diff options
Diffstat (limited to 'meta-openembedded/meta-networking/recipes-support')
22 files changed, 259 insertions, 137 deletions
diff --git a/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.89.bb b/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.89.bb index 1a009f2da3..684eb44320 100644 --- a/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.89.bb +++ b/meta-openembedded/meta-networking/recipes-support/dnsmasq/dnsmasq_2.89.bb @@ -17,6 +17,7 @@ SRC_URI = "http://www.thekelleys.org.uk/dnsmasq/${@['archive/', ''][float(d.getV file://dnsmasq-resolvconf.service \ file://dnsmasq-noresolvconf.service \ file://dnsmasq-resolved.conf \ + file://CVE-2023-28450.patch \ " SRC_URI[sha256sum] = "8651373d000cae23776256e83dcaa6723dee72c06a39362700344e0c12c4e7e4" diff --git a/meta-openembedded/meta-networking/recipes-support/dnsmasq/files/CVE-2023-28450.patch b/meta-openembedded/meta-networking/recipes-support/dnsmasq/files/CVE-2023-28450.patch new file mode 100644 index 0000000000..129c9043e8 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/dnsmasq/files/CVE-2023-28450.patch @@ -0,0 +1,48 @@ +From eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5 Mon Sep 17 00:00:00 2001 +From: Simon Kelley <simon@thekelleys.org.uk> +Date: Tue, 7 Mar 2023 22:07:46 +0000 +Subject: [PATCH] Set the default maximum DNS UDP packet size to 1232. + +http://www.dnsflagday.net/2020/ refers. + +Thanks to Xiang Li for the prompt. + +CVE: CVE-2023-28450 +Upstream-Status: Backport [https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5] + +Signed-off-by: Peter Marko <peter.marko@siemens.com> +--- + man/dnsmasq.8 | 3 ++- + src/config.h | 2 +- + 2 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 +index 41e2e04..5acb935 100644 +--- a/man/dnsmasq.8 ++++ b/man/dnsmasq.8 +@@ -183,7 +183,8 @@ to zero completely disables DNS function, leaving only DHCP and/or TFTP. + .TP + .B \-P, --edns-packet-max=<size> + Specify the largest EDNS.0 UDP packet which is supported by the DNS +-forwarder. Defaults to 4096, which is the RFC5625-recommended size. ++forwarder. Defaults to 1232, which is the recommended size following the ++DNS flag day in 2020. Only increase if you know what you are doing. + .TP + .B \-Q, --query-port=<query_port> + Send outbound DNS queries from, and listen for their replies on, the +diff --git a/src/config.h b/src/config.h +index 1e7b30f..37b374e 100644 +--- a/src/config.h ++++ b/src/config.h +@@ -19,7 +19,7 @@ + #define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */ + #define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */ + #define TCP_BACKLOG 32 /* kernel backlog limit for TCP connections */ +-#define EDNS_PKTSZ 4096 /* default max EDNS.0 UDP packet from RFC5625 */ ++#define EDNS_PKTSZ 1232 /* default max EDNS.0 UDP packet from from /dnsflagday.net/2020 */ + #define SAFE_PKTSZ 1232 /* "go anywhere" UDP packet size, see https://dnsflagday.net/2020/ */ + #define KEYBLOCK_LEN 40 /* choose to minimise fragmentation when storing DNSSEC keys */ + #define DNSSEC_WORK 50 /* Max number of queries to validate one question */ +-- +2.20.1 + diff --git a/meta-openembedded/meta-networking/recipes-support/ettercap/ettercap/0001-sslstrip-Enhance-the-libcurl-version-check-to-consid.patch b/meta-openembedded/meta-networking/recipes-support/ettercap/ettercap/0001-sslstrip-Enhance-the-libcurl-version-check-to-consid.patch new file mode 100644 index 0000000000..592ea52f2e --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/ettercap/ettercap/0001-sslstrip-Enhance-the-libcurl-version-check-to-consid.patch @@ -0,0 +1,38 @@ +From 40534662043b7d831d1f6c70448afa9d374a9b63 