openclaw/tqma6-yocto-mirror
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Complete Yocto mirror with license table for TQMa6UL (2038-compliance)

Browse Source 
- 264 license table entries with exact download URLs (224/264 resolved)
- Complete sources/ directory with all BitBake recipes
- Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl)
- Full traceability for Softwarefreigabeantrag
- GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4
- License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16)
This commit is contained in:
Siggi (OpenClaw Agent)
2026-03-01 20:58:18 +00:00
commit 16accb6b24
15086 changed files with 1292356 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
sources/meta-openembedded/meta-networking/recipes-protocols/babeld/babeld_1.13.1.bb Normal file
View File

@@ -0,0 +1,31 @@
SUMMARY = "Babel is a loop-avoiding distance-vector routing protocol"
DESCRIPTION = "\
Babel is a loop-avoiding distance-vector routing protocol for IPv6 and \
IPv4 with fast convergence properties. It is based on the ideas in DSDV, AODV \
and Cisco's EIGRP, but is designed to work well not only in wired networks \
but also in wireless mesh networks, and has been extended with support \
for overlay networks. Babel is in the process of becoming an IETF Standard. \
"
HOMEPAGE = "https://www.irif.fr/~jch/software/babel/"
SECTION = "net"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENCE;md5=411a48ac3c2e9e0911b8dd9aed26f754"
SRC_URI = "gitsm://github.com/jech/babeld.git;protocol=https;branch=master"
SRCREV = "3d61ea1e843e2c5f9706c74d1adad4e1d24d44b9"
UPSTREAM_CHECK_GITTAGREGEX = "babeld-(?P<pver>\d+(\.\d+)+)"
S = "${WORKDIR}/git"
EXTRA_OEMAKE += "CFLAGS='${CFLAGS}'"
do_compile () {
oe_runmake babeld
}
do_install () {
oe_runmake install.minimal TARGET=${D} PREFIX=${root_prefix}
}

50
sources/meta-openembedded/meta-networking/recipes-protocols/dante/dante_1.4.3.bb Normal file
View File

@@ -0,0 +1,50 @@
SECTION = "console/utils"
SUMMARY = "A free SOCKS server"
DESCRIPTION = "Dante consists of a SOCKS server and a SOCKS client,\
implementing RFC 1928 and related standards. It is a flexible product\
that can be used to provide convenient and secure network\
connectivity. Once installed, Dante can in most cases be made\
transparent to clients, providing functionality somewhat similar to\
what could be described as a non-transparent Layer 4 router."
HOMEPAGE = "http://www.inet.no/dante/"
LICENSE = "BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=edd508404db7339042dfc861a3a690ad"
SRC_URI = "https://www.inet.no/dante/files/dante-${PV}.tar.gz \
"
SRC_URI[sha256sum] = "418a065fe1a4b8ace8fbf77c2da269a98f376e7115902e76cda7e741e4846a5d"
# without --without-gssapi, config.log will contain reference to /usr/lib
# as a consequence of GSSAPI path being set to /usr by default.
# --with-gssapi-path=PATH specify gssapi path
# --without-gssapi disable gssapi support
# --enable-release build prerelease as full release
EXTRA_OECONF += "--without-gssapi --sbindir=${bindir}"
DEPENDS += "flex-native bison-native libpam libtirpc"
inherit autotools-brokensep features_check
CPPFLAGS += "-P"
CFLAGS += "-I${STAGING_INCDIR}/tirpc"
LIBS += "-ltirpc"
REQUIRED_DISTRO_FEATURES = "pam"
EXTRA_AUTORECONF = "-I ${S}"
PACKAGECONFIG[libwrap] = ",--disable-libwrap,tcp-wrappers,libwrap"
PACKAGECONFIG ??= ""
do_install:append() {
install -d ${D}${sysconfdir}
cp ${S}/example/sock[sd].conf ${D}${sysconfdir}
}
PACKAGES =+ "${PN}-sockd ${PN}-libdsocks "
FILES:${PN}-libdsocks = "${libdir}/libdsocks.so"
FILES:${PN}-sockd = "${bindir}/sockd ${sysconfdir}/sockd.conf"
INSANE_SKIP:${PN}-libdsocks = "dev-elf"

92
sources/meta-openembedded/meta-networking/recipes-protocols/freediameter/files/0001-tests-use-EXTENSIONS_DIR.patch Normal file
View File

@@ -0,0 +1,92 @@
From 935fcac46e2790e0e297ca855b8033895c1b8941 Mon Sep 17 00:00:00 2001
From: Mingli Yu <mingli.yu@windriver.com>
Date: Wed, 24 Aug 2022 13:45:32 +0800
Subject: [PATCH] tests: use EXTENSIONS_DIR
Use EXTENSIONS_DIR to replace BUILD_DIR as the BUILD_DIR is meanlingless
on target and also fix buildpaths issue.
Upstream-Status: Inappropriate [OE ptest specific]
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
---
tests/CMakeLists.txt | 1 +
tests/testloadext.c | 12 ++++++------
tests/testmesg_stress.c | 12 ++++++------
3 files changed, 13 insertions(+), 12 deletions(-)
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index 8b698ce..2c83cbb 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -37,6 +37,7 @@ SET(TEST_LIST
ADD_DEFINITIONS(-DTEST_DEBUG)
ADD_DEFINITIONS(-DBUILD_DIR="${CMAKE_BINARY_DIR}")
+ADD_DEFINITIONS(-DEXTENSIONS_DIR="${EXTENSIONS_DIR}")
INCLUDE_DIRECTORIES( "../libfdproto" )
INCLUDE_DIRECTORIES( "../libfdcore" )
diff --git a/tests/testloadext.c b/tests/testloadext.c
index 452737f..3fffef5 100644
--- a/tests/testloadext.c
+++ b/tests/testloadext.c
@@ -35,9 +35,9 @@
#include "tests.h"
-#ifndef BUILD_DIR
-#error "Missing BUILD_DIR information"
-#endif /* BUILD_DIR */
+#ifndef EXTENSIONS_DIR
+#error "Missing EXTENSIONS_DIR information"
+#endif /* EXTENSIONS_DIR */
#include <sys/types.h>
#include <dirent.h>
@@ -59,9 +59,9 @@ int main(int argc, char *argv[])
CHECK( 0, fd_rtdisp_init() );
/* Find all extensions which have been compiled along the test */
- TRACE_DEBUG(INFO, "Loading from: '%s'", BUILD_DIR "/extensions");
- CHECK( 0, (dir = opendir (BUILD_DIR "/extensions")) == NULL ? 1 : 0 );
- pathlen = snprintf(fullname, sizeof(fullname), BUILD_DIR "/extensions/");
+ TRACE_DEBUG(INFO, "Loading from: '%s'", EXTENSIONS_DIR);
+ CHECK( 0, (dir = opendir (EXTENSIONS_DIR)) == NULL ? 1 : 0 );
+ pathlen = snprintf(fullname, sizeof(fullname), EXTENSIONS_DIR "/");
while ((dp = readdir (dir)) != NULL) {
char * dot = strrchr(dp->d_name, '.');
diff --git a/tests/testmesg_stress.c b/tests/testmesg_stress.c
index 310a9d2..97dfe07 100644
--- a/tests/testmesg_stress.c
+++ b/tests/testmesg_stress.c
@@ -38,9 +38,9 @@
#include <libgen.h>
#include <dlfcn.h>
-#ifndef BUILD_DIR
-#error "Missing BUILD_DIR information"
-#endif /* BUILD_DIR */
+#ifndef EXTENSIONS_DIR
+#error "Missing EXTENSIONS_DIR information"
+#endif /* EXTENSIONS_DIR */
/* The number of times each operation is repeated to measure the average operation time */
@@ -73,9 +73,9 @@ static void load_all_extensions(char * prefix)
struct fd_list ext_with_depends = FD_LIST_INITIALIZER(ext_with_depends);
/* Find all extensions which have been compiled along the test */
- LOG_D("Loading %s*.fdx from: '%s'", BUILD_DIR "/extensions", prefix ?: "");
- CHECK( 0, (dir = opendir (BUILD_DIR "/extensions")) == NULL ? 1 : 0 );
- pathlen = snprintf(fullname, sizeof(fullname), BUILD_DIR "/extensions/");
+ LOG_D("Loading %s*.fdx from: '%s'", EXTENSIONS_DIR, prefix ?: "");
+ CHECK( 0, (dir = opendir (EXTENSIONS_DIR)) == NULL ? 1 : 0 );
+ pathlen = snprintf(fullname, sizeof(fullname), EXTENSIONS_DIR "/");
while ((dp = readdir (dir)) != NULL) {
char * dot = strrchr(dp->d_name, '.');
--
2.25.1

223
sources/meta-openembedded/meta-networking/recipes-protocols/freediameter/files/Replace-murmurhash-algorithm-with-Robert-Jenkin-s-ha.patch Normal file
View File

@@ -0,0 +1,223 @@
Replace murmurhash algorithm with Robert Jenkin's hash algorithm
Upstream-Status: Pending
From test result, murmurhash algorithm does not work in big endian
processor, so replace it with Robert Jenkin's hash which has worked
in linux kernel for many years and has more adaptability.
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
---
libfdproto/ostr.c | 192 +++++++++++++++++++++--------------------------------
1 file changed, 74 insertions(+), 118 deletions(-)
diff --git a/libfdproto/ostr.c b/libfdproto/ostr.c
index 8f29b48..ce1f4dd 100644
--- a/libfdproto/ostr.c
+++ b/libfdproto/ostr.c
@@ -430,128 +430,84 @@ after_proto:
/********************************************************************************************************/
-/* Hash function -- credits to Austin Appleby, thank you ^^ */
-/* See http://murmurhash.googlepages.com for more information on this function */
-
-/* the strings are NOT always aligned properly (ex: received in RADIUS message), so we use the aligned MurmurHash2 function as needed */
-#define _HASH_MIX(h,k,m) { k *= m; k ^= k >> r; k *= m; h *= m; h ^= k; }
-uint32_t fd_os_hash ( uint8_t * string, size_t len )
+/*
+ * Robert Jenkin's hash function.
+ * http://burtleburtle.net/bob/hash/evahash.html
+ * This is in the public domain.
+ */
+#define mix(a, b, c) \
+ do { \
+ a = a - b; a = a - c; a = a ^ (c >> 13); \
+ b = b - c; b = b - a; b = b ^ (a << 8); \
+ c = c - a; c = c - b; c = c ^ (b >> 13); \
+ a = a - b; a = a - c; a = a ^ (c >> 12); \
+ b = b - c; b = b - a; b = b ^ (a << 16); \
+ c = c - a; c = c - b; c = c ^ (b >> 5); \
+ a = a - b; a = a - c; a = a ^ (c >> 3); \
+ b = b - c; b = b - a; b = b ^ (a << 10); \
+ c = c - a; c = c - b; c = c ^ (b >> 15); \
+ } while (0)
+
+unsigned hash_rjenkins(const char *str, unsigned length)
{
- uint32_t hash = len;
- uint8_t * data = string;
-
- const unsigned int m = 0x5bd1e995;
- const int r = 24;
- int align = (long)string & 3;
-
- if (!align || (len < 4)) {
- /* In case data is aligned, MurmurHash2 function */
- while(len >= 4)
- {
- /* Mix 4 bytes at a time into the hash */
- uint32_t k = *(uint32_t *)data; /* We don't care about the byte order */
-
- _HASH_MIX(hash, k, m);
-
- data += 4;
- len -= 4;
- }
-
- /* Handle the last few bytes of the input */
- switch(len) {
- case 3: hash ^= data[2] << 16;
- case 2: hash ^= data[1] << 8;
- case 1: hash ^= data[0];
- hash *= m;
- }
-
- } else {
- /* Unaligned data, use alignment-safe slower version */
-
- /* Pre-load the temp registers */
- uint32_t t = 0, d = 0;
- switch(align)
- {
- case 1: t |= data[2] << 16;
- case 2: t |= data[1] << 8;
- case 3: t |= data[0];
- }
- t <<= (8 * align);
-
- data += 4-align;
- len -= 4-align;
-
- /* From this point, "data" can be read by chunks of 4 bytes */
-
- int sl = 8 * (4-align);
- int sr = 8 * align;
-
- /* Mix */
- while(len >= 4)
- {
- uint32_t k;
-
- d = *(unsigned int *)data;
- k = (t >> sr) | (d << sl);
-
- _HASH_MIX(hash, k, m);
-
- t = d;
-
- data += 4;
- len -= 4;
- }
-
- /* Handle leftover data in temp registers */
- d = 0;
- if(len >= align)
- {
- uint32_t k;
-
- switch(align)
- {
- case 3: d |= data[2] << 16;
- case 2: d |= data[1] << 8;
- case 1: d |= data[0];
- }
-
- k = (t >> sr) | (d << sl);
- _HASH_MIX(hash, k, m);
-
- data += align;
- len -= align;
-
- /* Handle tail bytes */
-
- switch(len)
- {
- case 3: hash ^= data[2] << 16;
- case 2: hash ^= data[1] << 8;
- case 1: hash ^= data[0];
- hash *= m;
- };
- }
- else
- {
- switch(len)
- {
- case 3: d |= data[2] << 16;
- case 2: d |= data[1] << 8;
- case 1: d |= data[0];
- case 0: hash ^= (t >> sr) | (d << sl);
- hash *= m;
- }
- }
-
+ const unsigned char *k = (const unsigned char *)str;
+ uint32_t a, b, c; /* the internal state */
+ uint32_t len; /* how many key bytes still need mixing */
+
+ /* Set up the internal state */
+ len = length;
+ a = 0x9e3779b9; /* the golden ratio; an arbitrary value */
+ b = a;
+ c = 0; /* variable initialization of internal state */
+
+ /* handle most of the key */
+ while (len >= 12) {
+ a = a + (k[0] + ((uint32_t)k[1] << 8) + ((uint32_t)k[2] << 16) +
+ ((uint32_t)k[3] << 24));
+ b = b + (k[4] + ((uint32_t)k[5] << 8) + ((uint32_t)k[6] << 16) +
+ ((uint32_t)k[7] << 24));
+ c = c + (k[8] + ((uint32_t)k[9] << 8) + ((uint32_t)k[10] << 16) +
+ ((uint32_t)k[11] << 24));
+ mix(a, b, c);
+ k = k + 12;
+ len = len - 12;
+ }
+ /* handle the last 11 bytes */
+ c = c + length;
+ switch (len) { /* all the case statements fall through */
+ case 11:
+ c = c + ((uint32_t)k[10] << 24);
+ case 10:
+ c = c + ((uint32_t)k[9] << 16);
+ case 9:
+ c = c + ((uint32_t)k[8] << 8);
+ /* the first byte of c is reserved for the length */
+ case 8:
+ b = b + ((uint32_t)k[7] << 24);
+ case 7:
+ b = b + ((uint32_t)k[6] << 16);
+ case 6:
+ b = b + ((uint32_t)k[5] << 8);
+ case 5:
+ b = b + k[4];
+ case 4:
+ a = a + ((uint32_t)k[3] << 24);
+ case 3:
+ a = a + ((uint32_t)k[2] << 16);
+ case 2:
+ a = a + ((uint32_t)k[1] << 8);
+ case 1:
+ a = a + k[0];
+ /* case 0: nothing left to add */
}
+ mix(a, b, c);
- /* Do a few final mixes of the hash to ensure the last few
- bytes are well-incorporated. */
- hash ^= hash >> 13;
- hash *= m;
- hash ^= hash >> 15;
+ return c;
+}
- return hash;
+uint32_t fd_os_hash ( uint8_t * string, size_t len )
+{
+ return hash_rjenkins(string, len);
}
--
1.7.10.4

250
sources/meta-openembedded/meta-networking/recipes-protocols/freediameter/files/freeDiameter.conf Normal file
View File

@@ -0,0 +1,250 @@
# This is a sample configuration file for freeDiameter daemon.
# Most of the options can be omitted, as they default to reasonable values.
# Only TLS-related options must be configured properly in usual setups.
# It is possible to use "include" keyword to import additional files
# e.g.: include "/etc/freeDiameter.d/*.conf"
# This is exactly equivalent as copy & paste the content of the included file(s)
# where the "include" keyword is found.
##############################################################
## Peer identity and realm
# The Diameter Identity of this daemon.
# This must be a valid FQDN that resolves to the local host.
# Default: hostname's FQDN
#Identity = "aaa.koganei.freediameter.net";
# The Diameter Realm of this daemon.
# Default: the domain part of Identity (after the first dot).
#Realm = "koganei.freediameter.net";
##############################################################
## Transport protocol configuration
# The port this peer is listening on for incoming connections (TCP and SCTP).
# Default: 3868. Use 0 to disable.
#Port = 3868;
# The port this peer is listening on for incoming TLS-protected connections (TCP and SCTP).
# See TLS_old_method for more information about TLS flavours.
# Note: we use TLS/SCTP instead of DTLS/SCTP at the moment. This will change in future version of freeDiameter.
# Default: 5868. Use 0 to disable.
#SecPort = 5868;
# Use RFC3588 method for TLS protection, where TLS is negociated after CER/CEA exchange is completed
# on the unsecure connection. The alternative is RFC6733 mechanism, where TLS protects also the
# CER/CEA exchange on a dedicated secure port.
# This parameter only affects outgoing connections.
# The setting can be also defined per-peer (see Peers configuration section).
# Default: use RFC6733 method with separate port for TLS.
#TLS_old_method;
# Disable use of TCP protocol (only listen and connect over SCTP)
# Default : TCP enabled
#No_TCP;
# Disable use of SCTP protocol (only listen and connect over TCP)
# Default : SCTP enabled
#No_SCTP;
# This option is ignored if freeDiameter is compiled with DISABLE_SCTP option.
# Prefer TCP instead of SCTP for establishing new connections.
# This setting may be overwritten per peer in peer configuration blocs.
# Default : SCTP is attempted first.
#Prefer_TCP;
# Default number of streams per SCTP associations.
# This setting may be overwritten per peer basis.
# Default : 30 streams
#SCTP_streams = 30;
##############################################################
## Endpoint configuration
# Disable use of IP addresses (only IPv6)
# Default : IP enabled
#No_IP;
# Disable use of IPv6 addresses (only IP)
# Default : IPv6 enabled
#No_IPv6;
# Specify local addresses the server must bind to
# Default : listen on all addresses available.
#ListenOn = "202.249.37.5";
#ListenOn = "2001:200:903:2::202:1";
#ListenOn = "fe80::21c:5ff:fe98:7d62%eth0";
##############################################################
## Server configuration
# How many Diameter peers are allowed to be connecting at the same time ?
# This parameter limits the number of incoming connections from the time
# the connection is accepted until the first CER is received.
# Default: 5 unidentified clients in paralel.
#ThreadsPerServer = 5;
##############################################################
## TLS Configuration
# TLS is managed by the GNUTLS library in the freeDiameter daemon.
# You may find more information about parameters and special behaviors
# in the relevant documentation.
# http://www.gnu.org/software/gnutls/manual/
# Credentials of the local peer
# The X509 certificate and private key file to use for the local peer.
# The files must contain PKCS-1 encoded RSA key, in PEM format.
# (These parameters are passed to gnutls_certificate_set_x509_key_file function)
# Default : NO DEFAULT
#TLS_Cred = "<x509 certif file.PEM>" , "<x509 private key file.PEM>";
#TLS_Cred = "/etc/ssl/certs/freeDiameter.pem", "/etc/ssl/private/freeDiameter.key";
# Certificate authority / trust anchors
# The file containing the list of trusted Certificate Authorities (PEM list)
# (This parameter is passed to gnutls_certificate_set_x509_trust_file function)
# The directive can appear several times to specify several files.
# Default : GNUTLS default behavior
#TLS_CA = "<file.PEM>";
# Certificate Revocation List file
# The information about revoked certificates.
# The file contains a list of trusted CRLs in PEM format. They should have been verified before.
# (This parameter is passed to gnutls_certificate_set_x509_crl_file function)
# Note: openssl CRL format might have interoperability issue with GNUTLS format.
# Default : GNUTLS default behavior
#TLS_CRL = "<file.PEM>";
# GNU TLS Priority string
# This string allows to configure the behavior of GNUTLS key exchanges
# algorithms. See gnutls_priority_init function documentation for information.
# You should also refer to the Diameter required TLS support here:
# http://tools.ietf.org/html/rfc6733#section-13.1
# Default : "NORMAL"
# Example: TLS_Prio = "NONE:+VERS-TLS1.1:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL";
#TLS_Prio = "NORMAL";
# Diffie-Hellman parameters size
# Set the number of bits for generated DH parameters
# Valid value should be 768, 1024, 2048, 3072 or 4096.
# (This parameter is passed to gnutls_dh_params_generate2 function,
# it usually should match RSA key size)
# Default : 1024
#TLS_DH_Bits = 1024;
# Alternatively, you can specify a file to load the PKCS#3 encoded
# DH parameters directly from. This accelerates the daemon start
# but is slightly less secure. If this file is provided, the
# TLS_DH_Bits parameters has no effect.
# Default : no default.
#TLS_DH_File = "<file.PEM>";
##############################################################
## Timers configuration
# The Tc timer of this peer.
# It is the delay before a new attempt is made to reconnect a disconnected peer.
# The value is expressed in seconds. The recommended value is 30 seconds.
# Default: 30
#TcTimer = 30;
# The Tw timer of this peer.
# It is the delay before a watchdog message is sent, as described in RFC 3539.
# The value is expressed in seconds. The default value is 30 seconds. Value must
# be greater or equal to 6 seconds. See details in the RFC.
# Default: 30
#TwTimer = 30;
##############################################################
## Applications configuration
# Disable the relaying of Diameter messages?
# For messages not handled locally, the default behavior is to forward the
# message to another peer if any is available, according to the routing
# algorithms. In addition the "0xffffff" application is advertised in CER/CEA
# exchanges.
# Default: Relaying is enabled.
#NoRelay;
# Number of server threads that can handle incoming messages at the same time.
# Default: 4
#AppServThreads = 4;
# Other applications are configured by loaded extensions.
##############################################################
## Extensions configuration
# The freeDiameter framework merely provides support for
# Diameter Base Protocol. The specific application behaviors,
# as well as advanced functions, are provided
# by loadable extensions (plug-ins).
# These extensions may in addition receive the name of a
# configuration file, the format of which is extension-specific.
#
# Format:
#LoadExtension = "/path/to/extension" [ : "/optional/configuration/file" ] ;
#
# Examples:
#LoadExtension = "extensions/sample.fdx";
#LoadExtension = "extensions/sample.fdx":"conf/sample.conf";
# Extensions are named as follow:
# dict_* for extensions that add content to the dictionary definitions.
# dbg_* for extensions useful only to retrieve more information on the framework execution.
# acl_* : Access control list, to control which peers are allowed to connect.
# rt_* : routing extensions that impact how messages are forwarded to other peers.
# app_* : applications, these extensions usually register callbacks to handle specific messages.
# test_* : dummy extensions that are useful only in testing environments.
# The dbg_msg_dump.fdx extension allows you to tweak the way freeDiameter displays some
# information about some events. This extension does not actually use a configuration file
# but receives directly a parameter in the string passed to the extension. Here are some examples:
## LoadExtension = "dbg_msg_dumps.fdx" : "0x1111"; # Removes all default hooks, very quiet even in case of errors.
## LoadExtension = "dbg_msg_dumps.fdx" : "0x2222"; # Display all events with few details.
## LoadExtension = "dbg_msg_dumps.fdx" : "0x0080"; # Dump complete information about sent and received messages.
# The four digits respectively control: connections, routing decisions, sent/received messages, errors.
# The values for each digit are:
# 0 - default - keep the default behavior
# 1 - quiet - remove any specific log
# 2 - compact - display only a summary of the information
# 4 - full - display the complete information on a single long line
# 8 - tree - display the complete information in an easier to read format spanning several lines.
##############################################################
## Peers configuration
# The local server listens for incoming connections. By default,
# all unknown connecting peers are rejected. Extensions can override this behavior (e.g., acl_wl).
#
# In addition to incoming connections, the local peer can
# be configured to establish and maintain connections to some
# Diameter nodes and allow connections from these nodes.
# This is achieved with the ConnectPeer directive described below.
#
# Note that the configured Diameter Identity MUST match
# the information received inside CEA, or the connection will be aborted.
#
# Format:
#ConnectPeer = "diameterid" [ { parameter1; parameter2; ...} ] ;
# Parameters that can be specified in the peer's parameter list:
# No_TCP; No_SCTP; No_IP; No_IPv6; Prefer_TCP; TLS_old_method;
# No_TLS; # assume transparent security instead of TLS. DTLS is not supported yet (will change in future versions).
# Port = 5868; # The port to connect to
# TcTimer = 30;
# TwTimer = 30;
# ConnectTo = "202.249.37.5";
# ConnectTo = "2001:200:903:2::202:1";
# TLS_Prio = "NORMAL";
# Realm = "realm.net"; # Reject the peer if it does not advertise this realm.
# Examples:
#ConnectPeer = "aaa.wide.ad.jp";
#ConnectPeer = "old.diameter.serv" { TcTimer = 60; TLS_old_method; No_SCTP; Port=3868; } ;
##############################################################

72
sources/meta-openembedded/meta-networking/recipes-protocols/freediameter/files/freediameter.init Executable file
View File

@@ -0,0 +1,72 @@
#!/bin/sh
#
### BEGIN INIT INFO
# Provides: freediameter
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Short-Description: Start freeDiameter daemon at boot time
# Description: Start the freeDiameter daemon at boot time.
# freeDiameter is an extensible implementation of the Diameter protocol,
# designed for Authentication, Authorization and Accounting. Diameter is
# an evolution of the RADIUS protocol.
### END INIT INFO#
DAEMON=/usr/bin/freeDiameterd
CONF=/etc/freeDiameter/freeDiameter.conf
NAME=freediameter
DESC="freeDiameter daemon"
. /etc/init.d/functions
start() {
[ -x $DAEMON ] || exit 5
echo -n $"Starting $DAEMON: "
start-stop-daemon -S -b -x ${DAEMON} && success || failure
retval=$?
echo ""
return $retval
}
stop() {
echo -n $"Stopping $prog: "
start-stop-daemon -K -x $DAEMON
retval=$?
echo ""
return $retval
}
restart() {
stop
sleep 3
start
}
rh_status() {
status $DAEMON
}
rh_status_q() {
rh_status > /dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
start
;;
stop)
rh_status_q || exit 0
stop
;;
restart)
restart
;;
status)
rh_status
;;
*)
echo $"Usage: $prog {start|stop|status|restart}"
exit 2
esac
exit $?

11
sources/meta-openembedded/meta-networking/recipes-protocols/freediameter/files/freediameter.service Normal file
View File

@@ -0,0 +1,11 @@
[Unit]
Description=freediameter daemon
After=network.target
[Service]
Type=simple
PIDFile=/run/freediameter.pid
ExecStart=@BINDIR@/freeDiameterd
[Install]
WantedBy=multi-user.target

22
sources/meta-openembedded/meta-networking/recipes-protocols/freediameter/files/install_test.patch Normal file
View File

@@ -0,0 +1,22 @@
CMakeLists: add an option to install tests
Upstream-Status: Inappropriate [OE ptest specific]
Original author: Yao Zhao <yao.zhao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index da8da1b..de04059 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -113,4 +113,9 @@ ENDFOREACH( TEST )
####
## INSTALL section ##
-# we do not install the tests
+# install the tests
+SET(INSTALL_TEST_SUFFIX /opt/${FD_PROJECT_NAME}-tests CACHE PATH "Directory where the test binary is installed.")
+
+INSTALL(TARGETS ${TEST_LIST}
+ RUNTIME DESTINATION ${INSTALL_TEST_SUFFIX}
+ COMPONENT freeDiameter-common)

14
sources/meta-openembedded/meta-networking/recipes-protocols/freediameter/files/run-ptest Normal file
View File

@@ -0,0 +1,14 @@
#!/bin/sh
if ! lsmod | grep -q sctp && ! modprobe sctp 2>/dev/null; then
echo "Couldn't load kernel module sctp."
echo "Test cases testsctp and testcnx will fail."
echo
fi
cmake -E cmake_echo_color --cyan "Running tests..."
if ctest --force-new-ctest-process ; then
echo "PASS: freediameter"
else
echo "FAIL: freediameter"
fi

141
sources/meta-openembedded/meta-networking/recipes-protocols/freediameter/freediameter_1.5.0.bb Normal file
View File

@@ -0,0 +1,141 @@
SUMMARY = "An open source implementation of the diameter protocol"
DESCRIPTION = "\
freeDiameter is an open source Diameter protocol implementation \
(RFC3588). It provides an extensible platform for deploying a \
Diameter network for your Authentication, Authorization and \
Accounting needs."
HOMEPAGE = "http://www.freediameter.net"
DEPENDS = "flex bison cmake-native libgcrypt gnutls libidn2 lksctp-tools virtual/kernel bison-native"
PACKAGE_ARCH = "${MACHINE_ARCH}"
fd_pkgname = "freeDiameter"
PV .= "+git"
SRCREV = "f9f1e464e6c675d222b3be4cab9c13408d544c83"
SRC_URI = "git://github.com/freeDiameter/freeDiameter;protocol=https;branch=master \
file://Replace-murmurhash-algorithm-with-Robert-Jenkin-s-ha.patch \
file://run-ptest \
file://freediameter.service \
file://freediameter.init \
file://freeDiameter.conf \
file://install_test.patch \
file://0001-tests-use-EXTENSIONS_DIR.patch \
"
S = "${WORKDIR}/git"
LICENSE = "BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=868c059b6147748b1d621e500feeac4f"
PTEST_PATH = "${libdir}/${fd_pkgname}/ptest"
inherit cmake pkgconfig update-rc.d ptest systemd
EXTRA_OECMAKE = " \
-DDEFAULT_CONF_PATH:PATH=${sysconfdir}/${fd_pkgname} \
-DBUILD_DBG_MONITOR:BOOL=ON \
-DBUILD_TEST_APP:BOOL=ON \
-DBUILD_TESTING:BOOL=ON \
-DBUILD_APP_RADGW:BOOL=ON \
-DBUILD_APP_REDIRECT:BOOL=ON \
-DBUILD_TEST_ACCT:BOOL=ON \
-DBUILD_TEST_NETEMUL:BOOL=ON \
-DBUILD_TEST_RT_ANY:BOOL=ON \
-DINSTALL_LIBRARY_SUFFIX:PATH=${baselib} \
-DINSTALL_EXTENSIONS_SUFFIX:PATH=${baselib}/${fd_pkgname} \
-DEXTENSIONS_DIR:PATH=${libdir}/${fd_pkgname} \
-DINSTALL_TEST_SUFFIX:PATH=${PTEST_PATH}-tests \
-DCMAKE_SKIP_RPATH:BOOL=ON \
"
# INSTALL_LIBRARY_SUFFIX is relative to CMAKE_INSTALL_PREFIX
# specify it on cmd line will fix the SET bug in CMakeList.txt
# -DBUILD_APP_ACCT:BOOL=ON This needs POSTGRESQL support
# -DBUILD_APP_DIAMEAP:BOOL=ON -DBUILD_APP_SIP:BOOL=ON -DBUILD_TEST_SIP:BOOL=ON
# These need MySQL support
# -DBUILD_DBG_INTERACTIVE:BOOL=ON This needs SWIG support
# -DALL_EXTENSIONS=ON will enable all
FD_KEY ?="${BPN}.key"
FD_PEM ?= "${BPN}.pem"
FD_CA ?= "${BPN}.pem"
FD_DH_PEM ?= "${BPN}-dh.pem"
FD_HOSTNAME ?= "${MACHINE}"
FD_REALM ?= "openembedded.org"
do_install:append() {
# install the sample configuration files
install -d -m 0755 ${D}${sysconfdir}/${fd_pkgname}
for i in ${S}/doc/*.conf.sample; do
install -m 0644 $i ${D}${sysconfdir}/${fd_pkgname}/
done
mv ${D}${sysconfdir}/${fd_pkgname}/freediameter.conf.sample \
${D}${sysconfdir}/${fd_pkgname}/freeDiameter.conf.sample
install -d ${D}${sysconfdir}/freeDiameter
install ${WORKDIR}/freeDiameter.conf ${D}${sysconfdir}/${fd_pkgname}/freeDiameter.conf
# install daemon init related files
install -d -m 0755 ${D}${sysconfdir}/default
install -d -m 0755 ${D}${sysconfdir}/init.d
install -m 0644 ${S}/contrib/debian/freediameter-daemon.default \
${D}${sysconfdir}/default/${BPN}
install -m 0755 ${WORKDIR}/freediameter.init ${D}${sysconfdir}/init.d/${BPN}
# install for systemd
install -d ${D}${systemd_system_unitdir}
install -m 0644 ${WORKDIR}/freediameter.service ${D}${systemd_system_unitdir}
sed -i -e 's,@BINDIR@,${bindir},g' ${D}${systemd_system_unitdir}/*.service
cat >> ${D}${sysconfdir}/freeDiameter/freeDiameter.conf <<EOF
## OE specific ##
#Identity="${FD_HOSTNAME}";
Identity = "${FD_HOSTNAME}.${FD_REALM}";
Realm = "${FD_REALM}";
Port = 30868;
SecPort = 30869;
TLS_Cred = "/etc/freeDiameter/${FD_PEM}" , "/etc/freeDiameter/${FD_KEY}";
TLS_CA = "/etc/freeDiameter/${FD_CA}";
TLS_DH_File = "/etc/freeDiameter/${FD_DH_PEM}";
EOF
# create self cert
openssl req -x509 -config ${STAGING_DIR_NATIVE}/etc/ssl/openssl.cnf -newkey rsa:4096 -sha256 -nodes -out ${D}${sysconfdir}/freeDiameter/${FD_PEM} -keyout ${D}${sysconfdir}/freeDiameter/${FD_KEY} -days 3650 -subj '/CN=${FD_HOSTNAME}.${FD_REALM}'
openssl dhparam -out ${D}${sysconfdir}/freeDiameter/${FD_DH_PEM} 1024
find ${B} \( -name "*.c" -o -name "*.h" \) -exec sed -i -e 's#${WORKDIR}##g' {} \;
}
do_install_ptest() {
mv ${D}${PTEST_PATH}-tests/* ${D}${PTEST_PATH}/
rmdir ${D}${PTEST_PATH}-tests
install -m 0644 ${B}/tests/CTestTestfile.cmake ${D}${PTEST_PATH}/
sed -i -e 's#${WORKDIR}##g' ${D}${PTEST_PATH}/CTestTestfile.cmake
sed -i "/^set_tests_properties/d" ${D}${PTEST_PATH}/CTestTestfile.cmake
}
FILES:${PN}-dbg += "${libdir}/${fd_pkgname}/.debug/*"
# include the extensions in main package
FILES:${PN} += "${libdir}/${fd_pkgname}/*"
RDEPENDS:${PN} = "glib-2.0 gnutls libidn"
RDEPENDS:${PN} += "openssl openssl-conf openssl-engines"
RRECOMMENDS:${PN} += "kernel-module-tipc kernel-module-sctp"
RRECOMMENDS:${PN} += "kernel-module-udp-tunnel kernel-module-ipip"
RDEPENDS:${PN}-ptest = "cmake"
INITSCRIPT_PACKAGES = "${PN}"
INITSCRIPT_NAME:${PN} = "${BPN}"
INITSCRIPT_PARAMS:${PN} = "start 30 . stop 70 0 1 2 3 4 5 6 ."
SYSTEMD_SERVICE:${PN} = "freediameter.service"
SYSTEMD_AUTO_ENABLE = "disable"
CONFFILES:${PN} = "${sysconfdir}/freediameter.conf"

