This upstream does not in fact use autotools, so remove the inherit and
implement the required do_install.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This upstream does not in fact use autotools, so remove the inherit.
Split the configure step (make config.h) into do_configure and ensure
that it always runs in case the configuration has changed.
Use PACKAGECONFIG for options, as there are more available upstream.
Add UPSTREAM_CHECK variables to check for new releases. This depends on
a bitbake change[1] but with that detects that 2.3.7 has been released.
Add a DEPENDS on openssl as the Makefiles try to link against it and
silently fail without it.
[1] https://lore.kernel.org/bitbake-devel/20250319165339.439776-1-ross.burton@arm.com/T/#u
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This upstream does not in fact use autotools, so remove the inherit.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This upstream does not in fact use autotools, so remove the inherit and
implement the required do_install directly.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Chronyd is supporting NTS (network time security) protocol, however, to
build the application with this support, it require having gnutls at
build time.
This commit adds a PACKAGECONFIG line, allowing users to control whether
the supporting application will have nts or not.
Signed-off-by: Omri Sarig <omri.sarig13@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Waf-samba.bbclass inherits python3native.bbclass
which has the variable PYTHON="${STAGING_BINDIR_NATIVE}/python3-native/python3".
This allows this variable to be used in do_compile instead of python3.
Signed-off-by: Dmitry Makhnin <d.makhnin@yadro.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This should help with not emitting configure commandline into
binaries, these may contain absolute build paths
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add ptest for Wolfssl package.
Set IMAGE_ROOTFS_EXTRA_SPACE:virtclass-mcextend-wolfssl to 700M
enough to avoid a "No space left on device".
BEGIN: /usr/lib/wolfssl/ptest
Wolfssl ptest logs are stored in /tmp/wolfss_temp.qvuQ9h/ptest.log
Test script returned: 0
unit_test: Success for all configured tests.
PASS: Wolfssl
DURATION: 7
END: /usr/lib/wolfssl/ptest
Signed-off-by: Sofiane HAMAM <sofiane.hamam@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The OPC UA schema definitions and nodeset descriptions make up 90MB of
the "normal" package and contain mostly text files not needed during
runtime.
Split them into a -tools package. The "normal" package size is reduced
drastically.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
The default is still the FULL namespace, but it is now possible to
switch to REDUCED.
With the REDUCED namespace, the binary shrinks about 80% in size, from
4.5MB to ~800kB.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
open62541@9e0b766fbba73be8d703b6ccbfdeec5bfd200b48 made it an error to
install the package while the amalgamation option is enabled.
On the 1.3 branch, this is not yet an issue. However, it is clear that
this option is not deemed suitable for building open62541 in the context
of a distribution.
Thus, remove the PACKAGECONFIG outright, before someone depends on the
different (incompatible) header includes required by the amalgamation
option.
Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com>
Recent change to autotools.bbclass broke netperf as it can not now find
proper macros. Remove old workaround and add a proper patch to utilize
ACLOCAL_AMFLAGS option.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
As of "autotools: don't try and find in-tree macros" in core, acpaths is
no longer used.
Also remove an obsolete FILES:PN-dbg as the debug package is packaged
automatically.
Signed-off-by: Ross Burton <ross.burton@arm.com>
autoreconf needs to be told where to find macros as the Makefile.am does
not do this.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The manpages.bbclass adds the 'manpages' PACKAGECONFIG but this isn't
defined:
ERROR: QA Issue: udpcast: invalid PACKAGECONFIG: manpages [invalid-packageconfig]
There is not an option to disable the manpages, so add a stub
PACKAGECONFIG to silence this error.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This recipe doesn't ship any manpages since 2.10, so remove the manpage
support.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- fix a few coverity warnings
- Support older mac0S versions that lack vdprintf()
- Patch certificate login error for FortiOS 7.4.4
- Clear OTP after run
- Support SAML login authentication
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==============
- iscsid: Rate limit session reopen log messages
- Preparing for version 2.1.10
- Fix bug where abort_tmo read failures were ignored.
- Fix gcc issues
- Change a discovery function to void return type
- Fix firmware targets startup to always be "onboot"
- More testing cleanup, and fix dprint test usage
- Improve iscsiadm command line parsing messages
- grammar nitpicks
- Bugfix read specific sysfs value "off" of session attribute
- Fix a typo in test/README
- Make it visible when memory allocation failure
- improve the comments in idbm_lock()
- iscsid: Fix hang during login with scan=manual
- Fix memory leak in iscsi_check_session_use_count
- IPv6 support for iBFT iSCSI boot
- fix 4 issues which are finded when building with clang 17
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The original SRC_URI's content seems to be deleted regurarly,
when a new version is published, making the previous version
unavailable.
The new SRC_URI ("all-versions" folder) seems to be more
stable, the previous versions of Wireshark are not deleted from
there.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The 4.2.10 was not longer available at the original SRC_URI.
At the new SRC_URI all version of the wireshark releases are available.
Signed-off-by: Jan Vermaete <jan.vermaete@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Change the SRC_URI to the correct value due to the following error:
ERROR: geoip-1.6.12-r0 do_fetch: Bitbake Fetcher Error: FetchError('Unable to fetch URL from any source.', 'http://sources.openembedded.org/GeoIP.dat.20181205.gz;apply=no;name=GeoIP-dat;')
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Corosync is not reproducible due to change of value
in NETSNMP_SYS_CONTACT which is set in net-snmp:
NETSNMP_SYS_CONTACT = "$ME@$LOC"
$ME = whoami
$LOC assigned domain name from /etc/resolv.conf
Use build in'--with-sys-contact' to overwrite it
https://autobuilder.yoctoproject.org/valkyrie/#/builders/87/builds/30/steps/28/logs/stdio
CC: Yoann Congal <yoann.congal@smile.fr>
CC: Randy MacLeod <randy.macleod@windriver.com>
Signed-off-by: Christos Gavros <gavrosc@yahoo.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Extract mdns-libnss-mdns from the main package so we can mark it as an
RPROVIDE for libnss-mdns (matching avahi-libnss-mdns) and then
RRECOMMEND this when building with glibc.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
We want to select libdns_sd.so from either Avahi or mDNSResponder, make
the RPROVIDE match the one in Avahi.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
In case "encryption-openssl" PACKAGECONFIG is enabled, do_package_qa fails:
ERROR: open62541-1.3.8-r0 do_package_qa: QA Issue: File /usr/lib/cmake/open62541/open62541Targets.cmake in package open62541-dev contains reference to TMPDIR [buildpaths]
Fix it by changing the value of RECIPE_SYSROOT to CMAKE_SYSROOT variable,
so the qa check passes, and other CMake projects should be still able to find the
CMake package provided by this recipe.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
1. Set the correct LICENSE value
2. Csocket is a submodule of the main znc project. Instead of
cloning it separately in a subfolder, just let the gitsm fetcher
to fetch the correct revisions, at the correct place.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Recipes are much more readable with whitespace around the assignment operators.