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Thu, 23 Mar 2023 10:23:14 -0700 +Subject: [PATCH] sslstrip: Enhance the libcurl version check to consider + version 8+ + +Lately curl has released version 8 and hence LIBCURL_VERSION_MAJOR is +reset to 0, current check assumes major version to be 7 at max and hence +on systems with libcurl 8+ this check breaks and build fails + +Fixes + +TOPDIR/build/tmp/work/cortexa15t2hf-neon-yoe-linux-gnueabi/ettercap/0.8.3.1-r0/git/plug-ins/sslstrip/sslstrip.c:57:2: error: libcurl 7.26.0 or up is needed + ^ +1 error generated. + +Upstream-Status: Backport [https://github.com/Ettercap/ettercap/commit/40534662043b7d831d1f6c70448afa9d374a9b63] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + plug-ins/sslstrip/sslstrip.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/plug-ins/sslstrip/sslstrip.c b/plug-ins/sslstrip/sslstrip.c +index 327bf58a..d9b67c8b 100644 +--- a/plug-ins/sslstrip/sslstrip.c ++++ b/plug-ins/sslstrip/sslstrip.c +@@ -51,7 +51,7 @@ + + #include <curl/curl.h> + +-#if (LIBCURL_VERSION_MAJOR < 7) || (LIBCURL_VERSION_MINOR < 26) ++#if (LIBCURL_VERSION_MAJOR < 7) || (LIBCURL_VERSION_MAJOR == 7 && LIBCURL_VERSION_MINOR < 26) + #error libcurl 7.26.0 or up is needed + #endif + +-- +2.40.0 + diff --git a/meta-openembedded/meta-networking/recipes-support/ettercap/ettercap_0.8.3.1.bb b/meta-openembedded/meta-networking/recipes-support/ettercap/ettercap_0.8.3.1.bb index b0958e6975..6c07223b31 100644 --- a/meta-openembedded/meta-networking/recipes-support/ettercap/ettercap_0.8.3.1.bb +++ b/meta-openembedded/meta-networking/recipes-support/ettercap/ettercap_0.8.3.1.bb @@ -20,7 +20,8 @@ DEPENDS += "ethtool \ RDEPENDS:${PN} += "bash ethtool libgcc" -SRC_URI = "gitsm://github.com/Ettercap/ettercap;branch=master;protocol=https" +SRC_URI = "gitsm://github.com/Ettercap/ettercap;branch=master;protocol=https \ + file://0001-sslstrip-Enhance-the-libcurl-version-check-to-consid.patch" SRCREV = "7281fbddb7da7478beb1d21e3cb105fff3778b31" diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/0002-ldb-Add-configure-options-for-packages.patch b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/0002-ldb-Add-configure-options-for-packages.patch index 988931c490..4b74a877b3 100644 --- a/meta-openembedded/meta-networking/recipes-support/libldb/libldb/0002-ldb-Add-configure-options-for-packages.patch +++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb/0002-ldb-Add-configure-options-for-packages.patch @@ -1,4 +1,4 @@ -From b4e04e5dd13c9de8b336f7d0c254973a225e3b5f Mon Sep 17 00:00:00 2001 +From acd3985f9c428882f1b731a6f9ce5cb1a4a3a02c Mon Sep 17 00:00:00 2001 From: Changqing Li <changqing.li@windriver.com> Date: Mon, 1 Jul 2019 16:14:16 +0800 Subject: [PATCH] ldb: Add configure options for packages @@ -26,7 +26,7 @@ Signed-off-by: Yi Zhao <yi.zhao@windriver.com> 2 files changed, 78 insertions(+), 20 deletions(-) diff --git a/lib/replace/wscript b/lib/replace/wscript -index 4c774d9..63c9967 100644 +index 5c2b750..a38baae 100644 --- a/lib/replace/wscript +++ b/lib/replace/wscript @@ -25,6 +25,41 @@ def options(opt): @@ -71,7 +71,7 @@ index 4c774d9..63c9967 100644 @Utils.run_once def configure(conf): conf.RECURSE('buildtools/wafsamba') -@@ -35,12 +70,25 @@ def configure(conf): +@@ -38,12 +73,25 @@ def configure(conf): conf.DEFINE('HAVE_LIBREPLACE', 1) conf.DEFINE('LIBREPLACE_NETWORK_CHECKS', 1) @@ -98,10 +98,10 @@ index 4c774d9..63c9967 100644 + if Options.options.enable_libcap: + conf.CHECK_HEADERS('sys/capability.h') + - conf.CHECK_HEADERS('port.h') conf.CHECK_HEADERS('sys/fcntl.h sys/filio.h sys/filsys.h sys/fs/s5param.h') conf.CHECK_HEADERS('sys/id.h sys/ioctl.h sys/ipc.h sys/mman.h