition you can comment the
+diff --git a/omapip/listener.c b/omapip/listener.c
+index 8bdcdbd..61473cf 100644
+--- a/omapip/listener.c
++++ b/omapip/listener.c
+@@ -3,7 +3,7 @@
+ Subroutines that support the generic listener object. */
+
+ /*
+- * Copyright (c) 2012,2014 by Internet Systems Consortium, Inc. ("ISC")
++ * Copyright (c) 2012,2014,2016 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2004,2007,2009 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 1999-2003 by Internet Software Consortium
+ *
+@@ -233,7 +233,12 @@ isc_result_t omapi_accept (omapi_object_t *h)
+ return ISC_R_NORESOURCES;
+ return ISC_R_UNEXPECTED;
+ }
+-
++
++ if ((MAX_FD_VALUE != 0) && (socket > MAX_FD_VALUE)) {
++ close(socket);
++ return (ISC_R_NORESOURCES);
++ }
++
+ #if defined (TRACING)
+ /* If we're recording a trace, remember the connection. */
+ if (trace_record ()) {
+--
+2.7.4
diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch
index 12d3c9bdb..32bdaf08e 100644
--- a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch
+++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/define-macro-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch
@@ -1,6 +1,6 @@
define macro _PATH_DHCPD_CONF and _PATH_DHCLIENT_CONF
-Upstream-Status: inappropriate <oe specific>
+Upstream-Status: Inappropriate [OE specific]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fix-external-bind.patch b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fix-external-bind.patch
index a291fdaf5..956c5d8b5 100644
--- a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fix-external-bind.patch
+++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fix-external-bind.patch
@@ -6,24 +6,25 @@ this patch is to allow building with external bind
Signed-off-by: Qing He <qing.he@intel.com>
-Index: dhcp-4.3.0/Makefile.am
-===================================================================
---- dhcp-4.3.0.orig/Makefile.am
-+++ dhcp-4.3.0/Makefile.am
+Rebase the patch to 4.3.3
+Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
+---
+diff --git a/Makefile.am b/Makefile.am
+--- a/Makefile.am
++++ b/Makefile.am
@@ -25,7 +25,7 @@ EXTRA_DIST = RELNOTES LICENSE \
- bind/Makefile bind/bind.tar.gz bind/version.tmp \
+ bind/Makefile.in bind/bind.tar.gz bind/version.tmp \
common/tests/Atffile server/tests/Atffile
--SUBDIRS = bind includes tests common dst omapip client dhcpctl relay server
-+SUBDIRS = includes tests common dst omapip client dhcpctl relay server
+-SUBDIRS = bind includes tests common omapip client dhcpctl relay server
++SUBDIRS = includes tests common omapip client dhcpctl relay server
nobase_include_HEADERS = dhcpctl/dhcpctl.h
-Index: dhcp-4.3.0/client/Makefile.am
-===================================================================
---- dhcp-4.3.0.orig/client/Makefile.am
-+++ dhcp-4.3.0/client/Makefile.am
-@@ -4,8 +4,8 @@ dhclient_SOURCES = clparse.c dhclient.c
+diff --git a/client/Makefile.am b/client/Makefile.am
+--- a/client/Makefile.am
++++ b/client/Makefile.am
+@@ -10,8 +10,8 @@ dhclient_SOURCES = clparse.c dhclient.c dhc6.c \
scripts/bsdos scripts/freebsd scripts/linux scripts/macos \
scripts/netbsd scripts/nextstep scripts/openbsd \
scripts/solaris scripts/openwrt
@@ -34,22 +35,20 @@ Index: dhcp-4.3.0/client/Makefile.am
man_MANS = dhclient.8 dhclient-script.8 dhclient.conf.5 dhclient.leases.5
EXTRA_DIST = $(man_MANS)
-Index: dhcp-4.3.0/configure.ac
-===================================================================
---- dhcp-4.3.0.orig/configure.ac
-+++ dhcp-4.3.0/configure.ac
-@@ -566,6 +566,7 @@ no)
- libbind="$use_libbind"
+diff --git a/configure.ac b/configure.ac
+--- a/configure.ac
++++ b/configure.ac
+@@ -623,6 +623,7 @@ no)
+ fi
;;
esac
+AC_SUBST([libbind])
# OpenLDAP support.
AC_ARG_WITH(ldap,
-Index: dhcp-4.3.0/dhcpctl/Makefile.am
-===================================================================
---- dhcp-4.3.0.orig/dhcpctl/Makefile.am
-+++ dhcp-4.3.0/dhcpctl/Makefile.am
+diff --git a/dhcpctl/Makefile.am b/dhcpctl/Makefile.am
+--- a/dhcpctl/Makefile.am
++++ b/dhcpctl/Makefile.am
@@ -6,12 +6,12 @@ EXTRA_DIST = $(man_MANS)
omshell_SOURCES = omshell.c
@@ -67,10 +66,9 @@ Index: dhcp-4.3.0/dhcpctl/Makefile.am
- ../bind/lib/libisccfg.a ../bind/lib/libisc.a
+ $(libbind)/libirs.a $(libbind)/libdns.a \
+ $(libbind)/libisccfg.a $(libbind)/libisc.a
-Index: dhcp-4.3.0/omapip/Makefile.am
-===================================================================
---- dhcp-4.3.0.orig/omapip/Makefile.am
-+++ dhcp-4.3.0/omapip/Makefile.am
+diff --git a/omapip/Makefile.am b/omapip/Makefile.am
+--- a/omapip/Makefile.am
++++ b/omapip/Makefile.am
@@ -10,6 +10,6 @@ man_MANS = omapi.3
EXTRA_DIST = $(man_MANS)
@@ -80,11 +78,10 @@ Index: dhcp-4.3.0/omapip/Makefile.am
+svtest_LDADD = libomapi.a $(libbind)/libirs.a $(libbind)/libdns.a \
+ $(libbind)/libisccfg.a $(libbind)/libisc.a
-Index: dhcp-4.3.0/relay/Makefile.am
-===================================================================
---- dhcp-4.3.0.orig/relay/Makefile.am
-+++ dhcp-4.3.0/relay/Makefile.am
-@@ -3,8 +3,8 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localst
+diff --git a/relay/Makefile.am b/relay/Makefile.am
+--- a/relay/Makefile.am
++++ b/relay/Makefile.am
+@@ -3,8 +3,8 @@ AM_CPPFLAGS = -DLOCALSTATEDIR='"@localstatedir@"'
sbin_PROGRAMS = dhcrelay
dhcrelay_SOURCES = dhcrelay.c
dhcrelay_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
@@ -95,18 +92,24 @@ Index: dhcp-4.3.0/relay/Makefile.am
man_MANS = dhcrelay.8
EXTRA_DIST = $(man_MANS)
-Index: dhcp-4.3.0/server/Makefile.am
-===================================================================
---- dhcp-4.3.0.orig/server/Makefile.am
-+++ dhcp-4.3.0/server/Makefile.am
-@@ -14,8 +14,8 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c c
+diff --git a/server/Makefile.am b/server/Makefile.am
+--- a/server/Makefile.am
++++ b/server/Makefile.am
+@@ -14,10 +14,12 @@ dhcpd_SOURCES = dhcpd.c dhcp.c bootp.c confpars.c db.c class.c failover.c \
dhcpd_CFLAGS = $(LDAP_CFLAGS)
dhcpd_LDADD = ../common/libdhcp.a ../omapip/libomapi.a \
- ../dhcpctl/libdhcpctl.a ../bind/lib/libirs.a \
-- ../bind/lib/libdns.a ../bind/lib/libisccfg.a ../bind/lib/libisc.a
+- ../bind/lib/libdns.a ../bind/lib/libisccfg.a ../bind/lib/libisc.a \
+ ../dhcpctl/libdhcpctl.a $(libbind)/libirs.a \
-+ $(libbind)/libdns.a $(libbind)/libisccfg.a $(libbind)/libisc.a
++ $(libbind)/libdns.a $(libbind)/libisccfg.a $(libbind)/libisc.a \
+ $(LDAP_LIBS)
++ dhcpd_CFLAGS = $(LDAP_CFLAGS)
++
man_MANS = dhcpd.8 dhcpd.conf.5 dhcpd.leases.5
EXTRA_DIST = $(man_MANS)
+
+--
+1.9.1
+
diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch
index 14e75a37e..b3f8fdb0a 100644
--- a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch
+++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/fixsepbuild.patch
@@ -7,15 +7,6 @@ RP 2013/03/21
Rebase to 4.3.1
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
---
- client/Makefile.am | 6 ++++--
- common/Makefile.am | 2 +-
- dhcpctl/Makefile.am | 2 ++
- dst/Makefile.am | 2 +-
- omapip/Makefile.am | 2 ++
- relay/Makefile.am | 2 +-
- server/Makefile.am | 2 +-
- 7 files changed, 12 insertions(+), 6 deletions(-)
-
diff --git a/client/Makefile.am b/client/Makefile.am
index 8411960..1740f72 100644
--- a/client/Makefile.am
@@ -60,16 +51,6 @@ index 2987a53..cd72d75 100644
bin_PROGRAMS = omshell
lib_LIBRARIES = libdhcpctl.a
noinst_PROGRAMS = cltest
-diff --git a/dst/Makefile.am b/dst/Makefile.am
-index 8937fe8..a14798b 100644
---- a/dst/Makefile.am
-+++ b/dst/Makefile.am
-@@ -1,4 +1,4 @@
--AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5
-+AM_CPPFLAGS = -DMINIRES_LIB -DHMAC_MD5 -I$(top_srcdir)/includes
-
- lib_LIBRARIES = libdst.a
-
diff --git a/omapip/Makefile.am b/omapip/Makefile.am
index 5074479..9c0fab3 100644
--- a/omapip/Makefile.am
diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/search-for-libxml2.patch b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/search-for-libxml2.patch
new file mode 100644
index 000000000..a08a5b725
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp/search-for-libxml2.patch
@@ -0,0 +1,23 @@
+libdns requires libxml2 if bind was built with libxml2 support
+enabled. Compilation will fail for omapip/test.c in case
+lxml2 isn't used during the build. So, we add losely coupled
+search path which will pick up the lib if it is present.
+
+Signed-off-by: Awais Belal <awais_belal@mentor.com>
+Upstream-Status: Pending
+
+diff --git a/configure.ac b/configure.ac
+index c9dc8b5..85f59be 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -602,6 +602,10 @@ no)
+ esac
+ AC_SUBST([libbind])
+
++# We need to find libxml2 if bind was built with support enabled
++# otherwise we'll fail to build omapip/test.c
++AC_SEARCH_LIBS(xmlTextWriterStartElement, [xml2],)
++
+ # OpenLDAP support.
+ AC_ARG_WITH(ldap,
+ AS_HELP_STRING([--with-ldap],[enable OpenLDAP support in dhcpd (default is no)]),
diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp_4.3.2.bb b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp_4.3.3.bb
index b4a05fcd9..4e8cd272b 100644
--- a/yocto-poky/meta/recipes-connectivity/dhcp/dhcp_4.3.2.bb
+++ b/yocto-poky/meta/recipes-connectivity/dhcp/dhcp_4.3.3.bb
@@ -6,7 +6,10 @@ SRC_URI += "file://dhcp-3.0.3-dhclient-dbus.patch;striplevel=0 \
file://fixsepbuild.patch \
file://dhclient-script-drop-resolv.conf.dhclient.patch \
file://replace-ifconfig-route.patch \
+ file://CVE-2015-8605.patch \
+ file://0001-site.h-enable-gentle-shutdown.patch \
+ file://CVE-2016-2774.patch \
"
-SRC_URI[md5sum] = "5a284875dd2c12ddd388416d69156a67"
-SRC_URI[sha256sum] = "6246c9b358759f6cdcc45104caaf76e732a211dbbbbf64a21f499c8db1298165"
+SRC_URI[md5sum] = "c5577b09c9017cdd319a11ff6364268e"
+SRC_URI[sha256sum] = "553c4945b09b1c1b904c4780f34f72aaefa2fc8c6556715de0bc9d4e3d255ede"
diff --git a/yocto-poky/meta/recipes-connectivity/dhcp/files/init-server b/yocto-poky/meta/recipes-connectivity/dhcp/files/init-server
index 34c20852b..5e693adf7 100644
--- a/yocto-poky/meta/recipes-connectivity/dhcp/files/init-server
+++ b/yocto-poky/meta/recipes-connectivity/dhcp/files/init-server
@@ -20,7 +20,7 @@ case "$1" in
echo -n "Starting DHCP server: "
test -d /var/lib/dhcp/ || mkdir -p /var/lib/dhcp/
test -f /var/lib/dhcp/dhcpd.leases || touch /var/lib/dhcp/dhcpd.leases
- start-stop-daemon -S -x /usr/sbin/dhcpd -- -q $INTERFACES
+ start-stop-daemon -S -x /usr/sbin/dhcpd -- -q $INTERFACES -user dhcp -group dhcp
echo "."
;;
stop)
diff --git a/yocto-poky/meta/recipes-connectivity/iproute2/iproute2.inc b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2.inc
index 29f90629a..86e931063 100644
--- a/yocto-poky/meta/recipes-connectivity/iproute2/iproute2.inc
+++ b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2.inc
@@ -13,7 +13,7 @@ DEPENDS = "flex-native bison-native iptables elfutils"
inherit update-alternatives
-EXTRA_OEMAKE = "CC='${CC}' KERNEL_INCLUDE=${STAGING_INCDIR} DOCDIR=${docdir}/iproute2 SUBDIRS='lib tc ip' SBINDIR='${base_sbindir}' LIBDIR='${libdir}'"
+EXTRA_OEMAKE = "CC='${CC}' KERNEL_INCLUDE=${STAGING_INCDIR} DOCDIR=${docdir}/iproute2 SUBDIRS='lib tc ip bridge misc genl' SBINDIR='${base_sbindir}' LIBDIR='${libdir}'"
do_configure_append () {
sh configure ${STAGING_INCDIR}
@@ -32,11 +32,15 @@ do_install () {
# The .so files in iproute2-tc are modules, not traditional libraries
INSANE_SKIP_${PN}-tc = "dev-so"
-PACKAGES =+ "${PN}-tc"
+PACKAGES =+ "${PN}-tc ${PN}-lnstat ${PN}-ifstat ${PN}-genl ${PN}-rtacct ${PN}-nstat ${PN}-ss"
FILES_${PN}-tc = "${base_sbindir}/tc* \
${libdir}/tc/*.so"
-
-FILES_${PN}-dbg += "${libdir}/tc/.debug"
+FILES_${PN}-lnstat = "${base_sbindir}/lnstat ${base_sbindir}/ctstat ${base_sbindir}/rtstat"
+FILES_${PN}-ifstat = "${base_sbindir}/ifstat"
+FILES_${PN}-genl = "${base_sbindir}/genl"
+FILES_${PN}-rtacct = "${base_sbindir}/rtacct"
+FILES_${PN}-nstat = "${base_sbindir}/nstat"
+FILES_${PN}-ss = "${base_sbindir}/ss"
ALTERNATIVE_${PN} = "ip"
ALTERNATIVE_TARGET[ip] = "${base_sbindir}/ip.${BPN}"
diff --git a/yocto-poky/meta/recipes-connectivity/iproute2/iproute2/iproute2-4.3.0-musl.patch b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2/iproute2-4.3.0-musl.patch
new file mode 100644
index 000000000..1b415a511
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2/iproute2-4.3.0-musl.patch
@@ -0,0 +1,97 @@
+From 48596709d8ab59727b79a5c6db33ebb251c36543 Mon Sep 17 00:00:00 2001
+From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+Date: Thu, 19 Nov 2015 17:44:25 +0100
+Subject: [PATCH] Avoid in6_addr redefinition
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Due to both <netinet/in.h> and <linux/in6.h> being included, the
+in6_addr is being redefined: once from the C library headers and once
+from the kernel headers. This causes some build failures with for
+example the musl C library:
+
+In file included from ../include/linux/xfrm.h:4:0,
+ from xfrm.h:29,
+ from ipxfrm.c:39:
+../include/linux/in6.h:32:8: error: redefinition of ‘struct in6_addr’
+ struct in6_addr {
+ ^
+In file included from .../output/host/usr/x86_64-buildroot-linux-musl/sysroot/usr/include/netdb.h:9:0,
+ from ipxfrm.c:34:
+.../output/host/usr/x86_64-buildroot-linux-musl/sysroot/usr/include/netinet/in.h:24:8: note: originally defined here
+ struct in6_addr
+ ^
+
+In order to fix this, use just the C library header <netinet/in.h>.
+
+Original patch taken from
+http://git.alpinelinux.org/cgit/aports/tree/main/iproute2/musl-fixes.patch.
+
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+---
+Upstream-Status: Pending
+
+ include/libiptc/ipt_kernel_headers.h | 2 --
+ include/linux/if_bridge.h | 1 -
+ include/linux/netfilter.h | 2 --
+ include/linux/xfrm.h | 1 -
+ 4 files changed, 6 deletions(-)
+
+diff --git a/include/libiptc/ipt_kernel_headers.h b/include/libiptc/ipt_kernel_headers.h
+index 7e87828..9566be5 100644
+--- a/include/libiptc/ipt_kernel_headers.h
++++ b/include/libiptc/ipt_kernel_headers.h
+@@ -15,12 +15,10 @@
+ #else /* libc5 */
+ #include <sys/socket.h>
+ #include <linux/ip.h>
+-#include <linux/in.h>
+ #include <linux/if.h>
+ #include <linux/icmp.h>
+ #include <linux/tcp.h>
+ #include <linux/udp.h>
+ #include <linux/types.h>
+-#include <linux/in6.h>
+ #endif
+ #endif
+diff --git a/include/linux/if_bridge.h b/include/linux/if_bridge.h
+index ee197a3..f823aa4 100644
+--- a/include/linux/if_bridge.h
++++ b/include/linux/if_bridge.h
+@@ -15,7 +15,6 @@
+
+ #include <linux/types.h>
+ #include <linux/if_ether.h>
+-#include <linux/in6.h>
+
+ #define SYSFS_BRIDGE_ATTR "bridge"
+ #define SYSFS_BRIDGE_FDB "brforward"
+diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
+index b71b4c9..3e4e6ae 100644
+--- a/include/linux/netfilter.h
++++ b/include/linux/netfilter.h
+@@ -4,8 +4,6 @@
+ #include <linux/types.h>
+
+ #include <linux/sysctl.h>
+-#include <linux/in.h>
+-#include <linux/in6.h>
+
+ /* Responses from hook functions. */
+ #define NF_DROP 0
+diff --git a/include/linux/xfrm.h b/include/linux/xfrm.h
+index b8f5451..a9761a5 100644
+--- a/include/linux/xfrm.h
++++ b/include/linux/xfrm.h
+@@ -1,7 +1,6 @@
+ #ifndef _LINUX_XFRM_H
+ #define _LINUX_XFRM_H
+
+-#include <linux/in6.h>
+ #include <linux/types.h>
+
+ /* All of the structures in this file may not change size as they are
+--
+2.6.3
+
diff --git a/yocto-poky/meta/recipes-connectivity/iproute2/iproute2/iproute2-fix-building-with-musl.patch b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2/iproute2-fix-building-with-musl.patch
new file mode 100644
index 000000000..c83a243b7
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2/iproute2-fix-building-with-musl.patch
@@ -0,0 +1,24 @@
+iproute2: fix building with musl
+
+We need limits.h for PATH_MAX, fixes:
+
+rt_names.c:364:13: error: ‘PATH_MAX’ undeclared (first use in this
+function)
+
+Upstream-Status: Backport
+
+Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
+Signed-off-by: Maxin B. John <maxin.john@intel.com>
+---
+diff --git a/lib/rt_names.c b/lib/rt_names.c
+index f6d17c0..b665d3e 100644
+--- a/lib/rt_names.c
++++ b/lib/rt_names.c
+@@ -18,6 +18,7 @@
+ #include <sys/time.h>
+ #include <sys/socket.h>
+ #include <dirent.h>
++#include <limits.h>
+
+ #include <asm/types.h>
+ #include <linux/rtnetlink.h>
diff --git a/yocto-poky/meta/recipes-connectivity/iproute2/iproute2_4.1.1.bb b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2_4.4.0.bb
index 10db0ba5d..7979e8beb 100644
--- a/yocto-poky/meta/recipes-connectivity/iproute2/iproute2_4.1.1.bb
+++ b/yocto-poky/meta/recipes-connectivity/iproute2/iproute2_4.4.0.bb
@@ -3,9 +3,11 @@ require iproute2.inc
SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz \
file://configure-cross.patch \
file://0001-iproute2-de-bash-scripts.patch \
+ file://iproute2-4.3.0-musl.patch \
+ file://iproute2-fix-building-with-musl.patch \
"
-SRC_URI[md5sum] = "39290cb3a55d38dd8d10e19a3094109f"
-SRC_URI[sha256sum] = "73077a989efb934450bd655cbd9aaddaa747cb696c64d0c9a3323768a6a8e66f"
+SRC_URI[md5sum] = "d762653ec3e1ab0d4a9689e169ca184f"
+SRC_URI[sha256sum] = "bc91c367288a19f78ef800cd6840363be1f22da8436fbae88e1a7250490d6514"
# CFLAGS are computed in Makefile and reference CCOPTS
#
diff --git a/yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/musl.patch b/yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/musl.patch
new file mode 100644
index 000000000..97eb97502
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils-0.9.18/musl.patch
@@ -0,0 +1,29 @@
+Replace use of <net/if_packet.h> with <linux/if_packet.h>.
+
+kernel headers <linux/if_packet.h> already provides the
+needed definitions, moreover not all libc implementations
+provide if_packet.h e.g. musl
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+Upstream-Status: Pending
+
+Index: irda-utils-0.9.18/irdaping/irdaping.c
+===================================================================
+--- irda-utils-0.9.18.orig/irdaping/irdaping.c
++++ irda-utils-0.9.18/irdaping/irdaping.c
+@@ -33,7 +33,6 @@
+ #include <sys/socket.h>
+ #include <sys/ioctl.h>
+ #include <net/if.h> /* For struct ifreq */
+-#include <net/if_packet.h> /* For struct sockaddr_pkt */
+ #include <net/if_arp.h> /* For ARPHRD_IRDA */
+ #include <netinet/if_ether.h> /* For ETH_P_ALL */
+ #include <netinet/in.h> /* For htons */
+@@ -46,6 +45,7 @@
+ #include <asm/byteorder.h> /* __cpu_to_le32 and co. */
+
+ #include <linux/types.h> /* For __u8 and co. */
++#include <linux/if_packet.h> /* For struct sockaddr_pkt */
+ #include <irda.h>
+
+ #ifndef AF_IRDA
diff --git a/yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils_0.9.18.bb b/yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils_0.9.18.bb
index bd2f815cb..11b2ee911 100644
--- a/yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils_0.9.18.bb
+++ b/yocto-poky/meta/recipes-connectivity/irda-utils/irda-utils_0.9.18.bb
@@ -13,6 +13,7 @@ LIC_FILES_CHKSUM = "file://irdadump/COPYING;md5=94d55d512a9ba36caa9b7df079bae19f
SRC_URI = "${SOURCEFORGE_MIRROR}/irda/irda-utils-${PV}.tar.gz \
file://ldflags.patch \
+ file://musl.patch \
file://init"
SRC_URI[md5sum] = "84dc12aa4c3f61fccb8d8919bf4079bb"
diff --git a/yocto-poky/meta/recipes-connectivity/iw/iw/0001-iw-version.sh-don-t-use-git-describe-for-versioning.patch b/yocto-poky/meta/recipes-connectivity/iw/iw/0001-iw-version.sh-don-t-use-git-describe-for-versioning.patch
index a0a77b2e5..2e52c80c0 100644
--- a/yocto-poky/meta/recipes-connectivity/iw/iw/0001-iw-version.sh-don-t-use-git-describe-for-versioning.patch
+++ b/yocto-poky/meta/recipes-connectivity/iw/iw/0001-iw-version.sh-don-t-use-git-describe-for-versioning.patch
@@ -1,6 +1,3 @@
-From 5310abba864cfe3a8b65af130729447604190b29 Mon Sep 17 00:00:00 2001
-From: Koen Kooi <koen@dominion.thruhere.net>
-Date: Tue, 29 Nov 2011 17:03:27 +0100
Subject: [PATCH] iw: version.sh: don't use git describe for versioning
It will detect top-level git repositories like the Angstrom setup-scripts and break.
@@ -8,21 +5,18 @@ It will detect top-level git repositories like the Angstrom setup-scripts and br
Upstream-Status: Pending
Signed-off-by: Koen Kooi <koen@dominion.thruhere.net>
+Signed-off-by: Maxin B. John <maxin.john@intel.com>
---
- version.sh | 16 +---------------
- 1 file changed, 1 insertion(+), 15 deletions(-)
-
-diff --git a/version.sh b/version.sh
-index 11d124b..5d423c4 100755
---- a/version.sh
-+++ b/version.sh
+diff -Naur iw-4.3-origin/version.sh iw-4.3/version.sh
+--- iw-4.3-origin/version.sh 2015-11-20 16:37:58.762077162 +0200
++++ iw-4.3/version.sh 2015-11-20 16:52:05.526491150 +0200
@@ -3,21 +3,7 @@
- VERSION="3.15"
+ VERSION="4.3"
OUT="$1"
-if [ -d .git ] && head=`git rev-parse --verify HEAD 2>/dev/null`; then
- git update-index --refresh --unmerged > /dev/null
-- descr=$(git describe)
+- descr=$(git describe --match=v*)
-
- # on git builds check that the version number above
- # is correct...
@@ -39,5 +33,3 @@ index 11d124b..5d423c4 100755
echo '#include "iw.h"' > "$OUT"
echo "const char iw_version[] = \"$v\";" >> "$OUT"
---
-1.7.7.3
diff --git a/yocto-poky/meta/recipes-connectivity/iw/iw/separate-objdir.patch b/yocto-poky/meta/recipes-connectivity/iw/iw/separate-objdir.patch
index 883f8b2c6..0ea6a5278 100644
--- a/yocto-poky/meta/recipes-connectivity/iw/iw/separate-objdir.patch
+++ b/yocto-poky/meta/recipes-connectivity/iw/iw/separate-objdir.patch
@@ -1,6 +1,3 @@
-From 9e27fc2e1b3dc8c36ef6a502edffc3a3d84d9dd9 Mon Sep 17 00:00:00 2001
-From: Christopher Larson <chris_larson@mentor.com>
-Date: Wed, 26 Aug 2015 17:23:48 -0700
Subject: [PATCH] Support separation of SRCDIR and OBJDIR
Typical use of VPATH to locate the sources.
@@ -8,26 +5,21 @@ Typical use of VPATH to locate the sources.
Upstream-Status: Pending
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
-
+Signed-off-by: Maxin B. John <maxin.john@intel.com>
---
- Makefile | 7 +++++--
- version.sh | 2 +-
- 2 files changed, 6 insertions(+), 3 deletions(-)
-
-diff --git a/Makefile b/Makefile
-index 548591a..da8d33a 100644
---- a/Makefile
-+++ b/Makefile
-@@ -1,5 +1,8 @@
+diff -Naur iw-4.3-origin/Makefile iw-4.3/Makefile
+--- iw-4.3-origin/Makefile 2015-11-20 16:37:58.752077287 +0200
++++ iw-4.3/Makefile 2015-11-20 16:57:15.510615815 +0200
+@@ -1,5 +1,7 @@
MAKEFLAGS += --no-print-directory
-
+-
+SRCDIR ?= $(dir $(lastword $(MAKEFILE_LIST)))
+OBJDIR ?= $(PWD)
+VPATH = $(SRCDIR)
PREFIX ?= /usr
SBINDIR ?= $(PREFIX)/sbin
MANDIR ?= $(PREFIX)/share/man
-@@ -95,11 +98,11 @@ VERSION_OBJS := $(filter-out version.o, $(OBJS))
+@@ -95,11 +97,11 @@
version.c: version.sh $(patsubst %.o,%.c,$(VERSION_OBJS)) nl80211.h iw.h Makefile \
$(wildcard .git/index .git/refs/tags)
@$(NQ) ' GEN ' $@
@@ -41,17 +33,3 @@ index 548591a..da8d33a 100644
ifeq ($(IW_ANDROID_BUILD),)
iw: $(OBJS)
-diff --git a/version.sh b/version.sh
-index 5354383..fa954cf 100755
---- a/version.sh
-+++ b/version.sh
-@@ -5,5 +5,5 @@ OUT="$1"
-
- v="$VERSION"
-
--echo '#include "iw.h"' > "$OUT"
-+echo '#include <iw.h>' > "$OUT"
- echo "const char iw_version[] = \"$v\";" >> "$OUT"
---
-2.2.1
-
diff --git a/yocto-poky/meta/recipes-connectivity/iw/iw_4.1.bb b/yocto-poky/meta/recipes-connectivity/iw/iw_4.3.bb
index fafb0e3c9..6865e7ad6 100644
--- a/yocto-poky/meta/recipes-connectivity/iw/iw_4.1.bb
+++ b/yocto-poky/meta/recipes-connectivity/iw/iw_4.3.bb
@@ -14,8 +14,8 @@ SRC_URI = "http://www.kernel.org/pub/software/network/iw/${BP}.tar.gz \
file://separate-objdir.patch \
"
-SRC_URI[md5sum] = "68c282285c71c956069957e9ca10a6a7"
-SRC_URI[sha256sum] = "14bfc627b37f7f607e4ffa63a70ded15fa2ea85177f703cb17d7fe36f9c8f33d"
+SRC_URI[md5sum] = "5ca622a270687d6862c9024fab266871"
+SRC_URI[sha256sum] = "2a853d95ffbd2b06c058b40ef4e6fa76a52c2709b05fb1976761fe13e9d9e39f"
inherit pkgconfig
diff --git a/yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns/0001-check-for-nss.h.patch b/yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns/0001-check-for-nss.h.patch
new file mode 100644
index 000000000..f63eb90cd
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns/0001-check-for-nss.h.patch
@@ -0,0 +1,56 @@
+From bdf01a581d58eb5340e9238d143dbcac9db5b11c Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Sat, 30 Jan 2016 19:29:45 +0000
+Subject: [PATCH] check for nss.h
+
+nss.h may not available on all libc implementations, e.g. musl does not
+have this header, this patch detects nss.h presence and defines the data
+types that are required if nss.h is missing on platform
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+Upstream-Status: Pending
+
+ configure.ac | 2 +-
+ src/nss.c | 11 +++++++++++
+ 2 files changed, 12 insertions(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index aa66bc6..ce19b07 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -71,7 +71,7 @@ AC_PROG_LIBTOOL
+
+ # Checks for header files.
+ AC_HEADER_STDC
+-AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h unistd.h nss.h sys/ioctl.h])
++AC_CHECK_HEADERS([arpa/inet.h fcntl.h inttypes.h netdb.h netinet/in.h stdlib.h string.h sys/socket.h sys/time.h unistd.h nss.h sys/ioctl.h nss.h])
+
+ # Checks for typedefs, structures, and compiler characteristics.
+ AC_C_CONST
+diff --git a/src/nss.c b/src/nss.c
+index e48e315..406733b 100644
+--- a/src/nss.c
++++ b/src/nss.c
+@@ -29,7 +29,18 @@
+ #include <assert.h>
+ #include <netdb.h>
+ #include <sys/socket.h>
++#ifdef HAVE_NSS_H
+ #include <nss.h>
++#else
++enum nss_status {
++ NSS_STATUS_TRYAGAIN = -2,
++ NSS_STATUS_UNAVAIL,
++ NSS_STATUS_NOTFOUND,
++ NSS_STATUS_SUCCESS,
++ NSS_STATUS_RETURN
++};
++#endif
++
+ #include <stdio.h>
+ #include <stdlib.h>
+
+--
+2.7.0
+
diff --git a/yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb b/yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb
index 0b936ef09..8d2feec76 100644
--- a/yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb
+++ b/yocto-poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.10.bb
@@ -8,7 +8,9 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1"
DEPENDS = "avahi"
PR = "r7"
-SRC_URI = "http://0pointer.de/lennart/projects/nss-mdns/nss-mdns-${PV}.tar.gz"
+SRC_URI = "http://0pointer.de/lennart/projects/nss-mdns/nss-mdns-${PV}.tar.gz \
+ file://0001-check-for-nss.h.patch \
+ "
SRC_URI[md5sum] = "03938f17646efbb50aa70ba5f99f51d7"
SRC_URI[sha256sum] = "1e683c2e7c3921814706d62fbbd3e9cbf493a75fa00255e0e715508d8134fa6d"
diff --git a/yocto-poky/meta/recipes-connectivity/libpcap/libpcap.inc b/yocto-poky/meta/recipes-connectivity/libpcap/libpcap.inc
index 0873c248c..b7601b05c 100644
--- a/yocto-poky/meta/recipes-connectivity/libpcap/libpcap.inc
+++ b/yocto-poky/meta/recipes-connectivity/libpcap/libpcap.inc
@@ -6,7 +6,7 @@ HOMEPAGE = "http://www.tcpdump.org/"
BUGTRACKER = "http://sourceforge.net/tracker/?group_id=53067&atid=469577"
SECTION = "libs/network"
LICENSE = "BSD"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=1d4b0366557951c84a94fabe3529f867 \
+LIC_FILES_CHKSUM = "file://LICENSE;md5=5eb289217c160e2920d2e35bddc36453 \
file://pcap.h;beginline=1;endline=32;md5=39af3510e011f34b8872f120b1dc31d2"
DEPENDS = "flex-native bison-native"
diff --git a/yocto-poky/meta/recipes-connectivity/libpcap/libpcap_1.6.2.bb b/yocto-poky/meta/recipes-connectivity/libpcap/libpcap_1.7.4.bb
index 611543e42..8d12b2521 100644
--- a/yocto-poky/meta/recipes-connectivity/libpcap/libpcap_1.6.2.bb
+++ b/yocto-poky/meta/recipes-connectivity/libpcap/libpcap_1.7.4.bb
@@ -3,8 +3,8 @@ require libpcap.inc
SRC_URI += "file://aclocal.patch \
file://libpcap-pkgconfig-support.patch \
"
-SRC_URI[md5sum] = "5f14191c1a684a75532c739c2c4059fa"
-SRC_URI[sha256sum] = "5db3e2998f1eeba2c76da55da5d474248fe19c44f49e15cac8a796a2c7e19690"
+SRC_URI[md5sum] = "b2e13142bbaba857ab1c6894aedaf547"
+SRC_URI[sha256sum] = "7ad3112187e88328b85e46dce7a9b949632af18ee74d97ffc3f2b41fe7f448b0"
#
# make install doesn't cover the shared lib
diff --git a/yocto-poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/yocto-poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
index 31cf2bb5f..bd488eb08 100644
--- a/yocto-poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
+++ b/yocto-poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb
@@ -2,8 +2,8 @@ SUMMARY = "Mobile Broadband Service Provider Database"
SECTION = "network"
LICENSE = "PD"
LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04"
-SRCREV = "d06ebd314a7cdd087d38e4966c19de42c8c55246"
-PV = "20140618+gitr${SRCPV}"
+SRCREV = "519465766fabc85b9fdea5f2b5ee3d08c2b1f70d"
+PV = "20151214"
PE = "1"
SRC_URI = "git://git.gnome.org/mobile-broadband-provider-info"
diff --git a/yocto-poky/meta/recipes-connectivity/neard/neard_0.15.bb b/yocto-poky/meta/recipes-connectivity/neard/neard_0.15.bb
index 8adf70cc9..93bddb34c 100644
--- a/yocto-poky/meta/recipes-connectivity/neard/neard_0.15.bb
+++ b/yocto-poky/meta/recipes-connectivity/neard/neard_0.15.bb
@@ -43,7 +43,6 @@ do_install_append() {
PACKAGES =+ "${PN}-tests"
FILES_${PN}-tests = "${libdir}/${BPN}/*-test"
-FILES_${PN}-dbg += "${libdir}/${BPN}/*/.debug"
RDEPENDS_${PN} = "dbus python python-dbus python-pygobject"
diff --git a/yocto-poky/meta/recipes-connectivity/nfs-utils/files/bugfix-adjust-statd-service-name.patch b/yocto-poky/meta/recipes-connectivity/nfs-utils/files/bugfix-adjust-statd-service-name.patch
new file mode 100644
index 000000000..14bd4036a
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/nfs-utils/files/bugfix-adjust-statd-service-name.patch
@@ -0,0 +1,34 @@
+From 398fed3bb0350cb1229e54e7020ae0e044c206d1 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Ulrich=20=C3=96lmann?= <u.oelmann@pengutronix.de>
+Date: Wed, 17 Feb 2016 08:33:45 +0100
+Subject: bugfix: adjust statd service name
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Upstream uses 'rpc-statd.service' and Yocto introduced 'nfs-statd.service'
+instead but forgot to update the mount.nfs helper 'start-statd' accordingly.
+
+Upstream-Status: Inappropriate [other]
+
+Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
+---
+ utils/statd/start-statd | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/utils/statd/start-statd b/utils/statd/start-statd
+index 8211a90..3c2aa6f 100755
+--- a/utils/statd/start-statd
++++ b/utils/statd/start-statd
+@@ -16,7 +16,7 @@ fi
+ # First try systemd if it's installed.
+ if [ -d /run/systemd/system ]; then
+ # Quit only if the call worked.
+- systemctl start rpc-statd.service && exit
++ systemctl start nfs-statd.service && exit
+ fi
+
+ # Fall back to launching it ourselves.
+--
+2.1.4
+
diff --git a/yocto-poky/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb b/yocto-poky/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb
index 5b578e9a1..256577100 100644
--- a/yocto-poky/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb
+++ b/yocto-poky/meta/recipes-connectivity/nfs-utils/libnfsidmap_0.25.bb
@@ -14,6 +14,8 @@ SRC_URI = "http://www.citi.umich.edu/projects/nfsv4/linux/libnfsidmap/${BPN}-${P
SRC_URI[md5sum] = "2ac4893c92716add1a1447ae01df77ab"
SRC_URI[sha256sum] = "656d245d84400e1030f8f40a5a27da76370690c4a932baf249110f047fe7efcf"
+UPSTREAM_CHECK_URI = "http://www.citi.umich.edu/projects/nfsv4/linux/libnfsidmap/"
+
inherit autotools
EXTRA_OECONF = "--disable-ldap"
diff --git a/yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-nfs-utils-statd-fix-a-segfault-caused-by-improper-us.patch b/yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-nfs-utils-statd-fix-a-segfault-caused-by-improper-us.patch
new file mode 100644
index 000000000..de0b045c8
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-nfs-utils-statd-fix-a-segfault-caused-by-improper-us.patch
@@ -0,0 +1,113 @@
+Upstream-Status: Pending
+
+Subject: nfs-utils/statd: fix a segfault caused by improper usage of RPC interface
+
+There is a hack which uses the bottom-level RPC improperly as below
+in the current statd implementation:
+insert a socket in the svc_fdset without a corresponding transport handle
+and passes the socket to the svc_getreqset subroutine, this usage causes
+a segfault of statd on a huge amount of sm-notifications.
+
+Fix the issue by separating the non-RPC-server sock from RPC dispatcher.
+
+Signed-off-by: Shan Hai <shan.hai@windriver.com>
+Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
+---
+ utils/statd/rmtcall.c | 1 -
+ utils/statd/statd.c | 5 +++--
+ utils/statd/statd.h | 2 +-
+ utils/statd/svc_run.c | 8 ++++++--
+ 4 files changed, 10 insertions(+), 6 deletions(-)
+
+diff --git a/utils/statd/rmtcall.c b/utils/statd/rmtcall.c
+index fd576d9..cde091b 100644
+--- a/utils/statd/rmtcall.c
++++ b/utils/statd/rmtcall.c
+@@ -104,7 +104,6 @@ statd_get_socket(void)
+ if (sockfd < 0)
+ return -1;
+
+- FD_SET(sockfd, &SVC_FDSET);
+ return sockfd;
+ }
+
+diff --git a/utils/statd/statd.c b/utils/statd/statd.c
+index 51a016e..e21a259 100644
+--- a/utils/statd/statd.c
++++ b/utils/statd/statd.c
+@@ -247,6 +247,7 @@ int main (int argc, char **argv)
+ int port = 0, out_port = 0;
+ int nlm_udp = 0, nlm_tcp = 0;
+ struct rlimit rlim;
++ int notify_sockfd;
+
+ int pipefds[2] = { -1, -1};
+ char status;
+@@ -473,7 +474,7 @@ int main (int argc, char **argv)
+ }
+
+ /* Make sure we have a privilege port for calling into the kernel */
+- if (statd_get_socket() < 0)
++ if ((notify_sockfd = statd_get_socket()) < 0)
+ exit(1);
+
+ /* If sm-notify didn't take all the state files, load
+@@ -528,7 +529,7 @@ int main (int argc, char **argv)
+ * Handle incoming requests: SM_NOTIFY socket requests, as
+ * well as callbacks from lockd.
+ */
+- my_svc_run(); /* I rolled my own, Olaf made it better... */
++ my_svc_run(notify_sockfd); /* I rolled my own, Olaf made it better... */
+
+ /* Only get here when simulating a crash so we should probably
+ * start sm-notify running again. As we have already dropped
+diff --git a/utils/statd/statd.h b/utils/statd/statd.h
+index a1d8035..231ac7e 100644
+--- a/utils/statd/statd.h
++++ b/utils/statd/statd.h
+@@ -28,7 +28,7 @@ extern _Bool statd_present_address(const struct sockaddr *sap, char *buf,
+ __attribute__((__malloc__))
+ extern char * statd_canonical_name(const char *hostname);
+
+-extern void my_svc_run(void);
++extern void my_svc_run(int);
+ extern void notify_hosts(void);
+ extern void shuffle_dirs(void);
+ extern int statd_get_socket(void);
+diff --git a/utils/statd/svc_run.c b/utils/statd/svc_run.c
+index d98ecee..28c1ad6 100644
+--- a/utils/statd/svc_run.c
++++ b/utils/statd/svc_run.c
+@@ -78,7 +78,7 @@ my_svc_exit(void)
+ * The heart of the server. A crib from libc for the most part...