Fix various assignments in meta-openembedded recipes to show this is definitely
the preferred formatting.
This fixes recipes with larger numbers of issues but there are just under 100
other references left to fix.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Building of net-snmp-native aborted due to
missing dependency with libpci-native.
Fixed by keeping the dependency on for
target recipe and removing it for native
CC: Yoann Congal <yoann.congal@smile.fr>
CC: Randy MacLeod <randy.macleod@windriver.com>
Signed-off-by: Christos Gavros <gavrosc@yahoo.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
1. The do_install:append() deleted the TMPDIR from the cmake file,
however that left two absolute pathes in the file: /usr/lib/libssl.so
and /usr/lib/libcrypto.so. In case another project is trying to link
to civetweb-server with cmake, it fails with the following error:
ninja: error: '/usr/lib/libssl.so', needed by 'examples/prometheus/prometheus_example', missing and no known rule to make it
Instead of only deleting the TMPDIR, change it to ${CMAKE_SYSROOT} -
a variable set by cmake.bbclass. This allows other projects to find
the required interfacing libraries successfully.
2. When linking to civetweb-server from another project using cmake,
the cmake file verifies if the /usr/bin/civetweb binary exists. When using
the class-target package, this file is not included in the sysroot during
build-time, so this check fails with the following error:
CMake Error at ${RECIPE_SYSROOT}/usr/lib/cmake/civetweb/civetweb-targets.cmake:97 (message):
The imported target "civetweb::server" references the file
"${RECIPE_SYSROOT}/usr/bin/civetweb"
but this file does not exist. Possible reasons include:
To avoid this error, this check is deleted for class-target.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Recent changes in to the autotools class in core means that it no longer
sets CONFIG_SITE for compile tasks. However, ntp decides to reconfigure
itself mid-build, so the CONFIG_SITE values are lost.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ACLOCALEXTRAPATH is no longer used, so pass the required -I via
EXTRA_AUTORECONF.
Also explicitly disable aclocal as the aclocal is hand-maintained.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- ACLOCALEXTRAPATH is gone in core with commit 878e1517d4890b31332a506ce903d57e1d7dff87
- Add patches to fix build with latest clang and gcc
- Drop disabling warnings as the fixes above take care of the problem
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- Refuse clients if username or password is longer than USER_PASS_LEN
- Improve peer fingerprint documentation
- console_systemd: remove the timeout when using 'systemd-ask-password'
- Fix missing spaces in various messages
- GHA: Update macOS runners
- GHA: Simplify macOS builds
- Various typo fixes
- forward: Fix potential unaligned access in drop_if_recursive_routing
- send uname() release as IV_PLAT_VER= on non-windows versions
- preparing release 2.6.13
- Route: remove incorrect routes on exit
- Use a more robust way to get dco-win version
- Fix check_addr_clash argument order
- Add calls to nvlist_destroy to avoid leaks
- proxy.c: Clear sensitive data after use
- Protect cached username, password and token on client
- Fix more of uninitialized struct user_pass local vars
- Fix IPv6 in port-share journal
- Fix port-share journal doc
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Similarly to old openssl versions, proftpd has patch releases with
characters instead of numbers.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Patch releases have character after version
devtool upgrade would currently downgrade 1.3.8b -> 1.3.8
This will make it upgrade 1.3.8b -> 1.3.8c
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=========
- Support of both Apple Silicon and Intel for macOS package.
- Add cvlan/svlan/tpmr capabilities.
- Disable LLDP in firmware for Intel X7xx cards on FreeBSD.
- Add lldpctl_watch_sync_unblock to liblldpctl.
- Add C++ wrapper for lldpctl.
- Fix AppArmor policy for /run/lldpd/lldpd.socket.lock.
- Do not query stats for a down interface on Linux.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
Enhancements
------------
* Add ntsaeads directive to enable only selected AEAD algorithms for NTS
* Add activate option to local directive to set activation threshold
* Add ipv4 and ipv6 options to server/pool/peer directive
* Add kod option to ratelimit directive for server KoD RATE support
* Add leapseclist directive to read NIST/IERS leap-seconds.list file
* Add ptpdomain directive to set PTP domain for NTP over PTP
* Allow disabling pidfile
* Improve copy server option to accept unsynchronised status instantly
* Log one selection failure on start
* Add offset command to modify source offset correction
* Add timestamp sources to ntpdata report
Workarounds
-----------
* Negotiate use of compliant NTS keys with AES-128-GCM-SIV AEAD algorithm
(by default the keys are generated differently than in RFC 8915 for
compatibility with chrony server and client versions 4.4, 4.5, and 4.6)
* Switch to compliant NTS keys if first response from server is NTS NAK
Bug fixes
---------
* Fix crash on sources reload during initstepslew or RTC initialisation
* Fix source refreshment to not repeat failed name resolving attempts
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Change the SRC_URI to the correct value due to the following error:
WARNING: chrony-4.5-r0.wr2401 do_fetch: Failed to fetch URL https://download.tuxfamily.org/chrony/chrony-4.5.tar.gz, attempting MIRRORS if available
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Solves CVE-2024-46613
Update dependencies:
- remove openssl and icu
- add cjson and gettext-native
Remove patch to find gcrypt which is no longer needed.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Per [1] this is fixed by [2].
The commit message says that it is reverting feature added in:
$ git tag --no-contains d7a0084 | grep 1.0.18
1.0.18
This recipe is for the original memcached which is unmaintained now.
Hence the ignore instead of upgrade.
[1] https://nvd.nist.gov/vuln/detail/CVE-2023-27478
[2] https://github.com/awesomized/libmemcached/commit/48dcc61a
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
After removing old libmemcached recipe version, these is no reasons
anymore to have this split.
The memcached resurrected project uses cmake and different urls.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Solves CVE-2023-46852 and CVE-2023-46853.
Upgrade done via "devtool upgrade".
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Download URL is not listable so devtool upgrade fails.
Using homepage works as it contains link to latest release,
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Per [1] this is a problem of applications using memcached inproperly.
This should not be a CVE against php-memcached, but for whatever
software the issue was actually found in. php-memcached and
libmemcached provide a VERIFY_KEY flag if they're too lazy to
filter untrusted user input.
[1] https://github.com/php-memcached-dev/php-memcached/issues/519
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
NVD tracks this as version-less CVE for spice.
It was fixed by [1] and [2] included in 0.13.2.
[1] 6b32af3e17
[2] 359ac42a7a
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
fix-openssl-no-des.patch
refreshed for 5.74
* Bugfixes
- Fixed a stapling cache deallocation crash.
