openclaw/tqma6-yocto-mirror
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Complete Yocto mirror with license table for TQMa6UL (2038-compliance)

Browse Source 
- 264 license table entries with exact download URLs (224/264 resolved)
- Complete sources/ directory with all BitBake recipes
- Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl)
- Full traceability for Softwarefreigabeantrag
- GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4
- License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16)
This commit is contained in:
Siggi (OpenClaw Agent)
2026-03-01 20:58:18 +00:00
commit 16accb6b24
15086 changed files with 1292356 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

199
sources/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb Normal file
View File

@@ -0,0 +1,199 @@
SUMMARY = "Avahi IPv4LL network address configuration daemon"
DESCRIPTION = 'Avahi is a fully LGPL framework for Multicast DNS Service Discovery. It \
allows programs to publish and discover services and hosts running on a local network \
with no specific configuration. This tool implements IPv4LL, "Dynamic Configuration of \
IPv4 Link-Local Addresses" (IETF RFC3927), a protocol for automatic IP address \
configuration from the link-local 169.254.0.0/16 range without the need for a central \
server.'
HOMEPAGE = "http://avahi.org"
BUGTRACKER = "https://github.com/avahi/avahi/issues"
SECTION = "network"
# major part is under LGPL-2.1-or-later, but several .dtd, .xsl, initscripts and
# python scripts are under GPL-2.0-or-later
LICENSE = "GPL-2.0-or-later & LGPL-2.1-or-later"
LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \
file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \
file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \
file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \
file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf"
SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/avahi-${PV}.tar.gz \
file://00avahi-autoipd \
file://99avahi-autoipd \
file://initscript.patch \
file://0001-Fix-opening-etc-resolv.conf-error.patch \
file://handle-hup.patch \
file://local-ping.patch \
file://invalid-service.patch \
file://CVE-2023-1981.patch \
file://CVE-2023-38469-1.patch \
file://CVE-2023-38469-2.patch \
file://CVE-2023-38470-1.patch \
file://CVE-2023-38470-2.patch \
file://CVE-2023-38471-1.patch \
file://CVE-2023-38471-2.patch \
file://CVE-2023-38472.patch \
file://CVE-2023-38473.patch \
file://CVE-2024-52616.patch \
"
GITHUB_BASE_URI = "https://github.com/avahi/avahi/releases/"
SRC_URI[sha256sum] = "060309d7a333d38d951bc27598c677af1796934dbd98e1024e7ad8de798fedda"
CVE_STATUS[CVE-2021-26720] = "not-applicable-platform: Issue only affects Debian/SUSE"
DEPENDS = "expat libcap libdaemon glib-2.0 glib-2.0-native"
# For gtk related PACKAGECONFIGs: gtk, gtk3
AVAHI_GTK ?= ""
PACKAGECONFIG ??= "dbus ${@bb.utils.contains_any('DISTRO_FEATURES','x11 wayland','${AVAHI_GTK}','',d)}"
PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus"
PACKAGECONFIG[gtk] = "--enable-gtk,--disable-gtk,gtk+"
PACKAGECONFIG[gtk3] = "--enable-gtk3,--disable-gtk3,gtk+3"
PACKAGECONFIG[libdns_sd] = "--enable-compat-libdns_sd --enable-dbus,,dbus"
PACKAGECONFIG[libevent] = "--enable-libevent,--disable-libevent,libevent"
PACKAGECONFIG[qt5] = "--enable-qt5,--disable-qt5,qtbase"
inherit autotools pkgconfig gettext gobject-introspection github-releases
EXTRA_OECONF = "--with-avahi-priv-access-group=adm \
--disable-stack-protector \
--disable-gdbm \
--disable-dbm \
--disable-mono \
--disable-monodoc \
--disable-qt3 \
--disable-qt4 \
--disable-python \
--disable-doxygen-doc \
--enable-manpages \
${EXTRA_OECONF_SYSVINIT} \
${EXTRA_OECONF_SYSTEMD} \
"
# The distro choice determines what init scripts are installed
EXTRA_OECONF_SYSVINIT = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','--with-distro=debian','--with-distro=none',d)}"
EXTRA_OECONF_SYSTEMD = "${@bb.utils.contains('DISTRO_FEATURES','systemd','--with-systemdsystemunitdir=${systemd_system_unitdir}/','--without-systemdsystemunitdir',d)}"
do_configure:prepend() {
# This m4 file will get in the way of our introspection.m4 with special cross-compilation fixes
rm "${S}/common/introspection.m4" || true
}
do_compile:prepend() {
export GIR_EXTRA_LIBS_PATH="${B}/avahi-gobject/.libs:${B}/avahi-common/.libs:${B}/avahi-client/.libs:${B}/avahi-glib/.libs"
}
RRECOMMENDS:${PN}:append:libc-glibc = " libnss-mdns"
do_install() {
autotools_do_install
rm -rf ${D}/run
test -d ${D}${datadir}/dbus-1 && rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1
rm -rf ${D}${libdir}/avahi
# Move example service files out of /etc/avahi/services so we don't
# advertise ssh & sftp-ssh by default
install -d ${D}${docdir}/avahi
mv ${D}${sysconfdir}/avahi/services/* ${D}${docdir}/avahi
}
PACKAGES =+ "${@bb.utils.contains("PACKAGECONFIG", "libdns_sd", "libavahi-compat-libdnssd", "", d)}"
FILES:libavahi-compat-libdnssd = "${libdir}/libdns_sd.so.*"
RPROVIDES:libavahi-compat-libdnssd = "libdns-sd"
inherit update-rc.d systemd useradd
PACKAGES =+ "libavahi-gobject avahi-daemon libavahi-common libavahi-core libavahi-client avahi-dnsconfd libavahi-glib avahi-autoipd avahi-utils avahi-discover avahi-ui"
FILES:avahi-ui = "${libdir}/libavahi-ui*.so.*"
FILES:avahi-discover = "${datadir}/applications/avahi-discover.desktop \
${datadir}/avahi/interfaces/avahi-discover.ui \
${bindir}/avahi-discover-standalone \
"
LICENSE:libavahi-gobject = "LGPL-2.1-or-later"
LICENSE:avahi-daemon = "LGPL-2.1-or-later"
LICENSE:libavahi-common = "LGPL-2.1-or-later"
LICENSE:libavahi-core = "LGPL-2.1-or-later"
LICENSE:libavahi-client = "LGPL-2.1-or-later"
LICENSE:avahi-dnsconfd = "LGPL-2.1-or-later"
LICENSE:libavahi-glib = "LGPL-2.1-or-later"
LICENSE:avahi-autoipd = "LGPL-2.1-or-later"
LICENSE:avahi-utils = "LGPL-2.1-or-later"
# As avahi doesn't put any files into PN, clear the files list to avoid problems
# if extra libraries appear.
FILES:${PN} = ""
FILES:avahi-autoipd = "${sbindir}/avahi-autoipd \
${sysconfdir}/avahi/avahi-autoipd.action \
${sysconfdir}/dhcp/*/avahi-autoipd \
${sysconfdir}/udhcpc.d/00avahi-autoipd \
${sysconfdir}/udhcpc.d/99avahi-autoipd"
FILES:libavahi-common = "${libdir}/libavahi-common.so.*"
FILES:libavahi-core = "${libdir}/libavahi-core.so.* ${libdir}/girepository-1.0/AvahiCore*.typelib"
FILES:avahi-daemon = "${sbindir}/avahi-daemon \
${sysconfdir}/avahi/avahi-daemon.conf \
${sysconfdir}/avahi/hosts \
${sysconfdir}/avahi/services \
${sysconfdir}/dbus-1 \
${sysconfdir}/init.d/avahi-daemon \
${datadir}/dbus-1/interfaces \
${datadir}/avahi/avahi-service.dtd \
${datadir}/avahi/service-types \
${datadir}/dbus-1/system-services"
FILES:libavahi-client = "${libdir}/libavahi-client.so.*"
FILES:avahi-dnsconfd = "${sbindir}/avahi-dnsconfd \
${sysconfdir}/avahi/avahi-dnsconfd.action \
${sysconfdir}/init.d/avahi-dnsconfd"
FILES:libavahi-glib = "${libdir}/libavahi-glib.so.*"
FILES:libavahi-gobject = "${libdir}/libavahi-gobject.so.* ${libdir}/girepository-1.0/Avahi*.typelib"
FILES:avahi-utils = "${bindir}/avahi-* ${bindir}/b* ${datadir}/applications/b*"
DEV_PKG_DEPENDENCY = "avahi-daemon (= ${EXTENDPKGV}) libavahi-core (= ${EXTENDPKGV})"
DEV_PKG_DEPENDENCY += "${@["", " libavahi-client (= ${EXTENDPKGV})"][bb.utils.contains('PACKAGECONFIG', 'dbus', 1, 0, d)]}"
RDEPENDS:${PN}-dnsconfd = "${PN}-daemon"
RRECOMMENDS:avahi-daemon:append:libc-glibc = " libnss-mdns"
CONFFILES:avahi-daemon = "${sysconfdir}/avahi/avahi-daemon.conf"
USERADD_PACKAGES = "avahi-daemon avahi-autoipd"
USERADD_PARAM:avahi-daemon = "--system --home /run/avahi-daemon \
--no-create-home --shell /bin/false \
--user-group avahi"
USERADD_PARAM:avahi-autoipd = "--system --home /run/avahi-autoipd \
--no-create-home --shell /bin/false \
--user-group \
-c \"Avahi autoip daemon\" \
avahi-autoipd"
INITSCRIPT_PACKAGES = "avahi-daemon avahi-dnsconfd"
INITSCRIPT_NAME:avahi-daemon = "avahi-daemon"
INITSCRIPT_PARAMS:avahi-daemon = "defaults 21 19"
INITSCRIPT_NAME:avahi-dnsconfd = "avahi-dnsconfd"
INITSCRIPT_PARAMS:avahi-dnsconfd = "defaults 22 19"
SYSTEMD_PACKAGES = "${PN}-daemon ${PN}-dnsconfd"
SYSTEMD_SERVICE:${PN}-daemon = "avahi-daemon.service"
SYSTEMD_SERVICE:${PN}-dnsconfd = "avahi-dnsconfd.service"
do_install:append() {
install -d ${D}${sysconfdir}/udhcpc.d
install ${WORKDIR}/00avahi-autoipd ${D}${sysconfdir}/udhcpc.d
install ${WORKDIR}/99avahi-autoipd ${D}${sysconfdir}/udhcpc.d
}
# At the time the postinst runs, dbus might not be setup so only restart if running
# Don't exit early, because update-rc.d needs to run subsequently.
pkg_postinst:avahi-daemon () {
if [ -z "$D" ]; then
killall -q -HUP dbus-daemon || true
fi
}

45
sources/poky/meta/recipes-connectivity/avahi/files/0001-Fix-opening-etc-resolv.conf-error.patch Normal file
View File

@@ -0,0 +1,45 @@
From 78967814f5c37ed67f4cf64d70c9f76a03ee89bc Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Wed, 20 Jun 2018 13:57:35 +0800
Subject: [PATCH] Fix opening /etc/resolv.conf error
Fix to start avahi-daemon after systemd-resolved.service. This is because
/etc/resolv.conf is a link to /etc/resolv-conf.systemd which in turn is
a symlink to /run/systemd/resolve/resolv.conf. And /run/systemd/resolve/resolv.conf
is created by systemd-resolved.service by default in current OE's systemd
based systems.
This fixes errro like below.
Failed to open /etc/resolv.conf: Invalid argument
In fact, handling of /etc/resolv.conf is quite distro specific. So this patch
is marked as OE specific.
Upstream-Status: Inappropriate [OE Specific]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
When connman installed to image, /etc/resolv.conf is link to
/etc/resolv-conf.connman. So launch avahi-daemon after connman too.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
---
avahi-daemon/avahi-daemon.service.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/avahi-daemon/avahi-daemon.service.in b/avahi-daemon/avahi-daemon.service.in
index 548c834..63e28e4 100644
--- a/avahi-daemon/avahi-daemon.service.in
+++ b/avahi-daemon/avahi-daemon.service.in
@@ -18,6 +18,7 @@
[Unit]
Description=Avahi mDNS/DNS-SD Stack
Requires=avahi-daemon.socket
+After=systemd-resolved.service connman.service
[Service]
Type=dbus
--
2.11.0

10
sources/poky/meta/recipes-connectivity/avahi/files/00avahi-autoipd Normal file
View File

@@ -0,0 +1,10 @@
#!/bin/sh
[ -z "$1" ] && echo "Error: should be called from udhcpc" && exit 1
case "$1" in
deconfig|renew|bound)
/usr/sbin/avahi-autoipd -k $interface 2> /dev/null
;;
esac

10
sources/poky/meta/recipes-connectivity/avahi/files/99avahi-autoipd Normal file
View File

@@ -0,0 +1,10 @@
#!/bin/sh
[ -z "$1" ] && echo "Error: should be called from udhcpc" && exit 1
case "$1" in
leasefail)
/usr/sbin/avahi-autoipd -wD $interface 2> /dev/null
;;
esac

58
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch Normal file
View File

@@ -0,0 +1,58 @@
From a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Thu, 17 Nov 2022 01:51:53 +0100
Subject: [PATCH] Emit error if requested service is not found
It currently just crashes instead of replying with error. Check return
value and emit error instead of passing NULL pointer to reply.
Fixes #375
Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-1981.patch?h=ubuntu/jammy-security
Upstream commit https://github.com/lathiat/avahi/commit/a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f]
CVE: CVE-2023-1981
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
avahi-daemon/dbus-protocol.c | 20 ++++++++++++++------
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/avahi-daemon/dbus-protocol.c b/avahi-daemon/dbus-protocol.c
index 70d7687bc..406d0b441 100644
--- a/avahi-daemon/dbus-protocol.c
+++ b/avahi-daemon/dbus-protocol.c
@@ -375,10 +375,14 @@ static DBusHandlerResult dbus_get_alternative_host_name(DBusConnection *c, DBusM
}
t = avahi_alternative_host_name(n);
- avahi_dbus_respond_string(c, m, t);
- avahi_free(t);
+ if (t) {
+ avahi_dbus_respond_string(c, m, t);
+ avahi_free(t);
- return DBUS_HANDLER_RESULT_HANDLED;
+ return DBUS_HANDLER_RESULT_HANDLED;
+ } else {
+ return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Hostname not found");
+ }
}
static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DBusMessage *m, DBusError *error) {
@@ -389,10 +393,14 @@ static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DB
}
t = avahi_alternative_service_name(n);
- avahi_dbus_respond_string(c, m, t);
- avahi_free(t);
+ if (t) {
+ avahi_dbus_respond_string(c, m, t);
+ avahi_free(t);
- return DBUS_HANDLER_RESULT_HANDLED;
+ return DBUS_HANDLER_RESULT_HANDLED;
+ } else {
+ return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Service not found");
+ }
}
static DBusHandlerResult dbus_create_new_entry_group(DBusConnection *c, DBusMessage *m, DBusError *error) {

48
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38469-1.patch Normal file
View File

@@ -0,0 +1,48 @@
From 72842945085cc3adaccfdfa2853771b0e75ef991 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Mon, 23 Oct 2023 20:29:31 +0000
Subject: [PATCH] avahi: core: reject overly long TXT resource records
Closes https://github.com/lathiat/avahi/issues/455
Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/a337a1ba7d15853fb56deef1f464529af6e3a1cf]
CVE: CVE-2023-38469
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
---
avahi-core/rr.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/avahi-core/rr.c b/avahi-core/rr.c
index 7fa0bee..b03a24c 100644
--- a/avahi-core/rr.c
+++ b/avahi-core/rr.c
@@ -32,6 +32,7 @@
#include <avahi-common/malloc.h>
#include <avahi-common/defs.h>
+#include "dns.h"
#include "rr.h"
#include "log.h"
#include "util.h"
@@ -688,11 +689,17 @@ int avahi_record_is_valid(AvahiRecord *r) {
case AVAHI_DNS_TYPE_TXT: {
AvahiStringList *strlst;
+ size_t used = 0;
- for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next)
+ for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next) {
if (strlst->size > 255 || strlst->size <= 0)
return 0;
+ used += 1+strlst->size;
+ if (used > AVAHI_DNS_RDATA_MAX)
+ return 0;
+ }
+
return 1;
}
}
--
2.40.0

65
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38469-2.patch Normal file
View File

@@ -0,0 +1,65 @@
From c6cab87df290448a63323c8ca759baa516166237 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Wed, 25 Oct 2023 18:15:42 +0000
Subject: [PATCH] tests: pass overly long TXT resource records
to make sure they don't crash avahi any more.
It reproduces https://github.com/lathiat/avahi/issues/455
Canonical notes:
nickgalanis> removed first hunk since there is no .github dir in this release
Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38469-2.patch?h=ubuntu/jammy-security
Upstream commit https://github.com/lathiat/avahi/commit/c6cab87df290448a63323c8ca759baa516166237]
CVE: CVE-2023-38469
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
avahi-client/client-test.c | 14 ++++++++++++++
1 files changed, 14 insertions(+)
Index: avahi-0.8/avahi-client/client-test.c
===================================================================
--- avahi-0.8.orig/avahi-client/client-test.c
+++ avahi-0.8/avahi-client/client-test.c
@@ -22,6 +22,7 @@
#endif
#include <stdio.h>
+#include <string.h>
#include <assert.h>
#include <avahi-client/client.h>
@@ -33,6 +34,8 @@
#include <avahi-common/malloc.h>
#include <avahi-common/timeval.h>
+#include <avahi-core/dns.h>
+
static const AvahiPoll *poll_api = NULL;
static AvahiSimplePoll *simple_poll = NULL;
@@ -222,6 +225,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVA
uint32_t cookie;
struct timeval tv;
AvahiAddress a;
+ uint8_t rdata[AVAHI_DNS_RDATA_MAX+1];
+ AvahiStringList *txt = NULL;
+ int r;
simple_poll = avahi_simple_poll_new();
poll_api = avahi_simple_poll_get(simple_poll);
@@ -258,6 +264,14 @@ int main (AVAHI_GCC_UNUSED int argc, AVA
printf("%s\n", avahi_strerror(avahi_entry_group_add_service (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "Lathiat's Site", "_http._tcp", NULL, NULL, 80, "foo=bar", NULL)));
printf("add_record: %d\n", avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "\5booya", 6));
+ memset(rdata, 1, sizeof(rdata));
+ r = avahi_string_list_parse(rdata, sizeof(rdata), &txt);
+ assert(r >= 0);
+ assert(avahi_string_list_serialize(txt, NULL, 0) == sizeof(rdata));
+ error = avahi_entry_group_add_service_strlst(group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", "_qotd._tcp", NULL, NULL, 123, txt);
+ assert(error == AVAHI_ERR_INVALID_RECORD);
+ avahi_string_list_free(txt);
+
avahi_entry_group_commit (group);
domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u");

59
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38470-1.patch Normal file
View File

@@ -0,0 +1,59 @@
From af7bfad67ca53a7c4042a4a2d85456b847e9f249 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Tue, 11 Apr 2023 15:29:59 +0200
Subject: [PATCH] avahi: Ensure each label is at least one byte long
The only allowed exception is single dot, where it should return empty
string.
Fixes #454.
Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/94cb6489114636940ac683515417990b55b5d66c]
CVE: CVE-2023-38470
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
---
avahi-common/domain-test.c | 14 ++++++++++++++
avahi-common/domain.c | 2 +-
2 files changed, 15 insertions(+), 1 deletion(-)
diff --git a/avahi-common/domain-test.c b/avahi-common/domain-test.c
index cf763ec..3acc1c1 100644
--- a/avahi-common/domain-test.c
+++ b/avahi-common/domain-test.c
@@ -45,6 +45,20 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
printf("%s\n", s = avahi_normalize_name_strdup("fo\\\\o\\..f oo."));
avahi_free(s);
+ printf("%s\n", s = avahi_normalize_name_strdup("."));
+ avahi_free(s);
+
+ s = avahi_normalize_name_strdup(",.=.}.=.?-.}.=.?.?.}.}.?.?.?.z.?.?.}.}."
+ "}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.}.}.}"
+ ".?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.?.zM.?`"
+ "?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}??.}.}.?.?."
+ "?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.?`?.}.}.}."
+ "??.?.zM.?`?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}?"
+ "?.}.}.?.?.?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM."
+ "?`?.}.}.}.?.?.?.r.=.=.?.?`.?.?}.}.}.?.?.?.r.=.?.}.=.?.?."
+ "}.?.?.?.}.=.?.?.}");
+ assert(s == NULL);
+
printf("%i\n", avahi_domain_equal("\\065aa bbb\\.\\046cc.cc\\\\.dee.fff.", "Aaa BBB\\.\\.cc.cc\\\\.dee.fff"));
printf("%i\n", avahi_domain_equal("A", "a"));
diff --git a/avahi-common/domain.c b/avahi-common/domain.c
index 3b1ab68..e66d241 100644
--- a/avahi-common/domain.c
+++ b/avahi-common/domain.c
@@ -201,7 +201,7 @@ char *avahi_normalize_name(const char *s, char *ret_s, size_t size) {
}
if (!empty) {
- if (size < 1)
+ if (size < 2)
return NULL;
*(r++) = '.';
--
2.40.0

52
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38470-2.patch Normal file
View File

@@ -0,0 +1,52 @@
From 20dec84b2480821704258bc908e7b2bd2e883b24 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Tue, 19 Sep 2023 03:21:25 +0000
Subject: [PATCH] [common] bail out when escaped labels can't fit into ret
Fixes:
```
==93410==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7f9e76f14c16 at pc 0x00000047208d bp 0x7ffee90a6a00 sp 0x7ffee90a61c8
READ of size 1110 at 0x7f9e76f14c16 thread T0
#0 0x47208c in __interceptor_strlen (out/fuzz-domain+0x47208c) (BuildId: 731b20c1eef22c2104e75a6496a399b10cfc7cba)
#1 0x534eb0 in avahi_strdup avahi/avahi-common/malloc.c:167:12
#2 0x53862c in avahi_normalize_name_strdup avahi/avahi-common/domain.c:226:12
```
and
```
fuzz-domain: fuzz/fuzz-domain.c:38: int LLVMFuzzerTestOneInput(const uint8_t *, size_t): Assertion `avahi_domain_equal(s, t)' failed.
==101571== ERROR: libFuzzer: deadly signal
#0 0x501175 in __sanitizer_print_stack_trace (/home/vagrant/avahi/out/fuzz-domain+0x501175) (BuildId: 682bf6400aff9d41b64b6e2cc3ef5ad600216ea8)
#1 0x45ad2c in fuzzer::PrintStackTrace() (/home/vagrant/avahi/out/fuzz-domain+0x45ad2c) (BuildId: 682bf6400aff9d41b64b6e2cc3ef5ad600216ea8)
#2 0x43fc07 in fuzzer::Fuzzer::CrashCallback() (/home/vagrant/avahi/out/fuzz-domain+0x43fc07) (BuildId: 682bf6400aff9d41b64b6e2cc3ef5ad600216ea8)
#3 0x7f1581d7ebaf (/lib64/libc.so.6+0x3dbaf) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
#4 0x7f1581dcf883 in __pthread_kill_implementation (/lib64/libc.so.6+0x8e883) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
#5 0x7f1581d7eafd in gsignal (/lib64/libc.so.6+0x3dafd) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
#6 0x7f1581d6787e in abort (/lib64/libc.so.6+0x2687e) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
#7 0x7f1581d6779a in __assert_fail_base.cold (/lib64/libc.so.6+0x2679a) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
#8 0x7f1581d77186 in __assert_fail (/lib64/libc.so.6+0x36186) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
#9 0x5344a4 in LLVMFuzzerTestOneInput /home/vagrant/avahi/fuzz/fuzz-domain.c:38:9
```
It's a follow-up to 94cb6489114636940ac683515417990b55b5d66c
Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38470-2.patch?h=ubuntu/jammy-security
CVE: CVE-2023-38470 #Follow-up patch
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
avahi-common/domain.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Index: avahi-0.8/avahi-common/domain.c
===================================================================
--- avahi-0.8.orig/avahi-common/domain.c
+++ avahi-0.8/avahi-common/domain.c
@@ -210,7 +210,8 @@ char *avahi_normalize_name(const char *s
} else
empty = 0;
- avahi_escape_label(label, strlen(label), &r, &size);
+ if (!(avahi_escape_label(label, strlen(label), &r, &size)))
+ return NULL;
}
return ret_s;

73
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38471-1.patch Normal file
View File

@@ -0,0 +1,73 @@
From 48d745db7fd554fc33e96ec86d3675ebd530bb8e Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 23 Oct 2023 13:38:35 +0200
Subject: [PATCH] avahi: core: extract host name using avahi_unescape_label()
Previously we could create invalid escape sequence when we split the
string on dot. For example, from valid host name "foo\\.bar" we have
created invalid name "foo\\" and tried to set that as the host name
which crashed the daemon.
Fixes #453
Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/894f085f402e023a98cbb6f5a3d117bd88d93b09]
CVE: CVE-2023-38471
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
---
avahi-core/server.c | 27 +++++++++++++++++++++------
1 file changed, 21 insertions(+), 6 deletions(-)
diff --git a/avahi-core/server.c b/avahi-core/server.c
index e507750..40f1d68 100644
--- a/avahi-core/server.c
+++ b/avahi-core/server.c
@@ -1295,7 +1295,11 @@ static void update_fqdn(AvahiServer *s) {
}
int avahi_server_set_host_name(AvahiServer *s, const char *host_name) {
- char *hn = NULL;
+ char label_escaped[AVAHI_LABEL_MAX*4+1];
+ char label[AVAHI_LABEL_MAX];
+ char *hn = NULL, *h;
+ size_t len;
+
assert(s);
AVAHI_CHECK_VALIDITY(s, !host_name || avahi_is_valid_host_name(host_name), AVAHI_ERR_INVALID_HOST_NAME);
@@ -1305,17 +1309,28 @@ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) {
else
hn = avahi_normalize_name_strdup(host_name);
- hn[strcspn(hn, ".")] = 0;
+ h = hn;
+ if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) {
+ avahi_free(h);
+ return AVAHI_ERR_INVALID_HOST_NAME;
+ }
+
+ avahi_free(h);
+
+ h = label_escaped;
+ len = sizeof(label_escaped);
+ if (!avahi_escape_label(label, strlen(label), &h, &len))
+ return AVAHI_ERR_INVALID_HOST_NAME;
- if (avahi_domain_equal(s->host_name, hn) && s->state != AVAHI_SERVER_COLLISION) {
- avahi_free(hn);
+ if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION)
return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE);
- }
withdraw_host_rrs(s);
avahi_free(s->host_name);
- s->host_name = hn;
+ s->host_name = avahi_strdup(label_escaped);
+ if (!s->host_name)
+ return AVAHI_ERR_NO_MEMORY;
update_fqdn(s);
--
2.40.0

52
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch Normal file
View File

@@ -0,0 +1,52 @@
From b675f70739f404342f7f78635d6e2dcd85a13460 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Tue, 24 Oct 2023 22:04:51 +0000
Subject: [PATCH] core: return errors from avahi_server_set_host_name properly
It's a follow-up to 894f085f402e023a98cbb6f5a3d117bd88d93b09
Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38471-2.patch?h=ubuntu/jammy-security
Upstream commit https://github.com/lathiat/avahi/commit/b675f70739f404342f7f78635d6e2dcd85a13460]
CVE: CVE-2023-38471 #Follow-up Patch
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
avahi-core/server.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
Index: avahi-0.8/avahi-core/server.c
===================================================================
--- avahi-0.8.orig/avahi-core/server.c
+++ avahi-0.8/avahi-core/server.c
@@ -1309,10 +1309,13 @@ int avahi_server_set_host_name(AvahiServ
else
hn = avahi_normalize_name_strdup(host_name);
+ if (!hn)
+ return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY);
+
h = hn;
if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) {
avahi_free(h);
- return AVAHI_ERR_INVALID_HOST_NAME;
+ return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME);
}
avahi_free(h);
@@ -1320,7 +1323,7 @@ int avahi_server_set_host_name(AvahiServ
h = label_escaped;
len = sizeof(label_escaped);
if (!avahi_escape_label(label, strlen(label), &h, &len))
- return AVAHI_ERR_INVALID_HOST_NAME;
+ return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME);
if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION)
return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE);
@@ -1330,7 +1333,7 @@ int avahi_server_set_host_name(AvahiServ
avahi_free(s->host_name);
s->host_name = avahi_strdup(label_escaped);
if (!s->host_name)
- return AVAHI_ERR_NO_MEMORY;
+ return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY);
update_fqdn(s);

46
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch Normal file
View File

@@ -0,0 +1,46 @@
From b024ae5749f4aeba03478e6391687c3c9c8dee40 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 19 Oct 2023 17:36:44 +0200
Subject: [PATCH] core: make sure there is rdata to process before parsing it
Fixes #452
CVE-2023-38472
Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38472.patch?h=ubuntu/jammy-security
Upstream commit https://github.com/lathiat/avahi/commit/b024ae5749f4aeba03478e6391687c3c9c8dee40]
CVE: CVE-2023-38472
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
avahi-client/client-test.c | 3 +++
avahi-daemon/dbus-entry-group.c | 2 +-
2 files changed, 4 insertions(+), 1 deletion(-)
Index: avahi-0.8/avahi-client/client-test.c
===================================================================
--- avahi-0.8.orig/avahi-client/client-test.c
+++ avahi-0.8/avahi-client/client-test.c
@@ -272,6 +272,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVA
assert(error == AVAHI_ERR_INVALID_RECORD);
avahi_string_list_free(txt);
+ error = avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "", 0);
+ assert(error != AVAHI_OK);
+
avahi_entry_group_commit (group);
domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u");
Index: avahi-0.8/avahi-daemon/dbus-entry-group.c
===================================================================
--- avahi-0.8.orig/avahi-daemon/dbus-entry-group.c
+++ avahi-0.8/avahi-daemon/dbus-entry-group.c
@@ -340,7 +340,7 @@ DBusHandlerResult avahi_dbus_msg_entry_g
if (!(r = avahi_record_new_full (name, clazz, type, ttl)))
return avahi_dbus_respond_error(c, m, AVAHI_ERR_NO_MEMORY, NULL);
- if (avahi_rdata_parse (r, rdata, size) < 0) {
+ if (!rdata || avahi_rdata_parse (r, rdata, size) < 0) {
avahi_record_unref (r);
return avahi_dbus_respond_error(c, m, AVAHI_ERR_INVALID_RDATA, NULL);
}

110
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch Normal file
View File