+ */
+ void
+-my_svc_run(void)
++my_svc_run(int sockfd)
+ {
+ FD_SET_TYPE readfds;
+ int selret;
+@@ -96,6 +96,8 @@ my_svc_run(void)
+ }
+
+ readfds = SVC_FDSET;
++ /* Set notify sockfd for waiting for reply */
++ FD_SET(sockfd, &readfds);
+ if (notify) {
+ struct timeval tv;
+
+@@ -125,8 +127,10 @@ my_svc_run(void)
+
+ default:
+ selret -= process_reply(&readfds);
+- if (selret)
++ if (selret) {
++ FD_CLR(sockfd, &readfds);
+ svc_getreqset(&readfds);
++ }
+ }
+ }
+ }
+--
+1.9.1
+
diff --git a/yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.1.bb b/yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.3.bb
index 42101de79..a6268f3d4 100644
--- a/yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.1.bb
+++ b/yocto-poky/meta/recipes-connectivity/nfs-utils/nfs-utils_1.3.3.bb
@@ -8,7 +8,7 @@ LICENSE = "MIT & GPLv2+ & BSD"
LIC_FILES_CHKSUM = "file://COPYING;md5=95f3a93a5c3c7888de623b46ea085a84"
# util-linux for libblkid
-DEPENDS = "libcap libnfsidmap libevent util-linux sqlite3"
+DEPENDS = "libcap libnfsidmap libevent util-linux sqlite3 libtirpc"
RDEPENDS_${PN}-client = "rpcbind bash"
RDEPENDS_${PN} = "${PN}-client bash"
RRECOMMENDS_${PN} = "kernel-module-nfsd"
@@ -31,10 +31,12 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/nfs-utils/${PV}/nfs-utils-${PV}.tar.x
file://proc-fs-nfsd.mount \
file://nfs-utils-Do-not-pass-CFLAGS-to-gcc-while-building.patch \
file://nfs-utils-debianize-start-statd.patch \
+ file://0001-nfs-utils-statd-fix-a-segfault-caused-by-improper-us.patch \
+ file://bugfix-adjust-statd-service-name.patch \
"
-SRC_URI[md5sum] = "8de676b9ff34b8f9addc1d0800fabdf8"
-SRC_URI[sha256sum] = "ff79d70b7b58b2c8f9b798c58721127e82bb96022adc04a5c4cb251630e696b8"
+SRC_URI[md5sum] = "cd6b568c2e9301cc3bfac09d87fbbc0b"
+SRC_URI[sha256sum] = "700d689c5622c87953c34102e5befafc4d3c811e676852238f0dd79c9c0c084d"
# Only kernel-module-nfsd is required here (but can be built-in) - the nfsd module will
# pull in the remainder of the dependencies.
@@ -58,12 +60,12 @@ EXTRA_OECONF = "--with-statduser=rpcuser \
--disable-nfsv41 \
--enable-uuid \
--disable-gss \
- --disable-tirpc \
--disable-nfsdcltrack \
--with-statdpath=/var/lib/nfs/statd \
"
PACKAGECONFIG ??= "tcp-wrappers"
+PACKAGECONFIG_remove_libc-musl = "tcp-wrappers"
PACKAGECONFIG[tcp-wrappers] = "--with-tcp-wrappers,--without-tcp-wrappers,tcp-wrappers"
PACKAGECONFIG[nfsidmap] = "--enable-nfsidmap,--disable-nfsidmap,keyutils"
diff --git a/yocto-poky/meta/recipes-connectivity/ofono/ofono/0001-backtrace-Disable-for-non-glibc-C-libraries.patch b/yocto-poky/meta/recipes-connectivity/ofono/ofono/0001-backtrace-Disable-for-non-glibc-C-libraries.patch
deleted file mode 100644
index 306b6da33..000000000
--- a/yocto-poky/meta/recipes-connectivity/ofono/ofono/0001-backtrace-Disable-for-non-glibc-C-libraries.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 2d729af0897d7d72b83d111876febf9e0eec1a68 Mon Sep 17 00:00:00 2001
-From: Khem Raj <raj.khem@gmail.com>
-Date: Fri, 3 Apr 2015 20:50:56 -0700
-Subject: [PATCH] backtrace: Disable for non-glibc C libraries
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-Upstream-Status: Pending
-
----
- src/log.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/src/log.c b/src/log.c
-index febc874..9db4ae7 100644
---- a/src/log.c
-+++ b/src/log.c
-@@ -30,7 +30,9 @@
- #include <stdlib.h>
- #include <string.h>
- #include <syslog.h>
-+#ifdef __GLIBC__
- #include <execinfo.h>
-+#endif
- #include <dlfcn.h>
-
- #include "ofono.h"
-@@ -219,8 +221,9 @@ static void signal_handler(int signo)
- {
- ofono_error("Aborting (signal %d) [%s]", signo, program_exec);
-
-+#ifdef __GLIBC__
- print_backtrace(2);
--
-+#endif
- exit(EXIT_FAILURE);
- }
-
---
-2.1.4
-
diff --git a/yocto-poky/meta/recipes-connectivity/ofono/ofono_1.16.bb b/yocto-poky/meta/recipes-connectivity/ofono/ofono_1.16.bb
deleted file mode 100644
index fbf13e52b..000000000
--- a/yocto-poky/meta/recipes-connectivity/ofono/ofono_1.16.bb
+++ /dev/null
@@ -1,12 +0,0 @@
-require ofono.inc
-
-SRC_URI = "\
- ${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
- file://ofono \
- file://Revert-test-Convert-to-Python-3.patch \
- file://0001-backtrace-Disable-for-non-glibc-C-libraries.patch \
-"
-SRC_URI[md5sum] = "c31b5b55a1d68354bff771d3edf02829"
-SRC_URI[sha256sum] = "403b98dadece8bc804c0bd16b96d3db5a3bb0f84af64b3d67924da2d1a754b07"
-
-CFLAGS_append_libc-uclibc = " -D_GNU_SOURCE"
diff --git a/yocto-poky/meta/recipes-connectivity/ofono/ofono_1.17.bb b/yocto-poky/meta/recipes-connectivity/ofono/ofono_1.17.bb
new file mode 100644
index 000000000..947f9d714
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/ofono/ofono_1.17.bb
@@ -0,0 +1,11 @@
+require ofono.inc
+
+SRC_URI = "\
+ ${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
+ file://ofono \
+ file://Revert-test-Convert-to-Python-3.patch \
+"
+SRC_URI[md5sum] = "d280b1d267ba5bf391d2a898fea7c748"
+SRC_URI[sha256sum] = "cbf20f07fd15253c682b23c1786d517f505c3688f7c4ea93da777e1523b89635"
+
+CFLAGS_append_libc-uclibc = " -D_GNU_SOURCE"
diff --git a/yocto-poky/meta/recipes-connectivity/openssh/openssh/run-ptest b/yocto-poky/meta/recipes-connectivity/openssh/openssh/run-ptest
index 564c0c825..36a3d2a7b 100755
--- a/yocto-poky/meta/recipes-connectivity/openssh/openssh/run-ptest
+++ b/yocto-poky/meta/recipes-connectivity/openssh/openssh/run-ptest
@@ -3,5 +3,42 @@
export TEST_SHELL=sh
cd regress
+sed -i "/\t\tagent-ptrace /d" Makefile
make -k .OBJDIR=`pwd` .CURDIR=`pwd` SUDO="sudo" tests \
| sed -e 's/^skipped/SKIP: /g' -e 's/^ok /PASS: /g' -e 's/^failed/FAIL: /g'
+
+SSHAGENT=`which ssh-agent`
+GDB=`which gdb`
+
+if [ -z "${SSHAGENT}" -o -z "${GDB}" ]; then
+ echo "SKIP: agent-ptrace"
+ exit
+fi
+
+useradd openssh-test
+
+eval `su -c "${SSHAGENT} -s" openssh-test` > /dev/null
+r=$?
+if [ $r -ne 0 ]; then
+ echo "FAIL: could not start ssh-agent: exit code $r"
+else
+ su -c "gdb -p ${SSH_AGENT_PID}" openssh-test > /tmp/gdb.out 2>&1 << EOF
+ quit
+EOF
+ r=$?
+ if [ $r -ne 0 ]; then
+ echo "gdb failed: exit code $r"
+ fi
+ egrep 'ptrace: Operation not permitted.|procfs:.*Permission denied.|ttrace.*Permission denied.|procfs:.*: Invalid argument.|Unable to access task ' >/dev/null /tmp/gdb.out
+ r=$?
+ rm -f /tmp/gdb.out
+ if [ $r -ne 0 ]; then
+ echo "FAIL: ptrace agent"
+ else
+ echo "PASS: ptrace agent"
+ fi
+
+ ${SSHAGENT} -k > /dev/null
+fi
+userdel openssh-test
+
diff --git a/yocto-poky/meta/recipes-connectivity/openssh/openssh_7.1p2.bb b/yocto-poky/meta/recipes-connectivity/openssh/openssh_7.1p2.bb
index 714c3917c..3b5e28a1d 100644
--- a/yocto-poky/meta/recipes-connectivity/openssh/openssh_7.1p2.bb
+++ b/yocto-poky/meta/recipes-connectivity/openssh/openssh_7.1p2.bb
@@ -91,7 +91,11 @@ do_compile_ptest() {
do_install_append () {
if [ "${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam', '', d)}" = "pam" ]; then
install -D -m 0644 ${WORKDIR}/sshd ${D}${sysconfdir}/pam.d/sshd
- sed -i -e 's:#UsePAM no:UsePAM yes:' ${WORKDIR}/sshd_config ${D}${sysconfdir}/ssh/sshd_config
+ sed -i -e 's:#UsePAM no:UsePAM yes:' ${D}${sysconfdir}/ssh/sshd_config
+ fi
+
+ if [ "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11', '', d)}" = "x11" ]; then
+ sed -i -e 's:#X11Forwarding no:X11Forwarding yes:' ${D}${sysconfdir}/ssh/sshd_config
fi
install -d ${D}${sysconfdir}/init.d
@@ -121,7 +125,7 @@ do_install_append () {
}
do_install_ptest () {
- sed -i -e "s|^SFTPSERVER=.*|SFTPSERVER=${libdir}/${PN}/sftp-server|" regress/test-exec.sh
+ sed -i -e "s|^SFTPSERVER=.*|SFTPSERVER=${libexecdir}/sftp-server|" regress/test-exec.sh
cp -r regress ${D}${PTEST_PATH}
}
diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl.inc b/yocto-poky/meta/recipes-connectivity/openssl/openssl.inc
index 8af423f1a..a5ddf4d4b 100644
--- a/yocto-poky/meta/recipes-connectivity/openssl/openssl.inc
+++ b/yocto-poky/meta/recipes-connectivity/openssl/openssl.inc
@@ -8,7 +8,7 @@ SECTION = "libs/network"
LICENSE = "openssl"
LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8"
-DEPENDS = "perl-native-runtime"
+DEPENDS = "hostperl-runtime-native"
DEPENDS_append_class-target = " openssl-native"
SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
@@ -18,28 +18,26 @@ S = "${WORKDIR}/openssl-${PV}"
PACKAGECONFIG[perl] = ",,,"
AR_append = " r"
+TERMIO_libc-musl = "-DTERMIOS"
+TERMIO ?= "-DTERMIO"
# Avoid binaries being marked as requiring an executable stack since it
# doesn't(which causes and this causes issues with SELinux
CFLAG = "${@base_conditional('SITEINFO_ENDIANNESS', 'le', '-DL_ENDIAN', '-DB_ENDIAN', d)} \
- -DTERMIO ${CFLAGS} -Wall -Wa,--noexecstack"
-
-# -02 does not work on mipsel: ssh hangs when it tries to read /dev/urandom
-CFLAG_mtx-1 := "${@'${CFLAG}'.replace('-O2', '')}"
-CFLAG_mtx-2 := "${@'${CFLAG}'.replace('-O2', '')}"
+ ${TERMIO} ${CFLAGS} -Wall -Wa,--noexecstack"
export DIRS = "crypto ssl apps"
export EX_LIBS = "-lgcc -ldl"
export AS = "${CC} -c"
+EXTRA_OEMAKE = "-e MAKEFLAGS="
inherit pkgconfig siteinfo multilib_header ptest
PACKAGES =+ "libcrypto libssl ${PN}-misc openssl-conf"
-FILES_libcrypto = "${base_libdir}/libcrypto${SOLIBS}"
-FILES_libssl = "${libdir}/libssl.so.*"
+FILES_libcrypto = "${libdir}/libcrypto${SOLIBS}"
+FILES_libssl = "${libdir}/libssl${SOLIBS}"
FILES_${PN} =+ " ${libdir}/ssl/*"
FILES_${PN}-misc = "${libdir}/ssl/misc ${bindir}/c_rehash"
RDEPENDS_${PN}-misc = "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'perl', '', d)}"
-FILES_${PN}-dev += "${base_libdir}/libcrypto${SOLIBSDEV}"
# Add the openssl.cnf file to the openssl-conf package. Make the libcrypto
# package RRECOMMENDS on this package. This will enable the configuration
@@ -115,7 +113,7 @@ do_configure () {
linux-mipsel)
target=debian-mipsel
;;
- linux-*-mips64)
+ linux-*-mips64 | linux-mips64)
target=linux-mips
;;
linux-microblaze*|linux-nios2*)
@@ -167,13 +165,6 @@ do_install () {
oe_libinstall -so libcrypto ${D}${libdir}
oe_libinstall -so libssl ${D}${libdir}
- # Moving libcrypto to /lib
- if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then
- mkdir -p ${D}/${base_libdir}/
- mv ${D}${libdir}/libcrypto* ${D}${base_libdir}/
- sed -i s#libdir=\$\{exec_prefix\}\/lib#libdir=${base_libdir}# ${D}/${libdir}/pkgconfig/libcrypto.pc
- fi
-
install -d ${D}${includedir}
cp --dereference -R include/openssl ${D}${includedir}
@@ -191,12 +182,18 @@ do_install () {
}
do_install_ptest () {
- cp -r Makefile test ${D}${PTEST_PATH}
+ cp -r -L Makefile.org Makefile test ${D}${PTEST_PATH}
+ cp Configure config e_os.h ${D}${PTEST_PATH}
+ cp -r -L include ${D}${PTEST_PATH}
+ ln -sf ${base_libdir}/libcrypto.a ${D}${PTEST_PATH}
+ ln -sf ${libdir}/libssl.a ${D}${PTEST_PATH}
+ mkdir -p ${D}${PTEST_PATH}/crypto
+ cp crypto/constant_time_locl.h ${D}${PTEST_PATH}/crypto
cp -r certs ${D}${PTEST_PATH}
mkdir -p ${D}${PTEST_PATH}/apps
- ln -sf /usr/lib/ssl/misc/CA.sh ${D}${PTEST_PATH}/apps
- ln -sf /usr/lib/ssl/openssl.cnf ${D}${PTEST_PATH}/apps
- ln -sf /usr/bin/openssl ${D}${PTEST_PATH}/apps
+ ln -sf ${libdir}/ssl/misc/CA.sh ${D}${PTEST_PATH}/apps
+ ln -sf ${libdir}/ssl/openssl.cnf ${D}${PTEST_PATH}/apps
+ ln -sf ${bindir}/openssl ${D}${PTEST_PATH}/apps
cp apps/server2.pem ${D}${PTEST_PATH}/apps
mkdir -p ${D}${PTEST_PATH}/util
install util/opensslwrap.sh ${D}${PTEST_PATH}/util
diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/0001-Add-test-for-CVE-2015-3194.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/0001-Add-test-for-CVE-2015-3194.patch
deleted file mode 100644
index 39a2e5a94..000000000
--- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/0001-Add-test-for-CVE-2015-3194.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-From 00456fded43eadd4bb94bf675ae4ea5d158a764f Mon Sep 17 00:00:00 2001
-From: "Dr. Stephen Henson" <steve@openssl.org>
-Date: Wed, 4 Nov 2015 13:30:03 +0000
-Subject: [PATCH] Add test for CVE-2015-3194
-
-Reviewed-by: Richard Levitte <levitte@openssl.org>
-
-Upstream-Status: Backport
-
-This patch was imported from
-https://git.openssl.org/?p=openssl.git;a=commit;h=00456fded43eadd4bb94bf675ae4ea5d158a764f
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
----
- test/certs/pss1.pem | 21 +++++++++++++++++++++
- test/tx509 | 7 +++++++
- 2 files changed, 28 insertions(+)
- create mode 100644 test/certs/pss1.pem
-
-diff --git a/test/certs/pss1.pem b/test/certs/pss1.pem
-new file mode 100644
-index 0000000..29da71d
---- /dev/null
-+++ b/test/certs/pss1.pem
-@@ -0,0 +1,21 @@
-+-----BEGIN CERTIFICATE-----
-+MIIDdjCCAjqgAwIBAgIJANcwZLyfEv7DMD4GCSqGSIb3DQEBCjAxoA0wCwYJYIZI
-+AWUDBAIBoRowGAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIEAgIA3jAnMSUwIwYD
-+VQQDDBxUZXN0IEludmFsaWQgUFNTIGNlcnRpZmljYXRlMB4XDTE1MTEwNDE2MDIz
-+NVoXDTE1MTIwNDE2MDIzNVowJzElMCMGA1UEAwwcVGVzdCBJbnZhbGlkIFBTUyBj
-+ZXJ0aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMTaM7WH
-+qVCAGAIA+zL1KWvvASTrhlq+1ePdO7wsrWX2KiYoTYrJYTnxhLnn0wrHqApt79nL
-+IBG7cfShyZqFHOY/IzlYPMVt+gPo293gw96Fds5JBsjhjkyGnOyr9OUntFqvxDbT
-+IIFU7o9IdxD4edaqjRv+fegVE+B79pDk4s0ujsk6dULtCg9Rst0ucGFo19mr+b7k
-+dbfn8pZ72ZNDJPueVdrUAWw9oll61UcYfk75XdrLk6JlL41GrYHc8KlfXf43gGQq
-+QfrpHkg4Ih2cI6Wt2nhFGAzrlcorzLliQIUJRIhM8h4IgDfpBpaPdVQLqS2pFbXa
-+5eQjqiyJwak2vJ8CAwEAAaNQME4wHQYDVR0OBBYEFCt180N4oGUt5LbzBwQ4Ia+2
-+4V97MB8GA1UdIwQYMBaAFCt180N4oGUt5LbzBwQ4Ia+24V97MAwGA1UdEwQFMAMB
-+Af8wMQYJKoZIhvcNAQEKMCSgDTALBglghkgBZQMEAgGhDTALBgkqhkiG9w0BAQii
-+BAICAN4DggEBAAjBtm90lGxgddjc4Xu/nbXXFHVs2zVcHv/mqOZoQkGB9r/BVgLb
-+xhHrFZ2pHGElbUYPfifdS9ztB73e1d4J+P29o0yBqfd4/wGAc/JA8qgn6AAEO/Xn
-+plhFeTRJQtLZVl75CkHXgUGUd3h+ADvKtcBuW9dSUncaUrgNKR8u/h/2sMG38RWY
-+DzBddC/66YTa3r7KkVUfW7yqRQfELiGKdcm+bjlTEMsvS+EhHup9CzbpoCx2Fx9p
-+NPtFY3yEObQhmL1JyoCRWqBE75GzFPbRaiux5UpEkns+i3trkGssZzsOuVqHNTNZ
-+lC9+9hPHIoc9UMmAQNo1vGIW3NWVoeGbaJ8=
-+-----END CERTIFICATE-----
-diff --git a/test/tx509 b/test/tx509
-index 0ce3b52..77f5cac 100644
---- a/test/tx509
-+++ b/test/tx509
-@@ -74,5 +74,12 @@ if [ $? != 0 ]; then exit 1; fi
- cmp x509-f.p x509-ff.p3
- if [ $? != 0 ]; then exit 1; fi
-
-+echo "Parsing test certificates"
-+
-+$cmd -in certs/pss1.pem -text -noout >/dev/null
-+if [ $? != 0 ]; then exit 1; fi
-+
-+echo OK
-+
- /bin/rm -f x509-f.* x509-ff.* x509-fff.*
- exit 0
---
-2.3.5
-
diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch
deleted file mode 100644
index 125016a23..000000000
--- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch
+++ /dev/null
@@ -1,101 +0,0 @@
-From d73cc256c8e256c32ed959456101b73ba9842f72 Mon Sep 17 00:00:00 2001
-From: Andy Polyakov <appro@openssl.org>
-Date: Tue, 1 Dec 2015 09:00:32 +0100
-Subject: [PATCH] bn/asm/x86_64-mont5.pl: fix carry propagating bug
- (CVE-2015-3193).
-
-Reviewed-by: Richard Levitte <levitte@openssl.org>
-(cherry picked from commit e7c078db57908cbf16074c68034977565ffaf107)
-
-Upstream-Status: Backport
-
-This patch was imported from
-https://git.openssl.org/?p=openssl.git;a=commit;h=d73cc256c8e256c32ed959456101b73ba9842f72
-
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
----
- crypto/bn/asm/x86_64-mont5.pl | 22 +++++++++++++++++++---
- crypto/bn/bntest.c | 18 ++++++++++++++++++
- 2 files changed, 37 insertions(+), 3 deletions(-)
-
-Index: openssl-1.0.2d/crypto/bn/asm/x86_64-mont5.pl
-===================================================================
---- openssl-1.0.2d.orig/crypto/bn/asm/x86_64-mont5.pl
-+++ openssl-1.0.2d/crypto/bn/asm/x86_64-mont5.pl
-@@ -1779,6 +1779,15 @@ sqr8x_reduction:
- .align 32
- .L8x_tail_done:
- add (%rdx),%r8 # can this overflow?
-+ adc \$0,%r9
-+ adc \$0,%r10
-+ adc \$0,%r11
-+ adc \$0,%r12
-+ adc \$0,%r13
-+ adc \$0,%r14
-+ adc \$0,%r15 # can't overflow, because we
-+ # started with "overhung" part
-+ # of multiplication
- xor %rax,%rax
-
- neg $carry
-@@ -3125,6 +3134,15 @@ sqrx8x_reduction:
- .align 32
- .Lsqrx8x_tail_done:
- add 24+8(%rsp),%r8 # can this overflow?
-+ adc \$0,%r9
-+ adc \$0,%r10
-+ adc \$0,%r11
-+ adc \$0,%r12
-+ adc \$0,%r13
-+ adc \$0,%r14
-+ adc \$0,%r15 # can't overflow, because we
-+ # started with "overhung" part
-+ # of multiplication
- mov $carry,%rax # xor %rax,%rax
-
- sub 16+8(%rsp),$carry # mov 16(%rsp),%cf
-@@ -3168,13 +3186,11 @@ my ($rptr,$nptr)=("%rdx","%rbp");
- my @ri=map("%r$_",(10..13));
- my @ni=map("%r$_",(14..15));
- $code.=<<___;
-- xor %rbx,%rbx
-+ xor %ebx,%ebx
- sub %r15,%rsi # compare top-most words
- adc %rbx,%rbx
- mov %rcx,%r10 # -$num
-- .byte 0x67
- or %rbx,%rax
-- .byte 0x67
- mov %rcx,%r9 # -$num
- xor \$1,%rax
- sar \$3+2,%rcx # cf=0
-Index: openssl-1.0.2d/crypto/bn/bntest.c
-===================================================================
---- openssl-1.0.2d.orig/crypto/bn/bntest.c
-+++ openssl-1.0.2d/crypto/bn/bntest.c
-@@ -1027,6 +1027,24 @@ int test_mod_exp_mont_consttime(BIO *bp,
- return 0;
- }
- }
-+
-+ /* Regression test for carry propagation bug in sqr8x_reduction */
-+ BN_hex2bn(&a, "050505050505");
-+ BN_hex2bn(&b, "02");
-+ BN_hex2bn(&c,
-+ "4141414141414141414141274141414141414141414141414141414141414141"
-+ "4141414141414141414141414141414141414141414141414141414141414141"
-+ "4141414141414141414141800000000000000000000000000000000000000000"
-+ "0000000000000000000000000000000000000000000000000000000000000000"
-+ "0000000000000000000000000000000000000000000000000000000000000000"
-+ "0000000000000000000000000000000000000000000000000000000001");
-+ BN_mod_exp(d, a, b, c, ctx);
-+ BN_mul(e, a, a, ctx);
-+ if (BN_cmp(d, e)) {
-+ fprintf(stderr, "BN_mod_exp and BN_mul produce different results!\n");
-+ return 0;
-+ }
-+
- BN_free(a);
- BN_free(b);
- BN_free(c);
diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-1-Add-PSS-parameter-check.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-1-Add-PSS-parameter-check.patch
deleted file mode 100644
index 13d48913b..000000000
--- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-1-Add-PSS-parameter-check.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From c394a488942387246653833359a5c94b5832674e Mon Sep 17 00:00:00 2001
-From: "Dr. Stephen Henson" <steve@openssl.org>
-Date: Fri, 2 Oct 2015 12:35:19 +0100
-Subject: [PATCH] Add PSS parameter check.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Avoid seg fault by checking mgf1 parameter is not NULL. This can be
-triggered during certificate verification so could be a DoS attack
-against a client or a server enabling client authentication.
-
-Thanks to Loïc Jonas Etienne (Qnective AG) for discovering this bug.
-
-CVE-2015-3194
-
-Reviewed-by: Richard Levitte <levitte@openssl.org>
-
-Upstream-Status: Backport
-
-This patch was imported from
-https://git.openssl.org/?p=openssl.git;a=commit;h=c394a488942387246653833359a5c94b5832674e
-
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
----
- crypto/rsa/rsa_ameth.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
-index ca3922e..4e06218 100644
---- a/crypto/rsa/rsa_ameth.c
-+++ b/crypto/rsa/rsa_ameth.c
-@@ -268,7 +268,7 @@ static X509_ALGOR *rsa_mgf1_decode(X509_ALGOR *alg)
- {
- const unsigned char *p;
- int plen;
-- if (alg == NULL)
-+ if (alg == NULL || alg->parameter == NULL)
- return NULL;
- if (OBJ_obj2nid(alg->algorithm) != NID_mgf1)
- return NULL;
---
-2.3.5
-
diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch
deleted file mode 100644
index 6fc4d0e83..000000000
--- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-From cc598f321fbac9c04da5766243ed55d55948637d Mon Sep 17 00:00:00 2001
-From: "Dr. Stephen Henson" <steve@openssl.org>
-Date: Tue, 10 Nov 2015 19:03:07 +0000
-Subject: [PATCH] Fix leak with ASN.1 combine.
-
-When parsing a combined structure pass a flag to the decode routine
-so on error a pointer to the parent structure is not zeroed as
-this will leak any additional components in the parent.
-
-This can leak memory in any application parsing PKCS#7 or CMS structures.
-
-CVE-2015-3195.
-
-Thanks to Adam Langley (Google/BoringSSL) for discovering this bug using
-libFuzzer.
-
-PR#4131
-
-Reviewed-by: Richard Levitte <levitte@openssl.org>
-
-Upstream-Status: Backport
-
-This patch was imported from
-https://git.openssl.org/?p=openssl.git;a=commit;h=cc598f321fbac9c04da5766243ed55d55948637d
-
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
----
- crypto/asn1/tasn_dec.c | 7 +++++--
- 1 file changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
-index febf605..9256049 100644
---- a/crypto/asn1/tasn_dec.c
-+++ b/crypto/asn1/tasn_dec.c
-@@ -180,6 +180,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
- int otag;
- int ret = 0;
- ASN1_VALUE **pchptr, *ptmpval;
-+ int combine = aclass & ASN1_TFLG_COMBINE;
-+ aclass &= ~ASN1_TFLG_COMBINE;
- if (!pval)
- return 0;
- if (aux && aux->asn1_cb)
-@@ -500,7 +502,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
- auxerr:
- ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
- err:
-- ASN1_item_ex_free(pval, it);
-+ if (combine == 0)
-+ ASN1_item_ex_free(pval, it);
- if (errtt)
- ERR_add_error_data(4, "Field=", errtt->field_name,
- ", Type=", it->sname);
-@@ -689,7 +692,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
- } else {
- /* Nothing special */
- ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
-- -1, 0, opt, ctx);
-+ -1, tt->flags & ASN1_TFLG_COMBINE, opt, ctx);
- if (!ret) {
- ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_NESTED_ASN1_ERROR);
- goto err;
---
-2.3.5
-
diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3197.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3197.patch
deleted file mode 100644
index dd288c93f..000000000
--- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2015-3197.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From d81a1600588b726c2bdccda7efad3cc7a87d6245 Mon Sep 17 00:00:00 2001
-From: Viktor Dukhovni <openssl-users@dukhovni.org>
-Date: Wed, 30 Dec 2015 22:44:51 -0500
-Subject: [PATCH] Better SSLv2 cipher-suite enforcement
-
-Based on patch by: Nimrod Aviram <nimrod.aviram@gmail.com>
-
-CVE-2015-3197
-
-Reviewed-by: Tim Hudson <tjh@openssl.org>
-Reviewed-by: Richard Levitte <levitte@openssl.org>
-
-Upstream-Status: Backport
-https://github.com/openssl/openssl/commit/d81a1600588b726c2bdccda7efad3cc7a87d6245
-
-CVE: CVE-2015-3197
-Signed-off-by: Armin Kuster <akuster@mvista.com>
-
----
- ssl/s2_srvr.c | 15 +++++++++++++--
- 1 file changed, 13 insertions(+), 2 deletions(-)
-
-Index: openssl-1.0.2d/ssl/s2_srvr.c
-===================================================================
---- openssl-1.0.2d.orig/ssl/s2_srvr.c
-+++ openssl-1.0.2d/ssl/s2_srvr.c
-@@ -402,7 +402,7 @@ static int get_client_master_key(SSL *s)
- }
-
- cp = ssl2_get_cipher_by_char(p);
-- if (cp == NULL) {
-+ if (cp == NULL || sk_SSL_CIPHER_find(s->session->ciphers, cp) < 0) {
- ssl2_return_error(s, SSL2_PE_NO_CIPHER);
- SSLerr(SSL_F_GET_CLIENT_MASTER_KEY, SSL_R_NO_CIPHER_MATCH);
- return (-1);
-@@ -687,8 +687,12 @@ static int get_client_hello(SSL *s)
- prio = cs;
- allow = cl;
- }
-+
-+ /* Generate list of SSLv2 ciphers shared between client and server */
- for (z = 0; z < sk_SSL_CIPHER_num(prio); z++) {
-- if (sk_SSL_CIPHER_find(allow, sk_SSL_CIPHER_value(prio, z)) < 0) {
-+ const SSL_CIPHER *cp = sk_SSL_CIPHER_value(prio, z);
-+ if ((cp->algorithm_ssl & SSL_SSLV2) == 0 ||
-+ sk_SSL_CIPHER_find(allow, cp) < 0) {
- (void)sk_SSL_CIPHER_delete(prio, z);
- z--;
- }
-@@ -697,6 +701,13 @@ static int get_client_hello(SSL *s)
- sk_SSL_CIPHER_free(s->session->ciphers);
- s->session->ciphers = prio;
- }
-+
-+ /* Make sure we have at least one cipher in common */
-+ if (sk_SSL_CIPHER_num(s->session->ciphers) == 0) {
-+ ssl2_return_error(s, SSL2_PE_NO_CIPHER);
-+ SSLerr(SSL_F_GET_CLIENT_HELLO, SSL_R_NO_CIPHER_MATCH);
-+ return -1;
-+ }
- /*
- * s->session->ciphers should now have a list of ciphers that are on
- * both the client and server. This list is ordered by the order the
diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_1.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_1.patch
deleted file mode 100644
index cf2d9a7b0..000000000
--- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_1.patch
+++ /dev/null
@@ -1,102 +0,0 @@
-From 878e2c5b13010329c203f309ed0c8f2113f85648 Mon Sep 17 00:00:00 2001
-From: Matt Caswell <matt@openssl.org>
-Date: Mon, 18 Jan 2016 11:31:58 +0000
-Subject: [PATCH] Prevent small subgroup attacks on DH/DHE
-
-Historically OpenSSL only ever generated DH parameters based on "safe"
-primes. More recently (in version 1.0.2) support was provided for
-generating X9.42 style parameter files such as those required for RFC
-5114 support. The primes used in such files may not be "safe". Where an
-application is using DH configured with parameters based on primes that
-are not "safe" then an attacker could use this fact to find a peer's
-private DH exponent. This attack requires that the attacker complete
-multiple handshakes in which the peer uses the same DH exponent.
-
-A simple mitigation is to ensure that y^q (mod p) == 1
-
-CVE-2016-0701 (fix part 1 of 2)
-
-Issue reported by Antonio Sanso.
-
-Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
-Upstream-Status: Backport
-
-https://github.com/openssl/openssl/commit/878e2c5b13010329c203f309ed0c8f2113f85648
-
-CVE: CVE-2016-0701
-Signed-of-by: Armin Kuster <akuster@mvisa.com>
-
----
- crypto/dh/dh.h | 1 +
- crypto/dh/dh_check.c | 35 +++++++++++++++++++++++++----------
- 2 files changed, 26 insertions(+), 10 deletions(-)
-
-diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h
-index b177673..5498a9d 100644
---- a/crypto/dh/dh.h
-+++ b/crypto/dh/dh.h
-@@ -174,6 +174,7 @@ struct dh_st {
- /* DH_check_pub_key error codes */
- # define DH_CHECK_PUBKEY_TOO_SMALL 0x01
- # define DH_CHECK_PUBKEY_TOO_LARGE 0x02
-+# define DH_CHECK_PUBKEY_INVALID 0x03
-
- /*
- * primes p where (p-1)/2 is prime too are called "safe"; we define this for
-diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
-index 347467c..5adedc0 100644
---- a/crypto/dh/dh_check.c
-+++ b/crypto/dh/dh_check.c
-@@ -151,23 +151,38 @@ int DH_check(const DH *dh, int *ret)
- int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret)
- {
- int ok = 0;
-- BIGNUM *q = NULL;
-+ BIGNUM *tmp = NULL;
-+ BN_CTX *ctx = NULL;
-
- *ret = 0;
-- q = BN_new();
-- if (q == NULL)
-+ ctx = BN_CTX_new();
-+ if (ctx == NULL)
- goto err;
-- BN_set_word(q, 1);
-- if (BN_cmp(pub_key, q) <= 0)
-+ BN_CTX_start(ctx);
-+ tmp = BN_CTX_get(ctx);
-+ if (tmp == NULL)
-+ goto err;
-+ BN_set_word(tmp, 1);
-+ if (BN_cmp(pub_key, tmp) <= 0)
- *ret |= DH_CHECK_PUBKEY_TOO_SMALL;
-- BN_copy(q, dh->p);
-- BN_sub_word(q, 1);
-- if (BN_cmp(pub_key, q) >= 0)
-+ BN_copy(tmp, dh->p);
-+ BN_sub_word(tmp, 1);
-+ if (BN_cmp(pub_key, tmp) >= 0)
- *ret |= DH_CHECK_PUBKEY_TOO_LARGE;
-
-+ if (dh->q != NULL) {
-+ /* Check pub_key^q == 1 mod p */
-+ if (!BN_mod_exp(tmp, pub_key, dh->q, dh->p, ctx))
-+ goto err;
-+ if (!BN_is_one(tmp))
-+ *ret |= DH_CHECK_PUBKEY_INVALID;
-+ }
-+
- ok = 1;
- err:
-- if (q != NULL)
-- BN_free(q);
-+ if (ctx != NULL) {
-+ BN_CTX_end(ctx);
-+ BN_CTX_free(ctx);
-+ }
- return (ok);
- }
---
-2.3.5
-
diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch
deleted file mode 100644
index 05caf0a99..000000000
--- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch
+++ /dev/null
@@ -1,156 +0,0 @@
-From c5b831f21d0d29d1e517d139d9d101763f60c9a2 Mon Sep 17 00:00:00 2001
-From: Matt Caswell <matt@openssl.org>
-Date: Thu, 17 Dec 2015 02:57:20 +0000
-Subject: [PATCH] Always generate DH keys for ephemeral DH cipher suites
-
-Modified version of the commit ffaef3f15 in the master branch by Stephen
-Henson. This makes the SSL_OP_SINGLE_DH_USE option a no-op and always
-generates a new DH key for every handshake regardless.
-
-CVE-2016-0701 (fix part 2 or 2)
-
-Issue reported by Antonio Sanso
-
-Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
-
-Upstream-Status: Backport
-
-https://github.com/openssl/openssl/commit/c5b831f21d0d29d1e517d139d9d101763f60c9a2
-
-CVE: CVE-2016-0701 #2
-Signed-of-by: Armin Kuster <akuster@mvisa.com>
-
----
- doc/ssl/SSL_CTX_set_tmp_dh_callback.pod | 29 +++++------------------------
- ssl/s3_lib.c | 14 --------------
- ssl/s3_srvr.c | 17 +++--------------
- ssl/ssl.h | 2 +-
- 4 files changed, 9 insertions(+), 53 deletions(-)
-
-Index: openssl-1.0.2d/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
-===================================================================
---- openssl-1.0.2d.orig/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
-+++ openssl-1.0.2d/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
-@@ -48,25 +48,8 @@ even if he gets hold of the normal (cert
- only used for signing.
-
- In order to perform a DH key exchange the server must use a DH group
--(DH parameters) and generate a DH key.
--The server will always generate a new DH key during the negotiation
--if either the DH parameters are supplied via callback or the
--SSL_OP_SINGLE_DH_USE option of SSL_CTX_set_options(3) is set (or both).
--It will immediately create a DH key if DH parameters are supplied via
--SSL_CTX_set_tmp_dh() and SSL_OP_SINGLE_DH_USE is not set.
--In this case,
--it may happen that a key is generated on initialization without later
--being needed, while on the other hand the computer time during the
--negotiation is being saved.
--
--If "strong" primes were used to generate the DH parameters, it is not strictly
--necessary to generate a new key for each handshake but it does improve forward
--secrecy. If it is not assured that "strong" primes were used,
--SSL_OP_SINGLE_DH_USE must be used in order to prevent small subgroup
--attacks. Always using SSL_OP_SINGLE_DH_USE has an impact on the
--computer time needed during negotiation, but it is not very large, so
--application authors/users should consider always enabling this option.
--The option is required to implement perfect forward secrecy (PFS).
-+(DH parameters) and generate a DH key. The server will always generate
-+a new DH key during the negotiation.
-
- As generating DH parameters is extremely time consuming, an application
- should not generate the parameters on the fly but supply the parameters.
-@@ -93,10 +76,9 @@ can supply the DH parameters via a callb
- Previous versions of the callback used B<is_export> and B<keylength>
- parameters to control parameter generation for export and non-export
- cipher suites. Modern servers that do not support export ciphersuites
--are advised to either use SSL_CTX_set_tmp_dh() in combination with
--SSL_OP_SINGLE_DH_USE, or alternatively, use the callback but ignore
--B<keylength> and B<is_export> and simply supply at least 2048-bit
--parameters in the callback.
-+are advised to either use SSL_CTX_set_tmp_dh() or alternatively, use
-+the callback but ignore B<keylength> and B<is_export> and simply
-+supply at least 2048-bit parameters in the callback.
-
- =head1 EXAMPLES
-
-@@ -128,7 +110,6 @@ partly left out.)
- if (SSL_CTX_set_tmp_dh(ctx, dh_2048) != 1) {
- /* Error. */
- }
-- SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE);
- ...
-
- =head1 RETURN VALUES
-Index: openssl-1.0.2d/ssl/s3_lib.c
-===================================================================
---- openssl-1.0.2d.orig/ssl/s3_lib.c
-+++ openssl-1.0.2d/ssl/s3_lib.c
-@@ -3206,13 +3206,6 @@ long ssl3_ctrl(SSL *s, int cmd, long lar
- SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
- return (ret);
- }
-- if (!(s->options & SSL_OP_SINGLE_DH_USE)) {
-- if (!DH_generate_key(dh)) {
-- DH_free(dh);
-- SSLerr(SSL_F_SSL3_CTRL, ERR_R_DH_LIB);
-- return (ret);
-- }
-- }
- if (s->cert->dh_tmp != NULL)
- DH_free(s->cert->dh_tmp);
- s->cert->dh_tmp = dh;
-@@ -3710,13 +3703,6 @@ long ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd
- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB);
- return 0;
- }
-- if (!(ctx->options & SSL_OP_SINGLE_DH_USE)) {
-- if (!DH_generate_key(new)) {
-- SSLerr(SSL_F_SSL3_CTX_CTRL, ERR_R_DH_LIB);
-- DH_free(new);
-- return 0;
-- }
-- }
- if (cert->dh_tmp != NULL)
- DH_free(cert->dh_tmp);
- cert->dh_tmp = new;
-Index: openssl-1.0.2d/ssl/s3_srvr.c
-===================================================================
---- openssl-1.0.2d.orig/ssl/s3_srvr.c
-+++ openssl-1.0.2d/ssl/s3_srvr.c
-@@ -1684,20 +1684,9 @@ int ssl3_send_server_key_exchange(SSL *s
- }
-
- s->s3->tmp.dh = dh;
-- if ((dhp->pub_key == NULL ||
-- dhp->priv_key == NULL ||
-- (s->options & SSL_OP_SINGLE_DH_USE))) {
-- if (!DH_generate_key(dh)) {
-- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB);
-- goto err;
-- }
-- } else {
-- dh->pub_key = BN_dup(dhp->pub_key);
-- dh->priv_key = BN_dup(dhp->priv_key);
-- if ((dh->pub_key == NULL) || (dh->priv_key == NULL)) {
-- SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB);
-- goto err;
-- }
-+ if (!DH_generate_key(dh)) {
-+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_DH_LIB);
-+ goto err;
- }
- r[0] = dh->p;
- r[1] = dh->g;
-Index: openssl-1.0.2d/ssl/ssl.h
-===================================================================
---- openssl-1.0.2d.orig/ssl/ssl.h
-+++ openssl-1.0.2d/ssl/ssl.h
-@@ -625,7 +625,7 @@ struct ssl_session_st {
- # define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x00040000L
- /* If set, always create a new key when using tmp_ecdh parameters */
- # define SSL_OP_SINGLE_ECDH_USE 0x00080000L
--/* If set, always create a new key when using tmp_dh parameters */
-+/* Does nothing: retained for compatibility */
- # define SSL_OP_SINGLE_DH_USE 0x00100000L
- /* Does nothing: retained for compatibiity */
- # define SSL_OP_EPHEMERAL_RSA 0x0
diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/configure-musl-target.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/configure-musl-target.patch
new file mode 100644
index 000000000..613dc7b71
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/openssl/openssl/configure-musl-target.patch
@@ -0,0 +1,27 @@
+Add musl triplet support
+
+Upstream-Status: Pending
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+Index: openssl-1.0.2a/Configure
+===================================================================
+--- openssl-1.0.2a.orig/Configure
++++ openssl-1.0.2a/Configure
+@@ -431,7 +431,7 @@ my %table=(
+ #
+ # ./Configure linux-armv4 -march=armv6 -D__ARM_MAX_ARCH__=8
+ #
+-"linux-armv4", "gcc: -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-armv4", "gcc: -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-aarch64","gcc: -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${aarch64_asm}:linux64:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ # Configure script adds minimally required -march for assembly support,
+ # if no -march was specified at command line. mips32 and mips64 below
+@@ -504,6 +504,8 @@ my %table=(
+ "linux-gnueabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-uclibceabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+ "linux-uclibceabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-musleabi-arm","$ENV{'CC'}:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
++"linux-musleabi-armeb","$ENV{'CC'}:-DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+
+ "linux-avr32","$ENV{'CC'}:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).",
+
diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch
index c397af2f0..af3989f62 100644
--- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch
+++ b/yocto-poky/meta/recipes-connectivity/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch
@@ -1,4 +1,4 @@
-Upsteram Status: Backport
+Upstream-Status: Backport
When building on x32 systems where the default type is 32bit, make sure
we can transparently represent 64bit integers. Otherwise we end up with
diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch
index 0c1a0b651..d81e22cd8 100644
--- a/yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch
+++ b/yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch
@@ -9,14 +9,15 @@ Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Dr Stephen N Henson <shenson@drh-consultancy.co.uk>
This is not meant as final patch.
