This contains references to source directories used during build, it
will not be useful on target without really editing it properly to
reflect target rootfs install. it perhaps never was used thus far, it
would have failed otherwise.
Fixes
WARNING: dovecot-2.3.20-r0 do_package_qa: QA Issue: File /usr/lib/dovecot/dovecot-config in package dovecot contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Re-enable LTO again, it works ok.
- Turn systemd into a packageconfig and enable it when systemd is in
distro features
Signed-off-by: Khem Raj <raj.khem@gmail.com>
These pyc files include references to buildtime TMPDIR, therefore delete
them and let them be regerated during runtime if needed.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Remove intltool-native as it is not used, and add autoconf-archive-native.
Also explicitly disable systemd when not selected to be sure it doesn't
automatically enable.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Compiler invocation and flags are added to SQUID_CONFIGURE_OPTIONS which
is added via generated autoconf.h during configure step. Since OE
encodes sysroot and buildpaths for cross compile, they end up in squid
binary, this patch removes from workdir from them so avoid encoding
build workspace path
Signed-off-by: Khem Raj <raj.khem@gmail.com>
A client for PPP+SSL VPN tunnel services, compatible with Fortinet VPNs.
https://github.com/adrienverge/openfortivpn
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Disabled by default. When enabled, a package 'strongswan-nm' gets created.
The package naming follows Debian/Ubuntu.
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
When using OpenSSL as the encryption provider, the package does not
build without deprecation warnings, thus breaking the build. Disable
warnings as errors to unbreak the build.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Without "encryption" PACKAGECONFIG, the option UA_ENABLE_ENCRYPTION=OFF
is passed, which disables encryption support altogether and makes it
impossible to override the encryption provider. Since no encryption
support is already the default, we don't have to specify anthing to
disable encryption.
Additionally, explicitly specify MbedTLS as the encryption provider;
this is the preferred way to enable any one of the three supported
providers (LibreSSL, OpenSSL or MbedTLS). The current method prints a
deprecation warning:
CMake Deprecation Warning at CMakeLists.txt:200 (message):
Set UA_ENABLE_ENCRYPTION to the desired encryption library.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* without gobject-introspection-data in DISTRO_FEATURES the bbclass
correctly disables it:
$ bitbake-getvar -r spice-gtk EXTRA_OEMESON
#
# $EXTRA_OEMESON [6 operations]
# :append /OE/build/oe-core/openembedded-core/meta/classes-recipe/meson.bbclass:44
# " ${PACKAGECONFIG_CONFARGS}"
# :prepend[class-target] /OE/build/oe-core/openembedded-core/meta/classes-recipe/gobject-introspection.bbclass:28
# "${@['', '${GIRMESONTARGET}'][d.getVar('GIR_MESON_OPTION') != '']}"
# :prepend[class-native] /OE/build/oe-core/openembedded-core/meta/classes-recipe/gobject-introspection.bbclass:33
# "${@['', '${GIRMESONBUILD}'][d.getVar('GIR_MESON_OPTION') != '']}"
# :prepend[class-nativesdk] /OE/build/oe-core/openembedded-core/meta/classes-recipe/gobject-introspection.bbclass:34
# "${@['', '${GIRMESONBUILD}'][d.getVar('GIR_MESON_OPTION') != '']}"
# set /OE/build/oe-core/meta-openembedded/meta-networking/recipes-support/spice/spice-gtk_0.42.bb:49
# "-Dpie=true -Dvapi=enabled"
# :append[libc-musl] /OE/build/oe-core/meta-openembedded/meta-networking/recipes-support/spice/spice-gtk_0.42.bb:50
# " -Dcoroutine=libucontext"
# pre-expansion value:
# "${@['', '${GIRMESONTARGET}'][d.getVar('GIR_MESON_OPTION') != '']}-Dpie=true -Dvapi=enabled ${PACKAGECONFIG_CONFARGS}"
EXTRA_OEMESON="-Dintrospection=false -Dpie=true -Dvapi=enabled "
and prevents build failure:
http://errors.yoctoproject.org/Errors/Details/702789/
Run-time dependency gobject-introspection-1.0 found: NO (tried pkgconfig)
../git/meson.build:346:0: ERROR: Dependency "gobject-introspection-1.0" not found, tried pkgconfig
* it just needs GIR_MESON_*_FLAG to be set to avoid:
meson.build:4:0: ERROR: Value "false" (of type "string") for combo option "Check for GObject instrospection requirements" is not one of the choices. Possible choices are (as string): "enabled", "disabled", "auto".
* and enable vapi only when introspection is enabled, use PACKAGECONFIG for that to avoid:
meson.build:358:4: ERROR: Problem encountered: VAPI support requested without introspection
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
A typo that probably caused a left over from override syntax conversion.
INITSCRIPT_PARAMS$_${PN} --> INITSCRIPT_PARAMS:${PN}
Signed-off-by: Peter Bergin <peter.bergin@windriver.com>
Signed-off-by: Peter Bergin <peter@berginkonsult.se>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This removes the old unused license for netperf as upstream
moved to using the MIT license for netperf.
See: meta-openembedded commit 587fe58777
Signed-off-by: Arsalan H. Awan <arsalan.awan@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
* Emit the dhcp-change dispatcher event also after a lease renewal.
* Fix assertion failure on DHCP renewal.
* Add support for EC2 IMDSv2 in nm-cloud-setup.
* Allow setting tunnel flags for ip6gre & ip6gretap connection
profiles.
* Improve the Wi-Fi hotspot functionality.
* Fix setting the Wi-Fi roaming policy based on the number of seen
BSSIDs.
* Support the "no-aaaa" resolv.conf option.
* Some oFono fixes.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
Source code:
----------------
Fix spaces before tabs in indentation.
Updated printers:
-----------------
LSP ping: Fix "Unused value" warnings from Coverity.
CVE-2023-1801: Fix an out-of-bounds write in the SMB printer.
DNS: sync resource types with IANA.
ICMPv6: Update the output to show a RPL DAO field name.
Geneve: Fix the Geneve UDP port test.
Building and testing:
----------------------
Require at least autoconf 2.69.
Don't check for strftime(), as it's in C90 and beyond.
Update config.{guess,sub}, timestamps 2023-01-01,2023-01-21.
Documentation:
-------------
man: Document TCP flag names better.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
GHA: remove Ubuntu 18.04 builds
vcpkg: request "tools" feature of openssl for MSVC build
doc: run rst2* with --strict to catch warnings
Support of DNS domain for DHCP-less drivers
Bug-fix: segfault in dco_get_peer_stats()
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
https://netfilter.org/projects/nftables/files/changes-nftables-1.0.7.txt
The COPYING text changed to highlight that "New code though is moving to
GPL version 2 or any later which is the preferred license for this project
these days." Although the project itself stays GPLv2 only.
https://netfilter.org/licensing.html#terms
The upstream replaced distutils with setuptools, so the nftables-python
is now built using the standard approach. The coexistence of setuptools
and automake is solved in the same way as in meta-oe/recipes-support/libiio.
The removal of *.pyc is no longer necessary.
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* do_populate_lic as well as do_configure fails in multilib builds, because S points to empty:
lib32-restinio/0.6.13-r0/lib32-restinio-0.6.13/dev
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
With the exception of paho-mqtt-cpp, the double protocol= attributes
were added to the SRC_URIs when protocol=https was added to all SRC_URIs
fetching from github.com in commit b402a3076f (recipes: Update SRC_URI
branch and protocols).