34
sources/meta-openembedded/meta-networking/recipes-protocols/frr/frr/0001-zebra-Mimic-GNU-basename-API-for-non-glibc-library-e.patch Normal file
View File

@@ -0,0 +1,34 @@
From 49aeccbec4bf620bb594999bbd4a9de669a3984c Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 15 Mar 2024 14:34:06 -0700
Subject: [PATCH] zebra: Mimic GNU basename() API for non-glibc library e.g.
musl musl only provides POSIX version of basename and it has also removed
providing it via string.h header [1] which now results in compile errors with
newer compilers e.g. clang-18
[1] https://git.musl-libc.org/cgit/musl/commit/?id=725e17ed6dff4d0cd22487bb64470881e86a92e7
Upstream-Status: Submitted [https://github.com/FRRouting/frr/pull/15561/]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
zebra/zebra_netns_notify.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/zebra/zebra_netns_notify.c b/zebra/zebra_netns_notify.c
index 1bb1292e34..d55df2f62d 100644
--- a/zebra/zebra_netns_notify.c
+++ b/zebra/zebra_netns_notify.c
@@ -41,6 +41,10 @@
#define ZEBRA_NS_POLLING_INTERVAL_MSEC 1000
#define ZEBRA_NS_POLLING_MAX_RETRIES 200
+#if !defined(__GLIBC__)
+#define basename(src) (strrchr(src,'/') ? strrchr(src,'/')+1 : src)
+#endif
+
DEFINE_MTYPE_STATIC(ZEBRA, NETNS_MISC, "ZebraNetNSInfo");
static struct event *zebra_netns_notify_current;
--
2.44.0

130
sources/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2024-31948.patch Normal file
View File

@@ -0,0 +1,130 @@
From a11446687169c679b5e51b57f151a6f6c119656c Mon Sep 17 00:00:00 2001
From: Donatas Abraitis <donatas@opensourcerouting.org>
Date: Wed, 27 Mar 2024 18:42:56 +0200
Subject: [PATCH 1/2] bgpd: Fix error handling when receiving BGP Prefix SID
attribute
Without this patch, we always set the BGP Prefix SID attribute flag without
checking if it's malformed or not. RFC8669 says that this attribute MUST be discarded.
Also, this fixes the bgpd crash when a malformed Prefix SID attribute is received,
with malformed transitive flags and/or TLVs.
Reported-by: Iggy Frankovic <iggyfran@amazon.com>
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
CVE: CVE-2024-31948
Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/ba6a8f1a31e1a88df2de69ea46068e8bd9b97138]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
---
bgpd/bgp_attr.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
index 56e77eb3a..2639ff864 100644
--- a/bgpd/bgp_attr.c
+++ b/bgpd/bgp_attr.c
@@ -1390,6 +1390,7 @@ bgp_attr_malformed(struct bgp_attr_parser_args *args, uint8_t subcode,
case BGP_ATTR_AS4_AGGREGATOR:
case BGP_ATTR_AGGREGATOR:
case BGP_ATTR_ATOMIC_AGGREGATE:
+ case BGP_ATTR_PREFIX_SID:
return BGP_ATTR_PARSE_PROCEED;
/* Core attributes, particularly ones which may influence route
@@ -3144,8 +3145,6 @@ enum bgp_attr_parse_ret bgp_attr_prefix_sid(struct bgp_attr_parser_args *args)
struct attr *const attr = args->attr;
enum bgp_attr_parse_ret ret;
- attr->flag |= ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID);
-
uint8_t type;
uint16_t length;
size_t headersz = sizeof(type) + sizeof(length);
@@ -3195,6 +3194,8 @@ enum bgp_attr_parse_ret bgp_attr_prefix_sid(struct bgp_attr_parser_args *args)
}
}
+ SET_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_PREFIX_SID));
+
return BGP_ATTR_PARSE_PROCEED;
}
--
2.34.1
From 70555e1c0927b84f3aae9406379b00c976b2fa0c Mon Sep 17 00:00:00 2001
From: Donatas Abraitis <donatas@opensourcerouting.org>
Date: Wed, 27 Mar 2024 19:08:38 +0200
Subject: [PATCH 2/2] bgpd: Prevent from one more CVE triggering this place
If we receive an attribute that is handled by bgp_attr_malformed(), use
treat-as-withdraw behavior for unknown (or missing to add - if new) attributes.
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
CVE: CVE-2024-31948
Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/babb23b74855e23c987a63f8256d24e28c044d07]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
---
bgpd/bgp_attr.c | 33 ++++++++++++++++++++++-----------
1 file changed, 22 insertions(+), 11 deletions(-)
diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
index 2639ff864..797f05d60 100644
--- a/bgpd/bgp_attr.c
+++ b/bgpd/bgp_attr.c
@@ -1381,6 +1381,15 @@ bgp_attr_malformed(struct bgp_attr_parser_args *args, uint8_t subcode,
(args->startp - STREAM_DATA(BGP_INPUT(peer)))
+ args->total);
+ /* Partial optional attributes that are malformed should not cause
+ * the whole session to be reset. Instead treat it as a withdrawal
+ * of the routes, if possible.
+ */
+ if (CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS) &&
+ CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL) &&
+ CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL))
+ return BGP_ATTR_PARSE_WITHDRAW;
+
switch (args->type) {
/* where an attribute is relatively inconsequential, e.g. it does not
* affect route selection, and can be safely ignored, then any such
@@ -1418,19 +1427,21 @@ bgp_attr_malformed(struct bgp_attr_parser_args *args, uint8_t subcode,
BGP_NOTIFY_UPDATE_ERR, subcode,
notify_datap, length);
return BGP_ATTR_PARSE_ERROR;
+ default:
+ /* Unknown attributes, that are handled by this function
+ * should be treated as withdraw, to prevent one more CVE
+ * from being introduced.
+ * RFC 7606 says:
+ * The "treat-as-withdraw" approach is generally preferred
+ * and the "session reset" approach is discouraged.
+ */
+ flog_err(EC_BGP_ATTR_FLAG,
+ "%s(%u) attribute received, while it is not known how to handle it, treating as withdraw",
+ lookup_msg(attr_str, args->type, NULL), args->type);
+ break;
}
- /* Partial optional attributes that are malformed should not cause
- * the whole session to be reset. Instead treat it as a withdrawal
- * of the routes, if possible.
- */
- if (CHECK_FLAG(flags, BGP_ATTR_FLAG_TRANS)
- && CHECK_FLAG(flags, BGP_ATTR_FLAG_OPTIONAL)
- && CHECK_FLAG(flags, BGP_ATTR_FLAG_PARTIAL))
- return BGP_ATTR_PARSE_WITHDRAW;
-
- /* default to reset */
- return BGP_ATTR_PARSE_ERROR_NOTIFYPLS;
+ return BGP_ATTR_PARSE_WITHDRAW;
}
/* Find out what is wrong with the path attribute flag bits and log the error.
--
2.34.1

163
sources/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2024-31949.patch Normal file
View File

@@ -0,0 +1,163 @@
From 2779d7d7c4f465f8e117aa4c47982dd60d620bc9 Mon Sep 17 00:00:00 2001
From: Donatas Abraitis <donatas@opensourcerouting.org>
Date: Sat, 30 Mar 2024 15:35:18 +0200
Subject: [PATCH] bgpd: Fix errors handling for MP/GR capabilities as dynamic
capability
When receiving a MP/GR capability as dynamic capability, but malformed, do not
forget to advance the pointer to avoid hitting infinity loop.
After:
```
Mar 29 11:15:28 donatas-laptop bgpd[353550]: [GS0AQ-HKY0X] 127.0.0.1 rcv CAPABILITY
Mar 29 11:15:28 donatas-laptop bgpd[353550]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 5, length 0
Mar 29 11:15:28 donatas-laptop bgpd[353550]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 0, length 0
Mar 29 11:15:28 donatas-laptop bgpd[353550]: [HFHDS-QT71N][EC 33554494] 127.0.0.1(donatas-pc): unrecognized capability code: 0 - ignored
Mar 29 11:15:28 donatas-laptop bgpd[353550]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 0, code: 0, length 0
Mar 29 11:15:28 donatas-laptop bgpd[353550]: [HFHDS-QT71N][EC 33554494] 127.0.0.1(donatas-pc): unrecognized capability code: 0 - ignored
Mar 29 11:15:28 donatas-laptop bgpd[353550]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 0, code: 0, length 0
Mar 29 11:15:28 donatas-laptop bgpd[353550]: [HFHDS-QT71N][EC 33554494] 127.0.0.1(donatas-pc): unrecognized capability code: 0 - ignored
Mar 29 11:15:28 donatas-laptop bgpd[353550]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 0, code: 0, length 1
Mar 29 11:15:28 donatas-laptop bgpd[353550]: [HFHDS-QT71N][EC 33554494] 127.0.0.1(donatas-pc): unrecognized capability code: 0 - ignored
Mar 29 11:15:28 donatas-laptop bgpd[353550]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:15:28 donatas-laptop bgpd[353550]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
```
Before:
```
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [Z1DRQ-N6Z5F] 127.0.0.1(donatas-pc): Dynamic Capability MultiProtocol Extensions afi/safi invalid (bad-value/unicast)
Mar 29 11:14:54 donatas-laptop bgpd[347675]: [JTVED-VGTQQ] 127.0.0.1(donatas-pc): CAPABILITY has action: 1, code: 1, length 10
```
Reported-by: Iggy Frankovic <iggyfran@amazon.com>
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
CVE: CVE-2024-31949
Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/30a332dad86fafd2b0b6c61d23de59ed969a219b]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
---
bgpd/bgp_packet.c | 17 ++++++++++-------
1 file changed, 10 insertions(+), 7 deletions(-)
diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c
index cae82cbbb..50e5b54ab 100644
--- a/bgpd/bgp_packet.c
+++ b/bgpd/bgp_packet.c
@@ -3121,6 +3121,7 @@ static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
zlog_err("%pBP: Capability length error", peer);
bgp_notify_send(peer->connection, BGP_NOTIFY_CEASE,
BGP_NOTIFY_SUBCODE_UNSPECIFIC);
+ pnt += length;
return BGP_Stop;
}
action = *pnt;
@@ -3133,7 +3134,7 @@ static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
action);
bgp_notify_send(peer->connection, BGP_NOTIFY_CEASE,
BGP_NOTIFY_SUBCODE_UNSPECIFIC);
- return BGP_Stop;
+ goto done;
}
if (bgp_debug_neighbor_events(peer))
@@ -3145,12 +3146,13 @@ static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
zlog_err("%pBP: Capability length error", peer);
bgp_notify_send(peer->connection, BGP_NOTIFY_CEASE,
BGP_NOTIFY_SUBCODE_UNSPECIFIC);
+ pnt += length;
return BGP_Stop;
}
/* Ignore capability when override-capability is set. */
if (CHECK_FLAG(peer->flags, PEER_FLAG_OVERRIDE_CAPABILITY))
- continue;
+ goto done;
capability = lookup_msg(capcode_str, hdr->code, "Unknown");
@@ -3165,7 +3167,7 @@ static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
peer, capability,
sizeof(struct capability_mp_data),
hdr->length);
- return BGP_Stop;
+ goto done;
}
memcpy(&mpc, pnt + 3, sizeof(struct capability_mp_data));
@@ -3180,7 +3182,7 @@ static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
peer, capability,
iana_afi2str(pkt_afi),
iana_safi2str(pkt_safi));
- continue;
+ goto done;
}
/* Address family check. */
@@ -3207,7 +3209,7 @@ static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
if (peer_active_nego(peer))
bgp_clear_route(peer, afi, safi);
else
- return BGP_Stop;
+ goto done;
}
break;
case CAPABILITY_CODE_RESTART:
@@ -3217,7 +3219,7 @@ static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
bgp_notify_send(peer->connection,
BGP_NOTIFY_CEASE,
BGP_NOTIFY_SUBCODE_UNSPECIFIC);
- return BGP_Stop;
+ goto done;
}
bgp_dynamic_capability_graceful_restart(pnt, action,
@@ -3243,7 +3245,7 @@ static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
bgp_notify_send(peer->connection,
BGP_NOTIFY_CEASE,
BGP_NOTIFY_SUBCODE_UNSPECIFIC);
- return BGP_Stop;
+ goto done;
}
uint8_t role;
@@ -3265,6 +3267,7 @@ static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
break;
}
+done:
pnt += hdr->length + 3;
}
--
2.34.1

68
sources/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2024-31950.patch Normal file
View File

@@ -0,0 +1,68 @@
From f69d1313b19047d3d83fc2b36a518355b861dfc4 Mon Sep 17 00:00:00 2001
From: Olivier Dugeon <olivier.dugeon@orange.com>
Date: Wed, 3 Apr 2024 16:28:23 +0200
Subject: [PATCH] ospfd: Solved crash in RI parsing with OSPF TE
Iggy Frankovic discovered another ospfd crash when performing fuzzing of OSPF
LSA packets. The crash occurs in ospf_te_parse_ri() function when attemping to
read Segment Routing subTLVs. The original code doesn't check if the size of
the SR subTLVs have the correct length. In presence of erronous LSA, this will
cause a buffer overflow and ospfd crash.
This patch introduces new verification of the subTLVs size for Router
Information TLV.
Co-authored-by: Iggy Frankovic <iggyfran@amazon.com>
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
CVE: CVE-2024-31950
Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/f69d1313b19047d3d83fc2b36a518355b861dfc4]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
---
ospfd/ospf_te.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/ospfd/ospf_te.c b/ospfd/ospf_te.c
index 359dc1f5d4b8..091669d8ed36 100644
--- a/ospfd/ospf_te.c
+++ b/ospfd/ospf_te.c
@@ -2456,6 +2456,9 @@ static int ospf_te_parse_ri(struct ls_ted *ted, struct ospf_lsa *lsa)
switch (ntohs(tlvh->type)) {
case RI_SR_TLV_SR_ALGORITHM:
+ if (TLV_BODY_SIZE(tlvh) < 1 ||
+ TLV_BODY_SIZE(tlvh) > ALGORITHM_COUNT)
+ break;
algo = (struct ri_sr_tlv_sr_algorithm *)tlvh;
for (int i = 0; i < ntohs(algo->header.length); i++) {
@@ -2480,6 +2483,8 @@ static int ospf_te_parse_ri(struct ls_ted *ted, struct ospf_lsa *lsa)
break;
case RI_SR_TLV_SRGB_LABEL_RANGE:
+ if (TLV_BODY_SIZE(tlvh) != RI_SR_TLV_LABEL_RANGE_SIZE)
+ break;
range = (struct ri_sr_tlv_sid_label_range *)tlvh;
size = GET_RANGE_SIZE(ntohl(range->size));
lower = GET_LABEL(ntohl(range->lower.value));
@@ -2497,6 +2502,8 @@ static int ospf_te_parse_ri(struct ls_ted *ted, struct ospf_lsa *lsa)
break;
case RI_SR_TLV_SRLB_LABEL_RANGE:
+ if (TLV_BODY_SIZE(tlvh) != RI_SR_TLV_LABEL_RANGE_SIZE)
+ break;
range = (struct ri_sr_tlv_sid_label_range *)tlvh;
size = GET_RANGE_SIZE(ntohl(range->size));
lower = GET_LABEL(ntohl(range->lower.value));
@@ -2514,6 +2521,8 @@ static int ospf_te_parse_ri(struct ls_ted *ted, struct ospf_lsa *lsa)
break;
case RI_SR_TLV_NODE_MSD:
+ if (TLV_BODY_SIZE(tlvh) < RI_SR_TLV_NODE_MSD_SIZE)
+ break;
msd = (struct ri_sr_tlv_node_msd *)tlvh;
if ((CHECK_FLAG(node->flags, LS_NODE_MSD))
&& (node->msd == msd->value))
--
2.34.1

110
sources/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2024-31951.patch Normal file
View File

@@ -0,0 +1,110 @@
From 5557a289acdaeec8cc63ffc97b5c2abf6dee7b3a Mon Sep 17 00:00:00 2001
From: Olivier Dugeon <olivier.dugeon@orange.com>
Date: Fri, 5 Apr 2024 12:57:11 +0200
Subject: [PATCH] ospfd: Correct Opaque LSA Extended parser
Iggy Frankovic discovered another ospfd crash when performing fuzzing of OSPF
LSA packets. The crash occurs in ospf_te_parse_ext_link() function when
attemping to read Segment Routing Adjacency SID subTLVs. The original code
doesn't check if the size of the Extended Link TLVs and subTLVs have the correct
length. In presence of erronous LSA, this will cause a buffer overflow and ospfd
crashes.
This patch introduces new verification of the subTLVs size for Extended Link
TLVs and subTLVs. Similar check has been also introduced for the Extended
Prefix TLV.
Co-authored-by: Iggy Frankovic <iggyfran@amazon.com>
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
CVE: CVE-2024-31951
Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/5557a289acdaeec8cc63ffc97b5c2abf6dee7b3a]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
---
ospfd/ospf_te.c | 35 +++++++++++++++++++++++++++++++++--
1 file changed, 33 insertions(+), 2 deletions(-)
diff --git a/ospfd/ospf_te.c b/ospfd/ospf_te.c
index 091669d8ed36..e68f9444f512 100644
--- a/ospfd/ospf_te.c
+++ b/ospfd/ospf_te.c
@@ -2620,6 +2620,7 @@ static int ospf_te_parse_ext_pref(struct ls_ted *ted, struct ospf_lsa *lsa)
struct ext_tlv_prefix *ext;
struct ext_subtlv_prefix_sid *pref_sid;
uint32_t label;
+ uint16_t len, size;
/* Get corresponding Subnet from Link State Data Base */
ext = (struct ext_tlv_prefix *)TLV_HDR_TOP(lsa->data);
@@ -2641,6 +2642,18 @@ static int ospf_te_parse_ext_pref(struct ls_ted *ted, struct ospf_lsa *lsa)
ote_debug(" |- Process Extended Prefix LSA %pI4 for subnet %pFX",
&lsa->data->id, &pref);
+ /*
+ * Check Extended Prefix TLV size against LSA size
+ * as only one TLV is allowed per LSA
+ */
+ len = TLV_BODY_SIZE(&ext->header);
+ size = lsa->size - (OSPF_LSA_HEADER_SIZE + TLV_HDR_SIZE);
+ if (len != size || len <= 0) {
+ ote_debug(" |- Wrong TLV size: %u instead of %u",
+ (uint32_t)len, (uint32_t)size);
+ return -1;
+ }
+
/* Initialize TLV browsing */
ls_pref = subnet->ls_pref;
pref_sid = (struct ext_subtlv_prefix_sid *)((char *)(ext) + TLV_HDR_SIZE
@@ -2751,8 +2764,20 @@ static int ospf_te_parse_ext_link(struct ls_ted *ted, struct ospf_lsa *lsa)
ote_debug(" |- Process Extended Link LSA %pI4 for edge %pI4",
&lsa->data->id, &edge->attributes->standard.local);
- /* Initialize TLV browsing */
- len = TLV_BODY_SIZE(&ext->header) - EXT_TLV_LINK_SIZE;
+ /*
+ * Check Extended Link TLV size against LSA size
+ * as only one TLV is allowed per LSA
+ */
+ len = TLV_BODY_SIZE(&ext->header);
+ i = lsa->size - (OSPF_LSA_HEADER_SIZE + TLV_HDR_SIZE);
+ if (len != i || len <= 0) {
+ ote_debug(" |- Wrong TLV size: %u instead of %u",
+ (uint32_t)len, (uint32_t)i);
+ return -1;
+ }
+
+ /* Initialize subTLVs browsing */
+ len -= EXT_TLV_LINK_SIZE;
tlvh = (struct tlv_header *)((char *)(ext) + TLV_HDR_SIZE
+ EXT_TLV_LINK_SIZE);
for (; sum < len; tlvh = TLV_HDR_NEXT(tlvh)) {
@@ -2762,6 +2787,8 @@ static int ospf_te_parse_ext_link(struct ls_ted *ted, struct ospf_lsa *lsa)
switch (ntohs(tlvh->type)) {
case EXT_SUBTLV_ADJ_SID:
+ if (TLV_BODY_SIZE(tlvh) != EXT_SUBTLV_ADJ_SID_SIZE)
+ break;
adj = (struct ext_subtlv_adj_sid *)tlvh;
label = CHECK_FLAG(adj->flags,
EXT_SUBTLV_LINK_ADJ_SID_VFLG)
@@ -2788,6 +2815,8 @@ static int ospf_te_parse_ext_link(struct ls_ted *ted, struct ospf_lsa *lsa)
break;
case EXT_SUBTLV_LAN_ADJ_SID:
+ if (TLV_BODY_SIZE(tlvh) != EXT_SUBTLV_LAN_ADJ_SID_SIZE)
+ break;
ladj = (struct ext_subtlv_lan_adj_sid *)tlvh;
label = CHECK_FLAG(ladj->flags,
EXT_SUBTLV_LINK_ADJ_SID_VFLG)
@@ -2817,6 +2846,8 @@ static int ospf_te_parse_ext_link(struct ls_ted *ted, struct ospf_lsa *lsa)
break;
case EXT_SUBTLV_RMT_ITF_ADDR:
+ if (TLV_BODY_SIZE(tlvh) != EXT_SUBTLV_RMT_ITF_ADDR_SIZE)
+ break;
rmt = (struct ext_subtlv_rmt_itf_addr *)tlvh;
if (CHECK_FLAG(atr->flags, LS_ATTR_NEIGH_ADDR)
&& IPV4_ADDR_SAME(&atr->standard.remote,
--
2.34.1

83
sources/meta-openembedded/meta-networking/recipes-protocols/frr/frr/CVE-2024-34088.patch Normal file
View File

@@ -0,0 +1,83 @@
From 8c177d69e32b91b45bda5fc5da6511fa03dc11ca Mon Sep 17 00:00:00 2001
From: Olivier Dugeon <olivier.dugeon@orange.com>
Date: Tue, 16 Apr 2024 16:42:06 +0200
Subject: [PATCH] ospfd: protect call to get_edge() in ospf_te.c
During fuzzing, Iggy Frankovic discovered that get_edge() function in ospf_te.c
could return null pointer, in particular when the link_id or advertised router
IP addresses are fuzzed. As the null pointer returned by get_edge() function is
not handlei by calling functions, this could cause ospfd crash.
This patch introduces new verification of returned pointer by get_edge()
function and stop the processing in case of null pointer. In addition, link ID
and advertiser router ID are validated before calling ls_find_edge_by_key() to
avoid the creation of a new edge with an invalid key.
CVE-2024-34088
Co-authored-by: Iggy Frankovic <iggyfran@amazon.com>
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
CVE: CVE-2024-34088
Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/8c177d69e32b91b45bda5fc5da6511fa03dc11ca]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
---
ospfd/ospf_te.c | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/ospfd/ospf_te.c b/ospfd/ospf_te.c
index e68f9444f512..d57990e1a174 100644
--- a/ospfd/ospf_te.c
+++ b/ospfd/ospf_te.c
@@ -1670,6 +1670,11 @@ static struct ls_edge *get_edge(struct ls_ted *ted, struct ls_node_id adv,
struct ls_edge *edge;
struct ls_attributes *attr;
+ /* Check that Link ID and Node ID are valid */
+ if (IPV4_NET0(link_id.s_addr) || IPV4_NET0(adv.id.ip.addr.s_addr) ||
+ adv.origin != OSPFv2)
+ return NULL;
+
/* Search Edge that corresponds to the Link ID */
key.family = AF_INET;
IPV4_ADDR_COPY(&key.k.addr, &link_id);
@@ -1743,6 +1748,10 @@ static void ospf_te_update_link(struct ls_ted *ted, struct ls_vertex *vertex,
/* Get Corresponding Edge from Link State Data Base */
edge = get_edge(ted, vertex->node->adv, link_data);
+ if (!edge) {
+ ote_debug(" |- Found no edge from Link Data. Abort!");
+ return;
+ }
attr = edge->attributes;
/* re-attached edge to vertex if needed */
@@ -2246,11 +2255,11 @@ static int ospf_te_parse_te(struct ls_ted *ted, struct ospf_lsa *lsa)
}
/* Get corresponding Edge from Link State Data Base */
- if (IPV4_NET0(attr.standard.local.s_addr) && !attr.standard.local_id) {
- ote_debug(" |- Found no TE Link local address/ID. Abort!");
+ edge = get_edge(ted, attr.adv, attr.standard.local);
+ if (!edge) {
+ ote_debug(" |- Found no edge from Link local add./ID. Abort!");
return -1;
}
- edge = get_edge(ted, attr.adv, attr.standard.local);
old = edge->attributes;
ote_debug(" |- Process Traffic Engineering LSA %pI4 for Edge %pI4",
@@ -2759,6 +2768,10 @@ static int ospf_te_parse_ext_link(struct ls_ted *ted, struct ospf_lsa *lsa)
lnid.id.ip.area_id = lsa->area->area_id;
ext = (struct ext_tlv_link *)TLV_HDR_TOP(lsa->data);
edge = get_edge(ted, lnid, ext->link_data);
+ if (!edge) {
+ ote_debug(" |- Found no edge from Extended Link Data. Abort!");
+ return -1;
+ }
atr = edge->attributes;
ote_debug(" |- Process Extended Link LSA %pI4 for edge %pI4",
--
2.34.1

14
sources/meta-openembedded/meta-networking/recipes-protocols/frr/frr/frr.pam Normal file
View File

@@ -0,0 +1,14 @@
#
# The PAM configuration file for the frr `vtysh' service
#
# This allows root to change user infomation without being
# prompted for a password
auth sufficient pam_rootok.so
account sufficient pam_rootok.so
# The standard Unix authentication modules, used with
# NIS (man nsswitch) as well as normal /etc/passwd and
# /etc/shadow entries.
auth include common-auth

141
sources/meta-openembedded/meta-networking/recipes-protocols/frr/frr_9.1.bb Normal file
View File