- Fixed "redirect" with protocol negotiation.
* Features
- "protocolHost" support for "socks" protocol clients.
- More detailed logs in OpenSSL 3.0 or later.
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Add exact CPE name (from NVD database) in CVE_PRODUCT in order to ensure
CVE filtering and not be disturb by futur potential false-positive CVEs.
Signed-off-by: Benjamin Bouvier <benjamin.bouvier@ekinops.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This ancient CVE [1] is unversioned ("*") in NVD DB.
"mod_sqlpw module in ProFTPD does not reset a cached password..."
Looking at history and changelog, the module was removed [2] around
the time when this CVE was published, likely as reaction to this CVE.
"mod_sqlpw.c, mod_mysql.c and mod_pgsql.c have been REMOVED from the
distribution. They are currently unmaintained and have numerous bugs."
Note: It was later re-introduced as mod_sql when it got fixed under
new maintainer.
[1] https://nvd.nist.gov/vuln/detail/CVE-2001-0027
[2] https://github.com/proftpd/proftpd/blob/v1.3.8b/NEWS#L3362
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* since elfutils upgrade to 0.192 in:
https://git.openembedded.org/openembedded-core/commit/?id=1d6ac3c811798732e6addc798656bbe104661d77
json-c is detected in RSS and ov-rest plugin gets enabled, but fails to build:
../../../openhpi-3.8.0/plugins/ov_rest/ov_rest_event.c:78:10: fatal error: amqp_ssl_socket.h: No such file or directory
78 | #include <amqp_ssl_socket.h>
| ^~~~~~~~~~~~~~~~~~~
compilation terminated.
../../../openhpi-3.8.0/plugins/ov_rest/ov_rest_re_discover.c:707:23: error: initialization of 'SaErrorT' {aka 'int'} from 'void *' makes integer from pointer without a cast [-Wint-conversion]
707 | SaErrorT rv = NULL;
| ^~~~
* keep it explicitly disabled as it was disabled before
* add rabbitmq-c dependency for the first issue, the 2nd issue could be
worked around by:
# openhpi-3.8.0/plugins/ov_rest/ov_rest_re_discover.c:707:23: error: initialization of 'SaErrorT' {aka 'int'} from 'void *' makes integer from pointer without a cast [-Wint-conversion]
CFLAGS += "-Wno-error=int-conversion"
or better fixed properly by someone actually using this recipe
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Mistakenly removed musl-fixes.patch in previous commit.
update & Include 0001-Musl-build-fix.patch based on latest upstream of ot-br-posix
Remove CXXFLAGS:append:libc-musl:toolchain-clang = " -Wno-error=sign-compare
-Wno-error=unused-but-set-variable", as issue is not reproducible with
current SRCREV of ot-br-posix.
Signed-off-by: deepan.shivap <deepan.shivap@lge.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Conditionnal inherit may be missed when PACKAGECONFIG qt5 is activated
after this inherit, eg in .bbappend. see patch [0]
[0]: https://lists.openembedded.org/g/bitbake-devel/message/16815
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Ghislain Mangé <ghislain.mange@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Recently, the official nbdkit repo has been changed:
from https://github.com/libguestfs/nbdkit
into https://gitlab.com/nbdkit/nbdkit
Additionally, the newest stable tag version is v1.40.4.
The patch used with version 1.33.11 is also copied
and modified to support the latest changes.
The version 1.33.11 is not removed for reference purposes.
It was tested with one of openbmc images.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
All test cases PASS.
Add openvpn to PTESTS_SLOW because test duration longer than 30s Below is parts of the run log:
[==========] xkey provider tests: Running 3 test(s).
[ RUN ] xkey_provider_test_fetch
[ OK ] xkey_provider_test_fetch
[ RUN ] xkey_provider_test_mgmt_sign_cb
[ OK ] xkey_provider_test_mgmt_sign_cb
[ RUN ] xkey_provider_test_generic_sign_cb
[ OK ] xkey_provider_test_generic_sign_cb
[==========] xkey provider tests: 3 test(s) run.
[ PASSED ] 3 test(s).
PASS: provider_testdriver
The files t_client.sh.in and t_cltsrv.sh were not added because they
require specific environment configuration files. It is recommended that
users configure these based on their environment before testing.
Since the recipe enables iproute2, the condition for t_net.sh based on
HAVE_SITNL is not met, so t_net.sh will not be included in the build.
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Use the new cython class to avoid duplicated fixup code to remove build
paths.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Rewrite ebtables-legacy-save to avoid using bashisms.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
According to [1] the ESI implementation in squid feature is vulnerable
without any fix available.
NVD says it's fixed in 6.10, however the change in this release only
disables ESI by default (which we always did via PACKAGECONFIG).
This means CVE report would say Patched even if the vulnerability is
still present if someone adapts squid PACKAGECONFIG.
Commit in master branch related to this CVE is [2].
Title is "Remove Edge Side Include (ESI) protocol" and it's also what it
does. So there will never be a fix for these ESI vulnerabilities.
Based on this, remove vulnerable ESI PACKAGECONFIG already now.
[1] https://github.com/squid-cache/squid/security/advisories/GHSA-f975-v7qw-q7hj
[2] 5eb89ef3d8
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update: copyright year updated
Add patch to fix new build failure from release tarball.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- daq_netmap: Fix build on Linux with non-system headers
- example: support snap encapsulation
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
buildhistory-diff shows few new files in testdata:
packages/core2-64-oe-linux/unbound/unbound-ptest: FILELIST: added "
/usr/lib/unbound/ptest/tests/testdata/rpz_val_block.rpl
/usr/lib/unbound/ptest/tests/testdata/serve_expired_ttl_reset.rpl
/usr/lib/unbound/ptest/tests/testdata/val_negcache_ttl_prefetch.rpl
/usr/lib/unbound/ptest/tests/testdata/val_negcache_ttl.rpl
/usr/lib/unbound/ptest/tests/testdata/iter_max_global_quota.rpl
/usr/lib/unbound/ptest/tests/testdata/iter_unverified_glue.rpl
/usr/lib/unbound/ptest/tests/testdata/serve_expired_val_bogus.rpl
/usr/lib/unbound/ptest/tests/testdata/iter_unverified_glue_fallback.rpl
/usr/lib/unbound/ptest/tests/testdata/serve_expired_client_timeout_val_bogus.rpl
/usr/lib/unbound/ptest/tests/testdata/serve_expired_client_timeout_val_insecure_delegation.rpl
/usr/lib/unbound/ptest/tests/testdata/dns64_prefetch_cache.rpl"
wasn't tested in runtime, I don't use it, I just wanted to get rid of
random build failure from world builds (happens at least since kirkstone
which has 1.15.0).
