Tailscale is a mesh VPN built on the WireGuard protocol.
On the client side, it includes a node agent (tailscaled)
and a client application for configuration (tailscale).
These components can be bundled into a single binary for
a more smaller total size, which is done in this recipe.
Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com>
Signed-off-by: Mark Bath <mark@baggywrinkle.co.uk>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-pki-Fix-signature-of-help-to-match-that-of-a-callbac.patch
0002-callback-job-Replace-return_false-in-constructors-wi.patch
0003-Cast-uses-of-return_-nop-and-enumerator_create_empty.patch
removed since they're included in 6.0.2
Changelog:
=============
- Support for per-CPU SAs (RFC 9611) has been added (Linux 6.13+).
- Basic support for AGGFRAG mode (RFC 9347) has been added (Linux 6.14+).
- POSIX regular expressions can be used to match remote identities.
- Switching configs based on EAP-Identities is supported. Setting
'remote.eap_id' now always initiates an EAP-Identity exchange.
- On Linux, sequence numbers from acquires are used when installing SAs. This
allows handling narrowing properly.
- During rekeying, the narrowed traffic selectors are now proposed instead of
the configured ones.
- The default AH/ESP proposals contain all supported key exchange methods plus
'none' to make PFS optional and accept proposals of older peers.
- GRO for ESP in enabled for NAT-T UDP sockets, which can improve performance
if the esp4|6_offload modules are loaded.
- charon-nm sets the VPN connection as persistent, preventing NetworkManager
from tearing down the connection if the network connectivity changes.
- ML-KEM is supported via OpenSSL 3.5+.
- The wolfssl plugin is now compatible to wolfSSL's FIPS module.
- The libsoup plugin has been migrated to libsoup 3, libsoup 2 is not supported
anymore.
- The long defunct uci plugin has been removed.
- Log messages by watcher_t are now logged in a separate log group ('wch').
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Bump minimum cmake dialect to be 3.5+, this is an openwrt
component, which does not get many updates these days. Ideally
the cmake files for the project should be fixed.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to mosquitto 2.0.21. Update the patch status for issue 2895 and create a
new patch for an issue introduced in 2.0.19 which causes connections to get down
when the clock is changed.
Signed-off-by: Louis Rannou <louis.rannou@non.se.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Appends -Wno-error=vla-cxx-extension to CXXFLAGS as a temporary workaround for the following Clang error:
sctpthread.cpp:95:18: error: variable length arrays in C++ are a Clang extension [-Werror,-Wvla-cxx-extension]
95 | uint8_t buffer[m_linkMtuSize];
| ^~~~~~~~~~~~~
An upstream fix has been proposed: https://github.com/mguentner/cannelloni/pull/82
Please remove this workaround once the upstream patch is merged or fixed in some other way. Make sure it is fixed in the new version.
- Drop 0001-include-bits-stdc-.h-only-when-using-libstdc.patch because already fixed in newer version.
Changelog:
https://github.com/mguentner/cannelloni/compare/v1.1.0...v2.0.0
Fix:
| CMake Error at CMakeLists.txt:1 (cmake_minimum_required):
| Compatibility with CMake < 3.5 has been removed from CMake.
|
| Update the VERSION argument <min> value. Or, use the <min>...<max> syntax
| to tell CMake that the project requires at least <min> but has been updated
| to work with policies introduced by <max> or earlier.
|
| Or, add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to try configuring anyway.
|
|
| -- Configuring incomplete, errors occurred!
Signed-off-by: Alper Ak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fix:
| CMake Error at CMakeLists.txt:1 (cmake_minimum_required):
| Compatibility with CMake < 3.5 has been removed from CMake.
|
| Update the VERSION argument <min> value. Or, use the <min>...<max> syntax
| to tell CMake that the project requires at least <min> but has been updated
| to work with policies introduced by <max> or earlier.
|
| Or, add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to try configuring anyway.
|
|
| -- Configuring incomplete, errors occurred!
Signed-off-by: Alper Ak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fix:
| CMake Error at CMakeLists.txt:27 (cmake_minimum_required):
| Compatibility with CMake < 3.5 has been removed from CMake.
|
| Update the VERSION argument <min> value. Or, use the <min>...<max> syntax
| to tell CMake that the project requires at least <min> but has been updated
| to work with policies introduced by <max> or earlier.
|
| Or, add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to try configuring anyway.
|
|
| -- Configuring incomplete, errors occurred!
Signed-off-by: Alper Ak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Drop 0001-Fix-build-with-gcc-15.patch because fixed in the newer version.
Changelog:
https://github.com/snort3/snort3/blob/3.9.1.0/ChangeLog.md
Fix:
| CMake Error at CMakeLists.txt:1 (cmake_minimum_required):
| Compatibility with CMake < 3.5 has been removed from CMake.
|
| Update the VERSION argument <min> value. Or, use the <min>...<max> syntax
| to tell CMake that the project requires at least <min> but has been updated
| to work with policies introduced by <max> or earlier.
|
| Or, add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to try configuring anyway.
|
|
| -- Configuring incomplete, errors occurred!
Signed-off-by: Alper Ak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fix:
| CMake Error at CMakeLists.txt:24 (CMAKE_MINIMUM_REQUIRED):
| Compatibility with CMake < 3.5 has been removed from CMake.
|
| Update the VERSION argument <min> value. Or, use the <min>...<max> syntax
| to tell CMake that the project requires at least <min> but has been updated
| to work with policies introduced by <max> or earlier.
|
| Or, add -DCMAKE_POLICY_VERSION_MINIMUM=3.5 to try configuring anyway.
|
|
| -- Configuring incomplete, errors occurred!
Signed-off-by: Alper Ak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=============
- decode: add check for ipv4 fragmentation for decode_ip
- example: added IP configs for other systems
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- Make connection notifications transient
- StatusNotifierItem: announce children-display
- Manager: Hide bt status switch when PowerManager is not available
- Handling for new StatusNotifierWatcher
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Rootfs file differs with the same project configure, add preliminary
setting to avoid this.
Signed-off-by: Jinfeng Wang <jinfeng.wang.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===============
- Updated supported versions for 1.11.0
- Add FreeBSD package/port mention into README
- Fixed grammatical issues and corrected spelling errors in README.md
- Refactored timeout.h: added template ctr and removed redundant ctrs
- fix no-revoke.