@@ -0,0 +1,110 @@
From 88cbbc48d5efff9726694557ca6c3f698f3affe4 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 11 Oct 2023 17:45:44 +0200
Subject: [PATCH] avahi: common: derive alternative host name from its
unescaped version
Normalization of input makes sure we don't have to deal with special
cases like unescaped dot at the end of label.
Fixes #451 #487
Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/b448c9f771bada14ae8de175695a9729f8646797]
CVE: CVE-2023-38473
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
---
avahi-common/alternative-test.c | 3 +++
avahi-common/alternative.c | 27 +++++++++++++++++++--------
2 files changed, 22 insertions(+), 8 deletions(-)
diff --git a/avahi-common/alternative-test.c b/avahi-common/alternative-test.c
index 9255435..681fc15 100644
--- a/avahi-common/alternative-test.c
+++ b/avahi-common/alternative-test.c
@@ -31,6 +31,9 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
const char* const test_strings[] = {
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXüüüüüüü",
+ ").",
+ "\\.",
+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\\\\",
"gurke",
"-",
" #",
diff --git a/avahi-common/alternative.c b/avahi-common/alternative.c
index b3d39f0..a094e6d 100644
--- a/avahi-common/alternative.c
+++ b/avahi-common/alternative.c
@@ -49,15 +49,20 @@ static void drop_incomplete_utf8(char *c) {
}
char *avahi_alternative_host_name(const char *s) {
+ char label[AVAHI_LABEL_MAX], alternative[AVAHI_LABEL_MAX*4+1];
+ char *alt, *r, *ret;
const char *e;
- char *r;
+ size_t len;
assert(s);
if (!avahi_is_valid_host_name(s))
return NULL;
- if ((e = strrchr(s, '-'))) {
+ if (!avahi_unescape_label(&s, label, sizeof(label)))
+ return NULL;
+
+ if ((e = strrchr(label, '-'))) {
const char *p;
e++;
@@ -74,19 +79,18 @@ char *avahi_alternative_host_name(const char *s) {
if (e) {
char *c, *m;
- size_t l;
int n;
n = atoi(e)+1;
if (!(m = avahi_strdup_printf("%i", n)))
return NULL;
- l = e-s-1;
+ len = e-label-1;
- if (l >= AVAHI_LABEL_MAX-1-strlen(m)-1)
- l = AVAHI_LABEL_MAX-1-strlen(m)-1;
+ if (len >= AVAHI_LABEL_MAX-1-strlen(m)-1)
+ len = AVAHI_LABEL_MAX-1-strlen(m)-1;
- if (!(c = avahi_strndup(s, l))) {
+ if (!(c = avahi_strndup(label, len))) {
avahi_free(m);
return NULL;
}
@@ -100,7 +104,7 @@ char *avahi_alternative_host_name(const char *s) {
} else {
char *c;
- if (!(c = avahi_strndup(s, AVAHI_LABEL_MAX-1-2)))
+ if (!(c = avahi_strndup(label, AVAHI_LABEL_MAX-1-2)))
return NULL;
drop_incomplete_utf8(c);
@@ -109,6 +113,13 @@ char *avahi_alternative_host_name(const char *s) {
avahi_free(c);
}
+ alt = alternative;
+ len = sizeof(alternative);
+ ret = avahi_escape_label(r, strlen(r), &alt, &len);
+
+ avahi_free(r);
+ r = avahi_strdup(ret);
+
assert(avahi_is_valid_host_name(r));
return r;
--
2.40.0

104
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2024-52616.patch Normal file
View File

@@ -0,0 +1,104 @@
From f8710bdc8b29ee1176fe3bfaeabebbda1b7a79f7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Mon, 11 Nov 2024 00:56:09 +0100
Subject: [PATCH] Properly randomize query id of DNS packets
CVE: CVE-2024-52616
Upstream-Status: Backport [https://github.com/avahi/avahi/commit/f8710bdc8b29ee1176fe3bfaeabebbda1b7a79f7]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
---
avahi-core/wide-area.c | 36 ++++++++++++++++++++++++++++--------
configure.ac | 3 ++-
2 files changed, 30 insertions(+), 9 deletions(-)
diff --git a/avahi-core/wide-area.c b/avahi-core/wide-area.c
index 971f5e714..00a15056e 100644
--- a/avahi-core/wide-area.c
+++ b/avahi-core/wide-area.c
@@ -40,6 +40,13 @@
#include "addr-util.h"
#include "rr-util.h"
+#ifdef HAVE_SYS_RANDOM_H
+#include <sys/random.h>
+#endif
+#ifndef HAVE_GETRANDOM
+# define getrandom(d, len, flags) (-1)
+#endif
+
#define CACHE_ENTRIES_MAX 500
typedef struct AvahiWideAreaCacheEntry AvahiWideAreaCacheEntry;
@@ -84,8 +91,6 @@ struct AvahiWideAreaLookupEngine {
int fd_ipv4, fd_ipv6;
AvahiWatch *watch_ipv4, *watch_ipv6;
- uint16_t next_id;
-
/* Cache */
AVAHI_LLIST_HEAD(AvahiWideAreaCacheEntry, cache);
AvahiHashmap *cache_by_key;
@@ -201,6 +206,26 @@ static void sender_timeout_callback(AvahiTimeEvent *e, void *userdata) {
avahi_time_event_update(e, avahi_elapse_time(&tv, 1000, 0));
}
+static uint16_t get_random_uint16(void) {
+ uint16_t next_id;
+
+ if (getrandom(&next_id, sizeof(next_id), 0) == -1)
+ next_id = (uint16_t) rand();
+ return next_id;
+}
+
+static uint16_t avahi_wide_area_next_id(AvahiWideAreaLookupEngine *e) {
+ uint16_t next_id;
+
+ next_id = get_random_uint16();
+ while (find_lookup(e, next_id)) {
+ /* This ID is already used, get new. */
+ next_id = get_random_uint16();
+ }
+ return next_id;
+}
+
+
AvahiWideAreaLookup *avahi_wide_area_lookup_new(
AvahiWideAreaLookupEngine *e,
AvahiKey *key,
@@ -227,11 +252,7 @@ AvahiWideAreaLookup *avahi_wide_area_lookup_new(
/* If more than 65K wide area quries are issued simultaneously,
* this will break. This should be limited by some higher level */
- for (;; e->next_id++)
- if (!find_lookup(e, e->next_id))
- break; /* This ID is not yet used. */
-
- l->id = e->next_id++;
+ l->id = avahi_wide_area_next_id(e);
/* We keep the packet around in case we need to repeat our query */
l->packet = avahi_dns_packet_new(0);
@@ -604,7 +625,6 @@ AvahiWideAreaLookupEngine *avahi_wide_area_engine_new(AvahiServer *s) {
e->watch_ipv6 = s->poll_api->watch_new(e->server->poll_api, e->fd_ipv6, AVAHI_WATCH_IN, socket_event, e);
e->n_dns_servers = e->current_dns_server = 0;
- e->next_id = (uint16_t) rand();
/* Initialize cache */
AVAHI_LLIST_HEAD_INIT(AvahiWideAreaCacheEntry, e->cache);
diff --git a/configure.ac b/configure.ac
index a3211b80e..31bce3d76 100644
--- a/configure.ac
+++ b/configure.ac
@@ -367,7 +367,8 @@ AC_FUNC_SELECT_ARGTYPES
# whether libc's malloc does too. (Same for realloc.)
#AC_FUNC_MALLOC
#AC_FUNC_REALLOC
-AC_CHECK_FUNCS([gethostname memchr memmove memset mkdir select socket strchr strcspn strdup strerror strrchr strspn strstr uname setresuid setreuid setresgid setregid strcasecmp gettimeofday putenv strncasecmp strlcpy gethostbyname seteuid setegid setproctitle getprogname])
+AC_CHECK_FUNCS([gethostname memchr memmove memset mkdir select socket strchr strcspn strdup strerror strrchr strspn strstr uname setresuid setreuid setresgid setregid strcasecmp gettimeofday putenv strncasecmp strlcpy gethostbyname seteuid setegid setproctitle getprogname getrandom])
+AC_CHECK_HEADERS([sys/random.h])
AC_FUNC_CHOWN
AC_FUNC_STAT

41
sources/poky/meta/recipes-connectivity/avahi/files/handle-hup.patch Normal file
View File

@@ -0,0 +1,41 @@
CVE: CVE-2021-3468
Upstream-Status: Submitted [https://github.com/lathiat/avahi/pull/330]
Signed-off-by: Ross Burton <ross.burton@arm.com>
From 447affe29991ee99c6b9732fc5f2c1048a611d3b Mon Sep 17 00:00:00 2001
From: Riccardo Schirone <sirmy15@gmail.com>
Date: Fri, 26 Mar 2021 11:50:24 +0100
Subject: [PATCH] Avoid infinite-loop in avahi-daemon by handling HUP event in
client_work
If a client fills the input buffer, client_work() disables the
AVAHI_WATCH_IN event, thus preventing the function from executing the
`read` syscall the next times it is called. However, if the client then
terminates the connection, the socket file descriptor receives a HUP
event, which is not handled, thus the kernel keeps marking the HUP event
as occurring. While iterating over the file descriptors that triggered
an event, the client file descriptor will keep having the HUP event and
the client_work() function is always called with AVAHI_WATCH_HUP but
without nothing being done, thus entering an infinite loop.
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984938
---
avahi-daemon/simple-protocol.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/avahi-daemon/simple-protocol.c b/avahi-daemon/simple-protocol.c
index 3e0ebb11..6c0274d6 100644
--- a/avahi-daemon/simple-protocol.c
+++ b/avahi-daemon/simple-protocol.c
@@ -424,6 +424,11 @@ static void client_work(AvahiWatch *watch, AVAHI_GCC_UNUSED int fd, AvahiWatchEv
}
}
+ if (events & AVAHI_WATCH_HUP) {
+ client_free(c);
+ return;
+ }
+
c->server->poll_api->watch_update(
watch,
(c->outbuf_length > 0 ? AVAHI_WATCH_OUT : 0) |

47
sources/poky/meta/recipes-connectivity/avahi/files/initscript.patch Normal file
View File

@@ -0,0 +1,47 @@
Upstream-Status: Pending
Index: avahi-0.7/initscript/debian/avahi-daemon.in
===================================================================
--- avahi-0.7.orig/initscript/debian/avahi-daemon.in
+++ avahi-0.7/initscript/debian/avahi-daemon.in
@@ -1,5 +1,17 @@
#!/bin/sh
-
+### BEGIN INIT INFO
+# Provides: avahi
+# Required-Start: $remote_fs dbus
+# Required-Stop: $remote_fs dbus
+# Should-Start: $syslog
+# Should-Stop: $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Avahi mDNS/DNS-SD Daemon
+# Description: Zeroconf daemon for configuring your network
+# automatically
+### END INIT INFO
+#
# This file is part of avahi.
#
# avahi is free software; you can redistribute it and/or modify it
Index: avahi-0.7/initscript/debian/avahi-dnsconfd.in
===================================================================
--- avahi-0.7.orig/initscript/debian/avahi-dnsconfd.in
+++ avahi-0.7/initscript/debian/avahi-dnsconfd.in
@@ -1,4 +1,17 @@
#!/bin/sh
+### BEGIN INIT INFO
+# Provides: avahi-dnsconfd
+# Required-Start: $remote_fs avahi
+# Required-Stop: $remote_fs avahi
+# Should-Start: $syslog
+# Should-Stop: $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Avahi mDNS/DNS-SD DNS configuration
+# Description: Zeroconf daemon for configuring your network
+# automatically
+### END INIT INFO
+#
# This file is part of avahi.
#

29
sources/poky/meta/recipes-connectivity/avahi/files/invalid-service.patch Normal file
View File

@@ -0,0 +1,29 @@
From 46490e95151d415cd22f02565e530eb5efcef680 Mon Sep 17 00:00:00 2001
From: Asger Hautop Drewsen <asger@princh.com>
Date: Mon, 9 Aug 2021 14:25:08 +0200
Subject: [PATCH] Fix avahi-browse: Invalid service type
Invalid service types will stop the browse from completing, or
in simple terms "my washing machine stops me from printing".
Upstream-Status: Submitted [https://github.com/lathiat/avahi/pull/472]
Signed-off-by: Ross Burton <ross.burton@arm.com>
---
avahi-core/browse-service.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c
index 63e0275a..ac3d2ecb 100644
--- a/avahi-core/browse-service.c
+++ b/avahi-core/browse-service.c
@@ -103,7 +103,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_prepare(
AVAHI_CHECK_VALIDITY_RETURN_NULL(server, AVAHI_PROTO_VALID(protocol), AVAHI_ERR_INVALID_PROTOCOL);
AVAHI_CHECK_VALIDITY_RETURN_NULL(server, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME);
AVAHI_CHECK_VALIDITY_RETURN_NULL(server, AVAHI_FLAGS_VALID(flags, AVAHI_LOOKUP_USE_WIDE_AREA|AVAHI_LOOKUP_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
- AVAHI_CHECK_VALIDITY_RETURN_NULL(server, avahi_is_valid_service_type_generic(service_type), AVAHI_ERR_INVALID_SERVICE_TYPE);
+
+ if (!avahi_is_valid_service_type_generic(service_type))
+ service_type = "_invalid._tcp";
if (!domain)
domain = server->domain_name;

153
sources/poky/meta/recipes-connectivity/avahi/files/local-ping.patch Normal file
View File

@@ -0,0 +1,153 @@
CVE: CVE-2021-36217
CVE: CVE-2021-3502
Upstream-Status: Backport
Signed-off-by: Ross Burton <ross.burton@arm.com>
From 9d31939e55280a733d930b15ac9e4dda4497680c Mon Sep 17 00:00:00 2001
From: Tommi Rantala <tommi.t.rantala@nokia.com>
Date: Mon, 8 Feb 2021 11:04:43 +0200
Subject: [PATCH] Fix NULL pointer crashes from #175
avahi-daemon is crashing when running "ping .local".
The crash is due to failing assertion from NULL pointer.
Add missing NULL pointer checks to fix it.
Introduced in #175 - merge commit 8f75a045709a780c8cf92a6a21e9d35b593bdecd
---
avahi-core/browse-dns-server.c | 5 ++++-
avahi-core/browse-domain.c | 5 ++++-
avahi-core/browse-service-type.c | 3 +++
avahi-core/browse-service.c | 3 +++
avahi-core/browse.c | 3 +++
avahi-core/resolve-address.c | 5 ++++-
avahi-core/resolve-host-name.c | 5 ++++-
avahi-core/resolve-service.c | 5 ++++-
8 files changed, 29 insertions(+), 5 deletions(-)
diff --git a/avahi-core/browse-dns-server.c b/avahi-core/browse-dns-server.c
index 049752e9..c2d914fa 100644
--- a/avahi-core/browse-dns-server.c
+++ b/avahi-core/browse-dns-server.c
@@ -343,7 +343,10 @@ AvahiSDNSServerBrowser *avahi_s_dns_server_browser_new(
AvahiSDNSServerBrowser* b;
b = avahi_s_dns_server_browser_prepare(server, interface, protocol, domain, type, aprotocol, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_dns_server_browser_start(b);
return b;
-}
\ No newline at end of file
+}
diff --git a/avahi-core/browse-domain.c b/avahi-core/browse-domain.c
index f145d56a..06fa70c0 100644
--- a/avahi-core/browse-domain.c
+++ b/avahi-core/browse-domain.c
@@ -253,7 +253,10 @@ AvahiSDomainBrowser *avahi_s_domain_browser_new(
AvahiSDomainBrowser *b;
b = avahi_s_domain_browser_prepare(server, interface, protocol, domain, type, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_domain_browser_start(b);
return b;
-}
\ No newline at end of file
+}
diff --git a/avahi-core/browse-service-type.c b/avahi-core/browse-service-type.c
index fdd22dcd..b1fc7af8 100644
--- a/avahi-core/browse-service-type.c
+++ b/avahi-core/browse-service-type.c
@@ -171,6 +171,9 @@ AvahiSServiceTypeBrowser *avahi_s_service_type_browser_new(
AvahiSServiceTypeBrowser *b;
b = avahi_s_service_type_browser_prepare(server, interface, protocol, domain, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_service_type_browser_start(b);
return b;
diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c
index 5531360c..63e0275a 100644
--- a/avahi-core/browse-service.c
+++ b/avahi-core/browse-service.c
@@ -184,6 +184,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_new(
AvahiSServiceBrowser *b;
b = avahi_s_service_browser_prepare(server, interface, protocol, service_type, domain, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_service_browser_start(b);
return b;
diff --git a/avahi-core/browse.c b/avahi-core/browse.c
index 2941e579..e8a915e9 100644
--- a/avahi-core/browse.c
+++ b/avahi-core/browse.c
@@ -634,6 +634,9 @@ AvahiSRecordBrowser *avahi_s_record_browser_new(
AvahiSRecordBrowser *b;
b = avahi_s_record_browser_prepare(server, interface, protocol, key, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_record_browser_start_query(b);
return b;
diff --git a/avahi-core/resolve-address.c b/avahi-core/resolve-address.c
index ac0b29b1..e61dd242 100644
--- a/avahi-core/resolve-address.c
+++ b/avahi-core/resolve-address.c
@@ -286,7 +286,10 @@ AvahiSAddressResolver *avahi_s_address_resolver_new(
AvahiSAddressResolver *b;
b = avahi_s_address_resolver_prepare(server, interface, protocol, address, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_address_resolver_start(b);
return b;
-}
\ No newline at end of file
+}
diff --git a/avahi-core/resolve-host-name.c b/avahi-core/resolve-host-name.c
index 808b0e72..4e8e5973 100644
--- a/avahi-core/resolve-host-name.c
+++ b/avahi-core/resolve-host-name.c
@@ -318,7 +318,10 @@ AvahiSHostNameResolver *avahi_s_host_name_resolver_new(
AvahiSHostNameResolver *b;
b = avahi_s_host_name_resolver_prepare(server, interface, protocol, host_name, aprotocol, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_host_name_resolver_start(b);
return b;
-}
\ No newline at end of file
+}
diff --git a/avahi-core/resolve-service.c b/avahi-core/resolve-service.c
index 66bf3cae..43771763 100644
--- a/avahi-core/resolve-service.c
+++ b/avahi-core/resolve-service.c
@@ -519,7 +519,10 @@ AvahiSServiceResolver *avahi_s_service_resolver_new(
AvahiSServiceResolver *b;
b = avahi_s_service_resolver_prepare(server, interface, protocol, name, type, domain, aprotocol, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_service_resolver_start(b);
return b;
-}
\ No newline at end of file
+}

27
sources/poky/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch Normal file
View File

@@ -0,0 +1,27 @@
From 31dde3562f287429eea94b77250d184818b49063 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 15 Oct 2018 16:55:09 +0800
Subject: [PATCH] avoid start failure with bind user
Upstream-Status: Pending
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
init.d | 1 +
1 file changed, 1 insertion(+)
diff --git a/init.d b/init.d
index b2eec60..6e03936 100644
--- a/init.d
+++ b/init.d
@@ -57,6 +57,7 @@ case "$1" in
modprobe capability >/dev/null 2>&1 || true
if [ ! -f /etc/bind/rndc.key ]; then
/usr/sbin/rndc-confgen -a -b 512
+ chown root:bind /etc/bind/rndc.key >/dev/null 2>&1 || true
chmod 0640 /etc/bind/rndc.key
fi
if [ -f /var/run/named/named.pid ]; then
--
2.7.4

35
sources/poky/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch Normal file
View File

@@ -0,0 +1,35 @@
From 4e83392e840fa7b05e778710b8c202d102477a13 Mon Sep 17 00:00:00 2001
From: Hongxu Jia <hongxu.jia@windriver.com>
Date: Mon, 27 Aug 2018 21:24:20 +0800
Subject: [PATCH] `named/lwresd -V' and start log hide build options
The build options expose build path directories, so hide them.
[snip]
$ named -V
|built by make with *** (options are hidden)
[snip]
Upstream-Status: Inappropriate [oe-core specific]
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Refreshed for 9.16.0
Signed-off-by: Armin Kuster <akuster@mvista.com>
---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index bf20690..c5d330f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -35,7 +35,7 @@ AC_DEFINE([PACKAGE_VERSION_EXTRA], ["][bind_VERSION_EXTRA]["], [BIND 9 Extra par
AC_DEFINE([PACKAGE_DESCRIPTION], [m4_ifnblank(bind_DESCRIPTION, [" ]bind_DESCRIPTION["], [])], [An extra string to print after PACKAGE_STRING])
AC_DEFINE([PACKAGE_SRCID], ["][bind_SRCID]["], [A short hash from git])
-bind_CONFIGARGS="${ac_configure_args:-default}"
+bind_CONFIGARGS="(removed for reproducibility)"
AC_DEFINE_UNQUOTED([PACKAGE_CONFIGARGS], ["$bind_CONFIGARGS"], [Either 'defaults' or used ./configure options])
AC_DEFINE([PACKAGE_BUILDER], ["make"], [make or Visual Studio])

47
sources/poky/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch Normal file
View File

@@ -0,0 +1,47 @@
From 5ae30329f168c1e8d2e0c3831988a4f3e9096e39 Mon Sep 17 00:00:00 2001
From: Paul Gortmaker <paul.gortmaker@windriver.com>
Date: Tue, 9 Jun 2015 11:22:00 -0400
Subject: [PATCH] bind: ensure searching for json headers searches sysroot
Bind can fail configure by detecting headers w/o libs[1], or
it can fail the host contamination check as per below:
ERROR: This autoconf log indicates errors, it looked at host include and/or library paths while determining system capabilities.
Rerun configure task after fixing this. The path was 'build/tmp/work/core2-64-poky-linux/bind/9.10.2-r1/build'
ERROR: Function failed: do_qa_configure
ERROR: Logfile of failure stored in: build/tmp/work/core2-64-poky-linux/bind/9.10.2-r1/temp/log.do_configure.5242
ERROR: Task 5 (meta/recipes-connectivity/bind/bind_9.10.2.bb, do_configure) failed with exit code '1'
NOTE: Tasks Summary: Attempted 773 tasks of which 768 didn't need to be rerun and 1 failed.
No currently running tasks (773 of 781)
Summary: 1 task failed:
/meta/recipes-connectivity/bind/bind_9.10.2.bb, do_configure
One way to fix it would be to unconditionally disable json in bind
configure[2] but here we fix it by using the path to where we would
put the header if we had json in the sysroot, in case someone wants
to make use of the combination some day.
[1] https://trac.macports.org/ticket/45305
[2] https://trac.macports.org/changeset/126406
Upstream-Status: Inappropriate [OE Specific]
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 2ab8ddd..92fe983 100644
--- a/configure.ac
+++ b/configure.ac
@@ -761,7 +761,7 @@ AS_CASE([$with_lmdb],
[no],[],
[auto|yes], [PKG_CHECK_MODULES([LMDB], [lmdb],
[ac_lib_lmdb_found=yes],
- [for ac_lib_lmdb_path in /usr /usr/local /opt /opt/local; do
+ [for ac_lib_lmdb_path in "${STAGING_INCDIR}"; do
AX_LIB_LMDB([$ac_lib_lmdb_path],
[ac_lib_lmdb_found=yes
break])

2
sources/poky/meta/recipes-connectivity/bind/bind/bind9 Normal file
View File

@@ -0,0 +1,2 @@
# startup options for the server
OPTIONS="-u bind"

330
sources/poky/meta/recipes-connectivity/bind/bind/conf.patch Normal file
View File

@@ -0,0 +1,330 @@
Upstream-Status: Inappropriate [configuration]
the patch is imported from openembedded project
11/30/2010 - Qing He <qing.he@intel.com>
diff -urN bind-9.3.1.orig/conf/db.0 bind-9.3.1/conf/db.0
--- bind-9.3.1.orig/conf/db.0 1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/db.0 2005-07-10 22:14:00.000000000 +0200
@@ -0,0 +1,12 @@
+;
+; BIND reverse data file for broadcast zone
+;
+$TTL 604800
+@ IN SOA localhost. root.localhost. (
+ 1 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+;
+@ IN NS localhost.
diff -urN bind-9.3.1.orig/conf/db.127 bind-9.3.1/conf/db.127
--- bind-9.3.1.orig/conf/db.127 1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/db.127 2005-07-10 22:14:00.000000000 +0200
@@ -0,0 +1,13 @@
+;
+; BIND reverse data file for local loopback interface
+;
+$TTL 604800
+@ IN SOA localhost. root.localhost. (
+ 1 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+;
+@ IN NS localhost.
+1.0.0 IN PTR localhost.
diff -urN bind-9.3.1.orig/conf/db.empty bind-9.3.1/conf/db.empty
--- bind-9.3.1.orig/conf/db.empty 1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/db.empty 2005-07-10 22:14:00.000000000 +0200
@@ -0,0 +1,14 @@
+; BIND reverse data file for empty rfc1918 zone
+;
+; DO NOT EDIT THIS FILE - it is used for multiple zones.
+; Instead, copy it, edit named.conf, and use that copy.
+;
+$TTL 86400
+@ IN SOA localhost. root.localhost. (
+ 1 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 86400 ) ; Negative Cache TTL
+;
+@ IN NS localhost.
diff -urN bind-9.3.1.orig/conf/db.255 bind-9.3.1/conf/db.255
--- bind-9.3.1.orig/conf/db.255 1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/db.255 2005-07-10 22:14:00.000000000 +0200
@@ -0,0 +1,12 @@
+;
+; BIND reserve data file for broadcast zone
+;
+$TTL 604800
+@ IN SOA localhost. root.localhost. (
+ 1 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+;
+@ IN NS localhost.
diff -urN bind-9.3.1.orig/conf/db.local bind-9.3.1/conf/db.local
--- bind-9.3.1.orig/conf/db.local 1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/db.local 2005-07-10 22:14:00.000000000 +0200
@@ -0,0 +1,13 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL 604800
+@ IN SOA localhost. root.localhost. (
+ 1 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+;
+@ IN NS localhost.
+@ IN A 127.0.0.1
diff -urN bind-9.3.1.orig/conf/db.root bind-9.3.1/conf/db.root
--- bind-9.3.1.orig/conf/db.root 1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/db.root 2005-07-10 22:14:00.000000000 +0200
@@ -0,0 +1,45 @@
+
+; <<>> DiG 9.2.3 <<>> ns . @a.root-servers.net.
+;; global options: printcmd
+;; Got answer:
+;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18944
+;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13
+
+;; QUESTION SECTION:
+;. IN NS
+
+;; ANSWER SECTION:
+. 518400 IN NS A.ROOT-SERVERS.NET.
+. 518400 IN NS B.ROOT-SERVERS.NET.
+. 518400 IN NS C.ROOT-SERVERS.NET.
+. 518400 IN NS D.ROOT-SERVERS.NET.
+. 518400 IN NS E.ROOT-SERVERS.NET.
+. 518400 IN NS F.ROOT-SERVERS.NET.
+. 518400 IN NS G.ROOT-SERVERS.NET.
+. 518400 IN NS H.ROOT-SERVERS.NET.
+. 518400 IN NS I.ROOT-SERVERS.NET.
+. 518400 IN NS J.ROOT-SERVERS.NET.
+. 518400 IN NS K.ROOT-SERVERS.NET.
+. 518400 IN NS L.ROOT-SERVERS.NET.
+. 518400 IN NS M.ROOT-SERVERS.NET.
+
+;; ADDITIONAL SECTION:
+A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
+B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201
+C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12
+D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90
+E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10
+F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241
+G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4
+H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
+I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17
+J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30
+K.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129
+L.ROOT-SERVERS.NET. 3600000 IN A 198.32.64.12
+M.ROOT-SERVERS.NET. 3600000 IN A 202.12.27.33
+
+;; Query time: 81 msec
+;; SERVER: 198.41.0.4#53(a.root-servers.net.)
+;; WHEN: Sun Feb 1 11:27:14 2004
+;; MSG SIZE rcvd: 436
+
diff -urN bind-9.3.1.orig/conf/named.conf bind-9.3.1/conf/named.conf
--- bind-9.3.1.orig/conf/named.conf 1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/named.conf 2005-07-10 22:33:46.000000000 +0200
@@ -0,0 +1,49 @@
+// This is the primary configuration file for the BIND DNS server named.
+//
+// If you are just adding zones, please do that in /etc/bind/named.conf.local
+
+include "/etc/bind/named.conf.options";
+
+// prime the server with knowledge of the root servers
+zone "." {
+ type hint;
+ file "/etc/bind/db.root";
+};
+
+// be authoritative for the localhost forward and reverse zones, and for
+// broadcast zones as per RFC 1912
+
+zone "localhost" {
+ type master;
+ file "/etc/bind/db.local";
+};
+
+zone "127.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.127";
+};
+
+zone "0.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.0";
+};
+
+zone "255.in-addr.arpa" {
+ type master;
+ file "/etc/bind/db.255";
+};
+
+// zone "com" { type delegation-only; };
+// zone "net" { type delegation-only; };
+
+// From the release notes:
+// Because many of our users are uncomfortable receiving undelegated answers
+// from root or top level domains, other than a few for whom that behaviour
+// has been trusted and expected for quite some length of time, we have now
+// introduced the "root-delegations-only" feature which applies delegation-only
+// logic to all top level domains, and to the root domain. An exception list
+// should be specified, including "MUSEUM" and "DE", and any other top level
+// domains from whom undelegated responses are expected and trusted.
+// root-delegation-only exclude { "DE"; "MUSEUM"; };
+
+include "/etc/bind/named.conf.local";
diff -urN bind-9.3.1.orig/conf/named.conf.local bind-9.3.1/conf/named.conf.local
--- bind-9.3.1.orig/conf/named.conf.local 1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/named.conf.local 2005-07-10 22:14:06.000000000 +0200
@@ -0,0 +1,8 @@
+//
+// Do any local configuration here
+//
+
+// Consider adding the 1918 zones here, if they are not used in your
+// organization
+//include "/etc/bind/zones.rfc1918";
+
diff -urN bind-9.3.1.orig/conf/named.conf.options bind-9.3.1/conf/named.conf.options
--- bind-9.3.1.orig/conf/named.conf.options 1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/named.conf.options 2005-07-10 22:14:06.000000000 +0200
@@ -0,0 +1,24 @@
+options {
+ directory "/var/cache/bind";
+
+ // If there is a firewall between you and nameservers you want
+ // to talk to, you might need to uncomment the query-source
+ // directive below. Previous versions of BIND always asked
+ // questions using port 53, but BIND 8.1 and later use an unprivileged
+ // port by default.
+
+ // query-source address * port 53;
+
+ // If your ISP provided one or more IP addresses for stable
+ // nameservers, you probably want to use them as forwarders.
+ // Uncomment the following block, and insert the addresses replacing
+ // the all-0's placeholder.
+
+ // forwarders {
+ // 0.0.0.0;
+ // };
+
+ auth-nxdomain no; # conform to RFC1035
+
+};
+
diff -urN bind-9.3.1.orig/conf/zones.rfc1918 bind-9.3.1/conf/zones.rfc1918
--- bind-9.3.1.orig/conf/zones.rfc1918 1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/conf/zones.rfc1918 2005-07-10 22:14:10.000000000 +0200
@@ -0,0 +1,20 @@
+zone "10.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+
+zone "16.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "17.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "18.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "19.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "20.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "21.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "22.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "23.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "24.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "25.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "26.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "27.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "28.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "29.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "30.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+zone "31.172.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
+
+zone "168.192.in-addr.arpa" { type master; file "/etc/bind/db.empty"; };
diff -urN bind-9.3.1.orig/init.d bind-9.3.1/init.d
--- bind-9.3.1.orig/init.d 1970-01-01 01:00:00.000000000 +0100
+++ bind-9.3.1/init.d 2005-07-10 23:09:58.000000000 +0200
@@ -0,0 +1,70 @@
+#!/bin/sh
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+
+# for a chrooted server: "-u bind -t /var/lib/named"
+# Don't modify this line, change or create /etc/default/bind9.
+OPTIONS=""
+
+test -f /etc/default/bind9 && . /etc/default/bind9
+
+test -x /usr/sbin/rndc || exit 0
+
+case "$1" in
+ start)
+ echo -n "Starting domain name service: named"
+
+ modprobe capability >/dev/null 2>&1 || true
+ if [ ! -f /etc/bind/rndc.key ]; then
+ /usr/sbin/rndc-confgen -a -b 512
+ chmod 0640 /etc/bind/rndc.key
+ fi
+ if [ -f /var/run/named/named.pid ]; then
+ ps `cat /var/run/named/named.pid` > /dev/null && exit 1
+ fi
+
+ # dirs under /var/run can go away on reboots.
+ mkdir -p /var/run/named
+ mkdir -p /var/cache/bind
+ chmod 775 /var/run/named
+ chown root:bind /var/run/named >/dev/null 2>&1 || true
+
+ if [ ! -x /usr/sbin/named ]; then
+ echo "named binary missing - not starting"
+ exit 1
+ fi
+ if start-stop-daemon --start --quiet --exec /usr/sbin/named \
+ --pidfile /var/run/named/named.pid -- $OPTIONS; then
+ if [ -x /sbin/resolvconf ] ; then
+ echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo
+ fi
+ fi
+ echo "."
+ ;;
+
+ stop)
+ echo -n "Stopping domain name service: named"
+ if [ -x /sbin/resolvconf ]; then
+ /sbin/resolvconf -d lo
+ fi
+ /usr/sbin/rndc stop >/dev/null 2>&1
+ echo "."
+ ;;
+
+ reload)
+ /usr/sbin/rndc reload
+ ;;
+
+ restart|force-reload)
+ $0 stop
+ sleep 2
+ $0 start
+ ;;
+
+ *)
+ echo "Usage: /etc/init.d/bind {start|stop|reload|restart|force-reload}" >&2
+ exit 1
+ ;;
+esac
+
+exit 0