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Change the SRC_URI to the correct value due to the following error:
WARNING: wireguard-tools-1.0.20210914-r0 do_fetch: Failed to fetch URL git://git.zx2c4.com/wireguard-tools;branch=master, attempting MIRRORS if available
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Default branch is renamed from `master` to `main`. Commitshas are the
same.
Signed-off-by: Jeroen Knoops <jeroen.knoops@philips.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The mdio-tools package RDEPENDS on `kernel-module-mdio-netlink` but
this package doesn't exists if the module is built into the kernel.
Use RRECOMMENDS instead as is usually done with kernel modules.
Signed-off-by: Alban Bedel <alban.bedel@aerq.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
includes the CFLAGS used to build the package in
the binary via PACKAGE_CONFIGURE_INVOCATION which then includes the
absolute build path via (eg.) the -ffile-prefix-map flag.
Here we remove using variables like PACKAGE_CONFIGURE_INVOCATION in code
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ENABLE_STTD is a typo, correct option is ENABLE_ZSTD.
This patches the following CMake warning in do_configure:
Manually-specified variables were not used by the project: ENABLE_STTD
After, do_configure does not show the warning.
Github issue: https://github.com/openembedded/meta-openembedded/issues/845
Reported-by: Ludovic Jozeau <ludovic.jozeau@smile.fr>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Ghislain Mangé <ghislain.mange@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- Detect active network interface to use, instead of asking user, this needs
to run in automation
- Find the location of ppp_null.so with find instead of rpm, rpm is a distro choice
it can be assumed to be always there.
- Add missing runtime deps for ptests
- Kill openl2tpd started by run-ptest script before exiting, otherwise
ptest runner hangs forever.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
nostrip.patch
refreshed for 1.0.52
License-Update: Copyright year updated to 2024
Changelog:
==========
- The QUIT command is now accepted during a transfer.
- The server can be built with --with-minimal again.
- Fixed an out of bounds read in the MLSD command.
- Larger mmap()ed pages are used on aarch64.
- Improved compatibility with HPUX
- Improved OpenSSL API compatibility
- Improved compatibility with OpenWall Linux
- Improved compatibility with Netfilter
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ChangeLog:
https://github.com/sctp/lksctp-tools/blob/v1.0.20/ChangeLog
Drop redundant variables LK_REL, SOLIBVERSION and SOLIBMAJORVERSION in
recipe.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
- Let getaddrinfo(3) select the default IPv4 or IPv6 protocol version
when it is not explicitly specified on the command line
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
fix-openssl-no-des.patch
refreshed for 5.73
Changelog:
===========
* Security bugfixes
- OpenSSL DLLs updated to version 3.3.2.
- OpenSSL FIPS Provider updated to version 3.0.9.
* Bugfixes
- Fixed a memory leak while reloading stunnel.conf
sections with "client=yes" and "delay=no".
- Fixed TIMEOUTocsp with values greater than 4.
- Fix the IPv6 test on a non-IPv6 machine.
* Features
- HELO replaced with EHLO in the post-STARTTLS SMTP
protocol negotiation (thx to Peter Pentchev).
- OCSP stapling fetches moved away from server threads.
- Improved client-side session resumption.
- Added support for the mimalloc allocator.
- Check for protocolHost moved to configuration file
processing for the client-side CONNECT protocol.
- Clarified some confusing OpenSSL's certificate
verification error messages.
- stunnel.nsi updated for Debian 13 and Fedora.
- Improved NetBSD compatibility.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The "status" function called by this script calls "pidof" to get the process id. "pidof" does not expect or operate with a full path.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This prepares for using libconfuse for the 'genimage' recipe which
should reside in meta-oe.
Also libftdi (which is in meta-oe already) optionally requires
libconfuse when PACKAGECONFIG option 'ftdi-eeprom' is enabled.
Signed-off-by: Enrico Jörns <ejo@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ChangeLog:
https://git.kernel.org/pub/scm/linux/storage/autofs/autofs.git/tree/CHANGELOG?h=release_5_1_9
* Drop backport patches:
0001-autofs-5.1.8-add-autofs_strerror_r-helper-for-musl.patch
0002-autofs-5.1.8-handle-innetgr-not-present-in-musl.patch
* Drop the following patches as the issues have been fixed upstream:
cross.patch
pkgconfig-libnsl.patch
fix_disable_ldap.patch
add-the-needed-stdarg.h.patch
autofs-5.0.7-fix-lib-deps.patch
0001-Define-__SWORD_TYPE-if-undefined.patch
0001-Define-__SWORD_TYPE-and-_PATH_NSSWITCH_CONF.patch
0001-Bug-fix-for-pid_t-not-found-on-musl.patch
0001-modules-lookup_multi.c-Replace-__S_IEXEC-with-S_IEXE.patch
0002-Replace-__S_IEXEC-with-S_IEXEC.patch
* Reresh the following patches:
no-bash.patch
remove-bashism.patch
mount_conflict.patch
force-STRIP-to-emtpy.patch
0001-include-libgen.h-for-basename.patch
0001-Do-not-hardcode-path-for-pkg.m4.patch
fix-the-YACC-rule-to-fix-a-building-failure.patch
using-pkg-config-to-detect-libxml-2.0-and-krb5.patch
* Add patch to fix build on musl:
0009-hash.h-include-sys-reg.h-instead-of-bits-reg.h.patch
* Backport patch to fix build with gcc14:
0010-autofs-5.1.9-Fix-incompatible-function-pointer-types.patch
* Add PACKAGECONFIG[openldap] and PACKAGECONFIG[sasl]
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ChangeLog:
https://github.com/snort3/snort3/releases/tag/3.3.4.0
* appid: notify binder on service change
* appid: replaced hsessions vector of raw pointers into vector of smart
pointers
* ftp_telnet: refactoring ftp-data
* latency, dce, stream_ip: fix max pegs incorrectly declared sum
* telnet: avoid flush when cr or lf is between commands
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
nftables has a pyproject.toml file since v1.0.9, c.f.
https://git.netfilter.org/nftables/commit/?id=8e603e0f7eec7c0000344a004228a30fbf0ece5c
Styhead has started to complain when a recipe inherits setuptools3 and a
proper pyproject.toml is provided in sources.
This uses python_pep517 functions instead of the setuptools3 ones,
inherits the proper class (still using setuptools3 but through pep517
process).
Notably, the python PACKAGECONFIG has its build dependency on
python3-setuptools-native removed as it's brought in by
python_setuptools_build_meta inherit, which is performed whenever the
python PACKAGECONFIG is selected. This avoids a "duplicate" but no
change in behavior is expected.
This was only build tested.