- Resolve CURLOPT_SSL_OPTIONS issues
- fix: remove duplicate call in Session::prepareCommonDownload()
- Update To The Latest Clang-Tidy Version
- Enhance: Use unordered_map for CURL error mapping
- Public cpr::Session::GetSharedPtrFromThis
- Replace ubuntu:22.04 and ubuntu:23.04 with ubuntu:latest
- [BUG] Fix cpr::ssl:KeyBlob: Copy blob to curl
- Added handling no_proxy override through Proxies
- fix: let bad-host-tests pass when there is DNS error redirection
- Removed 1.9.x from the supported versions
- Replaced the secureStringClear mechanism with a SecureString class
- Clang-Tidy And cppcheck Fixes
- Getter function for Session::header_ to enable the user to read back all headers set and delete select ones
- Status code int32_t -> long
- Fix windows static library build parameter in CMakeLists.txt
- Fix Seg-fault when setting proxy username + password
- Add Session::RemoveContent()
- Cookie expires date is now only 100 days in the future
- add curl's ANY and ANSAFE authorization options
- Fixed memory leak in threadpool
- Add enforced HTTP/3
- Update README.md to add Bazel extension instructions
- feat: Use CMAKE_MSVC_RUNTIME_LIBRARY for runtime selection in MSVC
- Update CMakeLists.txt project version for 1.11.2 release
- Add std::to_string functionality for ErrorCode to ease human meaningful logging
- Make cpr::async and HTTP (Get, Post, Put, etc.) callbacks cancelable
- Refactor AsyncWrapper to make it safer
- Do Not Check For Sanitizers If They Are Not Enabled
- Fix usage for TLS v1.3 cipher
- Changed LowSpeed to use std::chrono
- Better OpenSSL headers include based on headers version.
- Ensure cpr::LowSpeed properties are cased to long for curl
- Implemented cpr::BodyView.
- Add primary_ip primary_port to Response
- Bump stefanzweifel/git-auto-commit-action from 5 to 6
- Load all certs in a CaBuffer
- WIP CURL 8.13 Support
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Issue was related to latest UNPACKDIR changes -> https://git.openembedded.org/openembedded-core/commit/?id=46480a5e66747a673041fe4452a0ab14a1736d5e
ERROR: autossh-1.4g-r0 do_compile: Execution of '/srv/pokybuild/yocto-worker/meta-oe/build/build/tmp/work/core2-64-poky-linux/autossh/1.4g/temp/run.do_compile.2252' failed with exit code 1
Signed-off-by: Alper Ak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Issue was related to latest UNPACKDIR changes -> https://git.openembedded.org/openembedded-core/commit/?id=46480a5e66747a673041fe4452a0ab14a1736d5e
WARNING: mdio-netlink-1.3.1-r0 do_populate_lic: Could not copy license file - [Errno 2] No such file or directory: '/srv/pokybuild/yocto-worker/meta-oe/build/build/tmp/work/qemux86_64-poky-linux/mdio-netlink/1.3.1/git/COPYING'
ERROR: mdio-netlink-1.3.1-r0 do_populate_lic: QA Issue: mdio-netlink: LIC_FILES_CHKSUM points to an invalid file: /srv/pokybuild/yocto-worker/meta-oe/build/build/tmp/work/qemux86_64-poky-linux/mdio-netlink/1.3.1/git/COPYING [license-checksum]
WARNING: mdio-tools-1.3.1-r0 do_populate_lic: Could not copy license file - [Errno 2] No such file or directory: '/srv/pokybuild/yocto-worker/meta-oe/build/build/tmp/work/core2-64-poky-linux/mdio-tools/1.3.1/git/COPYING'
ERROR: mdio-tools-1.3.1-r0 do_populate_lic: QA Issue: mdio-tools: LIC_FILES_CHKSUM points to an invalid file: /srv/pokybuild/yocto-worker/meta-oe/build/build/tmp/work/core2-64-poky-linux/mdio-tools/1.3.1/git/COPYING [license-checksum]
Signed-off-by: Alper Ak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Please see
https://git.yoctoproject.org/poky/commit/?id=4dd321f8b83afecd962393101b2a6861275b5265
for what changes are needed, and sed commands that can be used to make them en masse.
I've verified that bitbake -c patch world works with these, but did not run a world
build; the majority of recipes shouldn't need further fixups, but if there are
some that still fall out, they can be fixed in followups.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
samba-common installs a volatiles configuration file but had not been
calling populate-volatile.sh to apply the configuration. This causes
samba installation to fail on a running target due to missing
directories.
Call "populate-volatile.sh update" in samba-common's postinst which
creates the required directories and enables samba to work.
Signed-off-by: Chaitanya Vadrevu <chaitanya.vadrevu@emerson.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The current include file that stores the known non-reproducible packages
is layer dependent and that forces the user of the layers to maintain
the list of the files (for example, see AB config[0]).
By moving the exclude list to each layer.conf and extending the common
OEQA_REPRODUCIBLE_EXCLUDED_PACKAGES variable, the known non-reproducible
packages will be automatically excluded for each layer used in the
reproducibility test without any special knowledge in the test
environment.
NB: the empty list for meta-initramfs was just removed not moved.
[0]: https://git.yoctoproject.org/yocto-autobuilder-helper/tree/config.json?id=7d8933e75bdf7fb821a25617cb2dcabf1f3f8700#n322
Suggested-by: Quentin Schulz <quentin.schulz@cherry.de>
Co-Developed-by: Guillaume Swaenepoel <guillaume.swaenepoel@smile.fr>
Signed-off-by: Guillaume Swaenepoel <guillaume.swaenepoel@smile.fr>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Drop backport of CVE-2024-0962.
Change summary for version 4.3.5:
* Support for wolfSSL TLS library.
* Support for DTLS1.3 (using wolfSSL).
* Support for Mbed TLS 3.6.0.
* Support for EC-JPAKE (Mbed TLS)
* TinyDTLS version update.
* Support for RIOT using SOCK i/f.
* Support for LwIP 2.2.0.
* Support for LwIP using NO_SYS set to 0.
* Support for (Posix based) Zephyr.
* Support for QNX builds.
* Support for ESP32 xtensa builds.
* Updated Contiki-NG support.
* Support for multi-thread safe libcoap usage.
* Support for defining binary PSK for coap-client and coap-server.