-
+
Upstream-Status: Backport [debian]
+Signed-off-by: Armin Kuster <akuster@mvista.com>
-Index: openssl-1.0.2/crypto/x509/x509_vfy.c
+Index: openssl-1.0.2g/crypto/x509/x509_vfy.c
===================================================================
---- openssl-1.0.2.orig/crypto/x509/x509_vfy.c
-+++ openssl-1.0.2/crypto/x509/x509_vfy.c
+--- openssl-1.0.2g.orig/crypto/x509/x509_vfy.c
++++ openssl-1.0.2g/crypto/x509/x509_vfy.c
@@ -119,6 +119,7 @@ static int check_trust(X509_STORE_CTX *c
static int check_revocation(X509_STORE_CTX *ctx);
static int check_cert(X509_STORE_CTX *ctx);
@@ -25,17 +26,17 @@ Index: openssl-1.0.2/crypto/x509/x509_vfy.c
static int get_crl_score(X509_STORE_CTX *ctx, X509 **pissuer,
unsigned int *preasons, X509_CRL *crl, X509 *x);
-@@ -438,6 +439,9 @@ int X509_verify_cert(X509_STORE_CTX *ctx
+@@ -489,6 +490,9 @@ int X509_verify_cert(X509_STORE_CTX *ctx
if (!ok)
- goto end;
+ goto err;
+ ok = check_ca_blacklist(ctx);
-+ if(!ok) goto end;
++ if(!ok) goto err;
+
#ifndef OPENSSL_NO_RFC3779
/* RFC 3779 path validation, now that CRL check has been done */
ok = v3_asid_validate_path(ctx);
-@@ -938,6 +942,29 @@ static int check_crl_time(X509_STORE_CTX
+@@ -996,6 +1000,29 @@ static int check_crl_time(X509_STORE_CTX
return 1;
}
diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/version-script.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/version-script.patch
new file mode 100644
index 000000000..29f11a288
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/openssl/openssl/debian1.0.2/version-script.patch
@@ -0,0 +1,4656 @@
+Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure
+===================================================================
+--- openssl-1.0.2~beta1.obsolete.0.0498436515490575.orig/Configure 2014-02-24 21:02:30.000000000 +0100
++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/Configure 2014-02-24 21:02:30.000000000 +0100
+@@ -1651,6 +1651,8 @@
+ }
+ }
+
++$shared_ldflag .= " -Wl,--version-script=openssl.ld";
++
+ open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n";
+ unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new";
+ open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n";
+Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld
+===================================================================
+--- /dev/null 1970-01-01 00:00:00.000000000 +0000
++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/openssl.ld 2014-02-24 22:19:08.601827266 +0100
+@@ -0,0 +1,4608 @@
++OPENSSL_1.0.2d {
++ global:
++ BIO_f_ssl;
++ BIO_new_buffer_ssl_connect;
++ BIO_new_ssl;
++ BIO_new_ssl_connect;
++ BIO_proxy_ssl_copy_session_id;
++ BIO_ssl_copy_session_id;
++ BIO_ssl_shutdown;
++ d2i_SSL_SESSION;
++ DTLSv1_client_method;
++ DTLSv1_method;
++ DTLSv1_server_method;
++ ERR_load_SSL_strings;
++ i2d_SSL_SESSION;
++ kssl_build_principal_2;
++ kssl_cget_tkt;
++ kssl_check_authent;
++ kssl_ctx_free;
++ kssl_ctx_new;
++ kssl_ctx_setkey;
++ kssl_ctx_setprinc;
++ kssl_ctx_setstring;
++ kssl_ctx_show;
++ kssl_err_set;
++ kssl_krb5_free_data_contents;
++ kssl_sget_tkt;
++ kssl_skip_confound;
++ kssl_validate_times;
++ PEM_read_bio_SSL_SESSION;
++ PEM_read_SSL_SESSION;
++ PEM_write_bio_SSL_SESSION;
++ PEM_write_SSL_SESSION;
++ SSL_accept;
++ SSL_add_client_CA;
++ SSL_add_dir_cert_subjects_to_stack;
++ SSL_add_dir_cert_subjs_to_stk;
++ SSL_add_file_cert_subjects_to_stack;
++ SSL_add_file_cert_subjs_to_stk;
++ SSL_alert_desc_string;
++ SSL_alert_desc_string_long;
++ SSL_alert_type_string;
++ SSL_alert_type_string_long;
++ SSL_callback_ctrl;
++ SSL_check_private_key;
++ SSL_CIPHER_description;
++ SSL_CIPHER_get_bits;
++ SSL_CIPHER_get_name;
++ SSL_CIPHER_get_version;
++ SSL_clear;
++ SSL_COMP_add_compression_method;
++ SSL_COMP_get_compression_methods;
++ SSL_COMP_get_compress_methods;
++ SSL_COMP_get_name;
++ SSL_connect;
++ SSL_copy_session_id;
++ SSL_ctrl;
++ SSL_CTX_add_client_CA;
++ SSL_CTX_add_session;
++ SSL_CTX_callback_ctrl;
++ SSL_CTX_check_private_key;
++ SSL_CTX_ctrl;
++ SSL_CTX_flush_sessions;
++ SSL_CTX_free;
++ SSL_CTX_get_cert_store;
++ SSL_CTX_get_client_CA_list;
++ SSL_CTX_get_client_cert_cb;
++ SSL_CTX_get_ex_data;
++ SSL_CTX_get_ex_new_index;
++ SSL_CTX_get_info_callback;
++ SSL_CTX_get_quiet_shutdown;
++ SSL_CTX_get_timeout;
++ SSL_CTX_get_verify_callback;
++ SSL_CTX_get_verify_depth;
++ SSL_CTX_get_verify_mode;
++ SSL_CTX_load_verify_locations;
++ SSL_CTX_new;
++ SSL_CTX_remove_session;
++ SSL_CTX_sess_get_get_cb;
++ SSL_CTX_sess_get_new_cb;
++ SSL_CTX_sess_get_remove_cb;
++ SSL_CTX_sessions;
++ SSL_CTX_sess_set_get_cb;
++ SSL_CTX_sess_set_new_cb;
++ SSL_CTX_sess_set_remove_cb;
++ SSL_CTX_set1_param;
++ SSL_CTX_set_cert_store;
++ SSL_CTX_set_cert_verify_callback;
++ SSL_CTX_set_cert_verify_cb;
++ SSL_CTX_set_cipher_list;
++ SSL_CTX_set_client_CA_list;
++ SSL_CTX_set_client_cert_cb;
++ SSL_CTX_set_client_cert_engine;
++ SSL_CTX_set_cookie_generate_cb;
++ SSL_CTX_set_cookie_verify_cb;
++ SSL_CTX_set_default_passwd_cb;
++ SSL_CTX_set_default_passwd_cb_userdata;
++ SSL_CTX_set_default_verify_paths;
++ SSL_CTX_set_def_passwd_cb_ud;
++ SSL_CTX_set_def_verify_paths;
++ SSL_CTX_set_ex_data;
++ SSL_CTX_set_generate_session_id;
++ SSL_CTX_set_info_callback;
++ SSL_CTX_set_msg_callback;
++ SSL_CTX_set_psk_client_callback;
++ SSL_CTX_set_psk_server_callback;
++ SSL_CTX_set_purpose;
++ SSL_CTX_set_quiet_shutdown;
++ SSL_CTX_set_session_id_context;
++ SSL_CTX_set_ssl_version;
++ SSL_CTX_set_timeout;
++ SSL_CTX_set_tmp_dh_callback;
++ SSL_CTX_set_tmp_ecdh_callback;
++ SSL_CTX_set_tmp_rsa_callback;
++ SSL_CTX_set_trust;
++ SSL_CTX_set_verify;
++ SSL_CTX_set_verify_depth;
++ SSL_CTX_use_cert_chain_file;
++ SSL_CTX_use_certificate;
++ SSL_CTX_use_certificate_ASN1;
++ SSL_CTX_use_certificate_chain_file;
++ SSL_CTX_use_certificate_file;
++ SSL_CTX_use_PrivateKey;
++ SSL_CTX_use_PrivateKey_ASN1;
++ SSL_CTX_use_PrivateKey_file;
++ SSL_CTX_use_psk_identity_hint;
++ SSL_CTX_use_RSAPrivateKey;
++ SSL_CTX_use_RSAPrivateKey_ASN1;
++ SSL_CTX_use_RSAPrivateKey_file;
++ SSL_do_handshake;
++ SSL_dup;
++ SSL_dup_CA_list;
++ SSLeay_add_ssl_algorithms;
++ SSL_free;
++ SSL_get1_session;
++ SSL_get_certificate;
++ SSL_get_cipher_list;
++ SSL_get_ciphers;
++ SSL_get_client_CA_list;
++ SSL_get_current_cipher;
++ SSL_get_current_compression;
++ SSL_get_current_expansion;
++ SSL_get_default_timeout;
++ SSL_get_error;
++ SSL_get_ex_data;
++ SSL_get_ex_data_X509_STORE_CTX_idx;
++ SSL_get_ex_d_X509_STORE_CTX_idx;
++ SSL_get_ex_new_index;
++ SSL_get_fd;
++ SSL_get_finished;
++ SSL_get_info_callback;
++ SSL_get_peer_cert_chain;
++ SSL_get_peer_certificate;
++ SSL_get_peer_finished;
++ SSL_get_privatekey;
++ SSL_get_psk_identity;
++ SSL_get_psk_identity_hint;
++ SSL_get_quiet_shutdown;
++ SSL_get_rbio;
++ SSL_get_read_ahead;
++ SSL_get_rfd;
++ SSL_get_servername;
++ SSL_get_servername_type;
++ SSL_get_session;
++ SSL_get_shared_ciphers;
++ SSL_get_shutdown;
++ SSL_get_SSL_CTX;
++ SSL_get_ssl_method;
++ SSL_get_verify_callback;
++ SSL_get_verify_depth;
++ SSL_get_verify_mode;
++ SSL_get_verify_result;
++ SSL_get_version;
++ SSL_get_wbio;
++ SSL_get_wfd;
++ SSL_has_matching_session_id;
++ SSL_library_init;
++ SSL_load_client_CA_file;
++ SSL_load_error_strings;
++ SSL_new;
++ SSL_peek;
++ SSL_pending;
++ SSL_read;
++ SSL_renegotiate;
++ SSL_renegotiate_pending;
++ SSL_rstate_string;
++ SSL_rstate_string_long;
++ SSL_SESSION_cmp;
++ SSL_SESSION_free;
++ SSL_SESSION_get_ex_data;
++ SSL_SESSION_get_ex_new_index;
++ SSL_SESSION_get_id;
++ SSL_SESSION_get_time;
++ SSL_SESSION_get_timeout;
++ SSL_SESSION_hash;
++ SSL_SESSION_new;
++ SSL_SESSION_print;
++ SSL_SESSION_print_fp;
++ SSL_SESSION_set_ex_data;
++ SSL_SESSION_set_time;
++ SSL_SESSION_set_timeout;
++ SSL_set1_param;
++ SSL_set_accept_state;
++ SSL_set_bio;
++ SSL_set_cipher_list;
++ SSL_set_client_CA_list;
++ SSL_set_connect_state;
++ SSL_set_ex_data;
++ SSL_set_fd;
++ SSL_set_generate_session_id;
++ SSL_set_info_callback;
++ SSL_set_msg_callback;
++ SSL_set_psk_client_callback;
++ SSL_set_psk_server_callback;
++ SSL_set_purpose;
++ SSL_set_quiet_shutdown;
++ SSL_set_read_ahead;
++ SSL_set_rfd;
++ SSL_set_session;
++ SSL_set_session_id_context;
++ SSL_set_session_secret_cb;
++ SSL_set_session_ticket_ext;
++ SSL_set_session_ticket_ext_cb;
++ SSL_set_shutdown;
++ SSL_set_SSL_CTX;
++ SSL_set_ssl_method;
++ SSL_set_tmp_dh_callback;
++ SSL_set_tmp_ecdh_callback;
++ SSL_set_tmp_rsa_callback;
++ SSL_set_trust;
++ SSL_set_verify;
++ SSL_set_verify_depth;
++ SSL_set_verify_result;
++ SSL_set_wfd;
++ SSL_shutdown;
++ SSL_state;
++ SSL_state_string;
++ SSL_state_string_long;
++ SSL_use_certificate;
++ SSL_use_certificate_ASN1;
++ SSL_use_certificate_file;
++ SSL_use_PrivateKey;
++ SSL_use_PrivateKey_ASN1;
++ SSL_use_PrivateKey_file;
++ SSL_use_psk_identity_hint;
++ SSL_use_RSAPrivateKey;
++ SSL_use_RSAPrivateKey_ASN1;
++ SSL_use_RSAPrivateKey_file;
++ SSLv23_client_method;
++ SSLv23_method;
++ SSLv23_server_method;
++ SSLv2_client_method;
++ SSLv2_method;
++ SSLv2_server_method;
++ SSLv3_client_method;
++ SSLv3_method;
++ SSLv3_server_method;
++ SSL_version;
++ SSL_want;
++ SSL_write;
++ TLSv1_client_method;
++ TLSv1_method;
++ TLSv1_server_method;
++
++
++ SSLeay;
++ SSLeay_version;
++ ASN1_BIT_STRING_asn1_meth;
++ ASN1_HEADER_free;
++ ASN1_HEADER_new;
++ ASN1_IA5STRING_asn1_meth;
++ ASN1_INTEGER_get;
++ ASN1_INTEGER_set;
++ ASN1_INTEGER_to_BN;
++ ASN1_OBJECT_create;
++ ASN1_OBJECT_free;
++ ASN1_OBJECT_new;
++ ASN1_PRINTABLE_type;
++ ASN1_STRING_cmp;
++ ASN1_STRING_dup;
++ ASN1_STRING_free;
++ ASN1_STRING_new;
++ ASN1_STRING_print;
++ ASN1_STRING_set;
++ ASN1_STRING_type_new;
++ ASN1_TYPE_free;
++ ASN1_TYPE_new;
++ ASN1_UNIVERSALSTRING_to_string;
++ ASN1_UTCTIME_check;
++ ASN1_UTCTIME_print;
++ ASN1_UTCTIME_set;
++ ASN1_check_infinite_end;
++ ASN1_d2i_bio;
++ ASN1_d2i_fp;
++ ASN1_digest;
++ ASN1_dup;
++ ASN1_get_object;
++ ASN1_i2d_bio;
++ ASN1_i2d_fp;
++ ASN1_object_size;
++ ASN1_parse;
++ ASN1_put_object;
++ ASN1_sign;
++ ASN1_verify;
++ BF_cbc_encrypt;
++ BF_cfb64_encrypt;
++ BF_ecb_encrypt;
++ BF_encrypt;
++ BF_ofb64_encrypt;
++ BF_options;
++ BF_set_key;
++ BIO_CONNECT_free;
++ BIO_CONNECT_new;
++ BIO_accept;
++ BIO_ctrl;
++ BIO_int_ctrl;
++ BIO_debug_callback;
++ BIO_dump;
++ BIO_dup_chain;
++ BIO_f_base64;
++ BIO_f_buffer;
++ BIO_f_cipher;
++ BIO_f_md;
++ BIO_f_null;
++ BIO_f_proxy_server;
++ BIO_fd_non_fatal_error;
++ BIO_fd_should_retry;
++ BIO_find_type;
++ BIO_free;
++ BIO_free_all;
++ BIO_get_accept_socket;
++ BIO_get_filter_bio;
++ BIO_get_host_ip;
++ BIO_get_port;
++ BIO_get_retry_BIO;
++ BIO_get_retry_reason;
++ BIO_gethostbyname;
++ BIO_gets;
++ BIO_new;
++ BIO_new_accept;
++ BIO_new_connect;
++ BIO_new_fd;
++ BIO_new_file;
++ BIO_new_fp;
++ BIO_new_socket;
++ BIO_pop;
++ BIO_printf;
++ BIO_push;
++ BIO_puts;
++ BIO_read;
++ BIO_s_accept;
++ BIO_s_connect;
++ BIO_s_fd;
++ BIO_s_file;
++ BIO_s_mem;
++ BIO_s_null;
++ BIO_s_proxy_client;
++ BIO_s_socket;
++ BIO_set;
++ BIO_set_cipher;
++ BIO_set_tcp_ndelay;
++ BIO_sock_cleanup;
++ BIO_sock_error;
++ BIO_sock_init;
++ BIO_sock_non_fatal_error;
++ BIO_sock_should_retry;
++ BIO_socket_ioctl;
++ BIO_write;
++ BN_CTX_free;
++ BN_CTX_new;
++ BN_MONT_CTX_free;
++ BN_MONT_CTX_new;
++ BN_MONT_CTX_set;
++ BN_add;
++ BN_add_word;
++ BN_hex2bn;
++ BN_bin2bn;
++ BN_bn2hex;
++ BN_bn2bin;
++ BN_clear;
++ BN_clear_bit;
++ BN_clear_free;
++ BN_cmp;
++ BN_copy;
++ BN_div;
++ BN_div_word;
++ BN_dup;
++ BN_free;
++ BN_from_montgomery;
++ BN_gcd;
++ BN_generate_prime;
++ BN_get_word;
++ BN_is_bit_set;
++ BN_is_prime;
++ BN_lshift;
++ BN_lshift1;
++ BN_mask_bits;
++ BN_mod;
++ BN_mod_exp;
++ BN_mod_exp_mont;
++ BN_mod_exp_simple;
++ BN_mod_inverse;
++ BN_mod_mul;
++ BN_mod_mul_montgomery;
++ BN_mod_word;
++ BN_mul;
++ BN_new;
++ BN_num_bits;
++ BN_num_bits_word;
++ BN_options;
++ BN_print;
++ BN_print_fp;
++ BN_rand;
++ BN_reciprocal;
++ BN_rshift;
++ BN_rshift1;
++ BN_set_bit;
++ BN_set_word;
++ BN_sqr;
++ BN_sub;
++ BN_to_ASN1_INTEGER;
++ BN_ucmp;
++ BN_value_one;
++ BUF_MEM_free;
++ BUF_MEM_grow;
++ BUF_MEM_new;
++ BUF_strdup;
++ CONF_free;
++ CONF_get_number;
++ CONF_get_section;
++ CONF_get_string;
++ CONF_load;
++ CRYPTO_add_lock;
++ CRYPTO_dbg_free;
++ CRYPTO_dbg_malloc;
++ CRYPTO_dbg_realloc;
++ CRYPTO_dbg_remalloc;
++ CRYPTO_free;
++ CRYPTO_get_add_lock_callback;
++ CRYPTO_get_id_callback;
++ CRYPTO_get_lock_name;
++ CRYPTO_get_locking_callback;
++ CRYPTO_get_mem_functions;
++ CRYPTO_lock;
++ CRYPTO_malloc;
++ CRYPTO_mem_ctrl;
++ CRYPTO_mem_leaks;
++ CRYPTO_mem_leaks_cb;
++ CRYPTO_mem_leaks_fp;
++ CRYPTO_realloc;
++ CRYPTO_remalloc;
++ CRYPTO_set_add_lock_callback;
++ CRYPTO_set_id_callback;
++ CRYPTO_set_locking_callback;
++ CRYPTO_set_mem_functions;
++ CRYPTO_thread_id;
++ DH_check;
++ DH_compute_key;
++ DH_free;
++ DH_generate_key;
++ DH_generate_parameters;
++ DH_new;
++ DH_size;
++ DHparams_print;
++ DHparams_print_fp;
++ DSA_free;
++ DSA_generate_key;
++ DSA_generate_parameters;
++ DSA_is_prime;
++ DSA_new;
++ DSA_print;
++ DSA_print_fp;
++ DSA_sign;
++ DSA_sign_setup;
++ DSA_size;
++ DSA_verify;
++ DSAparams_print;
++ DSAparams_print_fp;
++ ERR_clear_error;
++ ERR_error_string;
++ ERR_free_strings;
++ ERR_func_error_string;
++ ERR_get_err_state_table;
++ ERR_get_error;
++ ERR_get_error_line;
++ ERR_get_state;
++ ERR_get_string_table;
++ ERR_lib_error_string;
++ ERR_load_ASN1_strings;
++ ERR_load_BIO_strings;
++ ERR_load_BN_strings;
++ ERR_load_BUF_strings;
++ ERR_load_CONF_strings;
++ ERR_load_DH_strings;
++ ERR_load_DSA_strings;
++ ERR_load_ERR_strings;
++ ERR_load_EVP_strings;
++ ERR_load_OBJ_strings;
++ ERR_load_PEM_strings;
++ ERR_load_PROXY_strings;
++ ERR_load_RSA_strings;
++ ERR_load_X509_strings;
++ ERR_load_crypto_strings;
++ ERR_load_strings;
++ ERR_peek_error;
++ ERR_peek_error_line;
++ ERR_print_errors;
++ ERR_print_errors_fp;
++ ERR_put_error;
++ ERR_reason_error_string;
++ ERR_remove_state;
++ EVP_BytesToKey;
++ EVP_CIPHER_CTX_cleanup;
++ EVP_CipherFinal;
++ EVP_CipherInit;
++ EVP_CipherUpdate;
++ EVP_DecodeBlock;
++ EVP_DecodeFinal;
++ EVP_DecodeInit;
++ EVP_DecodeUpdate;
++ EVP_DecryptFinal;
++ EVP_DecryptInit;
++ EVP_DecryptUpdate;
++ EVP_DigestFinal;
++ EVP_DigestInit;
++ EVP_DigestUpdate;
++ EVP_EncodeBlock;
++ EVP_EncodeFinal;
++ EVP_EncodeInit;
++ EVP_EncodeUpdate;
++ EVP_EncryptFinal;
++ EVP_EncryptInit;
++ EVP_EncryptUpdate;
++ EVP_OpenFinal;
++ EVP_OpenInit;
++ EVP_PKEY_assign;
++ EVP_PKEY_copy_parameters;
++ EVP_PKEY_free;
++ EVP_PKEY_missing_parameters;
++ EVP_PKEY_new;
++ EVP_PKEY_save_parameters;
++ EVP_PKEY_size;
++ EVP_PKEY_type;
++ EVP_SealFinal;
++ EVP_SealInit;
++ EVP_SignFinal;
++ EVP_VerifyFinal;
++ EVP_add_alias;
++ EVP_add_cipher;
++ EVP_add_digest;
++ EVP_bf_cbc;
++ EVP_bf_cfb64;
++ EVP_bf_ecb;
++ EVP_bf_ofb;
++ EVP_cleanup;
++ EVP_des_cbc;
++ EVP_des_cfb64;
++ EVP_des_ecb;
++ EVP_des_ede;
++ EVP_des_ede3;
++ EVP_des_ede3_cbc;
++ EVP_des_ede3_cfb64;
++ EVP_des_ede3_ofb;
++ EVP_des_ede_cbc;
++ EVP_des_ede_cfb64;
++ EVP_des_ede_ofb;
++ EVP_des_ofb;
++ EVP_desx_cbc;
++ EVP_dss;
++ EVP_dss1;
++ EVP_enc_null;
++ EVP_get_cipherbyname;
++ EVP_get_digestbyname;
++ EVP_get_pw_prompt;
++ EVP_idea_cbc;
++ EVP_idea_cfb64;
++ EVP_idea_ecb;
++ EVP_idea_ofb;
++ EVP_md2;
++ EVP_md5;
++ EVP_md_null;
++ EVP_rc2_cbc;
++ EVP_rc2_cfb64;
++ EVP_rc2_ecb;
++ EVP_rc2_ofb;
++ EVP_rc4;
++ EVP_read_pw_string;
++ EVP_set_pw_prompt;
++ EVP_sha;
++ EVP_sha1;
++ MD2;
++ MD2_Final;
++ MD2_Init;
++ MD2_Update;
++ MD2_options;
++ MD5;
++ MD5_Final;
++ MD5_Init;
++ MD5_Update;
++ MDC2;
++ MDC2_Final;
++ MDC2_Init;
++ MDC2_Update;
++ NETSCAPE_SPKAC_free;
++ NETSCAPE_SPKAC_new;
++ NETSCAPE_SPKI_free;
++ NETSCAPE_SPKI_new;
++ NETSCAPE_SPKI_sign;
++ NETSCAPE_SPKI_verify;
++ OBJ_add_object;
++ OBJ_bsearch;
++ OBJ_cleanup;
++ OBJ_cmp;
++ OBJ_create;
++ OBJ_dup;
++ OBJ_ln2nid;
++ OBJ_new_nid;
++ OBJ_nid2ln;
++ OBJ_nid2obj;
++ OBJ_nid2sn;
++ OBJ_obj2nid;
++ OBJ_sn2nid;
++ OBJ_txt2nid;
++ PEM_ASN1_read;
++ PEM_ASN1_read_bio;
++ PEM_ASN1_write;
++ PEM_ASN1_write_bio;
++ PEM_SealFinal;
++ PEM_SealInit;
++ PEM_SealUpdate;
++ PEM_SignFinal;
++ PEM_SignInit;
++ PEM_SignUpdate;
++ PEM_X509_INFO_read;
++ PEM_X509_INFO_read_bio;
++ PEM_X509_INFO_write_bio;
++ PEM_dek_info;
++ PEM_do_header;
++ PEM_get_EVP_CIPHER_INFO;
++ PEM_proc_type;
++ PEM_read;
++ PEM_read_DHparams;
++ PEM_read_DSAPrivateKey;
++ PEM_read_DSAparams;
++ PEM_read_PKCS7;
++ PEM_read_PrivateKey;
++ PEM_read_RSAPrivateKey;
++ PEM_read_X509;
++ PEM_read_X509_CRL;
++ PEM_read_X509_REQ;
++ PEM_read_bio;
++ PEM_read_bio_DHparams;
++ PEM_read_bio_DSAPrivateKey;
++ PEM_read_bio_DSAparams;
++ PEM_read_bio_PKCS7;
++ PEM_read_bio_PrivateKey;
++ PEM_read_bio_RSAPrivateKey;
++ PEM_read_bio_X509;
++ PEM_read_bio_X509_CRL;
++ PEM_read_bio_X509_REQ;
++ PEM_write;
++ PEM_write_DHparams;
++ PEM_write_DSAPrivateKey;
++ PEM_write_DSAparams;
++ PEM_write_PKCS7;
++ PEM_write_PrivateKey;
++ PEM_write_RSAPrivateKey;
++ PEM_write_X509;
++ PEM_write_X509_CRL;
++ PEM_write_X509_REQ;
++ PEM_write_bio;
++ PEM_write_bio_DHparams;
++ PEM_write_bio_DSAPrivateKey;
++ PEM_write_bio_DSAparams;
++ PEM_write_bio_PKCS7;
++ PEM_write_bio_PrivateKey;
++ PEM_write_bio_RSAPrivateKey;
++ PEM_write_bio_X509;
++ PEM_write_bio_X509_CRL;
++ PEM_write_bio_X509_REQ;
++ PKCS7_DIGEST_free;
++ PKCS7_DIGEST_new;
++ PKCS7_ENCRYPT_free;
++ PKCS7_ENCRYPT_new;
++ PKCS7_ENC_CONTENT_free;
++ PKCS7_ENC_CONTENT_new;
++ PKCS7_ENVELOPE_free;
++ PKCS7_ENVELOPE_new;
++ PKCS7_ISSUER_AND_SERIAL_digest;
++ PKCS7_ISSUER_AND_SERIAL_free;
++ PKCS7_ISSUER_AND_SERIAL_new;
++ PKCS7_RECIP_INFO_free;
++ PKCS7_RECIP_INFO_new;
++ PKCS7_SIGNED_free;
++ PKCS7_SIGNED_new;
++ PKCS7_SIGNER_INFO_free;
++ PKCS7_SIGNER_INFO_new;
++ PKCS7_SIGN_ENVELOPE_free;
++ PKCS7_SIGN_ENVELOPE_new;
++ PKCS7_dup;
++ PKCS7_free;
++ PKCS7_new;
++ PROXY_ENTRY_add_noproxy;
++ PROXY_ENTRY_clear_noproxy;
++ PROXY_ENTRY_free;
++ PROXY_ENTRY_get_noproxy;
++ PROXY_ENTRY_new;
++ PROXY_ENTRY_set_server;
++ PROXY_add_noproxy;
++ PROXY_add_server;
++ PROXY_check_by_host;
++ PROXY_check_url;
++ PROXY_clear_noproxy;
++ PROXY_free;
++ PROXY_get_noproxy;
++ PROXY_get_proxies;
++ PROXY_get_proxy_entry;
++ PROXY_load_conf;
++ PROXY_new;
++ PROXY_print;
++ RAND_bytes;
++ RAND_cleanup;
++ RAND_file_name;
++ RAND_load_file;
++ RAND_screen;
++ RAND_seed;
++ RAND_write_file;
++ RC2_cbc_encrypt;
++ RC2_cfb64_encrypt;
++ RC2_ecb_encrypt;
++ RC2_encrypt;
++ RC2_ofb64_encrypt;
++ RC2_set_key;
++ RC4;
++ RC4_options;
++ RC4_set_key;
++ RSAPrivateKey_asn1_meth;
++ RSAPrivateKey_dup;
++ RSAPublicKey_dup;
++ RSA_PKCS1_SSLeay;
++ RSA_free;
++ RSA_generate_key;
++ RSA_new;
++ RSA_new_method;
++ RSA_print;
++ RSA_print_fp;
++ RSA_private_decrypt;
++ RSA_private_encrypt;
++ RSA_public_decrypt;
++ RSA_public_encrypt;
++ RSA_set_default_method;
++ RSA_sign;
++ RSA_sign_ASN1_OCTET_STRING;
++ RSA_size;
++ RSA_verify;
++ RSA_verify_ASN1_OCTET_STRING;
++ SHA;
++ SHA1;
++ SHA1_Final;
++ SHA1_Init;
++ SHA1_Update;
++ SHA_Final;
++ SHA_Init;
++ SHA_Update;
++ OpenSSL_add_all_algorithms;
++ OpenSSL_add_all_ciphers;
++ OpenSSL_add_all_digests;
++ TXT_DB_create_index;
++ TXT_DB_free;
++ TXT_DB_get_by_index;
++ TXT_DB_insert;
++ TXT_DB_read;
++ TXT_DB_write;
++ X509_ALGOR_free;
++ X509_ALGOR_new;
++ X509_ATTRIBUTE_free;
++ X509_ATTRIBUTE_new;
++ X509_CINF_free;
++ X509_CINF_new;
++ X509_CRL_INFO_free;
++ X509_CRL_INFO_new;
++ X509_CRL_add_ext;
++ X509_CRL_cmp;
++ X509_CRL_delete_ext;
++ X509_CRL_dup;
++ X509_CRL_free;
++ X509_CRL_get_ext;
++ X509_CRL_get_ext_by_NID;
++ X509_CRL_get_ext_by_OBJ;
++ X509_CRL_get_ext_by_critical;
++ X509_CRL_get_ext_count;
++ X509_CRL_new;
++ X509_CRL_sign;
++ X509_CRL_verify;
++ X509_EXTENSION_create_by_NID;
++ X509_EXTENSION_create_by_OBJ;
++ X509_EXTENSION_dup;
++ X509_EXTENSION_free;
++ X509_EXTENSION_get_critical;
++ X509_EXTENSION_get_data;
++ X509_EXTENSION_get_object;
++ X509_EXTENSION_new;
++ X509_EXTENSION_set_critical;
++ X509_EXTENSION_set_data;
++ X509_EXTENSION_set_object;
++ X509_INFO_free;
++ X509_INFO_new;
++ X509_LOOKUP_by_alias;
++ X509_LOOKUP_by_fingerprint;
++ X509_LOOKUP_by_issuer_serial;
++ X509_LOOKUP_by_subject;
++ X509_LOOKUP_ctrl;
++ X509_LOOKUP_file;
++ X509_LOOKUP_free;
++ X509_LOOKUP_hash_dir;
++ X509_LOOKUP_init;
++ X509_LOOKUP_new;
++ X509_LOOKUP_shutdown;
++ X509_NAME_ENTRY_create_by_NID;
++ X509_NAME_ENTRY_create_by_OBJ;
++ X509_NAME_ENTRY_dup;
++ X509_NAME_ENTRY_free;
++ X509_NAME_ENTRY_get_data;
++ X509_NAME_ENTRY_get_object;
++ X509_NAME_ENTRY_new;
++ X509_NAME_ENTRY_set_data;
++ X509_NAME_ENTRY_set_object;
++ X509_NAME_add_entry;
++ X509_NAME_cmp;
++ X509_NAME_delete_entry;
++ X509_NAME_digest;
++ X509_NAME_dup;
++ X509_NAME_entry_count;
++ X509_NAME_free;
++ X509_NAME_get_entry;
++ X509_NAME_get_index_by_NID;
++ X509_NAME_get_index_by_OBJ;
++ X509_NAME_get_text_by_NID;
++ X509_NAME_get_text_by_OBJ;
++ X509_NAME_hash;
++ X509_NAME_new;
++ X509_NAME_oneline;
++ X509_NAME_print;
++ X509_NAME_set;
++ X509_OBJECT_free_contents;
++ X509_OBJECT_retrieve_by_subject;
++ X509_OBJECT_up_ref_count;
++ X509_PKEY_free;
++ X509_PKEY_new;
++ X509_PUBKEY_free;
++ X509_PUBKEY_get;
++ X509_PUBKEY_new;
++ X509_PUBKEY_set;
++ X509_REQ_INFO_free;
++ X509_REQ_INFO_new;
++ X509_REQ_dup;
++ X509_REQ_free;
++ X509_REQ_get_pubkey;
++ X509_REQ_new;
++ X509_REQ_print;
++ X509_REQ_print_fp;
++ X509_REQ_set_pubkey;
++ X509_REQ_set_subject_name;
++ X509_REQ_set_version;
++ X509_REQ_sign;
++ X509_REQ_to_X509;
++ X509_REQ_verify;
++ X509_REVOKED_add_ext;
++ X509_REVOKED_delete_ext;
++ X509_REVOKED_free;
++ X509_REVOKED_get_ext;
++ X509_REVOKED_get_ext_by_NID;
++ X509_REVOKED_get_ext_by_OBJ;
++ X509_REVOKED_get_ext_by_critical;
++ X509_REVOKED_get_ext_by_critic;
++ X509_REVOKED_get_ext_count;
++ X509_REVOKED_new;
++ X509_SIG_free;
++ X509_SIG_new;
++ X509_STORE_CTX_cleanup;
++ X509_STORE_CTX_init;
++ X509_STORE_add_cert;
++ X509_STORE_add_lookup;
++ X509_STORE_free;
++ X509_STORE_get_by_subject;
++ X509_STORE_load_locations;
++ X509_STORE_new;
++ X509_STORE_set_default_paths;
++ X509_VAL_free;
++ X509_VAL_new;
++ X509_add_ext;
++ X509_asn1_meth;
++ X509_certificate_type;
++ X509_check_private_key;
++ X509_cmp_current_time;
++ X509_delete_ext;
++ X509_digest;
++ X509_dup;
++ X509_free;
++ X509_get_default_cert_area;
++ X509_get_default_cert_dir;
++ X509_get_default_cert_dir_env;
++ X509_get_default_cert_file;
++ X509_get_default_cert_file_env;
++ X509_get_default_private_dir;
++ X509_get_ext;
++ X509_get_ext_by_NID;
++ X509_get_ext_by_OBJ;
++ X509_get_ext_by_critical;
++ X509_get_ext_count;
++ X509_get_issuer_name;
++ X509_get_pubkey;
++ X509_get_pubkey_parameters;
++ X509_get_serialNumber;
++ X509_get_subject_name;
++ X509_gmtime_adj;
++ X509_issuer_and_serial_cmp;
++ X509_issuer_and_serial_hash;
++ X509_issuer_name_cmp;
++ X509_issuer_name_hash;
++ X509_load_cert_file;
++ X509_new;
++ X509_print;
++ X509_print_fp;
++ X509_set_issuer_name;
++ X509_set_notAfter;
++ X509_set_notBefore;
++ X509_set_pubkey;
++ X509_set_serialNumber;
++ X509_set_subject_name;
++ X509_set_version;
++ X509_sign;
++ X509_subject_name_cmp;
++ X509_subject_name_hash;
++ X509_to_X509_REQ;
++ X509_verify;
++ X509_verify_cert;
++ X509_verify_cert_error_string;
++ X509v3_add_ext;
++ X509v3_add_extension;
++ X509v3_add_netscape_extensions;
++ X509v3_add_standard_extensions;
++ X509v3_cleanup_extensions;
++ X509v3_data_type_by_NID;
++ X509v3_data_type_by_OBJ;
++ X509v3_delete_ext;
++ X509v3_get_ext;
++ X509v3_get_ext_by_NID;
++ X509v3_get_ext_by_OBJ;
++ X509v3_get_ext_by_critical;
++ X509v3_get_ext_count;
++ X509v3_pack_string;
++ X509v3_pack_type_by_NID;
++ X509v3_pack_type_by_OBJ;
++ X509v3_unpack_string;
++ _des_crypt;
++ a2d_ASN1_OBJECT;
++ a2i_ASN1_INTEGER;
++ a2i_ASN1_STRING;
++ asn1_Finish;
++ asn1_GetSequence;
++ bn_div_words;
++ bn_expand2;
++ bn_mul_add_words;
++ bn_mul_words;
++ BN_uadd;
++ BN_usub;
++ bn_sqr_words;
++ _ossl_old_crypt;
++ d2i_ASN1_BIT_STRING;
++ d2i_ASN1_BOOLEAN;
++ d2i_ASN1_HEADER;
++ d2i_ASN1_IA5STRING;
++ d2i_ASN1_INTEGER;
++ d2i_ASN1_OBJECT;
++ d2i_ASN1_OCTET_STRING;
++ d2i_ASN1_PRINTABLE;
++ d2i_ASN1_PRINTABLESTRING;
++ d2i_ASN1_SET;
++ d2i_ASN1_T61STRING;
++ d2i_ASN1_TYPE;
++ d2i_ASN1_UTCTIME;
++ d2i_ASN1_bytes;
++ d2i_ASN1_type_bytes;
++ d2i_DHparams;
++ d2i_DSAPrivateKey;
++ d2i_DSAPrivateKey_bio;
++ d2i_DSAPrivateKey_fp;
++ d2i_DSAPublicKey;
++ d2i_DSAparams;
++ d2i_NETSCAPE_SPKAC;
++ d2i_NETSCAPE_SPKI;
++ d2i_Netscape_RSA;
++ d2i_PKCS7;
++ d2i_PKCS7_DIGEST;
++ d2i_PKCS7_ENCRYPT;
++ d2i_PKCS7_ENC_CONTENT;
++ d2i_PKCS7_ENVELOPE;
++ d2i_PKCS7_ISSUER_AND_SERIAL;
++ d2i_PKCS7_RECIP_INFO;
++ d2i_PKCS7_SIGNED;
++ d2i_PKCS7_SIGNER_INFO;
++ d2i_PKCS7_SIGN_ENVELOPE;
++ d2i_PKCS7_bio;
++ d2i_PKCS7_fp;
++ d2i_PrivateKey;
++ d2i_PublicKey;
++ d2i_RSAPrivateKey;
++ d2i_RSAPrivateKey_bio;
++ d2i_RSAPrivateKey_fp;
++ d2i_RSAPublicKey;
++ d2i_X509;
++ d2i_X509_ALGOR;
++ d2i_X509_ATTRIBUTE;
++ d2i_X509_CINF;
++ d2i_X509_CRL;
++ d2i_X509_CRL_INFO;
++ d2i_X509_CRL_bio;
++ d2i_X509_CRL_fp;
++ d2i_X509_EXTENSION;
++ d2i_X509_NAME;
++ d2i_X509_NAME_ENTRY;
++ d2i_X509_PKEY;
++ d2i_X509_PUBKEY;
++ d2i_X509_REQ;
++ d2i_X509_REQ_INFO;
++ d2i_X509_REQ_bio;
++ d2i_X509_REQ_fp;
++ d2i_X509_REVOKED;
++ d2i_X509_SIG;
++ d2i_X509_VAL;
++ d2i_X509_bio;
++ d2i_X509_fp;
++ DES_cbc_cksum;
++ DES_cbc_encrypt;
++ DES_cblock_print_file;
++ DES_cfb64_encrypt;
++ DES_cfb_encrypt;
++ DES_decrypt3;
++ DES_ecb3_encrypt;
++ DES_ecb_encrypt;
++ DES_ede3_cbc_encrypt;
++ DES_ede3_cfb64_encrypt;
++ DES_ede3_ofb64_encrypt;
++ DES_enc_read;
++ DES_enc_write;
++ DES_encrypt1;
++ DES_encrypt2;
++ DES_encrypt3;
++ DES_fcrypt;
++ DES_is_weak_key;
++ DES_key_sched;
++ DES_ncbc_encrypt;
++ DES_ofb64_encrypt;
++ DES_ofb_encrypt;
++ DES_options;
++ DES_pcbc_encrypt;
++ DES_quad_cksum;
++ DES_random_key;
++ _ossl_old_des_random_seed;
++ _ossl_old_des_read_2passwords;
++ _ossl_old_des_read_password;
++ _ossl_old_des_read_pw;
++ _ossl_old_des_read_pw_string;
++ DES_set_key;
++ DES_set_odd_parity;
++ DES_string_to_2keys;
++ DES_string_to_key;
++ DES_xcbc_encrypt;
++ DES_xwhite_in2out;
++ fcrypt_body;
++ i2a_ASN1_INTEGER;
++ i2a_ASN1_OBJECT;
++ i2a_ASN1_STRING;
++ i2d_ASN1_BIT_STRING;
++ i2d_ASN1_BOOLEAN;
++ i2d_ASN1_HEADER;
++ i2d_ASN1_IA5STRING;
++ i2d_ASN1_INTEGER;
++ i2d_ASN1_OBJECT;
++ i2d_ASN1_OCTET_STRING;
++ i2d_ASN1_PRINTABLE;
++ i2d_ASN1_SET;
++ i2d_ASN1_TYPE;
++ i2d_ASN1_UTCTIME;
++ i2d_ASN1_bytes;
++ i2d_DHparams;
++ i2d_DSAPrivateKey;
++ i2d_DSAPrivateKey_bio;
++ i2d_DSAPrivateKey_fp;
++ i2d_DSAPublicKey;
++ i2d_DSAparams;
++ i2d_NETSCAPE_SPKAC;
++ i2d_NETSCAPE_SPKI;
++ i2d_Netscape_RSA;
++ i2d_PKCS7;
++ i2d_PKCS7_DIGEST;
++ i2d_PKCS7_ENCRYPT;
++ i2d_PKCS7_ENC_CONTENT;
++ i2d_PKCS7_ENVELOPE;
++ i2d_PKCS7_ISSUER_AND_SERIAL;
++ i2d_PKCS7_RECIP_INFO;
++ i2d_PKCS7_SIGNED;
++ i2d_PKCS7_SIGNER_INFO;
++ i2d_PKCS7_SIGN_ENVELOPE;
++ i2d_PKCS7_bio;
++ i2d_PKCS7_fp;
++ i2d_PrivateKey;
++ i2d_PublicKey;
++ i2d_RSAPrivateKey;
++ i2d_RSAPrivateKey_bio;
++ i2d_RSAPrivateKey_fp;
++ i2d_RSAPublicKey;
++ i2d_X509;
++ i2d_X509_ALGOR;
++ i2d_X509_ATTRIBUTE;
++ i2d_X509_CINF;
++ i2d_X509_CRL;
++ i2d_X509_CRL_INFO;
++ i2d_X509_CRL_bio;
++ i2d_X509_CRL_fp;
++ i2d_X509_EXTENSION;
++ i2d_X509_NAME;
++ i2d_X509_NAME_ENTRY;
++ i2d_X509_PKEY;
++ i2d_X509_PUBKEY;
++ i2d_X509_REQ;
++ i2d_X509_REQ_INFO;
++ i2d_X509_REQ_bio;
++ i2d_X509_REQ_fp;
++ i2d_X509_REVOKED;
++ i2d_X509_SIG;
++ i2d_X509_VAL;
++ i2d_X509_bio;
++ i2d_X509_fp;
++ idea_cbc_encrypt;
++ idea_cfb64_encrypt;
++ idea_ecb_encrypt;
++ idea_encrypt;
++ idea_ofb64_encrypt;
++ idea_options;
++ idea_set_decrypt_key;
++ idea_set_encrypt_key;
++ lh_delete;
++ lh_doall;
++ lh_doall_arg;
++ lh_free;
++ lh_insert;
++ lh_new;
++ lh_node_stats;
++ lh_node_stats_bio;
++ lh_node_usage_stats;
++ lh_node_usage_stats_bio;
++ lh_retrieve;
++ lh_stats;
++ lh_stats_bio;
++ lh_strhash;
++ sk_delete;
++ sk_delete_ptr;
++ sk_dup;
++ sk_find;
++ sk_free;
++ sk_insert;
++ sk_new;
++ sk_pop;
++ sk_pop_free;
++ sk_push;
++ sk_set_cmp_func;
++ sk_shift;
++ sk_unshift;
++ sk_zero;
++ BIO_f_nbio_test;
++ ASN1_TYPE_get;
++ ASN1_TYPE_set;
++ PKCS7_content_free;
++ ERR_load_PKCS7_strings;
++ X509_find_by_issuer_and_serial;
++ X509_find_by_subject;
++ PKCS7_ctrl;
++ PKCS7_set_type;
++ PKCS7_set_content;
++ PKCS7_SIGNER_INFO_set;
++ PKCS7_add_signer;
++ PKCS7_add_certificate;
++ PKCS7_add_crl;
++ PKCS7_content_new;
++ PKCS7_dataSign;
++ PKCS7_dataVerify;
++ PKCS7_dataInit;
++ PKCS7_add_signature;