8
sources/poky/meta/recipes-connectivity/bind/bind/generate-rndc-key.sh Normal file
View File

@@ -0,0 +1,8 @@
#!/bin/sh
if [ ! -s /etc/bind/rndc.key ]; then
echo -n "Generating /etc/bind/rndc.key:"
/usr/sbin/rndc-confgen -a -b 512
chown root:bind /etc/bind/rndc.key
chmod 0640 /etc/bind/rndc.key
fi

65
sources/poky/meta/recipes-connectivity/bind/bind/init.d-add-support-for-read-only-rootfs.patch Normal file
View File

@@ -0,0 +1,65 @@
Subject: init.d: add support for read-only rootfs
Upstream-Status: Inappropriate [oe specific]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
init.d | 40 ++++++++++++++++++++++++++++++++++++++++
1 file changed, 40 insertions(+)
diff --git a/init.d b/init.d
index 0111ed4..24677c8 100644
--- a/init.d
+++ b/init.d
@@ -6,8 +6,48 @@ PATH=/sbin:/bin:/usr/sbin:/usr/bin
# Don't modify this line, change or create /etc/default/bind9.
OPTIONS=""
+test -f /etc/default/rcS && . /etc/default/rcS
test -f /etc/default/bind9 && . /etc/default/bind9
+# This function is here because it's possible that /var and / are on different partitions.
+is_on_read_only_partition () {
+ DIRECTORY=$1
+ dir=`readlink -f $DIRECTORY`
+ while true; do
+ if [ ! -d "$dir" ]; then
+ echo "ERROR: $dir is not a directory"
+ exit 1
+ else
+ for flag in `awk -v dir=$dir '{ if ($2 == dir) { print "FOUND"; split($4,FLAGS,",") } }; \
+ END { for (f in FLAGS) print FLAGS[f] }' < /proc/mounts`; do
+ [ "$flag" = "FOUND" ] && partition="read-write"
+ [ "$flag" = "ro" ] && { partition="read-only"; break; }
+ done
+ if [ "$dir" = "/" -o -n "$partition" ]; then
+ break
+ else
+ dir=`dirname $dir`
+ fi
+ fi
+ done
+ [ "$partition" = "read-only" ] && echo "yes" || echo "no"
+}
+
+bind_mount () {
+ olddir=$1
+ newdir=$2
+ mkdir -p $olddir
+ cp -a $newdir/* $olddir
+ mount --bind $olddir $newdir
+}
+
+# Deal with read-only rootfs
+if [ "$ROOTFS_READ_ONLY" = "yes" ]; then
+ [ "$VERBOSE" != "no" ] && echo "WARN: start bind service in read-only rootfs"
+ [ `is_on_read_only_partition /etc/bind` = "yes" ] && bind_mount /var/volatile/bind/etc /etc/bind
+ [ `is_on_read_only_partition /var/named` = "yes" ] && bind_mount /var/volatile/bind/named /var/named
+fi
+
test -x /usr/sbin/rndc || exit 0
case "$1" in
--
1.7.9.5

42
sources/poky/meta/recipes-connectivity/bind/bind/make-etc-initd-bind-stop-work.patch Normal file
View File

@@ -0,0 +1,42 @@
bind: make "/etc/init.d/bind stop" work
Upstream-Status: Inappropriate [configuration]
Add some configurations, make rndc command be able to controls
the named daemon.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
---
conf/named.conf | 5 +++++
conf/rndc.conf | 5 +++++
2 files changed, 10 insertions(+), 0 deletions(-)
create mode 100644 conf/rndc.conf
diff --git a/conf/named.conf b/conf/named.conf
index 95829cf..c8899e7 100644
--- a/conf/named.conf
+++ b/conf/named.conf
@@ -47,3 +47,8 @@ zone "255.in-addr.arpa" {
// root-delegation-only exclude { "DE"; "MUSEUM"; };
include "/etc/bind/named.conf.local";
+include "/etc/bind/rndc.key" ;
+controls {
+ inet 127.0.0.1 allow { localhost; }
+ keys { rndc-key; };
+};
diff --git a/conf/rndc.conf b/conf/rndc.conf
new file mode 100644
index 0000000..a0b481d
--- /dev/null
+++ b/conf/rndc.conf
@@ -0,0 +1,5 @@
+include "/etc/bind/rndc.key";
+options {
+ default-server localhost;
+ default-key rndc-key;
+};
--
1.7.5.4

22
sources/poky/meta/recipes-connectivity/bind/bind/named.service Normal file
View File

@@ -0,0 +1,22 @@
[Unit]
Description=Berkeley Internet Name Domain (DNS)
Wants=nss-lookup.target
Before=nss-lookup.target
After=network.target
[Service]
Type=forking
EnvironmentFile=-/etc/default/bind9
PIDFile=/run/named/named.pid
ExecStartPre=@SBINDIR@/generate-rndc-key.sh
ExecStart=@SBINDIR@/named $OPTIONS
ExecReload=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc reload > /dev/null 2>&1 || @BASE_BINDIR@/kill -HUP $MAINPID'
ExecStop=@BASE_BINDIR@/sh -c '@SBINDIR@/rndc stop > /dev/null 2>&1 || @BASE_BINDIR@/kill -TERM $MAINPID'
PrivateTmp=true
[Install]
WantedBy=multi-user.target

113
sources/poky/meta/recipes-connectivity/bind/bind_9.18.33.bb Normal file
View File

@@ -0,0 +1,113 @@
SUMMARY = "ISC Internet Domain Name Server"
HOMEPAGE = "https://www.isc.org/bind/"
DESCRIPTION = "BIND 9 provides a full-featured Domain Name Server system"
SECTION = "console/network"
LICENSE = "MPL-2.0"
LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=c7a0b6d9a1b692a5da9af9d503671f43"
DEPENDS = "openssl libcap zlib libuv"
SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \
file://conf.patch \
file://named.service \
file://bind9 \
file://generate-rndc-key.sh \
file://make-etc-initd-bind-stop-work.patch \
file://init.d-add-support-for-read-only-rootfs.patch \
file://bind-ensure-searching-for-json-headers-searches-sysr.patch \
file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \
file://0001-avoid-start-failure-with-bind-user.patch \
"
SRC_URI[sha256sum] = "fb373fac5ebbc41c645160afd5a9fb451918f6c0e69ab1d9474154e2b515de40"
UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/"
# follow the ESV versions divisible by 2
UPSTREAM_CHECK_REGEX = "(?P<pver>9.(\d*[02468])+(\.\d+)+(-P\d+)*)/"
# Issue only affects dhcpd with recent bind versions. We don't ship dhcpd anymore
# so the issue doesn't affect us.
CVE_STATUS[CVE-2019-6470] = "not-applicable-config: Issue only affects dhcpd with recent bind versions and we don't ship dhcpd anymore."
inherit autotools update-rc.d systemd useradd pkgconfig multilib_header update-alternatives
# PACKAGECONFIGs readline and libedit should NOT be set at same time
PACKAGECONFIG ?= "readline"
PACKAGECONFIG[httpstats] = "--with-libxml2,--without-libxml2,libxml2"
PACKAGECONFIG[readline] = "--with-readline=readline,,readline"
PACKAGECONFIG[libedit] = "--with-readline=libedit,,libedit"
PACKAGECONFIG[dns-over-http] = "--enable-doh,--disable-doh,nghttp2"
EXTRA_OECONF = " --disable-auto-validation \
--with-gssapi=no --with-lmdb=no --with-zlib \
--sysconfdir=${sysconfdir}/bind \
--with-openssl=${STAGING_DIR_HOST}${prefix} \
"
LDFLAGS:append = " -lz"
# dhcp needs .la so keep them
REMOVE_LIBTOOL_LA = "0"
USERADD_PACKAGES = "${PN}"
USERADD_PARAM:${PN} = "--system --home ${localstatedir}/cache/bind --no-create-home \
--user-group bind"
INITSCRIPT_NAME = "bind"
INITSCRIPT_PARAMS = "defaults"
SYSTEMD_SERVICE:${PN} = "named.service"
do_install:append() {
install -d -o bind "${D}${localstatedir}/cache/bind"
install -d "${D}${sysconfdir}/bind"
install -d "${D}${sysconfdir}/init.d"
install -m 644 ${S}/conf/* "${D}${sysconfdir}/bind/"
install -m 755 "${S}/init.d" "${D}${sysconfdir}/init.d/bind"
# Install systemd related files
install -d ${D}${sbindir}
install -m 755 ${WORKDIR}/generate-rndc-key.sh ${D}${sbindir}
install -d ${D}${systemd_system_unitdir}
install -m 0644 ${WORKDIR}/named.service ${D}${systemd_system_unitdir}
sed -i -e 's,@BASE_BINDIR@,${base_bindir},g' \
-e 's,@SBINDIR@,${sbindir},g' \
${D}${systemd_system_unitdir}/named.service
install -d ${D}${sysconfdir}/default
install -m 0644 ${WORKDIR}/bind9 ${D}${sysconfdir}/default
if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
install -d ${D}${sysconfdir}/tmpfiles.d
echo "d /run/named 0755 bind bind - -" > ${D}${sysconfdir}/tmpfiles.d/bind.conf
fi
}
CONFFILES:${PN} = " \
${sysconfdir}/bind/named.conf \
${sysconfdir}/bind/named.conf.local \
${sysconfdir}/bind/named.conf.options \
${sysconfdir}/bind/db.0 \
${sysconfdir}/bind/db.127 \
${sysconfdir}/bind/db.empty \
${sysconfdir}/bind/db.local \
${sysconfdir}/bind/db.root \
"
ALTERNATIVE:${PN}-utils = "nslookup"
ALTERNATIVE_LINK_NAME[nslookup] = "${bindir}/nslookup"
ALTERNATIVE_PRIORITY = "100"
PACKAGE_BEFORE_PN += "${PN}-utils"
FILES:${PN}-utils = "${bindir}/host ${bindir}/dig ${bindir}/mdig ${bindir}/nslookup ${bindir}/nsupdate"
FILES:${PN}-dev += "${bindir}/isc-config.h"
FILES:${PN} += "${sbindir}/generate-rndc-key.sh"
PACKAGE_BEFORE_PN += "${PN}-libs"
# special arrangement below due to
# https://github.com/isc-projects/bind9/commit/0e25af628cd776f98c04fc4cc59048f5448f6c88
FILES_SOLIBSDEV = "${libdir}/*[!0-9].so ${libdir}/libbind9.so"
FILES:${PN}-libs = "${libdir}/named/*.so* ${libdir}/*-${PV}.so"
DEV_PKG_DEPENDENCY = ""

163
sources/poky/meta/recipes-connectivity/bluez5/bluez5.inc Normal file
View File

@@ -0,0 +1,163 @@
SUMMARY = "Linux Bluetooth Stack Userland V5"
DESCRIPTION = "Linux Bluetooth stack V5 userland components. These include a system configurations, daemons, tools and system libraries."
HOMEPAGE = "http://www.bluez.org"
SECTION = "libs"
LICENSE = "GPL-2.0-or-later & LGPL-2.1-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \
file://COPYING.LIB;md5=fb504b67c50331fc78734fed90fb0e09 \
file://src/main.c;beginline=1;endline=24;md5=0ad83ca0dc37ab08af448777c581e7ac"
DEPENDS = "dbus glib-2.0"
RDEPENDS:${PN} += "dbus"
PROVIDES += "bluez-hcidump"
RPROVIDES:${PN} += "bluez-hcidump"
RCONFLICTS:${PN} = "bluez4"
PACKAGECONFIG ??= "obex-profiles \
readline \
${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \
a2dp-profiles \
avrcp-profiles \
mcp-profiles \
network-profiles \
hid-profiles \
hog-profiles \
tools \
deprecated \
udev \
"
PACKAGECONFIG[obex-profiles] = "--enable-obex,--disable-obex,libical"
PACKAGECONFIG[readline] = "--enable-client,--disable-client,readline,"
PACKAGECONFIG[testing] = "--enable-testing,--disable-testing"
PACKAGECONFIG[midi] = "--enable-midi,--disable-midi,alsa-lib"
PACKAGECONFIG[systemd] = "--enable-systemd,--disable-systemd"
PACKAGECONFIG[cups] = "--enable-cups,--disable-cups,,cups"
PACKAGECONFIG[nfc] = "--enable-nfc,--disable-nfc"
PACKAGECONFIG[sap-profiles] = "--enable-sap,--disable-sap"
PACKAGECONFIG[a2dp-profiles] = "--enable-a2dp,--disable-a2dp"
PACKAGECONFIG[avrcp-profiles] = "--enable-avrcp,--disable-avrcp"
PACKAGECONFIG[mcp-profiles] = "--enable-mcp,--disable-mcp"
PACKAGECONFIG[network-profiles] = "--enable-network,--disable-network"
PACKAGECONFIG[hid-profiles] = "--enable-hid,--disable-hid"
PACKAGECONFIG[hog-profiles] = "--enable-hog,--disable-hog"
PACKAGECONFIG[health-profiles] = "--enable-health,--disable-health"
PACKAGECONFIG[sixaxis] = "--enable-sixaxis,--disable-sixaxis"
PACKAGECONFIG[tools] = "--enable-tools,--disable-tools"
PACKAGECONFIG[threads] = "--enable-threads,--disable-threads"
PACKAGECONFIG[deprecated] = "--enable-deprecated,--disable-deprecated"
PACKAGECONFIG[mesh] = "--enable-mesh --enable-external-ell,--disable-mesh, json-c ell"
PACKAGECONFIG[btpclient] = "--enable-btpclient --enable-external-ell,--disable-btpclient, ell"
PACKAGECONFIG[udev] = "--enable-udev,--disable-udev,udev"
PACKAGECONFIG[manpages] = "--enable-manpages,--disable-manpages,python3-docutils-native"
SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \
file://init \
file://run-ptest \
${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '', 'file://0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch', d)} \
file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \
file://0001-test-gatt-Fix-hung-issue.patch \
file://0001-adapter-Fix-up-address-type-when-loading-keys.patch \
file://toolsbtmgmt-fix-index-option-for-non-interactive-mode.patch \
"
S = "${WORKDIR}/bluez-${PV}"
CVE_PRODUCT = "bluez"
inherit autotools pkgconfig systemd update-rc.d ptest gobject-introspection-data
EXTRA_OECONF = "\
--enable-test \
--enable-datafiles \
--enable-library \
--enable-pie \
--without-zsh-completion-dir \
"
CFLAGS += "-DFIRMWARE_DIR=\\"${nonarch_base_libdir}/firmware\\""
# bluez5 builds a large number of useful utilities but does not
# install them. Specify which ones we want put into ${PN}-noinst-tools.
NOINST_TOOLS_READLINE ??= ""
NOINST_TOOLS_TESTING ??= ""
NOINST_TOOLS_BT ??= ""
NOINST_TOOLS = " \
${@bb.utils.contains('PACKAGECONFIG', 'readline', '${NOINST_TOOLS_READLINE}', '', d)} \
${@bb.utils.contains('PACKAGECONFIG', 'testing', '${NOINST_TOOLS_TESTING}', '', d)} \
${@bb.utils.contains('PACKAGECONFIG', 'tools', '${NOINST_TOOLS_BT}', '', d)} \
"
do_install:append() {
install -d ${D}${INIT_D_DIR}
install -m 0755 ${WORKDIR}/init ${D}${INIT_D_DIR}/bluetooth
install -d ${D}${sysconfdir}/bluetooth/
if [ -f ${S}/profiles/network/network.conf ]; then
install -m 0644 ${S}/profiles/network/network.conf ${D}/${sysconfdir}/bluetooth/
fi
if [ -f ${S}/profiles/input/input.conf ]; then
install -m 0644 ${S}/profiles/input/input.conf ${D}/${sysconfdir}/bluetooth/
fi
if [ -f ${D}/${sysconfdir}/init.d/bluetooth ]; then
sed -i -e 's#@LIBEXECDIR@#${libexecdir}#g' ${D}/${sysconfdir}/init.d/bluetooth
fi
# Install desired tools that upstream leaves in build area
for f in ${NOINST_TOOLS} ; do
install -m 755 ${B}/$f ${D}/${bindir}
done
# Patch python tools to use Python 3; they should be source compatible, but
# still refer to Python 2 in the shebang
sed -i -e '1s,#!.*python.*,#!${bindir}/python3,' ${D}${libdir}/bluez/test/*
}
PACKAGES =+ "${PN}-testtools ${PN}-obex ${PN}-noinst-tools"
FILES:${PN} += " \
${libdir}/bluetooth/plugins/*.so \
${systemd_unitdir}/ ${datadir}/dbus-1 \
${libdir}/cups \
"
FILES:${PN}-dev += " \
${libdir}/bluetooth/plugins/*.la \
"
FILES:${PN}-obex = "${libexecdir}/bluetooth/obexd \
${exec_prefix}/lib/systemd/user/obex.service \
${systemd_system_unitdir}/obex.service \
${sysconfdir}/systemd/system/multi-user.target.wants/obex.service \
${datadir}/dbus-1/services/org.bluez.obex.service \
${sysconfdir}/dbus-1/system.d/obexd.conf \
"
SYSTEMD_SERVICE:${PN}-obex = "obex.service"
FILES:${PN}-testtools = "${libdir}/bluez/test/*"
def get_noinst_tools_paths (d, bb, tools):
s = list()
bindir = d.getVar("bindir")
for bdp in tools.split():
f = os.path.basename(bdp)
s.append("%s/%s" % (bindir, f))
return "\n".join(s)
FILES:${PN}-noinst-tools = "${@get_noinst_tools_paths(d, bb, d.getVar('NOINST_TOOLS'))}"
RDEPENDS:${PN}-testtools += "python3-core python3-dbus"
RDEPENDS:${PN}-testtools += "${@bb.utils.contains('GI_DATA_ENABLED', 'True', 'python3-pygobject', '', d)}"
SYSTEMD_SERVICE:${PN} = "${@bb.utils.contains('PACKAGECONFIG', 'systemd', 'bluetooth.service', '', d)}"
INITSCRIPT_PACKAGES = "${PN}"
INITSCRIPT_NAME:${PN} = "bluetooth"
do_compile_ptest() {
oe_runmake buildtests
}
do_install_ptest() {
cp -r ${B}/unit/ ${D}${PTEST_PATH}
rm -f ${D}${PTEST_PATH}/unit/*.o
}
RDEPENDS:${PN}-ptest:append:libc-glibc = " glibc-gconv-utf-16"

56
sources/poky/meta/recipes-connectivity/bluez5/bluez5/0001-Allow-using-obexd-without-systemd-in-the-user-sessio.patch Normal file
View File

@@ -0,0 +1,56 @@
From f74eb97c9fb3c0ee2895742e773ac6a3c41c999c Mon Sep 17 00:00:00 2001
From: Giovanni Campagna <gcampagna-cNUdlRotFMnNLxjTenLetw@public.gmane.org>
Date: Sat, 12 Oct 2013 17:45:25 +0200
Subject: [PATCH] Allow using obexd without systemd in the user session
Not all sessions run systemd --user (actually, the majority
doesn't), so the dbus daemon must be able to spawn obexd
directly, and to do so it needs the full path of the daemon.
Upstream-Status: Denied
Not accepted by upstream maintainer for being a distro specific
configuration. See thread:
http://thread.gmane.org/gmane.linux.bluez.kernel/38725/focus=38843
Signed-off-by: Javier Viguera <javier.viguera@digi.com>
---
Makefile.obexd | 4 ++--
.../src/{org.bluez.obex.service => org.bluez.obex.service.in} | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
rename obexd/src/{org.bluez.obex.service => org.bluez.obex.service.in} (76%)
diff --git a/Makefile.obexd b/Makefile.obexd
index de59d29..73004a3 100644
--- a/Makefile.obexd
+++ b/Makefile.obexd
@@ -1,12 +1,12 @@
if SYSTEMD
systemduserunitdir = $(SYSTEMD_USERUNITDIR)
systemduserunit_DATA = obexd/src/obex.service
+endif
dbussessionbusdir = $(DBUS_SESSIONBUSDIR)
dbussessionbus_DATA = obexd/src/org.bluez.obex.service
-endif
-EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service
+EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service.in
if OBEX
diff --git a/obexd/src/org.bluez.obex.service b/obexd/src/org.bluez.obex.service.in
similarity index 76%
rename from obexd/src/org.bluez.obex.service
rename to obexd/src/org.bluez.obex.service.in
index a538088..9c815f2 100644
--- a/obexd/src/org.bluez.obex.service
+++ b/obexd/src/org.bluez.obex.service.in
@@ -1,4 +1,4 @@
[D-BUS Service]
Name=org.bluez.obex
-Exec=/bin/false
+Exec=@libexecdir@/obexd
SystemdService=dbus-org.bluez.obex.service

52
sources/poky/meta/recipes-connectivity/bluez5/bluez5/0001-adapter-Fix-up-address-type-when-loading-keys.patch Normal file
View File

@@ -0,0 +1,52 @@
From 366a8c522b648f47147de4852c5c030d69b916b3 Mon Sep 17 00:00:00 2001
From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Date: Wed, 28 Aug 2024 11:30:16 -0400
Subject: [PATCH] adapter: Fix up address type when loading keys
Due to kernel change 59b047bc9808
("Bluetooth: MGMT/SMP: Fix address type when using SMP over BREDR/LE")
some keys maybe store using the wrong/invalid address type as per MGMT
API, so this attempts to fix them up.
Fixes: https://github.com/bluez/bluez/issues/875
Upstream-Status: Backport [366a8c522b648f47147de4852c5c030d69b916b3]
Signed-off-by: Hiago De Franco <hiago.franco@toradex.com>
---
src/adapter.c | 20 ++++++++++++++++++--
1 file changed, 18 insertions(+), 2 deletions(-)
diff --git a/src/adapter.c b/src/adapter.c
index 245de4456868..9f44bdefa5f4 100644
--- a/src/adapter.c
+++ b/src/adapter.c
@@ -5017,12 +5017,28 @@ static void load_devices(struct btd_adapter *adapter)
goto free;
}
- if (key_info)
+ if (key_info) {
+ /* Fix up address type if it was stored with the wrong
+ * address type since Load Link Keys are only meant to
+ * work with BR/EDR addresses as per MGMT documentation.
+ */
+ if (key_info->bdaddr_type != BDADDR_BREDR)
+ key_info->bdaddr_type = BDADDR_BREDR;
+
adapter->load_keys = g_slist_append(adapter->load_keys,
key_info);
+ }
+
+ if (ltk_info) {
+ /* Fix up address type if it was stored with the wrong
+ * address type since Load Long Term Keys are only meant
+ * to work with LE addresses as per MGMT documentation.
+ */
+ if (ltk_info->bdaddr_type == BDADDR_BREDR)
+ ltk_info->bdaddr_type = BDADDR_LE_PUBLIC;
- if (ltk_info)
ltks = g_slist_append(ltks, ltk_info);
+ }
if (peripheral_ltk_info)
ltks = g_slist_append(ltks, peripheral_ltk_info);

41
sources/poky/meta/recipes-connectivity/bluez5/bluez5/0001-test-gatt-Fix-hung-issue.patch Normal file
View File

@@ -0,0 +1,41 @@
From fb583a57f9f4ab956a09e9bb96d89aa13553bf21 Mon Sep 17 00:00:00 2001
From: Mingli Yu <Mingli.Yu@windriver.com>
Date: Fri, 24 Aug 2018 12:04:03 +0800
Subject: [PATCH] test-gatt: Fix hung issue
The below test hangs infinitely
$ unit/test-gatt -p /robustness/unkown-request -d
/robustness/unkown-request - init
/robustness/unkown-request - setup
/robustness/unkown-request - setup complete
/robustness/unkown-request - run
GATT: < 02 17 00 ...
bt_gatt_server:MTU exchange complete, with MTU: 23
GATT: > 03 00 02 ...
PDU: = 03 00 02 ...
GATT: < bf 00
Actually, the /robustness/unkown-request test does
no action.
Upstream-Status: Submitted [https://marc.info/?l=linux-bluetooth&m=153508881804635&w=2]
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
---
unit/test-gatt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/unit/test-gatt.c b/unit/test-gatt.c
index 5e06d4e..4864d36 100644
--- a/unit/test-gatt.c
+++ b/unit/test-gatt.c
@@ -4546,7 +4546,7 @@ int main(int argc, char *argv[])
test_server, service_db_1, NULL,
raw_pdu(0x03, 0x00, 0x02),
raw_pdu(0xbf, 0x00),
- raw_pdu(0x01, 0xbf, 0x00, 0x00, 0x06));
+ raw_pdu());
define_test_server("/robustness/unkown-command",
test_server, service_db_1, NULL,

26
sources/poky/meta/recipes-connectivity/bluez5/bluez5/0001-tests-add-a-target-for-building-tests-without-runnin.patch Normal file
View File

@@ -0,0 +1,26 @@
From 738e73b386352fd90f1f26cc1ee75427cf4dc23b Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Fri, 1 Apr 2016 17:07:34 +0300
Subject: [PATCH] tests: add a target for building tests without running them
Upstream-Status: Inappropriate [oe specific]
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
Makefile.am | 3 +++
1 file changed, 3 insertions(+)
diff --git a/Makefile.am b/Makefile.am
index e738eb3..dab17dd 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -710,6 +710,9 @@ endif
TESTS = $(unit_tests)
AM_TESTS_ENVIRONMENT = MALLOC_CHECK_=3 MALLOC_PERTURB_=69
+# This allows building tests without running them
+buildtests: $(TESTS)
+
if DBUS_RUN_SESSION
AM_TESTS_ENVIRONMENT += dbus-run-session --
endif

61
sources/poky/meta/recipes-connectivity/bluez5/bluez5/init Normal file
View File

@@ -0,0 +1,61 @@
#!/bin/sh
# Source function library
. /etc/init.d/functions
PATH=/sbin:/bin:/usr/sbin:/usr/bin
DESC=bluetooth
DAEMON=@LIBEXECDIR@/bluetooth/bluetoothd
# If you want to be ignore error of "org.freedesktop.hostname1",
# please enable NOPLUGIN_OPTION.
# NOPLUGIN_OPTION="--noplugin=hostname"
NOPLUGIN_OPTION=""
SSD_OPTIONS="--oknodo --quiet --exec $DAEMON -- $NOPLUGIN_OPTION"
test -f $DAEMON || exit 0
# FIXME: any of the sourced files may fail if/with syntax errors
test -f /etc/default/bluetooth && . /etc/default/bluetooth
test -f /etc/default/rcS && . /etc/default/rcS
set -e
case $1 in
start)
echo -n "Starting $DESC: "
if test "$BLUETOOTH_ENABLED" = 0; then
echo "disabled (see /etc/default/bluetooth)."
exit 0
fi
start-stop-daemon --start --background $SSD_OPTIONS
echo "${DAEMON##*/}."
;;
stop)
echo -n "Stopping $DESC: "
if test "$BLUETOOTH_ENABLED" = 0; then
echo "disabled (see /etc/default/bluetooth)."
exit 0
fi
start-stop-daemon --stop $SSD_OPTIONS
echo "${DAEMON##*/}."
;;
restart|force-reload)
$0 stop
sleep 1
$0 start
;;
status)
status ${DAEMON} || exit $?
;;
*)
N=/etc/init.d/bluetooth
echo "Usage: $N {start|stop|restart|force-reload|status}" >&2
exit 1
;;
esac
exit 0
# vim:noet

31
sources/poky/meta/recipes-connectivity/bluez5/bluez5/run-ptest Normal file
View File

@@ -0,0 +1,31 @@
#! /bin/sh
cd unit
failed=0
all=0
for f in test-*; do
"./$f" -q
case "$?" in
0)
echo "PASS: $f"
all=$((all + 1))
;;
77)
echo "SKIP: $f"
;;
*)
echo "FAIL: $f"
failed=$((failed + 1))
all=$((all + 1))
;;
esac
done
if [ "$failed" -eq 0 ] ; then
echo "All $all tests passed"
else
echo "$failed of $all tests failed"
fi

29
sources/poky/meta/recipes-connectivity/bluez5/bluez5/toolsbtmgmt-fix-index-option-for-non-interactive-mode.patch Normal file
View File