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Correct "startline=" to "beginline=" in LIC_FILES_CHKSUM so that the
correct lines from autossh.c and daemon.h are used. Also remove
autossh.spec from LIC_FILES_CHKSUM as it doesn't really contain any
license information.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Release Notes:
https://www.samba.org/samba/history/samba-4.18.1.html
This is a security release in order to address the following defects:
CVE-2023-0225
CVE-2023-0922
CVE-2023-0614
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
dco: don't use NetLink to exchange control packets
dco: print version to log if available
dco-linux: remove M_ERRNO flag when printing netlink error message
multi: don't call DCO APIs if DCO is disabled
dco-freebsd: use m->instances[] instead of m->hash
dco-linux: implement dco_get_peer_stats{, multi} API
Set netlink socket to be non-blocking
Ensure n = 2 is set in key2 struct in tls_crypt_v2_unwrap_client_key
Fix memory leaks in open_tun_dco()
Fix memory leaks in HMAC initial packet generation
Use key_state instead of multi for tls_send_payload parameter
Make sending plain text control message session aware
Only update frame calculation if we have a valid link sockets
Improve description of compat-mode
Simplify --compress parsing in options.c
Refuse connection if server pushes an option contradicting allow-compress
Add 'allow-compression stub-only' internally for DCO
Parse compression options and bail out when compression is disabled
tests/unit_tests: Fix 'make distcheck' with subdir-objects enabled
preparing release 2.6.2
dns option: allow up to eight addresses per server
dco: print FreeBSD version
Support --inactive option for DCO
Fix '--inactive <time> 0' behavior for DCO
Print DCO client stats on SIGUSR2
Don't overwrite socket flags when using DCO on Windows
using OpenSSL3 API for EVP PKEY type name reporting
Bugfix: Convert ECDSA signature form pkcs11-helper to DER encoded form
Import some sample certificates into Windows store for testing
Add tests for finding certificates in Windows cert store
Refactor SSL_CTX_use_CryptoAPI_certificate()
Add a test for signing with certificates in Windows store
Unit tests: add test for SSL_CTX_use_Cryptoapi_certificate()
Improve error message on short read from socks proxy
Make error in setting metric for IPv6 interface non-fatal
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=========
# Do not ignore multicast advertisements when discovery was sent as unicast
(fix regression from 1.0.5).
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The patch is modified by removing irrelevant and conflicting
CHANGELOG entry.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-configure-check-for-ns_get16-and-ns_get32-as-well.patch
Fixed-build-error-on-musl.patch
removed since they're included in 0.9.2.
Changelog:
==========
- adenroll: set password via LDAP instead Kerberos [#27]
- disco: fall back to LDAPS if CLDAP ping was not successful [#31]
- tools: replace getpass() [#10]
- adenroll: write SID before secret to Samba's db [rhbz#1991619]
- doc: add clarification to add-member command on doc/adcli.xml
- tools: Set umask before calling mkdtemp()
- Avoid undefined behaviour in short option parsing
- library: include endian.h for le32toh
- man: Fix typos and use consistent upper case for some keywords
- doc: avoid gnu-make specific usage of $< [#26]
- configure: check for ns_get16 and ns_get32 as well [rhbz#1984891]
- Add setattr and delattr options [rhbz#1690920]
- entry: add passwd-user sub-command [rhbz#1952828]
- Add dont-expire-password option [rhbz#1769644]
- build: add --with-vendor-error-message configure option [rhbz#1889386]
- tools: add show-computer command [rhbz#1737342]
- add description option to join and update [rhbz#1737342]
- Use GSS-SPNEGO if available [rhbz#1762420]
- add option use-ldaps [rhbz#1762420]
- tools: disable SSSD's locator plugin [rhbz#1762633]
- doc: explain required AD permissions [gfo#20]
- computer: add create-msa sub-command [rhbz#1854112}
- Add account-disable option [gfo#21]
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update:
"Copyright (C) 2013-2020 Red Hat Inc." changed to "Copyright Red Hat"
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The patch has been applied upstream, so update the Upstream-Status
line accordingly.
Signed-off-by: Fabio Estevam <festevam@denx.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Pgpool-II is a middleware that works between PostgreSQL servers and a PostgreSQL database client. It is distributed under a license similar to BSD and MIT. It provides the following features.
Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The combination of ntpd and sntp now implements the functions of
ntpdate, which has been deprecated.
Now we don't need ntpdate anymore, and we can use the following
command 'ntpd -q -g -x' instead.
So drop the related section of ntpdate now.
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
53ee89b Merge pull request #1299 from zhuyj/dmabuf
95507d0 Merge pull request #1311 from EdwardSro/pr-pyverbs-tests
087deb5 irdma: Add support for ibv_reg_dmabuf_mr
6644617 Merge pull request #1309 from hz-cheng/master
fe9e480 Merge pull request #1304 from EdwardSro/pr-tests-fixes
5c9f444 Merge pull request #1303 from EdwardSro/pr-mlx5-dr-steering
8f56a83 Merge pull request #1310 from joshuafried/mlx5_dr_bugfix
638ace8 tests: Add test for devx DBR-less mode data path
25a4bf0 tests: Skip CUDA tests if there is no CUDA device
5dad658 tests: Add set and copy modify action of metadata
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-libnm-std-aux-Adjust-signature-of-_nm_assert_fail_in.patch
removed since it's not available in 1.42.4
Changelog:
==========
* Fix a possible crash when [global-dns] is used and improve the
documentation.
* Documentation improvements.
* Add build option to set the mobile-broadband-provider-info database
path.
* Add new "ipv[46].replace-local-rule" setting to control whether to
remove the local route rule that is automatically generated.
* Add the DHCPv6 IAID to the lease information exposed in /run and on
D-Bus.
* Fix assuming team connections at boot.
* Fix race condition when setting the MAC address of an OVS interface.
* Fix constructing the IPv4 name servers variable passed to dispatcher
scripts.
* Don't use tentative IPv6 address to resolve the system hostname via DNS.
* Deprecate the "Master" property of the NMActiveConnection D-Bus object
in favor of the new "Controller" property.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
dont-swallow-errors.patch
configure.in-Error-fix.patch
removed since they're not available in 3.14.
configure_in_cross.patch
refreshed for 3.14.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update: Copyright year updated to 2023.
Changelog:
==========
* New features
- Improved logging performance with the "output" option.
- Improved file read performance on the WIN32 platform.
- DH and kDHEPSK ciphersuites removed from FIPS defaults.
- Set the LimitNOFILE ulimit in stunnel.service to allow
for up to 10,000 concurrent clients.
- Added the new 'CAengine' service-level option
to load a trusted CA certificate from an engine.
- Added requesting client certificates in server
mode with 'CApath' besides 'CAfile'.
- Improved file read performance.
- Improved logging performance.
* Bugfixes
- Fixed the "CApath" option on the WIN32 platform by
applying https://github.com/openssl/openssl/pull/20312.
- Fixed stunnel.spec used for building rpm packages.
- Fixed tests on some OSes and architectures by merging
Debian 07-tests-errmsg.patch (thx to Peter Pentchev).
- Fixed EWOULDBLOCK errors in protocol negotiation.
- Fixed handling TLS errors in protocol negotiation.
- Prevented following fatal TLS alerts with TCP resets.
- Improved OpenSSL initialization on WIN32.
- Improved testing suite stability.
* Security bugfixes
- OpenSSL DLLs updated to version 3.0.8.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Now frr can support more arches as libyang can be built on all arches.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add UPSTREAM_CHECK_GITTAGREGEX to check the correct latest stable
verison.
Before the patch:
$ devtool latest-version frr
INFO: Current version: 8.4.2
INFO: Latest version: 9.0
INFO: Latest version's commit: 16c38045b1a84f899da473398779cc593d82d2bd
Version 9.0 is a development tag[1].
After the patch:
$ devtool latest-version frr
INFO: Current version: 8.4.2
INFO: Latest version: 8.4.2
INFO: Latest version's commit: 9e25d07412e92bdcd1f69c4755dc7564b23023c0
[1] https://github.com/FRRouting/frr/tags
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
As mbedtls installs this rather generically-named /usr/bin/hello binary,
it conflicts with the one provided by lmbench, hence set it up as an
alternative to avoid conflicts when both are installed to rootfs or SDK.
Signed-off-by: Denys Dmytriyenko <denis@denix.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
https://github.com/secdev/scapy/releases/tag/v2.5.0
Also, in this version the UTscapy wrapper gets no longer installed
into /usr/bin, so for ptest we need to install it.