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* pass systemdsystemunitdir and systemduserunitdir to set correct directories
instead of using libdir from:
meson.build:systemd_base_path = join_paths(libdir, 'systemd')
which is wrong e.g. with multilib where libdir might be /usr/lib64 instead of
usr/lib used in ${nonarch_base_libdir} which is used by systemd_* variables:
export systemd_system_unitdir="/usr/lib/systemd/system"
export systemd_user_unitdir="/usr/lib/systemd/user"
fixes:
ERROR: Didn't find service unit 'blueman-mechanism.service', specified in SYSTEMD_SERVICE:blueman.
* inherit python3targetconfig to install into right python site-packages
without this it installs into
/usr/lib/python3.12/site-packages/
instead of /usr/lib64/python3.12/site-packages set in PYTHON_SITEPACKAGES_DIR
variable used in FILES, causing
blueman: 295 installed and not shipped files. [installed-vs-shipped]
# $PYTHON_SITEPACKAGES_DIR
# set oe-core/meta/classes-recipe/python3-dir.bbclass:11
# "${libdir}/${PYTHON_DIR}/site-packages"
PYTHON_SITEPACKAGES_DIR="/usr/lib64/python3.12/site-packages"
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This reverts commit: 5edb8335dc
The Networkmanager package must not depend on ModemManager. Only the
Networkmanager-wwan package should depend on the ModemManager package.
The mobile-broadband-provider-info is fully optional and it is often not
required for embedded devices. Let the user choose if it gets installed
or not. Adding it explicitely to IMAGE_INSTALL is simple. Adding an
RRECOMMENS would work as well. But adding an RDEPENDS is bad.
In general, NetworkManager packaging is intended to provide a set of
binary packages suitable for building many different images.
NetworkManager is designed to be used for binary packages distributions
where it is not possible to rebuild NetworkManager just to install
Modemmanager. Also for OE, where a rebuilding is possible, a rebuild is
a disadvantage. So please do not destroy this flexibility by adding
RDEPENDS, which are firstly wrong and secondly only suitable for your
specific needs.
Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Pass OE's CFLAGS via CC since the Makefile disregards these flags from
environment and has it own notion of it. This ensures that flags to
rewrite debug flags are passed down correctly to compiler.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This fixes emitting buildpaths into binary and also
fixes the issue where these tools wont exist on
the paths they were found on build machine
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ChangeLog:
https://github.com/snort3/snort3/releases/tag/3.3.3.0
* control: code cleanup
* control: handle control commands after packet threads are fully
initialised
* daq: add outstanding packets counter
* extractor: add flow hash key
* file_api: max depth is set as part of initial config
* file: remove unused variable in FileFlows destructor
* filters: update dev_notes.txt with details for event_filter
* flow: optimize timeout handling for different packet type
* http_inspect: add peg counts for gzip, known-not-supported, and
unknown
* http_inspect: log normalized URI in extra data
* ips_options: separate main thread pcre counts from packet threads
stats
* memory: account memory for profiler only when packet thread is
involved
* src: resolve various warnings
* stream_tcp: make sure ports are correctly swapped when filling a
meta-ACK packet
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Some of the PACKAGECONFIG can be derived from the DISTRO_FEATURES and
MACHINE_FEATURES.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Our version was copied 2011 and is out of date. The changes in the meantime
affected only comments.
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
configure emits its arguments into binaries via PACKAGE_CONFIGURE_INVOCATION
therefore edit the paths from this in generated config.h before it gets into
binaries.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Make this option turned on by default
Fixes
WARNING: wolfssl-5.7.2-r0 do_package_qa: QA Issue: File /usr/lib/libwolfssl.so.42.2.0 in package wolfssl contains reference to TMPDIR [buildpaths]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ERROR: blueman-2.4.3-r0 do_package: QA Issue: blueman: Files/directories were installed but not shipped in any package:
/usr/lib/systemd/system
/usr/lib/systemd/system/blueman-mechanism.service
Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install.
blueman: 2 installed and not shipped files. [installed-vs-shipped]
ERROR: blueman-2.4.3-r0 do_package: Fatal QA errors were found, failing task.
Signed-off-by: alperak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Remove 0001-meson-add-pythoninstalldir-option.patch. It was fixed by:
[https://github.com/blueman-project/blueman/pull/1700]
Remove 0001-Search-for-cython3.patch. It was fixed by:
[2682501e31/module/meson.build (L1)]
Remove 0001-meson-add-pythoninstalldir-option.patch. Not quite sure about this one,
but even without this patch there are no issues to enable bluetooth on my side
Dont add polkit rule. It is now added by default.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
WARNING: tayga-0.9.2-r0 do_package_qa: QA Issue: File /usr/sbin/.debug/tayga in package tayga-dbg contains reference to TMPDIR [buildpaths]
Make sure that the OE provided CFLAGS are passed to the compiler.
Signed-off-by: alperak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This change adds a simple format for the skip results.
The format selected is the automake "simple test" format:
"result: testname"
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Bugfixes:
===========
* RADIUS dissector's dictionary loading broken in many ways.
* 3.4 -> 3.6.5 ASCII display is broken on CentOS 7.
* Funnel/Lua: Closing child window disconnects buttons of parent.
* Lua detection fails with Alpine Linux: missing: LUA_LIBRARIES.
* vnd.3gpp.5gnas payloads of type SMS not decoded inside HTTP2 5GC.
* TCP Stream Graphs green sliding window line not displayed correctly.
* Wireshark window doesn't fully fit on screen on small resolutions and can't be resized properly on Russian language.
* Wireshark started from command line doesn't set gui.fileopen_remembered_dir correctly on Windows.
* Wireshark expects wrong length for DHCP Relay Agent Information Source Port Suboption.
* SIP P-Access-Network-Info header not correctly decoded.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
* Support matching a OVS system interface by MAC address.
* When looking up the system hostname from the reverse DNS lookup of
addresses configured on interfaces, NetworkManager now takes into
account the content of /etc/hosts.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
- ipset: fix json output format for IPSET_OPT_IP
- tests: add namespace test and take into account delayed
set removal at module remove
- Update autoconfig tools to build cleanly on Debian bookworm
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
There was an error with the last modification to the buildpaths warning, which could cause segment error.
fix the following warning about buildpath:
WARNING: fetchmail-6.4.38-r0 do_package_qa: QA Issue: File /usr/bin/fetchmail in package fetchmail contains reference to TMPDIR [buildpaths]
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The previous fossies.org archive contained a 2.0.6 release.