@@ -0,0 +1,29 @@
From f00d5546c9e989dd68ce0de0190cd0e043b0f1f5 Mon Sep 17 00:00:00 2001
From: Arjan Opmeer <arjan.opmeer@gmail.com>
Date: Tue, 9 Jul 2024 13:55:41 +0200
Subject: [PATCH] tools/btmgmt: Fix --index option for non-interactive mode
In non-interactive mode the --index option does not work because the
call to mgmt_set_index() is made after bt_shell_attach().
Fixes: https://github.com/bluez/bluez/issues/893
Upstream-Status: Backport [https://github.com/bluez/bluez/commit/f00d5546c9e989dd68ce0de0190cd0e043b0f1f5]
---
tools/btmgmt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/btmgmt.c b/tools/btmgmt.c
index 9b7f851bd8..436c2bb21f 100644
--- a/tools/btmgmt.c
+++ b/tools/btmgmt.c
@@ -51,8 +51,8 @@ int main(int argc, char *argv[])
return EXIT_FAILURE;
}
- bt_shell_attach(fileno(stdin));
mgmt_set_index(index_option);
+ bt_shell_attach(fileno(stdin));
status = bt_shell_run();
mgmt_remove_submenu();

75
sources/poky/meta/recipes-connectivity/bluez5/bluez5_5.72.bb Normal file
View File

@@ -0,0 +1,75 @@
require bluez5.inc
SRC_URI[sha256sum] = "499d7fa345a996c1bb650f5c6749e1d929111fa6ece0be0e98687fee6124536e"
CVE_STATUS[CVE-2020-24490] = "cpe-incorrect: This issue has kernel fixes rather than bluez fixes"
# noinst programs in Makefile.tools that are conditional on READLINE
# support
NOINST_TOOLS_READLINE ?= " \
${@bb.utils.contains('PACKAGECONFIG', 'deprecated', 'attrib/gatttool', '', d)} \
tools/obex-client-tool \
tools/obex-server-tool \
tools/bluetooth-player \
tools/obexctl \
tools/btmgmt \
"
# noinst programs in Makefile.tools that are conditional on TESTING
# support
NOINST_TOOLS_TESTING ?= " \
emulator/btvirt \
emulator/b1ee \
emulator/hfp \
peripheral/btsensor \
tools/3dsp \
tools/mgmt-tester \
tools/gap-tester \
tools/l2cap-tester \
tools/sco-tester \
tools/smp-tester \
tools/hci-tester \
tools/rfcomm-tester \
tools/bnep-tester \
tools/userchan-tester \
tools/iso-tester \
tools/mesh-tester \
tools/ioctl-tester \
"
# noinst programs in Makefile.tools that are conditional on TOOLS
# support
NOINST_TOOLS_BT ?= " \
tools/bdaddr \
tools/avinfo \
tools/avtest \
tools/scotest \
tools/amptest \
tools/hwdb \
tools/hcieventmask \
tools/hcisecfilter \
tools/btinfo \
tools/btconfig \
tools/btsnoop \
tools/btproxy \
tools/btiotest \
tools/bneptest \
tools/mcaptest \
tools/cltest \
tools/oobtest \
tools/advtest \
tools/seq2bseq \
tools/nokfw \
tools/rtlfw \
tools/bcmfw \
tools/create-image \
tools/eddystone \
tools/ibeacon \
tools/btgatt-client \
tools/btgatt-server \
tools/test-runner \
tools/check-selftest \
tools/gatt-service \
profiles/iap/iapd \
${@bb.utils.contains('PACKAGECONFIG', 'btpclient', 'tools/btpclient tools/btpclientctl', '', d)} \
"

21
sources/poky/meta/recipes-connectivity/connman/connman-conf.bb Normal file
View File

@@ -0,0 +1,21 @@
SUMMARY = "Connman config to ignore wired interface on qemu machines"
DESCRIPTION = "This is the ConnMan configuration to avoid touching wired \
network interface inside qemu machines."
LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://${COREBASE}/meta/files/common-licenses/GPL-2.0-only;md5=801f80980d171dd6425610833a22dbe6"
SRC_URI = "file://main.conf \
"
S = "${WORKDIR}"
PACKAGE_ARCH = "${MACHINE_ARCH}"
FILES:${PN} = "${sysconfdir}/*"
# Kernel IP-Config is perfectly capable of setting up networking passed in via ip=
do_install:append:qemuall() {
mkdir -p ${D}${sysconfdir}/connman
cp ${S}/main.conf ${D}${sysconfdir}/connman/main.conf
}

2
sources/poky/meta/recipes-connectivity/connman/connman-conf/main.conf Normal file
View File

@@ -0,0 +1,2 @@
[General]
NetworkInterfaceBlacklist = eth,en

277
sources/poky/meta/recipes-connectivity/connman/connman-gnome/0001-Port-to-Gtk3.patch Normal file
View File

@@ -0,0 +1,277 @@
From a59b0fac02e74a971ac3f08bf28c17ce361a9526 Mon Sep 17 00:00:00 2001
From: Jussi Kukkonen <jussi.kukkonen@intel.com>
Date: Wed, 2 Mar 2016 15:47:49 +0200
Subject: [PATCH] Port to Gtk3
Some unused (or not useful) code was removed, functionality should stay
the same.
Code still contains quite a few uses of deprecated API.
Upstream-Status: Submitted
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
---
applet/agent.c | 3 +--
applet/main.c | 43 -------------------------------------------
applet/status.c | 8 --------
configure.ac | 3 +--
properties/ethernet.c | 14 +++++++-------
properties/main.c | 2 +-
properties/wifi.c | 12 ++++++------
7 files changed, 16 insertions(+), 69 deletions(-)
diff --git a/applet/agent.c b/applet/agent.c
index 65bed08..04fe86a 100644
--- a/applet/agent.c
+++ b/applet/agent.c
@@ -126,7 +126,6 @@ static void request_input_dialog(GHashTable *request,
gtk_window_set_position(GTK_WINDOW(dialog), GTK_WIN_POS_CENTER);
gtk_window_set_keep_above(GTK_WINDOW(dialog), TRUE);
gtk_window_set_urgency_hint(GTK_WINDOW(dialog), TRUE);
- gtk_dialog_set_has_separator(GTK_DIALOG(dialog), FALSE);
input->dialog = dialog;
gtk_dialog_add_button(GTK_DIALOG(dialog),
@@ -139,7 +138,7 @@ static void request_input_dialog(GHashTable *request,
gtk_table_set_row_spacings(GTK_TABLE(table), 4);
gtk_table_set_col_spacings(GTK_TABLE(table), 20);
gtk_container_set_border_width(GTK_CONTAINER(table), 12);
- gtk_container_add(GTK_CONTAINER(GTK_DIALOG(dialog)->vbox), table);
+ gtk_container_add(GTK_CONTAINER(gtk_dialog_get_content_area (GTK_DIALOG(dialog))), table);
label = gtk_label_new(_("Please provide some network information:"));
gtk_misc_set_alignment(GTK_MISC(label), 0.0, 0.0);
diff --git a/applet/main.c b/applet/main.c
index f12d371..cd16285 100644
--- a/applet/main.c
+++ b/applet/main.c
@@ -157,46 +157,6 @@ static void name_owner_changed(DBusGProxy *proxy, const char *name,
}
}
-static void open_uri(GtkWindow *parent, const char *uri)
-{
- GtkWidget *dialog;
- GdkScreen *screen;
- GError *error = NULL;
- gchar *cmdline;
-
- screen = gtk_window_get_screen(parent);
-
- cmdline = g_strconcat("xdg-open ", uri, NULL);
-
- if (gdk_spawn_command_line_on_screen(screen,
- cmdline, &error) == FALSE) {
- dialog = gtk_message_dialog_new(parent,
- GTK_DIALOG_DESTROY_WITH_PARENT, GTK_MESSAGE_ERROR,
- GTK_BUTTONS_CLOSE, "%s", error->message);
- gtk_dialog_run(GTK_DIALOG(dialog));
- gtk_widget_destroy(dialog);
- g_error_free(error);
- }
-
- g_free(cmdline);
-}
-
-static void about_url_hook(GtkAboutDialog *dialog,
- const gchar *url, gpointer data)
-{
- open_uri(GTK_WINDOW(dialog), url);
-}
-
-static void about_email_hook(GtkAboutDialog *dialog,
- const gchar *email, gpointer data)
-{
- gchar *uri;
-
- uri = g_strconcat("mailto:", email, NULL);
- open_uri(GTK_WINDOW(dialog), uri);
- g_free(uri);
-}
-
static void about_callback(GtkWidget *item, gpointer user_data)
{
const gchar *authors[] = {
@@ -204,9 +164,6 @@ static void about_callback(GtkWidget *item, gpointer user_data)
NULL
};
- gtk_about_dialog_set_url_hook(about_url_hook, NULL, NULL);
- gtk_about_dialog_set_email_hook(about_email_hook, NULL, NULL);
-
gtk_show_about_dialog(NULL, "version", VERSION,
"copyright", "Copyright \xc2\xa9 2008 Intel Corporation",
"comments", _("A connection manager for the GNOME desktop"),
diff --git a/applet/status.c b/applet/status.c
index aed6f1e..015ff29 100644
--- a/applet/status.c
+++ b/applet/status.c
@@ -102,8 +102,6 @@ static void icon_animation_start(IconAnimation *animation,
{
available = TRUE;
- gtk_status_icon_set_tooltip(statusicon, NULL);
-
animation->start = start;
animation->end = (end == 0) ? animation->count - 1 : end;
@@ -120,8 +118,6 @@ static void icon_animation_stop(IconAnimation *animation)
{
available = TRUE;
- gtk_status_icon_set_tooltip(statusicon, NULL);
-
if (animation->id > 0)
g_source_remove(animation->id);
@@ -251,8 +247,6 @@ void status_unavailable(void)
available = FALSE;
gtk_status_icon_set_from_pixbuf(statusicon, pixbuf_notifier);
- gtk_status_icon_set_tooltip(statusicon,
- "Connection Manager daemon is not running");
gtk_status_icon_set_visible(statusicon, TRUE);
}
@@ -299,7 +293,6 @@ static void set_ready(gint signal)
if (signal < 0) {
gtk_status_icon_set_from_pixbuf(statusicon, pixbuf_wired);
- gtk_status_icon_set_tooltip(statusicon, NULL);
return;
}
@@ -311,7 +304,6 @@ static void set_ready(gint signal)
index = 4;
gtk_status_icon_set_from_pixbuf(statusicon, pixbuf_signal[index]);
- gtk_status_icon_set_tooltip(statusicon, NULL);
}
struct timeout_data {
diff --git a/configure.ac b/configure.ac
index b972e07..a4dad5d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -55,8 +55,7 @@ AC_SUBST(DBUS_LIBS)
DBUS_BINDING_TOOL="dbus-binding-tool"
AC_SUBST(DBUS_BINDING_TOOL)
-PKG_CHECK_MODULES(GTK, gtk+-2.0 >= 2.8, dummy=yes,
- AC_MSG_ERROR(gtk+ >= 2.8 is required))
+PKG_CHECK_MODULES(GTK, gtk+-3.0)
AC_SUBST(GTK_CFLAGS)
AC_SUBST(GTK_LIBS)
diff --git a/properties/ethernet.c b/properties/ethernet.c
index 31db7a0..0b6b423 100644
--- a/properties/ethernet.c
+++ b/properties/ethernet.c
@@ -82,7 +82,7 @@ void add_ethernet_switch_button(GtkWidget *mainbox, GtkTreeIter *iter,
gtk_container_set_border_width(GTK_CONTAINER(vbox), 24);
gtk_box_pack_start(GTK_BOX(mainbox), vbox, FALSE, FALSE, 0);
- table = gtk_table_new(1, 1, TRUE);
+ table = gtk_table_new(1, 1, FALSE);
gtk_table_set_row_spacings(GTK_TABLE(table), 10);
gtk_table_set_col_spacings(GTK_TABLE(table), 10);
gtk_box_pack_start(GTK_BOX(vbox), table, FALSE, FALSE, 0);
@@ -136,7 +136,7 @@ void add_ethernet_service(GtkWidget *mainbox, GtkTreeIter *iter, struct config_d
gtk_container_set_border_width(GTK_CONTAINER(vbox), 24);
gtk_box_pack_start(GTK_BOX(mainbox), vbox, FALSE, FALSE, 0);
- table = gtk_table_new(5, 5, TRUE);
+ table = gtk_table_new(5, 5, FALSE);
gtk_table_set_row_spacings(GTK_TABLE(table), 10);
gtk_table_set_col_spacings(GTK_TABLE(table), 10);
gtk_box_pack_start(GTK_BOX(vbox), table, FALSE, FALSE, 0);
@@ -144,9 +144,9 @@ void add_ethernet_service(GtkWidget *mainbox, GtkTreeIter *iter, struct config_d
label = gtk_label_new(_("Configuration:"));
gtk_table_attach_defaults(GTK_TABLE(table), label, 1, 2, 0, 1);
- combo = gtk_combo_box_new_text();
- gtk_combo_box_append_text(GTK_COMBO_BOX(combo), "DHCP");
- gtk_combo_box_append_text(GTK_COMBO_BOX(combo), "MANUAL");
+ combo = gtk_combo_box_text_new();
+ gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(combo), "DHCP");
+ gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(combo), "MANUAL");
gtk_combo_box_set_row_separator_func(GTK_COMBO_BOX(combo),
separator_function, NULL, NULL);
gtk_table_attach_defaults(GTK_TABLE(table), combo, 2, 4, 0, 1);
@@ -219,7 +219,7 @@ void update_ethernet_ipv4(struct config_data *data, guint policy)
case CONNMAN_POLICY_DHCP:
gtk_combo_box_set_active(GTK_COMBO_BOX(combo), 0);
for (i = 0; i < 3; i++) {
- gtk_entry_set_editable(GTK_ENTRY(entry[i]), 0);
+ gtk_editable_set_editable(GTK_EDITABLE(entry[i]), 0);
gtk_widget_set_sensitive(entry[i], 0);
gtk_entry_set_text(GTK_ENTRY(entry[i]), _(""));
}
@@ -227,7 +227,7 @@ void update_ethernet_ipv4(struct config_data *data, guint policy)
case CONNMAN_POLICY_MANUAL:
gtk_combo_box_set_active(GTK_COMBO_BOX(combo), 1);
for (i = 0; i < 3; i++) {
- gtk_entry_set_editable(GTK_ENTRY(entry[i]), 1);
+ gtk_editable_set_editable(GTK_EDITABLE(entry[i]), 1);
gtk_widget_set_sensitive(entry[i], 1);
}
break;
diff --git a/properties/main.c b/properties/main.c
index c05f443..6f76361 100644
--- a/properties/main.c
+++ b/properties/main.c
@@ -429,7 +429,7 @@ static GtkWidget *create_interfaces(GtkWidget *window)
scrolled = gtk_scrolled_window_new(NULL, NULL);
gtk_scrolled_window_set_policy(GTK_SCROLLED_WINDOW(scrolled),
- GTK_POLICY_AUTOMATIC, GTK_POLICY_AUTOMATIC);
+ GTK_POLICY_NEVER, GTK_POLICY_AUTOMATIC);
gtk_scrolled_window_set_shadow_type(GTK_SCROLLED_WINDOW(scrolled),
GTK_SHADOW_OUT);
gtk_box_pack_start(GTK_BOX(hbox), scrolled, FALSE, TRUE, 0);
diff --git a/properties/wifi.c b/properties/wifi.c
index bd325ef..a5827e0 100644
--- a/properties/wifi.c
+++ b/properties/wifi.c
@@ -125,7 +125,7 @@ void add_wifi_switch_button(GtkWidget *mainbox, GtkTreeIter *iter,
gtk_container_set_border_width(GTK_CONTAINER(vbox), 24);
gtk_box_pack_start(GTK_BOX(mainbox), vbox, FALSE, FALSE, 0);
- table = gtk_table_new(1, 1, TRUE);
+ table = gtk_table_new(1, 1, FALSE);
gtk_table_set_row_spacings(GTK_TABLE(table), 10);
gtk_table_set_col_spacings(GTK_TABLE(table), 10);
gtk_box_pack_start(GTK_BOX(vbox), table, FALSE, FALSE, 0);
@@ -185,9 +185,9 @@ static void wifi_ipconfig(GtkWidget *table, struct config_data *data, GtkTreeIte
gtk_table_attach_defaults(GTK_TABLE(table), label, 1, 2, 3, 4);
data->ipv4.label[0] = label;
- combo = gtk_combo_box_new_text();
- gtk_combo_box_append_text(GTK_COMBO_BOX(combo), "DHCP");
- gtk_combo_box_append_text(GTK_COMBO_BOX(combo), "Manual");
+ combo = gtk_combo_box_text_new();
+ gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(combo), "DHCP");
+ gtk_combo_box_text_append_text(GTK_COMBO_BOX_TEXT(combo), "Manual");
gtk_combo_box_set_row_separator_func(GTK_COMBO_BOX(combo),
separator_function, NULL, NULL);
@@ -335,14 +335,14 @@ void update_wifi_ipv4(struct config_data *data, guint policy)
case CONNMAN_POLICY_DHCP:
gtk_combo_box_set_active(GTK_COMBO_BOX(combo), 0);
for (i = 0; i < 3; i++) {
- gtk_entry_set_editable(GTK_ENTRY(entry[i]), 0);
+ gtk_editable_set_editable(GTK_EDITABLE(entry[i]), 0);
gtk_widget_set_sensitive(entry[i], 0);
}
break;
case CONNMAN_POLICY_MANUAL:
gtk_combo_box_set_active(GTK_COMBO_BOX(combo), 1);
for (i = 0; i < 3; i++) {
- gtk_entry_set_editable(GTK_ENTRY(entry[i]), 1);
+ gtk_editable_set_editable(GTK_EDITABLE(entry[i]), 1);
gtk_widget_set_sensitive(entry[i], 1);
}
break;
--
2.8.1

35
sources/poky/meta/recipes-connectivity/connman/connman-gnome/0001-Removed-icon-from-connman-gnome-about-applet.patch Normal file
View File

@@ -0,0 +1,35 @@
From 5907a23ad2f49702960a33f9e2039552673eabc7 Mon Sep 17 00:00:00 2001
From: Andrei Dinu <andrei.adrianx.dinu@intel.com>
Date: Mon, 17 Dec 2012 14:01:18 +0200
Subject: [PATCH] Removed icon from connman-gnome "about" applet
The connman-gnome "about" applet showed a picture that
can not be displayed. There is no designated picture
in connman-gnome to be used in the about section, so
it was removed.
[OE-Core #2509]
Upstream-Status: Pending
Signed-off-by: Andrei Dinu <andrei.adrianx.dinu@intel.com>
---
applet/main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/applet/main.c b/applet/main.c
index f12d371..c7b3c7f 100644
--- a/applet/main.c
+++ b/applet/main.c
@@ -212,7 +212,7 @@ static void about_callback(GtkWidget *item, gpointer user_data)
"comments", _("A connection manager for the GNOME desktop"),
"authors", authors,
"translator-credits", _("translator-credits"),
- "logo-icon-name", "network-wireless", NULL);
+ NULL);
}
static void settings_callback(GtkWidget *item, gpointer user_data)
--
1.7.9.5

187
sources/poky/meta/recipes-connectivity/connman/connman-gnome/connman-gnome-fix-dbus-interface-name.patch Normal file
View File

@@ -0,0 +1,187 @@
connman-gnome: fix dbus interface name
This patch resolves following error:
"connman-dbus.xml": "connman" is not a valid D-Bus interface name
https://502552.bugs.gentoo.org/attachment.cgi?id=380652
Upstream-Status: Backport
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
---
common/connman-client.c | 24 ++++++++++++------------
common/connman-client.h | 4 ++--
common/connman-dbus.c | 6 +++---
common/connman-dbus.xml | 2 +-
4 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/common/connman-client.c b/common/connman-client.c
index c55e25c..9d818b2 100644
--- a/common/connman-client.c
+++ b/common/connman-client.c
@@ -289,7 +289,7 @@ gboolean connman_client_set_ipv4(ConnmanClient *client, const gchar *device,
g_value_init(&value, DBUS_TYPE_G_DICTIONARY);
g_value_set_boxed(&value, ipv4);
- ret = connman_set_property(proxy, "IPv4.Configuration", &value, NULL);
+ ret = net_connman_set_property(proxy, "IPv4.Configuration", &value, NULL);
g_object_unref(proxy);
@@ -317,7 +317,7 @@ void connman_client_set_powered(ConnmanClient *client, const gchar *device,
g_value_set_boolean(&value, powered);
error = NULL;
- connman_set_property(proxy, "Powered", &value, &error);
+ net_connman_set_property(proxy, "Powered", &value, &error);
if( error )
fprintf (stderr, "error: %s\n", error->message);
@@ -325,7 +325,7 @@ void connman_client_set_powered(ConnmanClient *client, const gchar *device,
}
void connman_client_scan(ConnmanClient *client, const gchar *device,
- connman_scan_reply callback, gpointer user_data)
+ net_connman_scan_reply callback, gpointer user_data)
{
ConnmanClientPrivate *priv = CONNMAN_CLIENT_GET_PRIVATE(client);
DBusGProxy *proxy;
@@ -339,7 +339,7 @@ void connman_client_scan(ConnmanClient *client, const gchar *device,
if (proxy == NULL)
return;
- connman_scan_async(proxy, callback, user_data);
+ net_connman_scan_async(proxy, callback, user_data);
g_object_unref(proxy);
}
@@ -353,7 +353,7 @@ gboolean connman_client_get_offline_status(ConnmanClient *client)
DBG("client %p", client);
- ret = connman_get_properties(priv->manager, &hash, NULL);
+ ret = net_connman_get_properties(priv->manager, &hash, NULL);
if (ret == FALSE)
goto done;
@@ -375,7 +375,7 @@ void connman_client_set_offlinemode(ConnmanClient *client, gboolean status)
g_value_init(&value, G_TYPE_BOOLEAN);
g_value_set_boolean(&value, status);
- connman_set_property(priv->manager, "OfflineMode", &value, NULL);
+ net_connman_set_property(priv->manager, "OfflineMode", &value, NULL);
}
static gboolean network_disconnect(GtkTreeModel *model, GtkTreePath *path,
@@ -398,7 +398,7 @@ static gboolean network_disconnect(GtkTreeModel *model, GtkTreePath *path,
return TRUE;
if (type == CONNMAN_TYPE_WIFI)
- connman_disconnect(proxy, NULL);
+ net_connman_disconnect(proxy, NULL);
g_object_unref(proxy);
@@ -422,13 +422,13 @@ void connman_client_connect(ConnmanClient *client, const gchar *network)
if (proxy == NULL)
return;
- connman_connect(proxy, NULL);
+ net_connman_connect(proxy, NULL);
g_object_unref(proxy);
}
void connman_client_connect_async(ConnmanClient *client, const gchar *network,
- connman_connect_reply callback, gpointer userdata)
+ net_connman_connect_reply callback, gpointer userdata)
{
ConnmanClientPrivate *priv = CONNMAN_CLIENT_GET_PRIVATE(client);
DBusGProxy *proxy;
@@ -446,7 +446,7 @@ void connman_client_connect_async(ConnmanClient *client, const gchar *network,
if (proxy == NULL)
goto done;
- connman_connect_async(proxy, callback, userdata);
+ net_connman_connect_async(proxy, callback, userdata);
done:
return;
@@ -476,7 +476,7 @@ void connman_client_disconnect(ConnmanClient *client, const gchar *network)
if (proxy == NULL)
return;
- connman_disconnect(proxy, NULL);
+ net_connman_disconnect(proxy, NULL);
g_object_unref(proxy);
}
@@ -532,7 +532,7 @@ void connman_client_remove(ConnmanClient *client, const gchar *network)
if (proxy == NULL)
return;
- connman_remove(proxy, NULL);
+ net_connman_remove(proxy, NULL);
g_object_unref(proxy);
}
diff --git a/common/connman-client.h b/common/connman-client.h
index 9e2e6d5..98241de 100644
--- a/common/connman-client.h
+++ b/common/connman-client.h
@@ -70,13 +70,13 @@ void connman_client_set_powered(ConnmanClient *client, const gchar *device,
gboolean connman_client_set_ipv4(ConnmanClient *client, const gchar *device,
struct ipv4_config *ipv4_config);
void connman_client_scan(ConnmanClient *client, const gchar *device,
- connman_scan_reply callback, gpointer user_data);
+ net_connman_scan_reply callback, gpointer user_data);
void connman_client_connect(ConnmanClient *client, const gchar *network);
void connman_client_disconnect(ConnmanClient *client, const gchar *network);
gchar *connman_client_get_security(ConnmanClient *client, const gchar *network);
void connman_client_connect_async(ConnmanClient *client, const gchar *network,
- connman_connect_reply callback, gpointer userdata);
+ net_connman_connect_reply callback, gpointer userdata);
void connman_client_set_remember(ConnmanClient *client, const gchar *network,
gboolean remember);
diff --git a/common/connman-dbus.c b/common/connman-dbus.c
index b82b3e1..543eb43 100644
--- a/common/connman-dbus.c
+++ b/common/connman-dbus.c
@@ -655,15 +655,15 @@ DBusGProxy *connman_dbus_create_manager(DBusGConnection *conn,
DBG("getting manager properties");
- connman_get_properties_async(proxy, manager_properties, store);
+ net_connman_get_properties_async(proxy, manager_properties, store);
DBG("getting technologies");
- connman_get_technologies_async(proxy, manager_technologies, store);
+ net_connman_get_technologies_async(proxy, manager_technologies, store);
DBG("getting services");
- connman_get_services_async(proxy, manager_services, store);
+ net_connman_get_services_async(proxy, manager_services, store);
return proxy;
}
diff --git a/common/connman-dbus.xml b/common/connman-dbus.xml
index 56b9582..0199d52 100644
--- a/common/connman-dbus.xml
+++ b/common/connman-dbus.xml
@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="UTF-8" ?>
<node name="/">
- <interface name="connman">
+ <interface name="net.connman">
<method name="GetProperties">
<arg type="a{sv}" direction="out"/>
</method>
--
1.9.1

BIN
sources/poky/meta/recipes-connectivity/connman/connman-gnome/images/connman-signal-01.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 490 B

BIN
sources/poky/meta/recipes-connectivity/connman/connman-gnome/images/connman-signal-02.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 496 B

BIN
sources/poky/meta/recipes-connectivity/connman/connman-gnome/images/connman-signal-03.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 492 B

BIN
sources/poky/meta/recipes-connectivity/connman/connman-gnome/images/connman-signal-04.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 470 B

BIN
sources/poky/meta/recipes-connectivity/connman/connman-gnome/images/connman-signal-05.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 419 B

36
sources/poky/meta/recipes-connectivity/connman/connman-gnome/null_check_for_ipv4_config.patch Normal file
View File

@@ -0,0 +1,36 @@
In networks that don't have a DHCP server configured, ipv4 address
allocation fails and the ipv4 structure doesn't get populated. When
the GUI is trying to read the ipv4_config.method field to see whether
it contains "dhcp" string, a segmentation fault is generated.
Ethernet manual configuration behavior remains unchanged after this fix.
Upstream-Status: Pending
Signed-off-by: Emilia Ciobanu <emilia.maria.silvia.ciobanu@intel.com>
Index: git/properties/ethernet.c
===================================================================
--- git.orig/properties/ethernet.c
+++ git/properties/ethernet.c
@@ -194,7 +194,7 @@ void add_ethernet_service(GtkWidget *mai
data->button = button;
- if (g_str_equal(ipv4_config.method, "dhcp") == TRUE)
+ if (!ipv4_config.method || g_str_equal(ipv4_config.method, "dhcp") == TRUE)
update_ethernet_ipv4(data, CONNMAN_POLICY_DHCP);
else
update_ethernet_ipv4(data, CONNMAN_POLICY_MANUAL);
Index: git/properties/wifi.c
===================================================================
--- git.orig/properties/wifi.c
+++ git/properties/wifi.c
@@ -230,7 +230,7 @@ static void wifi_ipconfig(GtkWidget *tab
data->ipv4_config = ipv4_config;
- if (g_str_equal(ipv4_config.method, "dhcp") == TRUE)
+ if (!ipv4_config.method || g_str_equal(ipv4_config.method, "dhcp") == TRUE)
update_wifi_ipv4(data, CONNMAN_POLICY_DHCP);
else
update_wifi_ipv4(data, CONNMAN_POLICY_MANUAL);

34
sources/poky/meta/recipes-connectivity/connman/connman-gnome_0.7.bb Normal file
View File

@@ -0,0 +1,34 @@
SUMMARY = "GTK+ frontend for the ConnMan network connection manager"
HOMEPAGE = "http://connman.net/"
SECTION = "libs/network"
LICENSE = "GPL-2.0-only & LGPL-2.1-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a \
file://properties/main.c;beginline=1;endline=20;md5=50c77c81871308b033ab7a1504626afb \
file://common/connman-dbus.c;beginline=1;endline=20;md5=de6b485c0e717a0236402d220187717a"
DEPENDS = "gtk+3 dbus-glib dbus-glib-native intltool-native gettext-native"
# 0.7 tag
SRCREV = "cf3c325b23dae843c5499a113591cfbc98acb143"
SRC_URI = "git://github.com/connectivity/connman-gnome.git;branch=master;protocol=https \
file://0001-Removed-icon-from-connman-gnome-about-applet.patch \
file://null_check_for_ipv4_config.patch \
file://images/ \
file://connman-gnome-fix-dbus-interface-name.patch \
file://0001-Port-to-Gtk3.patch \
"
S = "${WORKDIR}/git"
inherit autotools-brokensep gtk-icon-cache pkgconfig features_check
ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}"
RDEPENDS:${PN} = "connman"
do_install:append() {
install -m 0644 ${WORKDIR}/images/* ${D}/usr/share/icons/hicolor/22x22/apps/
}
# http://errors.yoctoproject.org/Errors/Details/766926/
# connman-client.c:200:15: error: assignment to 'GtkTreeModel *' {aka 'struct _GtkTreeModel *'} from incompatible pointer type 'GtkTreeStore *' {aka 'struct _GtkTreeStore *'} [-Wincompatible-pointer-types]
CFLAGS += "-Wno-error=incompatible-pointer-types"

225
sources/poky/meta/recipes-connectivity/connman/connman.inc Normal file
View File