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
New features and improvements in 2.6.0 compared to 2.5.8:
- Data Channel Offload (DCO) kernel acceleration support for Windows,
Linux, and FreeBSD.
- OpenSSL 3 support.
- Improved handling of tunnel MTU, including support for pushable MTU.
- Outdated cryptographic algorithms disabled by default, but there are
options to override if necessary.
- Reworked TLS handshake, making OpenVPN immune to replay-packet state
exhaustion attacks.
- Added --peer-fingerprint mode for a more simplistic certificate setup
and verification.
- Added Pre-Logon Access Provider support to OpenVPN GUI for Windows.
- Improved protocol negotiation, leading to faster connection setup.
Signed-off-by: Petr Gotthard <petr.gotthard@advantech.cz>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
* Convert repo to git
* Remove sig unsafe functions from signal handler (Ticket #22).
* Allow -e to explicitly specify the environment variable to use
(Ticket #5).
* Unset the variable specified with -e before calling subprogram
(Ticket #25).
* Change the logic for setting a controlling TTY. Fixes compatibility
issues with OpenSolaris and MSYS/Cygwin. Thanks Marcin Olszewski for
the fix.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-examples-Include-alloca.h-for-strdupa.patch
removed since it's included in 44.0
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
__assert_fail signature is assuming glibc which is fine for glibc
systems but we have to consider musl case too.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
* Added support for source load balancing for Ethernet Bonds.
* Allow specifying vhost name (SNI) for a manually DNS-over-TLS server.
Only works with systemd-resolved plugin.
* Connections can now be activated on a loopback interface.
* Added support of IPv4 ECMP routes. The ECMP routes will get merged
automatically but the user need to configure them as single-hop routes
specifying a valid weight.
* Add new "reapply" dispatcher event.
* Added support of VTI and VTI6 ip-tunnels along with a new property,
"ip-tunnel.fwmark".
* VLAN can now support 802.1ad tagging instead of 802.1Q.
* Invocations of iptables now use "--wait 2" to handle races with concurrent
calls. This fixes misbehavior with IPv4 shared mode.
* The DHCP client-id and DHCPv6 DUID are now exposed along with the lease
information.
* Optionally suppress adding direct route to an external VPN gateway
with the new "ipv[46].auto-route-ext-gw" property.
* Open vSwitch support gained new properties: "ovs-dpdk.n-rxq-desc",
"ovs-dpdk.n-txq-desc", "ovs-interface.ofport-request" and
"ovs-port.trunks".
* Added support of "other_config" for OVS bridge, port or interface. This
property is not supported by nmcli.
* nmtui now supports editing Wi-Fi WPA-Enterprise, Ethernet with 802.1X
authentication and MACsec connection profiles.
* nmcli now allows changing "connection.uuid" and "connection.type"
properties in offline mode and setting the UUID when creating a
connection.
* nmcli now accepts abbreviations for the UUID with the connection selector
in `nmcli connection $operator uuid $uuid`.
* DHCPv6 leases are now declined when addresses fail DAD.
* Documentation improvements.
* Many internal improvements and bug fixes.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-Add-configure-options-for-packages.patch
refreshed for new version.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Now built with meson
- Update the source git repository and home page
https://github.com/nmav/ipcalc redirects to https://gitlab.com/ipcalc/ipcalc
- USE_GEOIP = "no" not necessary in the recipe, already
set by default in the code.
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0002-iscsiuio-Use-pthread_t-for-INVALID_THREAD.patch
removed since it's included in 2.1.8.
0001-Makefile-Do-not-set-Werror.patch
refreshed for 2.1.8
Changelog:
===========
make: avoid hard-coding path to sed (#357)
etc: install system unit with without executable bit (#354)
Add ability for MGMT IPC to check UID only
Use config for iscsistart and iscsiadm fw login
iscsiuio: Use pthread_t for INVALID_THREAD (#363)
Add a 'distclean' Makefile top-level target
Cleanup fwparam makefile (#360)
Small bug fixes (#364)
Use meson as the main build system (#365)
libopeniscsiusr: cleanup recent reallocarray->realloc change (#369)
Added examples in man file for iscsiadm session commands.
iscsid: fix logout pdu send failure handling
Update README's error handler/timeout section
iscsiuio: fix LDADD
libopeniscsiusr: use realloc instead of reallocarray (#368)
iscsiadm: enable specify iface name-value parameters when creating iface
Fix a possible passing null pointer in usr/iface.c (#356)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- bugfix: wrong default portnumber for proxy was used
- bugfix: https://bugs.launchpad.net/ubuntu/+source/htpdate/+bug/1850740
- improvement: Avoid bouncing between upper/lower limit when (almost) in sync
- improvement: Set SSL server hostname on SSL object
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Update to version 0.42:
v0.42
=====
- !115 - Fix compilation on win32 with EGL
- !114 - spice-widget: fix hotspot position on Wayland/HiDPI
- !112 - meson: Allow building on a Wayland-only environment
- !110 - usb-backend: Fix devices not being enumerated
- !108 - spicy: Add keyboard shortcuts for copy/paste sync
- Require meson >= 0.56
The original recipe name was spice-gtk_0.4.1.bb, but the spice-gtk
repo tags the releases as 0.41, not 0.4.1, so update it accordingly.
Signed-off-by: Fabio Estevam <festevam@denx.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Up to now in this recipe the alternative mechanism only worked by accident, so
do like all other recipes and utilize varflags.
Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
version 2.89
Fix bug introduced in 2.88 (commit fe91134b) which can result
in corruption of the DNS cache internal data structures and
logging of "cache internal error". This has only been seen
in one place in the wild, and it took considerable effort
to even generate a test case to reproduce it, but there's
no way to be sure it won't strike, and the effect is to break
the cache badly. Installations with DNSSEC enabled are more
likely to see the problem, but not running DNSSEC does not
guarantee that it won't happen. Thanks to Timo van Roermund
for reporting the bug and for his great efforts in chasing
it down.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
CRDA is no longer needed as of kernel v4.15 since commit 007f6c5e6eb45
("cfg80211: support loading regulatory database as firmware file") added
support to use the kernel's firmware request API which looks for the
firmware on /lib/firmware. Because of this CRDA is legacy software for
older kernels, remove the recipe.
It could change regulatory domains with iw and wpa_supplicant.
Refs
1. https://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/crda.git/tree/README#n8
2. https://wireless.wiki.kernel.org/en/developers/Regulatory/CRDA
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add a missing runtime dependency on python3-ctypes
Add a polkit rule to allow users of group wheel to use blueman without authentification
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fails to link otherwise
ld: cannot find -lhiredis: No such file or directory
collect2: error: ld returned 1 exit status
Signed-off-by: Khem Raj <raj.khem@gmail.com>
configure uses AC_PREPROC_IFELSE to check for certain errors from getaddrinfo()
it user search operation in a preprocessed file
UNIQUEVALS=`sort $ERRVALFILE | uniq | wc -l | awk '{ print $1 }'`
However, line numbers are generated into the preprocesser files and they
get sorted higher than numbers
gaierrval:
# 130 "conftest.c" 3 4
-3
-P ensures that line numbers are not generated into preprocessed files,
so these checks can succeed.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It uses python3-config during build to grok the python specific
includedirs, therefore its important to ensure that target specific
python3-config is used, otherwise currently it defaults to native
python3-config which ends up adding native python3 include paths
which might work out ok but is exposed when target is 32bit + lfs
enabled, the headers don't match between native and target python
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It uses python3-config during build to grok the python specific
includedirs, therefore its important to ensure that target specific
python3-config is used, otherwise currently it defaults to native
python3-config which ends up adding native python3 include paths
which might work out ok but is exposed when target is 32bit + lfs
enabled, the headers don't match between native and target python
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Release Notes:
https://www.samba.org/samba/history/samba-4.17.5.html
Drop 0007-waf-Fix-errors-with-Werror-implicit-function-declara.patch
as the issue has been fixed upstream.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0.
An adversary with access to precise enough information about memory
accesses (typically, an untrusted operating system attacking a secure
enclave) can recover an RSA private key after observing the victim
performing a single private-key operation, if the window size
(MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0.