* Support for Connection-ID (CID) (Mbed TLS, wolfSSL and TinyDTLS).
* Added new define types for defining PKI parameters.
* Support for user definable ENGINE for OpenSSL.
* Support for using noTLS and TinyDTLS with WebSockets.
* Support for providing list of compilation #defines.
* Support for proxy code running within lbcoap.
* Cleaned up support for building .h files.
* Additional scan-build and pre-commit checks in build tests.
* Updated CI build tests to use latest action versions.
* Fixes CVE-2023-35862.
* Reported bugs fixed.
* Documentation added and updated (Doxygen and man).
License-Update: Updated years
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This dependency was removed in bridge-utils 1.2 back in 2006[1].
[1] bridge-utils 29cd6d997cacb9191d1f869ec83fc86045885527.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update: Copyright year updated to 2025
fix-openssl-no-des.patch
refreshed for 5.75
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This reverts commit a8995fc3f3.
The patches for oe-core were re-worked. But I forgot to recall
this patch.
In fact, inheriting qemu is needed because it sets a clear barriar
for people to use qemu user mode. And the QEMU_OPTIONS settings
are also in qemu.bbclass.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Using a string search for Fail is not going to work always e.g.
when all tests are passing it still prints a summary string with string
"Fail" in it which points to 0, however the logic here catches that and
counts it as 1 failure and marks the return value as 1 and ptest runner
interprets that as failure
Pass the return value from unit.test which should be 0 on all passes
or non zero otherwise.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- there is no tarball hosted at gnome anymore -> switch from
gnomebase class to meson + git
- add missing dependencies for uuid and nvme, add pkgconfig class
- dhcpcanon option was removed upstream
- gtkdoc is broken. Disable to unbreak builds if api-documentation
is enabled
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Drop redundant limit declaration patch. Swap issetugid()/getenv() call for
secure_getenv() on Linux.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Drop fixes which are upstream (fixed differently):
* 0001-Fix-SIGSEGV-during-DumpStateLog.patch
* 0004-Add-definition-for-MAX.patch
Upstream has significantly reworked the netlink handling, this breaks the
existing patches which:
* Rework the interface handling from a bitbmap into a list
* Include checks for significant changes to interfaces before discarding the
entire set and restarting
* A fix for deleting interfaces
The upstream code appears to handle the latter two cases, the former was
noted as a problem on Android in 2017.
Drop all these changes and hope that they are indeed resolved; the upstream
changes appear to be based on code from the matter-openwrt tree (authored by
Apple):
https://github.com/project-chip/matter-openwrt/tree/main/third_party/mdnsresponder/patches
Refresh all other patches.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Move enabling of openssl 3.0 API from EXTRA_OECMAKE to
PACKAGECONFIG[ssl] so that this package can still be configured
successfully without ssl in PACKAGECONFIG.
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Drop a denied patch and use the suggestion to ignore the warning.
Compile with C++20 std, because gcc-15 has started to warn about
recipe-sysroot/usr/include/c++/15.1.0/ciso646:46:4: error: #warning "<ciso646> is deprecated in C++17, use <version> to detect implementation-specific macros" [-Werror=cpp]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ${P} doesn't work e.g. with multilib
* fixes:
git -c gc.autoDetach=false -c core.pager=cat -c safe.bareRepository=all -c clone.defaultRemoteName=origin rev-list -n 1 lib32-libnftnl-1.2.9 failed with exit code 128, output:
fatal: ambiguous argument \'lib32-libnftnl-1.2.9\': unknown revision or path not in the working tree.
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
dbus dir was changed from sysconfdir to datadir
drop unused configure code
License-Update: copyright years refreshed
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
github-releases is needed that it work at all:
ERROR: Automatic discovery of latest version/revision failed - you must provide a version using the --version/-V option, or for recipes that fetch from an SCM such as git, the --srcrev/-S option.
UPSTREAM_CHECK_GITTAGREGEX is needed to get correct version, otherwise:
$ devtool latest-version corosync
...
INFO: Current version: 3.1.6
INFO: Latest version: 414.336.75.75.75
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* like e.g. gentoo does:
https://bugs.gentoo.org/940128
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* taken from:
1d1c3f884d/patches/901-linux-atm-dont-use-bool-keyword.patch
* fixes:
http://errors.yoctoproject.org/Errors/Details/852979/
In file included from load_lex.l:11:
../../../linux-atm-2.5.2/src/lane/load_lex.h:27:10: error: two or more data types in declaration specifiers
27 | Bool_t bool;
| ^~~~
../../../linux-atm-2.5.2/src/lane/load_lex.h:27:14: warning: declaration does not declare anything
27 | Bool_t bool;
| ^
In file included from ../../../linux-atm-2.5.2/src/lane/load.c:29:
../../../linux-atm-2.5.2/src/lane/load_lex.h:27:10: error: two or more data types in declaration specifiers
27 | Bool_t bool;
| ^~~~
../../../linux-atm-2.5.2/src/lane/load_lex.h:27:14: warning: declaration does not declare anything
27 | Bool_t bool;
| ^
load_lex.l: In function 'yylex':
load_lex.l:47:11: error: expected identifier before 'bool'
load_lex.l:51:11: error: expected identifier before 'bool'
../../../linux-atm-2.5.2/src/lane/load.c: In function 'load_vars':
../../../linux-atm-2.5.2/src/lane/load.c:501:29: error: expected identifier before 'bool'
501 | g_return.bool==BL_TRUE?"True":"False");
| ^~~~
../../../linux-atm-2.5.2/src/lane/load.c:502:51: error: expected identifier before 'bool'
502 | set_var_bool(curr_unit, varname, g_return.bool);
| ^~~~
make[3]: *** [Makefile:513: load.o] Error 1
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* fixes:
http://errors.yoctoproject.org/Errors/Details/852983/
../../../../../snort-2.9.20/src/preprocessors/HttpInspect/files/file_decomp_PDF.c:1062:13: error: conflicting types for 'File_Decomp_PDF'; have 'fd_status_t(struct fd_session_s *)' {aka 'enum fd_status(struct fd_session_s *)'}
1062 | fd_status_t File_Decomp_PDF( fd_session_p_t SessionPtr )
| ^~~~~~~~~~~~~~~
In file included from ../../../../../snort-2.9.20/src/preprocessors/HttpInspect/include/file_decomp.h:59,
from ../../../../../snort-2.9.20/src/preprocessors/HttpInspect/files/file_decomp_PDF.c:31:
../../../../../snort-2.9.20/src/preprocessors/HttpInspect/include/file_decomp_PDF.h:83:13: note: previous declaration of 'File_Decomp_PDF' with type 'fd_status_t(void)' {aka 'enum fd_status(void)'}
83 | fd_status_t File_Decomp_PDF();
| ^~~~~~~~~~~~~~~
make[5]: *** [Makefile:374: file_decomp_PDF.o] Error 1
make[5]: *** Waiting for unfinished jobs....