@@ -0,0 +1,141 @@
SUMMARY = "BGP/OSPF/RIP routing daemon"
DESCRIPTION = "FRRouting is a free and open source Internet routing protocol suite for Linux \
and Unix platforms. It implements BGP, OSPF, RIP, IS-IS, PIM, LDP, BFD, Babel, PBR, OpenFabric \
and VRRP, with alpha support for EIGRP and NHRP."
HOMEPAGE = "https://frrouting.org/"
SECTION = "net"
LICENSE = "GPL-2.0-only & LGPL-2.1-only"
LIC_FILES_CHKSUM = "file://doc/licenses/GPL-2.0;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
file://doc/licenses/LGPL-2.1;md5=4fbd65380cdd255951079008b364516c"
SRC_URI = "git://github.com/FRRouting/frr.git;protocol=https;branch=stable/9.1 \
file://frr.pam \
file://0001-zebra-Mimic-GNU-basename-API-for-non-glibc-library-e.patch \
file://CVE-2024-34088.patch \
file://CVE-2024-31950.patch \
file://CVE-2024-31951.patch \
file://CVE-2024-31948.patch \
file://CVE-2024-31949.patch \
"
SRCREV = "ca2d6f0f1e000951224a18973cc1827f7f5215b5"
UPSTREAM_CHECK_GITTAGREGEX = "frr-(?P<pver>\d+(\.\d+)+)$"
CVE_PRODUCT = "frrouting"
S = "${WORKDIR}/git"
inherit autotools-brokensep python3native pkgconfig useradd systemd
DEPENDS:class-native = "bison-native elfutils-native"
DEPENDS:class-target = "bison-native json-c readline c-ares libyang frr-native protobuf-c-native protobuf-c"
RDEPENDS:${PN}:class-target = "iproute2 python3-core bash"
PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}"
PACKAGECONFIG:class-native = ""
PACKAGECONFIG[fpm] = "--enable-fpm,--disable-fpm"
PACKAGECONFIG[pam] = "--with-libpam,--without-libpam,libpam"
PACKAGECONFIG[grpc] = "--enable-grpc,--disable-grpc,grpc-native grpc"
PACKAGECONFIG[snmp] = "--enable-snmp,--disable-snmp,net-snmp"
PACKAGECONFIG[zeromq] = "--enable-zeromq,--disable-zeromq,zeromq"
PACKAGECONFIG[protobuf] = "--enable-protobuf,--disable-protobuf,protobuf-c-native protobuf-c"
PACKAGECONFIG[capabilities] = "--enable-capabilities,--disable-capabilities,libcap"
PACKAGECONFIG[cumulus] = "--enable-cumulus,--disable-cumulus"
PACKAGECONFIG[datacenter] = "--enable-datacenter,--disable-datacenter"
PACKAGECONFIG[ospfclient] = "--enable-ospfapi --enable-ospfclient,--disable-ospfapi --disable-ospfclient"
EXTRA_OECONF:class-native = "--enable-clippy-only"
EXTRA_OECONF:class-target = "--sbindir=${libexecdir}/frr \
--sysconfdir=${sysconfdir}/frr \
--localstatedir=${localstatedir}/run/frr \
--enable-vtysh \
--enable-multipath=64 \
--enable-user=frr \
--enable-group=frr \
--enable-vty-group=frrvty \
--enable-configfile-mask=0640 \
--enable-logfile-mask=0640 \
--disable-doc \
--with-clippy=${RECIPE_SYSROOT_NATIVE}/usr/lib/clippy \
"
CACHED_CONFIGUREVARS += "ac_cv_path_PERL='/usr/bin/env perl'"
# https://github.com/FRRouting/frr/issues/14469
DEBUG_PREFIX_MAP:remove = "-fcanon-prefix-map"
LDFLAGS:append:mips = " -latomic"
LDFLAGS:append:mipsel = " -latomic"
LDFLAGS:append:powerpc = " -latomic"
LDFLAGS:append:riscv32 = " -latomic"
SYSTEMD_PACKAGES = "${PN}"
SYSTEMD_SERVICE:${PN} = "frr.service"
SYSTEMD_AUTO_ENABLE = "disable"
inherit update-alternatives multilib_script multilib_header
ALTERNATIVE_PRIORITY = "100"
ALTERNATIVE:${PN} = " ietf-interfaces "
ALTERNATIVE_LINK_NAME[ietf-interfaces] = "${datadir}/yang/ietf-interfaces.yang"
do_compile:prepend () {
sed -i -e 's#${RECIPE_SYSROOT_NATIVE}##g' \
-e 's#${RECIPE_SYSROOT}##g' ${S}/lib/version.h
}
do_compile:class-native () {
oe_runmake clippy-only
}
do_install:class-native () {
install -d ${D}${libdir}
install -m 755 ${S}/lib/clippy ${D}${libdir}/clippy
}
do_install:append:class-target () {
install -m 0755 -d ${D}${sysconfdir}/frr
install -m 0755 -d ${D}${libexecdir}/frr
install -m 0640 ${S}/tools/etc/frr/* ${D}${sysconfdir}/frr/
chown frr:frrvty ${D}${sysconfdir}/frr
chown frr:frr ${D}${sysconfdir}/frr/*
chown frr:frrvty ${D}${sysconfdir}/frr/vtysh.conf
chmod 640 ${D}${sysconfdir}/frr/*
if ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'true', 'false', d)}; then
install -d ${D}/${sysconfdir}/pam.d
install -m 644 ${WORKDIR}/frr.pam ${D}/${sysconfdir}/pam.d/frr
fi
if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then
install -d ${D}${sysconfdir}/init.d
install -m 0755 ${B}/tools/frrinit.sh ${D}${sysconfdir}/init.d/frr
install -d ${D}${sysconfdir}/default/volatiles
echo "d frr frr 0755 ${localstatedir}/run/frr none" \
> ${D}${sysconfdir}/default/volatiles/99_frr
fi
if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
install -d ${D}${systemd_system_unitdir}
install -m 0644 ${B}/tools/frr*.service ${D}${systemd_system_unitdir}
install -d ${D}${sysconfdir}/tmpfiles.d
echo "d /run/frr 0755 frr frr -" \
> ${D}${sysconfdir}/tmpfiles.d/${BPN}.conf
fi
oe_multilib_header frr/version.h
}
USERADD_PACKAGES = "${PN}"
GROUPADD_PARAM:${PN} = "--system frr ; --system frrvty"
USERADD_PARAM:${PN} = "--system --home ${localstatedir}/run/frr/ -M -g frr -G frrvty --shell /bin/false frr"
FILES:${PN} += "${datadir}/yang"
BBCLASSEXTEND = "native"

58
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0001-Create-subroutine-for-cleaning-recent-interfaces.patch Normal file
View File

@@ -0,0 +1,58 @@
From c1f3e19d3cb0aa948248616eb1684a1e80aa39b4 Mon Sep 17 00:00:00 2001
From: Nate Karstens <nate.karstens@garmin.com>
Date: Wed, 28 Jun 2017 17:30:00 -0500
Subject: [PATCH 1/8] Create subroutine for cleaning recent interfaces
Moves functionality for cleaning the list of recent
interfaces into its own subroutine.
Upstream-Status: Submitted [dts@apple.com]
Signed-off-by: Nate Karstens <nate.karstens@garmin.com>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
mDNSPosix/mDNSPosix.c | 24 ++++++++++++++----------
1 file changed, 14 insertions(+), 10 deletions(-)
Index: mDNSResponder/mDNSPosix/mDNSPosix.c
===================================================================
--- mDNSResponder.orig/mDNSPosix/mDNSPosix.c
+++ mDNSResponder/mDNSPosix/mDNSPosix.c
@@ -1322,6 +1322,19 @@ mDNSlocal int SetupSocket(struct sockadd
return err;
}
+// Clean up any interfaces that have been hanging around on the RecentInterfaces list for more than a minute
+mDNSlocal void CleanRecentInterfaces(void)
+{
+ PosixNetworkInterface **ri = &gRecentInterfaces;
+ const mDNSs32 utc = mDNSPlatformUTC();
+ while (*ri)
+ {
+ PosixNetworkInterface *pi = *ri;
+ if (utc - pi->LastSeen < 60) ri = (PosixNetworkInterface **)&pi->coreIntf.next;
+ else { *ri = (PosixNetworkInterface *)pi->coreIntf.next; mdns_free(pi); }
+ }
+}
+
// Creates a PosixNetworkInterface for the interface whose IP address is
// intfAddr and whose name is intfName and registers it with mDNS core.
mDNSlocal int SetupOneInterface(mDNS *const m, struct sockaddr *intfAddr, struct sockaddr *intfMask,
@@ -1559,16 +1572,7 @@ mDNSlocal int SetupInterfaceList(mDNS *c
// Clean up.
if (intfList != NULL) freeifaddrs(intfList);
-
- // Clean up any interfaces that have been hanging around on the RecentInterfaces list for more than a minute
- PosixNetworkInterface **ri = &gRecentInterfaces;
- const mDNSs32 utc = mDNSPlatformUTC();
- while (*ri)
- {
- PosixNetworkInterface *pi = *ri;
- if (utc - pi->LastSeen < 60) ri = (PosixNetworkInterface **)&pi->coreIntf.next;
- else { *ri = (PosixNetworkInterface *)pi->coreIntf.next; mdns_free(pi); }
- }
+ CleanRecentInterfaces();
return err;
}

30
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0001-Fix-SIGSEGV-during-DumpStateLog.patch Normal file
View File

@@ -0,0 +1,30 @@
From 14cc53bb09a3d8adf301f3842c765598467e63e1 Mon Sep 17 00:00:00 2001
From: Alex Kiernan <alex.kiernan@gmail.com>
Date: Thu, 1 Feb 2024 14:07:03 +0000
Subject: [PATCH] Fix SIGSEGV during DumpStateLog()
DumpStateLog() calls LogMsgWithLevelv() with category == NULL, avoid
crashing in this case.
Upstream-Status: Inactive-Upstream [Upstream does not take patches]
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
mDNSShared/mDNSDebug.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mDNSShared/mDNSDebug.c b/mDNSShared/mDNSDebug.c
index 7a4ca19eff6d..d449dde320f6 100644
--- a/mDNSShared/mDNSDebug.c
+++ b/mDNSShared/mDNSDebug.c
@@ -71,7 +71,7 @@ mDNSlocal void LogMsgWithLevelv(os_log_t category, os_log_type_t level, const ch
mDNSlocal void LogMsgWithLevelv(const char *category, mDNSLogLevel_t level, const char *format, va_list args)
{
// Do not print the logs if the log category is MDNS_LOG_CATEGORY_DISABLED.
- if (strcmp(category, MDNS_LOG_CATEGORY_DISABLED) == 0)
+ if (category && strcmp(category, MDNS_LOG_CATEGORY_DISABLED) == 0)
{
return;
}
--
2.39.0

38
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0001-Handle-interface-without-ifa_addr.patch Normal file
View File

@@ -0,0 +1,38 @@
From 1cc54320306e07c1fc0eed98e7fbcbb07a2f3b28 Mon Sep 17 00:00:00 2001
From: Stefan Agner <stefan@agner.ch>
Date: Fri, 23 Jun 2023 10:10:00 +0200
Subject: [PATCH] Handle interface without `ifa_addr`
It seems that certain interface types may have `ifa_addr` set to null.
Handle this case gracefully.
Upstream-Status: Submitted [https://github.com/apple-oss-distributions/mDNSResponder/pull/2/commits/11b410d4d683c90e693c40315997bb3e8ec90e9a]
Signed-off-by: Stefan Agner <stefan@agner.ch>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
mDNSPosix/mDNSPosix.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
Index: mDNSResponder/mDNSPosix/mDNSPosix.c
===================================================================
--- mDNSResponder.orig/mDNSPosix/mDNSPosix.c
+++ mDNSResponder/mDNSPosix/mDNSPosix.c
@@ -1895,6 +1895,7 @@ mDNSlocal void InterfaceChangeCallback(i
continue;
if ((ifa_loop4 == NULL) &&
+ ((*ifi)->ifa_addr != NULL) &&
((*ifi)->ifa_addr->sa_family == AF_INET) &&
((*ifi)->ifa_flags & IFF_UP) &&
((*ifi)->ifa_flags & IFF_LOOPBACK))
@@ -1903,7 +1904,8 @@ mDNSlocal void InterfaceChangeCallback(i
continue;
}
- if ( (((*ifi)->ifa_addr->sa_family == AF_INET)
+ if ( ((*ifi)->ifa_addr != NULL) &&
+ (((*ifi)->ifa_addr->sa_family == AF_INET)
#if HAVE_IPV6
|| ((*ifi)->ifa_addr->sa_family == AF_INET6)
#endif

27
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0001-dns-sd-Include-missing-headers.patch Normal file
View File

@@ -0,0 +1,27 @@
From cea342c10731cb1c8c8b52f03d55f9d15fc3b091 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Thu, 4 Nov 2021 07:31:32 -0700
Subject: [PATCH 1/6] dns-sd: Include missing headers
Fixes build on Musl
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
mDNSPosix/nss_mdns.c | 3 +++
1 file changed, 3 insertions(+)
Index: mDNSResponder/mDNSPosix/nss_mdns.c
===================================================================
--- mDNSResponder.orig/mDNSPosix/nss_mdns.c
+++ mDNSResponder/mDNSPosix/nss_mdns.c
@@ -89,6 +89,9 @@
#include <dns_sd.h>
+#if !defined(NETDB_INTERNAL)
+# define NETDB_INTERNAL (-1)
+#endif
//----------
// Public functions

56
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0002-Create-subroutine-for-tearing-down-an-interface.patch Normal file
View File

@@ -0,0 +1,56 @@
From 40ef0241afbb49f84e76afd65eb3ee17466bb582 Mon Sep 17 00:00:00 2001
From: Nate Karstens <nate.karstens@garmin.com>
Date: Wed, 28 Jun 2017 17:30:00 -0500
Subject: [PATCH 2/8] Create subroutine for tearing down an interface
Creates a subroutine for tearing down an interface.
Upstream-Status: Submitted [dts@apple.com]
Signed-off-by: Nate Karstens <nate.karstens@garmin.com>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
mDNSPosix/mDNSPosix.c | 22 ++++++++++++++++------
1 file changed, 16 insertions(+), 6 deletions(-)
Index: mDNSResponder/mDNSPosix/mDNSPosix.c
===================================================================
--- mDNSResponder.orig/mDNSPosix/mDNSPosix.c
+++ mDNSResponder/mDNSPosix/mDNSPosix.c
@@ -1043,6 +1043,19 @@ mDNSlocal void FreePosixNetworkInterface
gRecentInterfaces = intf;
}
+mDNSlocal void TearDownInterface(mDNS *const m, PosixNetworkInterface *intf)
+{
+ mDNS_DeregisterInterface(m, &intf->coreIntf, NormalActivation);
+ if (gMDNSPlatformPosixVerboseLevel > 0) fprintf(stderr, "Deregistered interface %s\n", intf->intfName);
+ FreePosixNetworkInterface(intf);
+
+ num_registered_interfaces--;
+ if (num_registered_interfaces == 0) {
+ num_pkts_accepted = 0;
+ num_pkts_rejected = 0;
+ }
+}
+
// Grab the first interface, deregister it, free it, and repeat until done.
mDNSlocal void ClearInterfaceList(mDNS *const m)
{
@@ -1051,13 +1064,10 @@ mDNSlocal void ClearInterfaceList(mDNS *
while (m->HostInterfaces)
{
PosixNetworkInterface *intf = (PosixNetworkInterface*)(m->HostInterfaces);
- mDNS_DeregisterInterface(m, &intf->coreIntf, NormalActivation);
- if (gMDNSPlatformPosixVerboseLevel > 0) fprintf(stderr, "Deregistered interface %s\n", intf->intfName);
- FreePosixNetworkInterface(intf);
+ TearDownInterface(m, intf);
}
- num_registered_interfaces = 0;
- num_pkts_accepted = 0;
- num_pkts_rejected = 0;
+
+ assert(num_registered_interfaces == 0);
}
mDNSlocal int SetupIPv6Socket(int fd)

24
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0002-make-Set-libdns_sd.so-soname-correctly.patch Normal file
View File

@@ -0,0 +1,24 @@
From a198bcd457abd04f2e22812ff3a37246aa564614 Mon Sep 17 00:00:00 2001
From: Alex Kiernan <alex.kiernan@gmail.com>
Date: Mon, 5 Dec 2022 15:14:12 +0000
Subject: [PATCH 2/6] make: Set libdns_sd.so soname correctly
Upstream-Status: Pending
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
mDNSPosix/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: mDNSResponder/mDNSPosix/Makefile
===================================================================
--- mDNSResponder.orig/mDNSPosix/Makefile
+++ mDNSResponder/mDNSPosix/Makefile
@@ -276,7 +276,7 @@ libdns_sd: setup $(BUILDDIR)/libdns_sd.$
CLIENTLIBOBJS = $(OBJDIR)/dnssd_clientlib.c.so.o $(OBJDIR)/dnssd_clientstub.c.so.o $(OBJDIR)/dnssd_ipc.c.so.o $(OBJDIR)/dnssd_errstring.c.so.o
$(BUILDDIR)/libdns_sd.$(LDSUFFIX): $(CLIENTLIBOBJS)
- $(LD) $(SOOPTS) $(LINKOPTS) -o $@ $+
+ $(LD) $(SOOPTS) $(LINKOPTS) -Wl,-soname,libdns_sd.$(LDSUFFIX).1 -o $@ $+
$(STRIP) $@
Clients: setup libdns_sd ../Clients/build/dns-sd

48
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0003-Track-interface-socket-family.patch Normal file
View File

@@ -0,0 +1,48 @@
From deb3a2c51f32e0d2741be11a492e727129f770e2 Mon Sep 17 00:00:00 2001
From: Nate Karstens <nate.karstens@garmin.com>
Date: Wed, 28 Jun 2017 17:30:00 -0500
Subject: [PATCH 3/8] Track interface socket family
Tracks the socket family associated with the interface.
Upstream-Status: Submitted [dts@apple.com]
Signed-off-by: Nate Karstens <nate.karstens@garmin.com>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
mDNSPosix/mDNSPosix.c | 1 +
mDNSPosix/mDNSPosix.h | 2 ++
2 files changed, 3 insertions(+)
Index: mDNSResponder/mDNSPosix/mDNSPosix.c
===================================================================
--- mDNSResponder.orig/mDNSPosix/mDNSPosix.c
+++ mDNSResponder/mDNSPosix/mDNSPosix.c
@@ -1415,6 +1415,7 @@ mDNSlocal int SetupOneInterface(mDNS *co
// Set up the extra fields in PosixNetworkInterface.
assert(intf->intfName != NULL); // intf->intfName already set up above
intf->index = intfIndex;
+ intf->sa_family = intfAddr->sa_family;
intf->multicastSocket4 = -1;
#if HAVE_IPV6
intf->multicastSocket6 = -1;
Index: mDNSResponder/mDNSPosix/mDNSPosix.h
===================================================================
--- mDNSResponder.orig/mDNSPosix/mDNSPosix.h
+++ mDNSResponder/mDNSPosix/mDNSPosix.h
@@ -19,6 +19,7 @@
#define __mDNSPlatformPosix_h
#include <signal.h>
+#include <sys/socket.h>
#include <sys/time.h>
#ifdef __cplusplus
@@ -40,6 +41,7 @@ struct PosixNetworkInterface
char * intfName;
PosixNetworkInterface * aliasIntf;
int index;
+ sa_family_t sa_family;
int multicastSocket4;
#if HAVE_IPV6
int multicastSocket6;

55
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0004-Indicate-loopback-interface-to-mDNS-core.patch Normal file
View File

@@ -0,0 +1,55 @@
From beab76b5708862f44d9acbe7a92db45e2f99259f Mon Sep 17 00:00:00 2001
From: Nate Karstens <nate.karstens@garmin.com>
Date: Tue, 1 Aug 2017 17:06:01 -0500
Subject: [PATCH 4/8] Indicate loopback interface to mDNS core
Tells the mDNS core if an interface is a loopback interface,
similar to AddInterfaceToList() in the MacOS implementation.
Upstream-Status: Submitted [dts@apple.com]
Signed-off-by: Nate Karstens <nate.karstens@garmin.com>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
mDNSPosix/mDNSPosix.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
Index: mDNSResponder/mDNSPosix/mDNSPosix.c
===================================================================
--- mDNSResponder.orig/mDNSPosix/mDNSPosix.c
+++ mDNSResponder/mDNSPosix/mDNSPosix.c
@@ -1348,7 +1348,7 @@ mDNSlocal void CleanRecentInterfaces(voi
// Creates a PosixNetworkInterface for the interface whose IP address is
// intfAddr and whose name is intfName and registers it with mDNS core.
mDNSlocal int SetupOneInterface(mDNS *const m, struct sockaddr *intfAddr, struct sockaddr *intfMask,
- const mDNSu8 *intfHaddr, mDNSu16 intfHlen, const char *intfName, int intfIndex)
+ const mDNSu8 *intfHaddr, mDNSu16 intfHlen, const char *intfName, int intfIndex, int intfFlags)
{
int err = 0;
PosixNetworkInterface *intf;
@@ -1411,6 +1411,7 @@ mDNSlocal int SetupOneInterface(mDNS *co
intf->coreIntf.Advertise = m->AdvertiseLocalAddresses;
intf->coreIntf.McastTxRx = mDNStrue;
+ intf->coreIntf.Loopback = ((intfFlags & IFF_LOOPBACK) != 0) ? mDNStrue : mDNSfalse;
// Set up the extra fields in PosixNetworkInterface.
assert(intf->intfName != NULL); // intf->intfName already set up above
@@ -1561,7 +1562,7 @@ mDNSlocal int SetupInterfaceList(mDNS *c
}
#endif
if (SetupOneInterface(m, i->ifa_addr, i->ifa_netmask,
- hwaddr, hwaddr_len, i->ifa_name, ifIndex) == 0)
+ hwaddr, hwaddr_len, i->ifa_name, ifIndex, i->ifa_flags) == 0)
{
if (i->ifa_addr->sa_family == AF_INET)
foundav4 = mDNStrue;
@@ -1578,7 +1579,7 @@ mDNSlocal int SetupInterfaceList(mDNS *c
// if ((m->HostInterfaces == NULL) && (firstLoopback != NULL))
if (!foundav4 && firstLoopback)
(void) SetupOneInterface(m, firstLoopback->ifa_addr, firstLoopback->ifa_netmask,
- NULL, 0, firstLoopback->ifa_name, firstLoopbackIndex);
+ NULL, 0, firstLoopback->ifa_name, firstLoopbackIndex, firstLoopback->ifa_flags);
}
// Clean up.

61
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0004-make-Separate-TLS-targets-from-libraries.patch Normal file
View File

@@ -0,0 +1,61 @@
From 22316f200803225f2d375ae5c36ffead59e2f6b8 Mon Sep 17 00:00:00 2001
From: Alex Kiernan <alex.kiernan@gmail.com>
Date: Mon, 5 Dec 2022 15:14:26 +0000
Subject: [PATCH 4/6] make: Separate TLS targets from libraries
There are dependencies on TLSOBJS, which fails when `-lmbedtls` is
listed as a dependency, so separate it out.
Upstream-Status: Pending
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
mDNSPosix/Makefile | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
Index: mDNSResponder/mDNSPosix/Makefile
===================================================================
--- mDNSResponder.orig/mDNSPosix/Makefile
+++ mDNSResponder/mDNSPosix/Makefile
@@ -112,9 +112,11 @@ ifeq ($(findstring linux,$(os)),linux)
ifeq ($(tls), no)
CFLAGS_OS = -D_GNU_SOURCE -DHAVE_IPV6 -DNOT_HAVE_SA_LEN -DUSES_NETLINK -DHAVE_LINUX -DTARGET_OS_LINUX -ftabstop=4 -Wno-expansion-to-defined
TLSOBJS =
+TLSLIBS =
else
CFLAGS_OS = -D_GNU_SOURCE -DHAVE_IPV6 -DNOT_HAVE_SA_LEN -DUSES_NETLINK -DHAVE_LINUX -DTARGET_OS_LINUX -DPOSIX_HAS_TLS -ftabstop=4 -Wno-expansion-to-defined
-TLSOBJS = $(OBJDIR)/mbedtls.c.o -lmbedtls -lmbedcrypto
+TLSOBJS = $(OBJDIR)/mbedtls.c.o
+TLSLIBS = -lmbedtls -lmbedcrypto
endif
LD = $(CC)
SOOPTS = -shared
@@ -266,7 +268,7 @@ Daemon: setup $(BUILDDIR)/mdnsd
@echo "Responder daemon done"
$(BUILDDIR)/mdnsd: $(DAEMONOBJS)
- $(CC) -o $@ $+ $(LINKOPTS)
+ $(CC) -o $@ $+ $(LINKOPTS) $(TLSLIBS)
$(STRIP) $@
# libdns_sd target builds the client library
@@ -485,16 +487,16 @@ dnsextd: setup $(BUILDDIR)/dnsextd
@echo "dnsextd done"
$(BUILDDIR)/mDNSClientPosix: $(APPOBJ) $(TLSOBJS) $(OBJDIR)/Client.c.o
- $(CC) $+ -o $@ $(LINKOPTS)
+ $(CC) $+ -o $@ $(LINKOPTS) $(TLSLIBS)
$(BUILDDIR)/mDNSResponderPosix: $(COMMONOBJ) $(TLSOBJS) $(OBJDIR)/Responder.c.o
- $(CC) $+ -o $@ $(LINKOPTS)
+ $(CC) $+ -o $@ $(LINKOPTS) $(TLSLIBS)
$(BUILDDIR)/mDNSProxyResponderPosix: $(COMMONOBJ) $(TLSOBJS) $(OBJDIR)/ProxyResponder.c.o
- $(CC) $+ -o $@ $(LINKOPTS)
+ $(CC) $+ -o $@ $(LINKOPTS) $(TLSLIBS)
$(BUILDDIR)/mDNSNetMonitor: $(SPECIALOBJ) $(TLSOBJS) $(OBJDIR)/NetMonitor.c.o
- $(CC) $+ -o $@ $(LINKOPTS)
+ $(CC) $+ -o $@ $(LINKOPTS) $(TLSLIBS)
$(OBJDIR)/NetMonitor.c.o: $(COREDIR)/mDNS.c # Note: NetMonitor.c textually imports mDNS.c

166
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0005-Use-list-for-changed-interfaces.patch Normal file
View File

@@ -0,0 +1,166 @@
From e79f81f5cd626ad77ec64de4325f6645cf253c5e Mon Sep 17 00:00:00 2001
From: Nate Karstens <nate.karstens@garmin.com>
Date: Thu, 13 Jul 2017 09:00:00 -0500
Subject: [PATCH 5/8] Use list for changed interfaces
Uses a linked list to store the index of changed network interfaces
instead of a bitfield. This allows for network interfaces with an
index greater than 31 (an index of 36 was seen on Android).
Upstream-Status: Submitted [dts@apple.com]
Signed-off-by: Nate Karstens <nate.karstens@garmin.com>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
mDNSPosix/mDNSPosix.c | 58 ++++++++++++++++++++++++++++++++-----------
1 file changed, 43 insertions(+), 15 deletions(-)
Index: mDNSResponder/mDNSPosix/mDNSPosix.c
===================================================================
--- mDNSResponder.orig/mDNSPosix/mDNSPosix.c
+++ mDNSResponder/mDNSPosix/mDNSPosix.c
@@ -74,6 +74,14 @@ struct IfChangeRec
};
typedef struct IfChangeRec IfChangeRec;
+// Used to build a list of network interface indices
+struct NetworkInterfaceIndex
+{
+ int if_index;
+ struct NetworkInterfaceIndex *Next;
+};
+typedef struct NetworkInterfaceIndex NetworkInterfaceIndex;
+
// Note that static data is initialized to zero in (modern) C.
static PosixEventSource *gEventSources; // linked list of PosixEventSource's
static sigset_t gEventSignalSet; // Signals which event loop listens for
@@ -1621,6 +1629,23 @@ mDNSlocal mStatus OpenIfNotifySocket(int
return err;
}
+mDNSlocal void AddInterfaceIndexToList(GenLinkedList *list, int if_index)
+{
+ NetworkInterfaceIndex *item;
+
+ for (item = (NetworkInterfaceIndex*)list->Head; item != NULL; item = item->Next)
+ {
+ if (if_index == item->if_index) return;
+ }
+
+ item = mdns_malloc(sizeof *item);
+ if (item == NULL) return;
+
+ item->if_index = if_index;
+ item->Next = NULL;
+ AddToTail(list, item);
+}
+
#if MDNS_DEBUGMSGS
mDNSlocal void PrintNetLinkMsg(const struct nlmsghdr *pNLMsg)
{
@@ -1648,14 +1673,13 @@ mDNSlocal void PrintNetLinkMsg(cons
}
#endif
-mDNSlocal mDNSu32 ProcessRoutingNotification(int sd)
+mDNSlocal void ProcessRoutingNotification(int sd, GenLinkedList *changedInterfaces)
// Read through the messages on sd and if any indicate that any interface records should
// be torn down and rebuilt, return affected indices as a bitmask. Otherwise return 0.
{
ssize_t readCount;
char buff[4096];
struct nlmsghdr *pNLMsg = (struct nlmsghdr*) buff;
- mDNSu32 result = 0;
// The structure here is more complex than it really ought to be because,
// unfortunately, there's no good way to size a buffer in advance large
@@ -1691,9 +1715,9 @@ mDNSlocal mDNSu32 ProcessRoutingNo
// Process the NetLink message
if (pNLMsg->nlmsg_type == RTM_GETLINK || pNLMsg->nlmsg_type == RTM_NEWLINK)
- result |= 1 << ((struct ifinfomsg*) NLMSG_DATA(pNLMsg))->ifi_index;
+ AddInterfaceIndexToList(changedInterfaces, ((struct ifinfomsg*) NLMSG_DATA(pNLMsg))->ifi_index);
else if (pNLMsg->nlmsg_type == RTM_DELADDR || pNLMsg->nlmsg_type == RTM_NEWADDR)
- result |= 1 << ((struct ifaddrmsg*) NLMSG_DATA(pNLMsg))->ifa_index;
+ AddInterfaceIndexToList(changedInterfaces, ((struct ifaddrmsg*) NLMSG_DATA(pNLMsg))->ifa_index);
// Advance pNLMsg to the next message in the buffer
if ((pNLMsg->nlmsg_flags & NLM_F_MULTI) != 0 && pNLMsg->nlmsg_type != NLMSG_DONE)
@@ -1704,8 +1728,6 @@ mDNSlocal mDNSu32 ProcessRoutingNo
else
break; // all done!
}
-
- return result;
}
#else // USES_NETLINK
@@ -1737,14 +1759,13 @@ mDNSlocal void PrintRoutingSocketMs
}
#endif
-mDNSlocal mDNSu32 ProcessRoutingNotification(int sd)
+mDNSlocal void ProcessRoutingNotification(int sd, GenLinkedList *changedInterfaces)
// Read through the messages on sd and if any indicate that any interface records should
// be torn down and rebuilt, return affected indices as a bitmask. Otherwise return 0.
{
ssize_t readCount;
char buff[4096];
struct ifa_msghdr *pRSMsg = (struct ifa_msghdr*) buff;
- mDNSu32 result = 0;
readCount = read(sd, buff, sizeof buff);
if (readCount < (ssize_t) sizeof(struct ifa_msghdr))
@@ -1759,12 +1780,10 @@ mDNSlocal mDNSu32 ProcessRoutingNo
pRSMsg->ifam_type == RTM_IFINFO)
{
if (pRSMsg->ifam_type == RTM_IFINFO)
- result |= 1 << ((struct if_msghdr*) pRSMsg)->ifm_index;
+ AddInterfaceIndexToList(changedInterfaces, ((struct if_msghdr*) pRSMsg)->ifm_index);
else
- result |= 1 << pRSMsg->ifam_index;
+ AddInterfaceIndexToList(changedInterfaces, pRSMsg->ifam_index);
}
-
- return result;
}
#endif // USES_NETLINK
@@ -1774,7 +1793,8 @@ mDNSlocal void InterfaceChangeCallback(i
{
IfChangeRec *pChgRec = (IfChangeRec*) context;
fd_set readFDs;
- mDNSu32 changedInterfaces = 0;
+ GenLinkedList changedInterfaces;
+ NetworkInterfaceIndex *changedInterface;
struct timeval zeroTimeout = { 0, 0 };
(void)fd; // Unused
@@ -1782,17 +1802,25 @@ mDNSlocal void InterfaceChangeCallback(i
FD_ZERO(&readFDs);
FD_SET(pChgRec->NotifySD, &readFDs);
+ InitLinkedList(&changedInterfaces, offsetof(NetworkInterfaceIndex, Next));
+
do
{
- changedInterfaces |= ProcessRoutingNotification(pChgRec->NotifySD);
+ ProcessRoutingNotification(pChgRec->NotifySD, &changedInterfaces);
}
while (0 < select(pChgRec->NotifySD + 1, &readFDs, (fd_set*) NULL, (fd_set*) NULL, &zeroTimeout));
// Currently we rebuild the entire interface list whenever any interface change is
// detected. If this ever proves to be a performance issue in a multi-homed
// configuration, more care should be paid to changedInterfaces.
- if (changedInterfaces)
+ if (changedInterfaces.Head != NULL)
mDNSPlatformPosixRefreshInterfaceList(pChgRec->mDNS);
+
+ while ((changedInterface = (NetworkInterfaceIndex*)changedInterfaces.Head) != NULL)
+ {
+ RemoveFromList(&changedInterfaces, changedInterface);
+ mdns_free(changedInterface);
+ }
}
// Register with either a Routing Socket or RtNetLink to listen for interface changes.