(The included "configure" script contained PACKAGE_VERSION='2.0.6')
Switch to the upstream archive hosted on snort.org which look like a
real 2.0.7 version (configure contains PACKAGE_VERSION='2.0.7')
Diff of the before vs after archive includes:
* configure script :
* New option : -runstatedir
* PACKAGE_VERSION='2.0.6' -> '2.0.7' (+ other related variables)
* New copyright year (2014-2021 Cisco) on some files
Use a custom downloadfilename to avoid conflicts with the "wrong" 2.0.7
archive.
CC: Romain Naour <romain.naour@smile.fr>
CC: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The value the configure script uses is picked up
from the host machine ps, and there are cases when
the flag selection can be different. Which would
break reproducablity between builds on different
machines.
Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Adapt the compile 'test' phony target from Makefile and deploy as
ptest for unbound.
All test are successful on a trial and took around >9min and <10min.
Duration of ptest execution was 587 seconds on an average.
Signed-off-by: rajmohan r <semc.2042@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
* Support matching a OVS system interface by MAC address.
* Fix port reactivation when the controller is reactivating.
* Save connection timestamps when shutting down, so that the right
connection autoactivates after restart.
* Fix handling of VPN secrets for 2-factor authentication.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The touch command doesn't support file mode setting. Set it with chmod.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The current version (0.9.5.0) is not affected by the CVE which affects versions at least earlier than 0.9.4.0.
Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-configure.ac-eliminate-build-path-from-openvpn-versi.patch
refreshed for 2.6.11
Changelog:
=============
- Implement server_poll_timeout for socks
- Use snprintf instead of sprintf for get_ssl_library_version
- Add bracket in fingerprint message and do not warn about missing verification
- Replace macos11 with macos14 in github runners
- Only run coverity scan in OpenVPN/OpenVPN repository
- Workaround issue in LibreSSL crashing when enumerating digests/ciphers
- Properly handle null bytes and invalid characters in control messages
- Allow to set ifmode for existing DCO interfaces in FreeBSD
- samples: Update sample configurations
- documentation: make section levels consistent
- phase2_tcp_server: fix Coverity issue 'Dereference after null check'
- script-options.rst: Update ifconfig_* variables
- LZO: do not use lzoutils.h macros
- Remove "experimental" denotation for --fast-io
- Implement Windows CA template match for Crypto-API selector
- misc.c: remove unused code
- interactive.c: Improve access control for gui<->service pipe
- Only schedule_exit() once
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
* Adapt to the new way of handling the 2FA secret by the
daemon, needed by it to fix a bug with certain clients.
Requires NetworkManager >= 1.46.2.
* Update Slovenian and Hungarian translations.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
api: Add DIOCTL_GET_CPU_PROFILE_DATA ioctl to get cpu profile data
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
lib32-tnftp do_compile failed with gcc-14:
../../tnftp-20230507/libedit/terminal.c:597:56: error: passing argument 2 of 'terminal_overwrite' from incompatible pointer type [-Wincompatible-pointer-types]
597 | terminal_overwrite(el, &el->el_display[
| ^~~~~~~~~~~~~~~~
| |
| wint_t * {aka unsigned int *}
598 | el->el_cursor.v][el->el_cursor.h],
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../../tnftp-20230507/libedit/refresh.c:114:38: error: initialization of 'wchar_t *' {aka 'long int *'} from incompatible pointer type 'wint_t *' {aka 'unsigned int *'} [-Wincompatible-pointer-types]
114 | wchar_t *firstline = el->el_vdisplay[0];
For 64bit system:
wchar_t is defined as int
wint_t is define as unsigned int
For 32bit system:
wchar_t is defined as long int
wint_t is define as unsigned int
In 64bit case, it works well, but in 32bit case, gcc will take it as
incompatible, and report above error
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Error: Transaction test error:
file /usr/share/yang/ietf-netconf-acm.yang conflicts between attempted installs of libsmi-yang-0.5.0-r0.aarch64 and frr-10.0-r0.aarch64
file /usr/share/yang/ietf-netconf-with-defaults.yang conflicts between attempted installs of libsmi-yang-0.5.0-r0.aarch64 and frr-10.0-r0.aarch64
file /usr/share/yang/ietf-netconf.yang conflicts between attempted installs of libsmi-yang-0.5.0-r0.aarch64 and frr-10.0-r0.aarch64
libsmi also uses the doc 'ietf-netconf-acm.yang ietf-netconf-with-defaults.yang ietf-netconf.yang'.
libsmi has a priority of 50.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
- usbredirect: Fix redirecting identical devices
- usbredirect: Fix CPU tight loop when run as TCP server
- usbredirect: Fix some minor memory leaks
- usbredirect: Add documentation about bus-device option
- usbredirtestclient: Fix build on MacOS 10.5
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
udpcast is a file transfer tool that can send data simultaneously to many
destinations on a LAN.
It is an alternative to uftp which is already in meta-networking.
On a lossy network, udpcast provided 10x faster transfer rates
with error correction enabled while using a half as much CPU thanks to a
simpler algorithm.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fix incompatible pointer type error for daq:
| ../../daq-2.0.7/os-daq-modules/daq_nfq.c: In function 'SetPktHdr':
| ../../daq-2.0.7/os-daq-modules/daq_nfq.c:394:37: error: passing argument 2
of 'nfq_get_payload' from incompatible pointer type [-Wincompatible-pointer-types]
| 394 | int len = nfq_get_payload(nfad, (char**)pkt);
| | ^~~~~~~~~~~
| | |
| | char **
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
* Building with autotools is now deprecated and will be completely removed
in the next development cycle. We recommend using meson to build
NetworkManager -- for basic setup, see the CONTRIBUTING.md file.
To ignore this deprecation and still build with Autotools, you can specify
the '--disable-autotools-deprecation' argument when configuring.
* Support changing the OpenSSL ciphers for 802.1X authentication via
connection property "802-1x.openssl-ciphers".
* The reason why a device is unmanaged is now properly set in the
"StateReason" property of the "Device" D-Bus object. The property is
visible in nmcli via "nmcli -f all device show $DEV".
* Deprecated 802-11-wireless and 802-11-wired property 'mac-address-blacklist'
and introduced the 'mac-address-denylist' property.
* Properly restore in-memory connection profiles during the rollback
of a checkpoint.
* Fix detection of 6 GHz band capability for WiFi devices
* Allow IPv6 SLAAC and static IPv6 DNS server assignment for modem broadband
when IPv6 device address was not explicitly passed on by ModemManager
* Fix a performance issue that was leading to 100% CPU usage by NetworkManager
if external programs were doing a big amount of routes updates.
* Patch-level development releases (i.e. 1.48.1-dev) won't be used anymore.
From now on, all the patch releases whithin a stable branch will be normal
releases, like 1.48.0, 1.48.1, 1.48.2, 1.48.3 and so on.