sys/mode.h sys/ndir.h sys/priv.h') -@@ -110,8 +158,9 @@ def configure(conf): + conf.CHECK_HEADERS('sys/resource.h sys/security.h sys/shm.h sys/statfs.h sys/statvfs.h sys/termio.h') +@@ -113,8 +161,9 @@ def configure(conf): conf.CHECK_HEADERS('sys/fileio.h sys/filesys.h sys/dustat.h sys/sysmacros.h') conf.CHECK_HEADERS('xfs/libxfs.h netgroup.h') @@ -113,7 +113,7 @@ index 4c774d9..63c9967 100644 conf.CHECK_HEADERS('nss_common.h nsswitch.h ns_api.h') conf.CHECK_HEADERS('sys/extattr.h sys/ea.h sys/proplist.h sys/cdefs.h') conf.CHECK_HEADERS('utmp.h utmpx.h lastlog.h') -@@ -434,20 +483,21 @@ def configure(conf): +@@ -436,20 +485,21 @@ def configure(conf): strlcpy_in_bsd = False @@ -150,7 +150,7 @@ index 4c774d9..63c9967 100644 conf.CHECK_CODE(''' struct ucred cred; diff --git a/wscript b/wscript -index 60bb7cf..7f14847 100644 +index 03076e6..5365408 100644 --- a/wscript +++ b/wscript @@ -40,6 +40,14 @@ def options(opt): diff --git a/meta-openembedded/meta-networking/recipes-support/libldb/libldb_2.6.1.bb b/meta-openembedded/meta-networking/recipes-support/libldb/libldb_2.7.1.bb index 7c7701acc3..d13bd37cc9 100644 --- a/meta-openembedded/meta-networking/recipes-support/libldb/libldb_2.6.1.bb +++ b/meta-openembedded/meta-networking/recipes-support/libldb/libldb_2.7.1.bb @@ -35,8 +35,8 @@ LIC_FILES_CHKSUM = "file://pyldb.h;endline=24;md5=dfbd238cecad76957f7f860fbe9ada file://man/ldb.3.xml;beginline=261;endline=262;md5=137f9fd61040c1505d1aa1019663fd08 \ file://tools/ldbdump.c;endline=19;md5=a7d4fc5d1f75676b49df491575a86a42" -SRC_URI[md5sum] = "3a5f54f511fb237b83e1f34e2c7e25cd" -SRC_URI[sha256sum] = "467403f77df86782c3965bb175440baa2ed751a9feb9560194bd8c06bf1736c9" +SRC_URI[md5sum] = "e443a8da17758479c3b5c542e8e3ff1a" +SRC_URI[sha256sum] = "c4632c9a7f81f8a45ed46fc14d18eb507edf4e79f6e88d16977478ef95ed5b7f" inherit pkgconfig waf-samba diff --git a/meta-openembedded/meta-networking/recipes-support/nbdkit/nbdkit_1.33.7.bb b/meta-openembedded/meta-networking/recipes-support/nbdkit/nbdkit_1.33.11.bb index 2af649cb45..32d4270d18 100644 --- a/meta-openembedded/meta-networking/recipes-support/nbdkit/nbdkit_1.33.7.bb +++ b/meta-openembedded/meta-networking/recipes-support/nbdkit/nbdkit_1.33.11.bb @@ -7,11 +7,11 @@ nbdkit is a toolkit for creating NBD servers." HOMEPAGE = "https://github.com/libguestfs/nbdkit" LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=f9dcc2d8acdde215fa4bd6ac12bb14f0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=26250adec854bc317493f6fb98efe049" SRC_URI = "git://github.com/libguestfs/nbdkit.git;protocol=https;branch=master \ " -SRCREV = "a5f804180240aea7031470cb8ed294f904268f0a" +SRCREV = "6c02c6a469d62a047f230b0ccf03f72328312d2b" S = "${WORKDIR}/git" diff --git a/meta-openembedded/meta-networking/recipes-support/ntp/ntp/ntpdate b/meta-openembedded/meta-networking/recipes-support/ntp/ntp/ntpdate deleted file mode 100755 index be3bacfcd1..0000000000 --- a/meta-openembedded/meta-networking/recipes-support/ntp/ntp/ntpdate +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/sh - -PATH=/sbin:/bin:/usr/bin:/usr/sbin - -test -x /usr/sbin/ntpdate || exit 0 - -if test -f /etc/default/ntpdate ; then -. /etc/default/ntpdate -fi - -if [ "$NTPSERVERS" = "" ] ; then - if [ "$METHOD" = "" -a "$1" != "silent" ] ; then - echo "Please set NTPSERVERS in /etc/default/ntpdate" - exit 1 - else - exit 0 - fi -fi - -# This is a heuristic: The idea is that if a static interface is brought -# up, that is a major event, and we can put in some extra effort to fix -# the system time. Feel free to change this, especially if you regularly -# bring up new network interfaces. -if [ "$METHOD" = static ]; then - OPTS="-b" -fi - -if [ "$METHOD" = loopback ]; then - exit 0 -fi - -( - -LOCKFILE=/var/lock/ntpdate - -# Avoid running more than one at a time -if [ -x /usr/bin/lockfile-create ]; then - lockfile-create $LOCKFILE - lockfile-touch $LOCKFILE & - LOCKTOUCHPID="$!" -fi - -if /usr/sbin/ntpdate -s $OPTS $NTPSERVERS 2>/dev/null; then - if [ "$UPDATE_HWCLOCK" = "yes" ]; then - hwclock --systohc || : - fi -fi - -if [ -x /usr/bin/lockfile-create ] ; then - kill $LOCKTOUCHPID - lockfile-remove $LOCKFILE -fi - -) & - -# wait for all subprocesses to finish -# this is required when using systemd service as ntpd will start before ntpdate finishes -# and results in a bind error (port 123) -wait diff --git a/meta-openembedded/meta-networking/recipes-support/ntp/ntp/ntpdate.default b/meta-openembedded/meta-networking/recipes-support/ntp/ntp/ntpdate.default deleted file mode 100644 index 486b6e07d3..0000000000 --- a/meta-openembedded/meta-networking/recipes-support/ntp/ntp/ntpdate.default +++ /dev/null @@ -1,7 +0,0 @@ -# Configuration script used by ntpdate-sync script - -NTPSERVERS="" - -# Set to "yes" to write time to hardware clock on success -UPDATE_HWCLOCK="no" - diff --git a/meta-openembedded/meta-networking/recipes-support/ntp/ntp/ntpdate.service b/meta-openembedded/meta-networking/recipes-support/ntp/ntp/ntpdate.service deleted file mode 100644 index 10cbd70f99..0000000000 --- a/meta-openembedded/meta-networking/recipes-support/ntp/ntp/ntpdate.service +++ /dev/null @@ -1,11 +0,0 @@ -[Unit] -Description=Network Time Service (one-shot ntpdate mode) -Before=ntpd.service - -[Service] -Type=oneshot -ExecStart=/usr/bin/ntpdate-sync silent -RemainAfterExit=yes - -[Install] -WantedBy=multi-user.target diff --git a/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb b/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb index 2ae53dc640..3ce2d77df7 100644 --- a/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb +++ b/meta-openembedded/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb @@ -18,9 +18,6 @@ SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.g file://0001-sntp-Fix-types-in-check-for-pthread_detach.patch \ file://ntpd \ file://ntp.conf \ - file://ntpdate \ - file://ntpdate.default \ - file://ntpdate.service \ file://ntpd.service \ file://sntp.service \ file://sntp \ @@ -95,18 +92,15 @@ do_install:append() { install -d ${D}${sysconfdir}/init.d install -m 644 ${WORKDIR}/ntp.conf ${D}${sysconfdir} install -m 755 ${WORKDIR}/ntpd ${D}${sysconfdir}/init.d - install -d ${D}${bindir} - install -m 755 ${WORKDIR}/ntpdate ${D}${bindir}/ntpdate-sync install -m 755 -d ${D}${NTP_USER_HOME} chown ntp:ntp ${D}${NTP_USER_HOME} # Fix hardcoded paths in scripts - sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync - sed -i 's!/usr/bin/!${bindir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync - sed -i 's!/etc/!${sysconfdir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync - sed -i 's!/var/!${localstatedir}/!g' ${D}${sysconfdir}/init.d/ntpd ${D}${bindir}/ntpdate-sync - sed -i 's!^PATH=.*!PATH=${base_sbindir}:${base_bindir}:${sbindir}:${bindir}!' ${D}${bindir}/ntpdate-sync + sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${sysconfdir}/init.d/ntpd + sed -i 's!/usr/bin/!${bindir}/!g' ${D}${sysconfdir}/init.d/ntpd + sed -i 's!/etc/!${sysconfdir}/!g' ${D}${sysconfdir}/init.d/ntpd + sed -i 's!/var/!${localstatedir}/!g' ${D}${sysconfdir}/init.d/ntpd sed -i '1s,#!.*perl -w,#! ${bindir}/env perl,' ${D}${sbindir}/ntptrace sed -i '/use/i use warnings;' ${D}${sbindir}/ntptrace sed -i '1s,#!.