../../../../../snort-2.9.20/src/preprocessors/HttpInspect/files/file_decomp.c: In function 'Process_Decompression':
../../../../../snort-2.9.20/src/preprocessors/HttpInspect/files/file_decomp.c:245:24: error: too many arguments to function 'File_Decomp_PDF'; expected 0, have 1
245 | Ret_Code = File_Decomp_PDF( SessionPtr );
| ^~~~~~~~~~~~~~~ ~~~~~~~~~~
In file included from ../../../../../snort-2.9.20/src/preprocessors/HttpInspect/include/file_decomp.h:59,
from ../../../../../snort-2.9.20/src/preprocessors/HttpInspect/files/file_decomp.c:34:
../../../../../snort-2.9.20/src/preprocessors/HttpInspect/include/file_decomp_PDF.h:83:13: note: declared here
83 | fd_status_t File_Decomp_PDF();
| ^~~~~~~~~~~~~~~
http://errors.yoctoproject.org/Errors/Details/852992/
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c: In function 'DCE2_InitGlobal':
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c:348:25: error: too many arguments to function 'DCE2_GetReloadSafeMemcap'; expected 0, have 1
348 | size_t memcap = DCE2_GetReloadSafeMemcap(dce2_config);
| ^~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c:163:17: note: declared here
163 | static uint32_t DCE2_GetReloadSafeMemcap();
| ^~~~~~~~~~~~~~~~~~~~~~~~
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c: In function 'DCE2_ReloadGlobal':
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c:1291:25: error: too many arguments to function 'DCE2_GetReloadSafeMemcap'; expected 0, have 1
1291 | size_t memcap = DCE2_GetReloadSafeMemcap(dce2_swap_config);
| ^~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c:163:17: note: declared here
163 | static uint32_t DCE2_GetReloadSafeMemcap();
| ^~~~~~~~~~~~~~~~~~~~~~~~
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c: In function 'DCE2_ReloadVerify':
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c:1436:35: error: too many arguments to function 'DCE2_GetReloadSafeMemcap'; expected 0, have 1
1436 | uint32_t current_memcap = DCE2_GetReloadSafeMemcap(dce2_config);
| ^~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c:163:17: note: declared here
163 | static uint32_t DCE2_GetReloadSafeMemcap();
| ^~~~~~~~~~~~~~~~~~~~~~~~
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c:1437:35: error: too many arguments to function 'DCE2_GetReloadSafeMemcap'; expected 0, have 1
1437 | uint32_t new_memcap = DCE2_GetReloadSafeMemcap(dce2_swap_config);
| ^~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c:163:17: note: declared here
163 | static uint32_t DCE2_GetReloadSafeMemcap();
| ^~~~~~~~~~~~~~~~~~~~~~~~
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c: In function 'DCE2_ReloadSwap':
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c:1535:26: error: too many arguments to function 'DCE2_GetReloadSafeMemcap'; expected 0, have 1
1535 | current_memcap = DCE2_GetReloadSafeMemcap(dce2_config);
| ^~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c:163:17: note: declared here
163 | static uint32_t DCE2_GetReloadSafeMemcap();
| ^~~~~~~~~~~~~~~~~~~~~~~~
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c:1538:26: error: too many arguments to function 'DCE2_GetReloadSafeMemcap'; expected 0, have 1
1538 | swap_memcap = DCE2_GetReloadSafeMemcap(dce2_swap_config);
| ^~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c:163:17: note: declared here
163 | static uint32_t DCE2_GetReloadSafeMemcap();
| ^~~~~~~~~~~~~~~~~~~~~~~~
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c: At top level:
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c:1673:17: error: conflicting types for 'DCE2_GetReloadSafeMemcap'; have 'uint32_t(tSfPolicyUserContext *)' {aka 'unsigned int(tSfPolicyUserContext *)'}
1673 | static uint32_t DCE2_GetReloadSafeMemcap(tSfPolicyUserContextId pConfig)
| ^~~~~~~~~~~~~~~~~~~~~~~~
../../../../snort-2.9.20/src/dynamic-preprocessors/dcerpc2/spp_dce2.c:163:17: note: previous declaration of 'DCE2_GetReloadSafeMemcap' with type 'uint32_t(void)' {aka 'unsigned int(void)'}
163 | static uint32_t DCE2_GetReloadSafeMemcap();
| ^~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
In order to facilitate users who wish to use e.g. dbus-broker as their
runtime D-Bus implementation, change the Freedesktop.org specific D-Bus
runtime dependency to honor oe-core's new VIRTUAL-RUNTIME_dbus
variable.
With this change we also align with oe-core commit 5dfca64b78
("dbus-glib: depend on dbus, not dbus-x11") which mentions that
dbus-x11 hasn't existed as a package since 2012[1] and is just a
RPROVIDES in dbus, so depend on dbus directly instead.
Signed-off-by: Niko Mauno <niko.mauno@vaisala.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
conditionnal inherit is missed when PACKAGECONFIG privdrop is
activated after this inherit, eg in .bbappend.
Signed-off-by: Andreas Fenkart <afenkart@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
when opting out from the DISTRO_FEATURE gobject-introspection-date, the
build fails with error:
../NetworkManager-1.50.0/meson.build:849:4: ERROR: Assert failed: vala api require GObject introspection. Use -Dvapi=false to disable it
The gobject-introspection-data feature, while ultimately added to
DISTRO_FEATURES via DISTRO_FEATURE_BACKFILL, isn't available during the
vala.bbclass inheritance check. This also excludes derived variables
e.g. GI_DATA_ENABLED.
To properly disable a DISTRO_FEATURE_BACKFILL feature, it must be
included in DISTRO_FEATURE_BACKFILL_CONSIDERED, a variable that is
available during the parsing phase.