@@ -0,0 +1,225 @@
SUMMARY = "A daemon for managing internet connections within embedded devices"
DESCRIPTION = "The ConnMan project provides a daemon for managing \
internet connections within embedded devices running the Linux \
operating system. The Connection Manager is designed to be slim and \
to use as few resources as possible, so it can be easily integrated. \
It is a fully modular system that can be extended, through plug-ins, \
to support all kinds of wired or wireless technologies. Also, \
configuration methods, like DHCP and domain name resolving, are \
implemented using plug-ins."
HOMEPAGE = "http://connman.net/"
BUGTRACKER = "https://01.org/jira/browse/CM"
LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \
file://src/main.c;beginline=1;endline=20;md5=486a279a6ab0c8d152bcda3a5b5edc36"
inherit autotools pkgconfig systemd update-rc.d update-alternatives
CVE_PRODUCT = "connman connection_manager"
DEPENDS = "dbus glib-2.0 ppp"
EXTRA_OECONF += "\
ac_cv_path_WPASUPPLICANT=${sbindir}/wpa_supplicant \
ac_cv_path_PPPD=${sbindir}/pppd \
--enable-debug \
--enable-loopback \
--enable-ethernet \
--enable-tools \
--disable-polkit \
--runstatedir=/run \
"
# For smooth operation it would be best to start only one wireless daemon at a time.
# If wpa-supplicant is running, connman will use it preferentially.
# Select either wpa-supplicant or iwd
WIRELESS_DAEMON ??= "wpa-supplicant"
PACKAGECONFIG ??= "wispr iptables client\
${@bb.utils.filter('DISTRO_FEATURES', '3g systemd', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez', '', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'wifi', 'wifi ${WIRELESS_DAEMON}', '', d)} \
"
# If you want ConnMan to support VPN, add following statement into
# local.conf or distro config
# PACKAGECONFIG:append:pn-connman = " openvpn vpnc l2tp pptp"
PACKAGECONFIG[systemd] = "--with-systemdunitdir=${systemd_system_unitdir}/ --with-tmpfilesdir=${sysconfdir}/tmpfiles.d/,--with-systemdunitdir='' --with-tmpfilesdir=''"
PACKAGECONFIG[wifi] = "--enable-wifi, --disable-wifi"
PACKAGECONFIG[bluez] = "--enable-bluetooth, --disable-bluetooth, bluez5, bluez5"
PACKAGECONFIG[3g] = "--enable-ofono, --disable-ofono, ofono, ofono"
PACKAGECONFIG[wpa-supplicant] = ",,wpa-supplicant,wpa-supplicant"
PACKAGECONFIG[iwd] = "--enable-iwd,--disable-iwd,,iwd"
PACKAGECONFIG[tist] = "--enable-tist,--disable-tist,"
PACKAGECONFIG[openvpn] = "--enable-openvpn --with-openvpn=${sbindir}/openvpn,--disable-openvpn,,openvpn"
PACKAGECONFIG[vpnc] = "--enable-vpnc --with-vpnc=${sbindir}/vpnc,--disable-vpnc,,vpnc"
PACKAGECONFIG[l2tp] = "--enable-l2tp --with-l2tp=${sbindir}/xl2tpd,--disable-l2tp,,xl2tpd"
PACKAGECONFIG[pptp] = "--enable-pptp --with-pptp=${sbindir}/pptp,--disable-pptp,,pptp-linux"
# WISPr support for logging into hotspots, requires TLS
PACKAGECONFIG[wispr] = "--enable-wispr,--disable-wispr,gnutls,"
PACKAGECONFIG[nftables] = "--with-firewall=nftables ,,libmnl libnftnl,,kernel-module-nf-tables kernel-module-nft-chain-nat-ipv4 kernel-module-nft-chain-route-ipv4 kernel-module-nft-masq-ipv4 kernel-module-nft-nat"
PACKAGECONFIG[iptables] = "--with-firewall=iptables ,,iptables,iptables"
PACKAGECONFIG[nfc] = "--enable-neard, --disable-neard, neard, neard"
PACKAGECONFIG[client] = "--enable-client,--disable-client,readline"
PACKAGECONFIG[wireguard] = "--enable-wireguard,--disable-wireguard,libmnl"
INITSCRIPT_NAME = "connman"
INITSCRIPT_PARAMS = "start 05 5 2 3 . stop 22 0 1 6 ."
python __anonymous () {
systemd_packages = "${PN} ${PN}-wait-online"
pkgconfig = d.getVar('PACKAGECONFIG')
if ('openvpn' or 'vpnc' or 'l2tp' or 'pptp') in pkgconfig.split():
systemd_packages += " ${PN}-vpn"
d.setVar('SYSTEMD_PACKAGES', systemd_packages)
}
SYSTEMD_SERVICE:${PN} = "connman.service"
SYSTEMD_SERVICE:${PN}-vpn = "connman-vpn.service"
SYSTEMD_SERVICE:${PN}-wait-online = "connman-wait-online.service"
ALTERNATIVE_PRIORITY = "100"
ALTERNATIVE:${PN} = "${@bb.utils.contains('DISTRO_FEATURES','systemd','resolv-conf','',d)}"
ALTERNATIVE_TARGET[resolv-conf] = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${sysconfdir}/resolv-conf.connman','',d)}"
ALTERNATIVE_LINK_NAME[resolv-conf] = "${@bb.utils.contains('DISTRO_FEATURES','systemd','${sysconfdir}/resolv.conf','',d)}"
do_install:append() {
if ${@bb.utils.contains('DISTRO_FEATURES','sysvinit','true','false',d)}; then
install -d ${D}${sysconfdir}/init.d
install -m 0755 ${WORKDIR}/connman ${D}${sysconfdir}/init.d/connman
sed -i s%@DATADIR@%${datadir}% ${D}${sysconfdir}/init.d/connman
fi
install -d ${D}${bindir}
install -m 0755 ${B}/tools/*-test ${D}${bindir}
if [ -e ${B}/tools/wispr ]; then
install -m 0755 ${B}/tools/wispr ${D}${bindir}
fi
# We don't need to package an empty directory
rmdir --ignore-fail-on-non-empty ${D}${libdir}/connman/scripts
# Automake 1.12 won't install empty directories, but we need the
# plugins directory to be present for ownership
mkdir -p ${D}${libdir}/connman/plugins
# For read-only filesystem, do not create links during bootup
if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
ln -sf ../run/connman/resolv.conf ${D}${sysconfdir}/resolv-conf.connman
fi
}
# These used to be plugins, but now they are core
RPROVIDES:${PN} = "\
connman-plugin-loopback \
connman-plugin-ethernet \
${@bb.utils.contains('PACKAGECONFIG', 'bluetooth','connman-plugin-bluetooth', '', d)} \
${@bb.utils.contains('PACKAGECONFIG', 'wifi','connman-plugin-wifi', '', d)} \
${@bb.utils.contains('PACKAGECONFIG', '3g','connman-plugin-ofono', '', d)} \
"
RDEPENDS:${PN} = "\
dbus \
"
PACKAGES_DYNAMIC += "^${PN}-plugin-.*"
def add_rdepends(bb, d, file, pkg, depmap, multilib_prefix, add_insane_skip):
plugintype = pkg.split( '-' )[-1]
if plugintype in depmap:
rdepends = map(lambda x: multilib_prefix + x, \
depmap[plugintype].split())
d.setVar("RDEPENDS:%s" % pkg, " ".join(rdepends))
if add_insane_skip:
d.appendVar("INSANE_SKIP:%s" % pkg, "dev-so")
python populate_packages:prepend() {
depmap = dict(pppd="ppp")
multilib_prefix = (d.getVar("MLPREFIX") or "")
hook = lambda file,pkg,x,y,z: \
add_rdepends(bb, d, file, pkg, depmap, multilib_prefix, False)
plugin_dir = d.expand('${libdir}/connman/plugins/')
plugin_name = d.expand('${PN}-plugin-%s')
do_split_packages(d, plugin_dir, r'^(.*).so$', plugin_name, \
'${PN} plugin for %s', extra_depends='', hook=hook, prepend=True )
hook = lambda file,pkg,x,y,z: \
add_rdepends(bb, d, file, pkg, depmap, multilib_prefix, True)
plugin_dir = d.expand('${libdir}/connman/plugins-vpn/')
plugin_name = d.expand('${PN}-plugin-vpn-%s')
do_split_packages(d, plugin_dir, r'^(.*).so$', plugin_name, \
'${PN} VPN plugin for %s', extra_depends='', hook=hook, prepend=True )
}
PACKAGES =+ "${PN}-tools ${PN}-tests ${PN}-client"
FILES:${PN}-tools = "${bindir}/wispr"
RDEPENDS:${PN}-tools ="${PN}"
FILES:${PN}-tests = "${bindir}/*-test"
FILES:${PN}-client = "${bindir}/connmanctl"
RDEPENDS:${PN}-client ="${PN}"
FILES:${PN} = "${bindir}/* ${sbindir}/* ${libexecdir}/* ${libdir}/lib*.so.* \
${libdir}/connman/plugins \
${sysconfdir} ${sharedstatedir} ${localstatedir} ${datadir} \
${base_bindir}/* ${base_sbindir}/* ${base_libdir}/*.so* ${datadir}/${PN} \
${datadir}/dbus-1/system-services/* \
${sysconfdir}/tmpfiles.d/connman_resolvconf.conf"
FILES:${PN}-dev += "${libdir}/connman/*/*.la"
PACKAGES =+ "${PN}-vpn ${PN}-wait-online"
SUMMARY:${PN}-vpn = "A daemon for managing VPN connections within embedded devices"
DESCRIPTION:${PN}-vpn = "The ConnMan VPN provides a daemon for \
managing VPN connections within embedded devices running the Linux \
operating system. The connman-vpnd handles all the VPN connections \
and starts/stops VPN client processes when necessary. The connman-vpnd \
provides a DBus API for managing VPN connections. All the different \
VPN technogies are implemented using plug-ins."
FILES:${PN}-vpn += "${sbindir}/connman-vpnd \
${sysconfdir}/dbus-1/system.d/connman-vpn-dbus.conf \
${datadir}/dbus-1/system-services/net.connman.vpn.service \
${systemd_system_unitdir}/connman-vpn.service"
SUMMARY:${PN}-wait-online = "A program that will return once ConnMan has connected to a network"
DESCRIPTION:${PN}-wait-online = "A service that can be enabled so that \
the system waits until a network connection is established."
FILES:${PN}-wait-online += "${sbindir}/connmand-wait-online \
${systemd_system_unitdir}/connman-wait-online.service"
SUMMARY:${PN}-plugin-vpn-openvpn = "An OpenVPN plugin for ConnMan VPN"
DESCRIPTION:${PN}-plugin-vpn-openvpn = "The ConnMan OpenVPN plugin uses openvpn client \
to create a VPN connection to OpenVPN server."
FILES:${PN}-plugin-vpn-openvpn += "${libdir}/connman/scripts/openvpn-script \
${libdir}/connman/plugins-vpn/openvpn.so"
RDEPENDS:${PN}-plugin-vpn-openvpn += "${PN}-vpn"
RRECOMMENDS:${PN} += "${@bb.utils.contains('PACKAGECONFIG','openvpn','${PN}-plugin-vpn-openvpn', '', d)}"
SUMMARY:${PN}-plugin-vpn-vpnc = "A vpnc plugin for ConnMan VPN"
DESCRIPTION:${PN}-plugin-vpn-vpnc = "The ConnMan vpnc plugin uses vpnc client \
to create a VPN connection to Cisco3000 VPN Concentrator."
FILES:${PN}-plugin-vpn-vpnc += "${libdir}/connman/scripts/openconnect-script \
${libdir}/connman/plugins-vpn/vpnc.so \
${libdir}/connman/scripts/vpn-script"
RDEPENDS:${PN}-plugin-vpn-vpnc += "${PN}-vpn"
RRECOMMENDS:${PN} += "${@bb.utils.contains('PACKAGECONFIG','vpnc','${PN}-plugin-vpn-vpnc', '', d)}"
SUMMARY:${PN}-plugin-vpn-l2tp = "A L2TP plugin for ConnMan VPN"
DESCRIPTION:${PN}-plugin-vpn-l2tp = "The ConnMan L2TP plugin uses xl2tpd daemon \
to create a VPN connection to L2TP server."
FILES:${PN}-plugin-vpn-l2tp += "${libdir}/connman/scripts/libppp-plugin.so* \
${libdir}/connman/plugins-vpn/l2tp.so"
RDEPENDS:${PN}-plugin-vpn-l2tp += "${PN}-vpn"
RRECOMMENDS:${PN} += "${@bb.utils.contains('PACKAGECONFIG','l2tp','${PN}-plugin-vpn-l2tp', '', d)}"
SUMMARY:${PN}-plugin-vpn-pptp = "A PPTP plugin for ConnMan VPN"
DESCRIPTION:${PN}-plugin-vpn-pptp = "The ConnMan PPTP plugin uses pptp-linux client \
to create a VPN connection to PPTP server."
FILES:${PN}-plugin-vpn-pptp += "${libdir}/connman/scripts/libppp-plugin.so* \
${libdir}/connman/plugins-vpn/pptp.so"
RDEPENDS:${PN}-plugin-vpn-pptp += "${PN}-vpn"
RRECOMMENDS:${PN} += "${@bb.utils.contains('PACKAGECONFIG','pptp','${PN}-plugin-vpn-pptp', '', d)}"

29
sources/poky/meta/recipes-connectivity/connman/connman/0001-connman.service-stop-systemd-resolved-when-we-use-co.patch Normal file
View File

@@ -0,0 +1,29 @@
From 9f70b94ebf18f52c115634642652830fa77f27a1 Mon Sep 17 00:00:00 2001
From: "Maxin B. John" <maxin.john@intel.com>
Date: Mon, 12 Jun 2017 16:52:39 +0300
Subject: [PATCH] connman.service: stop systemd-resolved when we use connman
Stop systemd-resolved service when we use connman as network manager.
Upstream-Status: Inappropriate [configuration]
Signed-off-by: Maxin B. John <maxin.john@intel.com>
---
src/connman.service.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/connman.service.in b/src/connman.service.in
index 9f5c10f..dab48bc 100644
--- a/src/connman.service.in
+++ b/src/connman.service.in
@@ -6,6 +6,7 @@ RequiresMountsFor=@localstatedir@/lib/connman
After=dbus.service network-pre.target systemd-sysusers.service
Before=network.target multi-user.target shutdown.target
Wants=network.target
+Conflicts=systemd-resolved.service
[Service]
Type=dbus
--
2.4.0

35
sources/poky/meta/recipes-connectivity/connman/connman/0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch Normal file
View File

@@ -0,0 +1,35 @@
From 4ddaf78dad5a9ee4a0658235f71b75132192123e Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Sat, 7 Apr 2012 18:52:12 -0700
Subject: [PATCH] plugin.h: Change visibility to default for debug symbols
gold refuses to link in undefined weak symbols which
have hidden visibility
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upstream-Status: Pending
---
include/plugin.h | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/plugin.h b/include/plugin.h
index 692a4e5..a9361c3 100644
--- a/include/plugin.h
+++ b/include/plugin.h
@@ -89,9 +89,9 @@ struct connman_plugin_desc {
#else
#define CONNMAN_PLUGIN_DEFINE(name, description, version, priority, init, exit) \
extern struct connman_debug_desc __start___debug[] \
- __attribute__ ((weak, visibility("hidden"))); \
+ __attribute__ ((weak, visibility("default"))); \
extern struct connman_debug_desc __stop___debug[] \
- __attribute__ ((weak, visibility("hidden"))); \
+ __attribute__ ((weak, visibility("default"))); \
extern struct connman_plugin_desc connman_plugin_desc \
__attribute__ ((visibility("default"))); \
struct connman_plugin_desc connman_plugin_desc = { \
--
1.7.5.4

55
sources/poky/meta/recipes-connectivity/connman/connman/0001-src-log.c-Include-libgen.h-for-basename-API.patch Normal file
View File

@@ -0,0 +1,55 @@
From cbba6638986c2de763981bf6fc59df6a86fed44f Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 1 Jan 2024 17:42:21 -0800
Subject: [PATCH v2] src/log.c: Include libgen.h for basename API
Use POSIX version of basename. This comes to front with latest musl
which dropped the declaration from string.h [1] it fails to build with
clang-17+ because it treats implicit function declaration as error.
Fix it by applying the basename on a copy of string since posix version
may modify the input string.
[1] https://git.musl-libc.org/cgit/musl/commit/?id=725e17ed6dff4d0cd22487bb64470881e86a92e7
Upstream-Status: Submitted [https://lore.kernel.org/connman/20240102015917.3732089-1-raj.khem@gmail.com/T/#u]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
src/log.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/log.c b/src/log.c
index 554b046..2df3af7 100644
--- a/src/log.c
+++ b/src/log.c
@@ -24,6 +24,7 @@
#endif
#include <stdio.h>
+#include <libgen.h>
#include <unistd.h>
#include <stdarg.h>
#include <stdlib.h>
@@ -196,6 +197,7 @@ int __connman_log_init(const char *program, const char *debug,
const char *program_name, const char *program_version)
{
static char path[PATH_MAX];
+ char* tmp = strdup(program);
int option = LOG_NDELAY | LOG_PID;
program_exec = program;
@@ -212,8 +214,8 @@ int __connman_log_init(const char *program, const char *debug,
if (backtrace)
signal_setup(signal_handler);
- openlog(basename(program), option, LOG_DAEMON);
-
+ openlog(basename(tmp), option, LOG_DAEMON);
+ free(tmp);
syslog(LOG_INFO, "%s version %s", program_name, program_version);
return 0;
--
2.43.0

152
sources/poky/meta/recipes-connectivity/connman/connman/0001-vpn-Adding-support-for-latest-pppd-2.5.0-release.patch Normal file
View File

@@ -0,0 +1,152 @@
From af55a6a414d32c12f9ef3cab778385a361e1ad6d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Eivind=20N=C3=A6ss?= <eivnaes@yahoo.com>
Date: Sat, 25 Mar 2023 20:51:52 +0000
Subject: [PATCH] vpn: Adding support for latest pppd 2.5.0 release
The API has gone through a significant overhaul, and this change fixes any compile issues.
1) Fixes to configure.ac itself
2) Cleanup in pppd plugin itself
Adding a libppp-compat.h file to mask for any differences in the version.
Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=a48864a2e5d2a725dfc6eef567108bc13b43857f]
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
---
scripts/libppp-compat.h | 127 ++++++++++++++++++++++++++++++++++++++++
1 file changed, 127 insertions(+)
create mode 100644 scripts/libppp-compat.h
diff --git a/scripts/libppp-compat.h b/scripts/libppp-compat.h
new file mode 100644
index 0000000..eee1d09
--- /dev/null
+++ b/scripts/libppp-compat.h
@@ -0,0 +1,127 @@
+/* Copyright (C) Eivind Naess, eivnaes@yahoo.com */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+
+#ifndef __LIBPPP_COMPAT_H__
+#define __LIBPPP_COMPAT_H__
+
+/* Define USE_EAPTLS compile with EAP TLS support against older pppd headers,
+ * pppd >= 2.5.0 use PPP_WITH_EAPTLS and is defined in pppdconf.h */
+#define USE_EAPTLS 1
+
+/* Define INET6 to compile with IPv6 support against older pppd headers,
+ * pppd >= 2.5.0 use PPP_WITH_IPV6CP and is defined in pppdconf.h */
+#define INET6 1
+
+/* PPP < 2.5.0 defines and exports VERSION which overlaps with current package VERSION define.
+ * this silly macro magic is to work around that. */
+#undef VERSION
+#include <pppd/pppd.h>
+
+#ifndef PPPD_VERSION
+#define PPPD_VERSION VERSION
+#endif
+
+#include <pppd/fsm.h>
+#include <pppd/ccp.h>
+#include <pppd/eui64.h>
+#include <pppd/ipcp.h>
+#include <pppd/ipv6cp.h>
+#include <pppd/eap.h>
+#include <pppd/upap.h>
+
+#ifdef HAVE_PPPD_CHAP_H
+#include <pppd/chap.h>
+#endif
+
+#ifdef HAVE_PPPD_CHAP_NEW_H
+#include <pppd/chap-new.h>
+#endif
+
+#ifdef HAVE_PPPD_CHAP_MS_H
+#include <pppd/chap_ms.h>
+#endif
+
+#ifndef PPP_PROTO_CHAP
+#define PPP_PROTO_CHAP 0xc223
+#endif
+
+#ifndef PPP_PROTO_EAP
+#define PPP_PROTO_EAP 0xc227
+#endif
+
+
+#if WITH_PPP_VERSION < PPP_VERSION(2,5,0)
+
+static inline bool
+debug_on (void)
+{
+ return debug;
+}
+
+static inline const char
+*ppp_ipparam (void)
+{
+ return ipparam;
+}
+
+static inline int
+ppp_ifunit (void)
+{
+ return ifunit;
+}
+
+static inline const char *
+ppp_ifname (void)
+{
+ return ifname;
+}
+
+static inline int
+ppp_get_mtu (int idx)
+{
+ return netif_get_mtu(idx);
+}
+
+typedef enum ppp_notify
+{
+ NF_PID_CHANGE,
+ NF_PHASE_CHANGE,
+ NF_EXIT,
+ NF_SIGNALED,
+ NF_IP_UP,
+ NF_IP_DOWN,
+ NF_IPV6_UP,
+ NF_IPV6_DOWN,
+ NF_AUTH_UP,
+ NF_LINK_DOWN,
+ NF_FORK,
+ NF_MAX_NOTIFY
+} ppp_notify_t;
+
+typedef void (ppp_notify_fn) (void *ctx, int arg);
+
+static inline void
+ppp_add_notify (ppp_notify_t type, ppp_notify_fn *func, void *ctx)
+{
+ struct notifier **list[NF_MAX_NOTIFY] = {
+ [NF_PID_CHANGE ] = &pidchange,
+ [NF_PHASE_CHANGE] = &phasechange,
+ [NF_EXIT ] = &exitnotify,
+ [NF_SIGNALED ] = &sigreceived,
+ [NF_IP_UP ] = &ip_up_notifier,
+ [NF_IP_DOWN ] = &ip_down_notifier,
+ [NF_IPV6_UP ] = &ipv6_up_notifier,
+ [NF_IPV6_DOWN ] = &ipv6_down_notifier,
+ [NF_AUTH_UP ] = &auth_up_notifier,
+ [NF_LINK_DOWN ] = &link_down_notifier,
+ [NF_FORK ] = &fork_notifier,
+ };
+
+ struct notifier **notify = list[type];
+ if (notify) {
+ add_notifier(notify, func, ctx);
+ }
+}
+
+#endif /* #if WITH_PPP_VERSION < PPP_VERSION(2,5,0) */
+#endif /* #if__LIBPPP_COMPAT_H__ */

75
sources/poky/meta/recipes-connectivity/connman/connman/0002-resolve-musl-does-not-implement-res_ninit.patch Normal file
View File

@@ -0,0 +1,75 @@
From 01974865e4d331eeaf25248bee1bb96539c450d9 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 6 Apr 2015 23:02:21 -0700
Subject: [PATCH] resolve: musl does not implement res_ninit
ported from
http://git.alpinelinux.org/cgit/aports/plain/testing/connman/libresolv.patch
Upstream-Status: Pending
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
gweb/gresolv.c | 34 +++++++++++++---------------------
1 file changed, 13 insertions(+), 21 deletions(-)
diff --git a/gweb/gresolv.c b/gweb/gresolv.c
index 954e7cf..2a9bc51 100644
--- a/gweb/gresolv.c
+++ b/gweb/gresolv.c
@@ -878,8 +879,6 @@ GResolv *g_resolv_new(int index)
resolv->index = index;
resolv->nameserver_list = NULL;
- res_ninit(&resolv->res);
-
return resolv;
}
@@ -919,8 +918,6 @@ void g_resolv_unref(GResolv *resolv)
flush_nameservers(resolv);
- res_nclose(&resolv->res);
-
g_free(resolv);
}
@@ -1023,24 +1020,19 @@ guint g_resolv_lookup_hostname(GResolv *resolv, const char *hostname,
debug(resolv, "hostname %s", hostname);
if (!resolv->nameserver_list) {
- int i;
-
- for (i = 0; i < resolv->res.nscount; i++) {
- char buf[100];
- int family = resolv->res.nsaddr_list[i].sin_family;
- void *sa_addr = &resolv->res.nsaddr_list[i].sin_addr;
-
- if (family != AF_INET &&
- resolv->res._u._ext.nsaddrs[i]) {
- family = AF_INET6;
- sa_addr = &resolv->res._u._ext.nsaddrs[i]->sin6_addr;
+ FILE *f = fopen("/etc/resolv.conf", "r");
+ if (f) {
+ char line[256], *s;
+ int i;
+ while (fgets(line, sizeof(line), f)) {
+ if (strncmp(line, "nameserver", 10) || !isspace(line[10]))
+ continue;
+ for (s = &line[11]; isspace(s[0]); s++);
+ for (i = 0; s[i] && !isspace(s[i]); i++);
+ s[i] = 0;
+ g_resolv_add_nameserver(resolv, s, 53, 0);
}
-
- if (family != AF_INET && family != AF_INET6)
- continue;
-
- if (inet_ntop(family, sa_addr, buf, sizeof(buf)))
- g_resolv_add_nameserver(resolv, buf, 53, 0);
+ fclose(f);
}
if (!resolv->nameserver_list)

41
sources/poky/meta/recipes-connectivity/connman/connman/CVE-2025-32366.patch Normal file
View File

@@ -0,0 +1,41 @@
From 8d3be0285f1d4667bfe85dba555c663eb3d704b4 Mon Sep 17 00:00:00 2001
From: Yoonje Shin <ioerts@kookmin.ac.kr>
Date: Mon, 12 May 2025 10:48:18 +0200
Subject: [PATCH] dnsproxy: Address CVE-2025-32366 vulnerability
In Connman parse_rr in dnsproxy.c has a memcpy length
that depends on an RR RDLENGTH value (i.e., *rdlen=ntohs(rr->rdlen)
and memcpy(response+offset,*end,*rdlen)). Here, rdlen may be larger
than the amount of remaining packet data in the current state of
parsing. As a result, values of stack memory locations may be sent
over the network in a response.
This patch adds a check to ensure that (*end + *rdlen) does not exceed
the valid range. If the condition is violated, the function returns
-EINVAL.
CVE: CVE-2025-32366
Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=8d3be0285f1d4667bfe85dba555c663eb3d704b4]
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
---
src/dnsproxy.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/dnsproxy.c b/src/dnsproxy.c
index 1a5a4f3..50b2d55 100644
--- a/src/dnsproxy.c
+++ b/src/dnsproxy.c
@@ -985,6 +985,9 @@ static int parse_rr(const unsigned char *buf, const unsigned char *start,
if ((offset + *rdlen) > *response_size)
return -ENOBUFS;
+ if ((*end + *rdlen) > max)
+ return -EINVAL;
+
memcpy(response + offset, *end, *rdlen);
*end += *rdlen;
--
2.40.0

48
sources/poky/meta/recipes-connectivity/connman/connman/CVE-2025-32743.patch Normal file
View File

@@ -0,0 +1,48 @@
From d90b911f6760959bdf1393c39fe8d1118315490f Mon Sep 17 00:00:00 2001
From: Praveen Kumar <praveen.kumar@windriver.com>
Date: Thu, 24 Apr 2025 11:39:29 +0000
Subject: [PATCH] dnsproxy: Fix NULL/empty lookup causing potential crash
In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c
can be NULL or an empty string when the TC (Truncated) bit is set in
a DNS response. This allows attackers to cause a denial of service
(application crash) or possibly execute arbitrary code, because those
lookup values lead to incorrect length calculations and incorrect
memcpy operations.
This patch includes a check to make sure loookup value is valid before
using it. This helps avoid unexpected value when the input is empty or
incorrect.
Fixes: CVE-2025-32743
CVE: CVE-2025-32743
Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d90b911f6760959bdf1393c39fe8d1118315490f]
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
---
src/dnsproxy.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/dnsproxy.c b/src/dnsproxy.c
index 7ebffbc..1a5a4f3 100644
--- a/src/dnsproxy.c
+++ b/src/dnsproxy.c
@@ -1669,8 +1669,13 @@ static int ns_resolv(struct server_data *server, struct request_data *req,
gpointer request, gpointer name)
{
int sk = -1;
+ int err;
const char *lookup = (const char *)name;
- int err = ns_try_resolv_from_cache(req, request, lookup);
+
+ if (!lookup || strlen(lookup) == 0)
+ return -EINVAL;
+
+ err = ns_try_resolv_from_cache(req, request, lookup);
if (err > 0)
/* cache hit */
--
2.40.0

45
sources/poky/meta/recipes-connectivity/connman/connman/connman Normal file
View File

@@ -0,0 +1,45 @@
#!/bin/sh
DAEMON=/usr/sbin/connmand
PIDFILE=/var/run/connmand.pid
DESC="Connection Manager"
if [ -f /etc/default/connman ] ; then
. /etc/default/connman
fi
set -e
do_start() {
if [ -f @DATADIR@/connman/wired-setup ] ; then
. @DATADIR@/connman/wired-setup
fi
$DAEMON
}
do_stop() {
start-stop-daemon --stop --name connmand --quiet
}
case "$1" in
start)
echo "Starting $DESC"
do_start
;;
stop)
echo "Stopping $DESC"
do_stop
;;
restart|force-reload)
echo "Restarting $DESC"
do_stop
sleep 1
do_start
;;
*)
echo "Usage: $0 {start|stop|restart|force-reload}" >&2
exit 1
;;
esac
exit 0

27
sources/poky/meta/recipes-connectivity/connman/connman/no-version-scripts.patch Normal file
View File

@@ -0,0 +1,27 @@
With binutils 2.27 on at least MIPS, connmand will crash on startup. This
appears to be due to the symbol visibilty scripts hiding symbols that stdio
looks up at runtime, resulting in it segfaulting.
This certainly appears to be a bug in binutils 2.27 although the problem has
been known about for some time:
https://sourceware.org/bugzilla/show_bug.cgi?id=17908
As the version scripts are only used to hide symbols from plugins we can safely
remove the scripts to work around the problem until binutils is fixed.
Upstream-Status: Inappropriate
Signed-off-by: Ross Burton <ross.burton@intel.com>
diff --git a/Makefile.am b/Makefile.am
index d70725c..76ae432 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -132,2 +132 @@ src_connmand_LDADD = gdbus/libgdbus-internal.la $(builtin_libadd) \
-src_connmand_LDFLAGS = -Wl,--export-dynamic \
- -Wl,--version-script=$(srcdir)/src/connman.ver
+src_connmand_LDFLAGS = -Wl,--export-dynamic
@@ -166,2 +165 @@ vpn_connman_vpnd_LDADD = gdbus/libgdbus-internal.la $(builtin_vpn_libadd) \
-vpn_connman_vpnd_LDFLAGS = -Wl,--export-dynamic \
- -Wl,--version-script=$(srcdir)/vpn/vpn.ver
+vpn_connman_vpnd_LDFLAGS = -Wl,--export-dynamic

19
sources/poky/meta/recipes-connectivity/connman/connman_1.42.bb Normal file
View File