++ PKCS7_cert_from_signer_info;
++ PKCS7_get_signer_info;
++ EVP_delete_alias;
++ EVP_mdc2;
++ PEM_read_bio_RSAPublicKey;
++ PEM_write_bio_RSAPublicKey;
++ d2i_RSAPublicKey_bio;
++ i2d_RSAPublicKey_bio;
++ PEM_read_RSAPublicKey;
++ PEM_write_RSAPublicKey;
++ d2i_RSAPublicKey_fp;
++ i2d_RSAPublicKey_fp;
++ BIO_copy_next_retry;
++ RSA_flags;
++ X509_STORE_add_crl;
++ X509_load_crl_file;
++ EVP_rc2_40_cbc;
++ EVP_rc4_40;
++ EVP_CIPHER_CTX_init;
++ HMAC;
++ HMAC_Init;
++ HMAC_Update;
++ HMAC_Final;
++ ERR_get_next_error_library;
++ EVP_PKEY_cmp_parameters;
++ HMAC_cleanup;
++ BIO_ptr_ctrl;
++ BIO_new_file_internal;
++ BIO_new_fp_internal;
++ BIO_s_file_internal;
++ BN_BLINDING_convert;
++ BN_BLINDING_invert;
++ BN_BLINDING_update;
++ RSA_blinding_on;
++ RSA_blinding_off;
++ i2t_ASN1_OBJECT;
++ BN_BLINDING_new;
++ BN_BLINDING_free;
++ EVP_cast5_cbc;
++ EVP_cast5_cfb64;
++ EVP_cast5_ecb;
++ EVP_cast5_ofb;
++ BF_decrypt;
++ CAST_set_key;
++ CAST_encrypt;
++ CAST_decrypt;
++ CAST_ecb_encrypt;
++ CAST_cbc_encrypt;
++ CAST_cfb64_encrypt;
++ CAST_ofb64_encrypt;
++ RC2_decrypt;
++ OBJ_create_objects;
++ BN_exp;
++ BN_mul_word;
++ BN_sub_word;
++ BN_dec2bn;
++ BN_bn2dec;
++ BIO_ghbn_ctrl;
++ CRYPTO_free_ex_data;
++ CRYPTO_get_ex_data;
++ CRYPTO_set_ex_data;
++ ERR_load_CRYPTO_strings;
++ ERR_load_CRYPTOlib_strings;
++ EVP_PKEY_bits;
++ MD5_Transform;
++ SHA1_Transform;
++ SHA_Transform;
++ X509_STORE_CTX_get_chain;
++ X509_STORE_CTX_get_current_cert;
++ X509_STORE_CTX_get_error;
++ X509_STORE_CTX_get_error_depth;
++ X509_STORE_CTX_get_ex_data;
++ X509_STORE_CTX_set_cert;
++ X509_STORE_CTX_set_chain;
++ X509_STORE_CTX_set_error;
++ X509_STORE_CTX_set_ex_data;
++ CRYPTO_dup_ex_data;
++ CRYPTO_get_new_lockid;
++ CRYPTO_new_ex_data;
++ RSA_set_ex_data;
++ RSA_get_ex_data;
++ RSA_get_ex_new_index;
++ RSA_padding_add_PKCS1_type_1;
++ RSA_padding_add_PKCS1_type_2;
++ RSA_padding_add_SSLv23;
++ RSA_padding_add_none;
++ RSA_padding_check_PKCS1_type_1;
++ RSA_padding_check_PKCS1_type_2;
++ RSA_padding_check_SSLv23;
++ RSA_padding_check_none;
++ bn_add_words;
++ d2i_Netscape_RSA_2;
++ CRYPTO_get_ex_new_index;
++ RIPEMD160_Init;
++ RIPEMD160_Update;
++ RIPEMD160_Final;
++ RIPEMD160;
++ RIPEMD160_Transform;
++ RC5_32_set_key;
++ RC5_32_ecb_encrypt;
++ RC5_32_encrypt;
++ RC5_32_decrypt;
++ RC5_32_cbc_encrypt;
++ RC5_32_cfb64_encrypt;
++ RC5_32_ofb64_encrypt;
++ BN_bn2mpi;
++ BN_mpi2bn;
++ ASN1_BIT_STRING_get_bit;
++ ASN1_BIT_STRING_set_bit;
++ BIO_get_ex_data;
++ BIO_get_ex_new_index;
++ BIO_set_ex_data;
++ X509v3_get_key_usage;
++ X509v3_set_key_usage;
++ a2i_X509v3_key_usage;
++ i2a_X509v3_key_usage;
++ EVP_PKEY_decrypt;
++ EVP_PKEY_encrypt;
++ PKCS7_RECIP_INFO_set;
++ PKCS7_add_recipient;
++ PKCS7_add_recipient_info;
++ PKCS7_set_cipher;
++ ASN1_TYPE_get_int_octetstring;
++ ASN1_TYPE_get_octetstring;
++ ASN1_TYPE_set_int_octetstring;
++ ASN1_TYPE_set_octetstring;
++ ASN1_UTCTIME_set_string;
++ ERR_add_error_data;
++ ERR_set_error_data;
++ EVP_CIPHER_asn1_to_param;
++ EVP_CIPHER_param_to_asn1;
++ EVP_CIPHER_get_asn1_iv;
++ EVP_CIPHER_set_asn1_iv;
++ EVP_rc5_32_12_16_cbc;
++ EVP_rc5_32_12_16_cfb64;
++ EVP_rc5_32_12_16_ecb;
++ EVP_rc5_32_12_16_ofb;
++ asn1_add_error;
++ d2i_ASN1_BMPSTRING;
++ i2d_ASN1_BMPSTRING;
++ BIO_f_ber;
++ BN_init;
++ COMP_CTX_new;
++ COMP_CTX_free;
++ COMP_CTX_compress_block;
++ COMP_CTX_expand_block;
++ X509_STORE_CTX_get_ex_new_index;
++ OBJ_NAME_add;
++ BIO_socket_nbio;
++ EVP_rc2_64_cbc;
++ OBJ_NAME_cleanup;
++ OBJ_NAME_get;
++ OBJ_NAME_init;
++ OBJ_NAME_new_index;
++ OBJ_NAME_remove;
++ BN_MONT_CTX_copy;
++ BIO_new_socks4a_connect;
++ BIO_s_socks4a_connect;
++ PROXY_set_connect_mode;
++ RAND_SSLeay;
++ RAND_set_rand_method;
++ RSA_memory_lock;
++ bn_sub_words;
++ bn_mul_normal;
++ bn_mul_comba8;
++ bn_mul_comba4;
++ bn_sqr_normal;
++ bn_sqr_comba8;
++ bn_sqr_comba4;
++ bn_cmp_words;
++ bn_mul_recursive;
++ bn_mul_part_recursive;
++ bn_sqr_recursive;
++ bn_mul_low_normal;
++ BN_RECP_CTX_init;
++ BN_RECP_CTX_new;
++ BN_RECP_CTX_free;
++ BN_RECP_CTX_set;
++ BN_mod_mul_reciprocal;
++ BN_mod_exp_recp;
++ BN_div_recp;
++ BN_CTX_init;
++ BN_MONT_CTX_init;
++ RAND_get_rand_method;
++ PKCS7_add_attribute;
++ PKCS7_add_signed_attribute;
++ PKCS7_digest_from_attributes;
++ PKCS7_get_attribute;
++ PKCS7_get_issuer_and_serial;
++ PKCS7_get_signed_attribute;
++ COMP_compress_block;
++ COMP_expand_block;
++ COMP_rle;
++ COMP_zlib;
++ ms_time_diff;
++ ms_time_new;
++ ms_time_free;
++ ms_time_cmp;
++ ms_time_get;
++ PKCS7_set_attributes;
++ PKCS7_set_signed_attributes;
++ X509_ATTRIBUTE_create;
++ X509_ATTRIBUTE_dup;
++ ASN1_GENERALIZEDTIME_check;
++ ASN1_GENERALIZEDTIME_print;
++ ASN1_GENERALIZEDTIME_set;
++ ASN1_GENERALIZEDTIME_set_string;
++ ASN1_TIME_print;
++ BASIC_CONSTRAINTS_free;
++ BASIC_CONSTRAINTS_new;
++ ERR_load_X509V3_strings;
++ NETSCAPE_CERT_SEQUENCE_free;
++ NETSCAPE_CERT_SEQUENCE_new;
++ OBJ_txt2obj;
++ PEM_read_NETSCAPE_CERT_SEQUENCE;
++ PEM_read_NS_CERT_SEQ;
++ PEM_read_bio_NETSCAPE_CERT_SEQUENCE;
++ PEM_read_bio_NS_CERT_SEQ;
++ PEM_write_NETSCAPE_CERT_SEQUENCE;
++ PEM_write_NS_CERT_SEQ;
++ PEM_write_bio_NETSCAPE_CERT_SEQUENCE;
++ PEM_write_bio_NS_CERT_SEQ;
++ X509V3_EXT_add;
++ X509V3_EXT_add_alias;
++ X509V3_EXT_add_conf;
++ X509V3_EXT_cleanup;
++ X509V3_EXT_conf;
++ X509V3_EXT_conf_nid;
++ X509V3_EXT_get;
++ X509V3_EXT_get_nid;
++ X509V3_EXT_print;
++ X509V3_EXT_print_fp;
++ X509V3_add_standard_extensions;
++ X509V3_add_value;
++ X509V3_add_value_bool;
++ X509V3_add_value_int;
++ X509V3_conf_free;
++ X509V3_get_value_bool;
++ X509V3_get_value_int;
++ X509V3_parse_list;
++ d2i_ASN1_GENERALIZEDTIME;
++ d2i_ASN1_TIME;
++ d2i_BASIC_CONSTRAINTS;
++ d2i_NETSCAPE_CERT_SEQUENCE;
++ d2i_ext_ku;
++ ext_ku_free;
++ ext_ku_new;
++ i2d_ASN1_GENERALIZEDTIME;
++ i2d_ASN1_TIME;
++ i2d_BASIC_CONSTRAINTS;
++ i2d_NETSCAPE_CERT_SEQUENCE;
++ i2d_ext_ku;
++ EVP_MD_CTX_copy;
++ i2d_ASN1_ENUMERATED;
++ d2i_ASN1_ENUMERATED;
++ ASN1_ENUMERATED_set;
++ ASN1_ENUMERATED_get;
++ BN_to_ASN1_ENUMERATED;
++ ASN1_ENUMERATED_to_BN;
++ i2a_ASN1_ENUMERATED;
++ a2i_ASN1_ENUMERATED;
++ i2d_GENERAL_NAME;
++ d2i_GENERAL_NAME;
++ GENERAL_NAME_new;
++ GENERAL_NAME_free;
++ GENERAL_NAMES_new;
++ GENERAL_NAMES_free;
++ d2i_GENERAL_NAMES;
++ i2d_GENERAL_NAMES;
++ i2v_GENERAL_NAMES;
++ i2s_ASN1_OCTET_STRING;
++ s2i_ASN1_OCTET_STRING;
++ X509V3_EXT_check_conf;
++ hex_to_string;
++ string_to_hex;
++ DES_ede3_cbcm_encrypt;
++ RSA_padding_add_PKCS1_OAEP;
++ RSA_padding_check_PKCS1_OAEP;
++ X509_CRL_print_fp;
++ X509_CRL_print;
++ i2v_GENERAL_NAME;
++ v2i_GENERAL_NAME;
++ i2d_PKEY_USAGE_PERIOD;
++ d2i_PKEY_USAGE_PERIOD;
++ PKEY_USAGE_PERIOD_new;
++ PKEY_USAGE_PERIOD_free;
++ v2i_GENERAL_NAMES;
++ i2s_ASN1_INTEGER;
++ X509V3_EXT_d2i;
++ name_cmp;
++ str_dup;
++ i2s_ASN1_ENUMERATED;
++ i2s_ASN1_ENUMERATED_TABLE;
++ BIO_s_log;
++ BIO_f_reliable;
++ PKCS7_dataFinal;
++ PKCS7_dataDecode;
++ X509V3_EXT_CRL_add_conf;
++ BN_set_params;
++ BN_get_params;
++ BIO_get_ex_num;
++ BIO_set_ex_free_func;
++ EVP_ripemd160;
++ ASN1_TIME_set;
++ i2d_AUTHORITY_KEYID;
++ d2i_AUTHORITY_KEYID;
++ AUTHORITY_KEYID_new;
++ AUTHORITY_KEYID_free;
++ ASN1_seq_unpack;
++ ASN1_seq_pack;
++ ASN1_unpack_string;
++ ASN1_pack_string;
++ PKCS12_pack_safebag;
++ PKCS12_MAKE_KEYBAG;
++ PKCS8_encrypt;
++ PKCS12_MAKE_SHKEYBAG;
++ PKCS12_pack_p7data;
++ PKCS12_pack_p7encdata;
++ PKCS12_add_localkeyid;
++ PKCS12_add_friendlyname_asc;
++ PKCS12_add_friendlyname_uni;
++ PKCS12_get_friendlyname;
++ PKCS12_pbe_crypt;
++ PKCS12_decrypt_d2i;
++ PKCS12_i2d_encrypt;
++ PKCS12_init;
++ PKCS12_key_gen_asc;
++ PKCS12_key_gen_uni;
++ PKCS12_gen_mac;
++ PKCS12_verify_mac;
++ PKCS12_set_mac;
++ PKCS12_setup_mac;
++ OPENSSL_asc2uni;
++ OPENSSL_uni2asc;
++ i2d_PKCS12_BAGS;
++ PKCS12_BAGS_new;
++ d2i_PKCS12_BAGS;
++ PKCS12_BAGS_free;
++ i2d_PKCS12;
++ d2i_PKCS12;
++ PKCS12_new;
++ PKCS12_free;
++ i2d_PKCS12_MAC_DATA;
++ PKCS12_MAC_DATA_new;
++ d2i_PKCS12_MAC_DATA;
++ PKCS12_MAC_DATA_free;
++ i2d_PKCS12_SAFEBAG;
++ PKCS12_SAFEBAG_new;
++ d2i_PKCS12_SAFEBAG;
++ PKCS12_SAFEBAG_free;
++ ERR_load_PKCS12_strings;
++ PKCS12_PBE_add;
++ PKCS8_add_keyusage;
++ PKCS12_get_attr_gen;
++ PKCS12_parse;
++ PKCS12_create;
++ i2d_PKCS12_bio;
++ i2d_PKCS12_fp;
++ d2i_PKCS12_bio;
++ d2i_PKCS12_fp;
++ i2d_PBEPARAM;
++ PBEPARAM_new;
++ d2i_PBEPARAM;
++ PBEPARAM_free;
++ i2d_PKCS8_PRIV_KEY_INFO;
++ PKCS8_PRIV_KEY_INFO_new;
++ d2i_PKCS8_PRIV_KEY_INFO;
++ PKCS8_PRIV_KEY_INFO_free;
++ EVP_PKCS82PKEY;
++ EVP_PKEY2PKCS8;
++ PKCS8_set_broken;
++ EVP_PBE_ALGOR_CipherInit;
++ EVP_PBE_alg_add;
++ PKCS5_pbe_set;
++ EVP_PBE_cleanup;
++ i2d_SXNET;
++ d2i_SXNET;
++ SXNET_new;
++ SXNET_free;
++ i2d_SXNETID;
++ d2i_SXNETID;
++ SXNETID_new;
++ SXNETID_free;
++ DSA_SIG_new;
++ DSA_SIG_free;
++ DSA_do_sign;
++ DSA_do_verify;
++ d2i_DSA_SIG;
++ i2d_DSA_SIG;
++ i2d_ASN1_VISIBLESTRING;
++ d2i_ASN1_VISIBLESTRING;
++ i2d_ASN1_UTF8STRING;
++ d2i_ASN1_UTF8STRING;
++ i2d_DIRECTORYSTRING;
++ d2i_DIRECTORYSTRING;
++ i2d_DISPLAYTEXT;
++ d2i_DISPLAYTEXT;
++ d2i_ASN1_SET_OF_X509;
++ i2d_ASN1_SET_OF_X509;
++ i2d_PBKDF2PARAM;
++ PBKDF2PARAM_new;
++ d2i_PBKDF2PARAM;
++ PBKDF2PARAM_free;
++ i2d_PBE2PARAM;
++ PBE2PARAM_new;
++ d2i_PBE2PARAM;
++ PBE2PARAM_free;
++ d2i_ASN1_SET_OF_GENERAL_NAME;
++ i2d_ASN1_SET_OF_GENERAL_NAME;
++ d2i_ASN1_SET_OF_SXNETID;
++ i2d_ASN1_SET_OF_SXNETID;
++ d2i_ASN1_SET_OF_POLICYQUALINFO;
++ i2d_ASN1_SET_OF_POLICYQUALINFO;
++ d2i_ASN1_SET_OF_POLICYINFO;
++ i2d_ASN1_SET_OF_POLICYINFO;
++ SXNET_add_id_asc;
++ SXNET_add_id_ulong;
++ SXNET_add_id_INTEGER;
++ SXNET_get_id_asc;
++ SXNET_get_id_ulong;
++ SXNET_get_id_INTEGER;
++ X509V3_set_conf_lhash;
++ i2d_CERTIFICATEPOLICIES;
++ CERTIFICATEPOLICIES_new;
++ CERTIFICATEPOLICIES_free;
++ d2i_CERTIFICATEPOLICIES;
++ i2d_POLICYINFO;
++ POLICYINFO_new;
++ d2i_POLICYINFO;
++ POLICYINFO_free;
++ i2d_POLICYQUALINFO;
++ POLICYQUALINFO_new;
++ d2i_POLICYQUALINFO;
++ POLICYQUALINFO_free;
++ i2d_USERNOTICE;
++ USERNOTICE_new;
++ d2i_USERNOTICE;
++ USERNOTICE_free;
++ i2d_NOTICEREF;
++ NOTICEREF_new;
++ d2i_NOTICEREF;
++ NOTICEREF_free;
++ X509V3_get_string;
++ X509V3_get_section;
++ X509V3_string_free;
++ X509V3_section_free;
++ X509V3_set_ctx;
++ s2i_ASN1_INTEGER;
++ CRYPTO_set_locked_mem_functions;
++ CRYPTO_get_locked_mem_functions;
++ CRYPTO_malloc_locked;
++ CRYPTO_free_locked;
++ BN_mod_exp2_mont;
++ ERR_get_error_line_data;
++ ERR_peek_error_line_data;
++ PKCS12_PBE_keyivgen;
++ X509_ALGOR_dup;
++ d2i_ASN1_SET_OF_DIST_POINT;
++ i2d_ASN1_SET_OF_DIST_POINT;
++ i2d_CRL_DIST_POINTS;
++ CRL_DIST_POINTS_new;
++ CRL_DIST_POINTS_free;
++ d2i_CRL_DIST_POINTS;
++ i2d_DIST_POINT;
++ DIST_POINT_new;
++ d2i_DIST_POINT;
++ DIST_POINT_free;
++ i2d_DIST_POINT_NAME;
++ DIST_POINT_NAME_new;
++ DIST_POINT_NAME_free;
++ d2i_DIST_POINT_NAME;
++ X509V3_add_value_uchar;
++ d2i_ASN1_SET_OF_X509_ATTRIBUTE;
++ i2d_ASN1_SET_OF_ASN1_TYPE;
++ d2i_ASN1_SET_OF_X509_EXTENSION;
++ d2i_ASN1_SET_OF_X509_NAME_ENTRY;
++ d2i_ASN1_SET_OF_ASN1_TYPE;
++ i2d_ASN1_SET_OF_X509_ATTRIBUTE;
++ i2d_ASN1_SET_OF_X509_EXTENSION;
++ i2d_ASN1_SET_OF_X509_NAME_ENTRY;
++ X509V3_EXT_i2d;
++ X509V3_EXT_val_prn;
++ X509V3_EXT_add_list;
++ EVP_CIPHER_type;
++ EVP_PBE_CipherInit;
++ X509V3_add_value_bool_nf;
++ d2i_ASN1_UINTEGER;
++ sk_value;
++ sk_num;
++ sk_set;
++ i2d_ASN1_SET_OF_X509_REVOKED;
++ sk_sort;
++ d2i_ASN1_SET_OF_X509_REVOKED;
++ i2d_ASN1_SET_OF_X509_ALGOR;
++ i2d_ASN1_SET_OF_X509_CRL;
++ d2i_ASN1_SET_OF_X509_ALGOR;
++ d2i_ASN1_SET_OF_X509_CRL;
++ i2d_ASN1_SET_OF_PKCS7_SIGNER_INFO;
++ i2d_ASN1_SET_OF_PKCS7_RECIP_INFO;
++ d2i_ASN1_SET_OF_PKCS7_SIGNER_INFO;
++ d2i_ASN1_SET_OF_PKCS7_RECIP_INFO;
++ PKCS5_PBE_add;
++ PEM_write_bio_PKCS8;
++ i2d_PKCS8_fp;
++ PEM_read_bio_PKCS8_PRIV_KEY_INFO;
++ PEM_read_bio_P8_PRIV_KEY_INFO;
++ d2i_PKCS8_bio;
++ d2i_PKCS8_PRIV_KEY_INFO_fp;
++ PEM_write_bio_PKCS8_PRIV_KEY_INFO;
++ PEM_write_bio_P8_PRIV_KEY_INFO;
++ PEM_read_PKCS8;
++ d2i_PKCS8_PRIV_KEY_INFO_bio;
++ d2i_PKCS8_fp;
++ PEM_write_PKCS8;
++ PEM_read_PKCS8_PRIV_KEY_INFO;
++ PEM_read_P8_PRIV_KEY_INFO;
++ PEM_read_bio_PKCS8;
++ PEM_write_PKCS8_PRIV_KEY_INFO;
++ PEM_write_P8_PRIV_KEY_INFO;
++ PKCS5_PBE_keyivgen;
++ i2d_PKCS8_bio;
++ i2d_PKCS8_PRIV_KEY_INFO_fp;
++ i2d_PKCS8_PRIV_KEY_INFO_bio;
++ BIO_s_bio;
++ PKCS5_pbe2_set;
++ PKCS5_PBKDF2_HMAC_SHA1;
++ PKCS5_v2_PBE_keyivgen;
++ PEM_write_bio_PKCS8PrivateKey;
++ PEM_write_PKCS8PrivateKey;
++ BIO_ctrl_get_read_request;
++ BIO_ctrl_pending;
++ BIO_ctrl_wpending;
++ BIO_new_bio_pair;
++ BIO_ctrl_get_write_guarantee;
++ CRYPTO_num_locks;
++ CONF_load_bio;
++ CONF_load_fp;
++ i2d_ASN1_SET_OF_ASN1_OBJECT;
++ d2i_ASN1_SET_OF_ASN1_OBJECT;
++ PKCS7_signatureVerify;
++ RSA_set_method;
++ RSA_get_method;
++ RSA_get_default_method;
++ RSA_check_key;
++ OBJ_obj2txt;
++ DSA_dup_DH;
++ X509_REQ_get_extensions;
++ X509_REQ_set_extension_nids;
++ BIO_nwrite;
++ X509_REQ_extension_nid;
++ BIO_nread;
++ X509_REQ_get_extension_nids;
++ BIO_nwrite0;
++ X509_REQ_add_extensions_nid;
++ BIO_nread0;
++ X509_REQ_add_extensions;
++ BIO_new_mem_buf;
++ DH_set_ex_data;
++ DH_set_method;
++ DSA_OpenSSL;
++ DH_get_ex_data;
++ DH_get_ex_new_index;
++ DSA_new_method;
++ DH_new_method;
++ DH_OpenSSL;
++ DSA_get_ex_new_index;
++ DH_get_default_method;
++ DSA_set_ex_data;
++ DH_set_default_method;
++ DSA_get_ex_data;
++ X509V3_EXT_REQ_add_conf;
++ NETSCAPE_SPKI_print;
++ NETSCAPE_SPKI_set_pubkey;
++ NETSCAPE_SPKI_b64_encode;
++ NETSCAPE_SPKI_get_pubkey;
++ NETSCAPE_SPKI_b64_decode;
++ UTF8_putc;
++ UTF8_getc;
++ RSA_null_method;
++ ASN1_tag2str;
++ BIO_ctrl_reset_read_request;
++ DISPLAYTEXT_new;
++ ASN1_GENERALIZEDTIME_free;
++ X509_REVOKED_get_ext_d2i;
++ X509_set_ex_data;
++ X509_reject_set_bit_asc;
++ X509_NAME_add_entry_by_txt;
++ X509_NAME_add_entry_by_NID;
++ X509_PURPOSE_get0;
++ PEM_read_X509_AUX;
++ d2i_AUTHORITY_INFO_ACCESS;
++ PEM_write_PUBKEY;
++ ACCESS_DESCRIPTION_new;
++ X509_CERT_AUX_free;
++ d2i_ACCESS_DESCRIPTION;
++ X509_trust_clear;
++ X509_TRUST_add;
++ ASN1_VISIBLESTRING_new;
++ X509_alias_set1;
++ ASN1_PRINTABLESTRING_free;
++ EVP_PKEY_get1_DSA;
++ ASN1_BMPSTRING_new;
++ ASN1_mbstring_copy;
++ ASN1_UTF8STRING_new;
++ DSA_get_default_method;
++ i2d_ASN1_SET_OF_ACCESS_DESCRIPTION;
++ ASN1_T61STRING_free;
++ DSA_set_method;
++ X509_get_ex_data;
++ ASN1_STRING_type;
++ X509_PURPOSE_get_by_sname;
++ ASN1_TIME_free;
++ ASN1_OCTET_STRING_cmp;
++ ASN1_BIT_STRING_new;
++ X509_get_ext_d2i;
++ PEM_read_bio_X509_AUX;
++ ASN1_STRING_set_default_mask_asc;
++ ASN1_STRING_set_def_mask_asc;
++ PEM_write_bio_RSA_PUBKEY;
++ ASN1_INTEGER_cmp;
++ d2i_RSA_PUBKEY_fp;
++ X509_trust_set_bit_asc;
++ PEM_write_bio_DSA_PUBKEY;
++ X509_STORE_CTX_free;
++ EVP_PKEY_set1_DSA;
++ i2d_DSA_PUBKEY_fp;
++ X509_load_cert_crl_file;
++ ASN1_TIME_new;
++ i2d_RSA_PUBKEY;
++ X509_STORE_CTX_purpose_inherit;
++ PEM_read_RSA_PUBKEY;
++ d2i_X509_AUX;
++ i2d_DSA_PUBKEY;
++ X509_CERT_AUX_print;
++ PEM_read_DSA_PUBKEY;
++ i2d_RSA_PUBKEY_bio;
++ ASN1_BIT_STRING_num_asc;
++ i2d_PUBKEY;
++ ASN1_UTCTIME_free;
++ DSA_set_default_method;
++ X509_PURPOSE_get_by_id;
++ ACCESS_DESCRIPTION_free;
++ PEM_read_bio_PUBKEY;
++ ASN1_STRING_set_by_NID;
++ X509_PURPOSE_get_id;
++ DISPLAYTEXT_free;
++ OTHERNAME_new;
++ X509_CERT_AUX_new;
++ X509_TRUST_cleanup;
++ X509_NAME_add_entry_by_OBJ;
++ X509_CRL_get_ext_d2i;
++ X509_PURPOSE_get0_name;
++ PEM_read_PUBKEY;
++ i2d_DSA_PUBKEY_bio;
++ i2d_OTHERNAME;
++ ASN1_OCTET_STRING_free;
++ ASN1_BIT_STRING_set_asc;
++ X509_get_ex_new_index;
++ ASN1_STRING_TABLE_cleanup;
++ X509_TRUST_get_by_id;
++ X509_PURPOSE_get_trust;
++ ASN1_STRING_length;
++ d2i_ASN1_SET_OF_ACCESS_DESCRIPTION;
++ ASN1_PRINTABLESTRING_new;
++ X509V3_get_d2i;
++ ASN1_ENUMERATED_free;
++ i2d_X509_CERT_AUX;
++ X509_STORE_CTX_set_trust;
++ ASN1_STRING_set_default_mask;
++ X509_STORE_CTX_new;
++ EVP_PKEY_get1_RSA;
++ DIRECTORYSTRING_free;
++ PEM_write_X509_AUX;
++ ASN1_OCTET_STRING_set;
++ d2i_DSA_PUBKEY_fp;
++ d2i_RSA_PUBKEY;
++ X509_TRUST_get0_name;
++ X509_TRUST_get0;
++ AUTHORITY_INFO_ACCESS_free;
++ ASN1_IA5STRING_new;
++ d2i_DSA_PUBKEY;
++ X509_check_purpose;
++ ASN1_ENUMERATED_new;
++ d2i_RSA_PUBKEY_bio;
++ d2i_PUBKEY;
++ X509_TRUST_get_trust;
++ X509_TRUST_get_flags;
++ ASN1_BMPSTRING_free;
++ ASN1_T61STRING_new;
++ ASN1_UTCTIME_new;
++ i2d_AUTHORITY_INFO_ACCESS;
++ EVP_PKEY_set1_RSA;
++ X509_STORE_CTX_set_purpose;
++ ASN1_IA5STRING_free;
++ PEM_write_bio_X509_AUX;
++ X509_PURPOSE_get_count;
++ CRYPTO_add_info;
++ X509_NAME_ENTRY_create_by_txt;
++ ASN1_STRING_get_default_mask;
++ X509_alias_get0;
++ ASN1_STRING_data;
++ i2d_ACCESS_DESCRIPTION;
++ X509_trust_set_bit;
++ ASN1_BIT_STRING_free;
++ PEM_read_bio_RSA_PUBKEY;
++ X509_add1_reject_object;
++ X509_check_trust;
++ PEM_read_bio_DSA_PUBKEY;
++ X509_PURPOSE_add;
++ ASN1_STRING_TABLE_get;
++ ASN1_UTF8STRING_free;
++ d2i_DSA_PUBKEY_bio;
++ PEM_write_RSA_PUBKEY;
++ d2i_OTHERNAME;
++ X509_reject_set_bit;
++ PEM_write_DSA_PUBKEY;
++ X509_PURPOSE_get0_sname;
++ EVP_PKEY_set1_DH;
++ ASN1_OCTET_STRING_dup;
++ ASN1_BIT_STRING_set;
++ X509_TRUST_get_count;
++ ASN1_INTEGER_free;
++ OTHERNAME_free;
++ i2d_RSA_PUBKEY_fp;
++ ASN1_INTEGER_dup;
++ d2i_X509_CERT_AUX;
++ PEM_write_bio_PUBKEY;
++ ASN1_VISIBLESTRING_free;
++ X509_PURPOSE_cleanup;
++ ASN1_mbstring_ncopy;
++ ASN1_GENERALIZEDTIME_new;
++ EVP_PKEY_get1_DH;
++ ASN1_OCTET_STRING_new;
++ ASN1_INTEGER_new;
++ i2d_X509_AUX;
++ ASN1_BIT_STRING_name_print;
++ X509_cmp;
++ ASN1_STRING_length_set;
++ DIRECTORYSTRING_new;
++ X509_add1_trust_object;
++ PKCS12_newpass;
++ SMIME_write_PKCS7;
++ SMIME_read_PKCS7;
++ DES_set_key_checked;
++ PKCS7_verify;
++ PKCS7_encrypt;
++ DES_set_key_unchecked;
++ SMIME_crlf_copy;
++ i2d_ASN1_PRINTABLESTRING;
++ PKCS7_get0_signers;
++ PKCS7_decrypt;
++ SMIME_text;
++ PKCS7_simple_smimecap;
++ PKCS7_get_smimecap;
++ PKCS7_sign;
++ PKCS7_add_attrib_smimecap;
++ CRYPTO_dbg_set_options;
++ CRYPTO_remove_all_info;
++ CRYPTO_get_mem_debug_functions;
++ CRYPTO_is_mem_check_on;
++ CRYPTO_set_mem_debug_functions;
++ CRYPTO_pop_info;
++ CRYPTO_push_info_;
++ CRYPTO_set_mem_debug_options;
++ PEM_write_PKCS8PrivateKey_nid;
++ PEM_write_bio_PKCS8PrivateKey_nid;
++ PEM_write_bio_PKCS8PrivKey_nid;
++ d2i_PKCS8PrivateKey_bio;
++ ASN1_NULL_free;
++ d2i_ASN1_NULL;
++ ASN1_NULL_new;
++ i2d_PKCS8PrivateKey_bio;
++ i2d_PKCS8PrivateKey_fp;
++ i2d_ASN1_NULL;
++ i2d_PKCS8PrivateKey_nid_fp;
++ d2i_PKCS8PrivateKey_fp;
++ i2d_PKCS8PrivateKey_nid_bio;
++ i2d_PKCS8PrivateKeyInfo_fp;
++ i2d_PKCS8PrivateKeyInfo_bio;
++ PEM_cb;
++ i2d_PrivateKey_fp;
++ d2i_PrivateKey_bio;
++ d2i_PrivateKey_fp;
++ i2d_PrivateKey_bio;
++ X509_reject_clear;
++ X509_TRUST_set_default;
++ d2i_AutoPrivateKey;
++ X509_ATTRIBUTE_get0_type;
++ X509_ATTRIBUTE_set1_data;
++ X509at_get_attr;
++ X509at_get_attr_count;
++ X509_ATTRIBUTE_create_by_NID;
++ X509_ATTRIBUTE_set1_object;
++ X509_ATTRIBUTE_count;
++ X509_ATTRIBUTE_create_by_OBJ;
++ X509_ATTRIBUTE_get0_object;
++ X509at_get_attr_by_NID;
++ X509at_add1_attr;
++ X509_ATTRIBUTE_get0_data;
++ X509at_delete_attr;
++ X509at_get_attr_by_OBJ;
++ RAND_add;
++ BIO_number_written;
++ BIO_number_read;
++ X509_STORE_CTX_get1_chain;
++ ERR_load_RAND_strings;
++ RAND_pseudo_bytes;
++ X509_REQ_get_attr_by_NID;
++ X509_REQ_get_attr;
++ X509_REQ_add1_attr_by_NID;
++ X509_REQ_get_attr_by_OBJ;
++ X509at_add1_attr_by_NID;
++ X509_REQ_add1_attr_by_OBJ;
++ X509_REQ_get_attr_count;
++ X509_REQ_add1_attr;
++ X509_REQ_delete_attr;
++ X509at_add1_attr_by_OBJ;
++ X509_REQ_add1_attr_by_txt;
++ X509_ATTRIBUTE_create_by_txt;
++ X509at_add1_attr_by_txt;
++ BN_pseudo_rand;
++ BN_is_prime_fasttest;
++ BN_CTX_end;
++ BN_CTX_start;
++ BN_CTX_get;
++ EVP_PKEY2PKCS8_broken;
++ ASN1_STRING_TABLE_add;
++ CRYPTO_dbg_get_options;
++ AUTHORITY_INFO_ACCESS_new;
++ CRYPTO_get_mem_debug_options;
++ DES_crypt;
++ PEM_write_bio_X509_REQ_NEW;
++ PEM_write_X509_REQ_NEW;
++ BIO_callback_ctrl;
++ RAND_egd;
++ RAND_status;
++ bn_dump1;
++ DES_check_key_parity;
++ lh_num_items;
++ RAND_event;
++ DSO_new;
++ DSO_new_method;
++ DSO_free;
++ DSO_flags;
++ DSO_up;
++ DSO_set_default_method;
++ DSO_get_default_method;
++ DSO_get_method;
++ DSO_set_method;
++ DSO_load;
++ DSO_bind_var;
++ DSO_METHOD_null;
++ DSO_METHOD_openssl;
++ DSO_METHOD_dlfcn;
++ DSO_METHOD_win32;
++ ERR_load_DSO_strings;
++ DSO_METHOD_dl;
++ NCONF_load;
++ NCONF_load_fp;
++ NCONF_new;
++ NCONF_get_string;
++ NCONF_free;
++ NCONF_get_number;
++ CONF_dump_fp;
++ NCONF_load_bio;
++ NCONF_dump_fp;
++ NCONF_get_section;
++ NCONF_dump_bio;
++ CONF_dump_bio;
++ NCONF_free_data;
++ CONF_set_default_method;
++ ERR_error_string_n;
++ BIO_snprintf;
++ DSO_ctrl;
++ i2d_ASN1_SET_OF_ASN1_INTEGER;
++ i2d_ASN1_SET_OF_PKCS12_SAFEBAG;
++ i2d_ASN1_SET_OF_PKCS7;
++ BIO_vfree;
++ d2i_ASN1_SET_OF_ASN1_INTEGER;
++ d2i_ASN1_SET_OF_PKCS12_SAFEBAG;
++ ASN1_UTCTIME_get;
++ X509_REQ_digest;
++ X509_CRL_digest;
++ d2i_ASN1_SET_OF_PKCS7;
++ EVP_CIPHER_CTX_set_key_length;
++ EVP_CIPHER_CTX_ctrl;
++ BN_mod_exp_mont_word;
++ RAND_egd_bytes;
++ X509_REQ_get1_email;
++ X509_get1_email;
++ X509_email_free;
++ i2d_RSA_NET;
++ d2i_RSA_NET_2;
++ d2i_RSA_NET;
++ DSO_bind_func;
++ CRYPTO_get_new_dynlockid;
++ sk_new_null;
++ CRYPTO_set_dynlock_destroy_callback;
++ CRYPTO_set_dynlock_destroy_cb;
++ CRYPTO_destroy_dynlockid;
++ CRYPTO_set_dynlock_size;
++ CRYPTO_set_dynlock_create_callback;
++ CRYPTO_set_dynlock_create_cb;
++ CRYPTO_set_dynlock_lock_callback;
++ CRYPTO_set_dynlock_lock_cb;
++ CRYPTO_get_dynlock_lock_callback;
++ CRYPTO_get_dynlock_lock_cb;
++ CRYPTO_get_dynlock_destroy_callback;
++ CRYPTO_get_dynlock_destroy_cb;
++ CRYPTO_get_dynlock_value;
++ CRYPTO_get_dynlock_create_callback;
++ CRYPTO_get_dynlock_create_cb;
++ c2i_ASN1_BIT_STRING;
++ i2c_ASN1_BIT_STRING;
++ RAND_poll;
++ c2i_ASN1_INTEGER;
++ i2c_ASN1_INTEGER;
++ BIO_dump_indent;
++ ASN1_parse_dump;
++ c2i_ASN1_OBJECT;
++ X509_NAME_print_ex_fp;
++ ASN1_STRING_print_ex_fp;
++ X509_NAME_print_ex;
++ ASN1_STRING_print_ex;
++ MD4;
++ MD4_Transform;
++ MD4_Final;
++ MD4_Update;
++ MD4_Init;
++ EVP_md4;
++ i2d_PUBKEY_bio;
++ i2d_PUBKEY_fp;
++ d2i_PUBKEY_bio;
++ ASN1_STRING_to_UTF8;
++ BIO_vprintf;
++ BIO_vsnprintf;
++ d2i_PUBKEY_fp;
++ X509_cmp_time;
++ X509_STORE_CTX_set_time;
++ X509_STORE_CTX_get1_issuer;
++ X509_OBJECT_retrieve_match;
++ X509_OBJECT_idx_by_subject;
++ X509_STORE_CTX_set_flags;
++ X509_STORE_CTX_trusted_stack;
++ X509_time_adj;
++ X509_check_issued;
++ ASN1_UTCTIME_cmp_time_t;
++ DES_set_weak_key_flag;
++ DES_check_key;
++ DES_rw_mode;
++ RSA_PKCS1_RSAref;
++ X509_keyid_set1;
++ BIO_next;
++ DSO_METHOD_vms;
++ BIO_f_linebuffer;
++ BN_bntest_rand;
++ OPENSSL_issetugid;
++ BN_rand_range;
++ ERR_load_ENGINE_strings;
++ ENGINE_set_DSA;
++ ENGINE_get_finish_function;
++ ENGINE_get_default_RSA;
++ ENGINE_get_BN_mod_exp;
++ DSA_get_default_openssl_method;
++ ENGINE_set_DH;
++ ENGINE_set_def_BN_mod_exp_crt;
++ ENGINE_set_default_BN_mod_exp_crt;
++ ENGINE_init;
++ DH_get_default_openssl_method;
++ RSA_set_default_openssl_method;
++ ENGINE_finish;
++ ENGINE_load_public_key;
++ ENGINE_get_DH;
++ ENGINE_ctrl;
++ ENGINE_get_init_function;
++ ENGINE_set_init_function;
++ ENGINE_set_default_DSA;
++ ENGINE_get_name;
++ ENGINE_get_last;
++ ENGINE_get_prev;
++ ENGINE_get_default_DH;
++ ENGINE_get_RSA;
++ ENGINE_set_default;
++ ENGINE_get_RAND;
++ ENGINE_get_first;
++ ENGINE_by_id;
++ ENGINE_set_finish_function;
++ ENGINE_get_def_BN_mod_exp_crt;
++ ENGINE_get_default_BN_mod_exp_crt;
++ RSA_get_default_openssl_method;
++ ENGINE_set_RSA;
++ ENGINE_load_private_key;
++ ENGINE_set_default_RAND;
++ ENGINE_set_BN_mod_exp;
++ ENGINE_remove;
++ ENGINE_free;
++ ENGINE_get_BN_mod_exp_crt;
++ ENGINE_get_next;
++ ENGINE_set_name;
++ ENGINE_get_default_DSA;
++ ENGINE_set_default_BN_mod_exp;
++ ENGINE_set_default_RSA;
++ ENGINE_get_default_RAND;
++ ENGINE_get_default_BN_mod_exp;
++ ENGINE_set_RAND;
++ ENGINE_set_id;
++ ENGINE_set_BN_mod_exp_crt;
++ ENGINE_set_default_DH;
++ ENGINE_new;
++ ENGINE_get_id;
++ DSA_set_default_openssl_method;
++ ENGINE_add;
++ DH_set_default_openssl_method;
++ ENGINE_get_DSA;
++ ENGINE_get_ctrl_function;
++ ENGINE_set_ctrl_function;
++ BN_pseudo_rand_range;
++ X509_STORE_CTX_set_verify_cb;
++ ERR_load_COMP_strings;
++ PKCS12_item_decrypt_d2i;
++ ASN1_UTF8STRING_it;
++ ENGINE_unregister_ciphers;
++ ENGINE_get_ciphers;
++ d2i_OCSP_BASICRESP;
++ KRB5_CHECKSUM_it;
++ EC_POINT_add;
++ ASN1_item_ex_i2d;
++ OCSP_CERTID_it;
++ d2i_OCSP_RESPBYTES;
++ X509V3_add1_i2d;
++ PKCS7_ENVELOPE_it;
++ UI_add_input_boolean;
++ ENGINE_unregister_RSA;
++ X509V3_EXT_nconf;
++ ASN1_GENERALSTRING_free;
++ d2i_OCSP_CERTSTATUS;
++ X509_REVOKED_set_serialNumber;
++ X509_print_ex;
++ OCSP_ONEREQ_get1_ext_d2i;
++ ENGINE_register_all_RAND;
++ ENGINE_load_dynamic;
++ PBKDF2PARAM_it;
++ EXTENDED_KEY_USAGE_new;
++ EC_GROUP_clear_free;
++ OCSP_sendreq_bio;
++ ASN1_item_digest;
++ OCSP_BASICRESP_delete_ext;
++ OCSP_SIGNATURE_it;
++ X509_CRL_it;
++ OCSP_BASICRESP_add_ext;
++ KRB5_ENCKEY_it;
++ UI_method_set_closer;
++ X509_STORE_set_purpose;
++ i2d_ASN1_GENERALSTRING;
++ OCSP_response_status;
++ i2d_OCSP_SERVICELOC;
++ ENGINE_get_digest_engine;
++ EC_GROUP_set_curve_GFp;
++ OCSP_REQUEST_get_ext_by_OBJ;
++ _ossl_old_des_random_key;
++ ASN1_T61STRING_it;
++ EC_GROUP_method_of;
++ i2d_KRB5_APREQ;
++ _ossl_old_des_encrypt;
++ ASN1_PRINTABLE_new;
++ HMAC_Init_ex;
++ d2i_KRB5_AUTHENT;
++ OCSP_archive_cutoff_new;
++ EC_POINT_set_Jprojective_coordinates_GFp;
++ EC_POINT_set_Jproj_coords_GFp;
++ _ossl_old_des_is_weak_key;
++ OCSP_BASICRESP_get_ext_by_OBJ;
++ EC_POINT_oct2point;
++ OCSP_SINGLERESP_get_ext_count;
++ UI_ctrl;
++ _shadow_DES_rw_mode;
++ asn1_do_adb;
++ ASN1_template_i2d;
++ ENGINE_register_DH;
++ UI_construct_prompt;
++ X509_STORE_set_trust;
++ UI_dup_input_string;
++ d2i_KRB5_APREQ;
++ EVP_MD_CTX_copy_ex;
++ OCSP_request_is_signed;
++ i2d_OCSP_REQINFO;
++ KRB5_ENCKEY_free;
++ OCSP_resp_get0;
++ GENERAL_NAME_it;
++ ASN1_GENERALIZEDTIME_it;
++ X509_STORE_set_flags;
++ EC_POINT_set_compressed_coordinates_GFp;
++ EC_POINT_set_compr_coords_GFp;
++ OCSP_response_status_str;
++ d2i_OCSP_REVOKEDINFO;
++ OCSP_basic_add1_cert;
++ ERR_get_implementation;
++ EVP_CipherFinal_ex;
++ OCSP_CERTSTATUS_new;
++ CRYPTO_cleanup_all_ex_data;
++ OCSP_resp_find;
++ BN_nnmod;
++ X509_CRL_sort;
++ X509_REVOKED_set_revocationDate;
++ ENGINE_register_RAND;
++ OCSP_SERVICELOC_new;
++ EC_POINT_set_affine_coordinates_GFp;
++ EC_POINT_set_affine_coords_GFp;
++ _ossl_old_des_options;
++ SXNET_it;
++ UI_dup_input_boolean;
++ PKCS12_add_CSPName_asc;
++ EC_POINT_is_at_infinity;
++ ENGINE_load_cryptodev;
++ DSO_convert_filename;
++ POLICYQUALINFO_it;
++ ENGINE_register_ciphers;
++ BN_mod_lshift_quick;
++ DSO_set_filename;
++ ASN1_item_free;
++ KRB5_TKTBODY_free;
++ AUTHORITY_KEYID_it;
++ KRB5_APREQBODY_new;
++ X509V3_EXT_REQ_add_nconf;
++ ENGINE_ctrl_cmd_string;
++ i2d_OCSP_RESPDATA;
++ EVP_MD_CTX_init;
++ EXTENDED_KEY_USAGE_free;
++ PKCS7_ATTR_SIGN_it;
++ UI_add_error_string;
++ KRB5_CHECKSUM_free;
++ OCSP_REQUEST_get_ext;
++ ENGINE_load_ubsec;
++ ENGINE_register_all_digests;
++ PKEY_USAGE_PERIOD_it;
++ PKCS12_unpack_authsafes;
++ ASN1_item_unpack;
++ NETSCAPE_SPKAC_it;
++ X509_REVOKED_it;
++ ASN1_STRING_encode;
++ EVP_aes_128_ecb;
++ KRB5_AUTHENT_free;
++ OCSP_BASICRESP_get_ext_by_critical;
++ OCSP_BASICRESP_get_ext_by_crit;
++ OCSP_cert_status_str;
++ d2i_OCSP_REQUEST;
++ UI_dup_info_string;
++ _ossl_old_des_xwhite_in2out;
++ PKCS12_it;
++ OCSP_SINGLERESP_get_ext_by_critical;
++ OCSP_SINGLERESP_get_ext_by_crit;
++ OCSP_CERTSTATUS_free;
++ _ossl_old_des_crypt;
++ ASN1_item_i2d;
++ EVP_DecryptFinal_ex;
++ ENGINE_load_openssl;
++ ENGINE_get_cmd_defns;
++ ENGINE_set_load_privkey_function;
++ ENGINE_set_load_privkey_fn;
++ EVP_EncryptFinal_ex;
++ ENGINE_set_default_digests;
++ X509_get0_pubkey_bitstr;
++ asn1_ex_i2c;
++ ENGINE_register_RSA;
++ ENGINE_unregister_DSA;
++ _ossl_old_des_key_sched;
++ X509_EXTENSION_it;
++ i2d_KRB5_AUTHENT;
++ SXNETID_it;
++ d2i_OCSP_SINGLERESP;
++ EDIPARTYNAME_new;
++ PKCS12_certbag2x509;
++ _ossl_old_des_ofb64_encrypt;
++ d2i_EXTENDED_KEY_USAGE;
++ ERR_print_errors_cb;
++ ENGINE_set_ciphers;
++ d2i_KRB5_APREQBODY;
++ UI_method_get_flusher;
++ X509_PUBKEY_it;
++ _ossl_old_des_enc_read;
++ PKCS7_ENCRYPT_it;
++ i2d_OCSP_RESPONSE;
++ EC_GROUP_get_cofactor;
++ PKCS12_unpack_p7data;
++ d2i_KRB5_AUTHDATA;
++ OCSP_copy_nonce;
++ KRB5_AUTHDATA_new;
++ OCSP_RESPDATA_new;
++ EC_GFp_mont_method;
++ OCSP_REVOKEDINFO_free;
++ UI_get_ex_data;