There is a potential heap-based buffer overflow and heap-based buffer
over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
References:
https://nvd.nist.gov/vuln/detail/CVE-2022-46392https://nvd.nist.gov/vuln/detail/CVE-2022-46393
Upstream patches:
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Mitigate occurence where ':append' operator is used and leading
whitespace character is obviously missing, risking inadvertent
string concatenation.
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Drop backported patches, drop `wscript: Widen the search for tags` as
upstream has merged something similar which means devtool builds now
work.
Add BISONFLAGS support to fix build reproducbility issue.
Drop `--debug` which generates internal debug info.
License-Update: License files moved to separate directory
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Expose all current dnsmasq configuration options in PACKAGECONFIG,
enable i18n generation, filter supplementary systemd files against
DISTRO_FEATURES.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add an option to use Platform Security Architecture for the X.509 and TLS
operations.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
Updated printers:
PTP: Use the proper values for the control field and print un-allocated
values for the message field as "Reserved" instead of "none".
Source code:
smbutil.c: Replace obsolete function call (asctime)
Building and testing:
cmake: Update the minimum required version to 2.8.12 (except Windows).
CI: Introduce and use TCPDUMP_CMAKE_TAINTED.
Makefile.in: Add the releasecheck target.
Makefile.in: Add "make -s install" in the releasecheck target.
Cirrus CI: Run the "make releasecheck" command in the Linux task.
Makefile.in: Add the whitespacecheck target.
Cirrus CI: Run the "make whitespacecheck" command in the Linux task.
Address all shellcheck warnings in update-test.sh.
Makefile.in: Get rid of a remain of gnuc.h.
Documentation:
Reformat the installation notes (INSTALL.txt) in Markdown.
Convert CONTRIBUTING to Markdown.
CONTRIBUTING.md: Document the use of "protocol: " in a commit summary.
Add a README file for NetBSD.
Fix CMake build to set man page section numbers in tcpdump.1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
* Fix the evaluation of the autoconnect retries.
* nm-cloud-setup now preserves addresses added externally.
* Ensure that dnsmasq is stopped after changing the dns backend and
restarting the service.
* Fix honoring an explicit DHCPv6 DUID with dhclient.
* Other various fixes.
* Fixed a bug that caused devices (MACsec in particular) to be stuck in
UNAVAILABLE state and not transition to DISCONNECTED if the carrier was
ready too early.
* Improved interoperability of MACsec with some Aruba switches by allowing
CKN shorter than 64 characters.
* Fixed an assertion failure when restarting NetworkManager with MACsec
links configured.
* Fixed a possible DHCP helper crash when handling failure to connect to
D-Bus.
* Corrected calculation of expiration time for items configured from IPv6
neighbor discovery messages.
* Various fixes for platforms that don't allow unaligned memory access.
* team: also set empty port configuration so teamd
knows about the port.
* team: restore port configuration after teamd respawn.
* dhcp: revert restarting DHCP when MAC address changes,
for example during a bond fail over.
* various documentation fixes.
* fix non-exported ABI in libnm which was wrongly present
in the header files but unusable so far.
* ifcfg-rh: fix writing ethtool pause settings to file.
* core: set "proto static" for manual routing rules configured
by NetworkManager.
* Various minor bugfixes.
* Ensure that resolv.conf gets updated when the configuration changes.
* Fix setting as bond primary an interface that doesn't exist yet when the
bond is activated.
* The number of autoconnect retries is now accounted independently for each
device when there are profiles with multi-connect=multiple.
* Don't print duplicate entries in the output of "NetworkManager
--print-config"
* Fix the ifcfg-rh plugin to properly read infiniband P-Key connection
profiles without an explicit interface name.
* Allow the removal of a bond port connection profile from the bond via
nmcli.
* Fix race condition during the activation of veth profiles when the peer
already exists.
* Decline the DHCPv6 lease if all addresses fail IPv6 duplicate address
detection (DAD).
* Wait that devices get carrier before trying to resolve the system hostname
on them via DNS.
* Fix race condition during the initial activation of OVS interfaces.
* Profiles generated by nm-initrd-generator now have lower than default
priority.
* Fix error when adding many SR-IOV virtual functions (VFs).
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Update crda from 3.18 to 4.15:
* use git repo in SRC_URI that no tar archive found for recent releases
* drop fix-gcc-6-unused-variables.patch and make.patch
* rebase patches
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Clang also warns about offsetof use to emulate _Alignof
register keyword is no longer available so pre-empt it
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Weechat now requires an extra zstd dependency during
compilation.
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alejandro@enedino.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Release Notes:
https://github.com/FreeRADIUS/freeradius-server/releases/tag/release_3_0_26
* Refresh patches
* Add autogen.sh as we still need it in do_configure
* Backport a patch to fix configure error for rlm_python3
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Using a private module from setuptools is not a good idea and
no longer works with latest setuptools.
it's actually better to revert to official distutils even if
it is going away in the next python release. Hopefully by
then upstream will transition to something supported.
TMPDIR in .pyc can be addressed by simply not installing the .pyc.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
Updated printers:
-----------------
BGP: Update cease notification decoding to RFC 9003.
BGP: decode BGP link-bandwidth extended community properly.
BGP: Fix parsing the AIGP attribute
BGP: make sure the path attributes don't go past the end of the packet.
BGP: Shutdown message can be up to 255 bytes length according to rfc9003
DSA: correctly determine VID.
EAP: fix some length checks and output issues.
802.11: Fix the misleading comment regarding "From DS", "To DS" Frame Control Flags.
802.11: Fetch the CF and TIM IEs a field at a time.
802.15.4, BGP, LISP: fix some length checks, compiler warnings,
and undefined behavior warnings.
PFLOG: handle LINKTYPE_PFLOG/DLT_PFLOG files from all OSes on all OSes.
RRCP: support more Realtek protocols than just RRCP.
MPLS: show the EXP field as TC, as per RFC 5462.
ICMP: redo MPLS Extension code as general ICMP Extension code.
VQP: Do not print unknown error codes twice.
Juniper: Add some bounds checks.
Juniper: Don't treat known DLT_ types as "Unknown".
lwres: Fix a length check, update a variable type.
EAP: Fix some undefined behaviors at runtime.
Ethernet: Rework the length checks, add a length check.
IPX: Add two length checks.
Zephyr: Avoid printing non-ASCII characters.
VRRP: Print the protocol name before any GET_().
DCCP: Get rid of trailing commas in lists.
Juniper: Report invalid packets as invalid, not truncated.
IPv6: Remove an obsolete code in an always-false #if wrapper.
ISAKMP: Use GET_U_1() to replace a direct dereference.
RADIUS: Use GET_U_1() to replace a direct dereference.
TCP: Fix an invalid check.
RESP: Fix an invalid check.
RESP: Remove an unnecessary test.
Arista: Refine the output format and print HwInfo.
sFlow: add support for IPv6 agent, add a length check.
VRRP: add support for IPv6.
OSPF: Update to match the Router Properties registry.
OSPF: Remove two unnecessary dereferences.
OSPF: Add support bit Nt RFC3101.
OSPFv3: Remove two unnecessary dereferences.
ICMPv6: Fix output for Router Renumbering messages.
ICMPv6: Fix the Node Information flags.
ICMPv6: Remove an unused macro and extra blank lines.
ICMPv6: Add a length check in the rpl_dio_print() function.
ICMPv6: Use GET_IP6ADDR_STRING() in the rpl_dio_print() function.
IPv6: Add some checks for the Hop-by-Hop Options header
IPv6: Add a check for the Jumbo Payload Hop-by-Hop option.
NFS: Fix the format for printing an unsigned int
PTP: fix printing of the correction fields
PTP: Use ND_LCHECK_U for checking invalid length.
WHOIS: Add its own printer source file and printer function
MPTCP: print length before subtype inside MPTCP options
ESP: Add a workaround to a "use-of-uninitialized-value".
PPP: Add tests to avoid incorrectly re-entering ppp_hdlc().