25
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0005-mDNSCore-Fix-broken-debug-parameter.patch Normal file
View File

@@ -0,0 +1,25 @@
From 764b6202402e9e5687ff873330e5ad6be6f69df7 Mon Sep 17 00:00:00 2001
From: Alex Kiernan <alex.kiernan@gmail.com>
Date: Mon, 5 Dec 2022 22:49:49 +0000
Subject: [PATCH] mDNSCore: Fix broken debug parameter
Upstream-Status: Pending
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
mDNSCore/mDNS.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: mDNSResponder/mDNSCore/mDNS.c
===================================================================
--- mDNSResponder.orig/mDNSCore/mDNS.c
+++ mDNSResponder/mDNSCore/mDNS.c
@@ -10231,7 +10231,7 @@ mDNSlocal void mDNSCoreReceiveNoUnicastA
#else
const DNSServRef dnsserv = qptr->qDNSServer;
#endif
- debugf("mDNSCoreReceiveNoUnicastAnswers making negative cache entry TTL %d for %##s (%s)", negttl, currentQName, DNSTypeName(q.qtype));
+ debugf("mDNSCoreReceiveNoUnicastAnswers making negative cache entry TTL %d for %##s (%s)", negttl, currentQName->c, DNSTypeName(q.qtype));
// Create a negative record for the current name in the CNAME chain.
MakeNegativeCacheRecord(m, &m->rec.r, currentQName, currentQNameHash, q.qtype, q.qclass, negttl, mDNSInterface_Any,
dnsserv, response->h.flags);

249
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0006-Handle-noisy-netlink-sockets.patch Normal file
View File

@@ -0,0 +1,249 @@
From bfa1d68bed863e22c40a6d9a19ffbcc8694bbff6 Mon Sep 17 00:00:00 2001
From: Nate Karstens <nate.karstens@garmin.com>
Date: Mon, 24 Jul 2017 09:38:55 -0500
Subject: [PATCH 6/8] Handle noisy netlink sockets
The POSIX implementation currently clears all network interfaces
when netlink indicates that there has been a change. This causes
the following problems:
1) Applications are informed that all of the services they are
tracking have been removed.
2) Increases network load because the client must re-query for
all records it is interested in.
This changes netlink notification handling by:
1) Always comparing with the latest interface list returned
by the OS.
2) Confirming that the interface has been changed in a way
that we care about.
Upstream-Status: Submitted [dts@apple.com]
Signed-off-by: Nate Karstens <nate.karstens@garmin.com>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
mDNSPosix/mDNSPosix.c | 182 +++++++++++++++++++++++++++++++++++++++---
1 file changed, 172 insertions(+), 10 deletions(-)
Index: mDNSResponder/mDNSPosix/mDNSPosix.c
===================================================================
--- mDNSResponder.orig/mDNSPosix/mDNSPosix.c
+++ mDNSResponder/mDNSPosix/mDNSPosix.c
@@ -1788,14 +1788,43 @@ mDNSlocal void ProcessRoutingNo
#endif // USES_NETLINK
+// Test whether the given PosixNetworkInterface matches the given struct ifaddrs
+mDNSlocal mDNSBool InterfacesMatch(PosixNetworkInterface *intf, struct ifaddrs *ifi)
+{
+ mDNSBool match = mDNSfalse;
+ mDNSAddr ip, mask;
+ unsigned int if_index;
+
+ if_index = if_nametoindex(ifi->ifa_name);
+ if (if_index == 0)
+ return mDNSfalse;
+
+ if((intf->index == if_index) &&
+ (intf->sa_family == ifi->ifa_addr->sa_family) &&
+ (strcmp(intf->coreIntf.ifname, ifi->ifa_name) == 0))
+ {
+ SockAddrTomDNSAddr(ifi->ifa_addr, &ip, NULL);
+ SockAddrTomDNSAddr(ifi->ifa_netmask, &mask, NULL);
+
+ match = mDNSSameAddress(&intf->coreIntf.ip, &ip) &&
+ mDNSSameAddress(&intf->coreIntf.mask, &mask);
+ }
+
+ return match;
+}
+
// Called when data appears on interface change notification socket
mDNSlocal void InterfaceChangeCallback(int fd, void *context)
{
IfChangeRec *pChgRec = (IfChangeRec*) context;
+ mDNS *m = pChgRec->mDNS;
fd_set readFDs;
GenLinkedList changedInterfaces;
NetworkInterfaceIndex *changedInterface;
struct timeval zeroTimeout = { 0, 0 };
+ struct ifaddrs *ifa_list, **ifi, *ifa_loop4 = NULL;
+ PosixNetworkInterface *intf, *intfNext;
+ mDNSBool found, foundav4;
(void)fd; // Unused
@@ -1810,12 +1839,149 @@ mDNSlocal void InterfaceChangeCallback(i
}
while (0 < select(pChgRec->NotifySD + 1, &readFDs, (fd_set*) NULL, (fd_set*) NULL, &zeroTimeout));
- // Currently we rebuild the entire interface list whenever any interface change is
- // detected. If this ever proves to be a performance issue in a multi-homed
- // configuration, more care should be paid to changedInterfaces.
- if (changedInterfaces.Head != NULL)
- mDNSPlatformPosixRefreshInterfaceList(pChgRec->mDNS);
+ CleanRecentInterfaces();
+
+ if (changedInterfaces.Head == NULL) goto cleanup;
+
+ if (getifaddrs(&ifa_list) < 0) goto cleanup;
+
+ for (intf = (PosixNetworkInterface*)(m->HostInterfaces); intf != NULL; intf = intfNext)
+ {
+ intfNext = (PosixNetworkInterface*)(intf->coreIntf.next);
+
+ // Loopback interface(s) are handled later
+ if (intf->coreIntf.Loopback) continue;
+
+ found = mDNSfalse;
+ for (ifi = &ifa_list; *ifi != NULL; ifi = &(*ifi)->ifa_next)
+ {
+ if (InterfacesMatch(intf, *ifi))
+ {
+ found = mDNStrue;
+ break;
+ }
+ }
+
+ // Removes changed and old interfaces from m->HostInterfaces
+ if (!found) TearDownInterface(m, intf);
+ }
+
+ // Add new and changed interfaces in ifa_list
+ // Save off loopback interface in case it is needed later
+ for (ifi = &ifa_list; *ifi != NULL; ifi = &(*ifi)->ifa_next)
+ {
+ found = mDNSfalse;
+ for (intf = (PosixNetworkInterface*)(m->HostInterfaces); intf != NULL; intf = intfNext)
+ {
+ intfNext = (PosixNetworkInterface*)(intf->coreIntf.next);
+
+ // Loopback interface(s) are handled later
+ if (intf->coreIntf.Loopback) continue;
+
+ if (InterfacesMatch(intf, *ifi))
+ {
+ found = mDNStrue;
+ break;
+ }
+
+ // Removes changed and old interfaces from m->HostInterfaces
+ }
+ if (found)
+ continue;
+
+ if ((ifa_loop4 == NULL) &&
+ ((*ifi)->ifa_addr->sa_family == AF_INET) &&
+ ((*ifi)->ifa_flags & IFF_UP) &&
+ ((*ifi)->ifa_flags & IFF_LOOPBACK))
+ {
+ ifa_loop4 = *ifi;
+ continue;
+ }
+
+ if ( (((*ifi)->ifa_addr->sa_family == AF_INET)
+#if HAVE_IPV6
+ || ((*ifi)->ifa_addr->sa_family == AF_INET6)
+#endif
+ ) && ((*ifi)->ifa_flags & IFF_UP)
+ && !((*ifi)->ifa_flags & IFF_POINTOPOINT)
+ && !((*ifi)->ifa_flags & IFF_LOOPBACK))
+ {
+ struct ifaddrs *i = *ifi;
+
+#define ethernet_addr_len 6
+ uint8_t hwaddr[ethernet_addr_len];
+ int hwaddr_len = 0;
+
+#if defined(TARGET_OS_LINUX) && TARGET_OS_LINUX
+ struct ifreq ifr;
+ int sockfd = socket(AF_INET6, SOCK_DGRAM, 0);
+ if (sockfd >= 0)
+ {
+ /* Add hardware address */
+ memcpy(ifr.ifr_name, i->ifa_name, IFNAMSIZ);
+ if (ioctl(sockfd, SIOCGIFHWADDR, &ifr) != -1)
+ {
+ if (ifr.ifr_hwaddr.sa_family == ARPHRD_ETHER)
+ {
+ memcpy(hwaddr, ifr.ifr_hwaddr.sa_data, ethernet_addr_len);
+ hwaddr_len = ethernet_addr_len;
+ }
+ }
+ close(sockfd);
+ }
+ else
+ {
+ memset(hwaddr, 0, sizeof(hwaddr));
+ }
+#endif // TARGET_OS_LINUX
+ SetupOneInterface(m, i->ifa_addr, i->ifa_netmask,
+ hwaddr, hwaddr_len, i->ifa_name, if_nametoindex(i->ifa_name), i->ifa_flags);
+ }
+ }
+
+ // Determine if there is at least one non-loopback IPv4 interface. This is to work around issues
+ // with multicast loopback on IPv6 interfaces -- see corresponding logic in SetupInterfaceList().
+ foundav4 = mDNSfalse;
+ for (intf = (PosixNetworkInterface*)(m->HostInterfaces); intf != NULL; intf = (PosixNetworkInterface*)(intf->coreIntf.next))
+ {
+ if (intf->sa_family == AF_INET && !intf->coreIntf.Loopback)
+ {
+ foundav4 = mDNStrue;
+ break;
+ }
+ }
+
+ if (foundav4)
+ {
+ for (intf = (PosixNetworkInterface*)(m->HostInterfaces); intf != NULL; intf = intfNext)
+ {
+ intfNext = (PosixNetworkInterface*)(intf->coreIntf.next);
+ if (intf->coreIntf.Loopback) TearDownInterface(m, intf);
+ }
+ }
+ else
+ {
+ found = mDNSfalse;
+
+ for (intf = (PosixNetworkInterface*)(m->HostInterfaces); intf != NULL; intf = (PosixNetworkInterface*)(intf->coreIntf.next))
+ {
+ if (intf->coreIntf.Loopback)
+ {
+ found = mDNStrue;
+ break;
+ }
+ }
+
+ if (!found && (ifa_loop4 != NULL))
+ {
+ SetupOneInterface(m, ifa_loop4->ifa_addr, ifa_loop4->ifa_netmask,
+ NULL, 0, ifa_loop4->ifa_name, if_nametoindex(ifa_loop4->ifa_name), ifa_loop4->ifa_flags);
+ }
+ }
+
+ if (ifa_list != NULL) freeifaddrs(ifa_list);
+cleanup:
while ((changedInterface = (NetworkInterfaceIndex*)changedInterfaces.Head) != NULL)
{
RemoveFromList(&changedInterfaces, changedInterface);
@@ -1947,15 +2113,11 @@ mDNSexport void mDNSPlatformClose(mDNS *
#endif
}
-// This is used internally by InterfaceChangeCallback.
-// It's also exported so that the Standalone Responder (mDNSResponderPosix)
+// This is exported so that the Standalone Responder (mDNSResponderPosix)
// can call it in response to a SIGHUP (mainly for debugging purposes).
mDNSexport mStatus mDNSPlatformPosixRefreshInterfaceList(mDNS *const m)
{
int err;
- // This is a pretty heavyweight way to process interface changes --
- // destroying the entire interface list and then making fresh one from scratch.
- // We should make it like the OS X version, which leaves unchanged interfaces alone.
ClearInterfaceList(m);
err = SetupInterfaceList(m);
return PosixErrorToStatus(err);

21
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0006-make-Add-top-level-Makefile.patch Normal file
View File

@@ -0,0 +1,21 @@
From fa9ef50ab4c4225cf3ade4bafc38ddf93e6fe127 Mon Sep 17 00:00:00 2001
From: Alex Kiernan <alex.kiernan@gmail.com>
Date: Tue, 6 Dec 2022 13:28:31 +0000
Subject: [PATCH 6/6] make: Add top-level Makefile
Simple top level Makefile that just delegates to mDNSPosix.
Upstream-Status: Inappropriate [oe-specific]
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
Makefile | 2 ++
1 file changed, 2 insertions(+)
create mode 100644 Makefile
Index: mDNSResponder/Makefile
===================================================================
--- /dev/null
+++ mDNSResponder/Makefile
@@ -0,0 +1,2 @@
+all clean:
+ cd mDNSPosix && $(MAKE) $@

37
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0007-Mark-deleted-interfaces-as-being-changed.patch Normal file
View File

@@ -0,0 +1,37 @@
From a8accffb95267490b50401c8b65ec18db57b5ef5 Mon Sep 17 00:00:00 2001
From: Nate Karstens <nate.karstens@garmin.com>
Date: Wed, 9 Aug 2017 09:16:58 -0500
Subject: [PATCH 7/8] Mark deleted interfaces as being changed
Netlink notification handling ignores messages for deleted links,
RTM_DELLINK. It does handle RTM_GETLINK. According to libnl docu-
mentation (http://www.infradead.org/~tgr/libnl/doc/route.html)
RTM_DELLINK can be sent by the kernel, but RTM_GETLINK cannot.
There was likely a mixup in the original implementation, so this
change replaces handling for RTM_GETLINK with RTM_DELLINK.
Testing and Verification Instructions:
1. Use ip-link to add and remove a VLAN interface and verify
that mDNSResponder handles the deleted link.
Upstream-Status: Submitted [dts@apple.com]
Signed-off-by: Nate Karstens <nate.karstens@garmin.com>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
mDNSPosix/mDNSPosix.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Index: mDNSResponder/mDNSPosix/mDNSPosix.c
===================================================================
--- mDNSResponder.orig/mDNSPosix/mDNSPosix.c
+++ mDNSResponder/mDNSPosix/mDNSPosix.c
@@ -1714,7 +1714,7 @@ mDNSlocal void ProcessRoutingNo
#endif
// Process the NetLink message
- if (pNLMsg->nlmsg_type == RTM_GETLINK || pNLMsg->nlmsg_type == RTM_NEWLINK)
+ if (pNLMsg->nlmsg_type == RTM_DELLINK || pNLMsg->nlmsg_type == RTM_NEWLINK)
AddInterfaceIndexToList(changedInterfaces, ((struct ifinfomsg*) NLMSG_DATA(pNLMsg))->ifi_index);
else if (pNLMsg->nlmsg_type == RTM_DELADDR || pNLMsg->nlmsg_type == RTM_NEWADDR)
AddInterfaceIndexToList(changedInterfaces, ((struct ifaddrmsg*) NLMSG_DATA(pNLMsg))->ifa_index);

60
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0008-Handle-errors-from-socket-calls.patch Normal file
View File

@@ -0,0 +1,60 @@
From ed58146d3aeecdb9920fdc017f85c18b5b10f2db Mon Sep 17 00:00:00 2001
From: Nate Karstens <nate.karstens@garmin.com>
Date: Thu, 10 Aug 2017 08:27:32 -0500
Subject: [PATCH 8/8] Handle errors from socket calls
Adds handling for socket() or read() returning a
negative value (indicating an error has occurred).
Upstream-Status: Submitted [dts@apple.com]
Signed-off-by: Nate Karstens <nate.karstens@garmin.com>
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
mDNSPosix/mDNSPosix.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
Index: mDNSResponder/mDNSPosix/mDNSPosix.c
===================================================================
--- mDNSResponder.orig/mDNSPosix/mDNSPosix.c
+++ mDNSResponder/mDNSPosix/mDNSPosix.c
@@ -1677,7 +1677,7 @@ mDNSlocal void ProcessRoutingNo
// Read through the messages on sd and if any indicate that any interface records should
// be torn down and rebuilt, return affected indices as a bitmask. Otherwise return 0.
{
- ssize_t readCount;
+ ssize_t readVal, readCount;
char buff[4096];
struct nlmsghdr *pNLMsg = (struct nlmsghdr*) buff;
@@ -1686,7 +1686,10 @@ mDNSlocal void ProcessRoutingNo
// enough to hold all pending data and so avoid message fragmentation.
// (Note that FIONREAD is not supported on AF_NETLINK.)
- readCount = read(sd, buff, sizeof buff);
+ readVal = read(sd, buff, sizeof buff);
+ if (readVal < 0) return;
+ readCount = readVal;
+
while (1)
{
// Make sure we've got an entire nlmsghdr in the buffer, and payload, too.
@@ -1702,7 +1705,9 @@ mDNSlocal void ProcessRoutingNo
pNLMsg = (struct nlmsghdr*) buff;
// read more data
- readCount += read(sd, buff + readCount, sizeof buff - readCount);
+ readVal = read(sd, buff + readCount, sizeof buff - readCount);
+ if (readVal < 0) return;
+ readCount += readVal;
continue; // spin around and revalidate with new readCount
}
else
@@ -2017,6 +2022,7 @@ mDNSlocal mDNSBool mDNSPlatformInit_CanR
int err;
int s = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
struct sockaddr_in s5353;
+ if (s < 0) return mDNSfalse;
s5353.sin_family = AF_INET;
s5353.sin_port = MulticastDNSPort.NotAnInteger;
s5353.sin_addr.s_addr = 0;

31
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0009-remove-unneeded-headers.patch Normal file
View File

@@ -0,0 +1,31 @@
From 1d7e71e72c597ffcc19c04373a477d1fbd3ad955 Mon Sep 17 00:00:00 2001
From: Beniamin Sandu <beniaminsandu@gmail.com>
Date: Thu, 15 Jun 2023 17:02:58 +0000
Subject: [PATCH] remove unneeded headers
From a quick look, these seem to not be needed and having them
breaks the build with mbedtls 3.x. Without them it builds fine
on both 2.x and 3.x versions.
Upstream-Status: Pending
Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com>
---
mDNSPosix/mbedtls.c | 2 --
1 file changed, 2 deletions(-)
Index: mDNSResponder/mDNSPosix/mbedtls.c
===================================================================
--- mDNSResponder.orig/mDNSPosix/mbedtls.c
+++ mDNSResponder/mDNSPosix/mbedtls.c
@@ -38,10 +38,8 @@
#include <mbedtls/sha256.h>
#include <mbedtls/base64.h>
-#include <mbedtls/certs.h>
#include <mbedtls/x509.h>
#include <mbedtls/ssl.h>
-#include <mbedtls/config.h>
// Posix TLS server context
struct TLSContext_struct {

23
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/0015-Add-missing-limits.h.patch Normal file
View File

@@ -0,0 +1,23 @@
From 9fc45a2cf3b78573a568abf538a6e6f4bd30b2d7 Mon Sep 17 00:00:00 2001
From: Alex Kiernan <alex.kiernan@gmail.com>
Date: Wed, 27 Sep 2023 11:45:26 +0100
Subject: [PATCH] Add missing limits.h
Upstream-Status: Pending
Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com>
---
mDNSShared/PlatformCommon.c | 1 +
1 file changed, 1 insertion(+)
Index: mDNSResponder/mDNSShared/PlatformCommon.c
===================================================================
--- mDNSResponder.orig/mDNSShared/PlatformCommon.c
+++ mDNSResponder/mDNSShared/PlatformCommon.c
@@ -32,6 +32,7 @@
#include <time.h>
#include <sys/time.h> // Needed for #include <sys/time.h>().
#include <assert.h>
+#include <limits.h>
#include "mDNSEmbeddedAPI.h" // Defines the interface provided to the client layer above

15
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns/mdns.service Normal file
View File

@@ -0,0 +1,15 @@
[Unit]
Description=Zero-configuration networking
After=network.target
[Service]
Type=forking
ExecStartPre=/bin/rm -f /var/run/mdnsd.pid
ExecStart=/usr/sbin/mdnsd
ExecReload=/bin/kill -HUP $MAINPID
PIDFile=/var/run/mdnsd.pid
Restart=always
RestartSec=10s
[Install]
WantedBy=multi-user.target

135
sources/meta-openembedded/meta-networking/recipes-protocols/mdns/mdns_2200.100.94.0.2.bb Normal file
View File

@@ -0,0 +1,135 @@
SUMMARY = "Publishes & browses available services on a link according to the Zeroconf / Bonjour protocol"
DESCRIPTION = "Bonjour, also known as zero-configuration networking, enables automatic discovery of computers, devices, and services on IP networks."
HOMEPAGE = "https://developer.apple.com/bonjour/"
LICENSE = "Apache-2.0 & BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=31c50371921e0fb731003bbc665f29bf"
DEPENDS:append:libc-musl = " musl-nscd"
SRC_URI = "git://github.com/apple-oss-distributions/mDNSResponder;protocol=https;branch=rel/mDNSResponder-2200 \
file://0001-dns-sd-Include-missing-headers.patch \
file://0002-make-Set-libdns_sd.so-soname-correctly.patch \
file://0004-make-Separate-TLS-targets-from-libraries.patch \
file://0005-mDNSCore-Fix-broken-debug-parameter.patch \
file://0006-make-Add-top-level-Makefile.patch \
file://0001-Create-subroutine-for-cleaning-recent-interfaces.patch \
file://0002-Create-subroutine-for-tearing-down-an-interface.patch \
file://0003-Track-interface-socket-family.patch \
file://0004-Indicate-loopback-interface-to-mDNS-core.patch \
file://0005-Use-list-for-changed-interfaces.patch \
file://0006-Handle-noisy-netlink-sockets.patch \
file://0007-Mark-deleted-interfaces-as-being-changed.patch \
file://0008-Handle-errors-from-socket-calls.patch \
file://0009-remove-unneeded-headers.patch \
file://mdns.service \
file://0015-Add-missing-limits.h.patch \
file://0001-Handle-interface-without-ifa_addr.patch \
file://0001-Fix-SIGSEGV-during-DumpStateLog.patch \
"
SRCREV = "8f70f98fc1d0cf439ca3a6470be6ad8ac2bcc019"
# We install a stub Makefile in the top directory so that the various checks
# in base.bbclass pass their tests for a Makefile, this ensures (that amongst
# other things) the sstate checks will clean the build directory when the
# task hashes changes.
#
# We can't use the approach of setting ${S} to mDNSPosix as we need
# DEBUG_PREFIX_MAP to cover files which come from the Clients directory too.
S = "${WORKDIR}/git"
inherit github-releases manpages systemd update-rc.d
PACKAGECONFIG ?= "tls \
${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}"
PACKAGECONFIG[debug] = "DEBUG=1,DEBUG=0"
PACKAGECONFIG[ipv6] = "HAVE_IPV6=1,HAVE_IPV6=0"
PACKAGECONFIG[manpages] = ""
PACKAGECONFIG[tls] = ",tls=no,mbedtls"
CVE_PRODUCT = "apple:mdnsresponder"
CVE_STATUS[CVE-2007-0613] = "not-applicable-platform: Issue affects Apple products \
i.e. ichat,mdnsresponder, instant message framework and MacOS. Also, \
https://www.exploit-db.com/exploits/3230 shows the part of code \
affected by CVE-2007-0613 which is not preset in upstream source code. \
Hence, CVE-2007-0613 does not affect other Yocto implementations and \
is not reported for other distros can be marked whitelisted. \
Links: https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-0613 \
https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2007-0613 \
https://security-tracker.debian.org/tracker/CVE-2007-0613 \
https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-0613"
PARALLEL_MAKE = ""
EXTRA_OEMAKE = "os=linux 'CC=${CCLD}' 'LD=${CCLD}' 'LINKOPTS=${LDFLAGS}' STRIP=: ${PACKAGECONFIG_CONFARGS}"
# MDNS_VERSIONSTR_NODTS disables __DATE__ and __TIME__ in the version string,
# which are fixed anyway for build reproducibility.
TARGET_CPPFLAGS += "-DMDNS_VERSIONSTR_NODTS"
TARGET_CC_ARCH += "${LDFLAGS}"
MDNS_BUILDDIR = "build/${@bb.utils.contains('PACKAGECONFIG','debug','debug','prod', d)}"
do_install () {
cd mDNSPosix
install -d ${D}${sbindir}
install ${MDNS_BUILDDIR}/mdnsd ${D}${sbindir}
install -d ${D}${libdir}
install -m 0644 ${MDNS_BUILDDIR}/libdns_sd.so ${D}${libdir}/libdns_sd.so.1
ln -s libdns_sd.so.1 ${D}${libdir}/libdns_sd.so
install -d ${D}${includedir}
install -m 0644 ../mDNSShared/dns_sd.h ${D}${includedir}
install -d ${D}${mandir}/man8
install -m 0644 ../mDNSShared/mDNSResponder.8 ${D}${mandir}/man8/mdnsd.8
install -d ${D}${bindir}
install -m 0755 ../Clients/build/dns-sd ${D}${bindir}
install -d ${D}${libdir}
oe_libinstall -C ${MDNS_BUILDDIR} -so libnss_mdns-0.2 ${D}${libdir}
ln -s libnss_mdns-0.2.so ${D}${libdir}/libnss_mdns.so.2
install -d ${D}${sysconfdir}
install -m 0644 nss_mdns.conf ${D}${sysconfdir}
install -d ${D}${mandir}/man5
install -m 0644 nss_mdns.conf.5 ${D}${mandir}/man5
install -d ${D}${mandir}/man8
install -m 0644 libnss_mdns.8 ${D}${mandir}/man8
install -d ${D}${systemd_system_unitdir}
install -m 0644 ${WORKDIR}/mdns.service ${D}${systemd_system_unitdir}
install -d ${D}${INIT_D_DIR}
install mdnsd.sh ${D}${INIT_D_DIR}/mdns
}
pkg_postinst:${PN} () {
if [ -r $D${sysconfdir}/nsswitch.conf ]; then
sed -e '/^hosts:/s/\s*\<mdns\>//' \
-e 's/\(^hosts:.*\)\(\<files\>\)\(.*\)\(\<dns\>\)\(.*\)/\1\2 mdns\3\4\5/' \
-i $D${sysconfdir}/nsswitch.conf
fi
}
pkg_prerm:${PN} () {
if [ -r $D${sysconfdir}/nsswitch.conf ]; then
sed -e '/^hosts:/s/\s*\<mdns\>//' \
-e '/^hosts:/s/\s*mdns//' \
-i $D${sysconfdir}/nsswitch.conf
fi
}
SYSTEMD_SERVICE:${PN} = "mdns.service"
INITSCRIPT_NAME = "mdns"
FILES_SOLIBSDEV = "${libdir}/libdns_sd.so"
FILES:${PN} += "${libdir}/libnss_mdns-0.2.so"
RPROVIDES:${PN} += "libdns_sd.so"

66
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/files/init Normal file
View File

@@ -0,0 +1,66 @@
#! /bin/sh
# /etc/init.d/snmpd: start snmp daemon.
. /etc/init.d/functions
# Defaults
export MIBDIRS=/usr/share/snmp/mibs
SNMPDRUN=yes
SNMPDOPTS='-Lsd -Lf /dev/null -p /var/run/snmpd.pid'
TRAPDRUN=no
TRAPDOPTS='-Lsd -p /var/run/snmptrapd.pid'
PIDFILE=/var/run/snmpd.pid
SPIDFILE=/var/run/snmptrapd.pid
# Reads config file if exists (will override defaults above)
[ -r /etc/default/snmpd ] && . /etc/default/snmpd
[ "$SNMPDRUN" = "yes" ] && { test -x /usr/sbin/snmpd || exit 0; }
[ "$TRAPDRUN" = "yes" ] && { test -x /usr/sbin/snmptrapd || exit 0; }
case "$1" in
start)
echo -n "Starting network management services:"
if [ "$SNMPDRUN" = "yes" -a -f /etc/snmp/snmpd.conf -a ! -f "$PIDFILE" ]; then
start-stop-daemon -o --start --quiet --name snmpd --pidfile "$PIDFILE" \
--exec /usr/sbin/snmpd -- $SNMPDOPTS
echo -n " snmpd"
fi
if [ "$TRAPDRUN" = "yes" -a -f /etc/snmp/snmptrapd.conf -a ! -f "$SPIDFILE" ]; then
start-stop-daemon -o --start --quiet --name snmptrapd --pidfile "$SPIDFILE" \
--exec /usr/sbin/snmptrapd -- $TRAPDOPTS
echo -n " snmptrapd"
fi
echo "."
test ! -x /sbin/restorecon || /sbin/restorecon -FR /var/lib/net-snmp
;;
stop)
echo -n "Stopping network management services:"
if [ -f "$PIDFILE" ] ; then
start-stop-daemon -o --stop --quiet --pidfile $PIDFILE --name snmpd
fi
echo -n " snmpd"
if [ -f "$SPIDFILE" ] ; then
start-stop-daemon -o --stop --quiet --pidfile $SPIDFILE --name snmptrapd
rm -rf $SPIDFILE
fi
echo -n " snmptrapd"
echo "."
;;
status)
status /usr/sbin/snmpd;
exit $?
;;
restart|reload|force-reload)
$0 stop
# Allow the daemons time to exit completely.
sleep 2
$0 start
;;
*)
echo "Usage: /etc/init.d/snmpd {start|stop|status|restart|reload|force-reload}"
exit 1
esac
exit 0

422
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/files/snmpd.conf Normal file
View File