Odd numbers in the minor version number still indicates if it's a development
branch like 1.49 or a stable one like 1.48.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=============
- config file parser dynamically allocates linebuffer to allow multithreaded applications
- parse time values in model configuration file
- config file generator: added missing code for GSEControl
- Config file generator: support multiple access points for GOOSE and SMV control blocks
- config file generator: added code to add SMVCBs to config files
- IED server: added code to create SMVCBs with the dynamic model API
- MMS server: added support for write access with component alternate access
- MMS client: added function MmsConnection_writeVariableComponent to write to variables with alternate component access
- make write access to RCB elements configurable according to ReportSettings
- Added function IedConnection_setLocalAddress to define local IP address and optionally local port of a client connection
- IED server: added ControlAction_getSynchroCheck and ControlAction_getInterlockCheck functions
- fixed - IEC 61580 server: dataset is not released when RCB.Datset is set to empty string by client
- PAL: fixed wrong order of function arguments for fread and fwrite functions
- MMS client: parsing of servicecsSupported in MMS init response is off by one
- fixed - potential memory leaks in goose publisher code
- fixed - server sends dchg report when only dupd is enabled in RCB
- GOOSE subscriber: fixed - possible heap corruption in parseAllData due to missing validity check in bit-string handling
- IED server: fixed problem with implicit ResvTms setting when reserved with RptEna
- IED server: fixed - segmentation fault when compiled with CONFIG_MMS_THREADLESS_STACK
- fixed - MMS server: messages can be corrupted when TCP buffer is full
- fixed - .NET: IedConenction.WriteDataSetValues throws a NullReferenceException
- fixed - server send invalid response- when client uses wrong ctlModel
- fixed - IedConnection_setRCBValuesAsync crashes when RCB is already reserved by other client
- fixed - outstanding call not released in IedConnection_getDataSetDirectoryAsync
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Drop 0015-Add-missing-limits.h.patch (equivalent patch merged upstream),
rebase other patches.
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
GCC 14 is more strict regarding const pointers conversion. Fix
conversion to let ntpong build with GCC 14 and updated rrdtool. The
patch is not submitted upstream yet, the project requires singing of
CLA.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Use inherit_defer instead of inhert. This way, setuptools3 is not
inherited when python is removed from PACKAGECONFIG in a .bbappend file.
This avoids dependencies added by setuptools3.
Don't add nftables-python to PACKAGES if python is disabled. It adds
extra runtime dependencies on python3-core and python3-json.
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
* Enable IPv6 name record lookups for dig-wrapper. This indirectly enables
IPv6/AAAA-record support for dyndns-host-open (& traffic-accounting) plugin
! Prevent systemd from terminating the job manager when some rules fail
* Renamed xxx_OUTPUT to INET_OUTPUT_xxx for clarity/consistency
+ Additional INET_OUTPUT_xxx settings to have better control
of internet access on this machine
* Reorder some code/settings for clarity/consistency
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
With the UNPACKDIR changes in place the layers are no longer compatible
with the scarthgap release. Drop it from LAYERSERIES_COMPAT and limit
compatibility to styhead only.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Replace references of WORKDIR with UNPACKDIR where it makes sense to do
so in preparation for changing the default value of UNPACKDIR.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It does not provide/enable systemd script generation which results in
ERROR: nbd-3.26.1-r0 do_package: nbd does not appear in package list, please add it
Signes-off-by: Khem Raj <raj.khem@gmail.com>
mdio-netlink source make reference to ${S}/.. which breaks
-fdebug-prefix-map and results in the full TMPDIR path being present in
the -dbg package and, also, change a related CRC in the main package.
This changes ${S} to enclose the whole SRC_URI repo and adapt relative paths to
build (MODULES_MODULE_SYMVERS_LOCATION)
This make mdio-netlink reproducible and fixes this warning:
WARNING: mdio-netlink-1.3.1-r0 do_package_qa: QA Issue: File /lib/modules/6.6.29-yocto-standard/updates/.debug/mdio-netlink.ko in package mdio-netlink-dbg contains reference to TMPDIR [buildpaths]
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Reviewed-by: Alexandre Truong <alexandre.truong@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
When build on Debian 11 (gcc10), squid fails to build[0] because of a
bug[1] in the configure step (it mixes options between old native compiler
and recent target compiler: the former needs the std=c++17 option, the latter
doesn't).
The workaround is to force the "-std=c++17" option for the native build.
NB: Our Buildroot friends have the same workaround[2].
[0]: https://autobuilder.yoctoproject.org/typhoon/#/builders/155/builds/23/steps/28/logs/stdio
[1]: https://bugs.squid-cache.org/show_bug.cgi?id=5376
Bug closed as invalid by upstream
[2]: 932b52fad8/package/squid/squid.mk (L24)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Reviewed-by: Alexandre Truong <alexandre.truong@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
Fix#207: crash when adding IPv6 multicast route on a kernel without IPv6 multicast support
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
* Improve the support for 2FA dynamic challenge, not
saving the response into the profile.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
When PACKAGECONFIG does not contains 'programs', the hello binary will
not be generated, but the ALTERNATIVE 'hello' is still set, causing the
update-alternatives bbclass to generate warnings for the missing
'hello' binary.
This commit fixes that by only populating ALTERNATIVES when 'programs'
is enabled.
Signed-off-by: Ricardo Simoes <ricardo.simoes@pt.bosch.com>
Signed-off-by: Mark Jonas <mark.jonas@de.bosch.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
0001-fping-Initialize-msghdr-struct-in-a-portable-way.patch
removed since it's included in 5.2
Changelog:
============
-New option -X / --fast-reachable to exit immediately once N hosts have been found
-New option -k / -fwmark to set Linux fwmark mask
-Always output fatal error messages
-Fallback to SO_TIMESTAMP if SO_TIMESTAMPNS is not available
-Fix "not enough sequence numbers available" error on BSD-like systems
-Fix running in unprivileged mode
-Fix build issue for NetBSD/alpha
-Fix build issue for OpenBSD/alpha
-Fix build warning for long int usage
-Fix build error with musl libc
-Fix to guard against division by zero
-Decouple -a/-u effects from -c
-Added contrib/Dockerfile
-Remove host from Netdata chart titles
-Add additional tests
-Update github action os images
-Fix Azure pipeline tests
-Various autoconf fixes
-Extended configure script with --enable-debug and output cpu usage
-Documentation: Update Netdata website link
-Documentation: fix description of --file option
-Documentation: improve exit status description
-Documentation: move description of -i MSEC
-Documentation: improve help output for options -c and -C
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
- also copy GLib*Typelib to STAGING_LIBDIR_NATIVE to avoid:
| gi.RepositoryError: Typelib file for namespace 'GLib', version '2.0' not found
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Basically what is done in:
https://git.openembedded.org/meta-openembedded/commit/?h=master-next&id=4c40897893f43a99e6ae12e652c0cf789d89df90
This fixes:
| gi.RepositoryError: Typelib file for namespace 'Gobject', version '2.0' not found
| gi.RepositoryError: Typelib file for namespace 'Gio', version '2.0' not found
| gi.RepositoryError: Typelib file for namespace 'GModule', version '2.0' not found
- Remove uneeded do_compile:prepend. It was broken because of {B}} and seems to be unneeded anyway
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
For now, the known non-reproducible packages list is stored inside the
autobuilder config.json file. This is not ideal. Let's move this list
into each layers of meta-openembedded.