PPP: Don't process further if protocol is unknown (-e option).
PPP: Change the pointer to packet data.
ZEP: Add three length checks.
Add some const qualifiers.
Building and testing:
----------------------
Update config.guess and config.sub.
Use AS_HELP_STRING macro instead of AC_HELP_STRING.
Handle some Autoconf/make errors better.
Fix an error when cross-compiling.
Use "git archive" for the "make releasetar" process.
Remove the release candidate rcX targets.
Mend "make check" on Solaris 9 with Autoconf.
Address assorted compiler warnings.
Fix auto-enabling of Capsicum on FreeBSD with Autoconf.
Treat "msys" as Windows for test exit statuses.
Clean up some help messages in configure.
Use unified diff by default.
Remove awk code from mkdep.
Fix configure test errors with Clang 15
CMake: Prevent stripping of the RPATH on installation.
AppVeyor CI: update Npcap site, update to 1.12 SDK.
Cirrus CI: Use the same configuration as for the main branch.
CI: Add back running tcpdump -J/-L and capture, now with Cirrus VMs.
Remove four test files (They are now in the libpcap tests directory).
On Solaris, for 64-bit builds, use the 64-bit pcap-config.
Tell CMake not to check for a C++ compiler.
CMake: Add a way to request -Werror and equivalents.
configure: Special-case macOS /usr/bin/pcap-config as we do in CMake.
configure: Use pcap-config --static-pcap-only if available.
configure: Use ac_c_werror_flag to force unknown compiler flags to fail.
configure: Use AC_COMPILE_IFELSE() and AC_LANG_SOURCE() for testing flags.
Run the test that fails on OpenBSD only if we're not on OpenBSD.
Source code:
-------------
Fix some snapend-changing routines to protect against pointer underflow.
Use __func__ from C99 in some function calls.
Memory allocator: Update nd_add_alloc_list() to a static function.
addrtoname.c: Fix two invalid tests.
Use more S_SUCCESS and S_ERR_HOST_PROGRAM in main().
Add some comments about "don't use GET_IP6ADDR_STRING()".
Assign ndo->ndo_packetp in pretty_print_packet().
Add ND_LCHECKMSG_U, ND_LCHECK_U, ND_LCHECKMSG_ZU and ND_LCHECK_ZU macros.
Update tok2strbuf() to a static function.
netdissect.h: Keep the link-layer dissectors names sorted.
setsignal(): Set SA_RESTART on non-lethal signals (REQ_INFO, FLUSH_PCAP)
to avoid corrupting binary pcap output.
Use __builtin_unreachable().
Fail if nd_push_buffer() or nd_push_snaplen() fails.
Improve code style and fix many typos.
Documentation:
---------------
Some man page cleanups.
Update the print interface for the packet count to stdout.
Note that we require compilers to support at least some of C99.
Update AIX and Solaris-related specifics.
INSTALL.txt: Add doc/README.*, delete the deleted win32 directory.
Update README.md and README.Win32.md.
Update some comments with new RFC numbers.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The size on glibc depends on time_t size which is 64bit on newer
architectures like rv32 while on musl it is indicated by _FILE_OFFSET_BITS
therefore check for both
Signed-off-by: Khem Raj <raj.khem@gmail.com>
With export PYTHONHASHSEED="1" there will be no need for patching samba and its related libs
So easier maintenance and a cleaner OE
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The current handling of /etc/resolv.conf by NM has some problems.
When networkd is not configuring network, and there's 'ip=dhcp'
in kernel command line, the /run/NetworkManager/resolv.conf file
is not created, resulting in /etc/resolv.conf being a dead symlink.
This is because NM is treating the network interface as externally
configured and will not try to reconfigure it again.
This means if we want NM to work properly with /etc/resolv.conf,
we've got to either ensure there's no 'ip=dhcp' in kernel command
line, or we've got to ensure networkd is configuring network. This
is weird because normally we should not enable two network managers
at the same time. Note that NM syncs part of its codes with networkd,
which is the reason I think it happens to work when these two network
configuration tools are configuring the same interface at the same
time.
In fact, NM now works well with resolved. It sends the DNS info it
gets to resolved unconditionally by default (the behavior could be
disabled in configuration file).
Looking at the original commit that sets up the update-alternatives
mechanism, it says:
"""
This brings the networkmanager in sync with how systemd-resolved and connman
work. Additionally this allows it to function with a read-only rootFS.
"""
I guess the author was using systemd but disabling resolved, and the author
wanted to use read-only rootFS. In order to keep such combination still works,
change to use PACKAGECONFIG to handle things, and when 'man-resolv-conf' is
enabled, the above combination could still work.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
MDNS_VERSIONSTR_NODTS disables __DATE__ and __TIME__ in the version string,
which are fixed anyway for build reproducibility.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
Fix bug in --dynamic-host when an interface has /16 IPv4
address.
Add --fast-dns-retry option.
Add --use-stale-cache option.
Make --hostsdir (but NOT --dhcp-hostsdir and --dhcp-optsdir)
handle removal of whole files or entries within files.
Add --no-round-robin option.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The current location has no effect, because NetworkManager
is not looking for config files there.
In meson.build, we have:
nm_pkglibdir = join_paths(nm_prefix, 'lib', nm_name)
config_extra_h.set_quoted('NMLIBDIR', nm_pkglibdir)
It's clear that the configuration directory should be
nonarch_libdir instead of libdir.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Without this patch, even if dhcpcd is enabled, the NetworkManager
cannot find it. Below are the messages from NetworkMananger:
dhcp: init: DHCP client 'dhcpcd' not available
dhcp: init: Using DHCP client 'internal'
The problem is that dhcpcd needs to be specified as a path, otherwise
NetworkManager tries to find it in /usr/sbin/dhcpcd.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Reinstate and rework patches from @garmin.com dropped in 21afab4609
("mdns: update to version 1096.40.7") as these were the functional
pieces of this series; we should either maintain it as a whole or drop
it in its entirety. With this update and without this series,
steady-state operation is a constant churn of all names being removed
and re-added every few seconds. These were refactored to handle the move
to getifaddrs() from get_ifi_info().
Check and cleanup all the other patches, much of which was redundant.
Move source releases to github which is where the Apple site now
redirects to (though these are still effectively just tarball dumps into
git).
Cleanup the recipe so it doesn't override all the packaging defaults.
Fixup musl installs so they don't fail attempting to patch a
non-existent /etc/nsswitch.conf.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It fails to install postfix and lib32-postfix at same time:
| Error: Transaction test error:
| file /etc/postfix/sample-main.cf conflicts between attempted installs of
lib32-postfix-cfg-3.7.3-r0.i586 and postfix-cfg-3.7.3-r0.core2_64
Rename sample-main.cf with ${MLPREFIX}.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- Add smcroutectl batch support, issue #189. Based on the IPC support added in issue #185
- Fix#178: invalid systemd daemon type Simple/Notify vs simple/notify
- Fix#179: typo in wildcard routes section of README
- Fix#180: minor typo in file and directory names in documentation
- Fix#183: casting in IPC code hides error handling of recv()
- Fix#186: NULL pointer dereference in utimensat() replacement function.
Found accidentally by Alexey Smirnov. Only triggered on systems that don't
have a native utimensat() in their C-library, or if you try to build
SMCRoute without using its own build system ...
- Fix#187: strange behavior joining/leaving the same group
- Fix#192: typo in README
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The checksum was not updated when the recipe version was stepped.
Also simplify the SRC_URI by replacing "${BPN}-${PV}" with "${BP}".
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This reverts commit e154914718.
The change of SRC_URI was probably triggered by the checksum for the
tarball not having been updated when the recipe version was stepped.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This fixes a nasty bug where the shown device list doesnt match the underlying
MAC list, resulting in connecting to a different device than selected.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fix:
--------
Do not use 00:00:00:00:00:00 as chassis ID.
Do not busy loop when an interface with a neighbor disappears.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=========
* IP condfiguration is no longer required in TAP mode.
* Fix initialization of secret flags.