++ KRB5_APREQBODY_free;
++ EC_GROUP_get0_generator;
++ UI_get_default_method;
++ X509V3_set_nconf;
++ PKCS12_item_i2d_encrypt;
++ X509_add1_ext_i2d;
++ PKCS7_SIGNER_INFO_it;
++ KRB5_PRINCNAME_new;
++ PKCS12_SAFEBAG_it;
++ EC_GROUP_get_order;
++ d2i_OCSP_RESPID;
++ OCSP_request_verify;
++ NCONF_get_number_e;
++ _ossl_old_des_decrypt3;
++ X509_signature_print;
++ OCSP_SINGLERESP_free;
++ ENGINE_load_builtin_engines;
++ i2d_OCSP_ONEREQ;
++ OCSP_REQUEST_add_ext;
++ OCSP_RESPBYTES_new;
++ EVP_MD_CTX_create;
++ OCSP_resp_find_status;
++ X509_ALGOR_it;
++ ASN1_TIME_it;
++ OCSP_request_set1_name;
++ OCSP_ONEREQ_get_ext_count;
++ UI_get0_result;
++ PKCS12_AUTHSAFES_it;
++ EVP_aes_256_ecb;
++ PKCS12_pack_authsafes;
++ ASN1_IA5STRING_it;
++ UI_get_input_flags;
++ EC_GROUP_set_generator;
++ _ossl_old_des_string_to_2keys;
++ OCSP_CERTID_free;
++ X509_CERT_AUX_it;
++ CERTIFICATEPOLICIES_it;
++ _ossl_old_des_ede3_cbc_encrypt;
++ RAND_set_rand_engine;
++ DSO_get_loaded_filename;
++ X509_ATTRIBUTE_it;
++ OCSP_ONEREQ_get_ext_by_NID;
++ PKCS12_decrypt_skey;
++ KRB5_AUTHENT_it;
++ UI_dup_error_string;
++ RSAPublicKey_it;
++ i2d_OCSP_REQUEST;
++ PKCS12_x509crl2certbag;
++ OCSP_SERVICELOC_it;
++ ASN1_item_sign;
++ X509_CRL_set_issuer_name;
++ OBJ_NAME_do_all_sorted;
++ i2d_OCSP_BASICRESP;
++ i2d_OCSP_RESPBYTES;
++ PKCS12_unpack_p7encdata;
++ HMAC_CTX_init;
++ ENGINE_get_digest;
++ OCSP_RESPONSE_print;
++ KRB5_TKTBODY_it;
++ ACCESS_DESCRIPTION_it;
++ PKCS7_ISSUER_AND_SERIAL_it;
++ PBE2PARAM_it;
++ PKCS12_certbag2x509crl;
++ PKCS7_SIGNED_it;
++ ENGINE_get_cipher;
++ i2d_OCSP_CRLID;
++ OCSP_SINGLERESP_new;
++ ENGINE_cmd_is_executable;
++ RSA_up_ref;
++ ASN1_GENERALSTRING_it;
++ ENGINE_register_DSA;
++ X509V3_EXT_add_nconf_sk;
++ ENGINE_set_load_pubkey_function;
++ PKCS8_decrypt;
++ PEM_bytes_read_bio;
++ DIRECTORYSTRING_it;
++ d2i_OCSP_CRLID;
++ EC_POINT_is_on_curve;
++ CRYPTO_set_locked_mem_ex_functions;
++ CRYPTO_set_locked_mem_ex_funcs;
++ d2i_KRB5_CHECKSUM;
++ ASN1_item_dup;
++ X509_it;
++ BN_mod_add;
++ KRB5_AUTHDATA_free;
++ _ossl_old_des_cbc_cksum;
++ ASN1_item_verify;
++ CRYPTO_set_mem_ex_functions;
++ EC_POINT_get_Jprojective_coordinates_GFp;
++ EC_POINT_get_Jproj_coords_GFp;
++ ZLONG_it;
++ CRYPTO_get_locked_mem_ex_functions;
++ CRYPTO_get_locked_mem_ex_funcs;
++ ASN1_TIME_check;
++ UI_get0_user_data;
++ HMAC_CTX_cleanup;
++ DSA_up_ref;
++ _ossl_old_des_ede3_cfb64_encrypt;
++ _ossl_odes_ede3_cfb64_encrypt;
++ ASN1_BMPSTRING_it;
++ ASN1_tag2bit;
++ UI_method_set_flusher;
++ X509_ocspid_print;
++ KRB5_ENCDATA_it;
++ ENGINE_get_load_pubkey_function;
++ UI_add_user_data;
++ OCSP_REQUEST_delete_ext;
++ UI_get_method;
++ OCSP_ONEREQ_free;
++ ASN1_PRINTABLESTRING_it;
++ X509_CRL_set_nextUpdate;
++ OCSP_REQUEST_it;
++ OCSP_BASICRESP_it;
++ AES_ecb_encrypt;
++ BN_mod_sqr;
++ NETSCAPE_CERT_SEQUENCE_it;
++ GENERAL_NAMES_it;
++ AUTHORITY_INFO_ACCESS_it;
++ ASN1_FBOOLEAN_it;
++ UI_set_ex_data;
++ _ossl_old_des_string_to_key;
++ ENGINE_register_all_RSA;
++ d2i_KRB5_PRINCNAME;
++ OCSP_RESPBYTES_it;
++ X509_CINF_it;
++ ENGINE_unregister_digests;
++ d2i_EDIPARTYNAME;
++ d2i_OCSP_SERVICELOC;
++ ENGINE_get_digests;
++ _ossl_old_des_set_odd_parity;
++ OCSP_RESPDATA_free;
++ d2i_KRB5_TICKET;
++ OTHERNAME_it;
++ EVP_MD_CTX_cleanup;
++ d2i_ASN1_GENERALSTRING;
++ X509_CRL_set_version;
++ BN_mod_sub;
++ OCSP_SINGLERESP_get_ext_by_NID;
++ ENGINE_get_ex_new_index;
++ OCSP_REQUEST_free;
++ OCSP_REQUEST_add1_ext_i2d;
++ X509_VAL_it;
++ EC_POINTs_make_affine;
++ EC_POINT_mul;
++ X509V3_EXT_add_nconf;
++ X509_TRUST_set;
++ X509_CRL_add1_ext_i2d;
++ _ossl_old_des_fcrypt;
++ DISPLAYTEXT_it;
++ X509_CRL_set_lastUpdate;
++ OCSP_BASICRESP_free;
++ OCSP_BASICRESP_add1_ext_i2d;
++ d2i_KRB5_AUTHENTBODY;
++ CRYPTO_set_ex_data_implementation;
++ CRYPTO_set_ex_data_impl;
++ KRB5_ENCDATA_new;
++ DSO_up_ref;
++ OCSP_crl_reason_str;
++ UI_get0_result_string;
++ ASN1_GENERALSTRING_new;
++ X509_SIG_it;
++ ERR_set_implementation;
++ ERR_load_EC_strings;
++ UI_get0_action_string;
++ OCSP_ONEREQ_get_ext;
++ EC_POINT_method_of;
++ i2d_KRB5_APREQBODY;
++ _ossl_old_des_ecb3_encrypt;
++ CRYPTO_get_mem_ex_functions;
++ ENGINE_get_ex_data;
++ UI_destroy_method;
++ ASN1_item_i2d_bio;
++ OCSP_ONEREQ_get_ext_by_OBJ;
++ ASN1_primitive_new;
++ ASN1_PRINTABLE_it;
++ EVP_aes_192_ecb;
++ OCSP_SIGNATURE_new;
++ LONG_it;
++ ASN1_VISIBLESTRING_it;
++ OCSP_SINGLERESP_add1_ext_i2d;
++ d2i_OCSP_CERTID;
++ ASN1_item_d2i_fp;
++ CRL_DIST_POINTS_it;
++ GENERAL_NAME_print;
++ OCSP_SINGLERESP_delete_ext;
++ PKCS12_SAFEBAGS_it;
++ d2i_OCSP_SIGNATURE;
++ OCSP_request_add1_nonce;
++ ENGINE_set_cmd_defns;
++ OCSP_SERVICELOC_free;
++ EC_GROUP_free;
++ ASN1_BIT_STRING_it;
++ X509_REQ_it;
++ _ossl_old_des_cbc_encrypt;
++ ERR_unload_strings;
++ PKCS7_SIGN_ENVELOPE_it;
++ EDIPARTYNAME_free;
++ OCSP_REQINFO_free;
++ EC_GROUP_new_curve_GFp;
++ OCSP_REQUEST_get1_ext_d2i;
++ PKCS12_item_pack_safebag;
++ asn1_ex_c2i;
++ ENGINE_register_digests;
++ i2d_OCSP_REVOKEDINFO;
++ asn1_enc_restore;
++ UI_free;
++ UI_new_method;
++ EVP_EncryptInit_ex;
++ X509_pubkey_digest;
++ EC_POINT_invert;
++ OCSP_basic_sign;
++ i2d_OCSP_RESPID;
++ OCSP_check_nonce;
++ ENGINE_ctrl_cmd;
++ d2i_KRB5_ENCKEY;
++ OCSP_parse_url;
++ OCSP_SINGLERESP_get_ext;
++ OCSP_CRLID_free;
++ OCSP_BASICRESP_get1_ext_d2i;
++ RSAPrivateKey_it;
++ ENGINE_register_all_DH;
++ i2d_EDIPARTYNAME;
++ EC_POINT_get_affine_coordinates_GFp;
++ EC_POINT_get_affine_coords_GFp;
++ OCSP_CRLID_new;
++ ENGINE_get_flags;
++ OCSP_ONEREQ_it;
++ UI_process;
++ ASN1_INTEGER_it;
++ EVP_CipherInit_ex;
++ UI_get_string_type;
++ ENGINE_unregister_DH;
++ ENGINE_register_all_DSA;
++ OCSP_ONEREQ_get_ext_by_critical;
++ bn_dup_expand;
++ OCSP_cert_id_new;
++ BASIC_CONSTRAINTS_it;
++ BN_mod_add_quick;
++ EC_POINT_new;
++ EVP_MD_CTX_destroy;
++ OCSP_RESPBYTES_free;
++ EVP_aes_128_cbc;
++ OCSP_SINGLERESP_get1_ext_d2i;
++ EC_POINT_free;
++ DH_up_ref;
++ X509_NAME_ENTRY_it;
++ UI_get_ex_new_index;
++ BN_mod_sub_quick;
++ OCSP_ONEREQ_add_ext;
++ OCSP_request_sign;
++ EVP_DigestFinal_ex;
++ ENGINE_set_digests;
++ OCSP_id_issuer_cmp;
++ OBJ_NAME_do_all;
++ EC_POINTs_mul;
++ ENGINE_register_complete;
++ X509V3_EXT_nconf_nid;
++ ASN1_SEQUENCE_it;
++ UI_set_default_method;
++ RAND_query_egd_bytes;
++ UI_method_get_writer;
++ UI_OpenSSL;
++ PEM_def_callback;
++ ENGINE_cleanup;
++ DIST_POINT_it;
++ OCSP_SINGLERESP_it;
++ d2i_KRB5_TKTBODY;
++ EC_POINT_cmp;
++ OCSP_REVOKEDINFO_new;
++ i2d_OCSP_CERTSTATUS;
++ OCSP_basic_add1_nonce;
++ ASN1_item_ex_d2i;
++ BN_mod_lshift1_quick;
++ UI_set_method;
++ OCSP_id_get0_info;
++ BN_mod_sqrt;
++ EC_GROUP_copy;
++ KRB5_ENCDATA_free;
++ _ossl_old_des_cfb_encrypt;
++ OCSP_SINGLERESP_get_ext_by_OBJ;
++ OCSP_cert_to_id;
++ OCSP_RESPID_new;
++ OCSP_RESPDATA_it;
++ d2i_OCSP_RESPDATA;
++ ENGINE_register_all_complete;
++ OCSP_check_validity;
++ PKCS12_BAGS_it;
++ OCSP_url_svcloc_new;
++ ASN1_template_free;
++ OCSP_SINGLERESP_add_ext;
++ KRB5_AUTHENTBODY_it;
++ X509_supported_extension;
++ i2d_KRB5_AUTHDATA;
++ UI_method_get_opener;
++ ENGINE_set_ex_data;
++ OCSP_REQUEST_print;
++ CBIGNUM_it;
++ KRB5_TICKET_new;
++ KRB5_APREQ_new;
++ EC_GROUP_get_curve_GFp;
++ KRB5_ENCKEY_new;
++ ASN1_template_d2i;
++ _ossl_old_des_quad_cksum;
++ OCSP_single_get0_status;
++ BN_swap;
++ POLICYINFO_it;
++ ENGINE_set_destroy_function;
++ asn1_enc_free;
++ OCSP_RESPID_it;
++ EC_GROUP_new;
++ EVP_aes_256_cbc;
++ i2d_KRB5_PRINCNAME;
++ _ossl_old_des_encrypt2;
++ _ossl_old_des_encrypt3;
++ PKCS8_PRIV_KEY_INFO_it;
++ OCSP_REQINFO_it;
++ PBEPARAM_it;
++ KRB5_AUTHENTBODY_new;
++ X509_CRL_add0_revoked;
++ EDIPARTYNAME_it;
++ NETSCAPE_SPKI_it;
++ UI_get0_test_string;
++ ENGINE_get_cipher_engine;
++ ENGINE_register_all_ciphers;
++ EC_POINT_copy;
++ BN_kronecker;
++ _ossl_old_des_ede3_ofb64_encrypt;
++ _ossl_odes_ede3_ofb64_encrypt;
++ UI_method_get_reader;
++ OCSP_BASICRESP_get_ext_count;
++ ASN1_ENUMERATED_it;
++ UI_set_result;
++ i2d_KRB5_TICKET;
++ X509_print_ex_fp;
++ EVP_CIPHER_CTX_set_padding;
++ d2i_OCSP_RESPONSE;
++ ASN1_UTCTIME_it;
++ _ossl_old_des_enc_write;
++ OCSP_RESPONSE_new;
++ AES_set_encrypt_key;
++ OCSP_resp_count;
++ KRB5_CHECKSUM_new;
++ ENGINE_load_cswift;
++ OCSP_onereq_get0_id;
++ ENGINE_set_default_ciphers;
++ NOTICEREF_it;
++ X509V3_EXT_CRL_add_nconf;
++ OCSP_REVOKEDINFO_it;
++ AES_encrypt;
++ OCSP_REQUEST_new;
++ ASN1_ANY_it;
++ CRYPTO_ex_data_new_class;
++ _ossl_old_des_ncbc_encrypt;
++ i2d_KRB5_TKTBODY;
++ EC_POINT_clear_free;
++ AES_decrypt;
++ asn1_enc_init;
++ UI_get_result_maxsize;
++ OCSP_CERTID_new;
++ ENGINE_unregister_RAND;
++ UI_method_get_closer;
++ d2i_KRB5_ENCDATA;
++ OCSP_request_onereq_count;
++ OCSP_basic_verify;
++ KRB5_AUTHENTBODY_free;
++ ASN1_item_d2i;
++ ASN1_primitive_free;
++ i2d_EXTENDED_KEY_USAGE;
++ i2d_OCSP_SIGNATURE;
++ asn1_enc_save;
++ ENGINE_load_nuron;
++ _ossl_old_des_pcbc_encrypt;
++ PKCS12_MAC_DATA_it;
++ OCSP_accept_responses_new;
++ asn1_do_lock;
++ PKCS7_ATTR_VERIFY_it;
++ KRB5_APREQBODY_it;
++ i2d_OCSP_SINGLERESP;
++ ASN1_item_ex_new;
++ UI_add_verify_string;
++ _ossl_old_des_set_key;
++ KRB5_PRINCNAME_it;
++ EVP_DecryptInit_ex;
++ i2d_OCSP_CERTID;
++ ASN1_item_d2i_bio;
++ EC_POINT_dbl;
++ asn1_get_choice_selector;
++ i2d_KRB5_CHECKSUM;
++ ENGINE_set_table_flags;
++ AES_options;
++ ENGINE_load_chil;
++ OCSP_id_cmp;
++ OCSP_BASICRESP_new;
++ OCSP_REQUEST_get_ext_by_NID;
++ KRB5_APREQ_it;
++ ENGINE_get_destroy_function;
++ CONF_set_nconf;
++ ASN1_PRINTABLE_free;
++ OCSP_BASICRESP_get_ext_by_NID;
++ DIST_POINT_NAME_it;
++ X509V3_extensions_print;
++ _ossl_old_des_cfb64_encrypt;
++ X509_REVOKED_add1_ext_i2d;
++ _ossl_old_des_ofb_encrypt;
++ KRB5_TKTBODY_new;
++ ASN1_OCTET_STRING_it;
++ ERR_load_UI_strings;
++ i2d_KRB5_ENCKEY;
++ ASN1_template_new;
++ OCSP_SIGNATURE_free;
++ ASN1_item_i2d_fp;
++ KRB5_PRINCNAME_free;
++ PKCS7_RECIP_INFO_it;
++ EXTENDED_KEY_USAGE_it;
++ EC_GFp_simple_method;
++ EC_GROUP_precompute_mult;
++ OCSP_request_onereq_get0;
++ UI_method_set_writer;
++ KRB5_AUTHENT_new;
++ X509_CRL_INFO_it;
++ DSO_set_name_converter;
++ AES_set_decrypt_key;
++ PKCS7_DIGEST_it;
++ PKCS12_x5092certbag;
++ EVP_DigestInit_ex;
++ i2a_ACCESS_DESCRIPTION;
++ OCSP_RESPONSE_it;
++ PKCS7_ENC_CONTENT_it;
++ OCSP_request_add0_id;
++ EC_POINT_make_affine;
++ DSO_get_filename;
++ OCSP_CERTSTATUS_it;
++ OCSP_request_add1_cert;
++ UI_get0_output_string;
++ UI_dup_verify_string;
++ BN_mod_lshift;
++ KRB5_AUTHDATA_it;
++ asn1_set_choice_selector;
++ OCSP_basic_add1_status;
++ OCSP_RESPID_free;
++ asn1_get_field_ptr;
++ UI_add_input_string;
++ OCSP_CRLID_it;
++ i2d_KRB5_AUTHENTBODY;
++ OCSP_REQUEST_get_ext_count;
++ ENGINE_load_atalla;
++ X509_NAME_it;
++ USERNOTICE_it;
++ OCSP_REQINFO_new;
++ OCSP_BASICRESP_get_ext;
++ CRYPTO_get_ex_data_implementation;
++ CRYPTO_get_ex_data_impl;
++ ASN1_item_pack;
++ i2d_KRB5_ENCDATA;
++ X509_PURPOSE_set;
++ X509_REQ_INFO_it;
++ UI_method_set_opener;
++ ASN1_item_ex_free;
++ ASN1_BOOLEAN_it;
++ ENGINE_get_table_flags;
++ UI_create_method;
++ OCSP_ONEREQ_add1_ext_i2d;
++ _shadow_DES_check_key;
++ d2i_OCSP_REQINFO;
++ UI_add_info_string;
++ UI_get_result_minsize;
++ ASN1_NULL_it;
++ BN_mod_lshift1;
++ d2i_OCSP_ONEREQ;
++ OCSP_ONEREQ_new;
++ KRB5_TICKET_it;
++ EVP_aes_192_cbc;
++ KRB5_TICKET_free;
++ UI_new;
++ OCSP_response_create;
++ _ossl_old_des_xcbc_encrypt;
++ PKCS7_it;
++ OCSP_REQUEST_get_ext_by_critical;
++ OCSP_REQUEST_get_ext_by_crit;
++ ENGINE_set_flags;
++ _ossl_old_des_ecb_encrypt;
++ OCSP_response_get1_basic;
++ EVP_Digest;
++ OCSP_ONEREQ_delete_ext;
++ ASN1_TBOOLEAN_it;
++ ASN1_item_new;
++ ASN1_TIME_to_generalizedtime;
++ BIGNUM_it;
++ AES_cbc_encrypt;
++ ENGINE_get_load_privkey_function;
++ ENGINE_get_load_privkey_fn;
++ OCSP_RESPONSE_free;
++ UI_method_set_reader;
++ i2d_ASN1_T61STRING;
++ EC_POINT_set_to_infinity;
++ ERR_load_OCSP_strings;
++ EC_POINT_point2oct;
++ KRB5_APREQ_free;
++ ASN1_OBJECT_it;
++ OCSP_crlID_new;
++ OCSP_crlID2_new;
++ CONF_modules_load_file;
++ CONF_imodule_set_usr_data;
++ ENGINE_set_default_string;
++ CONF_module_get_usr_data;
++ ASN1_add_oid_module;
++ CONF_modules_finish;
++ OPENSSL_config;
++ CONF_modules_unload;
++ CONF_imodule_get_value;
++ CONF_module_set_usr_data;
++ CONF_parse_list;
++ CONF_module_add;
++ CONF_get1_default_config_file;
++ CONF_imodule_get_flags;
++ CONF_imodule_get_module;
++ CONF_modules_load;
++ CONF_imodule_get_name;
++ ERR_peek_top_error;
++ CONF_imodule_get_usr_data;
++ CONF_imodule_set_flags;
++ ENGINE_add_conf_module;
++ ERR_peek_last_error_line;
++ ERR_peek_last_error_line_data;
++ ERR_peek_last_error;
++ DES_read_2passwords;
++ DES_read_password;
++ UI_UTIL_read_pw;
++ UI_UTIL_read_pw_string;
++ ENGINE_load_aep;
++ ENGINE_load_sureware;
++ OPENSSL_add_all_algorithms_noconf;
++ OPENSSL_add_all_algo_noconf;
++ OPENSSL_add_all_algorithms_conf;
++ OPENSSL_add_all_algo_conf;
++ OPENSSL_load_builtin_modules;
++ AES_ofb128_encrypt;
++ AES_ctr128_encrypt;
++ AES_cfb128_encrypt;
++ ENGINE_load_4758cca;
++ _ossl_096_des_random_seed;
++ EVP_aes_256_ofb;
++ EVP_aes_192_ofb;
++ EVP_aes_128_cfb128;
++ EVP_aes_256_cfb128;
++ EVP_aes_128_ofb;
++ EVP_aes_192_cfb128;
++ CONF_modules_free;
++ NCONF_default;
++ OPENSSL_no_config;
++ NCONF_WIN32;
++ ASN1_UNIVERSALSTRING_new;
++ EVP_des_ede_ecb;
++ i2d_ASN1_UNIVERSALSTRING;
++ ASN1_UNIVERSALSTRING_free;
++ ASN1_UNIVERSALSTRING_it;
++ d2i_ASN1_UNIVERSALSTRING;
++ EVP_des_ede3_ecb;
++ X509_REQ_print_ex;
++ ENGINE_up_ref;
++ BUF_MEM_grow_clean;
++ CRYPTO_realloc_clean;
++ BUF_strlcat;
++ BIO_indent;
++ BUF_strlcpy;
++ OpenSSLDie;
++ OPENSSL_cleanse;
++ ENGINE_setup_bsd_cryptodev;
++ ERR_release_err_state_table;
++ EVP_aes_128_cfb8;
++ FIPS_corrupt_rsa;
++ FIPS_selftest_des;
++ EVP_aes_128_cfb1;
++ EVP_aes_192_cfb8;
++ FIPS_mode_set;
++ FIPS_selftest_dsa;
++ EVP_aes_256_cfb8;
++ FIPS_allow_md5;
++ DES_ede3_cfb_encrypt;
++ EVP_des_ede3_cfb8;
++ FIPS_rand_seeded;
++ AES_cfbr_encrypt_block;
++ AES_cfb8_encrypt;
++ FIPS_rand_seed;
++ FIPS_corrupt_des;
++ EVP_aes_192_cfb1;
++ FIPS_selftest_aes;
++ FIPS_set_prng_key;
++ EVP_des_cfb8;
++ FIPS_corrupt_dsa;
++ FIPS_test_mode;
++ FIPS_rand_method;
++ EVP_aes_256_cfb1;
++ ERR_load_FIPS_strings;
++ FIPS_corrupt_aes;
++ FIPS_selftest_sha1;
++ FIPS_selftest_rsa;
++ FIPS_corrupt_sha1;
++ EVP_des_cfb1;
++ FIPS_dsa_check;
++ AES_cfb1_encrypt;
++ EVP_des_ede3_cfb1;
++ FIPS_rand_check;
++ FIPS_md5_allowed;
++ FIPS_mode;
++ FIPS_selftest_failed;
++ sk_is_sorted;
++ X509_check_ca;
++ HMAC_CTX_set_flags;
++ d2i_PROXY_CERT_INFO_EXTENSION;
++ PROXY_POLICY_it;
++ i2d_PROXY_POLICY;
++ i2d_PROXY_CERT_INFO_EXTENSION;
++ d2i_PROXY_POLICY;
++ PROXY_CERT_INFO_EXTENSION_new;
++ PROXY_CERT_INFO_EXTENSION_free;
++ PROXY_CERT_INFO_EXTENSION_it;
++ PROXY_POLICY_free;
++ PROXY_POLICY_new;
++ BN_MONT_CTX_set_locked;
++ FIPS_selftest_rng;
++ EVP_sha384;
++ EVP_sha512;
++ EVP_sha224;
++ EVP_sha256;
++ FIPS_selftest_hmac;
++ FIPS_corrupt_rng;
++ BN_mod_exp_mont_consttime;
++ RSA_X931_hash_id;
++ RSA_padding_check_X931;
++ RSA_verify_PKCS1_PSS;
++ RSA_padding_add_X931;
++ RSA_padding_add_PKCS1_PSS;
++ PKCS1_MGF1;
++ BN_X931_generate_Xpq;
++ RSA_X931_generate_key;
++ BN_X931_derive_prime;
++ BN_X931_generate_prime;
++ RSA_X931_derive;
++ BIO_new_dgram;
++ BN_get0_nist_prime_384;
++ ERR_set_mark;
++ X509_STORE_CTX_set0_crls;
++ ENGINE_set_STORE;
++ ENGINE_register_ECDSA;
++ STORE_meth_set_list_start_fn;
++ STORE_method_set_list_start_function;
++ BN_BLINDING_invert_ex;
++ NAME_CONSTRAINTS_free;
++ STORE_ATTR_INFO_set_number;
++ BN_BLINDING_get_thread_id;
++ X509_STORE_CTX_set0_param;
++ POLICY_MAPPING_it;
++ STORE_parse_attrs_start;
++ POLICY_CONSTRAINTS_free;
++ EVP_PKEY_add1_attr_by_NID;
++ BN_nist_mod_192;
++ EC_GROUP_get_trinomial_basis;
++ STORE_set_method;
++ GENERAL_SUBTREE_free;
++ NAME_CONSTRAINTS_it;
++ ECDH_get_default_method;
++ PKCS12_add_safe;
++ EC_KEY_new_by_curve_name;
++ STORE_meth_get_update_store_fn;
++ STORE_method_get_update_store_function;
++ ENGINE_register_ECDH;
++ SHA512_Update;
++ i2d_ECPrivateKey;
++ BN_get0_nist_prime_192;
++ STORE_modify_certificate;
++ EC_POINT_set_affine_coordinates_GF2m;
++ EC_POINT_set_affine_coords_GF2m;
++ BN_GF2m_mod_exp_arr;
++ STORE_ATTR_INFO_modify_number;
++ X509_keyid_get0;
++ ENGINE_load_gmp;
++ pitem_new;
++ BN_GF2m_mod_mul_arr;
++ STORE_list_public_key_endp;
++ o2i_ECPublicKey;
++ EC_KEY_copy;
++ BIO_dump_fp;
++ X509_policy_node_get0_parent;
++ EC_GROUP_check_discriminant;
++ i2o_ECPublicKey;
++ EC_KEY_precompute_mult;
++ a2i_IPADDRESS;
++ STORE_meth_set_initialise_fn;
++ STORE_method_set_initialise_function;
++ X509_STORE_CTX_set_depth;
++ X509_VERIFY_PARAM_inherit;
++ EC_POINT_point2bn;
++ STORE_ATTR_INFO_set_dn;
++ X509_policy_tree_get0_policies;
++ EC_GROUP_new_curve_GF2m;
++ STORE_destroy_method;
++ ENGINE_unregister_STORE;
++ EVP_PKEY_get1_EC_KEY;
++ STORE_ATTR_INFO_get0_number;
++ ENGINE_get_default_ECDH;
++ EC_KEY_get_conv_form;
++ ASN1_OCTET_STRING_NDEF_it;
++ STORE_delete_public_key;
++ STORE_get_public_key;
++ STORE_modify_arbitrary;
++ ENGINE_get_static_state;
++ pqueue_iterator;
++ ECDSA_SIG_new;
++ OPENSSL_DIR_end;
++ BN_GF2m_mod_sqr;
++ EC_POINT_bn2point;
++ X509_VERIFY_PARAM_set_depth;
++ EC_KEY_set_asn1_flag;
++ STORE_get_method;
++ EC_KEY_get_key_method_data;
++ ECDSA_sign_ex;
++ STORE_parse_attrs_end;
++ EC_GROUP_get_point_conversion_form;
++ EC_GROUP_get_point_conv_form;
++ STORE_method_set_store_function;
++ STORE_ATTR_INFO_in;
++ PEM_read_bio_ECPKParameters;
++ EC_GROUP_get_pentanomial_basis;
++ EVP_PKEY_add1_attr_by_txt;
++ BN_BLINDING_set_flags;
++ X509_VERIFY_PARAM_set1_policies;
++ X509_VERIFY_PARAM_set1_name;
++ X509_VERIFY_PARAM_set_purpose;
++ STORE_get_number;
++ ECDSA_sign_setup;
++ BN_GF2m_mod_solve_quad_arr;
++ EC_KEY_up_ref;
++ POLICY_MAPPING_free;
++ BN_GF2m_mod_div;
++ X509_VERIFY_PARAM_set_flags;
++ EC_KEY_free;
++ STORE_meth_set_list_next_fn;
++ STORE_method_set_list_next_function;
++ PEM_write_bio_ECPrivateKey;
++ d2i_EC_PUBKEY;
++ STORE_meth_get_generate_fn;
++ STORE_method_get_generate_function;
++ STORE_meth_set_list_end_fn;
++ STORE_method_set_list_end_function;
++ pqueue_print;
++ EC_GROUP_have_precompute_mult;
++ EC_KEY_print_fp;
++ BN_GF2m_mod_arr;
++ PEM_write_bio_X509_CERT_PAIR;
++ EVP_PKEY_cmp;
++ X509_policy_level_node_count;
++ STORE_new_engine;
++ STORE_list_public_key_start;
++ X509_VERIFY_PARAM_new;
++ ECDH_get_ex_data;
++ EVP_PKEY_get_attr;
++ ECDSA_do_sign;
++ ENGINE_unregister_ECDH;
++ ECDH_OpenSSL;
++ EC_KEY_set_conv_form;
++ EC_POINT_dup;
++ GENERAL_SUBTREE_new;
++ STORE_list_crl_endp;
++ EC_get_builtin_curves;
++ X509_policy_node_get0_qualifiers;
++ X509_pcy_node_get0_qualifiers;
++ STORE_list_crl_end;
++ EVP_PKEY_set1_EC_KEY;
++ BN_GF2m_mod_sqrt_arr;
++ i2d_ECPrivateKey_bio;
++ ECPKParameters_print_fp;
++ pqueue_find;
++ ECDSA_SIG_free;
++ PEM_write_bio_ECPKParameters;
++ STORE_method_set_ctrl_function;
++ STORE_list_public_key_end;
++ EC_KEY_set_private_key;
++ pqueue_peek;
++ STORE_get_arbitrary;
++ STORE_store_crl;
++ X509_policy_node_get0_policy;
++ PKCS12_add_safes;
++ BN_BLINDING_convert_ex;
++ X509_policy_tree_free;
++ OPENSSL_ia32cap_loc;
++ BN_GF2m_poly2arr;
++ STORE_ctrl;
++ STORE_ATTR_INFO_compare;
++ BN_get0_nist_prime_224;
++ i2d_ECParameters;
++ i2d_ECPKParameters;
++ BN_GENCB_call;
++ d2i_ECPKParameters;
++ STORE_meth_set_generate_fn;
++ STORE_method_set_generate_function;
++ ENGINE_set_ECDH;
++ NAME_CONSTRAINTS_new;
++ SHA256_Init;
++ EC_KEY_get0_public_key;
++ PEM_write_bio_EC_PUBKEY;
++ STORE_ATTR_INFO_set_cstr;
++ STORE_list_crl_next;
++ STORE_ATTR_INFO_in_range;
++ ECParameters_print;
++ STORE_meth_set_delete_fn;
++ STORE_method_set_delete_function;
++ STORE_list_certificate_next;
++ ASN1_generate_nconf;
++ BUF_memdup;
++ BN_GF2m_mod_mul;
++ STORE_meth_get_list_next_fn;
++ STORE_method_get_list_next_function;
++ STORE_ATTR_INFO_get0_dn;
++ STORE_list_private_key_next;
++ EC_GROUP_set_seed;
++ X509_VERIFY_PARAM_set_trust;
++ STORE_ATTR_INFO_free;
++ STORE_get_private_key;
++ EVP_PKEY_get_attr_count;
++ STORE_ATTR_INFO_new;
++ EC_GROUP_get_curve_GF2m;
++ STORE_meth_set_revoke_fn;
++ STORE_method_set_revoke_function;
++ STORE_store_number;
++ BN_is_prime_ex;
++ STORE_revoke_public_key;
++ X509_STORE_CTX_get0_param;
++ STORE_delete_arbitrary;
++ PEM_read_X509_CERT_PAIR;
++ X509_STORE_set_depth;
++ ECDSA_get_ex_data;
++ SHA224;
++ BIO_dump_indent_fp;
++ EC_KEY_set_group;
++ BUF_strndup;
++ STORE_list_certificate_start;
++ BN_GF2m_mod;
++ X509_REQ_check_private_key;
++ EC_GROUP_get_seed_len;
++ ERR_load_STORE_strings;
++ PEM_read_bio_EC_PUBKEY;
++ STORE_list_private_key_end;
++ i2d_EC_PUBKEY;
++ ECDSA_get_default_method;
++ ASN1_put_eoc;
++ X509_STORE_CTX_get_explicit_policy;
++ X509_STORE_CTX_get_expl_policy;
++ X509_VERIFY_PARAM_table_cleanup;
++ STORE_modify_private_key;
++ X509_VERIFY_PARAM_free;
++ EC_METHOD_get_field_type;
++ EC_GFp_nist_method;
++ STORE_meth_set_modify_fn;
++ STORE_method_set_modify_function;
++ STORE_parse_attrs_next;
++ ENGINE_load_padlock;
++ EC_GROUP_set_curve_name;
++ X509_CERT_PAIR_it;
++ STORE_meth_get_revoke_fn;
++ STORE_method_get_revoke_function;
++ STORE_method_set_get_function;
++ STORE_modify_number;
++ STORE_method_get_store_function;
++ STORE_store_private_key;
++ BN_GF2m_mod_sqr_arr;
++ RSA_setup_blinding;
++ BIO_s_datagram;
++ STORE_Memory;
++ sk_find_ex;
++ EC_GROUP_set_curve_GF2m;
++ ENGINE_set_default_ECDSA;
++ POLICY_CONSTRAINTS_new;
++ BN_GF2m_mod_sqrt;
++ ECDH_set_default_method;
++ EC_KEY_generate_key;
++ SHA384_Update;
++ BN_GF2m_arr2poly;
++ STORE_method_get_get_function;
++ STORE_meth_set_cleanup_fn;
++ STORE_method_set_cleanup_function;
++ EC_GROUP_check;
++ d2i_ECPrivateKey_bio;
++ EC_KEY_insert_key_method_data;
++ STORE_meth_get_lock_store_fn;
++ STORE_method_get_lock_store_function;
++ X509_VERIFY_PARAM_get_depth;
++ SHA224_Final;
++ STORE_meth_set_update_store_fn;
++ STORE_method_set_update_store_function;
++ SHA224_Update;
++ d2i_ECPrivateKey;
++ ASN1_item_ndef_i2d;
++ STORE_delete_private_key;
++ ERR_pop_to_mark;
++ ENGINE_register_all_STORE;
++ X509_policy_level_get0_node;
++ i2d_PKCS7_NDEF;
++ EC_GROUP_get_degree;
++ ASN1_generate_v3;
++ STORE_ATTR_INFO_modify_cstr;
++ X509_policy_tree_level_count;
++ BN_GF2m_add;
++ EC_KEY_get0_group;
++ STORE_generate_crl;
++ STORE_store_public_key;
++ X509_CERT_PAIR_free;
++ STORE_revoke_private_key;
++ BN_nist_mod_224;
++ SHA512_Final;
++ STORE_ATTR_INFO_modify_dn;
++ STORE_meth_get_initialise_fn;
++ STORE_method_get_initialise_function;
++ STORE_delete_number;
++ i2d_EC_PUBKEY_bio;
++ BIO_dgram_non_fatal_error;
++ EC_GROUP_get_asn1_flag;
++ STORE_ATTR_INFO_in_ex;
++ STORE_list_crl_start;
++ ECDH_get_ex_new_index;
++ STORE_meth_get_modify_fn;
++ STORE_method_get_modify_function;
++ v2i_ASN1_BIT_STRING;
++ STORE_store_certificate;
++ OBJ_bsearch_ex;
++ X509_STORE_CTX_set_default;
++ STORE_ATTR_INFO_set_sha1str;
++ BN_GF2m_mod_inv;
++ BN_GF2m_mod_exp;
++ STORE_modify_public_key;
++ STORE_meth_get_list_start_fn;
++ STORE_method_get_list_start_function;
++ EC_GROUP_get0_seed;
++ STORE_store_arbitrary;
++ STORE_meth_set_unlock_store_fn;
++ STORE_method_set_unlock_store_function;
++ BN_GF2m_mod_div_arr;
++ ENGINE_set_ECDSA;
++ STORE_create_method;
++ ECPKParameters_print;
++ EC_KEY_get0_private_key;
++ PEM_write_EC_PUBKEY;
++ X509_VERIFY_PARAM_set1;
++ ECDH_set_method;
++ v2i_GENERAL_NAME_ex;
++ ECDH_set_ex_data;
++ STORE_generate_key;
++ BN_nist_mod_521;
++ X509_policy_tree_get0_level;
++ EC_GROUP_set_point_conversion_form;
++ EC_GROUP_set_point_conv_form;
++ PEM_read_EC_PUBKEY;
++ i2d_ECDSA_SIG;
++ ECDSA_OpenSSL;
++ STORE_delete_crl;
++ EC_KEY_get_enc_flags;
++ ASN1_const_check_infinite_end;
++ EVP_PKEY_delete_attr;
++ ECDSA_set_default_method;
++ EC_POINT_set_compressed_coordinates_GF2m;
++ EC_POINT_set_compr_coords_GF2m;
++ EC_GROUP_cmp;
++ STORE_revoke_certificate;
++ BN_get0_nist_prime_256;
++ STORE_meth_get_delete_fn;
++ STORE_method_get_delete_function;
++ SHA224_Init;
++ PEM_read_ECPrivateKey;
++ SHA512_Init;
++ STORE_parse_attrs_endp;
++ BN_set_negative;
++ ERR_load_ECDSA_strings;
++ EC_GROUP_get_basis_type;
++ STORE_list_public_key_next;
++ i2v_ASN1_BIT_STRING;
++ STORE_OBJECT_free;
++ BN_nist_mod_384;
++ i2d_X509_CERT_PAIR;
++ PEM_write_ECPKParameters;
++ ECDH_compute_key;
++ STORE_ATTR_INFO_get0_sha1str;
++ ENGINE_register_all_ECDH;
++ pqueue_pop;
++ STORE_ATTR_INFO_get0_cstr;
++ POLICY_CONSTRAINTS_it;
++ STORE_get_ex_new_index;
++ EVP_PKEY_get_attr_by_OBJ;
++ X509_VERIFY_PARAM_add0_policy;
++ BN_GF2m_mod_solve_quad;
++ SHA256;
++ i2d_ECPrivateKey_fp;
++ X509_policy_tree_get0_user_policies;
++ X509_pcy_tree_get0_usr_policies;
++ OPENSSL_DIR_read;
++ ENGINE_register_all_ECDSA;
++ X509_VERIFY_PARAM_lookup;
++ EC_POINT_get_affine_coordinates_GF2m;
++ EC_POINT_get_affine_coords_GF2m;
++ EC_GROUP_dup;
++ ENGINE_get_default_ECDSA;
++ EC_KEY_new;
++ SHA256_Transform;
++ EC_KEY_set_enc_flags;
++ ECDSA_verify;
++ EC_POINT_point2hex;
++ ENGINE_get_STORE;
++ SHA512;
++ STORE_get_certificate;
++ ECDSA_do_sign_ex;
++ ECDSA_do_verify;
++ d2i_ECPrivateKey_fp;
++ STORE_delete_certificate;
++ SHA512_Transform;
++ X509_STORE_set1_param;
++ STORE_method_get_ctrl_function;
++ STORE_free;
++ PEM_write_ECPrivateKey;
++ STORE_meth_get_unlock_store_fn;
++ STORE_method_get_unlock_store_function;
++ STORE_get_ex_data;
++ EC_KEY_set_public_key;
++ PEM_read_ECPKParameters;
++ X509_CERT_PAIR_new;
++ ENGINE_register_STORE;
++ RSA_generate_key_ex;
++ DSA_generate_parameters_ex;
++ ECParameters_print_fp;
++ X509V3_NAME_from_section;
++ EVP_PKEY_add1_attr;
++ STORE_modify_crl;
++ STORE_list_private_key_start;
++ POLICY_MAPPINGS_it;
++ GENERAL_SUBTREE_it;
++ EC_GROUP_get_curve_name;
++ PEM_write_X509_CERT_PAIR;
++ BIO_dump_indent_cb;
++ d2i_X509_CERT_PAIR;
++ STORE_list_private_key_endp;
++ asn1_const_Finish;
++ i2d_EC_PUBKEY_fp;
++ BN_nist_mod_256;
++ X509_VERIFY_PARAM_add0_table;
++ pqueue_free;
++ BN_BLINDING_create_param;
++ ECDSA_size;
++ d2i_EC_PUBKEY_bio;
++ BN_get0_nist_prime_521;
++ STORE_ATTR_INFO_modify_sha1str;
++ BN_generate_prime_ex;
++ EC_GROUP_new_by_curve_name;
++ SHA256_Final;
++ DH_generate_parameters_ex;
++ PEM_read_bio_ECPrivateKey;
++ STORE_meth_get_cleanup_fn;
++ STORE_method_get_cleanup_function;
++ ENGINE_get_ECDH;
++ d2i_ECDSA_SIG;
++ BN_is_prime_fasttest_ex;
++ ECDSA_sign;
++ X509_policy_check;
++ EVP_PKEY_get_attr_by_NID;
++ STORE_set_ex_data;
++ ENGINE_get_ECDSA;
++ EVP_ecdsa;
++ BN_BLINDING_get_flags;
++ PKCS12_add_cert;
++ STORE_OBJECT_new;
++ ERR_load_ECDH_strings;
++ EC_KEY_dup;
++ EVP_CIPHER_CTX_rand_key;
++ ECDSA_set_method;
++ a2i_IPADDRESS_NC;
++ d2i_ECParameters;
++ STORE_list_certificate_end;
++ STORE_get_crl;
++ X509_POLICY_NODE_print;
++ SHA384_Init;
++ EC_GF2m_simple_method;
++ ECDSA_set_ex_data;
++ SHA384_Final;
++ PKCS7_set_digest;
++ EC_KEY_print;
++ STORE_meth_set_lock_store_fn;
++ STORE_method_set_lock_store_function;
++ ECDSA_get_ex_new_index;
++ SHA384;
++ POLICY_MAPPING_new;
++ STORE_list_certificate_endp;
++ X509_STORE_CTX_get0_policy_tree;
++ EC_GROUP_set_asn1_flag;
++ EC_KEY_check_key;
++ d2i_EC_PUBKEY_fp;
++ PKCS7_set0_type_other;
++ PEM_read_bio_X509_CERT_PAIR;
++ pqueue_next;
++ STORE_meth_get_list_end_fn;
++ STORE_method_get_list_end_function;
++ EVP_PKEY_add1_attr_by_OBJ;
++ X509_VERIFY_PARAM_set_time;
++ pqueue_new;
++ ENGINE_set_default_ECDH;
++ STORE_new_method;
++ PKCS12_add_key;
++ DSO_merge;
++ EC_POINT_hex2point;
++ BIO_dump_cb;
++ SHA256_Update;
++ pqueue_insert;
++ pitem_free;
++ BN_GF2m_mod_inv_arr;
++ ENGINE_unregister_ECDSA;
++ BN_BLINDING_set_thread_id;
++ get_rfc3526_prime_8192;
++ X509_VERIFY_PARAM_clear_flags;
++ get_rfc2409_prime_1024;
++ DH_check_pub_key;
++ get_rfc3526_prime_2048;
++ get_rfc3526_prime_6144;
++ get_rfc3526_prime_1536;
++ get_rfc3526_prime_3072;
++ get_rfc3526_prime_4096;
++ get_rfc2409_prime_768;
++ X509_VERIFY_PARAM_get_flags;
++ EVP_CIPHER_CTX_new;
++ EVP_CIPHER_CTX_free;
++ Camellia_cbc_encrypt;
++ Camellia_cfb128_encrypt;
++ Camellia_cfb1_encrypt;
++ Camellia_cfb8_encrypt;
++ Camellia_ctr128_encrypt;
++ Camellia_cfbr_encrypt_block;
++ Camellia_decrypt;
++ Camellia_ecb_encrypt;
++ Camellia_encrypt;
++ Camellia_ofb128_encrypt;
++ Camellia_set_key;
++ EVP_camellia_128_cbc;
++ EVP_camellia_128_cfb128;
++ EVP_camellia_128_cfb1;
++ EVP_camellia_128_cfb8;
++ EVP_camellia_128_ecb;
++ EVP_camellia_128_ofb;
++ EVP_camellia_192_cbc;
++ EVP_camellia_192_cfb128;
++ EVP_camellia_192_cfb1;
++ EVP_camellia_192_cfb8;