@@ -0,0 +1,422 @@
###############################################################################
#
# EXAMPLE.conf:
# An example configuration file for configuring the ucd-snmp snmpd agent.
#
###############################################################################
#
# This file is intended to only be an example. If, however, you want
# to use it, it should be placed in /etc/snmp/snmpd.conf.
# When the snmpd agent starts up, this is where it will look for it.
#
# You might be interested in generating your own snmpd.conf file using
# the "snmpconf" program (perl script) instead. It's a nice menu
# based interface to writing well commented configuration files. Try it!
#
# Note: This file is automatically generated from EXAMPLE.conf.def.
# Do NOT read the EXAMPLE.conf.def file! Instead, after you have run
# configure & make, and then make sure you read the EXAMPLE.conf file
# instead, as it will tailor itself to your configuration.
# All lines beginning with a '#' are comments and are intended for you
# to read. All other lines are configuration commands for the agent.
#
# PLEASE: read the snmpd.conf(5) manual page as well!
#
###############################################################################
# Access Control
###############################################################################
# YOU SHOULD CHANGE THE "COMMUNITY" TOKEN BELOW TO A NEW KEYWORD ONLY
# KNOWN AT YOUR SITE. YOU *MUST* CHANGE THE NETWORK TOKEN BELOW TO
# SOMETHING REFLECTING YOUR LOCAL NETWORK ADDRESS SPACE.
# By far, the most common question I get about the agent is "why won't
# it work?", when really it should be "how do I configure the agent to
# allow me to access it?"
#
# By default, the agent responds to the "public" community for read
# only access, if run out of the box without any configuration file in
# place. The following examples show you other ways of configuring
# the agent so that you can change the community names, and give
# yourself write access as well.
#
# The following lines change the access permissions of the agent so
# that the COMMUNITY string provides read-only access to your entire
# NETWORK (EG: 10.10.10.0/24), and read/write access to only the
# localhost (127.0.0.1, not its real ipaddress).
#
# For more information, read the FAQ as well as the snmpd.conf(5)
# manual page.
####
# First, map the community name (COMMUNITY) into a security name
# (local and mynetwork, depending on where the request is coming
# from):
# sec.name source community
com2sec paranoid default public
#com2sec readonly default public
#com2sec readwrite default private
####
# Second, map the security names into group names:
# sec.model sec.name
group MyROSystem v1 paranoid
group MyROSystem v2c paranoid
group MyROSystem usm paranoid
group MyROGroup v1 readonly
group MyROGroup v2c readonly
group MyROGroup usm readonly
group MyRWGroup v1 readwrite
group MyRWGroup v2c readwrite
group MyRWGroup usm readwrite
####
# Third, create a view for us to let the groups have rights to:
# incl/excl subtree mask
view all included .1 80
view system included .iso.org.dod.internet.mgmt.mib-2.system
####
# Finally, grant the 2 groups access to the 1 view with different
# write permissions:
# context sec.model sec.level match read write notif
access MyROSystem "" any noauth exact system none none
access MyROGroup "" any noauth exact all none none
access MyRWGroup "" any noauth exact all all none
# -----------------------------------------------------------------------------
###############################################################################
# System contact information
#
# It is also possible to set the sysContact and sysLocation system
# variables through the snmpd.conf file. **PLEASE NOTE** that setting
# the value of these objects here makes these objects READ-ONLY
# (regardless of any access control settings). Any attempt to set the
# value of an object whose value is given here will fail with an error
# status of notWritable.
syslocation Unknown (configure /etc/snmp/snmpd.local.conf)
syscontact Root <root@localhost> (configure /etc/snmp/snmpd.local.conf)
# Example output of snmpwalk:
# % snmpwalk -v 1 -c public localhost system
# system.sysDescr.0 = "SunOS name sun4c"
# system.sysObjectID.0 = OID: enterprises.ucdavis.ucdSnmpAgent.sunos4
# system.sysUpTime.0 = Timeticks: (595637548) 68 days, 22:32:55
# system.sysContact.0 = "Me <me@somewhere.org>"
# system.sysName.0 = "name"
# system.sysLocation.0 = "Right here, right now."
# system.sysServices.0 = 72
# -----------------------------------------------------------------------------
###############################################################################
# Process checks.
#
# The following are examples of how to use the agent to check for
# processes running on the host. The syntax looks something like:
#
# proc NAME [MAX=0] [MIN=0]
#
# NAME: the name of the process to check for. It must match
# exactly (ie, http will not find httpd processes).
# MAX: the maximum number allowed to be running. Defaults to 0.
# MIN: the minimum number to be running. Defaults to 0.
#
# Examples:
#
# Make sure mountd is running
#proc mountd
# Make sure there are no more than 4 ntalkds running, but 0 is ok too.
#proc ntalkd 4
# Make sure at least one sendmail, but less than or equal to 10 are running.
#proc sendmail 10 1
# A snmpwalk of the prTable would look something like this:
#
# % snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.2
# enterprises.ucdavis.procTable.prEntry.prIndex.1 = 1
# enterprises.ucdavis.procTable.prEntry.prIndex.2 = 2
# enterprises.ucdavis.procTable.prEntry.prIndex.3 = 3
# enterprises.ucdavis.procTable.prEntry.prNames.1 = "mountd"
# enterprises.ucdavis.procTable.prEntry.prNames.2 = "ntalkd"
# enterprises.ucdavis.procTable.prEntry.prNames.3 = "sendmail"
# enterprises.ucdavis.procTable.prEntry.prMin.1 = 0
# enterprises.ucdavis.procTable.prEntry.prMin.2 = 0
# enterprises.ucdavis.procTable.prEntry.prMin.3 = 1
# enterprises.ucdavis.procTable.prEntry.prMax.1 = 0
# enterprises.ucdavis.procTable.prEntry.prMax.2 = 4
# enterprises.ucdavis.procTable.prEntry.prMax.3 = 10
# enterprises.ucdavis.procTable.prEntry.prCount.1 = 0
# enterprises.ucdavis.procTable.prEntry.prCount.2 = 0
# enterprises.ucdavis.procTable.prEntry.prCount.3 = 1
# enterprises.ucdavis.procTable.prEntry.prErrorFlag.1 = 1
# enterprises.ucdavis.procTable.prEntry.prErrorFlag.2 = 0
# enterprises.ucdavis.procTable.prEntry.prErrorFlag.3 = 0
# enterprises.ucdavis.procTable.prEntry.prErrMessage.1 = "No mountd process running."
# enterprises.ucdavis.procTable.prEntry.prErrMessage.2 = ""
# enterprises.ucdavis.procTable.prEntry.prErrMessage.3 = ""
# enterprises.ucdavis.procTable.prEntry.prErrFix.1 = 0
# enterprises.ucdavis.procTable.prEntry.prErrFix.2 = 0
# enterprises.ucdavis.procTable.prEntry.prErrFix.3 = 0
#
# Note that the errorFlag for mountd is set to 1 because one is not
# running (in this case an rpc.mountd is, but thats not good enough),
# and the ErrMessage tells you what's wrong. The configuration
# imposed in the snmpd.conf file is also shown.
#
# Special Case: When the min and max numbers are both 0, it assumes
# you want a max of infinity and a min of 1.
#
# -----------------------------------------------------------------------------
###############################################################################
# Executables/scripts
#
#
# You can also have programs run by the agent that return a single
# line of output and an exit code. Here are two examples.
#
# exec NAME PROGRAM [ARGS ...]
#
# NAME: A generic name.
# PROGRAM: The program to run. Include the path!
# ARGS: optional arguments to be passed to the program
# a simple hello world
#exec echotest /bin/echo hello world
# Run a shell script containing:
#
# #!/bin/sh
# echo hello world
# echo hi there
# exit 35
#
# Note: this has been specifically commented out to prevent
# accidental security holes due to someone else on your system writing
# a /tmp/shtest before you do. Uncomment to use it.
#
#exec shelltest /bin/sh /tmp/shtest
# Then,
# % snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.8
# enterprises.ucdavis.extTable.extEntry.extIndex.1 = 1
# enterprises.ucdavis.extTable.extEntry.extIndex.2 = 2
# enterprises.ucdavis.extTable.extEntry.extNames.1 = "echotest"
# enterprises.ucdavis.extTable.extEntry.extNames.2 = "shelltest"
# enterprises.ucdavis.extTable.extEntry.extCommand.1 = "/bin/echo hello world"
# enterprises.ucdavis.extTable.extEntry.extCommand.2 = "/bin/sh /tmp/shtest"
# enterprises.ucdavis.extTable.extEntry.extResult.1 = 0
# enterprises.ucdavis.extTable.extEntry.extResult.2 = 35
# enterprises.ucdavis.extTable.extEntry.extOutput.1 = "hello world."
# enterprises.ucdavis.extTable.extEntry.extOutput.2 = "hello world."
# enterprises.ucdavis.extTable.extEntry.extErrFix.1 = 0
# enterprises.ucdavis.extTable.extEntry.extErrFix.2 = 0
# Note that the second line of the /tmp/shtest shell script is cut
# off. Also note that the exit status of 35 was returned.
# -----------------------------------------------------------------------------
###############################################################################
# disk checks
#
# The agent can check the amount of available disk space, and make
# sure it is above a set limit.
# disk PATH [MIN=DEFDISKMINIMUMSPACE]
#
# PATH: mount path to the disk in question.
# MIN: Disks with space below this value will have the Mib's errorFlag set.
# Default value = DEFDISKMINIMUMSPACE.
# Check the / partition and make sure it contains at least 10 megs.
#disk / 10000
# % snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.9
# enterprises.ucdavis.diskTable.dskEntry.diskIndex.1 = 0
# enterprises.ucdavis.diskTable.dskEntry.diskPath.1 = "/" Hex: 2F
# enterprises.ucdavis.diskTable.dskEntry.diskDevice.1 = "/dev/dsk/c201d6s0"
# enterprises.ucdavis.diskTable.dskEntry.diskMinimum.1 = 10000
# enterprises.ucdavis.diskTable.dskEntry.diskTotal.1 = 837130
# enterprises.ucdavis.diskTable.dskEntry.diskAvail.1 = 316325
# enterprises.ucdavis.diskTable.dskEntry.diskUsed.1 = 437092
# enterprises.ucdavis.diskTable.dskEntry.diskPercent.1 = 58
# enterprises.ucdavis.diskTable.dskEntry.diskErrorFlag.1 = 0
# enterprises.ucdavis.diskTable.dskEntry.diskErrorMsg.1 = ""
# -----------------------------------------------------------------------------
###############################################################################
# load average checks
#
# load [1MAX=DEFMAXLOADAVE] [5MAX=DEFMAXLOADAVE] [15MAX=DEFMAXLOADAVE]
#
# 1MAX: If the 1 minute load average is above this limit at query
# time, the errorFlag will be set.
# 5MAX: Similar, but for 5 min average.
# 15MAX: Similar, but for 15 min average.
# Check for loads:
#load 12 14 14
# % snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.10
# enterprises.ucdavis.loadTable.laEntry.loadaveIndex.1 = 1
# enterprises.ucdavis.loadTable.laEntry.loadaveIndex.2 = 2
# enterprises.ucdavis.loadTable.laEntry.loadaveIndex.3 = 3
# enterprises.ucdavis.loadTable.laEntry.loadaveNames.1 = "Load-1"
# enterprises.ucdavis.loadTable.laEntry.loadaveNames.2 = "Load-5"
# enterprises.ucdavis.loadTable.laEntry.loadaveNames.3 = "Load-15"
# enterprises.ucdavis.loadTable.laEntry.loadaveLoad.1 = "0.49" Hex: 30 2E 34 39
# enterprises.ucdavis.loadTable.laEntry.loadaveLoad.2 = "0.31" Hex: 30 2E 33 31
# enterprises.ucdavis.loadTable.laEntry.loadaveLoad.3 = "0.26" Hex: 30 2E 32 36
# enterprises.ucdavis.loadTable.laEntry.loadaveConfig.1 = "12.00"
# enterprises.ucdavis.loadTable.laEntry.loadaveConfig.2 = "14.00"
# enterprises.ucdavis.loadTable.laEntry.loadaveConfig.3 = "14.00"
# enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.1 = 0
# enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.2 = 0
# enterprises.ucdavis.loadTable.laEntry.loadaveErrorFlag.3 = 0
# enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.1 = ""
# enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.2 = ""
# enterprises.ucdavis.loadTable.laEntry.loadaveErrMessage.3 = ""
# -----------------------------------------------------------------------------
###############################################################################
# Extensible sections.
#
# This alleviates the multiple line output problem found in the
# previous executable mib by placing each mib in its own mib table:
# Run a shell script containing:
#
# #!/bin/sh
# echo hello world
# echo hi there
# exit 35
#
# Note: this has been specifically commented out to prevent
# accidental security holes due to someone else on your system writing
# a /tmp/shtest before you do. Uncomment to use it.
#
# exec .1.3.6.1.4.1.2021.50 shelltest /bin/sh /tmp/shtest
# % snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.50
# enterprises.ucdavis.50.1.1 = 1
# enterprises.ucdavis.50.2.1 = "shelltest"
# enterprises.ucdavis.50.3.1 = "/bin/sh /tmp/shtest"
# enterprises.ucdavis.50.100.1 = 35
# enterprises.ucdavis.50.101.1 = "hello world."
# enterprises.ucdavis.50.101.2 = "hi there."
# enterprises.ucdavis.50.102.1 = 0
# Now the Output has grown to two lines, and we can see the 'hi
# there.' output as the second line from our shell script.
#
# Note that you must alter the mib.txt file to be correct if you want
# the .50.* outputs above to change to reasonable text descriptions.
# Other ideas:
#
# exec .1.3.6.1.4.1.2021.51 ps /bin/ps
# exec .1.3.6.1.4.1.2021.52 top /usr/local/bin/top
# exec .1.3.6.1.4.1.2021.53 mailq /usr/bin/mailq
# -----------------------------------------------------------------------------
###############################################################################
# Pass through control.
#
# Usage:
# pass MIBOID EXEC-COMMAND
#
# This will pass total control of the mib underneath the MIBOID
# portion of the mib to the EXEC-COMMAND.
#
# Note: You'll have to change the path of the passtest script to your
# source directory or install it in the given location.
#
# Example: (see the script for details)
# (commented out here since it requires that you place the
# script in the right location. (its not installed by default))
# pass .1.3.6.1.4.1.2021.255 /bin/sh /usr/local/passtest
# % snmpwalk -v 1 -c public localhost .1.3.6.1.4.1.2021.255
# enterprises.ucdavis.255.1 = "life the universe and everything"
# enterprises.ucdavis.255.2.1 = 42
# enterprises.ucdavis.255.2.2 = OID: 42.42.42
# enterprises.ucdavis.255.3 = Timeticks: (363136200) 42 days, 0:42:42
# enterprises.ucdavis.255.4 = IpAddress: 127.0.0.1
# enterprises.ucdavis.255.5 = 42
# enterprises.ucdavis.255.6 = Gauge: 42
#
# % snmpget -v 1 -c public localhost .1.3.6.1.4.1.2021.255.5
# enterprises.ucdavis.255.5 = 42
#
# % snmpset -v 1 -c public localhost .1.3.6.1.4.1.2021.255.1 s "New string"
# enterprises.ucdavis.255.1 = "New string"
#
# For specific usage information, see the man/snmpd.conf.5 manual page
# as well as the local/passtest script used in the above example.
###############################################################################
# Subagent control
#
# The agent can support subagents using a number of extension mechanisms.
# From the 4.2.1 release, AgentX support is being compiled in by default.
# However, this is still experimental code, so should not be used on
# critical production systems.
# Please see the file README.agentx for more details.
#
# If having read, marked, learnt and inwardly digested this information,
# you decide that you do wish to make use of this mechanism, simply
# uncomment the following directive.
#
# master agentx
#
# I repeat - this is *NOT* regarded as suitable for front-line production
# systems, though it is probably stable enough for day-to-day use.
# Probably.
#
# No refunds will be given.
###############################################################################
# Further Information
#
# See the snmpd.conf manual page, and the output of "snmpd -H".
# MUCH more can be done with the snmpd.conf than is shown as an
# example here.

18
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/files/snmptrapd.conf Normal file
View File

@@ -0,0 +1,18 @@
###############################################################################
#
# EXAMPLE.conf:
# An example configuration file for configuring the ucd-snmp snmptrapd agent.
#
###############################################################################
#
# This file is intended to only be an example. If, however, you want
# to use it, it should be placed in /etc/snmp/snmptrapd.conf.
# When the snmptrapd agent starts up, this is where it will look for it.
#
# All lines beginning with a '#' are comments and are intended for you
# to read. All other lines are configuration commands for the agent.
#
# PLEASE: read the snmptrapd.conf(5) manual page as well!
#

83
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-Android-Fix-the-build.patch Normal file
View File

@@ -0,0 +1,83 @@
From b4598662a39ff6974119c900ea56a4d020eac366 Mon Sep 17 00:00:00 2001
From: Bart Van Assche <bvanassche@acm.org>
Date: Wed, 20 Dec 2023 13:08:06 -0800
Subject: [PATCH] Android: Fix the build
Include <sys/select.h> for the fd_set type. In the configure script,
check whether 'unsigned long' is the underlying type of fd_set. Use
u_long instead of ulong.
Upstream-Status: Backport [https://github.com/net-snmp/net-snmp/commit/b4598662a39ff6974119c900ea56a4d020eac366]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
agent/mibgroup/ip-mib/data_access/ipaddress_linux.c | 4 ++--
configure | 2 +-
configure.d/config_project_types | 2 +-
include/net-snmp/types.h | 3 +++
4 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/agent/mibgroup/ip-mib/data_access/ipaddress_linux.c b/agent/mibgroup/ip-mib/data_access/ipaddress_linux.c
index b38beb57dd..232202d0f9 100644
--- a/agent/mibgroup/ip-mib/data_access/ipaddress_linux.c
+++ b/agent/mibgroup/ip-mib/data_access/ipaddress_linux.c
@@ -50,7 +50,7 @@ int _load_v6(netsnmp_container *container, int idx_offset);
int
netsnmp_access_ipaddress_extra_prefix_info(int index,
u_long *preferedlt,
- ulong *validlt,
+ u_long *validlt,
char *addr);
#endif
@@ -523,7 +523,7 @@ out:
int
netsnmp_access_ipaddress_extra_prefix_info(int index, u_long *preferedlt,
- ulong *validlt, char *addr)
+ u_long *validlt, char *addr)
{
struct {
diff --git a/configure b/configure
index e7bf859bba..48abcbab11 100755
--- a/configure
+++ b/configure
@@ -31577,7 +31577,7 @@ CFLAGS="$CFLAGS -Werror"
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for the type of fd_set::fds_bits" >&5
printf %s "checking for the type of fd_set::fds_bits... " >&6; }
-for type in __fd_mask __int32_t long\ int unknown; do
+for type in __fd_mask __int32_t long 'unsigned long' unknown; do
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
diff --git a/configure.d/config_project_types b/configure.d/config_project_types
index a78e8ebb06..ac958d6712 100644
--- a/configure.d/config_project_types
+++ b/configure.d/config_project_types
@@ -66,7 +66,7 @@ netsnmp_save_CFLAGS=$CFLAGS
CFLAGS="$CFLAGS -Werror"
AC_MSG_CHECKING([for the type of fd_set::fds_bits])
-for type in __fd_mask __int32_t long\ int unknown; do
+for type in __fd_mask __int32_t long 'unsigned long' unknown; do
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([
#include <sys/select.h>
#include <stddef.h>
diff --git a/include/net-snmp/types.h b/include/net-snmp/types.h
index b78f53ffd7..6228170e5f 100644
--- a/include/net-snmp/types.h
+++ b/include/net-snmp/types.h
@@ -23,6 +23,9 @@
#endif
#include <sys/types.h>
+#ifdef __ANDROID__
+#include <sys/select.h>
+#endif
#if defined(WIN32) && !defined(cygwin)
typedef HANDLE netsnmp_pid_t;
--
2.44.0

38
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-net-snmp-add-knob-whether-nlist.h-are-checked.patch Normal file
View File

@@ -0,0 +1,38 @@
From 787269b337e70f073e194c3b361eaf4d5f2291ce Mon Sep 17 00:00:00 2001
From: Chong Lu <Chong.Lu@windriver.com>
Date: Thu, 28 May 2020 09:46:34 -0500
Subject: [PATCH] net-snmp: add knob whether nlist.h are checked
Previously, it still was checked when there was no nlish.h in sysroots directory.
Add knob to decide whether nlist.h are checked or not.
Upstream-Status: Pending
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
---
configure.d/config_os_headers | 2 ++
1 file changed, 2 insertions(+)
diff --git a/configure.d/config_os_headers b/configure.d/config_os_headers
index 584064e..c0688f8 100644
--- a/configure.d/config_os_headers
+++ b/configure.d/config_os_headers
@@ -37,6 +37,7 @@ AC_CHECK_HEADERS([getopt.h pthread.h regex.h ] dnl
[sys/timeb.h ])
# Library and Agent:
+if test "x$with_elf" != "xno"; then
AC_CHECK_HEADERS([nlist.h],,,[
AC_INCLUDES_DEFAULT
[
@@ -44,6 +45,7 @@ AC_INCLUDES_DEFAULT
#define LIBBSD_DISABLE_DEPRECATED 1
#endif
]])
+fi
# Library:
AC_CHECK_HEADERS([crt_externs.h ] dnl
--
2.25.1

36
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/0002-net-snmp-fix-libtool-finish.patch Normal file
View File

@@ -0,0 +1,36 @@
From 5f002c3cc46ecf4d4a29571309f2cc0d3d34330f Mon Sep 17 00:00:00 2001
From: "Roy.Li" <rongqing.li@windriver.com>
Date: Fri, 16 Jan 2015 14:14:01 +0800
Subject: [PATCH] net-snmp: fix "libtool --finish"
LIB_LDCONFIG_CMD failed since it is using a host dir $(libdir)
which is /usr/lib64 does not exist on host when compile 64bit
image.
In fact, configuring dynamic linker run-time bindings is meaningless
at this step, If it is needed, Poky would write ldconfig scripts to
rpm-postinst for each recipe while do_package, in package.bbclass.
Upstream-Status: Inappropriate [cross compile specific]
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
---
Makefile.top | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile.top b/Makefile.top
index d1b3923..53e0392 100644
--- a/Makefile.top
+++ b/Makefile.top
@@ -89,7 +89,7 @@ LIBREVISION = 1
LIB_LD_CMD = $(LIBTOOL) --mode=link $(LINKCC) $(CFLAGS) -rpath $(libdir) -version-info $(LIBCURRENT):$(LIBREVISION):$(LIBAGE) @LD_NO_UNDEFINED@ -o
LIB_EXTENSION = la
LIB_VERSION =
-LIB_LDCONFIG_CMD = $(LIBTOOL) --mode=finish $(INSTALL_PREFIX)$(libdir)
+LIB_LDCONFIG_CMD = echo "do not ldconfig\n"
LINK = $(LIBTOOL) --mode=link $(LINKCC)
# RANLIB = @RANLIB@
RANLIB = :
--
2.25.1

37
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/0003-testing-add-the-output-format-for-ptest.patch Normal file
View File

@@ -0,0 +1,37 @@
From 2a1a2b58af09c6c03026474f1fd0db7d36e977c7 Mon Sep 17 00:00:00 2001
From: Jackie Huang <jackie.huang@windriver.com>
Date: Wed, 14 Jan 2015 15:10:06 +0800
Subject: [PATCH] testing: add the output format for ptest
Upstream-Status: Inappropriate [OE specific]
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
---
testing/RUNTESTS | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/testing/RUNTESTS b/testing/RUNTESTS
index 6715831..a2b6fb8 100755
--- a/testing/RUNTESTS
+++ b/testing/RUNTESTS
@@ -17,13 +17,17 @@ failed_count=0
rm -f failed_tests
for i in "${srcdir}"/testing/fulltests/default/T*$1*; do
echo "RUNNING $i"
+ test_name=`basename $i`
${srcdir}/testing/fulltests/support/simple_run $i
if [ $? = 0 ]; then
+ echo "PASS: $test_name"
success_count=`expr $success_count + 1`
else
+ echo "FAIL: $test_name"
failed_count=`expr $failed_count + 1`
echo "$i" >> failed_tests
fi
+ echo
done
if [ -f failed_tests ]; then
--
2.25.1

37
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/0004-config_os_headers-Error-Fix.patch Normal file
View File

@@ -0,0 +1,37 @@
From b1c941c20577578aa5ff3450d9d8d7a23c55d14a Mon Sep 17 00:00:00 2001
From: Li xin <lixin.fnst@cn.fujitsu.com>
Date: Fri, 21 Aug 2015 18:23:13 +0900
Subject: [PATCH] config_os_headers: Error Fix
ERROR: This autoconf log indicates errors, it looked at host include
and/or library paths while determining system capabilities.
cc1: warning: include location "/usr/local/include" is unsafe for cross-compilation [-Wpoison-system-directories]
conftest.c:168:17: fatal error: pkg.h: No such file or directory
#include <pkg.h>
^
Upstream-Status: Pending
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
---
configure.d/config_os_headers | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/configure.d/config_os_headers b/configure.d/config_os_headers
index c0688f8..f68713c 100644
--- a/configure.d/config_os_headers
+++ b/configure.d/config_os_headers
@@ -395,8 +395,8 @@ then
unset ac_cv_header_pkg_h
netsnmp_save_CPPFLAGS="$CPPFLAGS"
netsnmp_save_LDFLAGS="$LDFLAGS"
- CPPFLAGS="$CPPFLAGS -I/usr/local/include"
- LDFLAGS="$LDFLAGS -L/usr/local/lib"
+ CPPFLAGS="$CPPFLAGS"
+ LDFLAGS="$LDFLAGS"
AC_CHECK_HEADERS(pkg.h,
NETSNMP_SEARCH_LIBS(pkg_init, pkg,
AC_DEFINE(HAVE_LIBPKG, 1, [define if you have BSD pkg-ng])))
--
2.25.1

37
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/0005-snmplib-keytools.c-Don-t-check-for-return-from-EVP_M.patch Normal file
View File

@@ -0,0 +1,37 @@
From c790411f9aa82064fea9bbf23b499fb6b7f22c4f Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 18 Sep 2015 00:28:45 -0400
Subject: [PATCH] snmplib/keytools.c: Don't check for return from
EVP_MD_CTX_init()
EVP_MD_CTX_init() API returns void, it fixes errors with new compilers
snmplib/keytools.c: In function 'generate_Ku': error: invalid use of void expression
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
---
snmplib/keytools.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/snmplib/keytools.c b/snmplib/keytools.c
index 388e655..5a66898 100644
--- a/snmplib/keytools.c
+++ b/snmplib/keytools.c
@@ -183,10 +183,7 @@ generate_Ku(const oid * hashtype, u_int hashtype_len,
ctx = EVP_MD_CTX_create();
#else
ctx = malloc(sizeof(*ctx));
- if (!EVP_MD_CTX_init(ctx)) {
- rval = SNMPERR_GENERR;
- goto generate_Ku_quit;
- }
+ EVP_MD_CTX_init(ctx);
#endif
if (!EVP_DigestInit(ctx, hashfn)) {
rval = SNMPERR_GENERR;
--
2.25.1

29
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/0006-get_pid_from_inode-Include-limit.h.patch Normal file
View File

@@ -0,0 +1,29 @@
From 95868615a04b4a6f0dd5997c9726422828426116 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Fri, 22 Jul 2016 18:34:39 +0000
Subject: [PATCH] get_pid_from_inode: Include limit.h
PATH_MAX and NAME_MAX are required by this file
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
agent/mibgroup/util_funcs/get_pid_from_inode.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/agent/mibgroup/util_funcs/get_pid_from_inode.c b/agent/mibgroup/util_funcs/get_pid_from_inode.c
index 5788e1d..ea380a6 100644
--- a/agent/mibgroup/util_funcs/get_pid_from_inode.c
+++ b/agent/mibgroup/util_funcs/get_pid_from_inode.c
@@ -6,6 +6,7 @@
#include <net-snmp/output_api.h>
#include <ctype.h>
+#include <limits.h>
#include <stdio.h>
#ifdef HAVE_STDLIB_H
#include <stdlib.h>
--
2.25.1

30
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/0007-configure-fix-incorrect-variable.patch Normal file
View File

@@ -0,0 +1,30 @@
From 385fa343cf178ccfe2c9a9fd7795d0db3c959fdd Mon Sep 17 00:00:00 2001
From: Wenlin Kang <wenlin.kang@windriver.com>
Date: Wed, 24 May 2017 17:10:20 +0800
Subject: [PATCH] configure: fix incorrect variable
For cross compile platform, this variable will not be correct, so fix it.
Upstream-Status: Inappropriate [cross compile specific]
Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com>
---
Makefile.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile.in b/Makefile.in
index 1c1182e..f947b8c 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -173,7 +173,7 @@ OTHERCLEANTODOS=perlclean @PYTHONCLEANTARGS@ cleanfeatures perlcleanfeatures pyt
#
# override LD_RUN_PATH to avoid dependencies on the build directory
perlmodules: perlmakefiles subdirs
- @(cd perl ; $(MAKE) LD_RUN_PATH="$(libdir):`$(PERL) -e 'use Config; print qq($$Config{archlibexp}/CORE);'`") ; \
+ @(cd perl ; $(MAKE) LD_RUN_PATH="$(libdir):`$(PERL) -e 'use Config; print qq($$Config{installprivlib}/CORE);'`") ; \
if test $$? != 0 ; then \
exit 1 ; \
fi
--
2.25.1

46
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/0008-net-snmp-fix-engineBoots-value-on-SIGHUP.patch Normal file
View File

@@ -0,0 +1,46 @@
From b5cbe0953a7e7a3c77c7ec69dfe81254475f08c0 Mon Sep 17 00:00:00 2001
From: Zheng Ruoqin <zhengrq.fnst@fujitsu.com>
Date: Wed, 9 Jun 2021 15:47:30 +0900
Subject: [PATCH] net snmp: fix engineBoots value on SIGHUP
Upstream-Status: Pending
Signed-off-by: Marian Florea <marian.florea@windriver.com>
Signed-off-by: Li Zhou <li.zhou@windriver.com>
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
---
agent/snmpd.c | 1 +
snmplib/snmpv3.c | 4 ++--
2 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/agent/snmpd.c b/agent/snmpd.c
index fe31c87..d9f68dd 100644
--- a/agent/snmpd.c
+++ b/agent/snmpd.c
@@ -1169,6 +1169,7 @@ snmpd_reconfig(void)
snmp_log(LOG_INFO, "NET-SNMP version %s restarted\n",
netsnmp_get_version());
update_config();
+ snmp_store(app_name);
send_easy_trap(SNMP_TRAP_ENTERPRISESPECIFIC, 3);
#ifdef HAVE_SIGPROCMASK
ret = sigprocmask(SIG_UNBLOCK, &set, NULL);
diff --git a/snmplib/snmpv3.c b/snmplib/snmpv3.c
index be9256f..d17d2e3 100644
--- a/snmplib/snmpv3.c
+++ b/snmplib/snmpv3.c
@@ -1071,9 +1071,9 @@ init_snmpv3_post_config(int majorid, int minorid, void *serverarg,
/*
* if our engineID has changed at all, the boots record must be set to 1
*/
- if (engineIDLen != oldEngineIDLength ||
+ if (oldEngineIDLength != (size_t)0 && (engineIDLen != oldEngineIDLength ||
oldEngineID == NULL || c_engineID == NULL ||
- memcmp(oldEngineID, c_engineID, engineIDLen) != 0) {
+ memcmp(oldEngineID, c_engineID, engineIDLen) != 0)) {
engineBoots = 1;
}
--
2.25.1

32
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/0009-net-snmp-fix-for-disable-des.patch Normal file
View File

@@ -0,0 +1,32 @@
From aa1f157c675da248ed186e020d17cb2528d0be12 Mon Sep 17 00:00:00 2001
From: Jackie Huang <jackie.huang@windriver.com>
Date: Thu, 22 Jun 2017 10:25:08 +0800
Subject: [PATCH] net-snmp: fix for --disable-des
Include des.h only if it's found in openssl so that
the --disable-des works correctly.
Upstream-Status: Submitted [net-snmp-coders@lists.sourceforge.net]
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
---
snmplib/scapi.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/snmplib/scapi.c b/snmplib/scapi.c
index ac77004..7545bfa 100644
--- a/snmplib/scapi.c
+++ b/snmplib/scapi.c
@@ -86,7 +86,9 @@ netsnmp_feature_child_of(usm_scapi, usm_support);
#include <openssl/hmac.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
+#ifdef HAVE_OPENSSL_DES_H
#include <openssl/des.h>
+#endif
#ifdef HAVE_AES
#include <openssl/aes.h>
#endif
--
2.25.1

34
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/0010-net-snmp-Reproducibility-Don-t-check-build-host-for.patch Normal file
View File

@@ -0,0 +1,34 @@
From a96140995d10660046146d9fa75faa5f7faabab0 Mon Sep 17 00:00:00 2001
From: "douglas.royds" <douglas.royds@taitradio.com>
Date: Wed, 21 Nov 2018 13:52:18 +1300
Subject: [PATCH] net-snmp: Reproducibility: Don't check build host for
Reproducible build: Don't check for /etc/printcap on the build machine when
cross-compiling. Use AC_CHECK_FILE to set the cached variable
ac_cv_file__etc_printcap instead. When cross-compiling, this variable should be
set in the environment to "yes" or "no" as appropriate for the target platform.
Upstream-Status: Pending
---
configure.d/config_os_misc4 | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/configure.d/config_os_misc4 b/configure.d/config_os_misc4
index 4c445d6..099257f 100644
--- a/configure.d/config_os_misc4
+++ b/configure.d/config_os_misc4
@@ -99,9 +99,9 @@ if test x$LPSTAT_PATH != x; then
[Path to the lpstat command])
AC_DEFINE(HAVE_LPSTAT, 1, [Set if the lpstat command is available])
fi
-if test -r /etc/printcap; then
+AC_CHECK_FILE([/etc/printcap],
AC_DEFINE(HAVE_PRINTCAP, 1, [Set if /etc/printcap exists])
-fi
+)
# Check ps args
--
2.25.1

40
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/0011-ac_add_search_path.m4-keep-consistent-between-32bit-.patch Normal file
View File

@@ -0,0 +1,40 @@
From 85a6c5017a2cd18a5a66afcb3f6a02276c101ad0 Mon Sep 17 00:00:00 2001
From: Mingli Yu <mingli.yu@windriver.com>
Date: Fri, 29 Jan 2021 08:49:15 +0000
Subject: [PATCH] ac_add_search_path.m4: keep consistent between 32bit and
64bit
With configure option "--with-openssl=${STAGING_EXECPREFIXDIR}", it behaves
differently between 32bit and 64bit system as the openssl lib resides under
/build/tmp/work/corei7-64-wrs-linux/net-snmp/5.9-r0/recipe-sysroot/usr/lib64
for 64bit system, but resides under [1] for 32bit system.
So add the patch to fix the gap between 32bit and 64bit system.
[1] /build/tmp/work/corei7-64-wrs-linux/net-snmp/5.9-r0/recipe-sysroot/usr/lib
Upstream-Status: Inappropriate [configuration specific]
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
---
m4/ac_add_search_path.m4 | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/m4/ac_add_search_path.m4 b/m4/ac_add_search_path.m4
index 8e0a819..e9585bc 100644
--- a/m4/ac_add_search_path.m4
+++ b/m4/ac_add_search_path.m4
@@ -3,8 +3,8 @@ dnl Add a search path to the LIBS and CPPFLAGS variables
dnl
AC_DEFUN([AC_ADD_SEARCH_PATH],[
if test "x$1" != x -a -d $1; then
- if test -d $1/lib; then
- LDFLAGS="-L$1/lib $LDFLAGS"
+ if test -d $1/${libdir:5}; then
+ LDFLAGS="-L$1/${libdir:5} $LDFLAGS"
fi
if test -d $1/include; then
CPPFLAGS="-I$1/include $CPPFLAGS"
--
2.25.1

43
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/0012-Fix-configuration-of-NETSNMP_FD_MASK_TYPE.patch Normal file
View File

@@ -0,0 +1,43 @@
From 21ea0b9ce5cc9445f7ffd7a9020b816681e16284 Mon Sep 17 00:00:00 2001
From: Adam Gajda <adgajda@users.noreply.github.com>
Date: Mon, 2 Oct 2023 16:40:31 +0200
Subject: [PATCH] Fix configuration of NETSNMP_FD_MASK_TYPE
Upstream-Status: Backport
[https://github.com/net-snmp/net-snmp/commit/af1b7f77975bbb2fcbdb3f005f8cb010d1d33cd3]
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
configure | 2 +-
configure.d/config_project_types | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/configure b/configure
index 907d441..f4468c6 100755
--- a/configure
+++ b/configure
@@ -31638,7 +31638,7 @@ CFLAGS="$CFLAGS -Werror"
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for the type of fd_set::fds_bits" >&5
printf %s "checking for the type of fd_set::fds_bits... " >&6; }
-for type in __fd_mask __int32_t unknown; do
+for type in __fd_mask __int32_t long\ int unknown; do
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
diff --git a/configure.d/config_project_types b/configure.d/config_project_types
index 1b4c66b..a78e8eb 100644
--- a/configure.d/config_project_types
+++ b/configure.d/config_project_types
@@ -66,7 +66,7 @@ netsnmp_save_CFLAGS=$CFLAGS
CFLAGS="$CFLAGS -Werror"
AC_MSG_CHECKING([for the type of fd_set::fds_bits])
-for type in __fd_mask __int32_t unknown; do
+for type in __fd_mask __int32_t long\ int unknown; do
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([
#include <sys/select.h>
#include <stddef.h>
--
2.25.1