* Add support for DOMAIN-SEARCH option.
* Set data-ciphers option with chosen cipher.
* Update Brazilian Portuguese, Croatian, Danish, Georgian, Polish, Serbian,
Slovenian, Swedish, Turkish and Ukrainian translations.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It fails to start radiusd.service from lib32-freeradius that the
configure directory is /etc/lib32-raddb rather than /etc/raddb. So add
an environment file to export a variable MLPREFIX for the service file
to make it start successfully.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It depends on it, but it was being pulled in via glib-2.0
which now uses libpcre2
Fixes
TOPDIR/build/tmp/work/cortexa15t2hf-neon-yoe-linux-gnueabi/ettercap/0.8.3.1-r0/recipe-sysroot-native/usr/lib/libpcre.so: file not recognized: file format not recognized
Signed-off-by: Khem Raj <raj.khem@gmail.com>
There is no need for these configs on their own and they would only mess
up the sechash and privdrop configs. To actually enable sechash one also
had to enable nss, and to enable privdrop one also had to enable libcap.
This also avoids passing --with-libcap if privdrop is enabled since the
option does not exist.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Support for readline was dropped in Chrony 4.2. However, the
--disable-readline option still remains (it is used to completely ignore
all forms of command line editing, even though the only remaining
variant is editline). So keeping the readline PACKAGECONFIG and making
it pass --disable-readline when it is not enabled disabled support for
editline, and if it was enabled it instead passed --without-editline,
which also disabled support for editline. Thus there was no way to
enable editline support.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
After updating current poky master python3-fcntl is not installed
into my image anymore. Blueman-applet fails to run with
Error: No module named 'fcntl''Module fcntl not found'
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fixes
---------
Fix for possible buffer zeroization overrun introduced at the end of
v5.5.2 release cycle in GitHub pull request 5743 (#5743) and fixed in
pull request 5757 (#5757). In the case where a specific memory allocation
failed or a hardware fault happened there was the potential for an overrun
of 0's when masking the buffer used for (D)TLS 1.2 and lower operations.
(D)TLS 1.3 only and crypto only users are not affected by the issue.
This is not related in any way to recent issues reported in OpenSSL.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
Security bugfixes
-----------------
OpenSSL DLLs updated to version 3.0.7.
New features
------------
Provided a logging callback to custom engines.
Bugfixes
---------
OpenSSL DLLs updated to version 3.0.6.
Fixed "make cert" with OpenSSL older than 3.0.
Fixed the code and the documentation to use concious language for SNI servers (thx to Clemens Lang).
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
tls-crypt-v2: bail out if the client key is too small
Remove useless empty line from CR_RESPONSE message
Allow running a default configuration with TLS libraries without BF-CBC
Change command help to match man page and implementation
Fix OpenVPN querying user/password if auth-token with user expires
t_client: Allow to force FAIL on prerequisite fails
t_client.sh: do not require fping6
Preparing release 2.5.8
msvc: add branch name and commit hash to version output
Update the replay-window backtrack log message
Do not skip ERROR:/SUCCESS: response from management interface
Fix auth-token usage with management-def-auth
Allow a few levels of recursion in virtual_output_callback()
Ensure --auth-nocache is handled during renegotiation
Purge auth-token as well while purging passwords
Do not copy auth_token username to itself
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Make run-ptest use the correct libdir for multilib builds.
Log the ptest output to a date stamped file and append a test summary
to the end of the log.
Munge the log as it is produced to:
- insert the expected automake keywords: PASS and FAIL.
- remove escape sequences used for ANSI colours as well as movement commands
Add additional discrete tool dependencies to the nftables-ptest list since
the test suite does not work with the busybox versions.
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=========
- Call pcap_dump_close() on the output file.
- Implement new flags in ./configure: --enable-instrument-functions,
--without-libnids, --without-libosipparser2 and --without-libooh323c.
- autoconf: Add the option to print functions and files names
- Update config.{guess,sub}, timestamps 2022-01-09,2022-01-03
- configure: use pcap-config --static-pcap-only if available
- Remove awk code from mkdep.
- Refine the man page.
- Refine the documentation files.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add github-releases to make new releases discoverable.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Bugs fixed
==========
Errors when connected to a device with the DisconnectItems plugin enabled
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Switch from using tarball to git because the 2.3.2 tarball lacks the
meson_options.txt file.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
CVE-2022-37032:
An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may
lead to a segmentation fault and denial of service. This occurs in
bgp_capability_msg_parse in bgpd/bgp_packet.c.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-37032
Patch from:
066770ac1c
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Need the targets file to enable the mctpd.service on systemd.
Signed-off-by: Hao Jiang <jianghao@google.com>
Change-Id: I8d48d3767760dc1f34ae7e1266600d350ac93281
Changes since 4.4.3 (Bug Fixes)
Corrected a reference count leak that occurs when the server builds
responses to leasequery packets. Thanks to VictorV of Cyber Kunlun
Lab for reporting the issue.
[Gitlab #253]
CVE: CVE-2022-2928
Corrected a memory leak that occurs when unpacking a packet that has an
FQDN option (81) that contains a label with length greater than 63
bytes.
Thanks to VictorV of Cyber Kunlun Lab for reporting the issue.
[Gitlab #254]
CVE: CVE-2022-2929
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Allow spice to be built on ARM64 as well, so add aarch64
entry to COMPATIBLE_HOST.
Signed-off-by: Fabio Estevam <festevam@denx.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Drop 0001-Make-HgfsConvertFromNtTimeNsec-aware-of-64-bit-time_.patch
and 0013-misc-Do-not-print-NULL-string-into-logs.patch which have been
merged upstream.
* Refresh patches.
* Do not build containerinfo plugin as it requries containerd.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
New features
OpenSSL 3.0 FIPS Provider support for Windows.
Bugfixes
Fixed building on machines without pkg-config.
Added the missing "environ" declaration for BSD-based operating systems.
Fixed the passphrase dialog with OpenSSL 3.0.
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ChangeLog:
https://github.com/strongswan/strongswan/releases/tag/5.9.8
* Drop PACKAGECONFIG[scep] as scepclient has been removed.
* Add plugin-gcm to RDEPENDS as gcm plugin has been added to the default
plugins.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The correct parameter to disable readline usage is --disable-readline
and not --without-readline.
See also chrony source at:
https://github.com/mlichvar/chrony/blob/master/configure#L110
Signed-off-by: Federico Pellegrin <fede@evolware.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The configure script present in chrony will explicitly look for
pkg-config and without the pkgconfig class it will fail:
Checking for pkg-config : No
This then affects the possibility (via image features or bbappend)
to use features based on nettle/gnutls/nss which strictly require
pkgconfig to be present and working.
Signed-off-by: Federico Pellegrin <fede@evolware.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
clang errors out linking lto objects
riscv64-yoe-linux-musl-ld: /tmp/lto-llvm-d497c5.o: can't link soft-float modules with double-float modules
This is something needs to be addressed in clang for riscv
as of now disable lto for rv32/rv64 when using clang
Signed-off-by: Khem Raj <raj.khem@gmail.com>
open62541 (http://open62541.org) is an open source and free implementation
of OPC Unified Architecture according to IEC62541 standard
The patch exclude git-related files from installation directory
Upstream-Status: Accepted
a0328d4cb5
Signed-off-by: Vyacheslav Yurkov <v.yurkov@precitec.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Drop 0001-avoid-naming-local-function-as-one-of-printf-family.patch as
the issue has been fixed upstream.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Backport patches to fix build error with --disable-ospfapi and
CVE-2022-37035.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update : format of License file changed.