++ EVP_camellia_192_ecb;
++ EVP_camellia_192_ofb;
++ EVP_camellia_256_cbc;
++ EVP_camellia_256_cfb128;
++ EVP_camellia_256_cfb1;
++ EVP_camellia_256_cfb8;
++ EVP_camellia_256_ecb;
++ EVP_camellia_256_ofb;
++ a2i_ipadd;
++ ASIdentifiers_free;
++ i2d_ASIdOrRange;
++ EVP_CIPHER_block_size;
++ v3_asid_is_canonical;
++ IPAddressChoice_free;
++ EVP_CIPHER_CTX_set_app_data;
++ BIO_set_callback_arg;
++ v3_addr_add_prefix;
++ IPAddressOrRange_it;
++ BIO_set_flags;
++ ASIdentifiers_it;
++ v3_addr_get_range;
++ BIO_method_type;
++ v3_addr_inherits;
++ IPAddressChoice_it;
++ AES_ige_encrypt;
++ v3_addr_add_range;
++ EVP_CIPHER_CTX_nid;
++ d2i_ASRange;
++ v3_addr_add_inherit;
++ v3_asid_add_id_or_range;
++ v3_addr_validate_resource_set;
++ EVP_CIPHER_iv_length;
++ EVP_MD_type;
++ v3_asid_canonize;
++ IPAddressRange_free;
++ v3_asid_add_inherit;
++ EVP_CIPHER_CTX_key_length;
++ IPAddressRange_new;
++ ASIdOrRange_new;
++ EVP_MD_size;
++ EVP_MD_CTX_test_flags;
++ BIO_clear_flags;
++ i2d_ASRange;
++ IPAddressRange_it;
++ IPAddressChoice_new;
++ ASIdentifierChoice_new;
++ ASRange_free;
++ EVP_MD_pkey_type;
++ EVP_MD_CTX_clear_flags;
++ IPAddressFamily_free;
++ i2d_IPAddressFamily;
++ IPAddressOrRange_new;
++ EVP_CIPHER_flags;
++ v3_asid_validate_resource_set;
++ d2i_IPAddressRange;
++ AES_bi_ige_encrypt;
++ BIO_get_callback;
++ IPAddressOrRange_free;
++ v3_addr_subset;
++ d2i_IPAddressFamily;
++ v3_asid_subset;
++ BIO_test_flags;
++ i2d_ASIdentifierChoice;
++ ASRange_it;
++ d2i_ASIdentifiers;
++ ASRange_new;
++ d2i_IPAddressChoice;
++ v3_addr_get_afi;
++ EVP_CIPHER_key_length;
++ EVP_Cipher;
++ i2d_IPAddressOrRange;
++ ASIdOrRange_it;
++ EVP_CIPHER_nid;
++ i2d_IPAddressChoice;
++ EVP_CIPHER_CTX_block_size;
++ ASIdentifiers_new;
++ v3_addr_validate_path;
++ IPAddressFamily_new;
++ EVP_MD_CTX_set_flags;
++ v3_addr_is_canonical;
++ i2d_IPAddressRange;
++ IPAddressFamily_it;
++ v3_asid_inherits;
++ EVP_CIPHER_CTX_cipher;
++ EVP_CIPHER_CTX_get_app_data;
++ EVP_MD_block_size;
++ EVP_CIPHER_CTX_flags;
++ v3_asid_validate_path;
++ d2i_IPAddressOrRange;
++ v3_addr_canonize;
++ ASIdentifierChoice_it;
++ EVP_MD_CTX_md;
++ d2i_ASIdentifierChoice;
++ BIO_method_name;
++ EVP_CIPHER_CTX_iv_length;
++ ASIdOrRange_free;
++ ASIdentifierChoice_free;
++ BIO_get_callback_arg;
++ BIO_set_callback;
++ d2i_ASIdOrRange;
++ i2d_ASIdentifiers;
++ SEED_decrypt;
++ SEED_encrypt;
++ SEED_cbc_encrypt;
++ EVP_seed_ofb;
++ SEED_cfb128_encrypt;
++ SEED_ofb128_encrypt;
++ EVP_seed_cbc;
++ SEED_ecb_encrypt;
++ EVP_seed_ecb;
++ SEED_set_key;
++ EVP_seed_cfb128;
++ X509_EXTENSIONS_it;
++ X509_get1_ocsp;
++ OCSP_REQ_CTX_free;
++ i2d_X509_EXTENSIONS;
++ OCSP_sendreq_nbio;
++ OCSP_sendreq_new;
++ d2i_X509_EXTENSIONS;
++ X509_ALGORS_it;
++ X509_ALGOR_get0;
++ X509_ALGOR_set0;
++ AES_unwrap_key;
++ AES_wrap_key;
++ X509at_get0_data_by_OBJ;
++ ASN1_TYPE_set1;
++ ASN1_STRING_set0;
++ i2d_X509_ALGORS;
++ BIO_f_zlib;
++ COMP_zlib_cleanup;
++ d2i_X509_ALGORS;
++ CMS_ReceiptRequest_free;
++ PEM_write_CMS;
++ CMS_add0_CertificateChoices;
++ CMS_unsigned_add1_attr_by_OBJ;
++ ERR_load_CMS_strings;
++ CMS_sign_receipt;
++ i2d_CMS_ContentInfo;
++ CMS_signed_delete_attr;
++ d2i_CMS_bio;
++ CMS_unsigned_get_attr_by_NID;
++ CMS_verify;
++ SMIME_read_CMS;
++ CMS_decrypt_set1_key;
++ CMS_SignerInfo_get0_algs;
++ CMS_add1_cert;
++ CMS_set_detached;
++ CMS_encrypt;
++ CMS_EnvelopedData_create;
++ CMS_uncompress;
++ CMS_add0_crl;
++ CMS_SignerInfo_verify_content;
++ CMS_unsigned_get0_data_by_OBJ;
++ PEM_write_bio_CMS;
++ CMS_unsigned_get_attr;
++ CMS_RecipientInfo_ktri_cert_cmp;
++ CMS_RecipientInfo_ktri_get0_algs;
++ CMS_RecipInfo_ktri_get0_algs;
++ CMS_ContentInfo_free;
++ CMS_final;
++ CMS_add_simple_smimecap;
++ CMS_SignerInfo_verify;
++ CMS_data;
++ CMS_ContentInfo_it;
++ d2i_CMS_ReceiptRequest;
++ CMS_compress;
++ CMS_digest_create;
++ CMS_SignerInfo_cert_cmp;
++ CMS_SignerInfo_sign;
++ CMS_data_create;
++ i2d_CMS_bio;
++ CMS_EncryptedData_set1_key;
++ CMS_decrypt;
++ int_smime_write_ASN1;
++ CMS_unsigned_delete_attr;
++ CMS_unsigned_get_attr_count;
++ CMS_add_smimecap;
++ PEM_read_CMS;
++ CMS_signed_get_attr_by_OBJ;
++ d2i_CMS_ContentInfo;
++ CMS_add_standard_smimecap;
++ CMS_ContentInfo_new;
++ CMS_RecipientInfo_type;
++ CMS_get0_type;
++ CMS_is_detached;
++ CMS_sign;
++ CMS_signed_add1_attr;
++ CMS_unsigned_get_attr_by_OBJ;
++ SMIME_write_CMS;
++ CMS_EncryptedData_decrypt;
++ CMS_get0_RecipientInfos;
++ CMS_add0_RevocationInfoChoice;
++ CMS_decrypt_set1_pkey;
++ CMS_SignerInfo_set1_signer_cert;
++ CMS_get0_signers;
++ CMS_ReceiptRequest_get0_values;
++ CMS_signed_get0_data_by_OBJ;
++ CMS_get0_SignerInfos;
++ CMS_add0_cert;
++ CMS_EncryptedData_encrypt;
++ CMS_digest_verify;
++ CMS_set1_signers_certs;
++ CMS_signed_get_attr;
++ CMS_RecipientInfo_set0_key;
++ CMS_SignedData_init;
++ CMS_RecipientInfo_kekri_get0_id;
++ CMS_verify_receipt;
++ CMS_ReceiptRequest_it;
++ PEM_read_bio_CMS;
++ CMS_get1_crls;
++ CMS_add0_recipient_key;
++ SMIME_read_ASN1;
++ CMS_ReceiptRequest_new;
++ CMS_get0_content;
++ CMS_get1_ReceiptRequest;
++ CMS_signed_add1_attr_by_OBJ;
++ CMS_RecipientInfo_kekri_id_cmp;
++ CMS_add1_ReceiptRequest;
++ CMS_SignerInfo_get0_signer_id;
++ CMS_unsigned_add1_attr_by_NID;
++ CMS_unsigned_add1_attr;
++ CMS_signed_get_attr_by_NID;
++ CMS_get1_certs;
++ CMS_signed_add1_attr_by_NID;
++ CMS_unsigned_add1_attr_by_txt;
++ CMS_dataFinal;
++ CMS_RecipientInfo_ktri_get0_signer_id;
++ CMS_RecipInfo_ktri_get0_sigr_id;
++ i2d_CMS_ReceiptRequest;
++ CMS_add1_recipient_cert;
++ CMS_dataInit;
++ CMS_signed_add1_attr_by_txt;
++ CMS_RecipientInfo_decrypt;
++ CMS_signed_get_attr_count;
++ CMS_get0_eContentType;
++ CMS_set1_eContentType;
++ CMS_ReceiptRequest_create0;
++ CMS_add1_signer;
++ CMS_RecipientInfo_set0_pkey;
++ ENGINE_set_load_ssl_client_cert_function;
++ ENGINE_set_ld_ssl_clnt_cert_fn;
++ ENGINE_get_ssl_client_cert_function;
++ ENGINE_get_ssl_client_cert_fn;
++ ENGINE_load_ssl_client_cert;
++ ENGINE_load_capi;
++ OPENSSL_isservice;
++ FIPS_dsa_sig_decode;
++ EVP_CIPHER_CTX_clear_flags;
++ FIPS_rand_status;
++ FIPS_rand_set_key;
++ CRYPTO_set_mem_info_functions;
++ RSA_X931_generate_key_ex;
++ int_ERR_set_state_func;
++ int_EVP_MD_set_engine_callbacks;
++ int_CRYPTO_set_do_dynlock_callback;
++ FIPS_rng_stick;
++ EVP_CIPHER_CTX_set_flags;
++ BN_X931_generate_prime_ex;
++ FIPS_selftest_check;
++ FIPS_rand_set_dt;
++ CRYPTO_dbg_pop_info;
++ FIPS_dsa_free;
++ RSA_X931_derive_ex;
++ FIPS_rsa_new;
++ FIPS_rand_bytes;
++ fips_cipher_test;
++ EVP_CIPHER_CTX_test_flags;
++ CRYPTO_malloc_debug_init;
++ CRYPTO_dbg_push_info;
++ FIPS_corrupt_rsa_keygen;
++ FIPS_dh_new;
++ FIPS_corrupt_dsa_keygen;
++ FIPS_dh_free;
++ fips_pkey_signature_test;
++ EVP_add_alg_module;
++ int_RAND_init_engine_callbacks;
++ int_EVP_CIPHER_set_engine_callbacks;
++ int_EVP_MD_init_engine_callbacks;
++ FIPS_rand_test_mode;
++ FIPS_rand_reset;
++ FIPS_dsa_new;
++ int_RAND_set_callbacks;
++ BN_X931_derive_prime_ex;
++ int_ERR_lib_init;
++ int_EVP_CIPHER_init_engine_callbacks;
++ FIPS_rsa_free;
++ FIPS_dsa_sig_encode;
++ CRYPTO_dbg_remove_all_info;
++ OPENSSL_init;
++ CRYPTO_strdup;
++ JPAKE_STEP3A_process;
++ JPAKE_STEP1_release;
++ JPAKE_get_shared_key;
++ JPAKE_STEP3B_init;
++ JPAKE_STEP1_generate;
++ JPAKE_STEP1_init;
++ JPAKE_STEP3B_process;
++ JPAKE_STEP2_generate;
++ JPAKE_CTX_new;
++ JPAKE_CTX_free;
++ JPAKE_STEP3B_release;
++ JPAKE_STEP3A_release;
++ JPAKE_STEP2_process;
++ JPAKE_STEP3B_generate;
++ JPAKE_STEP1_process;
++ JPAKE_STEP3A_generate;
++ JPAKE_STEP2_release;
++ JPAKE_STEP3A_init;
++ ERR_load_JPAKE_strings;
++ JPAKE_STEP2_init;
++ pqueue_size;
++ i2d_TS_ACCURACY;
++ i2d_TS_MSG_IMPRINT_fp;
++ i2d_TS_MSG_IMPRINT;
++ EVP_PKEY_print_public;
++ EVP_PKEY_CTX_new;
++ i2d_TS_TST_INFO;
++ EVP_PKEY_asn1_find;
++ DSO_METHOD_beos;
++ TS_CONF_load_cert;
++ TS_REQ_get_ext;
++ EVP_PKEY_sign_init;
++ ASN1_item_print;
++ TS_TST_INFO_set_nonce;
++ TS_RESP_dup;
++ ENGINE_register_pkey_meths;
++ EVP_PKEY_asn1_add0;
++ PKCS7_add0_attrib_signing_time;
++ i2d_TS_TST_INFO_fp;
++ BIO_asn1_get_prefix;
++ TS_TST_INFO_set_time;
++ EVP_PKEY_meth_set_decrypt;
++ EVP_PKEY_set_type_str;
++ EVP_PKEY_CTX_get_keygen_info;
++ TS_REQ_set_policy_id;
++ d2i_TS_RESP_fp;
++ ENGINE_get_pkey_asn1_meth_engine;
++ ENGINE_get_pkey_asn1_meth_eng;
++ WHIRLPOOL_Init;
++ TS_RESP_set_status_info;
++ EVP_PKEY_keygen;
++ EVP_DigestSignInit;
++ TS_ACCURACY_set_millis;
++ TS_REQ_dup;
++ GENERAL_NAME_dup;
++ ASN1_SEQUENCE_ANY_it;
++ WHIRLPOOL;
++ X509_STORE_get1_crls;
++ ENGINE_get_pkey_asn1_meth;
++ EVP_PKEY_asn1_new;
++ BIO_new_NDEF;
++ ENGINE_get_pkey_meth;
++ TS_MSG_IMPRINT_set_algo;
++ i2d_TS_TST_INFO_bio;
++ TS_TST_INFO_set_ordering;
++ TS_TST_INFO_get_ext_by_OBJ;
++ CRYPTO_THREADID_set_pointer;
++ TS_CONF_get_tsa_section;
++ SMIME_write_ASN1;
++ TS_RESP_CTX_set_signer_key;
++ EVP_PKEY_encrypt_old;
++ EVP_PKEY_encrypt_init;
++ CRYPTO_THREADID_cpy;
++ ASN1_PCTX_get_cert_flags;
++ i2d_ESS_SIGNING_CERT;
++ TS_CONF_load_key;
++ i2d_ASN1_SEQUENCE_ANY;
++ d2i_TS_MSG_IMPRINT_bio;
++ EVP_PKEY_asn1_set_public;
++ b2i_PublicKey_bio;
++ BIO_asn1_set_prefix;
++ EVP_PKEY_new_mac_key;
++ BIO_new_CMS;
++ CRYPTO_THREADID_cmp;
++ TS_REQ_ext_free;
++ EVP_PKEY_asn1_set_free;
++ EVP_PKEY_get0_asn1;
++ d2i_NETSCAPE_X509;
++ EVP_PKEY_verify_recover_init;
++ EVP_PKEY_CTX_set_data;
++ EVP_PKEY_keygen_init;
++ TS_RESP_CTX_set_status_info;
++ TS_MSG_IMPRINT_get_algo;
++ TS_REQ_print_bio;
++ EVP_PKEY_CTX_ctrl_str;
++ EVP_PKEY_get_default_digest_nid;
++ PEM_write_bio_PKCS7_stream;
++ TS_MSG_IMPRINT_print_bio;
++ BN_asc2bn;
++ TS_REQ_get_policy_id;
++ ENGINE_set_default_pkey_asn1_meths;
++ ENGINE_set_def_pkey_asn1_meths;
++ d2i_TS_ACCURACY;
++ DSO_global_lookup;
++ TS_CONF_set_tsa_name;
++ i2d_ASN1_SET_ANY;
++ ENGINE_load_gost;
++ WHIRLPOOL_BitUpdate;
++ ASN1_PCTX_get_flags;
++ TS_TST_INFO_get_ext_by_NID;
++ TS_RESP_new;
++ ESS_CERT_ID_dup;
++ TS_STATUS_INFO_dup;
++ TS_REQ_delete_ext;
++ EVP_DigestVerifyFinal;
++ EVP_PKEY_print_params;
++ i2d_CMS_bio_stream;
++ TS_REQ_get_msg_imprint;
++ OBJ_find_sigid_by_algs;
++ TS_TST_INFO_get_serial;
++ TS_REQ_get_nonce;
++ X509_PUBKEY_set0_param;
++ EVP_PKEY_CTX_set0_keygen_info;
++ DIST_POINT_set_dpname;
++ i2d_ISSUING_DIST_POINT;
++ ASN1_SET_ANY_it;
++ EVP_PKEY_CTX_get_data;
++ TS_STATUS_INFO_print_bio;
++ EVP_PKEY_derive_init;
++ d2i_TS_TST_INFO;
++ EVP_PKEY_asn1_add_alias;
++ d2i_TS_RESP_bio;
++ OTHERNAME_cmp;
++ GENERAL_NAME_set0_value;
++ PKCS7_RECIP_INFO_get0_alg;
++ TS_RESP_CTX_new;
++ TS_RESP_set_tst_info;
++ PKCS7_final;
++ EVP_PKEY_base_id;
++ TS_RESP_CTX_set_signer_cert;
++ TS_REQ_set_msg_imprint;
++ EVP_PKEY_CTX_ctrl;
++ TS_CONF_set_digests;
++ d2i_TS_MSG_IMPRINT;
++ EVP_PKEY_meth_set_ctrl;
++ TS_REQ_get_ext_by_NID;
++ PKCS5_pbe_set0_algor;
++ BN_BLINDING_thread_id;
++ TS_ACCURACY_new;
++ X509_CRL_METHOD_free;
++ ASN1_PCTX_get_nm_flags;
++ EVP_PKEY_meth_set_sign;
++ CRYPTO_THREADID_current;
++ EVP_PKEY_decrypt_init;
++ NETSCAPE_X509_free;
++ i2b_PVK_bio;
++ EVP_PKEY_print_private;
++ GENERAL_NAME_get0_value;
++ b2i_PVK_bio;
++ ASN1_UTCTIME_adj;
++ TS_TST_INFO_new;
++ EVP_MD_do_all_sorted;
++ TS_CONF_set_default_engine;
++ TS_ACCURACY_set_seconds;
++ TS_TST_INFO_get_time;
++ PKCS8_pkey_get0;
++ EVP_PKEY_asn1_get0;
++ OBJ_add_sigid;
++ PKCS7_SIGNER_INFO_sign;
++ EVP_PKEY_paramgen_init;
++ EVP_PKEY_sign;
++ OBJ_sigid_free;
++ EVP_PKEY_meth_set_init;
++ d2i_ESS_ISSUER_SERIAL;
++ ISSUING_DIST_POINT_new;
++ ASN1_TIME_adj;
++ TS_OBJ_print_bio;
++ EVP_PKEY_meth_set_verify_recover;
++ EVP_PKEY_meth_set_vrfy_recover;
++ TS_RESP_get_status_info;
++ CMS_stream;
++ EVP_PKEY_CTX_set_cb;
++ PKCS7_to_TS_TST_INFO;
++ ASN1_PCTX_get_oid_flags;
++ TS_TST_INFO_add_ext;
++ EVP_PKEY_meth_set_derive;
++ i2d_TS_RESP_fp;
++ i2d_TS_MSG_IMPRINT_bio;
++ TS_RESP_CTX_set_accuracy;
++ TS_REQ_set_nonce;
++ ESS_CERT_ID_new;
++ ENGINE_pkey_asn1_find_str;
++ TS_REQ_get_ext_count;
++ BUF_reverse;
++ TS_TST_INFO_print_bio;
++ d2i_ISSUING_DIST_POINT;
++ ENGINE_get_pkey_meths;
++ i2b_PrivateKey_bio;
++ i2d_TS_RESP;
++ b2i_PublicKey;
++ TS_VERIFY_CTX_cleanup;
++ TS_STATUS_INFO_free;
++ TS_RESP_verify_token;
++ OBJ_bsearch_ex_;
++ ASN1_bn_print;
++ EVP_PKEY_asn1_get_count;
++ ENGINE_register_pkey_asn1_meths;
++ ASN1_PCTX_set_nm_flags;
++ EVP_DigestVerifyInit;
++ ENGINE_set_default_pkey_meths;
++ TS_TST_INFO_get_policy_id;
++ TS_REQ_get_cert_req;
++ X509_CRL_set_meth_data;
++ PKCS8_pkey_set0;
++ ASN1_STRING_copy;
++ d2i_TS_TST_INFO_fp;
++ X509_CRL_match;
++ EVP_PKEY_asn1_set_private;
++ TS_TST_INFO_get_ext_d2i;
++ TS_RESP_CTX_add_policy;
++ d2i_TS_RESP;
++ TS_CONF_load_certs;
++ TS_TST_INFO_get_msg_imprint;
++ ERR_load_TS_strings;
++ TS_TST_INFO_get_version;
++ EVP_PKEY_CTX_dup;
++ EVP_PKEY_meth_set_verify;
++ i2b_PublicKey_bio;
++ TS_CONF_set_certs;
++ EVP_PKEY_asn1_get0_info;
++ TS_VERIFY_CTX_free;
++ TS_REQ_get_ext_by_critical;
++ TS_RESP_CTX_set_serial_cb;
++ X509_CRL_get_meth_data;
++ TS_RESP_CTX_set_time_cb;
++ TS_MSG_IMPRINT_get_msg;
++ TS_TST_INFO_ext_free;
++ TS_REQ_get_version;
++ TS_REQ_add_ext;
++ EVP_PKEY_CTX_set_app_data;
++ OBJ_bsearch_;
++ EVP_PKEY_meth_set_verifyctx;
++ i2d_PKCS7_bio_stream;
++ CRYPTO_THREADID_set_numeric;
++ PKCS7_sign_add_signer;
++ d2i_TS_TST_INFO_bio;
++ TS_TST_INFO_get_ordering;
++ TS_RESP_print_bio;
++ TS_TST_INFO_get_exts;
++ HMAC_CTX_copy;
++ PKCS5_pbe2_set_iv;
++ ENGINE_get_pkey_asn1_meths;
++ b2i_PrivateKey;
++ EVP_PKEY_CTX_get_app_data;
++ TS_REQ_set_cert_req;
++ CRYPTO_THREADID_set_callback;
++ TS_CONF_set_serial;
++ TS_TST_INFO_free;
++ d2i_TS_REQ_fp;
++ TS_RESP_verify_response;
++ i2d_ESS_ISSUER_SERIAL;
++ TS_ACCURACY_get_seconds;
++ EVP_CIPHER_do_all;
++ b2i_PrivateKey_bio;
++ OCSP_CERTID_dup;
++ X509_PUBKEY_get0_param;
++ TS_MSG_IMPRINT_dup;
++ PKCS7_print_ctx;
++ i2d_TS_REQ_bio;
++ EVP_whirlpool;
++ EVP_PKEY_asn1_set_param;
++ EVP_PKEY_meth_set_encrypt;
++ ASN1_PCTX_set_flags;
++ i2d_ESS_CERT_ID;
++ TS_VERIFY_CTX_new;
++ TS_RESP_CTX_set_extension_cb;
++ ENGINE_register_all_pkey_meths;
++ TS_RESP_CTX_set_status_info_cond;
++ TS_RESP_CTX_set_stat_info_cond;
++ EVP_PKEY_verify;
++ WHIRLPOOL_Final;
++ X509_CRL_METHOD_new;
++ EVP_DigestSignFinal;
++ TS_RESP_CTX_set_def_policy;
++ NETSCAPE_X509_it;
++ TS_RESP_create_response;
++ PKCS7_SIGNER_INFO_get0_algs;
++ TS_TST_INFO_get_nonce;
++ EVP_PKEY_decrypt_old;
++ TS_TST_INFO_set_policy_id;
++ TS_CONF_set_ess_cert_id_chain;
++ EVP_PKEY_CTX_get0_pkey;
++ d2i_TS_REQ;
++ EVP_PKEY_asn1_find_str;
++ BIO_f_asn1;
++ ESS_SIGNING_CERT_new;
++ EVP_PBE_find;
++ X509_CRL_get0_by_cert;
++ EVP_PKEY_derive;
++ i2d_TS_REQ;
++ TS_TST_INFO_delete_ext;
++ ESS_ISSUER_SERIAL_free;
++ ASN1_PCTX_set_str_flags;
++ ENGINE_get_pkey_asn1_meth_str;
++ TS_CONF_set_signer_key;
++ TS_ACCURACY_get_millis;
++ TS_RESP_get_token;
++ TS_ACCURACY_dup;
++ ENGINE_register_all_pkey_asn1_meths;
++ ENGINE_reg_all_pkey_asn1_meths;
++ X509_CRL_set_default_method;
++ CRYPTO_THREADID_hash;
++ CMS_ContentInfo_print_ctx;
++ TS_RESP_free;
++ ISSUING_DIST_POINT_free;
++ ESS_ISSUER_SERIAL_new;
++ CMS_add1_crl;
++ PKCS7_add1_attrib_digest;
++ TS_RESP_CTX_add_md;
++ TS_TST_INFO_dup;
++ ENGINE_set_pkey_asn1_meths;
++ PEM_write_bio_Parameters;
++ TS_TST_INFO_get_accuracy;
++ X509_CRL_get0_by_serial;
++ TS_TST_INFO_set_version;
++ TS_RESP_CTX_get_tst_info;
++ TS_RESP_verify_signature;
++ CRYPTO_THREADID_get_callback;
++ TS_TST_INFO_get_tsa;
++ TS_STATUS_INFO_new;
++ EVP_PKEY_CTX_get_cb;
++ TS_REQ_get_ext_d2i;
++ GENERAL_NAME_set0_othername;
++ TS_TST_INFO_get_ext_count;
++ TS_RESP_CTX_get_request;
++ i2d_NETSCAPE_X509;
++ ENGINE_get_pkey_meth_engine;
++ EVP_PKEY_meth_set_signctx;
++ EVP_PKEY_asn1_copy;
++ ASN1_TYPE_cmp;
++ EVP_CIPHER_do_all_sorted;
++ EVP_PKEY_CTX_free;
++ ISSUING_DIST_POINT_it;
++ d2i_TS_MSG_IMPRINT_fp;
++ X509_STORE_get1_certs;
++ EVP_PKEY_CTX_get_operation;
++ d2i_ESS_SIGNING_CERT;
++ TS_CONF_set_ordering;
++ EVP_PBE_alg_add_type;
++ TS_REQ_set_version;
++ EVP_PKEY_get0;
++ BIO_asn1_set_suffix;
++ i2d_TS_STATUS_INFO;
++ EVP_MD_do_all;
++ TS_TST_INFO_set_accuracy;
++ PKCS7_add_attrib_content_type;
++ ERR_remove_thread_state;
++ EVP_PKEY_meth_add0;
++ TS_TST_INFO_set_tsa;
++ EVP_PKEY_meth_new;
++ WHIRLPOOL_Update;
++ TS_CONF_set_accuracy;
++ ASN1_PCTX_set_oid_flags;
++ ESS_SIGNING_CERT_dup;
++ d2i_TS_REQ_bio;
++ X509_time_adj_ex;
++ TS_RESP_CTX_add_flags;
++ d2i_TS_STATUS_INFO;
++ TS_MSG_IMPRINT_set_msg;
++ BIO_asn1_get_suffix;
++ TS_REQ_free;
++ EVP_PKEY_meth_free;
++ TS_REQ_get_exts;
++ TS_RESP_CTX_set_clock_precision_digits;
++ TS_RESP_CTX_set_clk_prec_digits;
++ TS_RESP_CTX_add_failure_info;
++ i2d_TS_RESP_bio;
++ EVP_PKEY_CTX_get0_peerkey;
++ PEM_write_bio_CMS_stream;
++ TS_REQ_new;
++ TS_MSG_IMPRINT_new;
++ EVP_PKEY_meth_find;
++ EVP_PKEY_id;
++ TS_TST_INFO_set_serial;
++ a2i_GENERAL_NAME;
++ TS_CONF_set_crypto_device;
++ EVP_PKEY_verify_init;
++ TS_CONF_set_policies;
++ ASN1_PCTX_new;
++ ESS_CERT_ID_free;
++ ENGINE_unregister_pkey_meths;
++ TS_MSG_IMPRINT_free;
++ TS_VERIFY_CTX_init;
++ PKCS7_stream;
++ TS_RESP_CTX_set_certs;
++ TS_CONF_set_def_policy;
++ ASN1_GENERALIZEDTIME_adj;
++ NETSCAPE_X509_new;
++ TS_ACCURACY_free;
++ TS_RESP_get_tst_info;
++ EVP_PKEY_derive_set_peer;
++ PEM_read_bio_Parameters;
++ TS_CONF_set_clock_precision_digits;
++ TS_CONF_set_clk_prec_digits;
++ ESS_ISSUER_SERIAL_dup;
++ TS_ACCURACY_get_micros;
++ ASN1_PCTX_get_str_flags;
++ NAME_CONSTRAINTS_check;
++ ASN1_BIT_STRING_check;
++ X509_check_akid;
++ ENGINE_unregister_pkey_asn1_meths;
++ ENGINE_unreg_pkey_asn1_meths;
++ ASN1_PCTX_free;
++ PEM_write_bio_ASN1_stream;
++ i2d_ASN1_bio_stream;
++ TS_X509_ALGOR_print_bio;
++ EVP_PKEY_meth_set_cleanup;
++ EVP_PKEY_asn1_free;
++ ESS_SIGNING_CERT_free;
++ TS_TST_INFO_set_msg_imprint;
++ GENERAL_NAME_cmp;
++ d2i_ASN1_SET_ANY;
++ ENGINE_set_pkey_meths;
++ i2d_TS_REQ_fp;
++ d2i_ASN1_SEQUENCE_ANY;
++ GENERAL_NAME_get0_otherName;
++ d2i_ESS_CERT_ID;
++ OBJ_find_sigid_algs;
++ EVP_PKEY_meth_set_keygen;
++ PKCS5_PBKDF2_HMAC;
++ EVP_PKEY_paramgen;
++ EVP_PKEY_meth_set_paramgen;
++ BIO_new_PKCS7;
++ EVP_PKEY_verify_recover;
++ TS_ext_print_bio;
++ TS_ASN1_INTEGER_print_bio;
++ check_defer;
++ DSO_pathbyaddr;
++ EVP_PKEY_set_type;
++ TS_ACCURACY_set_micros;
++ TS_REQ_to_TS_VERIFY_CTX;
++ EVP_PKEY_meth_set_copy;
++ ASN1_PCTX_set_cert_flags;
++ TS_TST_INFO_get_ext;
++ EVP_PKEY_asn1_set_ctrl;
++ TS_TST_INFO_get_ext_by_critical;
++ EVP_PKEY_CTX_new_id;
++ TS_REQ_get_ext_by_OBJ;
++ TS_CONF_set_signer_cert;
++ X509_NAME_hash_old;
++ ASN1_TIME_set_string;
++ EVP_MD_flags;
++ TS_RESP_CTX_free;
++ DSAparams_dup;
++ DHparams_dup;
++ OCSP_REQ_CTX_add1_header;
++ OCSP_REQ_CTX_set1_req;
++ X509_STORE_set_verify_cb;
++ X509_STORE_CTX_get0_current_crl;
++ X509_STORE_CTX_get0_parent_ctx;
++ X509_STORE_CTX_get0_current_issuer;
++ X509_STORE_CTX_get0_cur_issuer;
++ X509_issuer_name_hash_old;
++ X509_subject_name_hash_old;
++ EVP_CIPHER_CTX_copy;
++ UI_method_get_prompt_constructor;
++ UI_method_get_prompt_constructr;
++ UI_method_set_prompt_constructor;
++ UI_method_set_prompt_constructr;
++ EVP_read_pw_string_min;
++ CRYPTO_cts128_encrypt;
++ CRYPTO_cts128_decrypt_block;
++ CRYPTO_cfb128_1_encrypt;
++ CRYPTO_cbc128_encrypt;
++ CRYPTO_ctr128_encrypt;
++ CRYPTO_ofb128_encrypt;
++ CRYPTO_cts128_decrypt;
++ CRYPTO_cts128_encrypt_block;
++ CRYPTO_cbc128_decrypt;
++ CRYPTO_cfb128_encrypt;
++ CRYPTO_cfb128_8_encrypt;
++ SSL_renegotiate_abbreviated;
++ TLSv1_1_method;
++ TLSv1_1_client_method;
++ TLSv1_1_server_method;
++ SSL_CTX_set_srp_client_pwd_callback;
++ SSL_CTX_set_srp_client_pwd_cb;
++ SSL_get_srp_g;
++ SSL_CTX_set_srp_username_callback;
++ SSL_CTX_set_srp_un_cb;
++ SSL_get_srp_userinfo;
++ SSL_set_srp_server_param;
++ SSL_set_srp_server_param_pw;
++ SSL_get_srp_N;
++ SSL_get_srp_username;
++ SSL_CTX_set_srp_password;
++ SSL_CTX_set_srp_strength;
++ SSL_CTX_set_srp_verify_param_callback;
++ SSL_CTX_set_srp_vfy_param_cb;
++ SSL_CTX_set_srp_cb_arg;
++ SSL_CTX_set_srp_username;
++ SSL_CTX_SRP_CTX_init;
++ SSL_SRP_CTX_init;
++ SRP_Calc_A_param;
++ SRP_generate_server_master_secret;
++ SRP_gen_server_master_secret;
++ SSL_CTX_SRP_CTX_free;
++ SRP_generate_client_master_secret;
++ SRP_gen_client_master_secret;
++ SSL_srp_server_param_with_username;
++ SSL_srp_server_param_with_un;
++ SSL_SRP_CTX_free;
++ SSL_set_debug;
++ SSL_SESSION_get0_peer;
++ TLSv1_2_client_method;
++ SSL_SESSION_set1_id_context;
++ TLSv1_2_server_method;
++ SSL_cache_hit;
++ SSL_get0_kssl_ctx;
++ SSL_set0_kssl_ctx;
++ SSL_set_state;
++ SSL_CIPHER_get_id;
++ TLSv1_2_method;
++ kssl_ctx_get0_client_princ;
++ SSL_export_keying_material;
++ SSL_set_tlsext_use_srtp;
++ SSL_CTX_set_next_protos_advertised_cb;
++ SSL_CTX_set_next_protos_adv_cb;
++ SSL_get0_next_proto_negotiated;
++ SSL_get_selected_srtp_profile;
++ SSL_CTX_set_tlsext_use_srtp;
++ SSL_select_next_proto;
++ SSL_get_srtp_profiles;
++ SSL_CTX_set_next_proto_select_cb;
++ SSL_CTX_set_next_proto_sel_cb;
++ SSL_SESSION_get_compress_id;
++
++ SRP_VBASE_get_by_user;
++ SRP_Calc_server_key;
++ SRP_create_verifier;
++ SRP_create_verifier_BN;
++ SRP_Calc_u;
++ SRP_VBASE_free;
++ SRP_Calc_client_key;
++ SRP_get_default_gN;
++ SRP_Calc_x;
++ SRP_Calc_B;
++ SRP_VBASE_new;
++ SRP_check_known_gN_param;
++ SRP_Calc_A;
++ SRP_Verify_A_mod_N;
++ SRP_VBASE_init;
++ SRP_Verify_B_mod_N;
++ EC_KEY_set_public_key_affine_coordinates;
++ EC_KEY_set_pub_key_aff_coords;
++ EVP_aes_192_ctr;
++ EVP_PKEY_meth_get0_info;
++ EVP_PKEY_meth_copy;
++ ERR_add_error_vdata;
++ EVP_aes_128_ctr;
++ EVP_aes_256_ctr;
++ EC_GFp_nistp224_method;
++ EC_KEY_get_flags;
++ RSA_padding_add_PKCS1_PSS_mgf1;
++ EVP_aes_128_xts;
++ EVP_aes_256_xts;
++ EVP_aes_128_gcm;
++ EC_KEY_clear_flags;
++ EC_KEY_set_flags;
++ EVP_aes_256_ccm;
++ RSA_verify_PKCS1_PSS_mgf1;
++ EVP_aes_128_ccm;
++ EVP_aes_192_gcm;
++ X509_ALGOR_set_md;
++ RAND_init_fips;
++ EVP_aes_256_gcm;
++ EVP_aes_192_ccm;
++ CMAC_CTX_copy;
++ CMAC_CTX_free;
++ CMAC_CTX_get0_cipher_ctx;
++ CMAC_CTX_cleanup;
++ CMAC_Init;
++ CMAC_Update;
++ CMAC_resume;
++ CMAC_CTX_new;
++ CMAC_Final;
++ CRYPTO_ctr128_encrypt_ctr32;
++ CRYPTO_gcm128_release;
++ CRYPTO_ccm128_decrypt_ccm64;
++ CRYPTO_ccm128_encrypt;
++ CRYPTO_gcm128_encrypt;
++ CRYPTO_xts128_encrypt;
++ EVP_rc4_hmac_md5;
++ CRYPTO_nistcts128_decrypt_block;
++ CRYPTO_gcm128_setiv;
++ CRYPTO_nistcts128_encrypt;
++ EVP_aes_128_cbc_hmac_sha1;
++ CRYPTO_gcm128_tag;
++ CRYPTO_ccm128_encrypt_ccm64;
++ ENGINE_load_rdrand;
++ CRYPTO_ccm128_setiv;
++ CRYPTO_nistcts128_encrypt_block;
++ CRYPTO_gcm128_aad;
++ CRYPTO_ccm128_init;
++ CRYPTO_nistcts128_decrypt;
++ CRYPTO_gcm128_new;
++ CRYPTO_ccm128_tag;
++ CRYPTO_ccm128_decrypt;
++ CRYPTO_ccm128_aad;
++ CRYPTO_gcm128_init;
++ CRYPTO_gcm128_decrypt;
++ ENGINE_load_rsax;
++ CRYPTO_gcm128_decrypt_ctr32;
++ CRYPTO_gcm128_encrypt_ctr32;
++ CRYPTO_gcm128_finish;
++ EVP_aes_256_cbc_hmac_sha1;
++ PKCS5_pbkdf2_set;
++ CMS_add0_recipient_password;
++ CMS_decrypt_set1_password;
++ CMS_RecipientInfo_set0_password;
++ RAND_set_fips_drbg_type;
++ X509_REQ_sign_ctx;
++ RSA_PSS_PARAMS_new;
++ X509_CRL_sign_ctx;
++ X509_signature_dump;
++ d2i_RSA_PSS_PARAMS;
++ RSA_PSS_PARAMS_it;
++ RSA_PSS_PARAMS_free;
++ X509_sign_ctx;
++ i2d_RSA_PSS_PARAMS;
++ ASN1_item_sign_ctx;
++ EC_GFp_nistp521_method;
++ EC_GFp_nistp256_method;
++ OPENSSL_stderr;
++ OPENSSL_cpuid_setup;
++ OPENSSL_showfatal;
++ BIO_new_dgram_sctp;
++ BIO_dgram_sctp_msg_waiting;
++ BIO_dgram_sctp_wait_for_dry;
++ BIO_s_datagram_sctp;
++ BIO_dgram_is_sctp;
++ BIO_dgram_sctp_notification_cb;
++ CRYPTO_memcmp;
++ SSL_CTX_set_alpn_protos;
++ SSL_set_alpn_protos;
++ SSL_CTX_set_alpn_select_cb;
++ SSL_get0_alpn_selected;
++ SSL_CTX_set_custom_cli_ext;
++ SSL_CTX_set_custom_srv_ext;
++ SSL_CTX_set_srv_supp_data;
++ SSL_CTX_set_cli_supp_data;
++ SSL_set_cert_cb;
++ SSL_CTX_use_serverinfo;
++ SSL_CTX_use_serverinfo_file;
++ SSL_CTX_set_cert_cb;
++ SSL_CTX_get0_param;
++ SSL_get0_param;
++ SSL_certs_clear;
++ DTLSv1_2_method;
++ DTLSv1_2_server_method;
++ DTLSv1_2_client_method;
++ DTLS_method;
++ DTLS_server_method;
++ DTLS_client_method;
++ SSL_CTX_get_ssl_method;
++ SSL_CTX_get0_certificate;
++ SSL_CTX_get0_privatekey;
++ SSL_COMP_set0_compression_methods;
++ SSL_COMP_free_compression_methods;
++ SSL_CIPHER_find;
++ SSL_is_server;
++ SSL_CONF_CTX_new;
++ SSL_CONF_CTX_finish;
++ SSL_CONF_CTX_free;
++ SSL_CONF_CTX_set_flags;
++ SSL_CONF_CTX_clear_flags;
++ SSL_CONF_CTX_set1_prefix;
++ SSL_CONF_CTX_set_ssl;
++ SSL_CONF_CTX_set_ssl_ctx;
++ SSL_CONF_cmd;
++ SSL_CONF_cmd_argv;
++ SSL_CONF_cmd_value_type;
++ SSL_trace;
++ SSL_CIPHER_standard_name;
++ SSL_get_tlsa_record_byname;
++ ASN1_TIME_diff;
++ BIO_hex_string;
++ CMS_RecipientInfo_get0_pkey_ctx;
++ CMS_RecipientInfo_encrypt;
++ CMS_SignerInfo_get0_pkey_ctx;
++ CMS_SignerInfo_get0_md_ctx;
++ CMS_SignerInfo_get0_signature;
++ CMS_RecipientInfo_kari_get0_alg;
++ CMS_RecipientInfo_kari_get0_reks;
++ CMS_RecipientInfo_kari_get0_orig_id;
++ CMS_RecipientInfo_kari_orig_id_cmp;
++ CMS_RecipientEncryptedKey_get0_id;
++ CMS_RecipientEncryptedKey_cert_cmp;
++ CMS_RecipientInfo_kari_set0_pkey;
++ CMS_RecipientInfo_kari_get0_ctx;
++ CMS_RecipientInfo_kari_decrypt;
++ CMS_SharedInfo_encode;
++ DH_compute_key_padded;
++ d2i_DHxparams;
++ i2d_DHxparams;
++ DH_get_1024_160;
++ DH_get_2048_224;
++ DH_get_2048_256;
++ DH_KDF_X9_42;
++ ECDH_KDF_X9_62;
++ ECDSA_METHOD_new;
++ ECDSA_METHOD_free;
++ ECDSA_METHOD_set_app_data;
++ ECDSA_METHOD_get_app_data;
++ ECDSA_METHOD_set_sign;
++ ECDSA_METHOD_set_sign_setup;
++ ECDSA_METHOD_set_verify;
++ ECDSA_METHOD_set_flags;
++ ECDSA_METHOD_set_name;
++ EVP_des_ede3_wrap;
++ EVP_aes_128_wrap;
++ EVP_aes_192_wrap;
++ EVP_aes_256_wrap;
++ EVP_aes_128_cbc_hmac_sha256;
++ EVP_aes_256_cbc_hmac_sha256;
++ CRYPTO_128_wrap;
++ CRYPTO_128_unwrap;
++ OCSP_REQ_CTX_nbio;
++ OCSP_REQ_CTX_new;
++ OCSP_set_max_response_length;
++ OCSP_REQ_CTX_i2d;
++ OCSP_REQ_CTX_nbio_d2i;
++ OCSP_REQ_CTX_get0_mem_bio;
++ OCSP_REQ_CTX_http;
++ RSA_padding_add_PKCS1_OAEP_mgf1;
++ RSA_padding_check_PKCS1_OAEP_mgf1;
++ RSA_OAEP_PARAMS_free;
++ RSA_OAEP_PARAMS_it;
++ RSA_OAEP_PARAMS_new;
++ SSL_get_sigalgs;
++ SSL_get_shared_sigalgs;
++ SSL_check_chain;
++ X509_chain_up_ref;
++ X509_http_nbio;
++ X509_CRL_http_nbio;
++ X509_REVOKED_dup;
++ i2d_re_X509_tbs;
++ X509_get0_signature;
++ X509_get_signature_nid;
++ X509_CRL_diff;
++ X509_chain_check_suiteb;
++ X509_CRL_check_suiteb;
++ X509_check_host;
++ X509_check_email;
++ X509_check_ip;
++ X509_check_ip_asc;
++ X509_STORE_set_lookup_crls_cb;
++ X509_STORE_CTX_get0_store;
++ X509_VERIFY_PARAM_set1_host;
++ X509_VERIFY_PARAM_add1_host;
++ X509_VERIFY_PARAM_set_hostflags;
++ X509_VERIFY_PARAM_get0_peername;
++ X509_VERIFY_PARAM_set1_email;
++ X509_VERIFY_PARAM_set1_ip;
++ X509_VERIFY_PARAM_set1_ip_asc;
++ X509_VERIFY_PARAM_get0_name;
++ X509_VERIFY_PARAM_get_count;
++ X509_VERIFY_PARAM_get0;
++ X509V3_EXT_free;
++ EC_GROUP_get_mont_data;
++ EC_curve_nid2nist;
++ EC_curve_nist2nid;
++ PEM_write_bio_DHxparams;
++ PEM_write_DHxparams;
++ SSL_CTX_add_client_custom_ext;
++ SSL_CTX_add_server_custom_ext;
++ SSL_extension_supported;
++ BUF_strnlen;
++ sk_deep_copy;
++ SSL_test_functions;
++
++ local:
++ *;
++};
++
++OPENSSL_1.0.2g {
++ global:
++ SRP_VBASE_get1_by_user;
++ SRP_user_pwd_free;
++} OPENSSL_1.0.2d;
++
+Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/openssl.ld
+===================================================================
+--- /dev/null 1970-01-01 00:00:00.000000000 +0000
++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/openssl.ld 2014-02-24 21:02:30.000000000 +0100
+@@ -0,0 +1,10 @@
++OPENSSL_1.0.2 {
++ global:
++ bind_engine;
++ v_check;
++ OPENSSL_init;
++ OPENSSL_finish;
++ local:
++ *;
++};
++
+Index: openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/ccgost/openssl.ld
+===================================================================
+--- /dev/null 1970-01-01 00:00:00.000000000 +0000
++++ openssl-1.0.2~beta1.obsolete.0.0498436515490575/engines/ccgost/openssl.ld 2014-02-24 21:02:30.000000000 +0100
+@@ -0,0 +1,10 @@
++OPENSSL_1.0.2 {
++ global:
++ bind_engine;
++ v_check;
++ OPENSSL_init;
++ OPENSSL_finish;
++ local:
++ *;
++};
++
diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl/parallel.patch b/yocto-poky/meta/recipes-connectivity/openssl/openssl/parallel.patch
new file mode 100644
index 000000000..b6c2c148b
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/openssl/openssl/parallel.patch
@@ -0,0 +1,326 @@
+Fix the parallel races in the Makefiles.