5
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/run-ptest Normal file
View File

@@ -0,0 +1,5 @@
#!/bin/sh
workdir=$(dirname `realpath $0`)
cd ${workdir}/testing
./RUNTESTS

13
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/snmpd.service Normal file
View File

@@ -0,0 +1,13 @@
[Unit]
Description=Simple Network Management Protocol (SNMP) Daemon.
After=syslog.target network.target
[Service]
Type=notify
Environment=OPTIONS="-Ls0-6d"
EnvironmentFile=-/etc/default/snmpd
ExecStart=/usr/sbin/snmpd $OPTIONS -a -f
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target

13
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp/snmptrapd.service Normal file
View File

@@ -0,0 +1,13 @@
[Unit]
Description=Simple Network Management Protocol (SNMP) Trap Daemon.
After=syslog.target network.target
[Service]
Type=notify
Environment=OPTIONS="-Lsd"
EnvironmentFile=-/etc/default/snmptrapd
ExecStart=/usr/sbin/snmptrapd $OPTIONS -f
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target

296
sources/meta-openembedded/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.4.bb Normal file
View File

@@ -0,0 +1,296 @@
SUMMARY = "Various tools relating to the Simple Network Management Protocol"
HOMEPAGE = "http://www.net-snmp.org/"
SECTION = "net"
LICENSE = "BSD-3-Clause & MIT"
LIC_FILES_CHKSUM = "file://COPYING;md5=9d100a395a38584f2ec18a8275261687"
DEPENDS = "openssl"
DEPENDS:append:class-target = " pciutils"
SRC_URI = "${SOURCEFORGE_MIRROR}/net-snmp/net-snmp-${PV}.tar.gz \
file://init \
file://snmpd.conf \
file://snmptrapd.conf \
file://snmpd.service \
file://snmptrapd.service \
file://run-ptest \
file://0001-net-snmp-add-knob-whether-nlist.h-are-checked.patch \
file://0002-net-snmp-fix-libtool-finish.patch \
file://0003-testing-add-the-output-format-for-ptest.patch \
file://0004-config_os_headers-Error-Fix.patch \
file://0005-snmplib-keytools.c-Don-t-check-for-return-from-EVP_M.patch \
file://0006-get_pid_from_inode-Include-limit.h.patch \
file://0007-configure-fix-incorrect-variable.patch \
file://0008-net-snmp-fix-engineBoots-value-on-SIGHUP.patch \
file://0009-net-snmp-fix-for-disable-des.patch \
file://0010-net-snmp-Reproducibility-Don-t-check-build-host-for.patch \
file://0011-ac_add_search_path.m4-keep-consistent-between-32bit-.patch \
file://0012-Fix-configuration-of-NETSNMP_FD_MASK_TYPE.patch \
file://0001-Android-Fix-the-build.patch \
"
SRC_URI[sha256sum] = "8b4de01391e74e3c7014beb43961a2d6d6fa03acc34280b9585f4930745b0544"
UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/net-snmp/files/net-snmp/"
UPSTREAM_CHECK_REGEX = "/net-snmp/(?P<pver>\d+(\.\d+)+)/"
inherit autotools-brokensep update-rc.d siteinfo systemd pkgconfig perlnative ptest multilib_script multilib_header
EXTRA_OEMAKE = "INSTALL_PREFIX=${D} OTHERLDFLAGS='${LDFLAGS}' HOST_CPPFLAGS='${BUILD_CPPFLAGS}'"
PARALLEL_MAKE = ""
CCACHE = ""
CLEANBROKEN = "1"
TARGET_CC_ARCH += "${LDFLAGS}"
PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6 systemd', d)} des smux"
PACKAGECONFIG[des] = "--enable-des, --disable-des"
PACKAGECONFIG[elfutils] = "--with-elf, --without-elf, elfutils"
PACKAGECONFIG[ipv6] = "--enable-ipv6, --disable-ipv6"
PACKAGECONFIG[libnl] = "--with-nl, --without-nl, libnl"
PACKAGECONFIG[perl] = "--enable-embedded-perl --with-perl-modules=yes, --disable-embedded-perl --with-perl-modules=no, perl"
PACKAGECONFIG[smux] = ""
PACKAGECONFIG[systemd] = "--with-systemd, --without-systemd"
EXTRA_OECONF = " \
--enable-shared \
--disable-manuals \
--with-defaults \
--with-install-prefix=${D} \
--with-persistent-directory=${localstatedir}/lib/net-snmp \
--with-endianness=${@oe.utils.conditional('SITEINFO_ENDIANNESS', 'le', 'little', 'big', d)} \
--with-mib-modules='${MIB_MODULES}' \
"
MIB_MODULES = ""
MIB_MODULES:append = " ${@bb.utils.filter('PACKAGECONFIG', 'smux', d)}"
CACHED_CONFIGUREVARS = " \
ac_cv_header_valgrind_valgrind_h=no \
ac_cv_header_valgrind_memcheck_h=no \
ac_cv_ETC_MNTTAB=/etc/mtab \
lt_cv_shlibpath_overrides_runpath=yes \
ac_cv_path_UNAMEPROG=${base_bindir}/uname \
ac_cv_path_PSPROG=${base_bindir}/ps \
ac_cv_file__etc_printcap=no \
NETSNMP_CONFIGURE_OPTIONS= \
"
PERLPROG = "${bindir}/env perl"
PERLPROG:class-native = "${bindir_native}/env perl"
PERLPROG:append = "${@bb.utils.contains('PACKAGECONFIG', 'perl', ' -I${WORKDIR}', '', d)}"
export PERLPROG
HAS_PERL = "${@bb.utils.contains('PACKAGECONFIG', 'perl', '1', '0', d)}"
PTEST_BUILD_HOST_FILES += "net-snmp-config gen-variables"
do_configure:prepend() {
sed -i -e "s|I/usr/include|I${STAGING_INCDIR}|g" \
"${S}"/configure \
"${S}"/configure.d/config_os_libs2
if [ "${HAS_PERL}" = "1" ]; then
# this may need to be changed when package perl has any change.
cp -f ${STAGING_DIR_TARGET}/usr/lib*/perl?/*/Config.pm ${WORKDIR}/
cp -f ${STAGING_DIR_TARGET}/usr/lib*/perl?/*/*/Config_heavy.pl ${WORKDIR}/
sed -e "s@libpth => '/usr/lib.*@libpth => '${STAGING_DIR_TARGET}/${libdir} ${STAGING_DIR_TARGET}/${base_libdir}',@g" \
-e "s@privlibexp => '/usr@privlibexp => '${STAGING_DIR_TARGET}/usr@g" \
-e "s@scriptdir => '/usr@scriptdir => '${STAGING_DIR_TARGET}/usr@g" \
-e "s@sitearchexp => '/usr@sitearchexp => '${STAGING_DIR_TARGET}/usr@g" \
-e "s@sitelibexp => '/usr@sitearchexp => '${STAGING_DIR_TARGET}/usr@g" \
-e "s@vendorarchexp => '/usr@vendorarchexp => '${STAGING_DIR_TARGET}/usr@g" \
-e "s@vendorlibexp => '/usr@vendorlibexp => '${STAGING_DIR_TARGET}/usr@g" \
-i ${WORKDIR}/Config.pm
fi
}
do_configure:append() {
sed -e "s@^NSC_INCLUDEDIR=.*@NSC_INCLUDEDIR=${STAGING_DIR_TARGET}\$\{includedir\}@g" \
-e "s@^NSC_LIBDIR=-L.*@NSC_LIBDIR=-L${STAGING_DIR_TARGET}\$\{libdir\}@g" \
-e "s@^NSC_LDFLAGS=\"-L.* @NSC_LDFLAGS=\"-L${STAGING_DIR_TARGET}\$\{libdir\} @g" \
-i ${B}/net-snmp-config
}
do_install:append() {
install -d ${D}${sysconfdir}/snmp
install -d ${D}${sysconfdir}/init.d
install -m 755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/snmpd
install -m 644 ${WORKDIR}/snmpd.conf ${D}${sysconfdir}/snmp/
install -m 644 ${WORKDIR}/snmptrapd.conf ${D}${sysconfdir}/snmp/
install -d ${D}${systemd_unitdir}/system
install -m 0644 ${WORKDIR}/snmpd.service ${D}${systemd_unitdir}/system
install -m 0644 ${WORKDIR}/snmptrapd.service ${D}${systemd_unitdir}/system
sed -e "s@^NSC_SRCDIR=.*@NSC_SRCDIR=.@g" \
-i ${D}${bindir}/net-snmp-create-v3-user
sed -e 's@^NSC_SRCDIR=.*@NSC_SRCDIR=.@g' \
-e 's@[^ ]*-ffile-prefix-map=[^ "]*@@g' \
-e 's@[^ ]*-fdebug-prefix-map=[^ "]*@@g' \
-e 's@[^ ]*-fmacro-prefix-map=[^ "]*@@g' \
-e 's@[^ ]*--sysroot=[^ "]*@@g' \
-e 's@[^ ]*--with-libtool-sysroot=[^ "]*@@g' \
-e 's@[^ ]*--with-install-prefix=[^ "]*@@g' \
-e 's@[^ ]*PKG_CONFIG_PATH=[^ "]*@@g' \
-e 's@[^ ]*PKG_CONFIG_LIBDIR=[^ "]*@@g' \
-i ${D}${bindir}/net-snmp-config
sed -e 's@[^ ]*-ffile-prefix-map=[^ "]*@@g' \
-e 's@[^ ]*-fdebug-prefix-map=[^ "]*@@g' \
-e 's@[^ ]*-fmacro-prefix-map=[^ "]*@@g' \
-i ${D}${libdir}/pkgconfig/netsnmp*.pc
# ${STAGING_DIR_HOST} is empty for native builds, and the sed command below
# will result in errors if run for native.
if [ "${STAGING_DIR_HOST}" ]; then
sed -e 's@${STAGING_DIR_HOST}@@g' \
-i ${D}${bindir}/net-snmp-config ${D}${libdir}/pkgconfig/netsnmp*.pc
fi
sed -e "s@^NSC_INCLUDEDIR=.*@NSC_INCLUDEDIR=\$\{includedir\}@g" \
-e "s@^NSC_LIBDIR=-L.*@NSC_LIBDIR=-L\$\{libdir\}@g" \
-e "s@^NSC_LDFLAGS=\"-L.* @NSC_LDFLAGS=\"-L\$\{libdir\} @g" \
-i ${D}${bindir}/net-snmp-config
sed -i -e 's:${HOSTTOOLS_DIR}/::g' ${D}${bindir}/net-snmp-create-v3-user
oe_multilib_header net-snmp/net-snmp-config.h
if [ "${HAS_PERL}" = "1" ]; then
find ${D}${libdir}/ -type f -name "perllocal.pod" | xargs rm -f
fi
}
do_install_ptest() {
install -d ${D}${PTEST_PATH}
for i in ${S}/dist ${S}/include ${B}/include ${S}/mibs ${S}/configure \
${B}/net-snmp-config ${S}/testing; do
if [ -e "$i" ]; then
cp -R --no-dereference --preserve=mode,links -v "$i" ${D}${PTEST_PATH}
fi
done
echo `autoconf -V|awk '/autoconf/{print $NF}'` > ${D}${PTEST_PATH}/dist/autoconf-version
rmdlist="${D}${PTEST_PATH}/dist/net-snmp-solaris-build"
for i in $rmdlist; do
if [ -d "$i" ]; then
rm -rf "$i"
fi
done
}
SYSROOT_PREPROCESS_FUNCS += "net_snmp_sysroot_preprocess"
SNMP_DBGDIR = "${TARGET_DBGSRC_DIR}"
net_snmp_sysroot_preprocess () {
if [ -e ${D}${bindir}/net-snmp-config ]; then
install -d ${SYSROOT_DESTDIR}${bindir_crossscripts}/
install -m 755 ${D}${bindir}/net-snmp-config ${SYSROOT_DESTDIR}${bindir_crossscripts}/
sed -e "s@-I/usr/include@-I${STAGING_INCDIR}@g" \
-e "s@^prefix=.*@prefix=${STAGING_DIR_HOST}${prefix}@g" \
-e "s@^exec_prefix=.*@exec_prefix=${STAGING_EXECPREFIXDIR}@g" \
-e "s@^includedir=.*@includedir=${STAGING_INCDIR}@g" \
-e "s@^libdir=.*@libdir=${STAGING_LIBDIR}@g" \
-e "s@^NSC_SRCDIR=.*@NSC_SRCDIR=${S}@g" \
-e "s@-ffile-prefix-map=${SNMP_DBGDIR}@-ffile-prefix-map=${WORKDIR}=${SNMP_DBGDIR}@g" \
-e "s@-fdebug-prefix-map=${SNMP_DBGDIR}@-fdebug-prefix-map=${WORKDIR}=${SNMP_DBGDIR}@g" \
-e "s@-fdebug-prefix-map= -fdebug-prefix-map=@-fdebug-prefix-map=${STAGING_DIR_NATIVE}= \
-fdebug-prefix-map=${STAGING_DIR_HOST}=@g" \
-e "s@--sysroot=@--sysroot=${STAGING_DIR_HOST}@g" \
-e "s@--with-libtool-sysroot=@--with-libtool-sysroot=${STAGING_DIR_HOST}@g" \
-e "s@--with-install-prefix=@--with-install-prefix=${D}@g" \
-i ${SYSROOT_DESTDIR}${bindir_crossscripts}/net-snmp-config
fi
}
PACKAGES += "${PN}-libs ${PN}-mibs ${PN}-server ${PN}-client \
${PN}-server-snmpd ${PN}-server-snmptrapd \
${PN}-lib-netsnmp ${PN}-lib-agent ${PN}-lib-helpers \
${PN}-lib-mibs ${PN}-lib-trapd"
# perl module
PACKAGES += "${@bb.utils.contains('PACKAGECONFIG', 'perl', '${PN}-perl-modules', '', d)}"
ALLOW_EMPTY:${PN} = "1"
ALLOW_EMPTY:${PN}-server = "1"
ALLOW_EMPTY:${PN}-libs = "1"
FILES:${PN}-perl-modules = "${libdir}/perl?/*"
RDEPENDS:${PN}-perl-modules = "perl"
FILES:${PN}-libs = ""
FILES:${PN}-mibs = "${datadir}/snmp/mibs"
FILES:${PN}-server-snmpd = "${sbindir}/snmpd \
${sysconfdir}/snmp/snmpd.conf \
${sysconfdir}/init.d \
${systemd_unitdir}/system/snmpd.service \
"
FILES:${PN}-server-snmptrapd = "${sbindir}/snmptrapd \
${sysconfdir}/snmp/snmptrapd.conf \
${systemd_unitdir}/system/snmptrapd.service \
"
FILES:${PN}-lib-netsnmp = "${libdir}/libnetsnmp${SOLIBS}"
FILES:${PN}-lib-agent = "${libdir}/libnetsnmpagent${SOLIBS}"
FILES:${PN}-lib-helpers = "${libdir}/libnetsnmphelpers${SOLIBS}"
FILES:${PN}-lib-mibs = "${libdir}/libnetsnmpmibs${SOLIBS}"
FILES:${PN}-lib-trapd = "${libdir}/libnetsnmptrapd${SOLIBS}"
FILES:${PN} = ""
FILES:${PN}-client = "${bindir}/* ${datadir}/snmp/"
FILES:${PN}-dbg += "${libdir}/.debug/ ${sbindir}/.debug/ ${bindir}/.debug/"
FILES:${PN}-dev += "${bindir}/mib2c \
${bindir}/mib2c-update \
${bindir}/net-snmp-config \
${bindir}/net-snmp-create-v3-user \
"
CONFFILES:${PN}-server-snmpd = "${sysconfdir}/snmp/snmpd.conf"
CONFFILES:${PN}-server-snmptrapd = "${sysconfdir}/snmp/snmptrapd.conf"
INITSCRIPT_PACKAGES = "${PN}-server-snmpd"
INITSCRIPT_NAME:${PN}-server-snmpd = "snmpd"
INITSCRIPT_PARAMS:${PN}-server-snmpd = "start 90 2 3 4 5 . stop 60 0 1 6 ."
SYSTEMD_PACKAGES = "${PN}-server-snmpd \
${PN}-server-snmptrapd"
SYSTEMD_SERVICE:${PN}-server-snmpd = "snmpd.service"
SYSTEMD_SERVICE:${PN}-server-snmptrapd = "snmptrapd.service"
RDEPENDS:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'perl', 'net-snmp-perl-modules', '', d)}"
RDEPENDS:${PN} += "net-snmp-client"
RDEPENDS:${PN}-server-snmpd += "net-snmp-mibs"
RDEPENDS:${PN}-server-snmptrapd += "net-snmp-server-snmpd ${PN}-lib-trapd"
RDEPENDS:${PN}-server += "net-snmp-server-snmpd net-snmp-server-snmptrapd"
RDEPENDS:${PN}-client += "net-snmp-mibs net-snmp-libs"
RDEPENDS:${PN}-libs += "libpci \
${PN}-lib-netsnmp \
${PN}-lib-agent \
${PN}-lib-helpers \
${PN}-lib-mibs \
"
RDEPENDS:${PN}-ptest += "perl \
perl-module-test \
perl-module-file-basename \
perl-module-getopt-long \
perl-module-file-temp \
perl-module-data-dumper \
"
RDEPENDS:${PN}-dev = "net-snmp-client (= ${EXTENDPKGV}) net-snmp-server (= ${EXTENDPKGV})"
RRECOMMENDS:${PN}-dbg = "net-snmp-client (= ${EXTENDPKGV}) net-snmp-server (= ${EXTENDPKGV})"
RPROVIDES:${PN}-server-snmpd += "${PN}-server-snmpd-systemd"
RREPLACES:${PN}-server-snmpd += "${PN}-server-snmpd-systemd"
RCONFLICTS:${PN}-server-snmpd += "${PN}-server-snmpd-systemd"
RPROVIDES:${PN}-server-snmptrapd += "${PN}-server-snmptrapd-systemd"
RREPLACES:${PN}-server-snmptrapd += "${PN}-server-snmptrapd-systemd"
RCONFLICTS:${PN}-server-snmptrapd += "${PN}-server-snmptrapd-systemd"
LEAD_SONAME = "libnetsnmp.so"
MULTILIB_SCRIPTS = "${PN}-dev:${bindir}/net-snmp-config"
BBCLASSEXTEND = "native"

23
sources/meta-openembedded/meta-networking/recipes-protocols/nopoll/nopoll_0.4.6.b400.bb Normal file
View File

@@ -0,0 +1,23 @@
SUMMARY = "OpenSource WebSocket Toolkit"
DESCRIPTION = "noPoll is a OpenSource WebSocket implementation (RFC 6455), \
written in ansi C, that allows building pure WebSocket solutions or to \
provide WebSocket support to existing TCP oriented applications.\
\
noPoll provides support for WebSocket (ws://) and TLS (secure) WebSocket (wss://),\
allowing message based (handler notified) programming or stream oriented access."
HOMEPAGE = "http://www.aspl.es/nopoll/"
LICENSE = "LGPL-2.1-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=f0504124678c1b3158146e0630229298 \
"
DEPENDS = "openssl"
SRC_URI = "http://www.aspl.es/nopoll/downloads/nopoll-${PV}.tar.gz \
"
SRC_URI[md5sum] = "8d333f158b5d5a8975a6149e6ef8db63"
SRC_URI[sha256sum] = "7f1b20f1d0525f30cdd2a4fc386d328b4cf98c6d11cef51fe62cd9491ba19ad9"
inherit autotools pkgconfig
EXTRA_OECONF += "--disable-nopoll-doc"
LDFLAGS += "-lpthread"

24
sources/meta-openembedded/meta-networking/recipes-protocols/opcua/open62541/0001-fix-build-do-not-install-git-files.patch Normal file
View File

@@ -0,0 +1,24 @@
From a490e82dca5a669b0af27a13d74759d8f77e2333 Mon Sep 17 00:00:00 2001
From: Vyacheslav Yurkov <v.yurkov@precitec.de>
Date: Mon, 3 Oct 2022 18:25:15 +0200
Subject: [PATCH] fix(build): do not install git files
Signed-off-by: Vyacheslav Yurkov <v.yurkov@precitec.de>
---
Upstream-Status: Backport [https://github.com/open62541/open62541/commit/a0328d4cb527f9778a262fc4a6b42bfbdffc38e9]
CMakeLists.txt | 1 +
1 file changed, 1 insertion(+)
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 1934374e..bc5c8bad 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -1703,6 +1703,7 @@ install(DIRECTORY ${UA_install_tools_dirs}
FILES_MATCHING
PATTERN "*"
PATTERN "*.pyc" EXCLUDE
+ PATTERN ".git*" EXCLUDE
)
install(FILES ${UA_install_tools_files} DESTINATION ${open62541_install_tools_dir})

53
sources/meta-openembedded/meta-networking/recipes-protocols/opcua/open62541_1.3.8.bb Normal file
View File

@@ -0,0 +1,53 @@
DESCRIPTION = "open62541 is an implementation of OPC UA (OPC Unified Architecture)"
HOMEPAGE = "https://github.com/open62541/open62541.git"
LICENSE = "MPL-2.0 & BSD-3-Clause & MIT"
LIC_FILES_CHKSUM = "\
file://LICENSE;md5=815ca599c9df247a0c7f619bab123dad \
file://deps/mdnsd/LICENSE;md5=3bb4047dc4095cd7336de3e2a9be94f0 \
file://deps/mqtt-c/LICENSE;md5=9226377baf0b79174c89a1ab55592456 \
"
SRCREV_FORMAT = "opcua_mdnsd_ua-nodeset_mqtt-c"
SRCREV_opcua = "086b1557d6f49e8a82c999054a7da77d080cd54e"
SRCREV_mdnsd = "3151afe5899dba5125dffa9f4cf3ae1fe2edc0f0"
SRCREV_ua-nodeset = "f71b3f411d5cb16097c3ae0c744f67ad45535ffb"
SRCREV_mqtt-c = "f69ce1e7fd54f3b1834c9c9137ce0ec5d703cb4d"
SRC_URI = " \
git://github.com/open62541/open62541.git;name=opcua;branch=1.3;protocol=https \
git://github.com/Pro/mdnsd.git;name=mdnsd;protocol=https;branch=master;destsuffix=git/deps/mdnsd \
git://github.com/OPCFoundation/UA-Nodeset;name=ua-nodeset;protocol=https;branch=v1.04;destsuffix=git/deps/ua-nodeset \
git://github.com/LiamBindle/MQTT-C.git;name=mqtt-c;protocol=https;branch=master;destsuffix=git/deps/mqtt-c \
file://0001-fix-build-do-not-install-git-files.patch \
"
S = "${WORKDIR}/git"
inherit cmake python3native
EXTRA_OECMAKE += "\
-DBUILD_SHARED_LIBS=ON \
-DUA_NAMESPACE_ZERO=FULL \
-DUA_LOGLEVEL=600 \
-DCMAKE_BUILD_TYPE=RelWithDebInfo \
"
PACKAGECONFIG ?= "encryption-mbedtls pubsub pubsub-eth subscriptions subscriptions-events"
PACKAGECONFIG[amalgamation] = "-DUA_ENABLE_AMALGAMATION=ON, -DUA_ENABLE_AMALGAMATION=OFF"
PACKAGECONFIG[encryption-mbedtls] = "-DUA_ENABLE_ENCRYPTION=MBEDTLS, , mbedtls, , , encryption-openssl"
PACKAGECONFIG[encryption-openssl] = "-DUA_ENABLE_ENCRYPTION=OPENSSL, , openssl, , , encryption-mbedtls"
PACKAGECONFIG[multithreading] = "-DUA_MULTITHREADING=100, -DUA_MULTITHREADING=0"
PACKAGECONFIG[pubsub] = "-DUA_ENABLE_PUBSUB=ON, -DUA_ENABLE_PUBSUB=OFF"
PACKAGECONFIG[pubsub-eth] = "-DUA_ENABLE_PUBSUB_ETH_UADP=ON, -DUA_ENABLE_PUBSUB_ETH_UADP=OFF"
PACKAGECONFIG[subscriptions] = "-DUA_ENABLE_SUBSCRIPTIONS=ON, -DUA_ENABLE_SUBSCRIPTIONS=OFF"
PACKAGECONFIG[subscriptions-events] = "-DUA_ENABLE_SUBSCRIPTIONS_EVENTS=ON, -DUA_ENABLE_SUBSCRIPTIONS_EVENTS=OFF"
PACKAGECONFIG[werror] = "-DUA_FORCE_WERROR=ON, -DUA_FORCE_WERROR=OFF"
do_configure:prepend:toolchain-clang:riscv64() {
sed -i -e 's/set(CMAKE_INTERPROCEDURAL_OPTIMIZATION ON)/set(CMAKE_INTERPROCEDURAL_OPTIMIZATION OFF)/' ${S}/CMakeLists.txt
}
do_configure:prepend:toolchain-clang:riscv32() {
sed -i -e 's/set(CMAKE_INTERPROCEDURAL_OPTIMIZATION ON)/set(CMAKE_INTERPROCEDURAL_OPTIMIZATION OFF)/' ${S}/CMakeLists.txt
}

66
sources/meta-openembedded/meta-networking/recipes-protocols/openflow/openflow/0001-Check-and-use-strlcpy-from-libc-before-defining-own.patch Normal file
View File

@@ -0,0 +1,66 @@
From 7b62e5884353b247f542844d1e4687d0e9211999 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Thu, 20 Jul 2017 04:27:32 -0700
Subject: [PATCH 1/2] Check and use strlcpy from libc before defining own
This is required especially on musl where
function prototype conflicts and causes build
failures.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
Upstream-Status: Pending
configure.ac | 2 +-
lib/util.c | 2 ++
lib/util.h | 1 +
3 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 13064f6..596c43f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -57,7 +57,7 @@ OFP_CHECK_HWTABLES
OFP_CHECK_HWLIBS
AC_SYS_LARGEFILE
-AC_CHECK_FUNCS([strsignal])
+AC_CHECK_FUNCS([strlcpy strsignal])
AC_ARG_VAR(KARCH, [Kernel Architecture String])
AC_SUBST(KARCH)
diff --git a/lib/util.c b/lib/util.c
index 21cc28d..1f341b1 100644
--- a/lib/util.c
+++ b/lib/util.c
@@ -138,6 +138,7 @@ xasprintf(const char *format, ...)
return s;
}
+#ifndef HAVE_STRLCPY
void
strlcpy(char *dst, const char *src, size_t size)
{
@@ -148,6 +149,7 @@ strlcpy(char *dst, const char *src, size_t size)
dst[n_copy] = '\0';
}
}
+#endif
void
ofp_fatal(int err_no, const char *format, ...)
diff --git a/lib/util.h b/lib/util.h
index fde681f..9e45ea9 100644
--- a/lib/util.h
+++ b/lib/util.h
@@ -41,6 +41,7 @@
#include <stdio.h>
#include <string.h>
#include "compiler.h"
+#include "config.h"
#ifndef va_copy
#ifdef __va_copy
--
2.13.3

30
sources/meta-openembedded/meta-networking/recipes-protocols/openflow/openflow/0001-Makefile.am-Specify-export-dynamic-directly-to-linke.patch Normal file
View File

@@ -0,0 +1,30 @@
From 12bba388719c425d9b5cd970d4fabf01edf56aa4 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Wed, 7 Feb 2024 22:33:12 -0800
Subject: [PATCH] Makefile.am: Specify export-dynamic directly to linker
Fixes build with clang-18+
| riscv64-yoe-linux-clang: error: unknown argument: '-export-dynamic'
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile.am b/Makefile.am
index 97ac1f0..e557fe7 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -23,7 +23,7 @@ if NDEBUG
AM_CPPFLAGS += -DNDEBUG
AM_CFLAGS += -fomit-frame-pointer
else
-AM_LDFLAGS = -export-dynamic
+AM_LDFLAGS = -Wl,--export-dynamic
endif
CLEANFILES =
--
2.43.0

33
sources/meta-openembedded/meta-networking/recipes-protocols/openflow/openflow/0001-generate-not-static-get_dh-functions.patch Normal file
View File

@@ -0,0 +1,33 @@
From 0fe6770b617af7e400abc6f8652c1417d4c3575e Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Sat, 8 Sep 2018 22:49:15 -0700
Subject: [PATCH] generate not static get_dh* functions
Fixes build with OpenSSL 1.1.x
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
lib/automake.mk | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/lib/automake.mk b/lib/automake.mk
index bfbeb94..b53909a 100644
--- a/lib/automake.mk
+++ b/lib/automake.mk
@@ -113,8 +113,9 @@ lib/dhparams.c: lib/dh1024.pem lib/dh2048.pem lib/dh4096.pem
(echo '#include "lib/dhparams.h"' && \
openssl dhparam -C -in $(srcdir)/lib/dh1024.pem -noout && \
openssl dhparam -C -in $(srcdir)/lib/dh2048.pem -noout && \
- openssl dhparam -C -in $(srcdir)/lib/dh4096.pem -noout) \
- | sed 's/\(get_dh[0-9]*\)()/\1(void)/' > lib/dhparams.c.tmp
+ openssl dhparam -C -in $(srcdir)/lib/dh4096.pem -noout) | \
+ sed -e 's/\(get_dh[0-9]*\)()/\1(void)/' \
+ -e 's/static DH \*get_dh/DH \*get_dh/' > lib/dhparams.c.tmp
mv lib/dhparams.c.tmp lib/dhparams.c
endif
--
2.18.0

23
sources/meta-openembedded/meta-networking/recipes-protocols/openflow/openflow/0001-socket-util-Include-sys-stat.h-for-fchmod.patch Normal file
View File

@@ -0,0 +1,23 @@
From b875c6e264eaf7350ad4e4ebf427692d8fd3cd72 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 29 Aug 2022 12:58:53 -0700
Subject: [PATCH] socket-util: Include sys/stat.h for fchmod
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
lib/socket-util.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/lib/socket-util.c b/lib/socket-util.c
index c7b5d6d..5b3d602 100644
--- a/lib/socket-util.c
+++ b/lib/socket-util.c
@@ -42,6 +42,7 @@
#include <stdio.h>
#include <string.h>
#include <sys/resource.h>
+#include <sys/stat.h>
#include <sys/un.h>
#include <unistd.h>
#include "fatal-signal.h"

61
sources/meta-openembedded/meta-networking/recipes-protocols/openflow/openflow/0002-lib-netdev-Adjust-header-include-sequence.patch Normal file
View File

@@ -0,0 +1,61 @@
From 5bba224edea38607e8732081f86679ffd8b218ab Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Thu, 20 Jul 2017 04:29:04 -0700
Subject: [PATCH 2/2] lib/netdev: Adjust header include sequence
Specify libc headers before kernel UAPIs
this helps compiling with musl where otherwise
it uses the definition from kernel and complains
about double definition in libc headers
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
Upstream-Status: Pending
lib/netdev.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/lib/netdev.c b/lib/netdev.c
index 3b6fbc5..c7de25e 100644
--- a/lib/netdev.c
+++ b/lib/netdev.c
@@ -39,7 +39,6 @@
#include <fcntl.h>
#include <arpa/inet.h>
#include <inttypes.h>
-#include <linux/if_tun.h>
/* Fix for some compile issues we were experiencing when setting up openwrt
* with the 2.4 kernel. linux/ethtool.h seems to use kernel-style inttypes,
@@ -57,10 +56,6 @@
#define s64 __s64
#endif
-#include <linux/ethtool.h>
-#include <linux/rtnetlink.h>
-#include <linux/sockios.h>
-#include <linux/version.h>
#include <sys/types.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
@@ -68,12 +63,16 @@
#include <net/ethernet.h>
#include <net/if.h>
#include <net/if_arp.h>
-#include <net/if_packet.h>
#include <net/route.h>
#include <netinet/in.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <linux/ethtool.h>
+#include <linux/rtnetlink.h>
+#include <linux/sockios.h>
+#include <linux/version.h>
+#include <linux/if_tun.h>
#include "fatal-signal.h"
#include "list.h"
--
2.13.3