Similar situations have been resolved in:
[openembedded-core:31daea70b18b2b2266bf94063b655aaf142a6166]
librsvg: Only enable the Vala bindings if GObject Introspection is enabled
PACKAGECONFIG:append:class-target = " ${@bb.utils.contains('GI_DATA_ENABLED', 'True', 'vala', '', d)}"
-- and --
[meta-openembedded:d89fc6ffbdf8f947643def51b804052bb5e7ac97
libpeas: add recipe for 2.0.5
PACKAGECONFIG ?= "python3 gjs lua51 ${@bb.utils.contains('DISTRO_FEATURES', 'gobject-introspection', 'vala', '', d)}"
Signed-off: Andreas Fenkart <afenkart@gmail.com>
The workaround introduced in commit
63db9c0d52 is no longer needed.
Typelib
files are now correctly located solely within STAGING_LIBDIR_NATIVE,
aligning with the intended build configuration. Removing the
workaround
avoids the following error during build:
cp: cannot stat '.../GObject*typelib': No such file or directory
Signed-off: Andreas Fenkart <afenkart@gmail.com>
* submit fix:
https://github.com/HewlettPackard/netperf/pull/86
to fix:
http://errors.yoctoproject.org/Errors/Details/851803/
../../git/src/nettest_bsd.c:4497:19: error: too many arguments to function 'alloc_sendfile_buf_ring'; expected 0, have 4
4497 | send_ring = alloc_sendfile_buf_ring(send_width,
| ^~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~
In file included from ../../git/src/nettest_bsd.c:175:
../../git/src/netlib.h:690:26: note: declared here
690 | extern struct ring_elt *alloc_sendfile_buf_ring();
| ^~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../git/src/nettest_omni.c:184:
../../git/src/hist.h:135:6: error: conflicting types for 'HIST_purge'; have 'void(struct histogram_struct *)'
135 | void HIST_purge(HIST h);
| ^~~~~~~~~~
...
Signed-off-by: mark.yang <mark.yang@lge.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Set UPSTREAM_CHECK_REGEX to skip RC/beta version.
Before the fix:
$ devtool latest-version ntp
INFO: Current version: 4.2.8p18
INFO: Latest version: 4.2.8p18-RC1
After the fix:
$ devtool latest-version ntp
INFO: Current version: 4.2.8p18
INFO: Latest version: 4.2.8p18
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
There are two types of errors:
1. Linker errors for txring.c
TOPDIR/tmp/work/core2-64-oe-linux/tcpreplay/4.5.1/recipe-sysroot-native/usr/bin/x86_64-oe-linux/../../libexec/x86_64-oe-linux/gcc/x86_64-oe-linux/15.0.1/ld: ./common/libcommon.a(sendpacket.o): in function `sendpacket':
/usr/src/debug/tcpreplay/4.5.1/src/common/sendpacket.c:328:(.text+0x1be): undefined reference to `txring_put'
TOPDIR/tmp/work/core2-64-oe-linux/tcpreplay/4.5.1/recipe-sysroot-native/usr/bin/x86_64-oe-linux/../../libexec/x86_64-oe-linux/gcc/x86_64-oe-linux/15.0.1/ld: ./common/libcommon.a(sendpacket.o): in function `sendpacket_open_pf':
/usr/src/debug/tcpreplay/4.5.1/src/common/sendpacket.c:1088:(.text+0x7ea): undefined reference to `txring_init'
TOPDIR/tmp/work/core2-64-oe-linux/tcpreplay/4.5.1/recipe-sysroot-native/usr/bin/x86_64-oe-linux/../../libexec/x86_64-oe-linux/gcc/x86_64-oe-linux/15.0.1/ld: ./common/libcommon.a(sendpacket.o): in function `sendpacket':
/usr/src/debug/tcpreplay/4.5.1/src/common/sendpacket.c:328:(.text+0x1be): undefined reference to `txring_put'
TOPDIR/tmp/work/core2-64-oe-linux/tcpreplay/4.5.1/recipe-sysroot-native/usr/bin/x86_64-oe-linux/../../libexec/x86_64-oe-linux/gcc/x86_64-oe-linux/15.0.1/ld: ./common/libcommon.a(sendpacket.o): in function `sendpacket_open_pf':
/usr/src/debug/tcpreplay/4.5.1/src/common/sendpacket.c:1088:(.text+0x7ea): undefined reference to `txring_init'
TOPDIR/tmp/work/core2-64-oe-linux/tcpreplay/4.5.1/recipe-sysroot-native/usr/bin/x86_64-oe-linux/../../libexec/x86_64-oe-linux/gcc/x86_64-oe-linux/15.0.1/ld: ./common/libcommon.a(sendpacket.o): in function `sendpacket':
/usr/src/debug/tcpreplay/4.5.1/src/common/sendpacket.c:328:(.text+0x1be): undefined reference to `txring_put'
TOPDIR/tmp/work/core2-64-oe-linux/tcpreplay/4.5.1/recipe-sysroot-native/usr/bin/x86_64-oe-linux/../../libexec/x86_64-oe-linux/gcc/x86_64-oe-linux/15.0.1/ld: ./common/libcommon.a(sendpacket.o): in function `sendpacket_open_pf':
/usr/src/debug/tcpreplay/4.5.1/src/common/sendpacket.c:1088:(.text+0x7ea): undefined reference to `txring_init'
The txring file needs to include config.h to build properly.
Surprisingly, in the same environment with gcc14, HAVE_TX_RING is not declared in config.h because it fails during the configure stage.
The config.log below is from the same environment with gcc14.
configure:26549: result: no
configure:26557: checking for TX_RING socket sending support
configure:26579: conftest.c >&5
In file included from conftest.c:130:
/linux/if_packet.h:14:8: error: redefinition of 'struct sockaddr_ll'
14 | struct sockaddr_ll {
| ^~~~~~~~~~~
Therefore, it seems that the linker error did not occur previously.