+
+This patch was taken from the Gentoo packaging:
+https://gitweb.gentoo.org/repo/gentoo.git/plain/dev-libs/openssl/files/openssl-1.0.2g-parallel-build.patch
+
+Upstream-Status: Pending
+Signed-off-by: Ross Burton <ross.burton@intel.com>
+
+--- openssl-1.0.2g/crypto/Makefile
++++ openssl-1.0.2g/crypto/Makefile
+@@ -85,11 +85,11 @@
+ @if [ -z "$(THIS)" ]; then $(MAKE) -f $(TOP)/Makefile reflect THIS=$@; fi
+
+ subdirs:
+- @target=all; $(RECURSIVE_MAKE)
++ +@target=all; $(RECURSIVE_MAKE)
+
+ files:
+ $(PERL) $(TOP)/util/files.pl "CPUID_OBJ=$(CPUID_OBJ)" Makefile >> $(TOP)/MINFO
+- @target=files; $(RECURSIVE_MAKE)
++ +@target=files; $(RECURSIVE_MAKE)
+
+ links:
+ @$(PERL) $(TOP)/util/mklink.pl ../include/openssl $(EXHEADER)
+@@ -100,7 +100,7 @@
+ # lib: $(LIB): are splitted to avoid end-less loop
+ lib: $(LIB)
+ @touch lib
+-$(LIB): $(LIBOBJ)
++$(LIB): $(LIBOBJ) | subdirs
+ $(AR) $(LIB) $(LIBOBJ)
+ test -z "$(FIPSLIBDIR)" || $(AR) $(LIB) $(FIPSLIBDIR)fipscanister.o
+ $(RANLIB) $(LIB) || echo Never mind.
+@@ -111,7 +111,7 @@
+ fi
+
+ libs:
+- @target=lib; $(RECURSIVE_MAKE)
++ +@target=lib; $(RECURSIVE_MAKE)
+
+ install:
+ @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
+@@ -120,7 +120,7 @@
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
+- @target=install; $(RECURSIVE_MAKE)
++ +@target=install; $(RECURSIVE_MAKE)
+
+ lint:
+ @target=lint; $(RECURSIVE_MAKE)
+--- openssl-1.0.2g/engines/Makefile
++++ openssl-1.0.2g/engines/Makefile
+@@ -72,7 +72,7 @@
+
+ all: lib subdirs
+
+-lib: $(LIBOBJ)
++lib: $(LIBOBJ) | subdirs
+ @if [ -n "$(SHARED_LIBS)" ]; then \
+ set -e; \
+ for l in $(LIBNAMES); do \
+@@ -89,7 +89,7 @@
+
+ subdirs:
+ echo $(EDIRS)
+- @target=all; $(RECURSIVE_MAKE)
++ +@target=all; $(RECURSIVE_MAKE)
+
+ files:
+ $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+@@ -128,7 +128,7 @@
+ mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \
+ done; \
+ fi
+- @target=install; $(RECURSIVE_MAKE)
++ +@target=install; $(RECURSIVE_MAKE)
+
+ tags:
+ ctags $(SRC)
+--- openssl-1.0.2g/Makefile.org
++++ openssl-1.0.2g/Makefile.org
+@@ -279,17 +279,17 @@
+ build_libssl: build_ssl libssl.pc
+
+ build_crypto:
+- @dir=crypto; target=all; $(BUILD_ONE_CMD)
++ +@dir=crypto; target=all; $(BUILD_ONE_CMD)
+ build_ssl: build_crypto
+- @dir=ssl; target=all; $(BUILD_ONE_CMD)
++ +@dir=ssl; target=all; $(BUILD_ONE_CMD)
+ build_engines: build_crypto
+- @dir=engines; target=all; $(BUILD_ONE_CMD)
++ +@dir=engines; target=all; $(BUILD_ONE_CMD)
+ build_apps: build_libs
+- @dir=apps; target=all; $(BUILD_ONE_CMD)
++ +@dir=apps; target=all; $(BUILD_ONE_CMD)
+ build_tests: build_libs
+- @dir=test; target=all; $(BUILD_ONE_CMD)
++ +@dir=test; target=all; $(BUILD_ONE_CMD)
+ build_tools: build_libs
+- @dir=tools; target=all; $(BUILD_ONE_CMD)
++ +@dir=tools; target=all; $(BUILD_ONE_CMD)
+
+ all_testapps: build_libs build_testapps
+ build_testapps:
+@@ -544,7 +544,7 @@
+ (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
+ chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
+ done;
+- @set -e; target=install; $(RECURSIVE_BUILD_CMD)
++ +@set -e; target=install; $(RECURSIVE_BUILD_CMD)
+ @set -e; liblist="$(LIBS)"; for i in $$liblist ;\
+ do \
+ if [ -f "$$i" ]; then \
+--- openssl-1.0.2g/Makefile.shared
++++ openssl-1.0.2g/Makefile.shared
+@@ -105,6 +105,7 @@
+ SHAREDFLAGS="$${SHAREDFLAGS:-$(CFLAGS) $(SHARED_LDFLAGS)}"; \
+ LIBPATH=`for x in $$LIBDEPS; do echo $$x; done | sed -e 's/^ *-L//;t' -e d | uniq`; \
+ LIBPATH=`echo $$LIBPATH | sed -e 's/ /:/g'`; \
++ [ -e $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX ] && exit 0; \
+ LD_LIBRARY_PATH=$$LIBPATH:$$LD_LIBRARY_PATH \
+ $${SHAREDCMD} $${SHAREDFLAGS} \
+ -o $$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX \
+@@ -122,6 +123,7 @@
+ done; \
+ fi; \
+ if [ -n "$$SHLIB_SOVER" ]; then \
++ [ -e "$$SHLIB$$SHLIB_SUFFIX" ] || \
+ ( $(SET_X); rm -f $$SHLIB$$SHLIB_SUFFIX; \
+ ln -s $$prev $$SHLIB$$SHLIB_SUFFIX ); \
+ fi; \
+--- openssl-1.0.2g/test/Makefile
++++ openssl-1.0.2g/test/Makefile
+@@ -139,7 +139,7 @@
+ tags:
+ ctags $(SRC)
+
+-tests: exe apps $(TESTS)
++tests: exe $(TESTS)
+
+ apps:
+ @(cd ..; $(MAKE) DIRS=apps all)
+@@ -421,130 +421,130 @@
+ link_app.$${shlib_target}
+
+ $(RSATEST)$(EXE_EXT): $(RSATEST).o $(DLIBCRYPTO)
+- @target=$(RSATEST); $(BUILD_CMD)
++ +@target=$(RSATEST); $(BUILD_CMD)
+
+ $(BNTEST)$(EXE_EXT): $(BNTEST).o $(DLIBCRYPTO)
+- @target=$(BNTEST); $(BUILD_CMD)
++ +@target=$(BNTEST); $(BUILD_CMD)
+
+ $(ECTEST)$(EXE_EXT): $(ECTEST).o $(DLIBCRYPTO)
+- @target=$(ECTEST); $(BUILD_CMD)
++ +@target=$(ECTEST); $(BUILD_CMD)
+
+ $(EXPTEST)$(EXE_EXT): $(EXPTEST).o $(DLIBCRYPTO)
+- @target=$(EXPTEST); $(BUILD_CMD)
++ +@target=$(EXPTEST); $(BUILD_CMD)
+
+ $(IDEATEST)$(EXE_EXT): $(IDEATEST).o $(DLIBCRYPTO)
+- @target=$(IDEATEST); $(BUILD_CMD)
++ +@target=$(IDEATEST); $(BUILD_CMD)
+
+ $(MD2TEST)$(EXE_EXT): $(MD2TEST).o $(DLIBCRYPTO)
+- @target=$(MD2TEST); $(BUILD_CMD)
++ +@target=$(MD2TEST); $(BUILD_CMD)
+
+ $(SHATEST)$(EXE_EXT): $(SHATEST).o $(DLIBCRYPTO)
+- @target=$(SHATEST); $(BUILD_CMD)
++ +@target=$(SHATEST); $(BUILD_CMD)
+
+ $(SHA1TEST)$(EXE_EXT): $(SHA1TEST).o $(DLIBCRYPTO)
+- @target=$(SHA1TEST); $(BUILD_CMD)
++ +@target=$(SHA1TEST); $(BUILD_CMD)
+
+ $(SHA256TEST)$(EXE_EXT): $(SHA256TEST).o $(DLIBCRYPTO)
+- @target=$(SHA256TEST); $(BUILD_CMD)
++ +@target=$(SHA256TEST); $(BUILD_CMD)
+
+ $(SHA512TEST)$(EXE_EXT): $(SHA512TEST).o $(DLIBCRYPTO)
+- @target=$(SHA512TEST); $(BUILD_CMD)
++ +@target=$(SHA512TEST); $(BUILD_CMD)
+
+ $(RMDTEST)$(EXE_EXT): $(RMDTEST).o $(DLIBCRYPTO)
+- @target=$(RMDTEST); $(BUILD_CMD)
++ +@target=$(RMDTEST); $(BUILD_CMD)
+
+ $(MDC2TEST)$(EXE_EXT): $(MDC2TEST).o $(DLIBCRYPTO)
+- @target=$(MDC2TEST); $(BUILD_CMD)
++ +@target=$(MDC2TEST); $(BUILD_CMD)
+
+ $(MD4TEST)$(EXE_EXT): $(MD4TEST).o $(DLIBCRYPTO)
+- @target=$(MD4TEST); $(BUILD_CMD)
++ +@target=$(MD4TEST); $(BUILD_CMD)
+
+ $(MD5TEST)$(EXE_EXT): $(MD5TEST).o $(DLIBCRYPTO)
+- @target=$(MD5TEST); $(BUILD_CMD)
++ +@target=$(MD5TEST); $(BUILD_CMD)
+
+ $(HMACTEST)$(EXE_EXT): $(HMACTEST).o $(DLIBCRYPTO)
+- @target=$(HMACTEST); $(BUILD_CMD)
++ +@target=$(HMACTEST); $(BUILD_CMD)
+
+ $(WPTEST)$(EXE_EXT): $(WPTEST).o $(DLIBCRYPTO)
+- @target=$(WPTEST); $(BUILD_CMD)
++ +@target=$(WPTEST); $(BUILD_CMD)
+
+ $(RC2TEST)$(EXE_EXT): $(RC2TEST).o $(DLIBCRYPTO)
+- @target=$(RC2TEST); $(BUILD_CMD)
++ +@target=$(RC2TEST); $(BUILD_CMD)
+
+ $(BFTEST)$(EXE_EXT): $(BFTEST).o $(DLIBCRYPTO)
+- @target=$(BFTEST); $(BUILD_CMD)
++ +@target=$(BFTEST); $(BUILD_CMD)
+
+ $(CASTTEST)$(EXE_EXT): $(CASTTEST).o $(DLIBCRYPTO)
+- @target=$(CASTTEST); $(BUILD_CMD)
++ +@target=$(CASTTEST); $(BUILD_CMD)
+
+ $(RC4TEST)$(EXE_EXT): $(RC4TEST).o $(DLIBCRYPTO)
+- @target=$(RC4TEST); $(BUILD_CMD)
++ +@target=$(RC4TEST); $(BUILD_CMD)
+
+ $(RC5TEST)$(EXE_EXT): $(RC5TEST).o $(DLIBCRYPTO)
+- @target=$(RC5TEST); $(BUILD_CMD)
++ +@target=$(RC5TEST); $(BUILD_CMD)
+
+ $(DESTEST)$(EXE_EXT): $(DESTEST).o $(DLIBCRYPTO)
+- @target=$(DESTEST); $(BUILD_CMD)
++ +@target=$(DESTEST); $(BUILD_CMD)
+
+ $(RANDTEST)$(EXE_EXT): $(RANDTEST).o $(DLIBCRYPTO)
+- @target=$(RANDTEST); $(BUILD_CMD)
++ +@target=$(RANDTEST); $(BUILD_CMD)
+
+ $(DHTEST)$(EXE_EXT): $(DHTEST).o $(DLIBCRYPTO)
+- @target=$(DHTEST); $(BUILD_CMD)
++ +@target=$(DHTEST); $(BUILD_CMD)
+
+ $(DSATEST)$(EXE_EXT): $(DSATEST).o $(DLIBCRYPTO)
+- @target=$(DSATEST); $(BUILD_CMD)
++ +@target=$(DSATEST); $(BUILD_CMD)
+
+ $(METHTEST)$(EXE_EXT): $(METHTEST).o $(DLIBCRYPTO)
+- @target=$(METHTEST); $(BUILD_CMD)
++ +@target=$(METHTEST); $(BUILD_CMD)
+
+ $(SSLTEST)$(EXE_EXT): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
+- @target=$(SSLTEST); $(FIPS_BUILD_CMD)
++ +@target=$(SSLTEST); $(FIPS_BUILD_CMD)
+
+ $(ENGINETEST)$(EXE_EXT): $(ENGINETEST).o $(DLIBCRYPTO)
+- @target=$(ENGINETEST); $(BUILD_CMD)
++ +@target=$(ENGINETEST); $(BUILD_CMD)
+
+ $(EVPTEST)$(EXE_EXT): $(EVPTEST).o $(DLIBCRYPTO)
+- @target=$(EVPTEST); $(BUILD_CMD)
++ +@target=$(EVPTEST); $(BUILD_CMD)
+
+ $(EVPEXTRATEST)$(EXE_EXT): $(EVPEXTRATEST).o $(DLIBCRYPTO)
+- @target=$(EVPEXTRATEST); $(BUILD_CMD)
++ +@target=$(EVPEXTRATEST); $(BUILD_CMD)
+
+ $(ECDSATEST)$(EXE_EXT): $(ECDSATEST).o $(DLIBCRYPTO)
+- @target=$(ECDSATEST); $(BUILD_CMD)
++ +@target=$(ECDSATEST); $(BUILD_CMD)
+
+ $(ECDHTEST)$(EXE_EXT): $(ECDHTEST).o $(DLIBCRYPTO)
+- @target=$(ECDHTEST); $(BUILD_CMD)
++ +@target=$(ECDHTEST); $(BUILD_CMD)
+
+ $(IGETEST)$(EXE_EXT): $(IGETEST).o $(DLIBCRYPTO)
+- @target=$(IGETEST); $(BUILD_CMD)
++ +@target=$(IGETEST); $(BUILD_CMD)
+
+ $(JPAKETEST)$(EXE_EXT): $(JPAKETEST).o $(DLIBCRYPTO)
+- @target=$(JPAKETEST); $(BUILD_CMD)
++ +@target=$(JPAKETEST); $(BUILD_CMD)
+
+ $(ASN1TEST)$(EXE_EXT): $(ASN1TEST).o $(DLIBCRYPTO)
+- @target=$(ASN1TEST); $(BUILD_CMD)
++ +@target=$(ASN1TEST); $(BUILD_CMD)
+
+ $(SRPTEST)$(EXE_EXT): $(SRPTEST).o $(DLIBCRYPTO)
+- @target=$(SRPTEST); $(BUILD_CMD)
++ +@target=$(SRPTEST); $(BUILD_CMD)
+
+ $(V3NAMETEST)$(EXE_EXT): $(V3NAMETEST).o $(DLIBCRYPTO)
+- @target=$(V3NAMETEST); $(BUILD_CMD)
++ +@target=$(V3NAMETEST); $(BUILD_CMD)
+
+ $(HEARTBEATTEST)$(EXE_EXT): $(HEARTBEATTEST).o $(DLIBCRYPTO)
+- @target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
++ +@target=$(HEARTBEATTEST); $(BUILD_CMD_STATIC)
+
+ $(CONSTTIMETEST)$(EXE_EXT): $(CONSTTIMETEST).o
+- @target=$(CONSTTIMETEST) $(BUILD_CMD)
++ +@target=$(CONSTTIMETEST) $(BUILD_CMD)
+
+ $(VERIFYEXTRATEST)$(EXE_EXT): $(VERIFYEXTRATEST).o
+- @target=$(VERIFYEXTRATEST) $(BUILD_CMD)
++ +@target=$(VERIFYEXTRATEST) $(BUILD_CMD)
+
+ $(CLIENTHELLOTEST)$(EXE_EXT): $(CLIENTHELLOTEST).o
+- @target=$(CLIENTHELLOTEST) $(BUILD_CMD)
++ +@target=$(CLIENTHELLOTEST) $(BUILD_CMD)
+
+ $(SSLV2CONFTEST)$(EXE_EXT): $(SSLV2CONFTEST).o
+- @target=$(SSLV2CONFTEST) $(BUILD_CMD)
++ +@target=$(SSLV2CONFTEST) $(BUILD_CMD)
+
+ #$(AESTEST).o: $(AESTEST).c
+ # $(CC) -c $(CFLAGS) -DINTERMEDIATE_VALUE_KAT -DTRACE_KAT_MCT $(AESTEST).c
+@@ -557,7 +557,7 @@
+ # fi
+
+ dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)
+- @target=dummytest; $(BUILD_CMD)
++ +@target=dummytest; $(BUILD_CMD)
+
+ # DO NOT DELETE THIS LINE -- make depend depends on it.
+ \ No newline at end of file
diff --git a/yocto-poky/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb b/yocto-poky/meta/recipes-connectivity/openssl/openssl_1.0.2g.bb
index 8defa5b74..290f129fc 100644
--- a/yocto-poky/meta/recipes-connectivity/openssl/openssl_1.0.2d.bb
+++ b/yocto-poky/meta/recipes-connectivity/openssl/openssl_1.0.2g.bb
@@ -6,12 +6,14 @@ DEPENDS += "cryptodev-linux"
CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=27ffa5d74bb5a337056c14b2ef93fbf6"
export DIRS = "crypto ssl apps engines"
export OE_LDFLAGS="${LDFLAGS}"
-SRC_URI += "file://configure-targets.patch \
+SRC_URI += "file://find.pl;subdir=${BP}/util/ \
+ file://run-ptest \
+ file://configure-targets.patch \
file://shared-libs.patch \
file://oe-ldflags.patch \
file://engines-install-in-libdir-ssl.patch \
@@ -25,44 +27,25 @@ SRC_URI += "file://configure-targets.patch \
file://debian/no-rpath.patch \
file://debian/no-symbolic.patch \
file://debian/pic.patch \
- file://debian/version-script.patch \
+ file://debian1.0.2/version-script.patch \
file://openssl_fix_for_x32.patch \
file://fix-cipher-des-ede3-cfb1.patch \
file://openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch \
- file://find.pl \
file://openssl-fix-des.pod-error.patch \
file://Makefiles-ptest.patch \
file://ptest-deps.patch \
- file://run-ptest \
file://crypto_use_bigint_in_x86-64_perl.patch \
file://openssl-1.0.2a-x32-asm.patch \
file://ptest_makefile_deps.patch \
- file://CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch \
- file://CVE-2015-3194-1-Add-PSS-parameter-check.patch \
- file://0001-Add-test-for-CVE-2015-3194.patch \
- file://CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch \
- file://CVE-2015-3197.patch \
- file://CVE-2016-0701_1.patch \
- file://CVE-2016-0701_2.patch \
+ file://configure-musl-target.patch \
+ file://parallel.patch \
"
-SRC_URI[md5sum] = "38dd619b2e77cbac69b99f52a053d25a"
-SRC_URI[sha256sum] = "671c36487785628a703374c652ad2cebea45fa920ae5681515df25d9f2c9a8c8"
-
-PACKAGES =+ " \
- ${PN}-engines \
- ${PN}-engines-dbg \
- "
+SRC_URI[md5sum] = "f3c710c045cdee5fd114feb69feba7aa"
+SRC_URI[sha256sum] = "b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33"
+PACKAGES =+ "${PN}-engines"
FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines"
-FILES_${PN}-engines-dbg = "${libdir}/ssl/engines/.debug"
-
-PARALLEL_MAKE = ""
-PARALLEL_MAKEINST = ""
-
-do_configure_prepend() {
- cp ${WORKDIR}/find.pl ${S}/util/find.pl
-}
# The crypto_use_bigint patch means that perl's bignum module needs to be
# installed, but some distributions (for example Fedora 23) don't ship it by
diff --git a/yocto-poky/meta/recipes-connectivity/portmap/portmap_6.0.bb b/yocto-poky/meta/recipes-connectivity/portmap/portmap_6.0.bb
index e727fe3cb..999b4a937 100644
--- a/yocto-poky/meta/recipes-connectivity/portmap/portmap_6.0.bb
+++ b/yocto-poky/meta/recipes-connectivity/portmap/portmap_6.0.bb
@@ -1,5 +1,7 @@
require portmap.inc
+DEPENDS_append_libc-musl = " libtirpc "
+
PR = "r9"
SRC_URI = "http://www.sourcefiles.org/Networking/Tools/Miscellanenous/portmap-6.0.tgz \
@@ -19,6 +21,8 @@ PACKAGECONFIG[tcp-wrappers] = ",,tcp-wrappers"
CPPFLAGS += "-DFACILITY=LOG_DAEMON -DENABLE_DNS -DHOSTS_ACCESS"
CFLAGS += "-Wall -Wstrict-prototypes -fPIC"
EXTRA_OEMAKE += "'NO_TCP_WRAPPER=${@bb.utils.contains('PACKAGECONFIG', 'tcp-wrappers', '', '1', d)}'"
+CFLAGS_append_libc-musl = " -I${STAGING_INCDIR}/tirpc "
+LDFLAGS_append_libc-musl = " -ltirpc "
do_install() {
install -d ${D}${mandir}/man8/ ${D}${base_sbindir} ${D}${sysconfdir}/init.d
diff --git a/yocto-poky/meta/recipes-connectivity/ppp/ppp/0001-Fix-build-with-musl.patch b/yocto-poky/meta/recipes-connectivity/ppp/ppp/0001-Fix-build-with-musl.patch
new file mode 100644
index 000000000..763e37448
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/ppp/ppp/0001-Fix-build-with-musl.patch
@@ -0,0 +1,163 @@
+From 52a1e41d7541b2c936285844c59bd1be21797860 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Fri, 29 May 2015 14:57:05 -0700
+Subject: [PATCH] Fix build with musl
+
+There are several assumption about glibc
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+Upstream-Status: Pending
+
+ include/net/ppp_defs.h | 2 ++
+ pppd/Makefile.linux | 2 +-
+ pppd/magic.h | 6 +++---
+ pppd/plugins/rp-pppoe/config.h | 5 ++++-
+ pppd/plugins/rp-pppoe/plugin.c | 1 -
+ pppd/plugins/rp-pppoe/pppoe-discovery.c | 8 ++++----
+ pppd/plugins/rp-pppoe/pppoe.h | 2 +-
+ pppd/sys-linux.c | 3 ++-
+ 8 files changed, 17 insertions(+), 12 deletions(-)
+
+diff --git a/include/net/ppp_defs.h b/include/net/ppp_defs.h
+index b06eda5..dafa36c 100644
+--- a/include/net/ppp_defs.h
++++ b/include/net/ppp_defs.h
+@@ -38,6 +38,8 @@
+ #ifndef _PPP_DEFS_H_
+ #define _PPP_DEFS_H_
+
++#include <sys/time.h>
++
+ /*
+ * The basic PPP frame.
+ */
+diff --git a/pppd/Makefile.linux b/pppd/Makefile.linux
+index 8ab2102..d7e2564 100644
+--- a/pppd/Makefile.linux
++++ b/pppd/Makefile.linux
+@@ -126,7 +126,7 @@ LIBS += -lcrypt
+ #endif
+
+ ifdef USE_LIBUTIL
+-CFLAGS += -DHAVE_LOGWTMP=1
++#CFLAGS += -DHAVE_LOGWTMP=1
+ LIBS += -lutil
+ endif
+
+diff --git a/pppd/magic.h b/pppd/magic.h
+index c81213b..9d399e3 100644
+--- a/pppd/magic.h
++++ b/pppd/magic.h
+@@ -42,8 +42,8 @@
+ * $Id: magic.h,v 1.5 2003/06/11 23:56:26 paulus Exp $
+ */
+
+-void magic_init __P((void)); /* Initialize the magic number generator */
+-u_int32_t magic __P((void)); /* Returns the next magic number */
++void magic_init (void); /* Initialize the magic number generator */
++u_int32_t magic (void); /* Returns the next magic number */
+
+ /* Fill buffer with random bytes */
+-void random_bytes __P((unsigned char *buf, int len));
++void random_bytes (unsigned char *buf, int len);
+diff --git a/pppd/plugins/rp-pppoe/config.h b/pppd/plugins/rp-pppoe/config.h
+index 5703087..fff032e 100644
+--- a/pppd/plugins/rp-pppoe/config.h
++++ b/pppd/plugins/rp-pppoe/config.h
+@@ -78,8 +78,9 @@
+ #define HAVE_NET_IF_ARP_H 1
+
+ /* Define if you have the <net/ethernet.h> header file. */
++#ifdef __GLIBC__
+ #define HAVE_NET_ETHERNET_H 1
+-
++#endif
+ /* Define if you have the <net/if.h> header file. */
+ #define HAVE_NET_IF_H 1
+
+@@ -102,7 +103,9 @@
+ #define HAVE_NETPACKET_PACKET_H 1
+
+ /* Define if you have the <sys/cdefs.h> header file. */
++#ifdef __GLIBC__
+ #define HAVE_SYS_CDEFS_H 1
++#endif
+
+ /* Define if you have the <sys/dlpi.h> header file. */
+ /* #undef HAVE_SYS_DLPI_H */
+diff --git a/pppd/plugins/rp-pppoe/plugin.c b/pppd/plugins/rp-pppoe/plugin.c
+index a8c2bb4..ca34d79 100644
+--- a/pppd/plugins/rp-pppoe/plugin.c
++++ b/pppd/plugins/rp-pppoe/plugin.c
+@@ -46,7 +46,6 @@ static char const RCSID[] =
+ #include <unistd.h>
+ #include <fcntl.h>
+ #include <signal.h>
+-#include <net/ethernet.h>
+ #include <net/if_arp.h>
+ #include <linux/ppp_defs.h>
+ #include <linux/if_pppox.h>
+diff --git a/pppd/plugins/rp-pppoe/pppoe-discovery.c b/pppd/plugins/rp-pppoe/pppoe-discovery.c
+index 3d3bf4e..d42f619 100644
+--- a/pppd/plugins/rp-pppoe/pppoe-discovery.c
++++ b/pppd/plugins/rp-pppoe/pppoe-discovery.c
+@@ -27,10 +27,6 @@
+ #include <linux/if_packet.h>
+ #endif
+
+-#ifdef HAVE_NET_ETHERNET_H
+-#include <net/ethernet.h>
+-#endif
+-
+ #ifdef HAVE_ASM_TYPES_H
+ #include <asm/types.h>
+ #endif
+@@ -47,6 +43,10 @@
+ #include <net/if_arp.h>
+ #endif
+
++#ifndef __GLIBC__
++#define error(x...) fprintf(stderr, x)
++#endif
++
+ char *xstrdup(const char *s);
+ void usage(void);
+
+diff --git a/pppd/plugins/rp-pppoe/pppoe.h b/pppd/plugins/rp-pppoe/pppoe.h
+index 9ab2eee..75b9004 100644
+--- a/pppd/plugins/rp-pppoe/pppoe.h
++++ b/pppd/plugins/rp-pppoe/pppoe.h
+@@ -92,7 +92,7 @@ typedef unsigned long UINT32_t;
+ #ifdef HAVE_SYS_SOCKET_H
+ #include <sys/socket.h>
+ #endif
+-#ifndef HAVE_SYS_DLPI_H
++#if !defined HAVE_SYS_DLPI_H && defined HAVE_NET_ETHERNET_H
+ #include <netinet/if_ether.h>
+ #endif
+ #endif
+diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c
+index a105505..49b0273 100644
+--- a/pppd/sys-linux.c
++++ b/pppd/sys-linux.c
+@@ -112,7 +112,7 @@
+ #include <linux/types.h>
+ #include <linux/if.h>
+ #include <linux/if_arp.h>
+-#include <linux/route.h>
++/* #include <linux/route.h> */
+ #include <linux/if_ether.h>
+ #endif
+ #include <netinet/in.h>
+@@ -145,6 +145,7 @@
+ #endif
+
+ #ifdef INET6
++#include <net/route.h>
+ #ifndef _LINUX_IN6_H
+ /*
+ * This is in linux/include/net/ipv6.h.
+--
+2.1.4
+
diff --git a/yocto-poky/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch b/yocto-poky/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch
index c9edb3059..c5a0be86f 100644
--- a/yocto-poky/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch
+++ b/yocto-poky/meta/recipes-connectivity/ppp/ppp/fix-CVE-2015-3310.patch
@@ -3,6 +3,7 @@ ppp: Buffer overflow in radius plugin
From: https://bugs.debian.org/cgi-bin/bugreport.cgi?msg=5;bug=782450
Upstream-Status: Backport
+CVE: CVE-2015-3310
On systems with more than 65535 processes running, pppd aborts when
sending a "start" accounting message to the RADIUS server because of a
diff --git a/yocto-poky/meta/recipes-connectivity/ppp/ppp_2.4.7.bb b/yocto-poky/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
index adc38e10b..4437b5c51 100644
--- a/yocto-poky/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
+++ b/yocto-poky/meta/recipes-connectivity/ppp/ppp_2.4.7.bb
@@ -32,6 +32,9 @@ SRC_URI = "http://ppp.samba.org/ftp/ppp/ppp-${PV}.tar.gz \
file://fix-CVE-2015-3310.patch \
"
+SRC_URI_append_libc-musl = "\
+ file://0001-Fix-build-with-musl.patch \
+"
SRC_URI[md5sum] = "78818f40e6d33a1d1de68a1551f6595a"
SRC_URI[sha256sum] = "02e0a3dd3e4799e33103f70ec7df75348c8540966ee7c948e4ed8a42bbccfb30"
@@ -78,7 +81,6 @@ do_install_append () {
CONFFILES_${PN} = "${sysconfdir}/ppp/pap-secrets ${sysconfdir}/ppp/chap-secrets ${sysconfdir}/ppp/options"
PACKAGES =+ "${PN}-oa ${PN}-oe ${PN}-radius ${PN}-winbind ${PN}-minconn ${PN}-password ${PN}-l2tp ${PN}-tools"
FILES_${PN} = "${sysconfdir} ${bindir} ${sbindir}/chat ${sbindir}/pppd ${systemd_unitdir}/system/ppp@.service"
-FILES_${PN}-dbg += "${libdir}/pppd/${PV}/.debug"
FILES_${PN}-oa = "${libdir}/pppd/${PV}/pppoatm.so"
FILES_${PN}-oe = "${sbindir}/pppoe-discovery ${libdir}/pppd/${PV}/rp-pppoe.so"
FILES_${PN}-radius = "${libdir}/pppd/${PV}/radius.so ${libdir}/pppd/${PV}/radattr.so ${libdir}/pppd/${PV}/radrealms.so"
diff --git a/yocto-poky/meta/recipes-connectivity/resolvconf/resolvconf_1.77.bb b/yocto-poky/meta/recipes-connectivity/resolvconf/resolvconf_1.78.bb
index 916b9f2ae..f4c58514a 100644
--- a/yocto-poky/meta/recipes-connectivity/resolvconf/resolvconf_1.77.bb
+++ b/yocto-poky/meta/recipes-connectivity/resolvconf/resolvconf_1.78.bb
@@ -11,13 +11,17 @@ AUTHOR = "Thomas Hood"
HOMEPAGE = "http://packages.debian.org/resolvconf"
RDEPENDS_${PN} = "bash"
-SRC_URI = "http://snapshot.debian.org/archive/debian/20150511T214718Z/pool/main/r/${BPN}/${BPN}_${PV}.tar.xz \
+SRC_URI = "http://snapshot.debian.org/archive/debian/20150828T220730Z/pool/main/r/${BPN}/${BPN}_1.78.tar.xz \
file://fix-path-for-busybox.patch \
file://99_resolvconf \
"
-SRC_URI[md5sum] = "7362d766e47bfc253500f42b30330d9f"
-SRC_URI[sha256sum] = "5a6e21e8ba6822a5f93075c8c8fe7977e34780ba551af51930d0b31fdd99ab56"
+SRC_URI[md5sum] = "373a9f9544c84aa477a7425ae773b8b5"
+SRC_URI[sha256sum] = "961b22e8fcf0c7de7e90a050323e6fa221bc8b25a5348c160be3506f7e73a7a3"
+
+# the package is taken from snapshots.debian.org; that source is static and goes stale
+# so we check the latest upstream from a directory that does get updated
+UPSTREAM_CHECK_URI = "${DEBIAN_MIRROR}/main/r/resolvconf/"
inherit allarch
diff --git a/yocto-poky/meta/recipes-connectivity/socat/socat/0001-Access-c_ispeed-and-c_ospeed-via-APIs.patch b/yocto-poky/meta/recipes-connectivity/socat/socat/0001-Access-c_ispeed-and-c_ospeed-via-APIs.patch
new file mode 100644
index 000000000..c0e27f3d7
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/socat/socat/0001-Access-c_ispeed-and-c_ospeed-via-APIs.patch
@@ -0,0 +1,52 @@
+From fb10ab134d630705cae0c7be42437cc289af7d32 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Tue, 15 Mar 2016 21:36:02 +0000
+Subject: [PATCH] Use __c_ispeed and __c_ospeed on musl
+
+Original intention of these asserts is to find if termios structure
+is mapped correctly to locally define union, the get* APIs for
+baudrate would not do the right thing since they do not return the
+value from c_ospeed/c_ispeed but the value which is stored in iflag
+for baudrate.
+
+So we check if we are on Linux but not using glibc then we use
+__c_ispeed and __c_ospeed as defined in musl, however these are
+internal elements of structs it should not have been used this
+way.
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+---
+Upstream-Status: Pending
+
+ xioinitialize.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/xioinitialize.c b/xioinitialize.c
+index 9f50155..8fb2e4c 100644
+--- a/xioinitialize.c
++++ b/xioinitialize.c
+@@ -65,6 +65,12 @@ int xioinitialize(void) {
+ #if HAVE_TERMIOS_ISPEED && (ISPEED_OFFSET != -1) && (OSPEED_OFFSET != -1)
+ #if defined(ISPEED_OFFSET) && (ISPEED_OFFSET != -1)
+ #if defined(OSPEED_OFFSET) && (OSPEED_OFFSET != -1)
++#if defined(__linux__) && !defined(__GLIBC__)
++ tdata.termarg.__c_ispeed = 0x56789abc;
++ tdata.termarg.__c_ospeed = 0x6789abcd;
++ assert(tdata.termarg.__c_ispeed == tdata.speeds[ISPEED_OFFSET]);
++ assert(tdata.termarg.__c_ospeed == tdata.speeds[OSPEED_OFFSET]);
++#else
+ tdata.termarg.c_ispeed = 0x56789abc;
+ tdata.termarg.c_ospeed = 0x6789abcd;
+ assert(tdata.termarg.c_ispeed == tdata.speeds[ISPEED_OFFSET]);
+@@ -72,6 +78,7 @@ int xioinitialize(void) {
+ #endif
+ #endif
+ #endif
++#endif
+ }
+ #endif
+
+--
+2.8.0
+
diff --git a/yocto-poky/meta/recipes-connectivity/socat/socat/0001-define-NETDB_INTERNAL-to-1-if-not-available.patch b/yocto-poky/meta/recipes-connectivity/socat/socat/0001-define-NETDB_INTERNAL-to-1-if-not-available.patch
new file mode 100644
index 000000000..4bbd36766
--- /dev/null
+++ b/yocto-poky/meta/recipes-connectivity/socat/socat/0001-define-NETDB_INTERNAL-to-1-if-not-available.patch
@@ -0,0 +1,32 @@
+From e6a7d96fa3675bdd3f4d7a3d7682381789eef22f Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Mon, 15 Feb 2016 20:25:34 +0000
+Subject: [PATCH] define NETDB_INTERNAL to -1 if not available
+
+helps build with musl
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+Upstream-Status: Pending
+
+ compat.h | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/compat.h b/compat.h
+index c8bee4d..bfb013a 100644
+--- a/compat.h
++++ b/compat.h
+@@ -666,6 +666,10 @@ typedef int sig_atomic_t;
+ # define NETDB_INTERNAL h_NETDB_INTERNAL
+ #endif
+
++#if !defined(NETDB_INTERNAL)
++# define NETDB_INTERNAL (-1)
++#endif
++
+ #ifndef INET_ADDRSTRLEN
+ # define INET_ADDRSTRLEN sizeof(struct sockaddr_in)
+ #endif
+--
+2.7.1
+
diff --git a/yocto-poky/meta/recipes-connectivity/socat/socat/CVE-2016-2217.patch b/yocto-poky/meta/recipes-connectivity/socat/socat/CVE-2016-2217.patch
deleted file mode 100644
index 0cd417944..000000000
--- a/yocto-poky/meta/recipes-connectivity/socat/socat/CVE-2016-2217.patch
+++ /dev/null
@@ -1,372 +0,0 @@
-Upstream-Status: Backport
-
-http://www.dest-unreach.org/socat/download/socat-1.7.3.1.patch
-
-CVE: CVE-2016-2217
-[Yocto # 9024]
-Singed-off-by: Armin Kuster <akuster@mvista.com>
-
-Index: socat-1.7.3.0/CHANGES
-===================================================================
---- socat-1.7.3.0.orig/CHANGES
-+++ socat-1.7.3.0/CHANGES
-@@ -1,8 +1,39 @@
-
-+####################### V 1.7.3.1:
-+
-+security:
-+ Socat security advisory 8
-+ A stack overflow in vulnerability was found that can be triggered when
-+ command line arguments (complete address specifications, host names,
-+ file names) are longer than 512 bytes.
-+ Successful exploitation might allow an attacker to execute arbitrary
-+ code with the privileges of the socat process.
-+ This vulnerability can only be exploited when an attacker is able to
-+ inject data into socat's command line.
-+ A vulnerable scenario would be a CGI script that reads data from clients
-+ and uses (parts of) this data as hostname for a Socat invocation.
-+ Test: NESTEDOVFL
-+ Credits to Takumi Akiyama for finding and reporting this issue.
-+
-+ Socat security advisory 7
-+ MSVR-1499
-+ In the OpenSSL address implementation the hard coded 1024 bit DH p
-+ parameter was not prime. The effective cryptographic strength of a key
-+ exchange using these parameters was weaker than the one one could get by
-+ using a prime p. Moreover, since there is no indication of how these
-+ parameters were chosen, the existence of a trapdoor that makes possible
-+ for an eavesdropper to recover the shared secret from a key exchange
-+ that uses them cannot be ruled out.
-+ Futhermore, 1024bit is not considered sufficiently secure.
-+ Fix: generated a new 2048bit prime.
-+ Thanks to Santiago Zanella-Beguelin and Microsoft Vulnerability
-+ Research (MSVR) for finding and reporting this issue.
-+
- ####################### V 1.7.3.0:
-
- security:
-- (CVE Id pending)
-+ Socat security advisory 6
-+ CVE-2015-1379: Possible DoS with fork
- Fixed problems with signal handling caused by use of not async signal
- safe functions in signal handlers that could freeze socat, allowing
- denial of service attacks.