70
sources/meta-openembedded/meta-networking/recipes-protocols/openflow/openflow_git.bb Normal file
View File

@@ -0,0 +1,70 @@
SUMMARY = "OpenFlow communications protocol"
DESCRIPTION = "\
Open standard that enables researchers to run experimental protocols in \
contained networks. OpenFlow is a communications interface between \
control and forwarding planes of a software-defined networking architecture.\
"
HOMEPAGE = "http://www.openflow.org"
SECTION = "net"
LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=e870c934e2c3d6ccf085fd7cf0a1e2e2"
SRCREV = "82ad07d997b0b2ee70e1b2c7e82fcc6d0ccf23ea"
PV = "1.0+git"
SRC_URI = "git://github.com/mininet/openflow;protocol=https;branch=master \
file://0001-Check-and-use-strlcpy-from-libc-before-defining-own.patch \
file://0002-lib-netdev-Adjust-header-include-sequence.patch \
file://0001-generate-not-static-get_dh-functions.patch \
file://0001-socket-util-Include-sys-stat.h-for-fchmod.patch \
file://0001-Makefile.am-Specify-export-dynamic-directly-to-linke.patch \
"
CVE_STATUS[CVE-2015-1611] = "not-applicable-config: Not referred to our implementation of openflow"
CVE_STATUS[CVE-2015-1612] = "not-applicable-config: Not referred to our implementation of openflow"
CVE_STATUS[CVE-2018-1078] = "cpe-incorrect: This CVE is not for this product but cve-check assumes it is \
because two CPE collides when checking the NVD database"
PACKAGECONFIG ??= ""
PACKAGECONFIG[openssl] = "--enable-ssl,--disable-ssl, openssl openssl-native, libssl"
EXTRA_OECONF += " \
KARCH=${TARGET_ARCH} \
${@bb.utils.contains('PACKAGECONFIG', 'openssl', 'SSL_LIBS="-lssl -lcrypto"', '', d)} \
"
DEPENDS:append:libc-musl = " libexecinfo"
LDFLAGS:append:libc-musl = " -lexecinfo"
S = "${WORKDIR}/git"
inherit autotools-brokensep pkgconfig
do_configure:prepend() {
./boot.sh
}
do_install:append() {
# Remove /var/run as it is created on startup
rm -rf ${D}${localstatedir}/run
# /var/log/openflow needs to be created in runtime. Use rmdir to catch if
# upstream stops creating /var/log/openflow, or adds something else in
# /var/log.
rmdir ${D}${localstatedir}/log/${BPN} ${D}${localstatedir}/log
rmdir --ignore-fail-on-non-empty ${D}${localstatedir}
# Create /var/log/openflow in runtime.
if [ "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" ]; then
install -d ${D}${nonarch_libdir}/tmpfiles.d
echo "d ${localstatedir}/log/${BPN} - - - -" > ${D}${nonarch_libdir}/tmpfiles.d/${BPN}.conf
fi
if [ "${@bb.utils.filter('DISTRO_FEATURES', 'sysvinit', d)}" ]; then
install -d ${D}${sysconfdir}/default/volatiles
echo "d root root 0755 ${localstatedir}/log/${BPN} none" > ${D}${sysconfdir}/default/volatiles/99_${BPN}
fi
}
FILES:${PN} += "${nonarch_libdir}/tmpfiles.d"

31
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/0001-Use-1-instead-of-WAIT_ANY.patch Normal file
View File

@@ -0,0 +1,31 @@
From 1f8d336a5cd88b87e15596d05980f6fe77a0f226 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 28 Mar 2017 11:28:41 -0700
Subject: [PATCH 1/4] Use -1 instead of WAIT_ANY
WAIT_ANY is not supported by POSIX and some C libraries
e.g. musl do not define this.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
Upstream-Status: Pending
usl/usl_pid.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/usl/usl_pid.c b/usl/usl_pid.c
index 103458b..9819473 100644
--- a/usl/usl_pid.c
+++ b/usl/usl_pid.c
@@ -78,7 +78,7 @@ int usl_pid_reap_children(int waitfor)
/* Wait for processes in our process group. */
- while (((pid = waitpid(WAIT_ANY, &status, (waitfor ? 0: WNOHANG))) != -1) && (pid != 0)) {
+ while (((pid = waitpid(-1, &status, (waitfor ? 0: WNOHANG))) != -1) && (pid != 0)) {
have_callback = 0;
usl_list_for_each(walk, tmp, &usl_child_list) {
child = usl_list_entry(walk, struct usl_pid_child, list);
--
2.12.1

36
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/0001-l2tp_api-Included-needed-headers.patch Normal file
View File

@@ -0,0 +1,36 @@
From 25dce20a75bc84ae9e4ec640590cef0c12750789 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 28 Mar 2017 17:48:13 -0700
Subject: [PATCH 1/2] l2tp_api: Included needed headers
These are flagged by musl
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
Upstream-Status: Pending
l2tp_api.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/l2tp_api.c b/l2tp_api.c
index d16f80e..9d6f60a 100644
--- a/l2tp_api.c
+++ b/l2tp_api.c
@@ -22,9 +22,12 @@
* Each module implements the required RPC xxx_1_svc() callbacks which
* are called directly by the RPC library.
*/
-
+#define _GNU_SOURCE
+#include <sys/types.h>
+#include <rpc/types.h>
+#include <rpc/xdr.h>
#include <rpc/pmap_clnt.h>
-#include <net/ethernet.h>
+//#include <netinet/in.h>
#include "usl.h"
--
2.12.1

28
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/0001-l2tp_rpc_server.c-Add-missing-prototype-for-l2tp_api.patch Normal file
View File

@@ -0,0 +1,28 @@
From ded84ed583e9b0617bc35ab1798032d18b873144 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 29 Aug 2022 23:30:02 -0700
Subject: [PATCH] l2tp_rpc_server.c: Add missing prototype for
l2tp_api_rpc_check_request
Upstream-Status: Inappropriate [no upstream]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
Makefile | 1 +
1 file changed, 1 insertion(+)
diff --git a/Makefile b/Makefile
index 0815b31..2fa5b2f 100644
--- a/Makefile
+++ b/Makefile
@@ -236,6 +236,7 @@ endif
-$(RM) $@ $@.tmp
$(RPCGEN) $(RPCGENFLAGS) -m -o $@.tmp $<
cat $@.tmp | sed -e 's/switch (rqstp->rq_proc) {/if (l2tp_api_rpc_check_request(transp) < 0) return; switch (rqstp->rq_proc) {/' > $@
+ sed -i '21i int l2tp_api_rpc_check_request(SVCXPRT *xprt);' $@
%_client.c: %.x
-$(RM) $@
--
2.37.2

45
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/0001-lex-yacc-Add-missing-function-prototypes.patch Normal file
View File

@@ -0,0 +1,45 @@
From 2bfdd02d288de92ff118bf41b54c135a6a318c19 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 29 Aug 2022 23:42:11 -0700
Subject: [PATCH] lex/yacc: Add missing function prototypes
Fixes build with clang15
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
l2tp_config_parse.y | 3 +++
l2tp_config_token.l | 3 +++
2 files changed, 6 insertions(+)
diff --git a/l2tp_config_parse.y b/l2tp_config_parse.y
index 4baf1e0..15392d0 100644
--- a/l2tp_config_parse.y
+++ b/l2tp_config_parse.y
@@ -29,6 +29,9 @@ static struct l2tp_api_session_msg_data session;
extern void l2tp_log(int level, char *fmt, ...);
extern void yyfatal(const char *s);
+extern const char *l2tp_strerror(int error);
+extern int yylex (void);
+extern void yyerror(const char *s);
%}
diff --git a/l2tp_config_token.l b/l2tp_config_token.l
index 9016af6..43b8f0a 100644
--- a/l2tp_config_token.l
+++ b/l2tp_config_token.l
@@ -15,6 +15,9 @@
#include "l2tp_config_types.h"
#include "l2tp_config_parse.h"
+extern void l2tp_log(int level, char *fmt, ...);
+extern const char *l2tp_strerror(int error);
+
void yyfatal(const char *s);
void yyerror(const char *s);
--
2.37.2

40
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/0001-test-pppd_dummy.c-Fix-return-value.patch Normal file
View File

@@ -0,0 +1,40 @@
From ce5f5563ab54db9d28dba44a0e25e8a8c7bb9876 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Wed, 19 Oct 2016 00:34:35 +0000
Subject: [PATCH] test/pppd_dummy.c: Fix return value
pause() is defined in unistd.h, clang does not
like the fact that we are using a function without
declaration
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
Upstream-Status: Pending
test/pppd_dummy.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/test/pppd_dummy.c b/test/pppd_dummy.c
index 148e7d2..b564c36 100644
--- a/test/pppd_dummy.c
+++ b/test/pppd_dummy.c
@@ -26,6 +26,7 @@
#include <sys/types.h>
#include <sys/wait.h>
#include <syslog.h>
+#include <unistd.h>
#define PPPD_DUMMY_TMP_FILE "/tmp/pppd_dummy"
@@ -40,7 +41,7 @@ int main(int argc, char **argv)
if (file == NULL) {
syslog(LOG_ERR, "Failed to open %s\n", filename);
- return;
+ return -1;
}
for (arg = 1; arg < argc; arg++) {
--
1.9.1

27
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/0002-cli-include-fcntl.h-for-O_CREAT-define.patch Normal file
View File

@@ -0,0 +1,27 @@
From 2d633f4c18ff3cb52234449fd86a0a63b55d669b Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 28 Mar 2017 11:31:55 -0700
Subject: [PATCH 2/4] cli: include fcntl.h for O_CREAT define
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
Upstream-Status: Pending
cli/cli_readline.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/cli/cli_readline.c b/cli/cli_readline.c
index 097ed6a..127136c 100644
--- a/cli/cli_readline.c
+++ b/cli/cli_readline.c
@@ -24,6 +24,7 @@
#include <sys/file.h>
#include <sys/stat.h>
#include <sys/errno.h>
+#include <fcntl.h>
#include <signal.h>
#include <readline/readline.h>
--
2.12.1

38
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/0002-user-ipv6-structures.patch Normal file
View File

@@ -0,0 +1,38 @@
From a41cbeee3cf660663a9baac80545050a8d960898 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 28 Mar 2017 18:09:58 -0700
Subject: [PATCH 2/2] user ipv6 structures
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Update for ipv6 address compare
Signed-off-by: Changqing Li <changqing.li@windriver.com>
---
Upstream-Status: Pending
l2tp_api.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/l2tp_api.c b/l2tp_api.c
index 9d6f60a..f0946fd 100644
--- a/l2tp_api.c
+++ b/l2tp_api.c
@@ -450,10 +450,12 @@ int l2tp_api_rpc_check_request(SVCXPRT *xprt)
* non-loopback interface, reject the request.
*/
if ((!l2tp_opt_remote_rpc) &&
- ((xprt->xp_raddr.sin_addr.s_addr != htonl(INADDR_LOOPBACK)) &&
- (xprt->xp_raddr.sin_addr.s_addr != htonl(INADDR_ANY)))) {
+ ((memcmp(&xprt->xp_raddr.sin6_addr, &in6addr_loopback, sizeof(struct in6_addr)) != 0) &&
+ (memcmp(&xprt->xp_raddr.sin6_addr, &in6addr_any, sizeof(struct in6_addr)) != 0))) {
+ char straddr[INET6_ADDRSTRLEN];
+ inet_ntop(AF_INET6, &xprt->xp_raddr.sin6_addr, straddr, sizeof(straddr));
if (l2tp_opt_trace_flags & L2TP_DEBUG_API) {
- l2tp_log(LOG_ERR, "Rejecting RPC request from %s", inet_ntoa(xprt->xp_raddr.sin_addr));
+ l2tp_log(LOG_ERR, "Rejecting RPC request from %s", straddr);
}
svcerr_auth(xprt, AUTH_TOOWEAK);
return -EPERM;
--
2.12.1

37
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/0003-cli-Define-_GNU_SOURCE-for-getting-sighandler_t.patch Normal file
View File

@@ -0,0 +1,37 @@
From 74fe72583472bcc3c89a52839cac2ebbad6c8a74 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 28 Mar 2017 11:34:52 -0700
Subject: [PATCH 3/4] cli: Define _GNU_SOURCE for getting sighandler_t
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
Upstream-Status: Pending
cli/cli_readline.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/cli/cli_readline.c b/cli/cli_readline.c
index 127136c..931779b 100644
--- a/cli/cli_readline.c
+++ b/cli/cli_readline.c
@@ -17,7 +17,7 @@
* Boston, MA 02110-1301 USA
*
*****************************************************************************/
-
+#define _GNU_SOURCE
#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>
@@ -634,7 +634,7 @@ static void cli_rl_uninstall_signal_handlers(void)
static int cli_rl_install_signal_handlers(void)
{
- __sighandler_t handler;
+ sighandler_t handler;
rl_catch_signals = 0;
rl_clear_signals();
--
2.12.1

106
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/Makefile-modify-CFLAGS-to-aviod-build-error.patch Normal file
View File

@@ -0,0 +1,106 @@
From 152486fa3c36c3b99d17d5b553cf87ef412fae8e Mon Sep 17 00:00:00 2001
From: Li xin <lixin.fnst@cn.fujitsu.com>
Date: Mon, 1 Dec 2014 01:53:41 +0900
Subject: [PATCH] Makefile:modify CFLAGS to aviod build error.
Upstream-Status: Pending
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
---
Makefile | 22 +++++++++++-----------
plugins/Makefile | 6 +++---
2 files changed, 14 insertions(+), 14 deletions(-)
diff --git a/Makefile b/Makefile
index 4aaa448..baa7882 100644
--- a/Makefile
+++ b/Makefile
@@ -152,10 +152,10 @@ LIBS.dmalloc= -ldmalloc
export USE_DMALLOC
endif
-CPPFLAGS= $(CPPFLAGS.l2tptest) $(CPPFLAGS-y)
-CFLAGS= -I. -Iusl -Icli -isystem include \
- -MMD -Wall -Werror -Wno-strict-aliasing \
- $(CPPFLAGS) $(CPPFLAGS.dmalloc) \
+ADD_CPPFLAGS= $(CPPFLAGS.l2tptest) $(CPPFLAGS-y)
+ADD_CFLAGS= -I. -Iusl -Icli -isystem include \
+ -MMD -Wall -Wno-strict-aliasing \
+ $(ADD_CPPFLAGS) $(CPPFLAGS.dmalloc) \
-DSYS_LIBDIR=$(SYS_LIBDIR)
LDFLAGS.l2tpd= -Wl,-E -L. -Lusl -lusl -ldl $(LIBS.dmalloc) -lc
LDFLAGS.l2tpconfig= -Lcli -lcli -lreadline $(LIBS.dmalloc) $(READLINE_LDFLAGS) -lc
@@ -170,10 +170,10 @@ CFLAGS.optimize= $(OPT_CFLAGS)
endif
export CFLAGS.optimize
-CFLAGS+= $(CFLAGS.optimize)
+ADD_CFLAGS+= $(CFLAGS.optimize)
ifeq ($(L2TP_USE_ASYNC_RPC),y)
-CPPFLAGS+= -DL2TP_ASYNC_RPC
+ADD_CPPFLAGS+= -DL2TP_ASYNC_RPC
endif
ifeq ($(L2TP_FEATURE_RPC_MANAGEMENT),y)
@@ -220,13 +220,13 @@ endif
# Compile without -Wall because rpcgen-generated code is full of warnings.
%_xdr.o: %_xdr.c
- $(CC) -I. -MMD -w $(CFLAGS.optimize) -c $(CPPFLAGS) $<
+ $(CC) -I. -MMD -w $(CFLAGS.optimize) -c $(ADD_CPPFLAGS) $<
%_client.o: %_client.c
- $(CC) -I. -MMD -w $(CFLAGS.optimize) -c $(CPPFLAGS) $<
+ $(CC) -I. -MMD -w $(CFLAGS.optimize) -c $(ADD_CPPFLAGS) $<
%_server.o: %_server.c
- $(CC) -I. -MMD -w $(CFLAGS.optimize) -c $(CPPFLAGS) $<
+ $(CC) -I. -MMD -w $(CFLAGS.optimize) -c $(ADD_CPPFLAGS) $<
%_xdr.c: %.x
-$(RM) $@
@@ -272,7 +272,7 @@ l2tpconfig: $(L2TPCONFIG_SRCS.o)
$(CC) -o $@ $^ $(LDFLAGS.l2tpconfig)
%.o: %.c
- $(CC) -c $(CFLAGS) $< -o $@
+ $(CC) -c $(CFLAGS) $(ADD_CFLAGS) $< -o $@
l2tp_options.h: FORCE
@rm -f $@.tmp
@@ -325,7 +325,7 @@ install: install-all
install-all: all install-daemon install-app
install-daemon:
- @for d in $(filter-out usl,$(SUBDIRS)); do $(MAKE) -C $$d $(MFLAGS) EXTRA_CFLAGS="$(CPPFLAGS)" install; if [ $$? -ne 0 ]; then exit 1; fi; done
+ @for d in $(filter-out usl,$(SUBDIRS)); do $(MAKE) -C $$d $(MFLAGS) EXTRA_CFLAGS="$(CPPFLAGS) $(ADD_CPPFLAGS)" install; if [ $$? -ne 0 ]; then exit 1; fi; done
$(INSTALL) -d $(DESTDIR)/usr/sbin
$(INSTALL) openl2tpd $(DESTDIR)/usr/sbin
diff --git a/plugins/Makefile b/plugins/Makefile
index 5be996d..6810236 100644
--- a/plugins/Makefile
+++ b/plugins/Makefile
@@ -1,7 +1,7 @@
-CFLAGS := $(CFLAGS.optimize) -MMD -Wall \
+ADD_CFLAGS := $(CFLAGS.optimize) -MMD -Wall \
-isystem ../include \
-I. -I.. -I../usl -fPIC $(EXTRA_CFLAGS)
-LDFLAGS := -shared
+ADD_LDFLAGS := -shared
PLUGINS.c:= ppp_unix.c ppp_null.c ipsec.c event_sock.c
@@ -21,7 +21,7 @@ clean:
$(RM) $(PLUGINS.so) $(wildcard *.o) $(wildcard *.d) $(SRC.generated)
%.so: %.c
- $(CC) -o $@ $(LDFLAGS) $(CFLAGS) $<
+ $(CC) -o $@ $(LDFLAGS) $(ADD_LDFLAGS) $(CFLAGS) $(ADD_CFLAGS) $<
install: all
$(INSTALL) -d $(DESTDIR)$(SYS_LIBDIR)/openl2tp
--
1.8.4.2

15
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/Makefile-obey-LDFLAGS.patch Normal file
View File

@@ -0,0 +1,15 @@
Upstream-Status: Pending
--- openl2tp-1.8/Makefile.orig 2016-09-16 14:54:18.554291976 +0200
+++ openl2tp-1.8/Makefile 2016-09-16 14:57:23.559090400 +0200
@@ -157,8 +157,8 @@ ADD_CFLAGS= -I. -Iusl -Icli -isystem i
-MMD -Wall -Wno-strict-aliasing \
$(ADD_CPPFLAGS) $(CPPFLAGS.dmalloc) \
-DSYS_LIBDIR=$(SYS_LIBDIR)
-LDFLAGS.l2tpd= -Wl,-E -L. -Lusl -lusl -ldl $(LIBS.dmalloc) -lc
-LDFLAGS.l2tpconfig= -Lcli -lcli -lreadline $(LIBS.dmalloc) $(READLINE_LDFLAGS) -lc
+LDFLAGS.l2tpd= -Wl,-E -L. -Lusl -lusl -ldl $(LIBS.dmalloc) -lc $(LDFLAGS)
+LDFLAGS.l2tpconfig= -Lcli -lcli -lreadline $(LIBS.dmalloc) $(READLINE_LDFLAGS) -lc $(LDFLAGS)
OPT_CFLAGS?= -O

44
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/fix_linux_4.15_compile.patch Normal file
View File

@@ -0,0 +1,44 @@
This fixes a compile issue introduced with linux kernel 4.15
include/linux/in.h:222:8: error: redefinition of 'struct in_pktinfo'
| struct in_pktinfo {
Upstream-Status: Pending
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Index: openl2tp-1.8/plugins/ppp_unix.c
===================================================================
--- openl2tp-1.8.orig/plugins/ppp_unix.c
+++ openl2tp-1.8/plugins/ppp_unix.c
@@ -25,9 +25,14 @@
#include <fcntl.h>
#include <sys/types.h>
#include <signal.h>
+#include <linux/version.h>
+
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 15, 0)
#include <net/ethernet.h>
#include <net/if.h>
#include <netinet/in.h>
+#endif
+
#include <arpa/inet.h>
#include <sys/stat.h>
#include <unistd.h>
@@ -41,12 +46,12 @@
#define __user
#endif
#include <sys/ioctl.h>
-#include <linux/if_ether.h>
-#include <linux/if_pppox.h>
#include <linux/ppp_defs.h>
#include <linux/if_ppp.h>
+#include <linux/if_pppox.h>
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 15, 0)
#include <linux/if_pppol2tp.h>
-
+#endif
#include "usl.h"
#include "l2tp_private.h"

41
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/openl2tp-simplify-gcc-warning-hack.patch Normal file
View File

@@ -0,0 +1,41 @@
From 460549a3de27f8dd8371b6d6fc1f69d8bffa102b Mon Sep 17 00:00:00 2001
From: Joe MacDonald <joe_macdonald@mentor.com>
Date: Tue, 6 Jan 2015 11:23:21 -0500
Subject: [PATCH] openl2tp: simplify gcc warning hack
The hack to work around the gcc warning causes problems with some modern
gcc configurations. Since the redef behaviour is essentially correct
everywhere and since the hack is still required on 32-bit builders, leave
it in place but remove the #if guard since it is only there to ensure that
the l2tp_private.h file is updated if the rpc source file is changed and
the two get out of sync.
Upstream-Status: Pending
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
---
l2tp_private.h | 6 ------
1 file changed, 6 deletions(-)
diff --git a/l2tp_private.h b/l2tp_private.h
index f3c1af7..cca6806 100644
--- a/l2tp_private.h
+++ b/l2tp_private.h
@@ -89,14 +89,8 @@
* So we redefine the constant with UL suffix to avoid the gcc warning.
* Is there some C preprocessor magic that could avoid having to do this?
*/
-#if L2TP_API_TUNNEL_FLAG_MTU != 2147483648
-#error Constant L2TP_API_TUNNEL_FLAG_MTU changed. Update local definition here.
-#endif
#undef L2TP_API_TUNNEL_FLAG_MTU
#define L2TP_API_TUNNEL_FLAG_MTU 2147483648UL
-#if L2TP_API_SESSION_FLAG_NO_PPP != 2147483648
-#error Constant L2TP_API_SESSION_FLAG_NO_PPP changed. Update local definition here.
-#endif
#undef L2TP_API_SESSION_FLAG_NO_PPP
#define L2TP_API_SESSION_FLAG_NO_PPP 2147483648UL
--
1.9.1

26
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/openl2tpd-enable-tests.patch Normal file
View File

@@ -0,0 +1,26 @@
Upstream-Status: Pending
commit 3e96a6c41bdd26417265a45ed685138d8eed564e
Author: Aws Ismail <aws.ismail@windriver.com>
Date: Fri Sep 14 02:32:53 2012 -0400
openl2tp: Enable tests
Build the test direcctory as part
of the overall build
Signed-off-by: Aws Ismail <aws.ismail@windriver.com>
diff --git a/Makefile b/Makefile
index 412cf4d..adf4f44 100644
--- a/Makefile
+++ b/Makefile
@@ -16,7 +16,7 @@ L2TP_FEATURE_LOCAL_CONF_FILE= y
# Define to include test code. This must be defined to run the
# regression tests
-# L2TP_TEST= y
+L2TP_TEST=y
# Define to compile in debug code. Also makes default trace flags
# enable all messages

35
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/openl2tpd-initscript-fix-sysconfig.patch Normal file
View File

@@ -0,0 +1,35 @@
commit 6ea3125e2bec15004f312814022335d94cdf7e94
Author: Aws Ismail <aws.ismail@windriver.com>
Date: Wed Sep 19 11:34:48 2012 -0400
Fix openl2tp config script location
Correct the location of the sysconfig
script. Use /etc/default/ instead of
/etc/sysconfig/
Signed-off-by: Aws Ismail <aws.ismail@windriver.com>
Upstream-Status: Inappropriate [configuration]
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
diff --git a/etc/rc.d/init.d/openl2tpd b/etc/rc.d/init.d/openl2tpd
index 7f27bb7..4194f63 100755
--- a/etc/rc.d/init.d/openl2tpd
+++ b/etc/rc.d/init.d/openl2tpd
@@ -8,12 +8,12 @@
# can be used to implement L2TP VPNs. As a server, it can handle
# hundreds of tunnels and sessions.
# processname: openl2tpd
-# config: /etc/sysconfig/openl2tpd
+# config: /etc/default/openl2tpd
# pidfile: /var/run/openl2tpd.pid
# Source function library.
. /etc/init.d/functions
-. /etc/sysconfig/openl2tpd
+. /etc/default/openl2tpd
# See how we were called.

32
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/openl2tpd-initscript-fix-warning.patch Normal file
View File

@@ -0,0 +1,32 @@
openl2tp: eliminate warning from modprobe
modprobe will emit alarming warnings if it cannot
find a module, but we only care that it find one
of two possible modules when we start openl2tpd.
Suppress messages from modprobe.
Upstream-Status: Pending
Signed-off-by: Joe Slater <jslater@windriver.com>
--- a/etc/rc.d/init.d/openl2tpd
+++ b/etc/rc.d/init.d/openl2tpd
@@ -29,7 +29,7 @@ start() {
return 1
fi
fi
- modprobe -s pppol2tp || modprobe -s l2tp_ppp
+ modprobe -sq pppol2tp || modprobe -sq l2tp_ppp
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
start-stop-daemon --start --exec openl2tpd $OPENL2TPDARGS
@@ -57,7 +57,7 @@ stop() {
return 1;
fi
killproc openl2tpd
- modprobe -s -r pppol2tp || modprobe -s -r l2tp_ppp
+ modprobe -srq pppol2tp || modprobe -srq l2tp_ppp
echo
rm -f /var/run/openl2tpd.pid
rm -f /var/lock/subsys/openl2tpd

49
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/openl2tpd-initscript-fix.patch Normal file
View File

@@ -0,0 +1,49 @@
commit 7c58a1e244ea83a9e7bbd51a6d354cee25cdbd33
Author: Aws Ismail <aws.ismail@windriver.com>
Date: Wed Sep 12 23:35:40 2012 -0400
Fix openl2tpd initscript
- Correct the location of the retval statement.
- use start-stop-daemon instead of daemon.
Signed-off-by: Aws Ismail <aws.ismail@windriver.com>
Upstream-Status: Inappropriate [OE specific]
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
diff --git a/etc/rc.d/init.d/openl2tpd b/etc/rc.d/init.d/openl2tpd
index ce21b50..7f27bb7 100755
--- a/etc/rc.d/init.d/openl2tpd
+++ b/etc/rc.d/init.d/openl2tpd
@@ -24,7 +24,7 @@ start() {
if [ -e /var/lock/subsys/openl2tpd ]; then
if [ -e /var/run/openl2tpd.pid ] && [ -e /proc/`cat /var/run/openl2tpd.pid` ]; then
echo -n $"cannot start openl2tpd: openl2tpd is already running.";
- failure $"cannot start openl2tpd: openl2tpd already running.";
+ #failure $"cannot start openl2tpd: openl2tpd already running.";
echo
return 1
fi
@@ -32,9 +32,9 @@ start() {
modprobe -s pppol2tp || modprobe -s l2tp_ppp
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
- daemon openl2tpd $OPENL2TPDARGS
+ start-stop-daemon --start --exec openl2tpd $OPENL2TPDARGS
+ RETVAL=$?
fi
- RETVAL=$?
echo
if [ $RETVAL -eq 0 ]; then
touch /var/lock/subsys/openl2tpd
@@ -52,7 +52,7 @@ stop() {
echo -n $"Stopping $prog: "
if [ ! -e /var/lock/subsys/openl2tpd ]; then
echo -n $"cannot stop openl2tpd: openl2tpd is not running."
- failure $"cannot stop openl2tpd: openl2tpd is not running."
+ #failure $"cannot stop openl2tpd: openl2tpd is not running."
echo
return 1;
fi

17
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/openl2tpd.service Normal file
View File

@@ -0,0 +1,17 @@
[Unit]
Description=The open L2TP implementation
After=network.target remote-fs.target nss-lookup.target rpcbind.target
Requires=rpcbind.service
[Service]
Type=forking
PIDFile=/run/openl2tpd.pid
EnvironmentFile=@SYSCONFDIR@/default/openl2tpd
ExecStartPre=@BASE_BINDIR@/sh -c "@BASE_SBINDIR@/modprobe -sq l2tp_ppp || @BASE_SBINDIR@/modprobe -sq pppol2tp"
ExecStart=@SBINDIR@/openl2tpd $OPENL2TPDARGS
ExecStartPost=@BASE_BINDIR@/sh -c 'if [ -n "$OPENL2TPD_CONFIG_FILE" ]; then sleep 1; @BINDIR@/l2tpconfig config restore file=$OPENL2TPD_CONFIG_FILE; fi'
ExecStopPost=@BASE_BINDIR@/sh -c "@BASE_SBINDIR@/modprobe -rsq l2tp_ppp || @BASE_SBINDIR@/modprobe -rsq pppol2tp"
SuccessExitStatus=1
[Install]
WantedBy=multi-user.target

97
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp/run-ptest Normal file
View File

@@ -0,0 +1,97 @@
#!/bin/sh
TMP_DIR=`mktemp -d /tmp/std.26.tmp.XXXXXX`
# restore the file if exist
restore_file()
{
filelist="test_procs.tcl tunnel.test session.test"
for file in ${filelist}
do
if [ -f ${TMP_DIR}/${file} ]; then
mv ${TMP_DIR}/${file} ${OPENL2TP_DIR}
fi
done
}
exit_cus()
{
restore_file
echo $1
exit $2
}
if [ -d /usr/lib64/openl2tp/ptest ]; then
OPENL2TP_DIR="/usr/lib64/openl2tp"
elif [ -d /usr/lib/openl2tp/ptest ]; then
OPENL2TP_DIR="/usr/lib/openl2tp"
else
exit_cus "The openl2tp ptest directory not installed, skip the test" 1
fi
#read -p "Please input the network interface you use to test(such as eth0, em1 etc):" ETH_TEST
echo "Please input the network interface you use to test(such as eth0, em1 etc):"
read ETH_TEST > /dev/null
if [ x"$ETH_TEST" = x ]; then
exit_cus "The network interface cannot be null" 1
fi
ifconfig | grep $ETH_TEST > /dev/null || exit_cus "The network interface you provide is invalid" 1
# check openl2tp related kernel config
zcat /proc/config.gz | grep CONFIG_L2TP=y > /dev/null || exit_cus "Failed to check CONFIG_L2TP=y, skip the tests." 1
zcat /proc/config.gz | grep CONFIG_PPPOL2TP=m > /dev/null || exit_cus "Failed to check CONFIG_PPPOL2TP=m, skip the tests." 1
SYSV_INIT="/etc/init.d/rpcbind"
if [ -e ${SYSV_INIT} ]; then
${SYSV_INIT} status > /dev/null || ${SYSV_INIT} start > /dev/null
else
systemctl status rpcbind > /dev/null || systemctl start rpcbind > /dev/null
fi
which systemctl > /dev/null && systemctl status rpcbind > /dev/null || service rpcbind status > /dev/null
[ $? -ne 0 ] && exit_cus "Failed to start rpcbind service, skip the tests." 1
# backup the below files
cp ${OPENL2TP_DIR}/ptest/test_procs.tcl $TMP_DIR
cp ${OPENL2TP_DIR}/ptest/tunnel.test $TMP_DIR
cp ${OPENL2TP_DIR}/ptest/session.test $TMP_DIR
# customise the config
if [ x"$ETH_TEST" = x ]; then
exit_cus "Please set ETH_TEST which used to test first, skip the tests." 1
fi
sed -i 's/eth2/'\"$ETH_TEST\"'/g' ${OPENL2TP_DIR}/ptest/test_procs.tcl
test_ip="`ifconfig $ETH_TEST | grep 'inet ' | sed 's/^.*inet addr://g' | \
sed 's/ *Mask.*$//g'|sed 's/ *Bcast.*$//g'`"
sed -i 's/192.168.0.1/'"$test_ip"'/g' ${OPENL2TP_DIR}/ptest/tunnel.test
# load module l2tp_ppp
modprobe l2tp_ppp > /dev/null
lsmod | grep l2tp_ppp > /dev/null || exit_cus "FAIL: Load module l2tp_ppp" 2
# start openl2tpd
ps aux | grep openl2tpd | grep -v grep > /dev/null && killall openl2tpd > /dev/null
ppp_path=`rpm -ql openl2tp | grep ppp_null.so`
echo "test it here"
/usr/sbin/openl2tpd -d all -D -f -p ${ppp_path} & > /dev/null
# prepare the test env
rm -rf $OPENL2TP_DIR/results
mkdir -p $OPENL2TP_DIR/results || exit_cus "FAIL: mkdir $OPENL2TP_DIR/results" 2
cp /usr/bin/l2tpconfig ${OPENL2TP_DIR} || exit_cus "FAIL: copy /usr/bin/l2tpconfig to ${OPENL2TP_DIR}" 2
# start the test
cd ${OPENL2TP_DIR}/ptest && tclsh all.tcl -preservecore 3 -verbose bps -tmpdir $OPENL2TP_DIR/results -outfile test-l2tpd.result -constraints "l2tpdRunning peerProfile tunnelProfile sessionProfile pppProfile system" -match "peer_profile-1.1 tunnel_profile-1.1 session_profile-1.1 ppp_profile-1.1 system-1.1"
# check the result
PASSNUM=`grep PASS $OPENL2TP_DIR/results/test-l2tpd.result | wc -l`
FAILNUM=`grep FAIL $OPENL2TP_DIR/results/test-l2tpd.result | wc -l`
if [ $PASSNUM -ne 0 ] && [ $FAILNUM -eq 0 ]; then
echo "PASS: openl2tp"
else
echo "FAIL: openl2tp"
fi
restore_file