@@ -0,0 +1,19 @@
require connman.inc
SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
file://0001-plugin.h-Change-visibility-to-default-for-debug-symb.patch \
file://0001-connman.service-stop-systemd-resolved-when-we-use-co.patch \
file://connman \
file://no-version-scripts.patch \
file://0001-vpn-Adding-support-for-latest-pppd-2.5.0-release.patch \
file://0001-src-log.c-Include-libgen.h-for-basename-API.patch \
file://CVE-2025-32743.patch \
file://CVE-2025-32366.patch \
"
SRC_URI:append:libc-musl = " file://0002-resolve-musl-does-not-implement-res_ninit.patch"
SRC_URI[sha256sum] = "a3e6bae46fc081ef2e9dae3caa4f7649de892c3de622c20283ac0ca81423c2aa"
RRECOMMENDS:${PN} = "connman-conf"
RCONFLICTS:${PN} = "networkmanager"

61
sources/poky/meta/recipes-connectivity/dhcpcd/dhcpcd_10.0.6.bb Normal file
View File

@@ -0,0 +1,61 @@
SECTION = "console/network"
SUMMARY = "dhcpcd - a DHCP client"
DESCRIPTION = "dhcpcd runs on your machine and silently configures your \
computer to work on the attached networks without trouble \
and mostly without configuration."
HOMEPAGE = "http://roy.marples.name/projects/dhcpcd/"
LICENSE = "BSD-2-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=ba9c7e534853aaf3de76c905b2410ffd"
SRC_URI = "git://github.com/NetworkConfiguration/dhcpcd;protocol=https;branch=master \
file://0001-remove-INCLUDEDIR-to-prevent-build-issues.patch \
file://0001-20-resolv.conf-improve-the-sitation-of-working-with-.patch \
file://dhcpcd.service \
file://dhcpcd@.service \
file://0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch \
"
SRCREV = "1c8ae59836fa87b4c63c598087f0460ec20ed862"
S = "${WORKDIR}/git"
inherit pkgconfig autotools-brokensep systemd useradd
SYSTEMD_SERVICE:${PN} = "dhcpcd.service"
PACKAGECONFIG ?= "udev ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}"
PACKAGECONFIG[udev] = "--with-udev,--without-udev,udev,udev"
PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6"
# ntp conflicts with chrony
PACKAGECONFIG[ntp] = "--with-hook=ntp, , ,ntp"
PACKAGECONFIG[chrony] = "--with-hook=ntp, , ,chrony"
PACKAGECONFIG[ypbind] = "--with-eghook=yp, , ,ypbind-mt"
# add option to override DBDIR location
DBDIR ?= "${localstatedir}/lib/${BPN}"
EXTRA_OECONF = "--enable-ipv4 \
--dbdir=${DBDIR} \
--sbindir=${base_sbindir} \
--runstatedir=/run \
--enable-privsep \
--privsepuser=dhcpcd \
--with-hooks \
--with-eghooks \
"
USERADD_PACKAGES = "${PN}"
USERADD_PARAM:${PN} = "--system -d ${DBDIR} -M -s /bin/false -U dhcpcd"
do_install:append () {
# install systemd unit files
install -d ${D}${systemd_system_unitdir}
install -m 0644 ${WORKDIR}/dhcpcd*.service ${D}${systemd_system_unitdir}
chmod 700 ${D}${DBDIR}
chown dhcpcd:dhcpcd ${D}${DBDIR}
}
FILES:${PN}-dbg += "${libdir}/dhcpcd/dev/.debug"

82
sources/poky/meta/recipes-connectivity/dhcpcd/files/0001-20-resolv.conf-improve-the-sitation-of-working-with-.patch Normal file
View File

@@ -0,0 +1,82 @@
From 02acc4d875ee81e6fd19ef66d69c9f55b4b4a7e7 Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Wed, 9 Nov 2022 16:33:18 +0800
Subject: [PATCH] 20-resolv.conf: improve the sitation of working with systemd
systemd's resolvconf implementation ignores the protocol part.
See https://github.com/systemd/systemd/issues/25032.
When using 'dhcp server + dns server + dhcpcd + systemd', we
get an integration issue, that is dhcpcd runs 'resolvconf -d eth0.ra',
yet systemd's resolvconf treats it as eth0. This will delete the
DNS information set by 'resolvconf -a eth0.dhcp'.
Fortunately, 20-resolv.conf has the ability to build the resolv.conf
file contents itself. We can just pass the generated contents to
systemd's resolvconf. This way, the DNS information is not incorrectly
deleted. Also, it does not cause behavior regression for dhcpcd
in other cases.
Upstream-Status: Inappropriate [OE Specific]
This patch has been rejected by dhcpcd upstream.
See details in https://github.com/NetworkConfiguration/dhcpcd/pull/152
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
hooks/20-resolv.conf | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/hooks/20-resolv.conf b/hooks/20-resolv.conf
index 7c29e276..becc019f 100644
--- a/hooks/20-resolv.conf
+++ b/hooks/20-resolv.conf
@@ -11,8 +11,12 @@ nocarrier_roaming_dir="$state_dir/roaming"
NL="
"
: ${resolvconf:=resolvconf}
+resolvconf_from_systemd=false
if command -v "$resolvconf" >/dev/null 2>&1; then
have_resolvconf=true
+ if [ $(basename $(readlink -f $(which $resolvconf))) = resolvectl ]; then
+ resolvconf_from_systemd=true
+ fi
else
have_resolvconf=false
fi
@@ -69,8 +73,13 @@ build_resolv_conf()
else
echo "# /etc/resolv.conf.tail can replace this line" >> "$cf"
fi
- if change_file /etc/resolv.conf "$cf"; then
- chmod 644 /etc/resolv.conf
+ if $resolvconf_from_systemd; then
+ [ -n "$ifmetric" ] && export IF_METRIC="$ifmetric"
+ "$resolvconf" -a "$ifname" <"$cf"
+ else
+ if change_file /etc/resolv.conf "$cf"; then
+ chmod 644 /etc/resolv.conf
+ fi
fi
rm -f "$cf"
}
@@ -170,7 +179,7 @@ add_resolv_conf()
for x in ${new_domain_name_servers}; do
conf="${conf}nameserver $x$NL"
done
- if $have_resolvconf; then
+ if $have_resolvconf && ! $resolvconf_from_systemd; then
[ -n "$ifmetric" ] && export IF_METRIC="$ifmetric"
printf %s "$conf" | "$resolvconf" -a "$ifname"
return $?
@@ -186,7 +195,7 @@ add_resolv_conf()
remove_resolv_conf()
{
- if $have_resolvconf; then
+ if $have_resolvconf && ($if_down || ! $resolvconf_from_systemd); then
"$resolvconf" -d "$ifname" -f
else
if [ -e "$resolv_conf_dir/$ifname" ]; then
--
2.17.1

44
sources/poky/meta/recipes-connectivity/dhcpcd/files/0001-dhcpcd.8-Fix-conflict-error-when-enable-multilib.patch Normal file
View File

@@ -0,0 +1,44 @@
From 5d5ba8a2b8010db6bee68bd712f829cb737c9ac1 Mon Sep 17 00:00:00 2001
From: Lei Maohui <leimaohui@fujitsu.com>
Date: Fri, 10 Mar 2023 03:48:46 +0000
Subject: [PATCH] dhcpcd.8: Fix conflict error when enable multilib.
Error: Transaction test error:
file /usr/share/man/man8/dhcpcd.8 conflicts between attempted
installs of dhcpcd-doc-9.4.1-r0.cortexa57 and
lib32-dhcpcd-doc-9.4.1-r0.armv7ahf_neon
The differences between the two files are as follows:
@@ -821,7 +821,7 @@
If you always use the same options, put them here.
.It Pa /usr/libexec/dhcpcd-run-hooks
Bourne shell script that is run to configure or de-configure an interface.
-.It Pa /usr/lib64/dhcpcd/dev
+.It Pa /usr/lib/dhcpcd/dev
Linux
.Pa /dev
management modules.
It is just a man file, there is no necessary to manage multiple
versions.
Upstream-Status: Inappropriate [oe specific]
Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
---
src/dhcpcd.8.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/dhcpcd.8.in b/src/dhcpcd.8.in
index 93232840..09930a31 100644
--- a/src/dhcpcd.8.in
+++ b/src/dhcpcd.8.in
@@ -824,7 +824,7 @@ Configuration file for dhcpcd.
If you always use the same options, put them here.
.It Pa @SCRIPT@
Bourne shell script that is run to configure or de-configure an interface.
-.It Pa @LIBDIR@/dhcpcd/dev
+.It Pa /usr/<libdir>/dhcpcd/dev
Linux
.Pa /dev
management modules.

43
sources/poky/meta/recipes-connectivity/dhcpcd/files/0001-remove-INCLUDEDIR-to-prevent-build-issues.patch Normal file
View File

@@ -0,0 +1,43 @@
From ec9fc4e6086e1dbe0ac2f94a8a088a571596a581 Mon Sep 17 00:00:00 2001
From: Stefano Cappa <stefano.cappa.ks89@gmail.com>
Date: Sun, 13 Jan 2019 01:50:52 +0100
Subject: [PATCH] remove INCLUDEDIR to prevent build issues
Upstream-Status: Pending
Signed-off-by: Stefano Cappa <stefano.cappa.ks89@gmail.com>
---
configure | 5 -----
1 file changed, 5 deletions(-)
diff --git a/configure b/configure
index 5237b0e2..7220718b 100755
--- a/configure
+++ b/configure
@@ -26,7 +26,6 @@ BUILD=
HOST=
HOSTCC=
TARGET=
-INCLUDEDIR=
DEBUG=
FORK=
STATIC=
@@ -86,7 +85,6 @@ for x do
--mandir) MANDIR=$var;;
--datadir) DATADIR=$var;;
--with-ccopts|CFLAGS) CFLAGS=$var;;
- -I|--includedir) INCLUDEDIR="$INCLUDEDIR${INCLUDEDIR:+ }-I$var";;
CC) CC=$var;;
CPPFLAGS) CPPFLAGS=$var;;
PKG_CONFIG) PKG_CONFIG=$var;;
@@ -343,9 +341,6 @@ if [ -n "$CPPFLAGS" ]; then
echo "CPPFLAGS=" >>$CONFIG_MK
echo "CPPFLAGS+= $CPPFLAGS" >>$CONFIG_MK
fi
-if [ -n "$INCLUDEDIR" ]; then
- echo "CPPFLAGS+= $INCLUDEDIR" >>$CONFIG_MK
-fi
if [ -n "$LDFLAGS" ]; then
echo "LDFLAGS=" >>$CONFIG_MK
echo "LDFLAGS+= $LDFLAGS" >>$CONFIG_MK

11
sources/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd.service Normal file
View File

@@ -0,0 +1,11 @@
[Unit]
Description=A minimalistic network configuration daemon with DHCPv4, rdisc and DHCPv6 support
Wants=network.target
Before=network.target
Conflicts=connman.service
[Service]
ExecStart=/sbin/dhcpcd -q --nobackground
[Install]
WantedBy=multi-user.target

16
sources/poky/meta/recipes-connectivity/dhcpcd/files/dhcpcd@.service Normal file
View File

@@ -0,0 +1,16 @@
[Unit]
Description=dhcpcd on %I
Wants=network.target
Before=network.target
BindsTo=sys-subsystem-net-devices-%i.device
After=sys-subsystem-net-devices-%i.device
Conflicts=connman.service
[Service]
Type=forking
PIDFile=/run/dhcpcd/%I.pid
ExecStart=/sbin/dhcpcd -q %I
ExecStop=/sbin/dhcpcd -x %I
[Install]
WantedBy=multi-user.target

20
sources/poky/meta/recipes-connectivity/inetutils/inetutils/rexec.xinetd.inetutils Normal file
View File

@@ -0,0 +1,20 @@
# default: off
# description:
# Rexecd is the server for the rexec program. The server provides remote
# execution facilities with authentication based on user names and
# passwords.
#
service exec
{
socket_type = stream
protocol = tcp
flags = NAMEINARGS
wait = no
user = root
group = root
log_on_success += USERID
log_on_failure += USERID
server = @SBINDIR@/tcpd
server_args = @SBINDIR@/in.rexecd
disable = yes
}

23
sources/poky/meta/recipes-connectivity/inetutils/inetutils/rlogin.xinetd.inetutils Normal file
View File

@@ -0,0 +1,23 @@
# default: off
# description:
# Rlogind is a server for the rlogin program. The server provides remote
# execution with authentication based on privileged port numbers from trusted
# host
#
service login
{
socket_type = stream
protocol = tcp
flags = NAMEINARGS
wait = no
user = root
group = root
log_on_success += USERID
log_on_failure += USERID
server = @SBINDIR@/tcpd
server_args = @SBINDIR@/in.rlogind -a
disable = yes
}

21
sources/poky/meta/recipes-connectivity/inetutils/inetutils/rsh.xinetd.inetutils Normal file
View File

@@ -0,0 +1,21 @@
# default: off
# description:
# The rshd server is a server for the rcmd(3) routine and,
# consequently, for the rsh(1) program. The server provides
# remote execution facilities with authentication based on
# privileged port numbers from trusted hosts.
#
service shell
{
socket_type = stream
protocol = tcp
flags = NAMEINARGS
wait = no
user = root
group = root
log_on_success += USERID
log_on_failure += USERID
server = @SBINDIR@/tcpd
server_args = @SBINDIR@/in.rshd -aL
disable = yes
}

13
sources/poky/meta/recipes-connectivity/inetutils/inetutils/telnet.xinetd.inetutils Normal file
View File

@@ -0,0 +1,13 @@
# default: on
# description: The telnet server serves telnet sessions; it uses \
# unencrypted username/password pairs for authentication.
service telnet
{
disable = no
flags = REUSE
socket_type = stream
wait = no
user = root
server = @SBINDIR@/in.telnetd
log_on_failure += USERID
}

19
sources/poky/meta/recipes-connectivity/inetutils/inetutils/tftpd.xinetd.inetutils Normal file
View File

@@ -0,0 +1,19 @@
# default: off
# description:
# Tftpd is a server which supports the Internet Trivial File Transfer
# Pro-tocol (RFC 783). The TFTP server operates at the port indicated
# in the tftp service description; see services(5).
#
service tftp
{
disable = yes
socket_type = dgram
protocol = udp
flags = IPv6
wait = yes
user = root
group = root
server = @SBINDIR@/in.tftpd
server_args = /tftpboot
}

218
sources/poky/meta/recipes-connectivity/inetutils/inetutils_2.5.bb Normal file
View File

@@ -0,0 +1,218 @@
SUMMARY = "The GNU inetutils are a collection of common networking utilities and servers."
DESCRIPTION = "The GNU inetutils are a collection of common \
networking utilities and servers including ftp, ftpd, rcp, \
rexec, rlogin, rlogind, rsh, rshd, syslog, syslogd, talk, \
talkd, telnet, telnetd, tftp, tftpd, and uucpd."
HOMEPAGE = "http://www.gnu.org/software/inetutils"
SECTION = "net"
DEPENDS = "ncurses netbase readline virtual/crypt"
LICENSE = "GPL-3.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7"
SRC_URI[sha256sum] = "87697d60a31e10b5cb86a9f0651e1ec7bee98320d048c0739431aac3d5764fb6"
SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
file://rexec.xinetd.inetutils \
file://rlogin.xinetd.inetutils \
file://rsh.xinetd.inetutils \
file://telnet.xinetd.inetutils \
file://tftpd.xinetd.inetutils \
"
inherit autotools gettext update-alternatives texinfo
acpaths = "-I ./m4"
PACKAGECONFIG ??= "ftp uucpd \
${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ipv6 ping6', '', d)} \
"
PACKAGECONFIG[ftp] = "--enable-ftp,--disable-ftp,readline"
PACKAGECONFIG[uucpd] = "--enable-uucpd,--disable-uucpd,readline"
PACKAGECONFIG[pam] = "--with-pam,--without-pam,libpam"
PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6 gl_cv_socket_ipv6=no,"
PACKAGECONFIG[ping6] = "--enable-ping6,--disable-ping6,"
EXTRA_OECONF = "--with-ncurses-include-dir=${STAGING_INCDIR} \
--with-libreadline-prefix=${STAGING_LIBDIR} \
--enable-rpath=no \
--with-path-login=${base_bindir}/login \
--with-path-cp=${base_bindir}/cp \
--with-path-uucico=${libexecdir}/uuico \
--with-path-procnet-dev=/proc/net/dev \
"
EXTRA_OECONF:append:libc-musl = " --with-path-utmpx=/dev/null/utmpx --with-path-wtmpx=/dev/null/wtmpx"
# These are horrible for security, disable them
EXTRA_OECONF:append = " --disable-rsh --disable-rshd --disable-rcp \
--disable-rlogin --disable-rlogind --disable-rexec --disable-rexecd"
# The configure script guesses many paths in cross builds, check for this happening
do_configure_cross_check() {
if grep "may be incorrect because of cross-compilation" ${B}/config.log; then
bberror Default path values used, these must be set explicitly
fi
}
do_configure[postfuncs] += "do_configure_cross_check"
# The --with-path options are not actually options, so this check needs to be silenced
ERROR_QA:remove = "unknown-configure-option"
do_configure:prepend () {
export HELP2MAN='true'
}
do_install:append () {
install -m 0755 -d ${D}${base_sbindir}
install -m 0755 -d ${D}${sbindir}
install -m 0755 -d ${D}${sysconfdir}/xinetd.d
if [ "${base_bindir}" != "${bindir}" ] ; then
install -m 0755 -d ${D}${base_bindir}
mv ${D}${bindir}/ping* ${D}${base_bindir}/
mv ${D}${bindir}/hostname ${D}${base_bindir}/
mv ${D}${bindir}/dnsdomainname ${D}${base_bindir}/
fi
mv ${D}${bindir}/ifconfig ${D}${base_sbindir}/
mv ${D}${libexecdir}/syslogd ${D}${base_sbindir}/
mv ${D}${libexecdir}/tftpd ${D}${sbindir}/in.tftpd
mv ${D}${libexecdir}/telnetd ${D}${sbindir}/in.telnetd
if [ -e ${D}${libexecdir}/rexecd ]; then
mv ${D}${libexecdir}/rexecd ${D}${sbindir}/in.rexecd
cp ${WORKDIR}/rexec.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rexec
fi
if [ -e ${D}${libexecdir}/rlogind ]; then
mv ${D}${libexecdir}/rlogind ${D}${sbindir}/in.rlogind
cp ${WORKDIR}/rlogin.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rlogin
fi
if [ -e ${D}${libexecdir}/rshd ]; then
mv ${D}${libexecdir}/rshd ${D}${sbindir}/in.rshd
cp ${WORKDIR}/rsh.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/rsh
fi
if [ -e ${D}${libexecdir}/talkd ]; then
mv ${D}${libexecdir}/talkd ${D}${sbindir}/in.talkd
fi
mv ${D}${libexecdir}/uucpd ${D}${sbindir}/in.uucpd
mv ${D}${libexecdir}/* ${D}${bindir}/
cp ${WORKDIR}/telnet.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/telnet
cp ${WORKDIR}/tftpd.xinetd.inetutils ${D}/${sysconfdir}/xinetd.d/tftpd
sed -e 's,@SBINDIR@,${sbindir},g' -i ${D}/${sysconfdir}/xinetd.d/*
if [ -e ${D}${libdir}/charset.alias ]; then
rm -rf ${D}${libdir}/charset.alias
fi
rm -rf ${D}${libexecdir}/
# remove usr/lib if empty
rmdir ${D}${libdir} || true
}
PACKAGES =+ "${PN}-ping ${PN}-ping6 ${PN}-hostname ${PN}-ifconfig \
${PN}-tftp ${PN}-logger ${PN}-traceroute ${PN}-syslogd \
${PN}-ftp ${PN}-ftpd ${PN}-tftpd ${PN}-telnet ${PN}-telnetd ${PN}-inetd \
${PN}-rsh ${PN}-rshd"
# The packages tftpd, telnetd and rshd conflict with the ones
# provided by netkit, so add the corresponding -dbg packages
# for them to avoid the confliction between the dbg package
# of inetutils and netkit.
PACKAGES =+ "${PN}-tftpd-dbg ${PN}-telnetd-dbg ${PN}-rshd-dbg"
NOAUTOPACKAGEDEBUG = "1"
ALTERNATIVE_PRIORITY = "79"
ALTERNATIVE:${PN} = "whois dnsdomainname"
ALTERNATIVE_LINK_NAME[uucpd] = "${sbindir}/in.uucpd"
ALTERNATIVE_LINK_NAME[dnsdomainname] = "${base_bindir}/dnsdomainname"
ALTERNATIVE_PRIORITY_${PN}-logger = "60"
ALTERNATIVE:${PN}-logger = "logger"
ALTERNATIVE:${PN}-syslogd = "syslogd"
ALTERNATIVE_LINK_NAME[syslogd] = "${base_sbindir}/syslogd"
ALTERNATIVE:${PN}-ftp = "ftp"
ALTERNATIVE:${PN}-ftpd = "ftpd"
ALTERNATIVE:${PN}-tftp = "tftp"
ALTERNATIVE:${PN}-tftpd = "tftpd"
ALTERNATIVE_LINK_NAME[tftpd] = "${sbindir}/tftpd"
ALTERNATIVE_TARGET[tftpd] = "${sbindir}/in.tftpd"
ALTERNATIVE:${PN}-telnet = "telnet"
ALTERNATIVE:${PN}-telnetd = "telnetd"
ALTERNATIVE_LINK_NAME[telnetd] = "${sbindir}/telnetd"
ALTERNATIVE_TARGET[telnetd] = "${sbindir}/in.telnetd"
ALTERNATIVE:${PN}-inetd= "inetd"
ALTERNATIVE:${PN}-traceroute = "traceroute"
ALTERNATIVE:${PN}-hostname = "hostname"
ALTERNATIVE_LINK_NAME[hostname] = "${base_bindir}/hostname"
ALTERNATIVE:${PN}-doc = "hostname.1 dnsdomainname.1 logger.1 syslogd.8 \
tftpd.8 tftp.1 telnetd.8"
ALTERNATIVE_LINK_NAME[hostname.1] = "${mandir}/man1/hostname.1"
ALTERNATIVE_LINK_NAME[dnsdomainname.1] = "${mandir}/man1/dnsdomainname.1"
ALTERNATIVE_LINK_NAME[logger.1] = "${mandir}/man1/logger.1"
ALTERNATIVE_LINK_NAME[syslogd.8] = "${mandir}/man8/syslogd.8"
ALTERNATIVE_LINK_NAME[telnetd.8] = "${mandir}/man8/telnetd.8"
ALTERNATIVE_LINK_NAME[tftpd.8] = "${mandir}/man8/tftpd.8"
ALTERNATIVE_LINK_NAME[tftp.1] = "${mandir}/man1/tftp.1"
ALTERNATIVE:${PN}-ifconfig = "ifconfig"
ALTERNATIVE_LINK_NAME[ifconfig] = "${base_sbindir}/ifconfig"
ALTERNATIVE:${PN}-ping = "ping"
ALTERNATIVE_LINK_NAME[ping] = "${base_bindir}/ping"
ALTERNATIVE:${PN}-ping6 = "${@bb.utils.filter('PACKAGECONFIG', 'ping6', d)}"
ALTERNATIVE_LINK_NAME[ping6] = "${base_bindir}/ping6"
FILES:${PN}-dbg += "${base_bindir}/.debug ${base_sbindir}/.debug ${bindir}/.debug ${sbindir}/.debug"
FILES:${PN}-ping = "${base_bindir}/ping.${BPN}"
FILES:${PN}-ping6 = "${base_bindir}/ping6.${BPN}"
FILES:${PN}-hostname = "${base_bindir}/hostname.${BPN}"
FILES:${PN}-ifconfig = "${base_sbindir}/ifconfig.${BPN}"
FILES:${PN}-traceroute = "${bindir}/traceroute.${BPN}"
FILES:${PN}-logger = "${bindir}/logger.${BPN}"
FILES:${PN}-syslogd = "${base_sbindir}/syslogd.${BPN}"
RCONFLICTS:${PN}-syslogd = "rsyslog busybox-syslog sysklogd syslog-ng"
FILES:${PN}-ftp = "${bindir}/ftp.${BPN}"
FILES:${PN}-tftp = "${bindir}/tftp.${BPN}"
FILES:${PN}-telnet = "${bindir}/telnet.${BPN}"
# We make us of RCONFLICTS / RPROVIDES here rather than using the normal
# alternatives method as this leads to packaging QA issues when using
# musl as that library does not provide what these applications need to
# build.
FILES:${PN}-rsh = "${bindir}/rsh ${bindir}/rlogin ${bindir}/rexec ${bindir}/rcp"
RCONFLICTS:${PN}-rsh += "netkit-rsh-client"
RPROVIDES:${PN}-rsh = "rsh"
FILES:${PN}-rshd = "${sbindir}/in.rshd ${sbindir}/in.rlogind ${sbindir}/in.rexecd \
${sysconfdir}/xinetd.d/rsh ${sysconfdir}/xinetd.d/rlogin ${sysconfdir}/xinetd.d/rexec"
FILES:${PN}-rshd-dbg = "${sbindir}/.debug/in.rshd ${sbindir}/.debug/in.rlogind ${sbindir}/.debug/in.rexecd"
RDEPENDS:${PN}-rshd += "xinetd tcp-wrappers"
RCONFLICTS:${PN}-rshd += "netkit-rshd-server"
RPROVIDES:${PN}-rshd = "rshd"
FILES:${PN}-ftpd = "${bindir}/ftpd.${BPN}"
FILES:${PN}-ftpd-dbg = "${bindir}/.debug/ftpd.${BPN}"
RDEPENDS:${PN}-ftpd += "xinetd"
FILES:${PN}-tftpd = "${sbindir}/in.tftpd ${sysconfdir}/xinetd.d/tftpd"
FILES:${PN}-tftpd-dbg = "${sbindir}/.debug/in.tftpd"
RCONFLICTS:${PN}-tftpd += "netkit-tftpd"
RDEPENDS:${PN}-tftpd += "xinetd"
FILES:${PN}-telnetd = "${sbindir}/in.telnetd ${sysconfdir}/xinetd.d/telnet"
FILES:${PN}-telnetd-dbg = "${sbindir}/.debug/in.telnetd"
RCONFLICTS:${PN}-telnetd += "netkit-telnet"
RPROVIDES:${PN}-telnetd = "telnetd"
RDEPENDS:${PN}-telnetd += "xinetd"
FILES:${PN}-inetd = "${bindir}/inetd.${BPN}"
RDEPENDS:${PN} = "xinetd"

104
sources/poky/meta/recipes-connectivity/iproute2/iproute2_6.7.0.bb Normal file
View File

@@ -0,0 +1,104 @@
SUMMARY = "TCP / IP networking and traffic control utilities"
DESCRIPTION = "Iproute2 is a collection of utilities for controlling \
TCP / IP networking and traffic control in Linux. Of the utilities ip \
and tc are the most important. ip controls IPv4 and IPv6 \
configuration and tc stands for traffic control."
HOMEPAGE = "http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2"
SECTION = "base"
LICENSE = "GPL-2.0-or-later"
LIC_FILES_CHKSUM = "file://COPYING;md5=eb723b61539feef013de476e68b5c50a \
"
DEPENDS = "flex-native bison-native iptables libcap"
SRC_URI = "${KERNELORG_MIRROR}/linux/utils/net/${BPN}/${BP}.tar.xz"
SRC_URI[sha256sum] = "ff942dd9828d7d1f867f61fe72ce433078c31e5d8e4a78e20f02cb5892e8841d"
inherit update-alternatives bash-completion pkgconfig
PACKAGECONFIG ??= "tipc elf devlink"
PACKAGECONFIG[tipc] = ",,libmnl,"
PACKAGECONFIG[elf] = ",,elfutils,"
PACKAGECONFIG[devlink] = ",,libmnl,"
PACKAGECONFIG[rdma] = ",,libmnl,"
PACKAGECONFIG[selinux] = ",,libselinux"
IPROUTE2_MAKE_SUBDIRS = "lib tc ip bridge misc genl ${@bb.utils.filter('PACKAGECONFIG', 'devlink tipc rdma', d)}"
# This is needed with GCC-14 and musl
CFLAGS += "-Wno-error=incompatible-pointer-types"
# CFLAGS are computed in Makefile and reference CCOPTS
#
EXTRA_OEMAKE = "\
CC='${CC}' \
KERNEL_INCLUDE=${STAGING_INCDIR} \
DOCDIR=${docdir}/iproute2 \
SUBDIRS='${IPROUTE2_MAKE_SUBDIRS}' \
SBINDIR='${base_sbindir}' \
CONF_USR_DIR='${libdir}/iproute2' \
LIBDIR='${libdir}' \
CCOPTS='${CFLAGS}' \
"
do_configure:append () {
sh configure ${STAGING_INCDIR}
# Explicitly disable ATM support
sed -i -e '/TC_CONFIG_ATM/d' config.mk
}
do_install () {
oe_runmake DESTDIR=${D} install
mv ${D}${base_sbindir}/ip ${D}${base_sbindir}/ip.iproute2
install -d ${D}${datadir}
mv ${D}/share/* ${D}${datadir}/ || true
rm ${D}/share -rf || true
}
# The .so files in iproute2-tc are modules, not traditional libraries
INSANE_SKIP:${PN}-tc = "dev-so"
IPROUTE2_PACKAGES =+ "\
${PN}-devlink \
${PN}-genl \
${PN}-ifstat \
${PN}-ip \
${PN}-lnstat \
${PN}-nstat \
${PN}-routel \
${PN}-rtacct \
${PN}-ss \
${PN}-tc \
${PN}-tipc \
${PN}-rdma \
"
PACKAGE_BEFORE_PN = "${IPROUTE2_PACKAGES}"
RDEPENDS:${PN} += "${PN}-ip"
FILES:${PN}-tc = "${base_sbindir}/tc* \
${libdir}/tc/*.so"
FILES:${PN}-lnstat = "${base_sbindir}/lnstat \
${base_sbindir}/ctstat \
${base_sbindir}/rtstat"
FILES:${PN}-ifstat = "${base_sbindir}/ifstat"
FILES:${PN}-ip = "${base_sbindir}/ip.* ${libdir}/iproute2"
FILES:${PN}-genl = "${base_sbindir}/genl"
FILES:${PN}-rtacct = "${base_sbindir}/rtacct"
FILES:${PN}-nstat = "${base_sbindir}/nstat"
FILES:${PN}-ss = "${base_sbindir}/ss"
FILES:${PN}-tipc = "${base_sbindir}/tipc"
FILES:${PN}-devlink = "${base_sbindir}/devlink"
FILES:${PN}-rdma = "${base_sbindir}/rdma"
FILES:${PN}-routel = "${base_sbindir}/routel"
RDEPENDS:${PN}-routel = "python3-core"
ALTERNATIVE:${PN}-ip = "ip"
ALTERNATIVE_TARGET[ip] = "${base_sbindir}/ip.${BPN}"
ALTERNATIVE_LINK_NAME[ip] = "${base_sbindir}/ip"
ALTERNATIVE_PRIORITY = "100"
ALTERNATIVE:${PN}-tc = "tc"
ALTERNATIVE_LINK_NAME[tc] = "${base_sbindir}/tc"
ALTERNATIVE_PRIORITY_${PN}-tc = "100"