*perl,#! ${bindir}/env perl,' ${D}${sbindir}/ntp-wait @@ -115,26 +109,21 @@ do_install:append() { sed -i '/use/i use warnings;' ${D}${sbindir}/calc_tickadj install -d ${D}/${sysconfdir}/default - install -m 644 ${WORKDIR}/ntpdate.default ${D}${sysconfdir}/default/ntpdate install -m 0644 ${WORKDIR}/sntp ${D}${sysconfdir}/default/ - install -d ${D}/${sysconfdir}/network/if-up.d - ln -s ${bindir}/ntpdate-sync ${D}/${sysconfdir}/network/if-up.d - install -d ${D}${systemd_unitdir}/system - install -m 0644 ${WORKDIR}/ntpdate.service ${D}${systemd_unitdir}/system/ install -m 0644 ${WORKDIR}/ntpd.service ${D}${systemd_unitdir}/system/ install -m 0644 ${WORKDIR}/sntp.service ${D}${systemd_unitdir}/system/ install -d ${D}${systemd_unitdir}/ntp-units.d install -m 0644 ${WORKDIR}/ntpd.list ${D}${systemd_unitdir}/ntp-units.d/60-ntpd.list - # Remove an empty libexecdir. + # Remove the empty libexecdir and bindir. rmdir --ignore-fail-on-non-empty ${D}${libexecdir} + rmdir --ignore-fail-on-non-empty ${D}${bindir} } -PACKAGES += "ntpdate sntp ntpdc ntpq ${PN}-tickadj ${PN}-utils" -# NOTE: you don't need ntpdate, use "ntpd -q -g -x" +PACKAGES += "sntp ntpdc ntpq ${PN}-tickadj ${PN}-utils" # ntp originally includes tickadj. It's split off for inclusion in small firmware images on platforms # with wonky clocks (e.g. OpenSlug) @@ -149,9 +138,8 @@ RCONFLICTS:${PN}-utils = "${PN}-bin" # ntpdc and ntpq were split out of ntp-utils RDEPENDS:${PN}-utils = "ntpdc ntpq" -SYSTEMD_PACKAGES = "${PN} ntpdate sntp" +SYSTEMD_PACKAGES = "${PN} sntp" SYSTEMD_SERVICE:${PN} = "ntpd.service" -SYSTEMD_SERVICE:ntpdate = "ntpdate.service" SYSTEMD_SERVICE:sntp = "sntp.service" SYSTEMD_AUTO_ENABLE:sntp = "disable" @@ -159,10 +147,6 @@ RPROVIDES:${PN} += "${PN}-systemd" RREPLACES:${PN} += "${PN}-systemd" RCONFLICTS:${PN} += "${PN}-systemd" -RPROVIDES:ntpdate += "ntpdate-systemd" -RREPLACES:ntpdate += "ntpdate-systemd" -RCONFLICTS:ntpdate += "ntpdate-systemd" - RSUGGESTS:${PN} = "iana-etc" FILES:${PN} = "${sbindir}/ntpd.ntp ${sysconfdir}/ntp.conf ${sysconfdir}/init.d/ntpd \ @@ -172,12 +156,6 @@ FILES:${PN} = "${sbindir}/ntpd.ntp ${sysconfdir}/ntp.conf ${sysconfdir}/init.d/n FILES:${PN}-tickadj = "${sbindir}/tickadj" FILES:${PN}-utils = "${sbindir} ${datadir}/ntp/lib" RDEPENDS:${PN}-utils += "perl" -FILES:ntpdate = "${sbindir}/ntpdate \ - ${sysconfdir}/network/if-up.d/ntpdate-sync \ - ${bindir}/ntpdate-sync \ - ${sysconfdir}/default/ntpdate \ - ${systemd_unitdir}/system/ntpdate.service \ -" FILES:sntp = "${sbindir}/sntp \ ${sysconfdir}/default/sntp \ ${systemd_unitdir}/system/sntp.service \ @@ -186,20 +164,11 @@ FILES:ntpdc = "${sbindir}/ntpdc" FILES:ntpq = "${sbindir}/ntpq" CONFFILES:${PN} = "${sysconfdir}/ntp.conf" -CONFFILES:ntpdate = "${sysconfdir}/default/ntpdate" INITSCRIPT_NAME = "ntpd" # No dependencies, so just go in at the standard level (20) INITSCRIPT_PARAMS = "defaults" -pkg_postinst:ntpdate() { - if ! grep -q -s ntpdate $D/var/spool/cron/root; then - echo "adding crontab" - test -d $D/var/spool/cron || mkdir -p $D/var/spool/cron - echo "30 * * * * ${bindir}/ntpdate-sync silent" >> $D/var/spool/cron/root - fi -} - inherit update-alternatives ALTERNATIVE_PRIORITY = "100" diff --git a/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.6.0.bb b/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.6.1.bb index c8ab6cb467..20dac798bd 100644 --- a/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.6.0.bb +++ b/meta-openembedded/meta-networking/recipes-support/openvpn/openvpn_2.6.1.bb @@ -14,7 +14,7 @@ SRC_URI = "http://swupdate.openvpn.org/community/releases/${BP}.tar.gz \ UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads" -SRC_URI[sha256sum] = "ebec933263c9850ef6f7ce125e2f22214be60b1cbb8ccff18892643fe083ae8f" +SRC_URI[sha256sum] = "8cbc4fd8ce27b85107b449833c3b30fb05f1ca3c81b46a0ba8658036944266bc" # CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn. CVE_CHECK_IGNORE += "CVE-2020-7224 CVE-2020-27569" diff --git a/meta-openembedded/meta-networking/recipes-support/pgpool2/pgpool2/0001-Fix-build-error-when-build-this-file.patch b/meta-openembedded/meta-networking/recipes-support/pgpool2/pgpool2/0001-Fix-build-error-when-build-this-file.patch new file mode 100644 index 0000000000..52bcc3b7e3 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/pgpool2/pgpool2/0001-Fix-build-error-when-build-this-file.patch @@ -0,0 +1,32 @@ +From f8ab74a76049f69adeebe92c62593547e05a075d Mon Sep 17 00:00:00 2001 +From: Lei Maohui <leimaohui@fujitsu.com> +Date: Wed, 11 Jan 2023 17:22:41 +0900 +Subject: [PATCH] Fix build error when build this file. + +| snprintf.c:770:64: error: 'PG_STRERROR_R_BUFLEN' undeclared (first use in this function) +| 770 | char errbuf[PG_STRERROR_R_BUFLEN]; +| | ^~~~~~~~~~~~~~~~~~~~ + +PG_STRERROR_R_BUFLEN is defined in postgresql, but pgpool doesn't +include the header of postgresql. + +Upstream-Status: Inappropriate [OE-Specific] +Signed-off-by: Lei Maohui <leimaohui@fujitsu.com> +--- + src/parser/snprintf.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/parser/snprintf.c b/src/parser/snprintf.c +index 84ebdb2..3387897 100644 +--- a/src/parser/snprintf.c ++++ b/src/parser/snprintf.c +@@ -46,6 +46,7 @@ + #include "pool_parser.h" + #include "stringinfo.h" + #include "utils/palloc.h" ++#include "postgresql/server/port.h" + + /* + * We used to use the platform's NL_ARGMAX here, but that's a bad idea, +-- +2.25.1 diff --git a/meta-openembedded/meta-networking/recipes-support/pgpool2/pgpool2/0001-pgpool2-Fix-unknown-type-name-fd_set-error-with-musl.patch b/meta-openembedded/meta-networking/recipes-support/pgpool2/pgpool2/0001-pgpool2-Fix-unknown-type-name-fd_set-error-with-musl.patch new file mode 100644 index 0000000000..26f8afe4d6 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/pgpool2/pgpool2/0001-pgpool2-Fix-unknown-type-name-fd_set-error-with-musl.patch @@ -0,0 +1,33 @@ +From 5d335b5ddd052f047759cae0e9b94ec49f9f3884 Mon Sep 17 00:00:00 2001 +From: Lei Maohui <leimaohui@fujitsu.com> +Date: Mon, 20 Mar 2023 02:03:04 +0000 +Subject: [PATCH] pgpool2: Fix unknown type name 'fd_set' error with musl. + +| read.c: In function 'read_until_ready_for_query': +| read.c:53:24: error: storage size of 'timeoutval' isn't known +| 53 | struct timeval timeoutval; +| | ^~~~~~~~~~ +| read.c:54:9: error: unknown type name 'fd_set' +| 54 | fd_set readmask; +| | ^~~~~~ + +Upstream-Status: Inappropriate [embedded specific] +Signed-off-by: Lei Maohui <leimaohui@fujitsu.com> +--- + src/tools/pgproto/read.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/tools/pgproto/read.c b/src/tools/pgproto/read.c +index c7fb548..4efe641 100644 +--- a/src/tools/pgproto/read.c ++++ b/src/tools/pgproto/read.c +@@ -19,6 +19,7 @@ + #include "../../include/config.h" + #include "pgproto/pgproto.h" + #include <unistd.h> ++#include <sys/select.h> + #include <stdlib.h> + #include <stdio.h> + #include <string.h> +-- +2.34.1 diff --git a/meta-openembedded/meta-networking/recipes-support/pgpool2/pgpool2/pgpool.service b/meta-openembedded/meta-networking/recipes-support/pgpool2/pgpool2/pgpool.service new file mode 100644 index 0000000000..bf2d323639 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/pgpool2/pgpool2/pgpool.service @@ -0,0 +1,17 @@ +[Unit] +Description=Pgpool-II +After=syslog.target network.target + +[Service] + +User=postgres +Group=postgres + +EnvironmentFile=-/etc/sysconfig/pgpool + +ExecStart=/usr/bin/pgpool -f /etc/pgpool-II/pgpool.conf $OPTS +ExecStop=/usr/bin/pgpool -f /etc/pgpool-II/pgpool.conf $STOP_OPTS stop +ExecReload=/usr/bin/pgpool -f /etc/pgpool-II/pgpool.conf reload + +[Install] +WantedBy=multi-user.target diff --git a/meta-openembedded/meta-networking/recipes-support/pgpool2/pgpool2/pgpool.sysconfig b/meta-openembedded/meta-networking/recipes-support/pgpool2/pgpool2/pgpool.sysconfig new file mode 100644 index 0000000000..ea13089b7b --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/pgpool2/pgpool2/pgpool.sysconfig @@ -0,0 +1,7 @@ +# Options for pgpool + +# -n: don't run in daemon mode. does not detach control tty +# -d: debug mode. lots of debug information will be printed + +#OPTS=" -d -n" +OPTS=" -n" diff --git a/meta-openembedded/meta-networking/recipes-support/pgpool2/pgpool2_4.4.1.bb b/meta-openembedded/meta-networking/recipes-support/pgpool2/pgpool2_4.4.1.bb new file mode 100644 index 0000000000..efb563b81a --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-support/pgpool2/pgpool2_4.4.1.bb @@ -0,0 +1,53 @@ +SUMMARY = "a language independent connection pool server for PostgreSQL." + +DESCRIPTION = "Pgpool-II is a middleware that works between PostgreSQL \ + servers and a PostgreSQL database client. It is distributed \ + under a license similar to BSD and MIT. It provides the \ + following features." + +HOMEPAGE = "http://pgpool.net" + +LICENSE = "BSD-2-Clause" +LIC_FILES_CHKSUM = "file://COPYING;md5=e4b38de086d73e0521de0bbdbaa4a1a9" + +SRC_URI = "http://www.pgpool.net/mediawiki/images/pgpool-II-${PV}.tar.gz \ + file://0001-Fix-build-error-when-build-this-file.patch \ + file://0001-pgpool2-Fix-unknown-type-name-fd_set-error-with-musl.patch \ + file://pgpool.sysconfig \ + file://pgpool.service \ + " +SRC_URI[sha256sum] = "4b379bbba8e178128a1cee4a5bd1ae116dedb3da6121b728c18f0f54c881f328" + +S = "${WORKDIR}/pgpool-II-${PV}" + +inherit autotools systemd + +SYSTEMD_SERVICE:${PN} = "pgpool.service" + +PACKAGECONFIG ??= " openssl libmemcached postgresql \ +" +PACKAGECONFIG[pam] = "--with-pam,,libpam" +PACKAGECONFIG[openssl] = "--with-openssl,,openssl" +PACKAGECONFIG[libmemcached] = "--with-memcached=${STAGING_INCDIR}/libmemcachedutil-1.0,,libmemcached" +PACKAGECONFIG[postgresql] = "--with-pgsql-includedir=${STAGING_INCDIR}/postgresql,, postgresql" + +EXTRA_OECONF += "--disable-static \ + --disable-rpath \ + " +B = "${S}" +CFLAGS:append = " -fcommon " + +FILES:${PN} += "${datadir}/pgpool-II/ " + +do_configure:append() { + echo "#define HAVE_STRCHRNUL 1" >> ${S}/src/include/config.h + sed -i "s,#define USE_REPL_SNPRINTF 1,/* #undef USE_REPL_SNPRINTF*/,g" ${S}/src/include/config.h +} + +do_install:append() { + install -d ${D}${sysconfdir}/pgpool-II + install -D -m 0644 ${WORKDIR}/pgpool.sysconfig ${D}${sysconfdir}/pgpool-II/pgpool.conf + install -D -m 0644 ${S}/src/sample/pcp.conf.sample ${D}${sysconfdir}/pgpool-II/pcp.conf + install -D -m 0644 ${S}/src/sample/pool_hba.conf.sample ${D}${sysconfdir}/pgpool-II/pool_hba.conf + install -Dm 0644 ${WORKDIR}/pgpool.service ${D}${systemd_system_unitdir}/pgpool.service +} diff --git a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core_44.0.bb b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core_45.0.bb index f5b80c712e..ed1f7c94ae 100644 --- a/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core_44.0.bb +++ b/meta-openembedded/meta-networking/recipes-support/rdma-core/rdma-core_45.0.bb @@ -6,7 +6,7 @@ DEPENDS = "libnl" RDEPENDS:${PN} = "bash perl" SRC_URI = "git://github.com/linux-rdma/rdma-core.git;branch=master;protocol=https" -SRCREV = "91392a91eb41affee3bd75dc7d03eb86b4854aea" +SRCREV = "53ee89b4abb1463e7ae713103f552b2bef1307ce" S = "${WORKDIR}/git" #Default Dual License https://github.com/linux-rdma/rdma-core/blob/master/COPYING.md diff --git a/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.9.bb b/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.10.bb index a11cd5a6cc..9caa248fb2 100644 --- a/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.9.bb +++ b/meta-openembedded/meta-networking/recipes-support/strongswan/strongswan_5.9.10.bb @@ -8,10 +8,10 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" DEPENDS = "flex-native flex bison-native" DEPENDS:append = "${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', ' tpm2-tss', '', d)}" -SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2 \ - " +SRC_URI = "https://download.strongswan.org/strongswan-${PV}.tar.bz2 \ + " -SRC_URI[sha256sum] = "5e16580998834658c17cebfb31dd637e728669cf2fdd325460234a4643b8d81d" +SRC_URI[sha256sum] = "3b72789e243c9fa6f0a01ccaf4f83766eba96a5e5b1e071d36e997572cf34654" UPSTREAM_CHECK_REGEX = "strongswan-(?P<pver>\d+(\.\d+)+)\.tar" diff --git a/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.67.bb b/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.69.bb index db535e7356..8161529735 100644 --- a/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.67.bb +++ b/meta-openembedded/meta-networking/recipes-support/stunnel/stunnel_5.69.bb @@ -3,7 +3,7 @@ DESCRIPTION = "SSL encryption wrapper between remote client and local (inetd-sta HOMEPAGE = "https://www.stunnel.org/" SECTION = "net" LICENSE = "GPL-2.0-or-later" -LIC_FILES_CHKSUM = "file://COPYING.md;md5=d8a2866ad5ebf3a2d2ce27279472875a" +LIC_FILES_CHKSUM = "file://COPYING.md;md5=b4988f33f70b383b3011c4ede0a679ce" DEPENDS = "autoconf-archive libnsl2 openssl" @@ -11,7 +11,7 @@ SRC_URI = "https://stunnel.org/archive/5.x/${BP}.tar.gz \ file://fix-openssl-no-des.patch \ " -SRC_URI[sha256sum] = "3086939ee6407516c59b0ba3fbf555338f9d52f459bcab6337c0f00e91ea8456" +SRC_URI[sha256sum] = "1ff7d9f30884c75b98c8a0a4e1534fa79adcada2322635e6787337b4e38fdb81" inherit autotools bash-completion pkgconfig diff --git a/meta-openembedded/meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.2.bb b/meta-openembedded/meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.3.bb index 7d2a6a14d2..d461c8d3dc 100644 --- a/meta-openembedded/meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.2.bb +++ b/meta-openembedded/meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.3.bb @@ -11,7 +11,7 @@ SRC_URI = "https://github.com/appneta/tcpreplay/releases/download/v${PV}/tcprepl file://0001-libopts.m4-set-POSIX_SHELL-to-bin-sh.patch \ " -SRC_URI[sha256sum] = "5b272cd83b67d6288a234ea15f89ecd93b4fadda65eddc44e7b5fcb2f395b615" +SRC_URI[sha256sum] = "216331692e10c12d7f257945e777928d79bd091117f3e4ffb5b312eb2ca0bf7c" UPSTREAM_CHECK_URI = "https://github.com/appneta/tcpreplay/releases" diff --git a/meta-openembedded/meta-networking/recipes-support/traceroute/traceroute_2.1.1.bb b/meta-openembedded/meta-networking/recipes-support/traceroute/traceroute_2.1.2.bb index 3892a0e21a..51b581a4c6 100644 --- a/meta-openembedded/meta-networking/recipes-support/traceroute/traceroute_2.1.1.bb +++ b/meta-openembedded/meta-networking/recipes-support/traceroute/traceroute_2.1.2.bb @@ -17,7 +17,7 @@ UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/traceroute/files/tracerou SRC_URI = "${SOURCEFORGE_MIRROR}/traceroute/traceroute/${BP}/${BP}.tar.gz \ " -SRC_URI[sha256sum] = "8fc8d5046e855d7588607bb319f5b82e3ba13e91d5d4636863262e6386bbaf76" +SRC_URI[sha256sum] = "507c268f2977b4e218ce73e7ebed45ba0d970a8ca4995dd9cbb1ffe8e99b5b1f" EXTRA_OEMAKE = "VPATH=${STAGING_LIBDIR}" LTOEXTRA += "-flto-partition=none" |