96
sources/meta-openembedded/meta-networking/recipes-protocols/openl2tp/openl2tp_1.8.bb Normal file
View File

@@ -0,0 +1,96 @@
SUMMARY = "An L2TP client/server, designed for VPN use."
DESCRIPTION = "OpenL2TP is an open source L2TP client / server, written \
specifically for Linux. It has been designed for use as an enterprise \
L2TP VPN server or in commercial, Linux-based, embedded networking \
products and is able to support hundreds of sessions, each with \
different configuration. It is used by several ISPs to provide \
L2TP services and by corporations to implement L2TP VPNs."
HOMEPAGE = "http://www.openl2tp.org/"
SECTION = "net"
# cli and usl use license LGPL-2.1
LICENSE = "GPL-2.0-only & LGPL-2.1-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=e9d9259cbbf00945adc25a470c1d3585 \
file://LICENSE;md5=f8970abd5ea9be701a0deedf5afd77a5 \
file://cli/LICENSE;md5=9c1387a3c5213aa40671438af3e00793 \
file://usl/LICENSE;md5=9c1387a3c5213aa40671438af3e00793 \
"
DEPENDS = "popt flex readline rpcsvc-proto-native bison-native"
SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${PV}/${BP}.tar.gz \
file://Makefile-modify-CFLAGS-to-aviod-build-error.patch \
file://openl2tp-simplify-gcc-warning-hack.patch \
file://Makefile-obey-LDFLAGS.patch \
file://0001-test-pppd_dummy.c-Fix-return-value.patch \
file://0001-Use-1-instead-of-WAIT_ANY.patch \
file://0002-cli-include-fcntl.h-for-O_CREAT-define.patch \
file://0003-cli-Define-_GNU_SOURCE-for-getting-sighandler_t.patch \
file://0001-l2tp_api-Included-needed-headers.patch \
file://openl2tpd-initscript-fix.patch \
file://openl2tpd-initscript-fix-sysconfig.patch \
file://openl2tpd-initscript-fix-warning.patch \
file://openl2tpd.service \
file://openl2tpd-enable-tests.patch \
file://run-ptest \
file://fix_linux_4.15_compile.patch \
file://0002-user-ipv6-structures.patch \
file://0001-l2tp_rpc_server.c-Add-missing-prototype-for-l2tp_api.patch \
file://0001-lex-yacc-Add-missing-function-prototypes.patch \
"
SRC_URI[md5sum] = "e3d08dedfb9e6a9a1e24f6766f6dadd0"
SRC_URI[sha256sum] = "1c97704d4b963a87fbc0e741668d4530933991515ae9ab0dffd11b5444f4860f"
inherit autotools-brokensep pkgconfig systemd ptest
SYSTEMD_SERVICE:${PN} = "openl2tpd.service"
SYSTEMD_AUTO_ENABLE = "disable"
DEPENDS += "libtirpc"
CPPFLAGS += "-I${STAGING_INCDIR}/tirpc"
CFLAGS += "-I${STAGING_INCDIR}/tirpc"
LDFLAGS += "-ltirpc"
PARALLEL_MAKE = ""
EXTRA_OEMAKE = 'CFLAGS="${CFLAGS} -Wno-unused-but-set-variable" CPPFLAGS="${CPPFLAGS}" OPT_CFLAGS="${CFLAGS}"'
do_compile:prepend() {
sed -i -e "s:SYS_LIBDIR=.*:SYS_LIBDIR=${libdir}:g" \
-e 's:$(CROSS_COMPILE)as:${AS}:g' \
-e 's:$(CROSS_COMPILE)ld:${LD}:g' \
-e 's:$(CROSS_COMPILE)gcc:${CC}:g' \
-e 's:$(CROSS_COMPILE)ar:${AR}:g' \
-e 's:$(CROSS_COMPILE)nm:${NM}:g' \
-e 's:$(CROSS_COMPILE)strip:${STRIP}:g' \
-e 's:$(CROSS_COMPILE)install:install:g' \
-e 's:CPPFLAGS-y:CPPFLAGS:g' \
${S}/Makefile
}
do_install:append () {
install -d ${D}${sysconfdir}/init.d
install -d ${D}${sysconfdir}/default
install -m 0755 ${S}/etc/rc.d/init.d/openl2tpd ${D}${sysconfdir}/init.d/openl2tpd
install -m 0755 ${S}/etc/sysconfig/openl2tpd ${D}${sysconfdir}/default/openl2tpd
if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
install -D -m 0644 ${WORKDIR}/openl2tpd.service ${D}${systemd_system_unitdir}/openl2tpd.service
sed -i -e 's,@STATEDIR@,${localstatedir},g' \
-e 's,@SYSCONFDIR@,${sysconfdir},g' \
-e 's,@SBINDIR@,${sbindir},g' \
-e 's,@BINDIR@,${bindir},g' \
-e 's,@BASE_SBINDIR@,${base_sbindir},g' \
-e 's,@BASE_BINDIR@,${base_bindir},g' \
${D}${systemd_system_unitdir}/openl2tpd.service
fi
}
do_install_ptest () {
for i in all.tcl configfile.test peer_profile.test ppp_profile.test \
session_profile.test session.test system.test test_procs.tcl \
thirdparty_lns.test tunnel_profile.test tunnel.test; do
install -m 0755 ${S}/test/$i ${D}${PTEST_PATH}
done
}
RDEPENDS:${PN} = "ppp ppp-l2tp bash"

28
sources/meta-openembedded/meta-networking/recipes-protocols/openlldp/files/0001-Fix-musl-libc-build-issue.patch Normal file
View File

@@ -0,0 +1,28 @@
From a64e52f9b58519aa2b8a1073fa6c04da04933428 Mon Sep 17 00:00:00 2001
From: Jonathan Richardson <jonathan.richardson@broadcom.com>
Date: Wed, 26 Feb 2020 12:16:38 -0800
Subject: [PATCH] Fix musl libc build issue
clif.h should include sys/types.h for the definition of pid_t. It fails
to compile when using musl libc.
Signed-off-by: Jonathan Richardson <jonathan.richardson@broadcom.com>
---
Upstream-Status: Pending
include/clif.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/clif.h b/include/clif.h
index 648eedf..92f4fd8 100644
--- a/include/clif.h
+++ b/include/clif.h
@@ -32,6 +32,7 @@
#ifndef CLIF_H
#define CLIF_H
+#include <sys/types.h>
#include <sys/un.h>
#include "clif_sock.h"

31
sources/meta-openembedded/meta-networking/recipes-protocols/openlldp/files/0001-autotools-Add-include-path-to-generated-version.h.patch Normal file
View File

@@ -0,0 +1,31 @@
From eb14aa66dc0384071af401cced8c02993b55502e Mon Sep 17 00:00:00 2001
From: Jonathan Richardson <jonathan.richardson@broadcom.com>
Date: Wed, 26 Feb 2020 15:54:51 -0800
Subject: [PATCH] autotools: Add include path to generated version.h
When the build dir isn't the same as source dir it fails to compile
because the generated version.h from AC_CONFIG_FILES is always in build
dir. Include the path to it in AM_CPPFLAGS.
Signed-off-by: Jonathan Richardson <jonathan.richardson@broadcom.com>
---
Upstream-Status: Pending
Makefile.am | 3 +++
1 file changed, 3 insertions(+)
diff --git a/Makefile.am b/Makefile.am
index 0fb9bb0..2952019 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -14,6 +14,9 @@ endif
AM_CPPFLAGS = -I${srcdir}/include -DSYSCONFDIR="\"${sysconfdir}\"" \
-D_FORTIFY_SOURCE=2
+# Required for the generated version.h when build dir is not the same as srcdir.
+AM_CPPFLAGS += -I${top_builddir}/include
+
ACLOCAL_AMFLAGS = -I m4
parse_cli.o: CFLAGS+=-U_FORTIFY_SOURCE -Wno-error

59
sources/meta-openembedded/meta-networking/recipes-protocols/openlldp/files/0001-autotools-Add-option-to-disable-installation-of-syst.patch Normal file
View File

@@ -0,0 +1,59 @@
From 7147add9fedfb28909639ae419f995041d086266 Mon Sep 17 00:00:00 2001
From: Jonathan Richardson <jonathan.richardson@broadcom.com>
Date: Fri, 6 Apr 2018 10:49:04 -0700
Subject: [PATCH] autotools: Add option to disable installation of systemd conf
files
Add option to configure.ac to enable or disable install of systemd conf
files. If --with-systemdsystemunitdir is passed to configure then the
files will be installed to the provided directory. If the option isn't
provided then the value is determined from the systemd pkgconfig file,
if found in PKG_CONFIG_PATH.
This change is required because Makefile.am always installed the files
to a hard coded path that couldn't be changed.
Signed-off-by: Jonathan Richardson <jonathan.richardson@broadcom.com>
---
Upstream-Status: Pending
Makefile.am | 3 ++-
configure.ac | 9 +++++++++
2 files changed, 11 insertions(+), 1 deletion(-)
diff --git a/Makefile.am b/Makefile.am
index 86174e9..e90e966 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -141,8 +141,9 @@ install-data-hook: installdirs-local
pkgconfigdir = ${libdir}/pkgconfig
pkgconfig_DATA = lldpad.pc liblldp_clif.pc
-systemdsystemunitdir = $(prefix)/lib/systemd/system
+if HAVE_SYSTEMD
dist_systemdsystemunit_DATA = lldpad.service lldpad.socket
+endif
bashcompletiondir = $(sysconfdir)/bash_completion.d
dist_bashcompletion_DATA = contrib/bash_completion/lldpad contrib/bash_completion/lldptool
diff --git a/configure.ac b/configure.ac
index fa2f3a0..1a038cd 100644
--- a/configure.ac
+++ b/configure.ac
@@ -132,6 +132,15 @@ AC_TYPE_UINT16_T
AC_TYPE_UINT32_T
AC_TYPE_UINT8_T
+# Support for systemd unit files.
+AC_ARG_WITH([systemdsystemunitdir],
+ AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]),
+ [], [with_systemdsystemunitdir=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)])
+if test "x$with_systemdsystemunitdir" != xno; then
+ AC_SUBST([systemdsystemunitdir], [$with_systemdsystemunitdir])
+fi
+AM_CONDITIONAL(HAVE_SYSTEMD, [test -n "$with_systemdsystemunitdir" -a "x$with_systemdsystemunitdir" != xno ])
+
AC_CONFIG_FILES([Makefile include/version.h lldpad.spec lldpad.pc liblldp_clif.pc])
AC_CONFIG_MACRO_DIR([m4])
AC_OUTPUT

23
sources/meta-openembedded/meta-networking/recipes-protocols/openlldp/files/0004-clif-Include-string.h-for-mem-function-prototypes.patch Normal file
View File

@@ -0,0 +1,23 @@
From d88aae2230683517b6d5b62cced51da81317a722 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 29 Aug 2022 22:37:14 -0700
Subject: [PATCH] clif: Include string.h for mem* function prototypes
Upstream-Status: Submitted [https://github.com/intel/openlldp/pull/86]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
clif.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/clif.c b/clif.c
index cad6f75..0758a7e 100644
--- a/clif.c
+++ b/clif.c
@@ -32,6 +32,7 @@
#include <stdlib.h>
#include <stdio.h>
+#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/socket.h>

32
sources/meta-openembedded/meta-networking/recipes-protocols/openlldp/openlldp_1.1.1.bb Normal file
View File

@@ -0,0 +1,32 @@
SUMMARY = "Open-LLDP"
DESCRIPTION = "Link Layer Discovery Protocol for Linux that includes support for DCBX"
HOMEPAGE = "http://open-lldp.org/start"
LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=8c2bc283e65df398ced5f5b747e78162"
S = "${WORKDIR}/git"
inherit pkgconfig autotools
inherit ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}
DEPENDS = "libnl libconfig readline"
SRCREV = "f1dd9eb961fab06723d2bedb2f7e2b81e45ee9ab"
PV .= "+git"
SRC_URI = "git://github.com/intel/openlldp.git;protocol=https;branch=branch-1.1 \
file://0001-Fix-musl-libc-build-issue.patch \
file://0001-autotools-Add-include-path-to-generated-version.h.patch \
file://0001-autotools-Add-option-to-disable-installation-of-syst.patch \
file://0004-clif-Include-string.h-for-mem-function-prototypes.patch \
"
# Enable install of systemd conf files.
EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--with-systemdsystemunitdir=${systemd_system_unitdir}', '', d)}"
SYSTEMD_SERVICE:${PN} = "lldpad.service lldpad.socket"
# To enable service at boot set to enable in local.conf.
SYSTEMD_AUTO_ENABLE ?= "disable"
RRECOMMENDS:${PN} = "iproute2-tc"

30
sources/meta-openembedded/meta-networking/recipes-protocols/pptp-linux/pptp-linux/options.pptp Normal file
View File

@@ -0,0 +1,30 @@
#
# Lock the port
#
lock
#
# We don't need the tunnel server to authenticate itself
#
noauth
#
# Turn off transmission protocols we know won't be used
#
nobsdcomp
nodeflate
#
# We want MPPE
# (option naming specific to ppp 2.4.0 with unofficial patch)
#
#mppe-40
mppe-128
#mppe-stateless
#
# We want a sane mtu/mru
# (ppp 2.4.0 with unofficial patch)
#
#mtu 1000
#mru 1000

32
sources/meta-openembedded/meta-networking/recipes-protocols/pptp-linux/pptp-linux_1.10.0.bb Normal file
View File

@@ -0,0 +1,32 @@
SUMMARY = "Client for Microsoft PPTP VPNs"
DESCRIPTION = "PPTP Client is a Linux, FreeBSD, NetBSD \
and OpenBSD client for the proprietary Microsoft Point-to-Point \
Tunneling Protocol, PPTP. Allows connection to a PPTP based \
Virtual Private Network (VPN) as used by employers and some \
cable and ADSL internet service providers."
HOMEPAGE = "http://pptpclient.sourceforge.net"
SECTION = "net"
LICENSE = "GPL-2.0-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
inherit perlnative
SRC_URI = "${SOURCEFORGE_MIRROR}/sourceforge/pptpclient/pptp-${PV}.tar.gz \
file://options.pptp \
"
SRC_URI[md5sum] = "8d25341352fdae5ad5b36b9f18254908"
SRC_URI[sha256sum] = "82492db8e487ce73b182ee7f444251d20c44f5c26d6e96c553ec7093aefb5af4"
S = "${WORKDIR}/pptp-${PV}"
EXTRA_OEMAKE = "-e MAKEFLAGS="
do_install() {
install -d ${D}${sbindir} ${D}${sysconfdir}/ppp ${D}${mandir}/man8
install -m 555 pptp ${D}${sbindir}
install -m 644 pptp.8 ${D}${mandir}/man8
install -m 644 ${WORKDIR}/options.pptp ${D}${sysconfdir}/ppp
}
RDEPENDS:${PN} = "ppp"

84
sources/meta-openembedded/meta-networking/recipes-protocols/radiusclient-ng/radiusclient-ng/Modify-configure.in-and-etc-Makefile.am.patch Normal file
View File

@@ -0,0 +1,84 @@
From 45b97b474ce2d0ad56828db11edde8562bb47a43 Mon Sep 17 00:00:00 2001
From: Li xin <lixin.fnst@cn.fujitsu.com>
Date: Tue, 2 Dec 2014 02:33:53 +0900
Subject: [PATCH] Modify configure.in and etc/Makefile.am
this patch is from Fedora to fix error:
"conftest.c:26:9: error: unknown type name 'not'"
Upstream-Status: Pending
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
---
configure.in | 6 +++++-
etc/Makefile.am | 9 ++++++---
etc/radiusclient.conf.in | 2 +-
3 files changed, 12 insertions(+), 5 deletions(-)
diff --git a/configure.in b/configure.in
index 812f640..3a8af99 100644
--- a/configure.in
+++ b/configure.in
@@ -29,6 +29,9 @@ AC_SUBST(LIBVERSION)
pkgsysconfdir=${sysconfdir}/$PACKAGE
AC_SUBST(pkgsysconfdir)
+pkgdatadir=${datadir}/$PACKAGE
+AC_SUBST(pkgdatadir)
+
AC_PROG_LIBTOOL
AC_PROG_CC
@@ -118,7 +121,8 @@ then
],
AC_MSG_RESULT(yes)
AC_DEFINE(HAVE_STRUCT_UTSNAME_DOMAINNAME),
- AC_MSG_RESULT(no)
+ AC_MSG_RESULT(no),
+ AC_MSG_RESULT(assume no),
)
fi
diff --git a/etc/Makefile.am b/etc/Makefile.am
index 39b6975..a3c403f 100644
--- a/etc/Makefile.am
+++ b/etc/Makefile.am
@@ -14,9 +14,11 @@ CLEANFILES = *~ radiusclient.conf
sbindir = @sbindir@
pkgsysconfdir = @pkgsysconfdir@
-pkgsysconf_DATA = issue port-id-map radiusclient.conf \
- dictionary dictionary.ascend dictionary.compat dictionary.merit \
- dictionary.sip
+pkgsysconf_DATA = issue port-id-map radiusclient.conf
+
+pkgdatadir = @pkgdatadir@
+pkgdata_DATA = dictionary dictionary.ascend dictionary.compat \
+ dictionary.merit dictionary.sip
EXTRA_DIST = issue port-id-map dictionary dictionary.ascend \
dictionary.compat dictionary.merit servers radiusclient.conf.in \
@@ -25,6 +27,7 @@ EXTRA_DIST = issue port-id-map dictionary dictionary.ascend \
radiusclient.conf: radiusclient.conf.in
sed -e 's|@sbin''dir@|$(sbindir)|g' \
-e 's|@pkgsysconf''dir@|$(pkgsysconfdir)|g' \
+ -e 's|@pkgdata''dir@|$(pkgdatadir)|g' \
<$(srcdir)/radiusclient.conf.in >radiusclient.conf
install-data-local: servers
diff --git a/etc/radiusclient.conf.in b/etc/radiusclient.conf.in
index 948bc2f..aac9973 100644
--- a/etc/radiusclient.conf.in
+++ b/etc/radiusclient.conf.in
@@ -47,7 +47,7 @@ servers @pkgsysconfdir@/servers
# dictionary of allowed attributes and values
# just like in the normal RADIUS distributions
-dictionary @pkgsysconfdir@/dictionary
+dictionary @pkgdatadir@/dictionary
# program to call for a RADIUS authenticated login
login_radius @sbindir@/login.radius
--
1.8.4.2

1
sources/meta-openembedded/meta-networking/recipes-protocols/radiusclient-ng/radiusclient-ng/config-site.radiusclient-ng-0.5.6 Normal file
View File

@@ -0,0 +1 @@
ac_cv_func_uname=no

37
sources/meta-openembedded/meta-networking/recipes-protocols/radiusclient-ng/radiusclient-ng_0.5.6.bb Normal file
View File

@@ -0,0 +1,37 @@
SUMMARY = "RADIUS protocol client library"
DESCRIPTION = "Portable, easy-to-use and standard compliant library suitable \
for developing free and commercial software that need support for a RADIUS \
protocol (RFCs 2128 and 2139)."
HOMEPAGE = "http://sourceforge.net/projects/radiusclient-ng.berlios/"
SECTION = "net"
SRC_URI = "http://archive.ubuntu.com/ubuntu/pool/universe/r/${BPN}/${BPN}_${PV}.orig.tar.gz \
file://Modify-configure.in-and-etc-Makefile.am.patch \
file://config-site.radiusclient-ng-${PV}"
SRC_URI[sha256sum] = "282a9f1355f190efbb06c0d7c4e062eaa652caf342ed3ad361ac595f72f09f14"
LICENSE = "BSD-3-Clause & BSD-2-Clause & HPND"
LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=3e47566c9271b786693d8a08792dbf41"
inherit autotools-brokensep
DEPENDS += "virtual/crypt"
EXTRA_OECONF += "--disable-static"
do_configure:prepend () {
export CONFIG_SITE=./config-site.${P}
}
do_compile:prepend() {
for m in `find . -name "Makefile"` ; do
sed -i -e 's:^program_transform_name =.*:program_transform_name =:g' ${m}
done
}
do_install() {
oe_runmake DESTDIR=${D} install
rm -f ${D}${libdir}/*.la
rm -f ${D}${sbindir}/radexample
}

30
sources/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/0001-ppoe-Dont-include-linux-if_ether.h.patch Normal file
View File

@@ -0,0 +1,30 @@
From fdb64d21560bfdafeefccc7d20e105e4857faa99 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 28 Mar 2017 19:20:07 -0700
Subject: [PATCH] ppoe: Dont include linux/if_ether.h
Fixes build with musl
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
Upstream-Status: Pending
src/pppoe.h | 4 ----
1 file changed, 4 deletions(-)
diff --git a/src/pppoe.h b/src/pppoe.h
index ec067a0..281879c 100644
--- a/src/pppoe.h
+++ b/src/pppoe.h
@@ -127,10 +127,6 @@ typedef unsigned long UINT32_t;
#error Could not find a 32-bit integer type
#endif
-#ifdef HAVE_LINUX_IF_ETHER_H
-#include <linux/if_ether.h>
-#endif
-
#include <netinet/in.h>
#ifdef HAVE_NETINET_IF_ETHER_H

25
sources/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/0002-Enable-support-for-the-kernel-module.patch Normal file
View File

@@ -0,0 +1,25 @@
From 31b6eecd7e5ebfb9a37915f28823e5af9d1062b4 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Tue, 28 Mar 2017 19:24:53 -0700
Subject: [PATCH] Enable support for the kernel module
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
Upstream-Status: Pending
src/configure.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/configure.in b/src/configure.in
index cae0976..951a042 100644
--- a/src/configure.in
+++ b/src/configure.in
@@ -33,6 +33,7 @@ AC_CHECK_HEADERS(linux/if_pppox.h, [], [],
#include<net/ethernet.h>
#include<linux/if.h>
#include<linux/in.h>
+#include<linux/in6.h>
])
dnl Checks for typedefs, structures, and compiler characteristics.

21
sources/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/configure.patch Normal file
View File

@@ -0,0 +1,21 @@
From c96dda04ec024bdef2a15d374e5f8242e041cad4 Mon Sep 17 00:00:00 2001
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Date: Fri, 18 Jul 2014 08:25:16 +0000
---
Upstream-Status: Pending
configure.in | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/configure.in b/configure.in
index ac1a7e4..11b9f31 100644
--- a/configure.in
+++ b/configure.in
@@ -1,4 +1,4 @@
-AC_INIT(src/pppoe.c)
-AM_INIT_AUTOMAKE([rp-pppoe], [3.8])
+AC_INIT([rp-pppoe], [3.8])
+AM_INIT_AUTOMAKE([foreign])
AC_CONFIG_SUBDIRS(src)
AC_OUTPUT(Makefile)

133
sources/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/configure_in_cross.patch Normal file
View File

@@ -0,0 +1,133 @@
From 172907f31d64da4c3f289a439fd605d2ab51b24a Mon Sep 17 00:00:00 2001
From: Lei Maohui <leimaohui@cn.fujitsu.com>
Date: Wed, 19 Aug 2015 12:17:03 +0900
Subject: [PATCH] configure in cross
Update the configure script to cross-compiling with OE. This hard-codes
a few target paths, reworks a few tests to be more friendly for cross
and drops other tests.
Upstream-Status: Inappropriate [build system specific changes]
---
src/configure.in | 62 ++++++++++--------------------------------------
1 file changed, 12 insertions(+), 50 deletions(-)
diff --git a/src/configure.in b/src/configure.in
index 4add50c..9dff457 100644
--- a/src/configure.in
+++ b/src/configure.in
@@ -5,6 +5,13 @@ AC_INIT(pppoe.c)
dnl pppd directory for kernel-mode PPPoE
PPPD_DIR=ppp-2.4.1.pppoe2
+dnl hard code some paths
+PPPD=/usr/sbin/pppd
+ID=/usr/bin/id
+ECHO=/bin/echo
+AC_ARG_VAR(PPPD)
+AC_ARG_VAR(ID)
+
AC_CONFIG_HEADER(config.h)
AC_PREFIX_DEFAULT(/usr)
@@ -45,7 +52,7 @@ ac_cv_struct_sockaddr_ll=no)
AC_MSG_RESULT($ac_cv_struct_sockaddr_ll)
if test "$ac_cv_struct_sockaddr_ll" = yes ; then
-AC_DEFINE(HAVE_STRUCT_SOCKADDR_LL)
+AC_DEFINE([HAVE_STRUCT_SOCKADDR_LL], [], [Have struct SOCKADDR_LL])
fi
dnl Check for N_HDLC line discipline
@@ -58,7 +65,7 @@ AC_TRY_COMPILE([
ac_cv_n_hdlc=no)
AC_MSG_RESULT($ac_cv_n_hdlc)
if test "$ac_cv_n_hdlc" = yes ; then
-AC_DEFINE(HAVE_N_HDLC)
+AC_DEFINE([HAVE_N_HDLC], [], [Have N_HDLC])
fi
AC_ARG_ENABLE(plugin, [ --enable-plugin=pppd_src_path build pppd plugin], ac_cv_pluginpath=$enableval, ac_cv_pluginpath=no)
@@ -106,7 +113,7 @@ PPPD_INCDIR=""
if test "$ac_cv_header_linux_if_pppox_h" = yes ; then
if test "$ac_cv_pluginpath" != no ; then
LINUX_KERNELMODE_PLUGIN=rp-pppoe.so
- AC_DEFINE(HAVE_LINUX_KERNEL_PPPOE)
+ AC_DEFINE([HAVE_LINUX_KERNEL_PPPOE], [], [Have kernel PPPoE])
PPPD_INCDIR=$ac_cv_pluginpath
fi
fi
@@ -116,7 +123,7 @@ if test "$PPPD_INCDIR" = "" ; then
fi
if test "$ac_cv_debugging" = "yes" ; then
- AC_DEFINE(DEBUGGING_ENABLED)
+ AC_DEFINE([DEBUGGING_ENABLED], [], [Debugging enabled])
fi
AC_SUBST(LINUX_KERNELMODE_PLUGIN)
@@ -142,17 +149,8 @@ AC_CHECK_SIZEOF(unsigned short)
AC_CHECK_SIZEOF(unsigned int)
AC_CHECK_SIZEOF(unsigned long)
-dnl Check for location of ip
-AC_PATH_PROG(IP, ip, NOTFOUND, $PATH:/bin:/sbin:/usr/bin:/usr/sbin)
-
-dnl Check for location of pppd
-AC_PATH_PROG(PPPD, pppd, NOTFOUND, $PATH:/sbin:/usr/sbin:/usr/local/sbin)
-
-dnl Check for setsid (probably Linux-specific)
-AC_PATH_PROG(SETSID, setsid, "", $PATH:/sbin:/usr/sbin:/usr/local/sbin)
-
dnl Check for an "id" which accepts "-u" option -- hack for Solaris.
-AC_PATH_PROG(ID, id, "", /usr/xpg4/bin:$PATH)
+dnl AC_PATH_PROG(ID, id, "", /usr/xpg4/bin:$PATH)
dnl Check for Linux-specific kernel support for PPPoE
AC_MSG_CHECKING(for Linux 2.4.X kernel-mode PPPoE support)
@@ -195,42 +193,6 @@ if test "$GCC" = yes; then
CFLAGS="$CFLAGS -fno-strict-aliasing -Wall -Wstrict-prototypes"
fi
-dnl If we couldn't find pppd, die
-if test "$PPPD" = "NOTFOUND"; then
- AC_MSG_WARN([*** Oops! I couldn't find pppd, the PPP daemon anywhere.])
- AC_MSG_WARN([*** You must install pppd, version 2.3.10 or later.])
- AC_MSG_WARN([*** I will keep going, but it may not work.])
- PPPD=pppd
-fi
-
-dnl Figure out pppd version. 2.3.7 to 2.3.9 -- issue warning. Less than
-dnl 2.3.7 -- stop
-
-PPPD_VERSION=`$PPPD --version 2>&1 | awk ' /version/ {print $NF}'`
-
-case "$PPPD_VERSION" in
-1.*|2.0.*|2.1.*|2.2.*|2.3.0|2.3.1|2.3.2|2.3.3|2.3.4|2.3.5|2.3.6)
- AC_MSG_WARN([*** Oops! Your version of pppd is $PPPD_VERSION, which is too old.])
- AC_MSG_WARN([*** You need at least 2.3.7 (2.3.10 or newer recommended.])
- AC_MSG_WARN([*** I will keep going, but it may not work.])
- ;;
-
-2.3.7|2.3.8|2.3.9)
- AC_MSG_WARN([*** Warning. Your version of pppd is $PPPD_VERSION. You will])
- AC_MSG_WARN([*** not be able to use connect-on-demand. Upgrade to pppd])
- AC_MSG_WARN([*** 2.3.10 or newer if you need connect-on-demand.])
- ;;
-
-2*|3*|4*|5*|6*|7*|8*|9*)
- ;;
-
-*)
- AC_MSG_WARN([*** Oops. I cannot figure out what version of pppd you have.])
- AC_MSG_WARN([*** All I got back was '$PPPD_VERSION'])
- AC_MSG_WARN([*** I will keep going, but it may not work.])
- ;;
-esac
-
# Sigh... got to fix this up for tcl
test "x$prefix" = xNONE && prefix=$ac_default_prefix
# Let make expand exec_prefix.
--
2.34.1

27
sources/meta-openembedded/meta-networking/recipes-protocols/rp-pppoe/rp-pppoe/discard-use-of-dnl-in-Makefile.am.patch Normal file
View File

@@ -0,0 +1,27 @@
From f658181c58347c3e2b0ee4f0a6a3d19162921471 Mon Sep 17 00:00:00 2001
From: Ting Liu <b28495@freescale.com>
Date: Tue, 12 Jun 2012 14:26:16 -0400
Subject: [PATCH] discard use of dnl in Makefile.am
Since Makefile.am is not processed by m4, but by automake, 'dnl' does
not introduce a comment.
Signed-off-by: Ting Liu <b28495@freescale.com>
---
Upstream-Status: Pending
Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile.am b/Makefile.am
index eff6977..3091c33 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,5 +1,5 @@
PACKAGE = rp-pppoe
VERSION = 3.8
-dnl AM_CFLAGS = -Wall -DDEBUG
+##dnl AM_CFLAGS = -Wall -DDEBUG
SUBDIRS = src

Some files were not shown because too many files have changed in this diff Show More