These lists can be used with, in local.conf:
include conf/include/non-repro-meta-oe.inc
OEQA_REPRODUCIBLE_EXCLUDED_PACKAGES = "${KNOWN_NON_REPRO_META_OE}"
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Acked-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
spice-gtk seems to be the last recipe in meta-openembedded that uses
usbids instead of hwdata.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
* make sure Homebrew packages for macOS are built with --enable-legacy-pppd
* do not print TLS socket options in log (revert change from 1.16.0)
* add option to specify SNI
* change most occurrences of "SSL" to "TLS" in user-visible text
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* it's used since:
da679d27c5
included with the upgrade to 1.5.0 in:
https://git.openembedded.org/meta-openembedded/commit/?id=47ccb88d94852e327f3bdd45425f33e56983b50c
* libidn2 is usually pulled into the RSS by the dependency from gnutls
but when gnutls doesn't depend on it, the build fails with:
-- Checking for module 'libidn2'
-- No package 'libidn2' found
CMake Error at include/freeDiameter/CMakeLists.txt:144 (MESSAGE):
Unable to find libidn2, please install libidn2-dev or equivalent, or set
DIAMID_IDNA_IGNORE or DIAMID_IDNA_REJECT
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
-Merge pull request #1444 from yishaih/mlx5_dr
-Merge pull request #1439 from Kamalheib/qedr_pr
-mlx5: DR, Using sq ts format when RoCE is disabled
-Merge pull request #1440 from Honggang-LI/doc
-librdmacm: adjust ECE function name in man page
-providers/qedr: Remove unused debug files
-roviders/qelr: Replace DP_ERR with verbs_err
-providers/qelr: Replace DP_VERBOSE with verbs_debug
-providers/qelr: Remove unused macros
-Merge pull request #1438 from amzn/fix-rdma-tracepoint
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The following paths have been replaced with PYTHON_SITEPACKAGES_DIR:
- "${libdir}/${PYTHON_DIR}/site-packages"
- "${libdir}/python${PYTHON_BASEVERSION}/site-packages"
- "${libdir}/python*/site-packages"
- "${libdir}/python3.*/site-packages"
Signed-off-by: alperak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This also fixes all ptests, therefore move freediameter
out of PTESTS_PROBLEMS_META_NETWORKING to PTESTS_FAST_META_NETWORKING
Signed-off-by: Khem Raj <raj.khem@gmail.com>
CVE-2024-0962:
A vulnerability was found in obgm libcoap 4.3.4. It has been rated as critical. Affected by this issue is the function get_split_entry of the file src/coap_oscore.c of the component Configuration File Handler. The manipulation leads to stack-based buffer overflow.
Upstream-Status: Backport [https://github.com/obgm/libcoap/pull/1311]
WARNING: libcoap-4.3.4-r0 do_cve_check: Found unpatched CVE (CVE-2024-0962)
This vulnerability is only exist in 4.3.4.
Signed-off-by: alperak <alperyasinak1@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
oldincludedir was removed in oe-core by
commit 506c91cbc6a604a84e37e53ccff430436369802e
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
It gets OOMs with memory < 2G on x86_64 qemu
Export NFT variable in run-ptest script its used by few tests
Add required runtime dependencies for ptests to pass
This also requires changes to kernel config
features/nf_tables/nft_test.scc and CONFIG_VETH
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Switch the SRC_URI to http since the postfix site does not yet use https.
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Switch SRC_URI to https (yes, the URI still has ftp in the path!).
Also drop the obsolete SRC_URI[md5sum].
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Switch the SRC_URI from "ftp:" to "https:". Drop the obsolete SRC_URI[md5sum].
Drop ncftp-3.2.5-gcc10.patch since we're using gcc13 and upstream has fixed the build
to work by adding an extern to sh_util/gpshare.c for example.
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This is an LTS release.
Includes security fixes:
* CVE-2024-28960 - Insecure handling of shared memory in PSA Crypto APIs
Full release notes:
https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The following ShellCheck violations in "run-ptest" are fixed:
- line 4:
SC2164: Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
- line 7:
SC2086: Double quote to prevent globbing and word splitting.
- line 9:
SC2006: Use $(...) notation instead of legacy backticks `...`.
SC2086: Double quote to prevent globbing and word splitting.
SC2126: Consider using 'grep -c' instead of 'grep|wc -l'.
- line 10:
SC2006: Use $(...) notation instead of legacy backticks `...`.
SC2086: Double quote to prevent globbing and word splitting.
SC2126: Consider using 'grep -c' instead of 'grep|wc -l'.
- line 17:
SC2086: Double quote to prevent globbing and word splitting.
Signed-off-by: William Lyu <William.Lyu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Fix the following ptest output format issues:
- For "sed" command, change "-e" option to "-E" option. I believe the
previous "-e" option is a typo based on the manual page of "sed":
-e script, --expression=script
add the script to the commands to be executed
"-E" option, on the other hand, makes "sed" "use extended regular
expressions in the script" according to the manual page.
- The test result summary line is being treated as both a passed
testcase and a failed testcase due to this line containing substring
"[OK]" and "[FAILED]". The following is a sample test result summary
line:
I: results: [OK] 379 [SKIPPED] 1 [FAILED] 0 [TOTAL] 380
The fix is to change run-ptest to look for "I: [OK]" and
"W: [FAILED]" when determining which lines correspond to
passed/failed testcases.
- Previously, only "W: [FAILED]" out of the following testcase failure
prompts is parsed:
W: [CHK DUMP]
W: [VALGRIND]
W: [TAINTED]
W: [DUMP FAIL]
W: [FAILED]
Adding parsing for all testcase failure prompts.
Signed-off-by: William Lyu <William.Lyu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Add --without-rlm_json to fix:
configure: error: set --without-rlm_json to disable it explicitly
* Add --without-rlm_cache_redis to fix:
configure: error: set --without-rlm_cache_redis to disable it explicitly.
* Drop 0017-add-python.m4-for-detecting-python-3.10.patch and add
0017-Add-acinclude.m4-to-include-required-macros.patch to fix python3 related
build errors
* Rebased other patches for 3.2.3.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