-@@ -240,6 +271,7 @@ docu:
- ####################### V 1.7.2.3:
-
- security:
-+ Socat security advisory 5
- CVE-2014-0019: socats PROXY-CONNECT address was vulnerable to a buffer
- overflow with data from command line (see socat-secadv5.txt)
- Credits to Florian Weimer of the Red Hat Product Security Team
-@@ -247,6 +279,7 @@ security:
- ####################### V 1.7.2.2:
-
- security:
-+ Socat security advisory 4
- CVE-2013-3571:
- after refusing a client connection due to bad source address or source
- port socat shutdown() the socket but did not close() it, resulting in
-@@ -258,6 +291,7 @@ security:
- ####################### V 1.7.2.1:
-
- security:
-+ Socat security advisory 3
- CVE-2012-0219:
- fixed a possible heap buffer overflow in the readline address. This bug
- could be exploited when all of the following conditions were met:
-@@ -391,6 +425,7 @@ docu:
- ####################### V 1.7.1.3:
-
- security:
-+ Socat security advisory 2
- CVE-2010-2799:
- fixed a stack overflow vulnerability that occurred when command
- line arguments (whole addresses, host names, file names) were longer
-@@ -892,6 +927,7 @@ further corrections:
- ####################### V 1.4.0.3:
-
- security:
-+ Socat security advisory 1
- CVE-2004-1484:
- fix to a syslog() based format string vulnerability that can lead to
- remote code execution. See advisory socat-adv-1.txt
-Index: socat-1.7.3.0/VERSION
-===================================================================
---- socat-1.7.3.0.orig/VERSION
-+++ socat-1.7.3.0/VERSION
-@@ -1 +1 @@
--"1.7.3.0"
-+"1.7.3.1"
-Index: socat-1.7.3.0/nestlex.c
-===================================================================
---- socat-1.7.3.0.orig/nestlex.c
-+++ socat-1.7.3.0/nestlex.c
-@@ -1,5 +1,5 @@
- /* source: nestlex.c */
--/* Copyright Gerhard Rieger 2006-2010 */
-+/* Copyright Gerhard Rieger */
- /* Published under the GNU General Public License V.2, see file COPYING */
-
- /* a function for lexical scanning of nested character patterns */
-@@ -9,6 +9,17 @@
-
- #include "sysincludes.h"
-
-+static int _nestlex(const char **addr,
-+ char **token,
-+ ptrdiff_t *len,
-+ const char *ends[],
-+ const char *hquotes[],
-+ const char *squotes[],
-+ const char *nests[],
-+ bool dropquotes,
-+ bool c_esc,
-+ bool html_esc
-+ );
-
- /* sub: scan a string and copy its value to output string
- end scanning when an unescaped, unnested string from ends array is found
-@@ -33,6 +44,22 @@ int nestlex(const char **addr, /* input
- bool c_esc, /* solve C char escapes: \n \t \0 etc */
- bool html_esc /* solve HTML char escapes: %0d %08 etc */
- ) {
-+ return
-+ _nestlex(addr, token, (ptrdiff_t *)len, ends, hquotes, squotes, nests,
-+ dropquotes, c_esc, html_esc);
-+}
-+
-+static int _nestlex(const char **addr,
-+ char **token,
-+ ptrdiff_t *len,
-+ const char *ends[],
-+ const char *hquotes[],
-+ const char *squotes[],
-+ const char *nests[],
-+ bool dropquotes,
-+ bool c_esc,
-+ bool html_esc
-+ ) {
- const char *in = *addr; /* pointer into input string */
- const char **endx; /* loops over end patterns */
- const char **quotx; /* loops over quote patterns */
-@@ -77,16 +104,18 @@ int nestlex(const char **addr, /* input
- if (--*len <= 0) { *addr = in; *token = out; return -1; }
- }
- }
-- /* we call nestlex recursively */
-+ /* we call _nestlex recursively */
- endnest[0] = *quotx;
- endnest[1] = NULL;
- result =
-- nestlex(&in, &out, len, endnest, NULL/*hquotes*/,
-+ _nestlex(&in, &out, len, endnest, NULL/*hquotes*/,
- NULL/*squotes*/, NULL/*nests*/,
- false, c_esc, html_esc);
- if (result == 0 && dropquotes) {
- /* we strip this quote */
- in += strlen(*quotx);
-+ } else if (result < 0) {
-+ *addr = in; *token = out; return result;
- } else {
- /* we copy the trailing quote */
- for (i = strlen(*quotx); i > 0; --i) {
-@@ -110,7 +139,7 @@ int nestlex(const char **addr, /* input
- if (!strncmp(in, *quotx, strlen(*quotx))) {
- /* this quote pattern matches */
- /* we strip this quote */
-- /* we call nestlex recursively */
-+ /* we call _nestlex recursively */
- const char *endnest[2];
- if (dropquotes) {
- /* we strip this quote */
-@@ -124,13 +153,15 @@ int nestlex(const char **addr, /* input
- endnest[0] = *quotx;
- endnest[1] = NULL;
- result =
-- nestlex(&in, &out, len, endnest, hquotes,
-+ _nestlex(&in, &out, len, endnest, hquotes,
- squotes, nests,
- false, c_esc, html_esc);
-
- if (result == 0 && dropquotes) {
- /* we strip the trailing quote */
- in += strlen(*quotx);
-+ } else if (result < 0) {
-+ *addr = in; *token = out; return result;
- } else {
- /* we copy the trailing quote */
- for (i = strlen(*quotx); i > 0; --i) {
-@@ -162,7 +193,7 @@ int nestlex(const char **addr, /* input
- }
-
- result =
-- nestlex(&in, &out, len, endnest, hquotes, squotes, nests,
-+ _nestlex(&in, &out, len, endnest, hquotes, squotes, nests,
- false, c_esc, html_esc);
- if (result == 0) {
- /* copy endnest */
-@@ -175,6 +206,8 @@ int nestlex(const char **addr, /* input
- }
- --i;
- }
-+ } else if (result < 0) {
-+ *addr = in; *token = out; return result;
- }
- break;
- }
-@@ -211,7 +244,7 @@ int nestlex(const char **addr, /* input
- }
- *out++ = c;
- --*len;
-- if (*len == 0) {
-+ if (*len <= 0) {
- *addr = in;
- *token = out;
- return -1; /* output overflow */
-@@ -222,7 +255,7 @@ int nestlex(const char **addr, /* input
- /* just a simple char */
- *out++ = c;
- --*len;
-- if (*len == 0) {
-+ if (*len <= 0) {
- *addr = in;
- *token = out;
- return -1; /* output overflow */
-Index: socat-1.7.3.0/nestlex.h
-===================================================================
---- socat-1.7.3.0.orig/nestlex.h
-+++ socat-1.7.3.0/nestlex.h
-@@ -1,5 +1,5 @@
- /* source: nestlex.h */
--/* Copyright Gerhard Rieger 2006 */
-+/* Copyright Gerhard Rieger */
- /* Published under the GNU General Public License V.2, see file COPYING */
-
- #ifndef __nestlex_h_included
-Index: socat-1.7.3.0/socat.spec
-===================================================================
---- socat-1.7.3.0.orig/socat.spec
-+++ socat-1.7.3.0/socat.spec
-@@ -1,6 +1,6 @@
-
- %define majorver 1.7
--%define minorver 3.0
-+%define minorver 3.1
-
- Summary: socat - multipurpose relay
- Name: socat
-Index: socat-1.7.3.0/test.sh
-===================================================================
---- socat-1.7.3.0.orig/test.sh
-+++ socat-1.7.3.0/test.sh
-@@ -2266,8 +2266,8 @@ gentestcert () {
- gentestdsacert () {
- local name="$1"
- if [ -s $name.key -a -s $name.crt -a -s $name.pem ]; then return; fi
-- openssl dsaparam -out $name-dsa.pem 512 >/dev/null 2>&1
-- openssl dhparam -dsaparam -out $name-dh.pem 512 >/dev/null 2>&1
-+ openssl dsaparam -out $name-dsa.pem 1024 >/dev/null 2>&1
-+ openssl dhparam -dsaparam -out $name-dh.pem 1024 >/dev/null 2>&1
- openssl req -newkey dsa:$name-dsa.pem -keyout $name.key -nodes -x509 -config $TESTCERT_CONF -out $name.crt -days 3653 >/dev/null 2>&1
- cat $name-dsa.pem $name-dh.pem $name.key $name.crt >$name.pem
- }
-@@ -10973,6 +10973,42 @@ CMD0="$TRACE $SOCAT $opts OPENSSL:localh
- printf "test $F_n $TEST... " $N
- $CMD0 </dev/null 1>&0 2>"${te}0"
- rc0=$?
-+if [ $rc0 -lt 128 ] || [ $rc0 -eq 255 ]; then
-+ $PRINTF "$OK\n"
-+ numOK=$((numOK+1))
-+else
-+ $PRINTF "$FAILED\n"
-+ echo "$CMD0"
-+ cat "${te}0"
-+ numFAIL=$((numFAIL+1))
-+ listFAIL="$listFAIL $N"
-+fi
-+fi # NUMCOND
-+ ;;
-+esac
-+PORT=$((PORT+1))
-+N=$((N+1))
-+
-+# socat up to 1.7.3.0 had a stack overflow vulnerability that occurred when
-+# command line arguments (whole addresses, host names, file names) were longer
-+# than 512 bytes and specially crafted.
-+NAME=NESTEDOVFL
-+case "$TESTS" in
-+*%$N%*|*%functions%*|*%bugs%*|*%security%*|*%exec%*|*%$NAME%*)
-+TEST="$NAME: stack overflow on overly long nested arg"
-+# provide a long host name to TCP-CONNECT and check socats exit code
-+if ! eval $NUMCOND; then :; else
-+tf="$td/test$N.stdout"
-+te="$td/test$N.stderr"
-+tdiff="$td/test$N.diff"
-+da="test$N $(date) $RANDOM"
-+# prepare long data - perl might not be installed
-+rm -f "$td/test$N.dat"
-+i=0; while [ $i -lt 64 ]; do echo -n "AAAAAAAAAAAAAAAA" >>"$td/test$N.dat"; i=$((i+1)); done
-+CMD0="$TRACE $SOCAT $opts EXEC:[$(cat "$td/test$N.dat")] STDIO"
-+printf "test $F_n $TEST... " $N
-+$CMD0 </dev/null 1>&0 2>"${te}0"
-+rc0=$?
- if [ $rc0 -lt 128 ] || [ $rc0 -eq 255 ]; then
- $PRINTF "$OK\n"
- numOK=$((numOK+1))
-Index: socat-1.7.3.0/xio-openssl.c
-===================================================================
---- socat-1.7.3.0.orig/xio-openssl.c
-+++ socat-1.7.3.0/xio-openssl.c
-@@ -912,20 +912,27 @@ int
- }
-
- {
-- static unsigned char dh1024_p[] = {
-- 0xCC,0x17,0xF2,0xDC,0x96,0xDF,0x59,0xA4,0x46,0xC5,0x3E,0x0E,
-- 0xB8,0x26,0x55,0x0C,0xE3,0x88,0xC1,0xCE,0xA7,0xBC,0xB3,0xBF,
-- 0x16,0x94,0xD8,0xA9,0x45,0xA2,0xCE,0xA9,0x5B,0x22,0x25,0x5F,
-- 0x92,0x59,0x94,0x1C,0x22,0xBF,0xCB,0xC8,0xC8,0x57,0xCB,0xBF,
-- 0xBC,0x0E,0xE8,0x40,0xF9,0x87,0x03,0xBF,0x60,0x9B,0x08,0xC6,
-- 0x8E,0x99,0xC6,0x05,0xFC,0x00,0xD6,0x6D,0x90,0xA8,0xF5,0xF8,
-- 0xD3,0x8D,0x43,0xC8,0x8F,0x7A,0xBD,0xBB,0x28,0xAC,0x04,0x69,
-- 0x4A,0x0B,0x86,0x73,0x37,0xF0,0x6D,0x4F,0x04,0xF6,0xF5,0xAF,
-- 0xBF,0xAB,0x8E,0xCE,0x75,0x53,0x4D,0x7F,0x7D,0x17,0x78,0x0E,
-- 0x12,0x46,0x4A,0xAF,0x95,0x99,0xEF,0xBC,0xA6,0xC5,0x41,0x77,
-- 0x43,0x7A,0xB9,0xEC,0x8E,0x07,0x3C,0x6D,
-+ static unsigned char dh2048_p[] = {
-+ 0x00,0xdc,0x21,0x64,0x56,0xbd,0x9c,0xb2,0xac,0xbe,0xc9,0x98,0xef,0x95,0x3e,
-+ 0x26,0xfa,0xb5,0x57,0xbc,0xd9,0xe6,0x75,0xc0,0x43,0xa2,0x1c,0x7a,0x85,0xdf,
-+ 0x34,0xab,0x57,0xa8,0xf6,0xbc,0xf6,0x84,0x7d,0x05,0x69,0x04,0x83,0x4c,0xd5,
-+ 0x56,0xd3,0x85,0x09,0x0a,0x08,0xff,0xb5,0x37,0xa1,0xa3,0x8a,0x37,0x04,0x46,
-+ 0xd2,0x93,0x31,0x96,0xf4,0xe4,0x0d,0x9f,0xbd,0x3e,0x7f,0x9e,0x4d,0xaf,0x08,
-+ 0xe2,0xe8,0x03,0x94,0x73,0xc4,0xdc,0x06,0x87,0xbb,0x6d,0xae,0x66,0x2d,0x18,
-+ 0x1f,0xd8,0x47,0x06,0x5c,0xcf,0x8a,0xb5,0x00,0x51,0x57,0x9b,0xea,0x1e,0xd8,
-+ 0xdb,0x8e,0x3c,0x1f,0xd3,0x2f,0xba,0x1f,0x5f,0x3d,0x15,0xc1,0x3b,0x2c,0x82,
-+ 0x42,0xc8,0x8c,0x87,0x79,0x5b,0x38,0x86,0x3a,0xeb,0xfd,0x81,0xa9,0xba,0xf7,
-+ 0x26,0x5b,0x93,0xc5,0x3e,0x03,0x30,0x4b,0x00,0x5c,0xb6,0x23,0x3e,0xea,0x94,
-+ 0xc3,0xb4,0x71,0xc7,0x6e,0x64,0x3b,0xf8,0x92,0x65,0xad,0x60,0x6c,0xd4,0x7b,
-+ 0xa9,0x67,0x26,0x04,0xa8,0x0a,0xb2,0x06,0xeb,0xe0,0x7d,0x90,0xdd,0xdd,0xf5,
-+ 0xcf,0xb4,0x11,0x7c,0xab,0xc1,0xa3,0x84,0xbe,0x27,0x77,0xc7,0xde,0x20,0x57,
-+ 0x66,0x47,0xa7,0x35,0xfe,0x0d,0x6a,0x1c,0x52,0xb8,0x58,0xbf,0x26,0x33,0x81,
-+ 0x5e,0xb7,0xa9,0xc0,0xee,0x58,0x11,0x74,0x86,0x19,0x08,0x89,0x1c,0x37,0x0d,
-+ 0x52,0x47,0x70,0x75,0x8b,0xa8,0x8b,0x30,0x11,0x71,0x36,0x62,0xf0,0x73,0x41,
-+ 0xee,0x34,0x9d,0x0a,0x2b,0x67,0x4e,0x6a,0xa3,0xe2,0x99,0x92,0x1b,0xf5,0x32,
-+ 0x73,0x63
- };
-- static unsigned char dh1024_g[] = {
-+ static unsigned char dh2048_g[] = {
- 0x02,
- };
- DH *dh;
-@@ -938,8 +945,8 @@ int
- }
- Error("DH_new() failed");
- } else {
-- dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
-- dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
-+ dh->p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
-+ dh->g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
- if ((dh->p == NULL) || (dh->g == NULL)) {
- while (err = ERR_get_error()) {
- Warn1("BN_bin2bn(): %s",
diff --git a/yocto-poky/meta/recipes-connectivity/socat/socat_1.7.3.0.bb b/yocto-poky/meta/recipes-connectivity/socat/socat_1.7.3.1.bb
index 6d76d0fd0..6da9a17b3 100644
--- a/yocto-poky/meta/recipes-connectivity/socat/socat_1.7.3.0.bb
+++ b/yocto-poky/meta/recipes-connectivity/socat/socat_1.7.3.1.bb
@@ -14,11 +14,12 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
SRC_URI = "http://www.dest-unreach.org/socat/download/socat-${PV}.tar.bz2 \
file://Makefile.in-fix-for-parallel-build.patch \
- file://CVE-2016-2217.patch \
+ file://0001-define-NETDB_INTERNAL-to-1-if-not-available.patch \
+ file://0001-Access-c_ispeed-and-c_ospeed-via-APIs.patch \
"
-SRC_URI[md5sum] = "b607edb65bc6c57f4a43f06247504274"
-SRC_URI[sha256sum] = "0767e850c0329b9fdf711c6cd468565cbbb28786ba1a8a1cbd5531d4016b3e04"
+SRC_URI[md5sum] = "334e46924f2b386299c9db2ac22bcd36"
+SRC_URI[sha256sum] = "d2da659540c38139f388e9437bfaae16bb458d174d056cb3228432a8f489fbaa"
inherit autotools
diff --git a/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools/wireless-tools.if-pre-up b/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools/wireless-tools.if-pre-up
deleted file mode 100755
index 2518a5c83..000000000
--- a/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools/wireless-tools.if-pre-up
+++ /dev/null
@@ -1,122 +0,0 @@
-#!/bin/sh
-
-case "$METHOD" in loopback) exit 0 ;; esac
-
-IWCONFIG=/sbin/iwconfig
-IWPRIV=/sbin/iwpriv
-
-if [ ! -x $IWCONFIG ]; then
- exit 0
-fi
-
-# Detect and do nothing for linux-wlan-ng interfaces;
-# which are configured by thier own if-pre-up script.
-if [ -n "$IF_WIRELESS_TYPE" -a "$IF_WIRELESS_TYPE" = "wlan-ng" ]; then
- exit 0
-fi
-
-if [ -n "$IF_NEEDS_RESET" ]; then
- $IWPRIV "$IFACE" reset 1
- sleep 1
-fi
-
-if [ -n "$IF_NEEDS_FIRMWARE" ]; then
- $IF_NEEDS_FIRMWARE "$IFACE"
-fi
-
-if [ -n "$IF_WIRELESS_SENS" ]; then
- $IWCONFIG "$IFACE" sens $IF_WIRELESS_SENS
-fi
-
-if [ -n "$IF_WIRELESS_RATE" ]; then
- $IWCONFIG "$IFACE" rate $IF_WIRELESS_RATE
-fi
-
-if [ -n "$IF_WIRELESS_RTS" ]; then
- $IWCONFIG "$IFACE" rts $IF_WIRELESS_RTS
-fi
-
-if [ -n "$IF_WIRELESS_FRAG" ]; then
- $IWCONFIG "$IFACE" frag $IF_WIRELESS_FRAG
-fi
-
-if [ -n "$IF_WIRELESS_POWER" ]; then
- $IWCONFIG "$IFACE" power $IF_WIRELESS_POWER
-fi
-
-if [ -n "$IF_WIRELESS_POWERPERIOD" ]; then
- $IWCONFIG "$IFACE" power period $IF_WIRELESS_POWERPERIOD
-fi
-
-if [ -n "$IF_WIRELESS_POWERTIMEOUT" ]; then
- $IWCONFIG "$IFACE" power timeout $IF_WIRELESS_POWERTIMEOUT
-fi
-
-if [ -n "$IF_WIRELESS_TXPOWER" ]; then
- $IWCONFIG "$IFACE" txpower $IF_WIRELESS_TXPOWER
-fi
-
-if [ -n "$IF_WIRELESS_RETRY" ]; then
- $IWCONFIG "$IFACE" retry $IF_WIRELESS_RETRY
-fi
-
-if [ -n "$IF_WIRELESS_NICK" ]; then
- $IWCONFIG "$IFACE" nick "$IF_WIRELESS_NICK"
-fi
-
-if [ -n "$IF_WIRELESS_NWID" ]; then
- $IWCONFIG "$IFACE" nwid "$IF_WIRELESS_NWID"
-fi
-
-if [ -n "$IF_WIRELESS_ENC" ]; then
- eval $IWCONFIG "$IFACE" enc $IF_WIRELESS_ENC
-fi
-
-if [ -n "$IF_WIRELESS_KEY" ]; then
- eval $IWCONFIG "$IFACE" key $IF_WIRELESS_KEY
-fi
-
-if [ -n "$IF_WIRELESS_KEY1" ]; then
- $IWCONFIG "$IFACE" key [1] "$IF_WIRELESS_KEY1"
-fi
-
-if [ -n "$IF_WIRELESS_KEY2" ]; then
- $IWCONFIG "$IFACE" key [2] "$IF_WIRELESS_KEY2"
-fi
-
-if [ -n "$IF_WIRELESS_KEY3" ]; then
- $IWCONFIG "$IFACE" key [3] "$IF_WIRELESS_KEY3"
-fi
-
-if [ -n "$IF_WIRELESS_KEY4" ]; then
- $IWCONFIG "$IFACE" key [4] "$IF_WIRELESS_KEY4"
-fi
-
-if [ -n "$IF_WIRELESS_DEFAULTKEY" ]; then
- $IWCONFIG "$IFACE" key ["$IF_WIRELESS_DEFAULTKEY"]
-fi
-
-if [ -n "$IF_WIRELESS_KEYMODE" ]; then
- $IWCONFIG "$IFACE" key "$IF_WIRELESS_KEYMODE"
-fi
-
-if [ -n "$IF_WIRELESS_MODE" ]; then
- $IWCONFIG "$IFACE" mode $IF_WIRELESS_MODE
-fi
-
-if [ -n "$IF_WIRELESS_FREQ" ]; then
- $IWCONFIG "$IFACE" freq $IF_WIRELESS_FREQ
-fi
-
-if [ -n "$IF_WIRELESS_CHANNEL" ]; then
- $IWCONFIG "$IFACE" channel $IF_WIRELESS_CHANNEL
-fi
-
-if [ -n "$IF_WIRELESS_ESSID" ]; then
- $IWCONFIG "$IFACE" essid "$IF_WIRELESS_ESSID"
-fi
-
-if [ -n "$IF_WIRELESS_COMMIT" ]; then
- $IWCONFIG "$IFACE" commit
-fi
-
diff --git a/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools/zzz-wireless.if-pre-up b/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools/zzz-wireless.if-pre-up
deleted file mode 100644
index 4c8e95bf2..000000000
--- a/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools/zzz-wireless.if-pre-up
+++ /dev/null
@@ -1,34 +0,0 @@
-#!/bin/sh
-#
-# /etc/network/if-pre-up.d/zzz-wireless
-# by Stefan Tomanek (stefan@pico.ruhr.de)
-
-
-IWCONFIG=/sbin/iwconfig
-IFCONFIG=/sbin/ifconfig
-GREP=/bin/grep
-LOGGER=/usr/bin/logger
-SLEEP=/bin/sleep
-
-# How long do we wait for association?
-RETRIES=15
-SLEEPTIME=1
-
-# Only sleep if we use DHCP (add others methods seperated by spaces)
-ONLY_FOR="static dhcp"
-
-if [ -z "$IF_WIRELESS_TYPE" ] && echo "$ONLY_FOR" | grep -q "$METHOD" ; then
- $IFCONFIG $IFACE up
- $LOGGER Checking for WLAN association...
- while ( [ $RETRIES -gt 0 ] && ($IWCONFIG "$IFACE" | $GREP -q "Access Point: Not-Associated") ); do
- $LOGGER No association yet, $RETRIES retries until timeout
- RETRIES=$(($RETRIES-1))
- $SLEEP $SLEEPTIME
- done
-
- if [ $RETRIES -eq 0 ]; then
- $LOGGER Timeout waiting for association, continuing anyway...
- else
- $LOGGER Found association!
- fi
-fi
diff --git a/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb b/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb
index 26ecdf3b4..c3b8f665b 100644
--- a/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb
+++ b/yocto-poky/meta/recipes-connectivity/wireless-tools/wireless-tools_30.pre9.bb
@@ -9,8 +9,6 @@ SECTION = "base"
PE = "1"
SRC_URI = "http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/wireless_tools.${PV}.tar.gz \
- file://wireless-tools.if-pre-up \
- file://zzz-wireless.if-pre-up \
file://remove.ldconfig.call.patch \
file://man.patch \
file://avoid_strip.patch \
@@ -19,6 +17,9 @@ SRC_URI = "http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/wireless_tools.$
SRC_URI[md5sum] = "ca91ba7c7eff9bfff6926b1a34a4697d"
SRC_URI[sha256sum] = "abd9c5c98abf1fdd11892ac2f8a56737544fe101e1be27c6241a564948f34c63"
+UPSTREAM_CHECK_URI = "http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Tools.html"
+UPSTREAM_CHECK_REGEX = "wireless_tools\.(?P<pver>(\d+)(\..*|))\.tar\.gz"
+
S = "${WORKDIR}/wireless_tools.30"
CFLAGS =+ "-I${S}"
@@ -36,17 +37,10 @@ do_install() {
oe_runmake PREFIX=${D} install-iwmulticall install-dynamic install-man install-hdr
install -d ${D}${sbindir}
install -m 0755 ifrename ${D}${sbindir}/ifrename
- # Disabled by RP - 20/8/08 - We don't seem to need/use these
- #install -d ${D}${sysconfdir}/network/if-pre-up.d
- #install ${WORKDIR}/wireless-tools.if-pre-up ${D}${sysconfdir}/network/if-pre-up.d/wireless-tools
- #install ${WORKDIR}/zzz-wireless.if-pre-up ${D}${sysconfdir}/network/if-pre-up.d/zzz-wireless
}
-PACKAGES = "libiw-dbg ifrename-dbg ${PN}-dbg \
-libiw libiw-dev libiw-doc ifrename-doc ifrename ${PN} ${PN}-doc"
+PACKAGES = "libiw libiw-dev libiw-doc ifrename-doc ifrename ${PN} ${PN}-doc ${PN}-dbg"
-FILES_libiw-dbg = "${libdir}/.debug/*.so.*"
-FILES_ifrename-dbg = "${sbindir}/.debug/ifrename"
FILES_libiw = "${libdir}/*.so.*"
FILES_libiw-dev = "${libdir}/*.a ${libdir}/*.so ${includedir}"
FILES_libiw-doc = "${mandir}/man7"
diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch
deleted file mode 100644
index 882674fe5..000000000
--- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-Upstream-Status: Backport
-
-Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
-
-From ef566a4d4f74022e1fdb0a2addfe81e6de9f4aae Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Wed, 29 Apr 2015 02:21:53 +0300
-Subject: [PATCH] AP WMM: Fix integer underflow in WMM Action frame parser
-
-The length of the WMM Action frame was not properly validated and the
-length of the information elements (int left) could end up being
-negative. This would result in reading significantly past the stack
-buffer while parsing the IEs in ieee802_11_parse_elems() and while doing
-so, resulting in segmentation fault.
-
-This can result in an invalid frame being used for a denial of service
-attack (hostapd process killed) against an AP with a driver that uses
-hostapd for management frame processing (e.g., all mac80211-based
-drivers).
-
-Thanks to Kostya Kortchinsky of Google security team for discovering and
-reporting this issue.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/ap/wmm.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/src/ap/wmm.c b/src/ap/wmm.c
-index 6d4177c..314e244 100644
---- a/src/ap/wmm.c
-+++ b/src/ap/wmm.c
-@@ -274,6 +274,9 @@ void hostapd_wmm_action(struct hostapd_data *hapd,
- return;
- }
-
-+ if (left < 0)
-+ return; /* not a valid WMM Action frame */
-+
- /* extract the tspec info element */
- if (ieee802_11_parse_elems(pos, left, &elems, 1) == ParseFailed) {
- hostapd_logger(hapd, mgmt->sa, HOSTAPD_MODULE_IEEE80211,
---
-1.9.1
-
diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
deleted file mode 100644
index a2bafc8c4..000000000
--- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch
+++ /dev/null
@@ -1,77 +0,0 @@
-Upstream-Status: Backport
-
-Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
-
-From dd2f043c9c43d156494e33d7ce22db96e6ef42c7 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Fri, 1 May 2015 16:37:45 +0300
-Subject: [PATCH 1/5] EAP-pwd peer: Fix payload length validation for Commit
- and Confirm
-
-The length of the received Commit and Confirm message payloads was not
-checked before reading them. This could result in a buffer read
-overflow when processing an invalid message.
-
-Fix this by verifying that the payload is of expected length before
-processing it. In addition, enforce correct state transition sequence to
-make sure there is no unexpected behavior if receiving a Commit/Confirm
-message before the previous exchanges have been completed.
-
-Thanks to Kostya Kortchinsky of Google security team for discovering and
-reporting this issue.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/eap_peer/eap_pwd.c | 29 +++++++++++++++++++++++++++++
- 1 file changed, 29 insertions(+)
-
-diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c
-index f2b0926..a629437 100644
---- a/src/eap_peer/eap_pwd.c
-+++ b/src/eap_peer/eap_pwd.c
-@@ -355,6 +355,23 @@ eap_pwd_perform_commit_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
- BIGNUM *mask = NULL, *x = NULL, *y = NULL, *cofactor = NULL;
- u16 offset;
- u8 *ptr, *scalar = NULL, *element = NULL;
-+ size_t prime_len, order_len;
-+
-+ if (data->state != PWD_Commit_Req) {
-+ ret->ignore = TRUE;
-+ goto fin;
-+ }
-+
-+ prime_len = BN_num_bytes(data->grp->prime);
-+ order_len = BN_num_bytes(data->grp->order);
-+
-+ if (payload_len != 2 * prime_len + order_len) {
-+ wpa_printf(MSG_INFO,
-+ "EAP-pwd: Unexpected Commit payload length %u (expected %u)",
-+ (unsigned int) payload_len,
-+ (unsigned int) (2 * prime_len + order_len));
-+ goto fin;
-+ }
-
- if (((data->private_value = BN_new()) == NULL) ||
- ((data->my_element = EC_POINT_new(data->grp->group)) == NULL) ||
-@@ -554,6 +571,18 @@ eap_pwd_perform_confirm_exchange(struct eap_sm *sm, struct eap_pwd_data *data,
- u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr;
- int offset;
-
-+ if (data->state != PWD_Confirm_Req) {
-+ ret->ignore = TRUE;
-+ goto fin;
-+ }
-+
-+ if (payload_len != SHA256_MAC_LEN) {
-+ wpa_printf(MSG_INFO,
-+ "EAP-pwd: Unexpected Confirm payload length %u (expected %u)",
-+ (unsigned int) payload_len, SHA256_MAC_LEN);
-+ goto fin;
-+ }
-+
- /*
- * first build up the ciphersuite which is group | random_function |
- * prf
---
-1.9.1
-
diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch
deleted file mode 100644
index e108a931c..000000000
--- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 9ed4eee345f85e3025c33c6e20aa25696e341ccd Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <jouni@qca.qualcomm.com>
-Date: Tue, 7 Apr 2015 11:32:11 +0300
-Subject: [PATCH] P2P: Validate SSID element length before copying it
- (CVE-2015-1863)
-
-This fixes a possible memcpy overflow for P2P dev->oper_ssid in
-p2p_add_device(). The length provided by the peer device (0..255 bytes)
-was used without proper bounds checking and that could have resulted in
-arbitrary data of up to 223 bytes being written beyond the end of the
-dev->oper_ssid[] array (of which about 150 bytes would be beyond the
-heap allocation) when processing a corrupted management frame for P2P
-peer discovery purposes.
-
-This could result in corrupted state in heap, unexpected program
-behavior due to corrupted P2P peer device information, denial of service
-due to process crash, exposure of memory contents during GO Negotiation,
-and potentially arbitrary code execution.
-
-Thanks to Google security team for reporting this issue and smart
-hardware research group of Alibaba security team for discovering it.
-
-Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
-
-Upstream-Status: Backport
-
-Signed-off-by: Yue Tao <yue.tao@windriver.com>
-
----
- src/p2p/p2p.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c
-index f584fae..a45fe73 100644
---- a/src/p2p/p2p.c
-+++ b/src/p2p/p2p.c
-@@ -778,6 +778,7 @@ int p2p_add_device(struct p2p_data *p2p, const u8 *addr, int freq,
- if (os_memcmp(addr, p2p_dev_addr, ETH_ALEN) != 0)
- os_memcpy(dev->interface_addr, addr, ETH_ALEN);
- if (msg.ssid &&
-+ msg.ssid[1] <= sizeof(dev->oper_ssid) &&
- (msg.ssid[1] != P2P_WILDCARD_SSID_LEN ||
- os_memcmp(msg.ssid + 2, P2P_WILDCARD_SSID, P2P_WILDCARD_SSID_LEN)
- != 0)) {
---
-1.7.9.5
-
diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch
deleted file mode 100644
index 2568ea112..000000000
--- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-Upstream-Status: Backport
-
-Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
-
-From 5acd23f4581da58683f3cf5e36cb71bbe4070bd7 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Tue, 28 Apr 2015 17:08:33 +0300
-Subject: [PATCH] WPS: Fix HTTP chunked transfer encoding parser
-
-strtoul() return value may end up overflowing the int h->chunk_size and
-resulting in a negative value to be stored as the chunk_size. This could
-result in the following memcpy operation using a very large length
-argument which would result in a buffer overflow and segmentation fault.
-
-This could have been used to cause a denial service by any device that
-has been authorized for network access (either wireless or wired). This
-would affect both the WPS UPnP functionality in a WPS AP (hostapd with
-upnp_iface parameter set in the configuration) and WPS ER
-(wpa_supplicant with WPS_ER_START control interface command used).
-
-Validate the parsed chunk length value to avoid this. In addition to
-rejecting negative values, we can also reject chunk size that would be
-larger than the maximum configured body length.
-
-Thanks to Kostya Kortchinsky of Google security team for discovering and
-reporting this issue.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/wps/httpread.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/src/wps/httpread.c b/src/wps/httpread.c
-index 2f08f37..d2855e3 100644
---- a/src/wps/httpread.c
-+++ b/src/wps/httpread.c
-@@ -533,6 +533,13 @@ static void httpread_read_handler(int sd, void *eloop_ctx, void *sock_ctx)
- if (!isxdigit(*cbp))
- goto bad;
- h->chunk_size = strtoul(cbp, NULL, 16);
-+ if (h->chunk_size < 0 ||
-+ h->chunk_size > h->max_bytes) {
-+ wpa_printf(MSG_DEBUG,
-+ "httpread: Invalid chunk size %d",
-+ h->chunk_size);
-+ goto bad;
-+ }
- /* throw away chunk header
- * so we have only real data
- */
---
-1.9.1
-
diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
deleted file mode 100644
index c477c2f93..000000000
--- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-Upstream-Status: Backport
-
-Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
-
-From e28a58be26184c2a23f80b410e0997ef1bd5d578 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Fri, 1 May 2015 16:40:44 +0300
-Subject: [PATCH 2/5] EAP-pwd server: Fix payload length validation for Commit
- and Confirm
-
-The length of the received Commit and Confirm message payloads was not
-checked before reading them. This could result in a buffer read
-overflow when processing an invalid message.
-
-Fix this by verifying that the payload is of expected length before
-processing it. In addition, enforce correct state transition sequence to
-make sure there is no unexpected behavior if receiving a Commit/Confirm
-message before the previous exchanges have been completed.
-
-Thanks to Kostya Kortchinsky of Google security team for discovering and
-reporting this issue.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/eap_server/eap_server_pwd.c | 19 +++++++++++++++++++
- 1 file changed, 19 insertions(+)
-
-diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c
-index 66bd5d2..3189105 100644
---- a/src/eap_server/eap_server_pwd.c
-+++ b/src/eap_server/eap_server_pwd.c
-@@ -656,9 +656,21 @@ eap_pwd_process_commit_resp(struct eap_sm *sm, struct eap_pwd_data *data,
- BIGNUM *x = NULL, *y = NULL, *cofactor = NULL;
- EC_POINT *K = NULL, *point = NULL;
- int res = 0;
-+ size_t prime_len, order_len;
-
- wpa_printf(MSG_DEBUG, "EAP-pwd: Received commit response");
-
-+ prime_len = BN_num_bytes(data->grp->prime);
-+ order_len = BN_num_bytes(data->grp->order);
-+
-+ if (payload_len != 2 * prime_len + order_len) {
-+ wpa_printf(MSG_INFO,
-+ "EAP-pwd: Unexpected Commit payload length %u (expected %u)",
-+ (unsigned int) payload_len,
-+ (unsigned int) (2 * prime_len + order_len));
-+ goto fin;
-+ }
-+
- if (((data->peer_scalar = BN_new()) == NULL) ||
- ((data->k = BN_new()) == NULL) ||
- ((cofactor = BN_new()) == NULL) ||
-@@ -774,6 +786,13 @@ eap_pwd_process_confirm_resp(struct eap_sm *sm, struct eap_pwd_data *data,
- u8 conf[SHA256_MAC_LEN], *cruft = NULL, *ptr;
- int offset;
-
-+ if (payload_len != SHA256_MAC_LEN) {
-+ wpa_printf(MSG_INFO,
-+ "EAP-pwd: Unexpected Confirm payload length %u (expected %u)",
-+ (unsigned int) payload_len, SHA256_MAC_LEN);
-+ goto fin;
-+ }
-+
- /* build up the ciphersuite: group | random_function | prf */
- grp = htons(data->group_num);
- ptr = (u8 *) &cs;
---
-1.9.1
-
diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
deleted file mode 100644
index e46ce436e..000000000
--- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-Upstream-Status: Backport
-
-Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
-
-From 477c74395acd0123340457ba6f15ab345d42016e Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Sat, 2 May 2015 19:23:04 +0300
-Subject: [PATCH 3/5] EAP-pwd peer: Fix Total-Length parsing for fragment
- reassembly
-
-The remaining number of bytes in the message could be smaller than the
-Total-Length field size, so the length needs to be explicitly checked
-prior to reading the field and decrementing the len variable. This could
-have resulted in the remaining length becoming negative and interpreted
-as a huge positive integer.
-
-In addition, check that there is no already started fragment in progress
-before allocating a new buffer for reassembling fragments. This avoid a
-potential memory leak when processing invalid message.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/eap_peer/eap_pwd.c | 12 ++++++++++++
- 1 file changed, 12 insertions(+)
-
-diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c
-index a629437..1d2079b 100644
---- a/src/eap_peer/eap_pwd.c
-+++ b/src/eap_peer/eap_pwd.c
-@@ -866,11 +866,23 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret,
- * if it's the first fragment there'll be a length field
- */
- if (EAP_PWD_GET_LENGTH_BIT(lm_exch)) {
-+ if (len < 2) {
-+ wpa_printf(MSG_DEBUG,
-+ "EAP-pwd: Frame too short to contain Total-Length field");
-+ ret->ignore = TRUE;
-+ return NULL;
-+ }
- tot_len = WPA_GET_BE16(pos);
- wpa_printf(MSG_DEBUG, "EAP-pwd: Incoming fragments whose "
- "total length = %d", tot_len);
- if (tot_len > 15000)
- return NULL;
-+ if (data->inbuf) {
-+ wpa_printf(MSG_DEBUG,
-+ "EAP-pwd: Unexpected new fragment start when previous fragment is still in use");
-+ ret->ignore = TRUE;
-+ return NULL;
-+ }
- data->inbuf = wpabuf_alloc(tot_len);
- if (data->inbuf == NULL) {
- wpa_printf(MSG_INFO, "Out of memory to buffer "
---
-1.9.1
-
diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
deleted file mode 100644
index a4c02b474..000000000
--- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-Upstream-Status: Backport
-
-Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
-
-From 3035cc2894e08319b905bd6561e8bddc8c2db9fa Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Sat, 2 May 2015 19:26:06 +0300
-Subject: [PATCH 4/5] EAP-pwd server: Fix Total-Length parsing for fragment
- reassembly
-
-The remaining number of bytes in the message could be smaller than the
-Total-Length field size, so the length needs to be explicitly checked
-prior to reading the field and decrementing the len variable. This could
-have resulted in the remaining length becoming negative and interpreted
-as a huge positive integer.
-
-In addition, check that there is no already started fragment in progress
-before allocating a new buffer for reassembling fragments. This avoid a
-potential memory leak when processing invalid message.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/eap_server/eap_server_pwd.c | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
-diff --git a/src/eap_server/eap_server_pwd.c b/src/eap_server/eap_server_pwd.c
-index 3189105..2bfc3c2 100644
---- a/src/eap_server/eap_server_pwd.c
-+++ b/src/eap_server/eap_server_pwd.c
-@@ -942,11 +942,21 @@ static void eap_pwd_process(struct eap_sm *sm, void *priv,
- * the first fragment has a total length
- */
- if (EAP_PWD_GET_LENGTH_BIT(lm_exch)) {
-+ if (len < 2) {
-+ wpa_printf(MSG_DEBUG,
-+ "EAP-pwd: Frame too short to contain Total-Length field");
-+ return;
-+ }
- tot_len = WPA_GET_BE16(pos);
- wpa_printf(MSG_DEBUG, "EAP-pwd: Incoming fragments, total "
- "length = %d", tot_len);
- if (tot_len > 15000)
- return;
-+ if (data->inbuf) {
-+ wpa_printf(MSG_DEBUG,
-+ "EAP-pwd: Unexpected new fragment start when previous fragment is still in use");
-+ return;
-+ }
- data->inbuf = wpabuf_alloc(tot_len);
- if (data->inbuf == NULL) {
- wpa_printf(MSG_INFO, "EAP-pwd: Out of memory to "
---
-1.9.1
-
diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
deleted file mode 100644
index 407360073..000000000
--- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-Upstream-Status: Backport
-
-Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
-
-From 28a069a545b06b99eb55ad53f63f2c99e65a98f6 Mon Sep 17 00:00:00 2001
-From: Jouni Malinen <j@w1.fi>
-Date: Sat, 2 May 2015 19:26:28 +0300
-Subject: [PATCH 5/5] EAP-pwd peer: Fix asymmetric fragmentation behavior
-
-The L (Length) and M (More) flags needs to be cleared before deciding
-whether the locally generated response requires fragmentation. This
-fixes an issue where these flags from the server could have been invalid
-for the following message. In some cases, this could have resulted in
-triggering the wpabuf security check that would terminate the process
-due to invalid buffer allocation.
-
-Signed-off-by: Jouni Malinen <j@w1.fi>
----
- src/eap_peer/eap_pwd.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/src/eap_peer/eap_pwd.c b/src/eap_peer/eap_pwd.c
-index 1d2079b..e58b13a 100644
---- a/src/eap_peer/eap_pwd.c
-+++ b/src/eap_peer/eap_pwd.c
-@@ -968,6 +968,7 @@ eap_pwd_process(struct eap_sm *sm, void *priv, struct eap_method_ret *ret,
- /*
- * we have output! Do we need to fragment it?
- */
-+ lm_exch = EAP_PWD_GET_EXCHANGE(lm_exch);
- len = wpabuf_len(data->outbuf);
- if ((len + EAP_PWD_HDR_SIZE) > data->mtu) {
- resp = eap_msg_alloc(EAP_VENDOR_IETF, EAP_TYPE_PWD, data->mtu,
---
-1.9.1
-
diff --git a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.4.bb b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb
index a124cf21d..935c8afc9 100644
--- a/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.4.bb
+++ b/yocto-poky/meta/recipes-connectivity/wpa-supplicant/wpa-supplicant_2.5.bb
@@ -1,16 +1,16 @@
SUMMARY = "Client for Wi-Fi Protected Access (WPA)"
-HOMEPAGE = "http://hostap.epitest.fi/wpa_supplicant/"
-BUGTRACKER = "http://hostap.epitest.fi/bugz/"
+HOMEPAGE = "http://w1.fi/wpa_supplicant/"
+BUGTRACKER = "http://w1.fi/security/"
SECTION = "network"
LICENSE = "BSD"
LIC_FILES_CHKSUM = "file://COPYING;md5=36b27801447e0662ee0138d17fe93880 \
file://README;beginline=1;endline=56;md5=7f393579f8b109fe91f3b9765d26c7d3 \
- file://wpa_supplicant/wpa_supplicant.c;beginline=1;endline=12;md5=3430fda79f2ba1dd545f0b3c4d6e4d24 "
-DEPENDS = "dbus libnl libgcrypt"
+ file://wpa_supplicant/wpa_supplicant.c;beginline=1;endline=12;md5=3430fda79f2ba1dd545f0b3c4d6e4d24"
+DEPENDS = "dbus libnl"
RRECOMMENDS_${PN} = "wpa-supplicant-passphrase wpa-supplicant-cli"
PACKAGECONFIG ??= "gnutls"
-PACKAGECONFIG[gnutls] = ",,gnutls"
+PACKAGECONFIG[gnutls] = ",,gnutls libgcrypt"
PACKAGECONFIG[openssl] = ",,openssl"
inherit systemd
@@ -18,23 +18,15 @@ inherit systemd
SYSTEMD_SERVICE_${PN} = "wpa_supplicant.service wpa_supplicant-nl80211@.service wpa_supplicant-wired@.service"
SYSTEMD_AUTO_ENABLE = "disable"
-SRC_URI = "http://hostap.epitest.fi/releases/wpa_supplicant-${PV}.tar.gz \
+SRC_URI = "http://w1.fi/releases/wpa_supplicant-${PV}.tar.gz \
file://defconfig \
file://wpa-supplicant.sh \
file://wpa_supplicant.conf \
file://wpa_supplicant.conf-sane \
file://99_wpa_supplicant \
- file://0001-AP-WMM-Fix-integer-underflow-in-WMM-Action-frame-par.patch \
- file://0001-P2P-Validate-SSID-element-length-before-copying-it-C.patch \
- file://0001-WPS-Fix-HTTP-chunked-transfer-encoding-parser.patch \
- file://0001-EAP-pwd-peer-Fix-payload-length-validation-for-Commi.patch \
- file://0002-EAP-pwd-server-Fix-payload-length-validation-for-Com.patch \
- file://0003-EAP-pwd-peer-Fix-Total-Length-parsing-for-fragment-r.patch \
- file://0004-EAP-pwd-server-Fix-Total-Length-parsing-for-fragment.patch \
- file://0005-EAP-pwd-peer-Fix-asymmetric-fragmentation-behavior.patch \
"
-SRC_URI[md5sum] = "f0037dbe03897dcaf2ad2722e659095d"
-SRC_URI[sha256sum] = "058dc832c096139a059e6df814080f50251a8d313c21b13364c54a1e70109122"
+SRC_URI[md5sum] = "96ff75c3a514f1f324560a2376f13110"
+SRC_URI[sha256sum] = "cce55bae483b364eae55c35ba567c279be442ed8bab5b80a3c7fb0d057b9b316"
S = "${WORKDIR}/wpa_supplicant-${PV}"
OpenPOWER on IntegriCloud