2. Incompatible type assignment in txring.c when allocating memory for txring_t structure
Signed-off-by: mark.yang <mark.yang@lge.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- remove patch that was merged upstream
2.4.4
Bugs fixed
Fix Rfcom plugin dbus signature
Set an initial selected device in blueman-sendto
AutoConnect: Store bluetooth address instead of object path
Applet: Handle UnknownObject DBus error (@tommie)
Make search button available after device list becomes empty (@astcri)
Fatal LoadException
Changes
Terminate applet on manager termination if it was started by manager
Add Galic and Esperanto translations
AutoConnect: Automatically convert path to address
Add toggle to force symbolic statusicon
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
To fix error: http://errors.yoctoproject.org/Errors/Details/851808/
In file included from string_matching.cpp:1:
./string_matching.h:10:18: error: 'uint16_t' does not name a type
10 | extern const uint16_t PATTERN_LIMIT;
| ^~~~~~~~
./string_matching.h:7:1: note: 'uint16_t' is defined in header '<cstdint>'; this is probably fixable by adding '#include <cstdint>'
Signed-off-by: Nguyen Dat Tho <tho3.nguyen@lge.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fix error: http://errors.yoctoproject.org/Errors/Details/851809/
../mDNSShared/CommonServices.h:856:13: error: 'bool' cannot be defined via 'typedef'
856 | typedef int bool;
| ^~~~
../mDNSShared/CommonServices.h:856:13: note: 'bool' is a keyword with '-std=c23' onwards
../mDNSShared/CommonServices.h:856:1: warning: useless type name in empty declaration
856 | typedef int bool;
| ^~~~~~~
Signed-off-by: Nguyen Dat Tho <tho3.nguyen@lge.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* fix following error:
http://errors.yoctoproject.org/Errors/Details/850313/
../git/compat/malloc.c:9:7: warning: conflicting types for built-in function 'malloc'; expected 'void *(long unsigned int)' [-Wbuiltin-declaration-mismatch]
9 | void *malloc ();
| ^~~~~~
../git/compat/malloc.c:5:1: note: 'malloc' is declared in header '<stdlib.h>'
4 | #include "config.h"
+++ |+#include <stdlib.h>
5 | #undef malloc
../git/compat/malloc.c: In function 'rpl_malloc_unbound':
../git/compat/malloc.c:23:10: error: too many arguments to function 'malloc'; expected 0, have 1
23 | return malloc (n);
| ^~~~~~ ~
../git/compat/malloc.c:9:7: note: declared here
9 | void *malloc ();
| ^~~~~~
* Seeing that there is '#undef malloc', it appears they don't want to
use the malloc from stdlib.h.
Therefore, we need to correctly define the parameters for malloc.
Signed-off-by: mark.yang <mark.yang@lge.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This upstream does not in fact use autotools, so remove the inherit and
implement the required do_install.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This upstream does not in fact use autotools, so remove the inherit.
Split the configure step (make config.h) into do_configure and ensure
that it always runs in case the configuration has changed.
Use PACKAGECONFIG for options, as there are more available upstream.
Add UPSTREAM_CHECK variables to check for new releases. This depends on
a bitbake change[1] but with that detects that 2.3.7 has been released.
Add a DEPENDS on openssl as the Makefiles try to link against it and
silently fail without it.
[1] https://lore.kernel.org/bitbake-devel/20250319165339.439776-1-ross.burton@arm.com/T/#u
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This upstream does not in fact use autotools, so remove the inherit.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This upstream does not in fact use autotools, so remove the inherit and
implement the required do_install directly.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Chronyd is supporting NTS (network time security) protocol, however, to
build the application with this support, it require having gnutls at
build time.
This commit adds a PACKAGECONFIG line, allowing users to control whether
the supporting application will have nts or not.
Signed-off-by: Omri Sarig <omri.sarig13@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Waf-samba.bbclass inherits python3native.bbclass
which has the variable PYTHON="${STAGING_BINDIR_NATIVE}/python3-native/python3".
This allows this variable to be used in do_compile instead of python3.
Signed-off-by: Dmitry Makhnin <d.makhnin@yadro.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This should help with not emitting configure commandline into
binaries, these may contain absolute build paths
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add ptest for Wolfssl package.
Set IMAGE_ROOTFS_EXTRA_SPACE:virtclass-mcextend-wolfssl to 700M
enough to avoid a "No space left on device".
BEGIN: /usr/lib/wolfssl/ptest
Wolfssl ptest logs are stored in /tmp/wolfss_temp.qvuQ9h/ptest.log
Test script returned: 0
unit_test: Success for all configured tests.
PASS: Wolfssl
DURATION: 7
END: /usr/lib/wolfssl/ptest
Signed-off-by: Sofiane HAMAM <sofiane.hamam@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The OPC UA schema definitions and nodeset descriptions make up 90MB of
the "normal" package and contain mostly text files not needed during
runtime.
Split them into a -tools package. The "normal" package size is reduced
drastically.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
The default is still the FULL namespace, but it is now possible to
switch to REDUCED.
With the REDUCED namespace, the binary shrinks about 80% in size, from
4.5MB to ~800kB.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
open62541@9e0b766fbba73be8d703b6ccbfdeec5bfd200b48 made it an error to
install the package while the amalgamation option is enabled.
On the 1.3 branch, this is not yet an issue. However, it is clear that
this option is not deemed suitable for building open62541 in the context
of a distribution.
Thus, remove the PACKAGECONFIG outright, before someone depends on the
different (incompatible) header includes required by the amalgamation
option.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
Recent change to autotools.bbclass broke netperf as it can not now find
proper macros. Remove old workaround and add a proper patch to utilize
ACLOCAL_AMFLAGS option.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
As of "autotools: don't try and find in-tree macros" in core, acpaths is
no longer used.
Also remove an obsolete FILES:PN-dbg as the debug package is packaged
automatically.
Signed-off-by: Ross Burton <ross.burton@arm.com>
autoreconf needs to be told where to find macros as the Makefile.am does
not do this.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The manpages.bbclass adds the 'manpages' PACKAGECONFIG but this isn't
defined:
ERROR: QA Issue: udpcast: invalid PACKAGECONFIG: manpages [invalid-packageconfig]
There is not an option to disable the manpages, so add a stub
PACKAGECONFIG to silence this error.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This recipe doesn't ship any manpages since 2.10, so remove the manpage
support.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- fix a few coverity warnings
- Support older mac0S versions that lack vdprintf()
- Patch certificate login error for FortiOS 7.4.4
- Clear OTP after run
- Support SAML login authentication
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==============
- iscsid: Rate limit session reopen log messages
- Preparing for version 2.1.10
- Fix bug where abort_tmo read failures were ignored.