41
sources/poky/meta/recipes-connectivity/iw/iw/0001-iw-version.sh-don-t-use-git-describe-for-versioning.patch Normal file
View File

@@ -0,0 +1,41 @@
Subject: [PATCH] iw: version.sh: don't use git describe for versioning
It will detect top-level git repositories like the Angstrom setup-scripts and break.
Upstream-Status: Pending
Signed-off-by: Koen Kooi <koen@dominion.thruhere.net>
Signed-off-by: Maxin B. John <maxin.john@intel.com>
---
diff -Naur iw-4.7-orig/version.sh iw-4.7/version.sh
--- iw-4.7-orig/version.sh 2016-05-31 12:52:46.000000000 +0300
+++ iw-4.7/version.sh 2016-06-01 11:21:58.307409060 +0300
@@ -15,27 +15,7 @@
SRC_DIR=$(cd ${SRC_DIR}; pwd)
cd "${SRC_DIR}"
-v=""
-if [ -d .git ] && head=`git rev-parse --verify HEAD 2>/dev/null`; then
- git update-index --refresh --unmerged > /dev/null
- descr=$(git describe --match=v* 2>/dev/null)
- if [ $? -eq 0 ]; then
- # on git builds check that the version number above
- # is correct...
- if [ "${descr%%-*}" = "v$VERSION" ]; then
- v="${descr#v}"
- if git diff-index --name-only HEAD | read dummy ; then
- v="$v"-dirty
- fi
- fi
- fi
-fi
-
-# set to the default version when failed to get the version
-# information with git
-if [ -z "${v}" ]; then
- v="$VERSION"
-fi
+v="$VERSION"
echo '#include "iw.h"' > "$OUT"
echo "const char iw_version[] = \"$v\";" >> "$OUT"

50
sources/poky/meta/recipes-connectivity/iw/iw/separate-objdir.patch Normal file
View File

@@ -0,0 +1,50 @@
From ff9f0a631c99fb6e2677c02bf572a5e69c70f5cf Mon Sep 17 00:00:00 2001
From: Changhyeok Bae <changhyeok.bae@gmail.com>
Date: Mon, 27 Jan 2020 22:48:03 +0100
Subject: [PATCH] Support separation of SRCDIR and OBJDIR
Typical use of VPATH to locate the sources.
Upstream-Status: Pending
Signed-off-by: Christopher Larson <chris_larson@mentor.com>
Signed-off-by: Maxin B. John <maxin.john@intel.com>
---
Makefile | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/Makefile b/Makefile
index 90f2251..714cdb9 100644
--- a/Makefile
+++ b/Makefile
@@ -1,5 +1,9 @@
MAKEFLAGS += --no-print-directory
+SRCDIR ?= $(dir $(lastword $(MAKEFILE_LIST)))
+OBJDIR ?= $(PWD)
+VPATH = $(SRCDIR)
+
PREFIX ?= /usr
SBINDIR ?= $(PREFIX)/sbin
MANDIR ?= $(PREFIX)/share/man
@@ -92,7 +96,7 @@ all: $(ALL)
version.c: version.sh $(patsubst %.o,%.c,$(VERSION_OBJS)) nl80211.h iw.h Makefile \
$(wildcard .git/index .git/refs/tags)
@$(NQ) ' GEN ' $@
- $(Q)./version.sh $@
+ $(Q)cd $(SRCDIR) && ./version.sh $(OBJDIR)/$@
nl80211-commands.inc: nl80211.h
@$(NQ) ' GEN ' $@
@@ -100,7 +104,7 @@ nl80211-commands.inc: nl80211.h
%.o: %.c iw.h nl80211.h nl80211-commands.inc
@$(NQ) ' CC ' $@
- $(Q)$(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
+ $(Q)$(CC) -I$(SRCDIR) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
ifeq ($(IW_ANDROID_BUILD),)
iw: $(OBJS)
--
2.23.0

31
sources/poky/meta/recipes-connectivity/iw/iw_6.7.bb Normal file
View File

@@ -0,0 +1,31 @@
SUMMARY = "nl80211 based CLI configuration utility for wireless devices"
DESCRIPTION = "iw is a new nl80211 based CLI configuration utility for \
wireless devices. It supports almost all new drivers that have been added \
to the kernel recently. "
HOMEPAGE = "https://wireless.wiki.kernel.org/en/users/documentation/iw"
SECTION = "base"
LICENSE = "ISC"
LIC_FILES_CHKSUM = "file://COPYING;md5=878618a5c4af25e9b93ef0be1a93f774"
DEPENDS = "libnl"
SRC_URI = "http://www.kernel.org/pub/software/network/iw/${BP}.tar.gz \
file://0001-iw-version.sh-don-t-use-git-describe-for-versioning.patch \
file://separate-objdir.patch \
"
SRC_URI[sha256sum] = "b3ef3fa85fa1177b11d3e97d6d38cdfe10ee250ca31482b581f3bd0fc79cb015"
inherit pkgconfig
EXTRA_OEMAKE = "\
-f '${S}/Makefile' \
\
'PREFIX=${prefix}' \
'SBINDIR=${sbindir}' \
'MANDIR=${mandir}' \
"
do_install() {
oe_runmake 'DESTDIR=${D}' install
}

28
sources/poky/meta/recipes-connectivity/kea/files/0001-src-lib-log-logger_unittest_support.cc-do-not-write-.patch Normal file
View File

@@ -0,0 +1,28 @@
From 841924e1fe8db2bff3eab8d37634ef08f86c00ec Mon Sep 17 00:00:00 2001
From: Alexander Kanavin <alex.kanavin@gmail.com>
Date: Tue, 10 Nov 2020 15:57:03 +0000
Subject: [PATCH] src/lib/log/logger_unittest_support.cc: do not write build
path into binary
This breaks reproducibility and is needed only in unit testing.
Upstream-Status: Inappropriate [oe-core specific]
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
---
src/lib/log/logger_unittest_support.cc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/lib/log/logger_unittest_support.cc b/src/lib/log/logger_unittest_support.cc
index fc01c6e..f46d17e 100644
--- a/src/lib/log/logger_unittest_support.cc
+++ b/src/lib/log/logger_unittest_support.cc
@@ -84,7 +84,7 @@ void initLogger(isc::log::Severity severity, int dbglevel) {
const char* localfile = getenv("KEA_LOGGER_LOCALMSG");
// Set a directory for creating lockfiles when running tests
- setenv("KEA_LOCKFILE_DIR", TOP_BUILDDIR, 0);
+ //setenv("KEA_LOCKFILE_DIR", TOP_BUILDDIR, 0);
// Initialize logging
initLogger(root, severity, dbglevel, localfile);

58
sources/poky/meta/recipes-connectivity/kea/files/fix-multilib-conflict.patch Normal file
View File

@@ -0,0 +1,58 @@
From 06ebd1b2ced426c420ed162980eca194f9f918ae Mon Sep 17 00:00:00 2001
From: Kai Kang <kai.kang@windriver.com>
Date: Tue, 22 Sep 2020 15:02:33 +0800
Subject: [PATCH] There are conflict of config files between kea and lib32-kea:
| Error: Transaction test error:
| file /etc/kea/kea-ctrl-agent.conf conflicts between attempted installs of
lib32-kea-1.7.10-r0.core2_32 and kea-1.7.10-r0.core2_64
| file /etc/kea/kea-dhcp4.conf conflicts between attempted installs of
lib32-kea-1.7.10-r0.core2_32 and kea-1.7.10-r0.core2_64
Because they are all commented out, replace the expanded libdir path with
'$libdir' in the config files to avoid conflict.
Upstream-Status: Submitted [https://gitlab.isc.org/isc-projects/kea/-/issues/2602]
Signed-off-by: Kai Kang <kai.kang@windriver.com>
---
src/bin/keactrl/kea-ctrl-agent.conf.pre | 3 ++-
src/bin/keactrl/kea-dhcp4.conf.pre | 4 ++--
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/bin/keactrl/kea-ctrl-agent.conf.pre b/src/bin/keactrl/kea-ctrl-agent.conf.pre
index e6ae8b8..50a3092 100644
--- a/src/bin/keactrl/kea-ctrl-agent.conf.pre
+++ b/src/bin/keactrl/kea-ctrl-agent.conf.pre
@@ -51,7 +51,8 @@
// Agent will fail to start.
"hooks-libraries": [
// {
-// "library": "@libdir@/kea/hooks/control-agent-commands.so",
+// // Replace $libdir with real library path /usr/lib or /usr/lib64
+// "library": "$libdir/kea/hooks/control-agent-commands.so",
// "parameters": {
// "param1": "foo"
// }
diff --git a/src/bin/keactrl/kea-dhcp4.conf.pre b/src/bin/keactrl/kea-dhcp4.conf.pre
index 6edb8a1..b2a7385 100644
--- a/src/bin/keactrl/kea-dhcp4.conf.pre
+++ b/src/bin/keactrl/kea-dhcp4.conf.pre
@@ -255,7 +255,7 @@
// // of all devices serviced by Kea, including their identifiers
// // (like MAC address), their location in the network, times
// // when they were active etc.
- // "library": "@libdir@/kea/hooks/libdhcp_legal_log.so",
+ // "library": "$libdir/kea/hooks/libdhcp_legal_log.so",
// "parameters": {
// "path": "/var/lib/kea",
// "base-name": "kea-forensic4"
@@ -272,7 +272,7 @@
// // of specific options or perhaps even a combination of several
// // options and fields to uniquely identify a client. Those scenarios
// // are addressed by the Flexible Identifiers hook application.
- // "library": "@libdir@/kea/hooks/libdhcp_flex_id.so",
+ // "library": "$libdir/kea/hooks/libdhcp_flex_id.so",
// "parameters": {
// "identifier-expression": "relay4[2].hex"
// }

29
sources/poky/meta/recipes-connectivity/kea/files/fix_pid_keactrl.patch Normal file
View File

@@ -0,0 +1,29 @@
From c878a356712606549f7f188b62f7d1cae08a176e Mon Sep 17 00:00:00 2001
From: Armin kuster <akuster808@gmail.com>
Date: Wed, 14 Oct 2020 22:48:31 -0700
Subject: [PATCH] Busybox does not support ps -p so use pgrep
Upstream-Status: Inappropriate [embedded specific]
Based on changes from Diego Sueiro <Diego.Sueiro@arm.com>
Signed-off-by: Armin kuster <akuster808@gmail.com>
---
src/bin/keactrl/keactrl.in | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/bin/keactrl/keactrl.in b/src/bin/keactrl/keactrl.in
index 450e997..c353ca9 100644
--- a/src/bin/keactrl/keactrl.in
+++ b/src/bin/keactrl/keactrl.in
@@ -149,8 +149,8 @@ check_running() {
# Get the PID from the PID file (if it exists)
get_pid_from_file "${proc_name}"
if [ ${_pid} -gt 0 ]; then
- # Use ps to check if PID is alive
- if ps -p ${_pid} 1>/dev/null; then
+ # Use pgrep and grep to check if PID is alive
+ if pgrep -v 1 | grep ${_pid} 1>/dev/null; then
# No error, so PID IS ALIVE
_running=1
fi

46
sources/poky/meta/recipes-connectivity/kea/files/kea-dhcp-ddns-server Normal file
View File

@@ -0,0 +1,46 @@
#!/bin/sh
### BEGIN INIT INFO
# Provides: kea-dhcp-ddns-server
# Required-Start: $local_fs $network $remote_fs $syslog
# Required-Stop: $local_fs $network $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: ISC KEA DHCP IPv6 Server
### END INIT INFO
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="kea-dhcp-ddns-server"
NAME=kea-dhcp-ddns
DAEMON=/usr/sbin/keactrl
DAEMON_ARGS=" -s dhcp_ddns"
set -e
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Source function library.
. /etc/init.d/functions
case "$1" in
start)
echo -n "Starting $DESC: "
start-stop-daemon -S -b -n $NAME -x $DAEMON -- start $DAEMON_ARGS
echo "done."
;;
stop)
echo -n "Stopping $DESC: "
kpid=`pidof $NAME`
kill $kpid
echo "done."
;;
restart|force-reload)
#
$0 stop
$0 start
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 1
;;
esac

13
sources/poky/meta/recipes-connectivity/kea/files/kea-dhcp-ddns.service Normal file
View File

@@ -0,0 +1,13 @@
[Unit]
Description=Kea DHCP-DDNS Server
Wants=network-online.target
After=network-online.target
After=time-sync.target
[Service]
ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/run/kea/
ExecStartPre=@BASE_BINDIR@/chmod 750 @LOCALSTATEDIR@/run/kea/
ExecStart=@SBINDIR@/kea-dhcp-ddns -c @SYSCONFDIR@/kea/kea-dhcp-ddns.conf
[Install]
WantedBy=multi-user.target

46
sources/poky/meta/recipes-connectivity/kea/files/kea-dhcp4-server Normal file
View File

@@ -0,0 +1,46 @@
#!/bin/sh
### BEGIN INIT INFO
# Provides: kea-dhcp4-server
# Required-Start: $local_fs $network $remote_fs $syslog
# Required-Stop: $local_fs $network $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: ISC KEA DHCP IPv6 Server
### END INIT INFO
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="kea-dhcp4-server"
NAME=kea-dhcp4
DAEMON=/usr/sbin/keactrl
DAEMON_ARGS=" -s dhcp4"
set -e
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Source function library.
. /etc/init.d/functions
case "$1" in
start)
echo -n "Starting $DESC: "
start-stop-daemon -S -b -n $NAME -x $DAEMON -- start $DAEMON_ARGS
echo "done."
;;
stop)
echo -n "Stopping $DESC: "
kpid=`pidof $NAME`
kill $kpid
echo "done."
;;
restart|force-reload)
#
$0 stop
$0 start
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 1
;;
esac

14
sources/poky/meta/recipes-connectivity/kea/files/kea-dhcp4.service Normal file
View File

@@ -0,0 +1,14 @@
[Unit]
Description=Kea DHCPv4 Server
Wants=network-online.target
After=network-online.target
After=time-sync.target
[Service]
ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/run/kea/
ExecStartPre=@BASE_BINDIR@/chmod 750 @LOCALSTATEDIR@/run/kea/
ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/lib/kea
ExecStart=@SBINDIR@/kea-dhcp4 -c @SYSCONFDIR@/kea/kea-dhcp4.conf
[Install]
WantedBy=multi-user.target

47
sources/poky/meta/recipes-connectivity/kea/files/kea-dhcp6-server Normal file
View File

@@ -0,0 +1,47 @@
#!/bin/sh
### BEGIN INIT INFO
# Provides: kea-dhcp6-server
# Required-Start: $local_fs $network $remote_fs $syslog
# Required-Stop: $local_fs $network $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: ISC KEA DHCP IPv6 Server
### END INIT INFO
# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="kea-dhcp6-server"
NAME=kea-dhcp6
DAEMON=/usr/sbin/keactrl
DAEMON_ARGS=" -s dhcp6"
set -e
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Source function library.
. /etc/init.d/functions
case "$1" in
start)
echo -n "Starting $DESC: "
start-stop-daemon -S -b -n $NAME -x $DAEMON -- start $DAEMON_ARGS
echo "done."
;;
stop)
echo -n "Stopping $DESC: "
kpid=`pidof $NAME`
kill $kpid
echo "done."
;;
restart|force-reload)
#
$0 stop
$0 start
;;
*)
echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
exit 1
;;
esac

14
sources/poky/meta/recipes-connectivity/kea/files/kea-dhcp6.service Normal file
View File

@@ -0,0 +1,14 @@
[Unit]
Description=Kea DHCPv6 Server
Wants=network-online.target
After=network-online.target
After=time-sync.target
[Service]
ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/run/kea/
ExecStartPre=@BASE_BINDIR@/chmod 750 @LOCALSTATEDIR@/run/kea/
ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/lib/kea
ExecStart=@SBINDIR@/kea-dhcp6 -c @SYSCONFDIR@/kea/kea-dhcp6.conf
[Install]
WantedBy=multi-user.target

78
sources/poky/meta/recipes-connectivity/kea/kea_2.4.2.bb Normal file
View File

@@ -0,0 +1,78 @@
SUMMARY = "ISC Kea DHCP Server"
DESCRIPTION = "Kea is the next generation of DHCP software developed by ISC. It supports both DHCPv4 and DHCPv6 protocols along with their extensions, e.g. prefix delegation and dynamic updates to DNS."
HOMEPAGE = "http://kea.isc.org"
SECTION = "connectivity"
LICENSE = "MPL-2.0"
LIC_FILES_CHKSUM = "file://COPYING;md5=ee16e7280a6cf2a1487717faf33190dc"
DEPENDS = "boost log4cplus openssl"
SRC_URI = "http://ftp.isc.org/isc/kea/${PV}/${BP}.tar.gz \
file://kea-dhcp4.service \
file://kea-dhcp6.service \
file://kea-dhcp-ddns.service \
file://kea-dhcp4-server \
file://kea-dhcp6-server \
file://kea-dhcp-ddns-server \
file://fix-multilib-conflict.patch \
file://fix_pid_keactrl.patch \
file://0001-src-lib-log-logger_unittest_support.cc-do-not-write-.patch \
"
SRC_URI[sha256sum] = "6e82fb319d3b871c0d39bbd504f2cda0c66fa1262865872985fb4fb91b4eaafc"
inherit autotools systemd update-rc.d upstream-version-is-even
INITSCRIPT_NAME = "kea-dhcp4-server"
INITSCRIPT_PARAMS = "defaults 30"
SYSTEMD_SERVICE:${PN} = "kea-dhcp4.service kea-dhcp6.service kea-dhcp-ddns.service"
SYSTEMD_AUTO_ENABLE = "disable"
DEBUG_OPTIMIZATION:remove:mips = " -Og"
DEBUG_OPTIMIZATION:append:mips = " -O"
BUILD_OPTIMIZATION:remove:mips = " -Og"
BUILD_OPTIMIZATION:append:mips = " -O"
DEBUG_OPTIMIZATION:remove:mipsel = " -Og"
DEBUG_OPTIMIZATION:append:mipsel = " -O"
BUILD_OPTIMIZATION:remove:mipsel = " -Og"
BUILD_OPTIMIZATION:append:mipsel = " -O"
CXXFLAGS:remove = "-fvisibility-inlines-hidden"
EXTRA_OECONF = "--with-boost-libs=-lboost_system \
--with-log4cplus=${STAGING_DIR_TARGET}${prefix} \
--with-openssl=${STAGING_DIR_TARGET}${prefix}"
do_configure:prepend() {
# replace abs_top_builddir to avoid introducing the build path
# don't expand the abs_top_builddir on the target as the abs_top_builddir is meanlingless on the target
find ${S} -type f -name *.sh.in | xargs sed -i "s:@abs_top_builddir@:@abs_top_builddir_placeholder@:g"
sed -i "s:@abs_top_builddir@:@abs_top_builddir_placeholder@:g" ${S}/src/bin/admin/kea-admin.in
}
# patch out build host paths for reproducibility
do_compile:prepend:class-target() {
sed -i -e "s,${WORKDIR},,g" ${B}/config.report
}
do_install:append() {
install -d ${D}${sysconfdir}/init.d
install -d ${D}${systemd_system_unitdir}
install -m 0644 ${WORKDIR}/kea-dhcp*service ${D}${systemd_system_unitdir}
install -m 0755 ${WORKDIR}/kea-*-server ${D}${sysconfdir}/init.d
sed -i -e 's,@SBINDIR@,${sbindir},g' -e 's,@BASE_BINDIR@,${base_bindir},g' \
-e 's,@LOCALSTATEDIR@,${localstatedir},g' -e 's,@SYSCONFDIR@,${sysconfdir},g' \
${D}${systemd_system_unitdir}/kea-dhcp*service ${D}${sbindir}/keactrl
}
do_install:append() {
rm -rf "${D}${localstatedir}"
}
CONFFILES:${PN} = "${sysconfdir}/kea/keactrl.conf"
FILES:${PN}-staticdev += "${libdir}/kea/hooks/*.a ${libdir}/hooks/*.a"
FILES:${PN} += "${libdir}/hooks/*.so"
PARALLEL_MAKEINST = ""

39
sources/poky/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.15.1.bb Normal file
View File

@@ -0,0 +1,39 @@
SUMMARY = "Name Service Switch module for Multicast DNS (zeroconf) name resolution"
HOMEPAGE = "https://github.com/lathiat/nss-mdns"
DESCRIPTION = "nss-mdns is a plugin for the GNU Name Service Switch (NSS) functionality of the GNU C Library (glibc) providing host name resolution via Multicast DNS (aka Zeroconf, aka Apple Rendezvous, aka Apple Bonjour), effectively allowing name resolution by common Unix/Linux programs in the ad-hoc mDNS domain .local."
SECTION = "libs"
LICENSE = "LGPL-2.1-or-later"
LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1"
DEPENDS = "avahi"
SRC_URI = "git://github.com/lathiat/nss-mdns;branch=master;protocol=https \
"
SRCREV = "4b3cfe818bf72d99a02b8ca8b8813cb2d6b40633"
S = "${WORKDIR}/git"
inherit autotools pkgconfig
COMPATIBLE_HOST:libc-musl = 'null'
EXTRA_OECONF = "--libdir=${base_libdir}"
RDEPENDS:${PN} = "avahi-daemon"
pkg_postinst:${PN} () {
sed '
/^hosts:/ !b
/\<mdns\(4\|6\)\?\(_minimal\)\?\>/ b
s/\([[:blank:]]\+\)dns\>/\1mdns4_minimal [NOTFOUND=return] dns/g
' -i $D${sysconfdir}/nsswitch.conf
}
pkg_prerm:${PN} () {
sed '
/^hosts:/ !b
s/[[:blank:]]\+mdns\(4\|6\)\?\(_minimal\( \[NOTFOUND=return\]\)\?\)\?//g
' -i $D${sysconfdir}/nsswitch.conf
}

37
sources/poky/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256-pre1.patch Normal file
View File

@@ -0,0 +1,37 @@
From 73da0d4d65ef0925772b7b7f82a5fbb3ff2c5e4f Mon Sep 17 00:00:00 2001
From: Rose <83477269+AtariDreams@users.noreply.github.com>
Date: Tue, 16 May 2023 12:37:11 -0400
Subject: [PATCH] Remove unused variable retval in sock_present2network
This quiets the compiler since it is not even returned anyway, and is a misleading variable name.
(cherry picked from commit c7b90298984c46d820d3cee79a96d24870b5f200)
Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/73da0d4d65ef0925772b7b7f82a5fbb3ff2c5e4f]
CVE: CVE-2023-7256 #Dependency Patch
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
sockutils.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/sockutils.c b/sockutils.c
index 1c07f76fd1..6752f296af 100644
--- a/sockutils.c
+++ b/sockutils.c
@@ -2082,7 +2082,6 @@ int sock_getascii_addrport(const struct sockaddr_storage *sockaddr, char *addres
*/
int sock_present2network(const char *address, struct sockaddr_storage *sockaddr, int addr_family, char *errbuf, int errbuflen)
{
- int retval;
struct addrinfo *addrinfo;
struct addrinfo hints;
@@ -2090,7 +2089,7 @@ int sock_present2network(const char *address, struct sockaddr_storage *sockaddr,
hints.ai_family = addr_family;
- if ((retval = sock_initaddress(address, "22222" /* fake port */, &hints, &addrinfo, errbuf, errbuflen)) == -1)
+ if (sock_initaddress(address, "22222" /* fake port */, &hints, &addrinfo, errbuf, errbuflen) == -1)
return 0;
if (addrinfo->ai_family == PF_INET)

365
sources/poky/meta/recipes-connectivity/libpcap/libpcap/CVE-2023-7256.patch Normal file
View File