CVE-2022-0934.patch
deleted since it's included in 2.87.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This runtime dependency was already added for ntpd but not yet for the
sntp binary. This will result in an error when pthread_exit() is called:
"libgcc_s.so.1 must be installed for pthread_cancel to work"
Signed-off-by: Frank de Brabander <debrabander@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
brings in
Added
mdio: A new addressing mode "mmd-c22": Used to access MMDs attached
to MDIO controllers without Clause 45 support by using registers 13
and 14 in the device's Clause 22 register space
mdio: Pretty print gigabit link capability information from a PHY's
extended status register
mdio: Pretty print lots of status information from MMDs (C45 PHYs)
mvls: Decode priority override information of ATU entries
Changed
mvls: Table listings now always prints out the device information,
even on single chip systems.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Drop merged backport of 7e20aa9ef172 ("coap_session.c: Balance
SESSIONS_ADD and SESSIONS_DELETE usage").
c694baead2f9 Update version to release 4.3.1
ab9488559f5e Doxygen: Fix missing links for later versions of asciidoc
144f9c4381c1 Manual pages: Update NAME section to contain all of the alternative names
707aed35d39b Doxygen: Hyperlink man page functions
46feac2455ab Misc: Tidy up documentation and space usage
d09204e24aba Doxygen: Add in individual man pages for the ease of finding the functions
09aab40d14f9 Tag release candidate 2 for version 4.3.1
2755af4d1a16 block.c: Clarify ignored result from coap_get_data()
5f0eea8dbbc4 coap_session.c: Fix adding NULL pointer on error in coap_new_server_session()
ea89cb842cf6 coap_cache.txt.in: Fix typo in function name
922e81a0d21f Doc: Include statement about upgrading to 4.3.1
5c498249e7e7 ChangeLog: Add summary for version update to 4.3.1
4f12b9be1b7b coap_event.h: Clean up Doxygen documentation for coap_event_t
43bfbea924e0 Copyright: Update dates to 2022 where appropriate
37731524a0ad RFC8516: Document support
a7b2f2b4901b block.c: Timeout coap_lg_crcv_t structures correctly
f4507e6e9adb Block: Report event on large xmit failures
3d387a5be485 block.c: Correct size of allocated PDU buffer
6a9a787503ec Observe: Clean up server timing out after observe failures
725e464421e0 mcast: Tidy up logging
381ff3d94da2 PDU Data: Clean up internal usage of PDU data
0f0cac71f5e5 Observe: Support disabling observe cancellation on session close
bc4c75060b86 coap_mbedtls.c: Fix output type of a log message
b8f01cef06f0 net.c: Move variable into correct block
58a8b338045b net.c: Send appropriate delayqueue entries in coap_cancel_all_messages()
b4306bb79162 observe: Make sure the correct token in used for cancellation
c68d1e9fe785 mutex: Do not output mutex warnings for LwIP and Contiki
7f551fcea56b coap_mbedtls.c: Upgrade to mbedTLS v3.2.1 - Updated the deprecated APIs with the respective alternatives - `mbedtls_ssl_conf_min_version` => `mbedtls_ssl_conf_min_tls_version` - Updated fields for `mbedtls_ssl_ciphersuite_t` - `max_major_version`/`max_minor_version` => `max_tls_version` - Added macros for backward compatibility
8c15b896ef30 esp-idf: Stop -Wformat errors for uint32_t variables
0ca2fd4a90b5 Tag release candidate 1 for version 4.3.1
9962bab56f6b Updated tinydtls to current develop HEAD
8fbe440f8aaa coap_io.c: Updates for esp-idf port
d2306569d16a proxy: Make proxy requests separate responses
98ecf5a2a166 tinydtls: Update submodule to latest version
8c973a454e73 mid_duplicates: Drop general responses duplicates
dc92fe5e1ea6 coap.h.windows.in: Fix missing file renames
347270b9abc4 file naming: Rename files to have coap_ prefix
8b9377ef2ad4 coap_mbedtls.c: Fix memory leak
e8052b3988ec resource.c: Further fix making subscribers iteration safe
f93b9a3e37cf coap_mbedtls.c: Catch connection reset in coap_tls_write
d5bcb8159b73 resource.c: Make subscribers iteration safe in coap_notify_observers
0d9f2531e5dd coap_session.c: Free off session's last_token on session deletion
415fbdb7cddf RFC9175: Add in support for the Echo and Request-Tag options
88ae9563e665 mcast support: Support multicast granular to the resource level
73565196a8f3 block.c: Fix error handling with Block transfers
132c72619032 net.c: Handle multiple same token request/responses
d68f5d6f5713 net.c: Handle well_known requests when there is no libcoap block support
fe51d3335e81 lwip: Fix minor issues
6046dcbd5589 net.c: Fix broken client only build
20f15a17d698 Large Observes: Prevent server sending new response if active response
5a10ce4890ff Congestion Control: add in RFC7252 configuration flexibility
41afb92141c5 net.c: Update .well-known/core handling to use common logic
6b32ed3de2fb coap_io.c: Track ICMP Host Administravely Prohibited error
279755b1df9e coap_send: Make error checks for coap_send() more rigorous
925d39fd8cfb coap-server.c: Cleanup misplaced comment
c77176714770 coap_gnutls.c: Handle another error in do_gnutls_handshake()
801e5492f2e6 CSM: Move coap_client_delay_first() to later in code processing
346a831cd604 block.c: Correctly preset updated_block variable
56db248daba6 async.c: Remove white space
256a758e0273 TLS SIGPIPE: Stop programs exiting with code 141 (128 + 13:SIGPIPE)
6649bdef39db net.c: fix null pointer exception
03a9059439d0 BERT: Support block BERT szx of 7 for reliable protocols
445a9481deca RFC7390: Update support for RFC7390
428f759659a4 coap_mbedtls.c: Fix coap_rng() return for 3.x code
1b2668f562e9 CMakeLists.txt: Correctly determine cmsghdr support for determining addresses
21fd838dc781 coap_io_prepare_io: Re-order function code for correctly updating sockets[]
cfbf3ab617f8 doc/main.md: Update copyright year
f28044303abe net.c: Make sure separate response is CON for CON requests
069a0786ce85 CSM: Support different XMT and RCV Max-Message-Size
9cbe5757cb69 recursive mutex: Stop recursive Mutex when doing handler callbacks
d9c19c378f3f event.h: Add events for server session state management
7e20aa9ef172 coap_session.c: Balance SESSIONS_ADD and SESSIONS_DELETE usage
806861359b81 configure.ac: Allow using non-vendored TinyDTLS with autotools build
6c8b76d534a0 tinydtls: Update to latest version
aa391b5b7601 async: Handle changes to delay when using epoll
65cba25cc7e5 coap-client.c: Delay sending each request using -G by 1 second
d57d44aa142a block.c: Fix data leak in coap_add_data_large_internal
eb7656850f1c pdu.h: Add Content-Format for application/ace+cbor
c8458f262ab8 coap_mbedtls.c: Fix return brace location
583c29fd47d9 coap_mbedtls.c: Make TLS error recovery more rigorous
02deef8da6ac coap_prng.c: Added alternate RNG implementation - For targets having their own hardware entropy/RNG implementation using mbedtls_hardware_poll() - This change was made as since mbedtls-3.x, passing a RNG function to all functions that accept a f_rng parameter is mandatory
916a534e170b coap_mbedtls.c: Upgrade to mbedTLS v3.x - Added MBEDTLS_ALLOW_PRIVATE_ACCESS to access private struct members wherever required - Updated deprecated functions from hashing module (E.g. mbedtls_sha256_starts_ret() -> mbedtls_sha256_starts()) - Added mandatory RNG parameter for some functions (mbedtls_pk_parse_keyfile(), mbedtls_pk_parse_key()) - Remove support for parsing SSLv2 ClientHello
b42c184f74a6 block.c: Fix possible null-pointer dereference
df72a53f2d66 coap_openssl.c: Support Microsoft VS builds
0f76881802af autogen.sh: Fix missing file ar-lib
19928e81bd42 builds: Set CFLAGS += -Werror in all linux subdirectory compilations
b2ad43319a0f doc/Makefile.am: Include module_api_wrap.h in a distribution
dfc678c33bd1 Proxy: Support unknown Critical but Safe-To-Forward options
93f2738c451d coap_pdu_setup.txt.in: Clarify / more make readable the pdu setup information
5b32d716fa03 github workflow: Support windows-2022