- Fix gcc issues
- Change a discovery function to void return type
- Fix firmware targets startup to always be "onboot"
- More testing cleanup, and fix dprint test usage
- Improve iscsiadm command line parsing messages
- grammar nitpicks
- Bugfix read specific sysfs value "off" of session attribute
- Fix a typo in test/README
- Make it visible when memory allocation failure
- improve the comments in idbm_lock()
- iscsid: Fix hang during login with scan=manual
- Fix memory leak in iscsi_check_session_use_count
- IPv6 support for iBFT iSCSI boot
- fix 4 issues which are finded when building with clang 17
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The original SRC_URI's content seems to be deleted regurarly,
when a new version is published, making the previous version
unavailable.
The new SRC_URI ("all-versions" folder) seems to be more
stable, the previous versions of Wireshark are not deleted from
there.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The 4.2.10 was not longer available at the original SRC_URI.
At the new SRC_URI all version of the wireshark releases are available.
Signed-off-by: Jan Vermaete <jan.vermaete@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Change the SRC_URI to the correct value due to the following error:
ERROR: geoip-1.6.12-r0 do_fetch: Bitbake Fetcher Error: FetchError('Unable to fetch URL from any source.', 'http://sources.openembedded.org/GeoIP.dat.20181205.gz;apply=no;name=GeoIP-dat;')
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Corosync is not reproducible due to change of value
in NETSNMP_SYS_CONTACT which is set in net-snmp:
NETSNMP_SYS_CONTACT = "$ME@$LOC"
$ME = whoami
$LOC assigned domain name from /etc/resolv.conf
Use build in'--with-sys-contact' to overwrite it
https://autobuilder.yoctoproject.org/valkyrie/#/builders/87/builds/30/steps/28/logs/stdio
CC: Yoann Congal <yoann.congal@smile.fr>
CC: Randy MacLeod <randy.macleod@windriver.com>
Signed-off-by: Christos Gavros <gavrosc@yahoo.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Extract mdns-libnss-mdns from the main package so we can mark it as an
RPROVIDE for libnss-mdns (matching avahi-libnss-mdns) and then
RRECOMMEND this when building with glibc.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
We want to select libdns_sd.so from either Avahi or mDNSResponder, make
the RPROVIDE match the one in Avahi.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
In case "encryption-openssl" PACKAGECONFIG is enabled, do_package_qa fails:
ERROR: open62541-1.3.8-r0 do_package_qa: QA Issue: File /usr/lib/cmake/open62541/open62541Targets.cmake in package open62541-dev contains reference to TMPDIR [buildpaths]
Fix it by changing the value of RECIPE_SYSROOT to CMAKE_SYSROOT variable,
so the qa check passes, and other CMake projects should be still able to find the
CMake package provided by this recipe.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
1. Set the correct LICENSE value
2. Csocket is a submodule of the main znc project. Instead of
cloning it separately in a subfolder, just let the gitsm fetcher
to fetch the correct revisions, at the correct place.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Recipes are much more readable with whitespace around the assignment operators.
Fix various assignments in meta-openembedded recipes to show this is definitely
the preferred formatting.
This fixes recipes with larger numbers of issues but there are just under 100
other references left to fix.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Building of net-snmp-native aborted due to
missing dependency with libpci-native.
Fixed by keeping the dependency on for
target recipe and removing it for native
CC: Yoann Congal <yoann.congal@smile.fr>
CC: Randy MacLeod <randy.macleod@windriver.com>
Signed-off-by: Christos Gavros <gavrosc@yahoo.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
1. The do_install:append() deleted the TMPDIR from the cmake file,
however that left two absolute pathes in the file: /usr/lib/libssl.so
and /usr/lib/libcrypto.so. In case another project is trying to link
to civetweb-server with cmake, it fails with the following error:
ninja: error: '/usr/lib/libssl.so', needed by 'examples/prometheus/prometheus_example', missing and no known rule to make it
Instead of only deleting the TMPDIR, change it to ${CMAKE_SYSROOT} -
a variable set by cmake.bbclass. This allows other projects to find
the required interfacing libraries successfully.
2. When linking to civetweb-server from another project using cmake,
the cmake file verifies if the /usr/bin/civetweb binary exists. When using
the class-target package, this file is not included in the sysroot during
build-time, so this check fails with the following error:
CMake Error at ${RECIPE_SYSROOT}/usr/lib/cmake/civetweb/civetweb-targets.cmake:97 (message):
The imported target "civetweb::server" references the file
"${RECIPE_SYSROOT}/usr/bin/civetweb"
but this file does not exist. Possible reasons include:
To avoid this error, this check is deleted for class-target.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Recent changes in to the autotools class in core means that it no longer
sets CONFIG_SITE for compile tasks. However, ntp decides to reconfigure
itself mid-build, so the CONFIG_SITE values are lost.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ACLOCALEXTRAPATH is no longer used, so pass the required -I via
EXTRA_AUTORECONF.
Also explicitly disable aclocal as the aclocal is hand-maintained.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- ACLOCALEXTRAPATH is gone in core with commit 878e1517d4890b31332a506ce903d57e1d7dff87
- Add patches to fix build with latest clang and gcc
- Drop disabling warnings as the fixes above take care of the problem
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- Refuse clients if username or password is longer than USER_PASS_LEN
- Improve peer fingerprint documentation
- console_systemd: remove the timeout when using 'systemd-ask-password'
- Fix missing spaces in various messages
- GHA: Update macOS runners
- GHA: Simplify macOS builds
- Various typo fixes
- forward: Fix potential unaligned access in drop_if_recursive_routing
- send uname() release as IV_PLAT_VER= on non-windows versions
- preparing release 2.6.13
- Route: remove incorrect routes on exit
- Use a more robust way to get dco-win version
- Fix check_addr_clash argument order
- Add calls to nvlist_destroy to avoid leaks
- proxy.c: Clear sensitive data after use
- Protect cached username, password and token on client
- Fix more of uninitialized struct user_pass local vars
- Fix IPv6 in port-share journal
- Fix port-share journal doc
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Similarly to old openssl versions, proftpd has patch releases with
characters instead of numbers.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Patch releases have character after version
devtool upgrade would currently downgrade 1.3.8b -> 1.3.8
This will make it upgrade 1.3.8b -> 1.3.8c
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=========
- Support of both Apple Silicon and Intel for macOS package.