bd9ced550e07 pdu.c: Fix coap_insert_option with delta = 269
ba585f848ff5 [OSS-Fuzz] pdu_parse_target.c: Check result of coap_pdu_parse()
a2e0046c802f [OSS-Fuzz] pdu_parse_target.c: Fix compiler warning
b3d503cbff07 sessions: Prevent multiple client session confusion
726b9630e51f coap_block.txt.in: Clarify / more make readable the block handling information
756bb042395d pdu building: Enforce the application order of building a PDU
c02ca5f097d6 coap_pdu_access.txt.in: Add in documentation for coap_get_uri_path()
aaf611559482 proxy_uri: Fix handling the resource for uri path in Proxy-Uri
a8c00f2af9c6 coap_pdu_setup.txt.in: Better document coap_encode_var_safe8()
64e56410177b versioning: Make current git describe available
0a16d790ce53 cmake_coap_config.h.in: Fix definitions for when building with tinydtls
17aaa81b5ad3 Caching: Highlight requirements ignoring certain CoAP Options
74582eddde28 resource.c: Support deleting resources that have not yet been added
32d2d0e1c62b request_handler: Report only when app's request handler is actually called
5dc2dfca86ec block.c: Do not match large response if no Block2 option in request
18888cd0dde3 cmake: Install example programs if examples enabled
c0e032ffad0b block: Check block size space correctly
693a4e231386 net.c: correct return value in coap_send_internal()
38bffb7f99d9 configure.ac: Fix have mbedtls lib, but no mbedtls-dev issue
694a205f28dc coap-server.c: Fix proxy response type and code
e8e33f0424ad coap-server: Add in POST support for unknown request handler
3f5ec5467a1d coap_cache.c: Correctly build cache key
e43cf9369ac5 RFC7959: Handle both client and server initiating requests
bdf7686613ec coap_write_session: Account correctly for partial TCP writes
76194be8cd3f coap-client.c: Allow time for all server responses to mcast
d395df1a812f coap_session.c: Do not check for duplicate mids if reliable protocol
73389b8192e8 handlers: Clarify which handlers are client only, server only or both
df9071c93eff coap_session.[hc]: Added function to retrieve PSK identity from session
7791897e8f4c api-version-bump.sh: Added missing changes for win32
4834b86067ae pkg-config: Don't use hard coded binary
d139beab67ff pkg-config: Don't use hard coded binary
166ef51ed155 Windows: Update libcoap-2 objects to libcoap-3
31722c208ac9 PSK: Make PSK hint / key / identity retrieval simpler
d746fc24e5a7 coap_pdu_parse: Add to public API
0aeb0d624797 doxygen: Tidy up Modules and Files tab information
f026f5701ece client+server: Reduce code size by building libcoap for client or server only
a7f53b4d6b0a coap_debug.h: Allow <syslog.h> to be included before and after <coap3/coap.h>
77f8cf59702e DTLS/TLS: Support TLS when DTLS is not enabled
587de900c2cc coap_mbedtls.c: Add in TLS support
94b297aae7a5 coap_mbedtls.c: Fix build fail for client only mbedtls
cc2648aef685 net.c: Protect against session release in coap_io_do_io()
ca44071b8afe net.h: do not include sys/select.h in Windows builds
e984f38b8fd6 [DTLS] make buffer sizes for psk and psk_identity configurable
54dbc3eeb815 [RIOT] coap_time.h: fix COAP_TICKS_PER_SECOND for undefined XTIMER_HZ
05e7f12d7ca8 net.h: Include sys/select.h for fd_set
25a59905792f doxygen: Fix summary output for manual pages
a5c0d12354ed doc: Document the coap_can_exit() function
a1d78d505d98 tiny.c: Fix message id generation
67f189f134a2 CMakeLists.txt: Fix macOS builds by checking for if_nametoindex support
8ce139d349bc coap_event.h: Make coap_event_t an enum
b0ca3ae643d1 resource.c: Delete previous subscription correctly
98b9179d5666 async: Correct MID usage in response
c61748f4dd33 RFC7959: session->lg_xmit not being released for a server
482be755fe29 gnutls: GNUTLS_CRT_RAW not defined
e0d6477b5ec9 man: Update man page documentation
d52986f00459 coap_resource_init: Leading '/' is not required for uri_path
60c69557f3d5 pdu.h: Remove unassigned response code COAP_RESPONSE_CODE_OK
87fab6d573cf coap_mbedtls.c: Allow ESP-IDF systems to be compiled without PSK support
77d1aae06b17 Fix condition for MBEDTLS_INCLUDE_DIRS
4bbf25ba338a coap-client: Add in support for generating multiple requests
50530704df9a tinydtls: update to latest version
License-Update: Update year
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- drop included patches
- refresh remaining patches
- update to new ptest
Licence change: update year
Signed-off-by: Andrej Kozemcak <andrej.kozemcak@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Switch from using DISTUTILS_*_ARGS to SETUPTOOLS_*_ARGS to correspond
with the earlier change to use setuptools3_legacy instead of distutils3.
Without this change, you will get the following error if your build host
does not have iptables installed:
Fixes:
ERROR: ufw-0.36.1-r0 do_compile: 'python3 setup.py build ' execution failed.
Log data follows:
| DEBUG: Executing shell function do_compile
| ERROR: could not find required binary 'iptables'
| ERROR: 'python3 setup.py build ' execution failed.
| WARNING: exit code 1 from a shell command.
ERROR: Task ([snip]/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb:do_compile) failed with exit code '1'
Also, although the build will not fail on a host that has iptables, it
could cause a problem if it is installed at a different path than where
OpenEmbedded's iptables will be installed on the target.
Fixes: 3e2ed1dcc0 ("ufw: port to setuptools, use setuptools_legacy")
Signed-off-by: Howard Cochran <howard_cochran@jabil.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=========
Enable meson for building open-isns, deprecating autoconf/make (though the current build system still works)
Add a package config file for libisns, so other software can find it
Fix some compiler warnings and spelling errors
Make IPv6 default socket type
Fix isnsadm parsing of some arguments
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=============
* Add support for "allow-compression" parameter.
* Fix a regression in preserving the "tls-auth" settings.
* Add support for "tls-min" and "tls-cipher" parameters.
* Include the new gnome-control-center name in the AppData file.
* Drop libnm-glib support, nobody is likely using it anymore.
* Fix importing profiles with a PKCS#12 CA.
* Make sure the plugin object links with glib.
* Dropped dependency on intltool.
* Updated Basque, Brazilian Portuguese, Chinese (China), Croatian, Czech,
Danish, Dutch, Georgian, Indonesian, Polish, Serbian, Spanish, Swedish,
Turkish and Ukrainian translations.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
libatm uses res_search which is provided by libc now a days in both
glibc and musl, we dont need to error out if libresolv is not found
Signed-off-by: Khem Raj <raj.khem@gmail.com>
These were missing a comma so were being added as RRECOMMENDS.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
POSIX_SHELL is specified a host tool path as it searches path on build
host using `which` when configure. Set it to a fixed path '/bin/sh'.
Fixes:
QA Issue: File /usr/bin/tcpbridge in package tcpreplay contains reference to TMPDIR
File /usr/bin/tcpliveplay in package tcpreplay contains reference to TMPDIR
File /usr/bin/tcprewrite in package tcpreplay contains reference to TMPDIR
File /usr/bin/tcpcapinfo in package tcpreplay contains reference to TMPDIR
File /usr/bin/tcpreplay in package tcpreplay contains reference to TMPDIR
File /usr/bin/tcpprep in package tcpreplay contains reference to TMPDIR
File /usr/bin/tcpreplay-edit in package tcpreplay contains reference to TMPDIR [buildpaths]
QA Issue: File /usr/src/debug/tcpreplay/4.4.2-r0/src/defines.h in package tcpreplay-src contains reference to TMPDIR [buildpaths]
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This ensures that it can use the sed provided by build environment, as
we poison host sysroots, we wont be able to get it from /usr/bin anyway
Signed-off-by: Khem Raj <raj.khem@gmail.com>