- Add cvlan/svlan/tpmr capabilities.
- Disable LLDP in firmware for Intel X7xx cards on FreeBSD.
- Add lldpctl_watch_sync_unblock to liblldpctl.
- Add C++ wrapper for lldpctl.
- Fix AppArmor policy for /run/lldpd/lldpd.socket.lock.
- Do not query stats for a down interface on Linux.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
Enhancements
------------
* Add ntsaeads directive to enable only selected AEAD algorithms for NTS
* Add activate option to local directive to set activation threshold
* Add ipv4 and ipv6 options to server/pool/peer directive
* Add kod option to ratelimit directive for server KoD RATE support
* Add leapseclist directive to read NIST/IERS leap-seconds.list file
* Add ptpdomain directive to set PTP domain for NTP over PTP
* Allow disabling pidfile
* Improve copy server option to accept unsynchronised status instantly
* Log one selection failure on start
* Add offset command to modify source offset correction
* Add timestamp sources to ntpdata report
Workarounds
-----------
* Negotiate use of compliant NTS keys with AES-128-GCM-SIV AEAD algorithm
(by default the keys are generated differently than in RFC 8915 for
compatibility with chrony server and client versions 4.4, 4.5, and 4.6)
* Switch to compliant NTS keys if first response from server is NTS NAK
Bug fixes
---------
* Fix crash on sources reload during initstepslew or RTC initialisation
* Fix source refreshment to not repeat failed name resolving attempts
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Change the SRC_URI to the correct value due to the following error:
WARNING: chrony-4.5-r0.wr2401 do_fetch: Failed to fetch URL https://download.tuxfamily.org/chrony/chrony-4.5.tar.gz, attempting MIRRORS if available
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Solves CVE-2024-46613
Update dependencies:
- remove openssl and icu
- add cjson and gettext-native
Remove patch to find gcrypt which is no longer needed.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Per [1] this is fixed by [2].
The commit message says that it is reverting feature added in:
$ git tag --no-contains d7a0084 | grep 1.0.18
1.0.18
This recipe is for the original memcached which is unmaintained now.
Hence the ignore instead of upgrade.
[1] https://nvd.nist.gov/vuln/detail/CVE-2023-27478
[2] https://github.com/awesomized/libmemcached/commit/48dcc61a
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
After removing old libmemcached recipe version, these is no reasons
anymore to have this split.
The memcached resurrected project uses cmake and different urls.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Solves CVE-2023-46852 and CVE-2023-46853.
Upgrade done via "devtool upgrade".
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Download URL is not listable so devtool upgrade fails.
Using homepage works as it contains link to latest release,
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Per [1] this is a problem of applications using memcached inproperly.
This should not be a CVE against php-memcached, but for whatever
software the issue was actually found in. php-memcached and
libmemcached provide a VERIFY_KEY flag if they're too lazy to
filter untrusted user input.
[1] https://github.com/php-memcached-dev/php-memcached/issues/519
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
NVD tracks this as version-less CVE for spice.
It was fixed by [1] and [2] included in 0.13.2.
[1] 6b32af3e17
[2] 359ac42a7a
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
fix-openssl-no-des.patch
refreshed for 5.74
* Bugfixes
- Fixed a stapling cache deallocation crash.
- Fixed "redirect" with protocol negotiation.
* Features
- "protocolHost" support for "socks" protocol clients.
- More detailed logs in OpenSSL 3.0 or later.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add exact CPE name (from NVD database) in CVE_PRODUCT in order to ensure
CVE filtering and not be disturb by futur potential false-positive CVEs.
Signed-off-by: Benjamin Bouvier <benjamin.bouvier@ekinops.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This ancient CVE [1] is unversioned ("*") in NVD DB.
"mod_sqlpw module in ProFTPD does not reset a cached password..."
Looking at history and changelog, the module was removed [2] around
the time when this CVE was published, likely as reaction to this CVE.
"mod_sqlpw.c, mod_mysql.c and mod_pgsql.c have been REMOVED from the
distribution. They are currently unmaintained and have numerous bugs."
Note: It was later re-introduced as mod_sql when it got fixed under
new maintainer.
[1] https://nvd.nist.gov/vuln/detail/CVE-2001-0027
[2] https://github.com/proftpd/proftpd/blob/v1.3.8b/NEWS#L3362
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* since elfutils upgrade to 0.192 in:
https://git.openembedded.org/openembedded-core/commit/?id=1d6ac3c811798732e6addc798656bbe104661d77
json-c is detected in RSS and ov-rest plugin gets enabled, but fails to build:
../../../openhpi-3.8.0/plugins/ov_rest/ov_rest_event.c:78:10: fatal error: amqp_ssl_socket.h: No such file or directory
78 | #include <amqp_ssl_socket.h>
| ^~~~~~~~~~~~~~~~~~~
compilation terminated.
../../../openhpi-3.8.0/plugins/ov_rest/ov_rest_re_discover.c:707:23: error: initialization of 'SaErrorT' {aka 'int'} from 'void *' makes integer from pointer without a cast [-Wint-conversion]
707 | SaErrorT rv = NULL;
| ^~~~
* keep it explicitly disabled as it was disabled before
* add rabbitmq-c dependency for the first issue, the 2nd issue could be
worked around by:
# openhpi-3.8.0/plugins/ov_rest/ov_rest_re_discover.c:707:23: error: initialization of 'SaErrorT' {aka 'int'} from 'void *' makes integer from pointer without a cast [-Wint-conversion]
CFLAGS += "-Wno-error=int-conversion"
or better fixed properly by someone actually using this recipe
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Mistakenly removed musl-fixes.patch in previous commit.
update & Include 0001-Musl-build-fix.patch based on latest upstream of ot-br-posix
Remove CXXFLAGS:append:libc-musl:toolchain-clang = " -Wno-error=sign-compare
-Wno-error=unused-but-set-variable", as issue is not reproducible with
current SRCREV of ot-br-posix.
Signed-off-by: deepan.shivap <deepan.shivap@lge.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Conditionnal inherit may be missed when PACKAGECONFIG qt5 is activated
after this inherit, eg in .bbappend. see patch [0]
[0]: https://lists.openembedded.org/g/bitbake-devel/message/16815
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Ghislain Mangé <ghislain.mange@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