@@ -0,0 +1,365 @@
From 2aa69b04d8173b18a0e3492e0c8f2f7fabdf642d Mon Sep 17 00:00:00 2001
From: Guy Harris <gharris@sonic.net>
Date: Thu, 28 Sep 2023 00:37:57 -0700
Subject: [PATCH] Have sock_initaddress() return the list of addrinfo
structures or NULL.
Its return address is currently 0 for success and -1 for failure, with a
pointer to the first element of the list of struct addrinfos returned
through a pointer on success; change it to return that pointer on
success and NULL on failure.
That way, we don't have to worry about what happens to the pointer
pointeed to by the argument in question on failure; we know that we got
NULL back if no struct addrinfos were found because getaddrinfo()
failed. Thus, we know that we have something to free iff
sock_initaddress() returned a pointer to that something rather than
returning NULL.
This avoids a double-free in some cases.
This is apparently CVE-2023-40400.
(backported from commit 262e4f34979872d822ccedf9f318ed89c4d31c03)
Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/2aa69b04d8173b18a0e3492e0c8f2f7fabdf642d]
CVE: CVE-2023-7256
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
pcap-rpcap.c | 48 ++++++++++++++++++++--------------------
rpcapd/daemon.c | 8 +++++--
rpcapd/rpcapd.c | 8 +++++--
sockutils.c | 58 ++++++++++++++++++++++++++++---------------------
sockutils.h | 5 ++---
5 files changed, 72 insertions(+), 55 deletions(-)
diff --git a/pcap-rpcap.c b/pcap-rpcap.c
index ef0cd6e49c..f1992e4aea 100644
--- a/pcap-rpcap.c
+++ b/pcap-rpcap.c
@@ -1024,7 +1024,6 @@ rpcap_remoteact_getsock(const char *host, int *error, char *errbuf)
{
struct activehosts *temp; /* temp var needed to scan the host list chain */
struct addrinfo hints, *addrinfo, *ai_next; /* temp var needed to translate between hostname to its address */
- int retval;
/* retrieve the network address corresponding to 'host' */
addrinfo = NULL;
@@ -1032,9 +1031,9 @@ rpcap_remoteact_getsock(const char *host, int *error, char *errbuf)
hints.ai_family = PF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
- retval = sock_initaddress(host, NULL, &hints, &addrinfo, errbuf,
+ addrinfo = sock_initaddress(host, NULL, &hints, errbuf,
PCAP_ERRBUF_SIZE);
- if (retval != 0)
+ if (addrinfo == NULL)
{
*error = 1;
return NULL;
@@ -1186,7 +1185,9 @@ static int pcap_startcapture_remote(pcap_t *fp)
hints.ai_flags = AI_PASSIVE; /* Data connection is opened by the server toward the client */
/* Let's the server pick up a free network port for us */
- if (sock_initaddress(NULL, NULL, &hints, &addrinfo, fp->errbuf, PCAP_ERRBUF_SIZE) == -1)
+ addrinfo = sock_initaddress(NULL, NULL, &hints, fp->errbuf,
+ PCAP_ERRBUF_SIZE);
+ if (addrinfo == NULL)
goto error_nodiscard;
if ((sockdata = sock_open(NULL, addrinfo, SOCKOPEN_SERVER,
@@ -1311,7 +1312,9 @@ static int pcap_startcapture_remote(pcap_t *fp)
snprintf(portstring, PCAP_BUF_SIZE, "%d", ntohs(startcapreply.portdata));
/* Let's the server pick up a free network port for us */
- if (sock_initaddress(host, portstring, &hints, &addrinfo, fp->errbuf, PCAP_ERRBUF_SIZE) == -1)
+ addrinfo = sock_initaddress(host, portstring, &hints,
+ fp->errbuf, PCAP_ERRBUF_SIZE);
+ if (addrinfo == NULL)
goto error;
if ((sockdata = sock_open(host, addrinfo, SOCKOPEN_CLIENT, 0, fp->errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
@@ -2340,16 +2343,16 @@ rpcap_setup_session(const char *source, struct pcap_rmtauth *auth,
if (port[0] == 0)
{
/* the user chose not to specify the port */
- if (sock_initaddress(host, RPCAP_DEFAULT_NETPORT,
- &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
- return -1;
+ addrinfo = sock_initaddress(host, RPCAP_DEFAULT_NETPORT,
+ &hints, errbuf, PCAP_ERRBUF_SIZE);
}
else
{
- if (sock_initaddress(host, port, &hints, &addrinfo,
- errbuf, PCAP_ERRBUF_SIZE) == -1)
- return -1;
+ addrinfo = sock_initaddress(host, port, &hints,
+ errbuf, PCAP_ERRBUF_SIZE);
}
+ if (addrinfo == NULL)
+ return -1;
if ((*sockctrlp = sock_open(host, addrinfo, SOCKOPEN_CLIENT, 0,
errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
@@ -2950,19 +2953,19 @@ SOCKET pcap_remoteact_accept_ex(const char *address, const char *port, const cha
/* Do the work */
if ((port == NULL) || (port[0] == 0))
{
- if (sock_initaddress(address, RPCAP_DEFAULT_NETPORT_ACTIVE, &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
- {
- return (SOCKET)-2;
- }
+ addrinfo = sock_initaddress(address,
+ RPCAP_DEFAULT_NETPORT_ACTIVE, &hints, errbuf,
+ PCAP_ERRBUF_SIZE);
}
else
{
- if (sock_initaddress(address, port, &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
- {
- return (SOCKET)-2;
- }
+ addrinfo = sock_initaddress(address, port, &hints, errbuf,
+ PCAP_ERRBUF_SIZE);
+ }
+ if (addrinfo == NULL)
+ {
+ return (SOCKET)-2;
}
-
if ((sockmain = sock_open(NULL, addrinfo, SOCKOPEN_SERVER, 1, errbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
{
@@ -3122,7 +3125,6 @@ int pcap_remoteact_close(const char *host, char *errbuf)
{
struct activehosts *temp, *prev; /* temp var needed to scan the host list chain */
struct addrinfo hints, *addrinfo, *ai_next; /* temp var needed to translate between hostname to its address */
- int retval;
temp = activeHosts;
prev = NULL;
@@ -3133,9 +3135,9 @@ int pcap_remoteact_close(const char *host, char *errbuf)
hints.ai_family = PF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;
- retval = sock_initaddress(host, NULL, &hints, &addrinfo, errbuf,
+ addrinfo = sock_initaddress(host, NULL, &hints, errbuf,
PCAP_ERRBUF_SIZE);
- if (retval != 0)
+ if (addrinfo == NULL)
{
return -1;
}
diff --git a/rpcapd/daemon.c b/rpcapd/daemon.c
index 8d620dd604..b04b29f107 100644
--- a/rpcapd/daemon.c
+++ b/rpcapd/daemon.c
@@ -2085,7 +2085,9 @@ daemon_msg_startcap_req(uint8 ver, struct daemon_slpars *pars, uint32 plen,
goto error;
}
- if (sock_initaddress(peerhost, portdata, &hints, &addrinfo, errmsgbuf, PCAP_ERRBUF_SIZE) == -1)
+ addrinfo = sock_initaddress(peerhost, portdata, &hints,
+ errmsgbuf, PCAP_ERRBUF_SIZE);
+ if (addrinfo == NULL)
goto error;
if ((session->sockdata = sock_open(peerhost, addrinfo, SOCKOPEN_CLIENT, 0, errmsgbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
@@ -2096,7 +2098,9 @@ daemon_msg_startcap_req(uint8 ver, struct daemon_slpars *pars, uint32 plen,
hints.ai_flags = AI_PASSIVE;
// Make the server socket pick up a free network port for us
- if (sock_initaddress(NULL, NULL, &hints, &addrinfo, errmsgbuf, PCAP_ERRBUF_SIZE) == -1)
+ addrinfo = sock_initaddress(NULL, NULL, &hints, errmsgbuf,
+ PCAP_ERRBUF_SIZE);
+ if (addrinfo == NULL)
goto error;
if ((session->sockdata = sock_open(NULL, addrinfo, SOCKOPEN_SERVER, 1 /* max 1 connection in queue */, errmsgbuf, PCAP_ERRBUF_SIZE)) == INVALID_SOCKET)
diff --git a/rpcapd/rpcapd.c b/rpcapd/rpcapd.c
index e1f3f05299..d166522c9f 100644
--- a/rpcapd/rpcapd.c
+++ b/rpcapd/rpcapd.c
@@ -611,7 +611,9 @@ void main_startup(void)
//
// Get a list of sockets on which to listen.
//
- if (sock_initaddress((address[0]) ? address : NULL, port, &mainhints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
+ addrinfo = sock_initaddress((address[0]) ? address : NULL,
+ port, &mainhints, errbuf, PCAP_ERRBUF_SIZE);
+ if (addrinfo == NULL)
{
rpcapd_log(LOGPRIO_DEBUG, "%s", errbuf);
return;
@@ -1350,7 +1352,9 @@ main_active(void *ptr)
memset(errbuf, 0, sizeof(errbuf));
// Do the work
- if (sock_initaddress(activepars->address, activepars->port, &hints, &addrinfo, errbuf, PCAP_ERRBUF_SIZE) == -1)
+ addrinfo = sock_initaddress(activepars->address, activepars->port,
+ &hints, errbuf, PCAP_ERRBUF_SIZE);
+ if (addrinfo == NULL)
{
rpcapd_log(LOGPRIO_DEBUG, "%s", errbuf);
return 0;
diff --git a/sockutils.c b/sockutils.c
index a1bfa1b5e2..823c2363e0 100644
--- a/sockutils.c
+++ b/sockutils.c
@@ -1069,20 +1069,21 @@ get_gai_errstring(char *errbuf, int errbuflen, const char *prefix, int err,
* \param errbuflen: length of the buffer that will contains the error. The error message cannot be
* larger than 'errbuflen - 1' because the last char is reserved for the string terminator.
*
- * \return '0' if everything is fine, '-1' if some errors occurred. The error message is returned
- * in the 'errbuf' variable. The addrinfo variable that has to be used in the following sockets calls is
- * returned into the addrinfo parameter.
+ * \return a pointer to the first element in a list of addrinfo structures
+ * if everything is fine, NULL if some errors occurred. The error message
+ * is returned in the 'errbuf' variable.
*
- * \warning The 'addrinfo' variable has to be deleted by the programmer by calling freeaddrinfo() when
- * it is no longer needed.
+ * \warning The list of addrinfo structures returned has to be deleted by
+ * the programmer by calling freeaddrinfo() when it is no longer needed.
*
* \warning This function requires the 'hints' variable as parameter. The semantic of this variable is the same
* of the one of the corresponding variable used into the standard getaddrinfo() socket function. We suggest
* the programmer to look at that function in order to set the 'hints' variable appropriately.
*/
-int sock_initaddress(const char *host, const char *port,
- struct addrinfo *hints, struct addrinfo **addrinfo, char *errbuf, int errbuflen)
+struct addrinfo *sock_initaddress(const char *host, const char *port,
+ struct addrinfo *hints, char *errbuf, int errbuflen)
{
+ struct addrinfo *addrinfo;
int retval;
/*
@@ -1094,9 +1095,13 @@ int sock_initaddress(const char *host, const char *port,
* as those messages won't talk about a problem with the port if
* no port was specified.
*/
- retval = getaddrinfo(host, port == NULL ? "0" : port, hints, addrinfo);
+ retval = getaddrinfo(host, port == NULL ? "0" : port, hints, &addrinfo);
if (retval != 0)
{
+ /*
+ * That call failed.
+ * Determine whether the problem is that the host is bad.
+ */
if (errbuf)
{
if (host != NULL && port != NULL) {
@@ -1108,7 +1113,7 @@ int sock_initaddress(const char *host, const char *port,
int try_retval;
try_retval = getaddrinfo(host, NULL, hints,
- addrinfo);
+ &addrinfo);
if (try_retval == 0) {
/*
* Worked with just the host,
@@ -1117,14 +1122,16 @@ int sock_initaddress(const char *host, const char *port,
*
* Free up the address info first.
*/
- freeaddrinfo(*addrinfo);
+ freeaddrinfo(addrinfo);
get_gai_errstring(errbuf, errbuflen,
"", retval, NULL, port);
} else {
/*
* Didn't work with just the host,
* so assume the problem is
- * with the host.
+ * with the host; we assume
+ * the original error indicates
+ * the underlying problem.
*/
get_gai_errstring(errbuf, errbuflen,
"", retval, host, NULL);
@@ -1132,13 +1139,14 @@ int sock_initaddress(const char *host, const char *port,
} else {
/*
* Either the host or port was null, so
- * there's nothing to determine.
+ * there's nothing to determine; report
+ * the error from the original call.
*/
get_gai_errstring(errbuf, errbuflen, "",
retval, host, port);
}
}
- return -1;
+ return NULL;
}
/*
* \warning SOCKET: I should check all the accept() in order to bind to all addresses in case
@@ -1153,30 +1161,28 @@ int sock_initaddress(const char *host, const char *port,
* ignore all addresses that are neither? (What, no IPX
* support? :-))
*/
- if (((*addrinfo)->ai_family != PF_INET) &&
- ((*addrinfo)->ai_family != PF_INET6))
+ if ((addrinfo->ai_family != PF_INET) &&
+ (addrinfo->ai_family != PF_INET6))
{
if (errbuf)
snprintf(errbuf, errbuflen, "getaddrinfo(): socket type not supported");
- freeaddrinfo(*addrinfo);
- *addrinfo = NULL;
- return -1;
+ freeaddrinfo(addrinfo);
+ return NULL;
}
/*
* You can't do multicast (or broadcast) TCP.
*/
- if (((*addrinfo)->ai_socktype == SOCK_STREAM) &&
- (sock_ismcastaddr((*addrinfo)->ai_addr) == 0))
+ if ((addrinfo->ai_socktype == SOCK_STREAM) &&
+ (sock_ismcastaddr(addrinfo->ai_addr) == 0))
{
if (errbuf)
snprintf(errbuf, errbuflen, "getaddrinfo(): multicast addresses are not valid when using TCP streams");
- freeaddrinfo(*addrinfo);
- *addrinfo = NULL;
- return -1;
+ freeaddrinfo(addrinfo);
+ return NULL;
}
- return 0;
+ return addrinfo;
}
/*
@@ -2089,7 +2095,9 @@ int sock_present2network(const char *address, struct sockaddr_storage *sockaddr,
hints.ai_family = addr_family;
- if (sock_initaddress(address, "22222" /* fake port */, &hints, &addrinfo, errbuf, errbuflen) == -1)
+ addrinfo = sock_initaddress(address, "22222" /* fake port */, &hints,
+ errbuf, errbuflen);
+ if (addrinfo == NULL)
return 0;
if (addrinfo->ai_family == PF_INET)
diff --git a/sockutils.h b/sockutils.h
index a488d8fcb4..30b8cfe0b7 100644
--- a/sockutils.h
+++ b/sockutils.h
@@ -138,9 +138,8 @@ void sock_fmterrmsg(char *errbuf, size_t errbuflen, int errcode,
PCAP_FORMAT_STRING(const char *fmt), ...) PCAP_PRINTFLIKE(4, 5);
void sock_geterrmsg(char *errbuf, size_t errbuflen,
PCAP_FORMAT_STRING(const char *fmt), ...) PCAP_PRINTFLIKE(3, 4);
-int sock_initaddress(const char *address, const char *port,
- struct addrinfo *hints, struct addrinfo **addrinfo,
- char *errbuf, int errbuflen);
+struct addrinfo *sock_initaddress(const char *address, const char *port,
+ struct addrinfo *hints, char *errbuf, int errbuflen);
int sock_recv(SOCKET sock, SSL *, void *buffer, size_t size, int receiveall,
char *errbuf, int errbuflen);
int sock_recv_dgram(SOCKET sock, SSL *, void *buffer, size_t size,

42
sources/poky/meta/recipes-connectivity/libpcap/libpcap/CVE-2024-8006.patch Normal file
View File

@@ -0,0 +1,42 @@
From 8a633ee5b9ecd9d38a587ac9b204e2380713b0d6 Mon Sep 17 00:00:00 2001
From: Nicolas Badoux <n.badoux@hotmail.com>
Date: Mon, 19 Aug 2024 12:31:53 +0200
Subject: [PATCH] makes pcap_findalldevs_ex errors out if the directory does
not exist
(backported from commit 0f8a103469ce87d2b8d68c5130a46ddb7fb5eb29)
Upstream-Status: Backport [https://github.com/the-tcpdump-group/libpcap/commit/8a633ee5b9ecd9d38a587ac9b204e2380713b0d6]
CVE: CVE-2024-8006
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
pcap-new.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/pcap-new.c b/pcap-new.c
index be91b3f8db..d449ee623c 100644
--- a/pcap-new.c
+++ b/pcap-new.c
@@ -230,6 +230,13 @@ int pcap_findalldevs_ex(const char *source, struct pcap_rmtauth *auth, pcap_if_t
#else
/* opening the folder */
unixdir= opendir(path);
+ if (unixdir == NULL) {
+ DIAG_OFF_FORMAT_TRUNCATION
+ snprintf(errbuf, PCAP_ERRBUF_SIZE,
+ "Error when listing files: does folder '%s' exist?", path);
+ DIAG_ON_FORMAT_TRUNCATION
+ return -1;
+ }
/* get the first file into it */
filedata= readdir(unixdir);
@@ -237,7 +244,7 @@ int pcap_findalldevs_ex(const char *source, struct pcap_rmtauth *auth, pcap_if_t
if (filedata == NULL)
{
DIAG_OFF_FORMAT_TRUNCATION
- snprintf(errbuf, PCAP_ERRBUF_SIZE, "Error when listing files: does folder '%s' exist?", path);
+ snprintf(errbuf, PCAP_ERRBUF_SIZE, "Error when listing files: does folder '%s' contain files?", path);
DIAG_ON_FORMAT_TRUNCATION
closedir(unixdir);
return -1;

48
sources/poky/meta/recipes-connectivity/libpcap/libpcap_1.10.4.bb Normal file
View File

@@ -0,0 +1,48 @@
SUMMARY = "Interface for user-level network packet capture"
DESCRIPTION = "Libpcap provides a portable framework for low-level network \
monitoring. Libpcap can provide network statistics collection, \
security monitoring and network debugging."
HOMEPAGE = "http://www.tcpdump.org/"
BUGTRACKER = "http://sourceforge.net/tracker/?group_id=53067&atid=469577"
SECTION = "libs/network"
LICENSE = "BSD-3-Clause"
LIC_FILES_CHKSUM = "file://LICENSE;md5=5eb289217c160e2920d2e35bddc36453 \
file://pcap.h;beginline=1;endline=32;md5=39af3510e011f34b8872f120b1dc31d2"
DEPENDS = "flex-native bison-native"
SRC_URI = "https://www.tcpdump.org/release/${BP}.tar.gz \
file://CVE-2023-7256-pre1.patch \
file://CVE-2023-7256.patch \
file://CVE-2024-8006.patch \
"
SRC_URI[sha256sum] = "ed19a0383fad72e3ad435fd239d7cd80d64916b87269550159d20e47160ebe5f"
inherit autotools binconfig-disabled pkgconfig
BINCONFIG = "${bindir}/pcap-config"
# Explicitly disable dag support. We don't have recipe for it and if enabled here,
# configure script poisons the include dirs with /usr/local/include even when the
# support hasn't been detected. Do the same thing for DPDK.
EXTRA_OECONF = " \
--with-pcap=linux \
--without-dag \
--without-dpdk \
"
EXTRA_AUTORECONF += "--exclude=aclocal"
PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez5', '', d)} \
${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \
"
PACKAGECONFIG[bluez5] = "--enable-bluetooth,--disable-bluetooth,bluez5"
PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus"
PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6,"
PACKAGECONFIG[libnl] = "--with-libnl,--without-libnl,libnl"
do_configure:prepend () {
#remove hardcoded references to /usr/include
sed 's|\([ "^'\''I]\+\)/usr/include/|\1${STAGING_INCDIR}/|g' -i ${S}/configure.ac
}
BBCLASSEXTEND = "native nativesdk"

22
sources/poky/meta/recipes-connectivity/libuv/libuv_1.48.0.bb Normal file
View File

@@ -0,0 +1,22 @@
SUMMARY = "A multi-platform support library with a focus on asynchronous I/O"
HOMEPAGE = "https://github.com/libuv/libuv"
DESCRIPTION = "libuv is a multi-platform support library with a focus on asynchronous I/O. It was primarily developed for use by Node.js, but it's also used by Luvit, Julia, pyuv, and others."
BUGTRACKER = "https://github.com/libuv/libuv/issues"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE;md5=74b6f2f7818a4e3a80d03556f71b129b \
file://LICENSE-extra;md5=f9307417749e19bd1d6d68a394b49324"
SRCREV = "e9f29cb984231524e3931aa0ae2c5dae1a32884e"
SRC_URI = "git://github.com/libuv/libuv.git;branch=v1.x;protocol=https"
UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)"
S = "${WORKDIR}/git"
inherit autotools
do_configure() {
${S}/autogen.sh || bbnote "${PN} failed to autogen.sh"
oe_runconf
}
BBCLASSEXTEND = "native"

17
sources/poky/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb Normal file
View File

@@ -0,0 +1,17 @@
SUMMARY = "Mobile Broadband Service Provider Database"
HOMEPAGE = "http://live.gnome.org/NetworkManager/MobileBroadband/ServiceProviders"
DESCRIPTION = "Mobile Broadband Service Provider Database stores service provider specific information. When this Database is available the information can be fetched there"
SECTION = "network"
LICENSE = "PD"
LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04"
SRCREV = "55ba955d53305df96123534488fd160ea882b4dd"
PV = "20240407"
PE = "1"
SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https;branch=main"
S = "${WORKDIR}/git"
inherit meson
DEPENDS += "libxslt-native"

35
sources/poky/meta/recipes-connectivity/neard/neard/0001-Add-header-dependency-to-nciattach.o.patch Normal file
View File

@@ -0,0 +1,35 @@
From affaa2021a54c30353e4e1fee09c13a4de2196be Mon Sep 17 00:00:00 2001
From: Jussi Kukkonen <jussi.kukkonen@intel.com>
Date: Fri, 17 Mar 2017 14:24:29 +0200
Subject: [PATCH] Add header dependency to nciattach.o
This can happen when compiling nciattach.o:
| In file included from ../neard-0.16/tools/nciattach.c:47:0:
| ../neard-0.16/src/near.h:30:27: fatal error: near/nfc_copy.h: No such
file or directory
| #include <near/nfc_copy.h>
Add the missing dependency to local headers.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Upstream-Status: Submitted [mailinglist]
---
Makefile.am | 1 +
1 file changed, 1 insertion(+)
diff --git a/Makefile.am b/Makefile.am
index fa552ee..acef6ba 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -253,6 +253,7 @@ se/builtin.h: src/genbuiltin $(builtin_se_sources)
$(src_neard_OBJECTS) \
$(tools_nfctool_nfctool_OBJECTS) \
+$(tools_nciattach_OBJECTS) \
$(plugin_objects) \
$(se_seeld_OBJECTS) \
$(unit_test_ndef_parse_OBJECTS) \
--
2.11.0

36
sources/poky/meta/recipes-connectivity/neard/neard/Makefile.am-do-not-ship-version.h.patch Normal file
View File

@@ -0,0 +1,36 @@
From bfd32d68cfc9f1e31dab88e07446d1c02bc80b5e Mon Sep 17 00:00:00 2001
From: Robert Yang <liezhi.yang@windriver.com>
Date: Thu, 12 Feb 2015 00:39:29 -0800
Subject: [PATCH] Makefile.am: do not ship version.h
The HEADERS' name has been changed to pkginclude_HEADERS, so use
nodist_pkginclude_HEADERS, otherwise version.h would be shipped.
Upstream-Status: Pending
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
---
Makefile.am | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 3334790..69cd58f 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -10,11 +10,11 @@ pkginclude_HEADERS = include/types.h include/log.h include/plugin.h \
include/tlv.h include/setting.h include/device.h \
include/nfc_copy.h include/snep.h
-nodist_include_HEADERS = include/version.h
+nodist_pkginclude_HEADERS = include/version.h
noinst_HEADERS = include/dbus.h
-local_headers = $(foreach file,$(pkginclude_HEADERS) $(nodist_include_HEADERS) \
+local_headers = $(foreach file,$(pkginclude_HEADERS) $(nodist_pkginclude_HEADERS) \
$(noinst_HEADERS), include/near/$(notdir $(file)))
gdbus_sources = gdbus/gdbus.h gdbus/mainloop.c gdbus/watch.c \
--
1.7.9.5

30
sources/poky/meta/recipes-connectivity/neard/neard/Makefile.am-fix-parallel-issue.patch Normal file
View File

@@ -0,0 +1,30 @@
From 43acc56d5506c7e318f717fb3634bc16e3438913 Mon Sep 17 00:00:00 2001
From: Robert Yang <liezhi.yang@windriver.com>
Date: Thu, 15 Jan 2015 18:12:07 -0800
Subject: [PATCH] Makefile.am: fix parallel issue
There might be no src dir if src/builtin.h runs earlier, create it to
fix the race issue:
src/genbuiltin nfctype1 nfctype2 nfctype3 nfctype4 p2p > src/builtin.h
/bin/sh: src/builtin.h: No such file or directory
Upstream-Status: Pending
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
---
Makefile.am | 1 +
1 file changed, 1 insertion(+)
Index: neard-0.16/Makefile.am
===================================================================
--- neard-0.16.orig/Makefile.am
+++ neard-0.16/Makefile.am
@@ -244,6 +244,7 @@ SED_PROCESS = $(AM_V_GEN)$(MKDIR_P) $(di
src/plugin.$(OBJEXT): src/builtin.h
src/builtin.h: src/genbuiltin $(builtin_sources)
+ $(AM_V_at)$(MKDIR_P) src
$(AM_V_GEN)$(srcdir)/src/genbuiltin $(builtin_modules) > $@
se/plugin.$(OBJEXT): se/builtin.h

54
sources/poky/meta/recipes-connectivity/neard/neard/neard.in Normal file
View File

@@ -0,0 +1,54 @@
#!/bin/sh
#
# start/stop neard daemon.
### BEGIN INIT INFO
# Provides: neard
# Required-Start: $network
# Required-Stop: $network
# Default-Start: S 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: NFC daemon
# Description: neard is a daemon used to enable NFC features
### END INIT INFO
DAEMON=@installpath@/neard
PIDFILE=/var/run/neard.pid
DESC="Linux NFC daemon"
if [ -f /etc/default/neard ] ; then
. /etc/default/neard
fi
set -e
do_start() {
$DAEMON
}
do_stop() {
start-stop-daemon --stop --name neard --quiet
}
case "$1" in
start)
echo "Starting $DESC"
do_start
;;
stop)
echo "Stopping $DESC"
do_stop
;;
restart|force-reload)
echo "Restarting $DESC"
do_stop
sleep 1
do_start
;;
*)
echo "Usage: $0 {start|stop|restart|force-reload}" >&2
exit 1
;;
esac
exit 0

51
sources/poky/meta/recipes-connectivity/neard/neard_0.19.bb Normal file
View File

@@ -0,0 +1,51 @@
SUMMARY = "Linux NFC daemon"
DESCRIPTION = "A daemon for the Linux Near Field Communication stack"
HOMEPAGE = "http://01.org/linux-nfc"
LICENSE = "GPL-2.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e \
file://src/near.h;beginline=1;endline=20;md5=358e4deefef251a4761e1ffacc965d13 \
"
DEPENDS = "dbus glib-2.0 libnl autoconf-archive-native"
SRC_URI = "git://git.kernel.org/pub/scm/network/nfc/neard.git;protocol=https;branch=master \
file://neard.in \
file://Makefile.am-fix-parallel-issue.patch \
file://Makefile.am-do-not-ship-version.h.patch \
file://0001-Add-header-dependency-to-nciattach.o.patch \
"
SRCREV = "a1dc8a75cba999728e154a0f811ab9dd50c809f7"
S = "${WORKDIR}/git"
inherit autotools pkgconfig systemd update-rc.d
PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}"
PACKAGECONFIG[systemd] = "--enable-systemd --with-systemdsystemunitdir=${systemd_system_unitdir}/ --with-systemduserunitdir=${systemd_unitdir}/user/,--disable-systemd"
EXTRA_OECONF += "--enable-tools"
# This would copy neard start-stop shell and test scripts
do_install:append() {
if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then
install -d ${D}${sysconfdir}/init.d/
sed "s:@installpath@:${libexecdir}/nfc:" ${WORKDIR}/neard.in \
> ${D}${sysconfdir}/init.d/neard
chmod 0755 ${D}${sysconfdir}/init.d/neard
fi
}
RDEPENDS:${PN} = "dbus"
# Bluez & Wifi are not mandatory except for handover
RRECOMMENDS:${PN} = "\
${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', 'bluez5', '', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'wifi','wpa-supplicant', '', d)} \
"
INITSCRIPT_NAME = "neard"
INITSCRIPT_PARAMS = "defaults 64"
SYSTEMD_SERVICE:${PN} = "neard.service"

299
sources/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-Makefile.am-fix-undefined-function-for-libnsm.a.patch Normal file
View File

@@ -0,0 +1,299 @@
From 690a90a5b7786e40b5447ad7c5f19a7657d27405 Mon Sep 17 00:00:00 2001
From: Mingli Yu <Mingli.Yu@windriver.com>
Date: Fri, 14 Dec 2018 17:44:32 +0800
Subject: [PATCH] Makefile.am: fix undefined function for libnsm.a
The source file of libnsm.a uses some function
in ../support/misc/file.c, add ../support/misc/file.c
to libnsm_a_SOURCES to fix build error when run
"make -C tests statdb_dump":
| ../support/nsm/libnsm.a(file.o): In function `nsm_make_pathname':
| /usr/src/debug/nfs-utils/2.3.3-r0/nfs-utils-2.3.3/support/nsm/file.c:175: undefined reference to `generic_make_pathname'
| /usr/src/debug/nfs-utils/2.3.3-r0/nfs-utils-2.3.3/support/nsm/file.c:175: undefined reference to `generic_make_pathname'
| /usr/src/debug/nfs-utils/2.3.3-r0/nfs-utils-2.3.3/support/nsm/file.c:175: undefined reference to `generic_make_pathname'
| ../support/nsm/libnsm.a(file.o): In function `nsm_setup_pathnames':
| /usr/src/debug/nfs-utils/2.3.3-r0/nfs-utils-2.3.3/support/nsm/file.c:280: undefined reference to `generic_setup_basedir'
| collect2: error: ld returned 1 exit status
As there is already one source file named file.c
as support/nsm/file.c in support/nsm/Makefile.am,
so rename ../support/misc/file.c to ../support/misc/misc.c.
Upstream-Status: Submitted [https://marc.info/?l=linux-nfs&m=154502780423058&w=2]
Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com>
Rebase it.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
---
support/misc/Makefile.am | 2 +-
support/misc/file.c | 115 ---------------------------------------------------------------------------------------------------------------
support/misc/misc.c | 111 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
support/nsm/Makefile.am | 2 +-
4 files changed, 113 insertions(+), 117 deletions(-)
diff --git a/support/misc/Makefile.am b/support/misc/Makefile.am
index f9993e3..8b0e9db 100644
--- a/support/misc/Makefile.am
+++ b/support/misc/Makefile.am
@@ -1,7 +1,7 @@
## Process this file with automake to produce Makefile.in
noinst_LIBRARIES = libmisc.a
-libmisc_a_SOURCES = tcpwrapper.c from_local.c mountpoint.c file.c \
+libmisc_a_SOURCES = tcpwrapper.c from_local.c mountpoint.c misc.c \
nfsd_path.c workqueue.c xstat.c
MAINTAINERCLEANFILES = Makefile.in
diff --git a/support/misc/file.c b/support/misc/file.c
deleted file mode 100644
index 06f6bb2..0000000
--- a/support/misc/file.c
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * Copyright 2009 Oracle. All rights reserved.
- * Copyright 2017 Red Hat, Inc. All rights reserved.
- *
- * This file is part of nfs-utils.
- *
- * nfs-utils is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * nfs-utils is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with nfs-utils. If not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <sys/stat.h>
-
-#include <string.h>
-#include <libgen.h>
-#include <stdio.h>
-#include <errno.h>
-#include <dirent.h>
-#include <stdlib.h>
-#include <stdbool.h>
-#include <limits.h>
-
-#include "xlog.h"
-#include "misc.h"
-
-/*
- * Returns a dynamically allocated, '\0'-terminated buffer
- * containing an appropriate pathname, or NULL if an error
- * occurs. Caller must free the returned result with free(3).
- */
-__attribute__((__malloc__))
-char *
-generic_make_pathname(const char *base, const char *leaf)
-{
- size_t size;
- char *path;
- int len;
-
- size = strlen(base) + strlen(leaf) + 2;
- if (size > PATH_MAX)
- return NULL;
-
- path = malloc(size);
- if (path == NULL)
- return NULL;
-
- len = snprintf(path, size, "%s/%s", base, leaf);
- if ((len < 0) || ((size_t)len >= size)) {
- free(path);
- return NULL;
- }
-
- return path;
-}
-
-
-/**
- * generic_setup_basedir - set up basedir
- * @progname: C string containing name of program, for error messages
- * @parentdir: C string containing pathname to on-disk state, or NULL
- * @base: character buffer to contain the basedir that is set up
- * @baselen: size of @base in bytes
- *
- * This runs before logging is set up, so error messages are directed
- * to stderr.
- *
- * Returns true and sets up our basedir, if @parentdir was valid
- * and usable; otherwise false is returned.
- */
-_Bool
-generic_setup_basedir(const char *progname, const char *parentdir, char *base,
- const size_t baselen)
-{
- static char buf[PATH_MAX];
- struct stat st;
- char *path;
-
- /* First: test length of name and whether it exists */
- if ((strlen(parentdir) >= baselen) || (strlen(parentdir) >= PATH_MAX)) {
- (void)fprintf(stderr, "%s: Directory name too long: %s",
- progname, parentdir);
- return false;
- }
- if (lstat(parentdir, &st) == -1) {
- (void)fprintf(stderr, "%s: Failed to stat %s: %s",
- progname, parentdir, strerror(errno));
- return false;
- }
-
- /* Ensure we have a clean directory pathname */
- strncpy(buf, parentdir, sizeof(buf)-1);
- path = dirname(buf);
- if (*path == '.') {
- (void)fprintf(stderr, "%s: Unusable directory %s",
- progname, parentdir);
- return false;
- }
-
- xlog(D_CALL, "Using %s as the state directory", parentdir);
- strcpy(base, parentdir);
- return true;
-}
diff --git a/support/misc/misc.c b/support/misc/misc.c
new file mode 100644
index 0000000..e7c3819
--- /dev/null
+++ b/support/misc/misc.c
@@ -0,0 +1,111 @@
+/*
+ * Copyright 2009 Oracle. All rights reserved.
+ * Copyright 2017 Red Hat, Inc. All rights reserved.
+ *
+ * This file is part of nfs-utils.
+ *
+ * nfs-utils is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * nfs-utils is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with nfs-utils. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <sys/stat.h>
+
+#include <string.h>
+#include <libgen.h>
+#include <stdio.h>
+#include <errno.h>
+#include <dirent.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <limits.h>
+
+#include "xlog.h"
+#include "misc.h"
+
+/*
+ * Returns a dynamically allocated, '\0'-terminated buffer
+ * containing an appropriate pathname, or NULL if an error
+ * occurs. Caller must free the returned result with free(3).
+ */
+__attribute__((__malloc__))
+char *
+generic_make_pathname(const char *base, const char *leaf)
+{
+ size_t size;
+ char *path;
+ int len;
+
+ size = strlen(base) + strlen(leaf) + 2;
+ if (size > PATH_MAX)
+ return NULL;
+
+ path = malloc(size);
+ if (path == NULL)
+ return NULL;
+
+ len = snprintf(path, size, "%s/%s", base, leaf);
+ if ((len < 0) || ((size_t)len >= size)) {
+ free(path);
+ return NULL;
+ }
+
+ return path;
+}
+
+
+/**
+ * generic_setup_basedir - set up basedir
+ * @progname: C string containing name of program, for error messages
+ * @parentdir: C string containing pathname to on-disk state, or NULL
+ * @base: character buffer to contain the basedir that is set up
+ * @baselen: size of @base in bytes
+ *
+ * This runs before logging is set up, so error messages are directed
+ * to stderr.
+ *
+ * Returns true and sets up our basedir, if @parentdir was valid
+ * and usable; otherwise false is returned.
+ */
+_Bool
+generic_setup_basedir(const char *progname, const char *parentdir, char *base,
+ const size_t baselen)
+{
+ static char buf[PATH_MAX];
+ struct stat st;
+ char *path;
+
+ /* First: test length of name and whether it exists */
+ if ((strlen(parentdir) >= baselen) || (strlen(parentdir) >= PATH_MAX)) {
+ (void)fprintf(stderr, "%s: Directory name too long: %s",
+ progname, parentdir);
+ return false;
+ }
+ if (lstat(parentdir, &st) == -1) {
+ (void)fprintf(stderr, "%s: Failed to stat %s: %s",
+ progname, parentdir, strerror(errno));
+ return false;
+ }
+
+ /* Ensure we have a clean directory pathname */
+ strncpy(buf, parentdir, sizeof(buf)-1);
+ path = dirname(buf);
+ if (*path == '.') {
+ (void)fprintf(stderr, "%s: Unusable directory %s",
+ progname, parentdir);
+ return false;
+ }
+
+ xlog(D_CALL, "Using %s as the state directory", parentdir);
+ strcpy(base, parentdir);
+ return true;
+}
diff --git a/support/nsm/Makefile.am b/support/nsm/Makefile.am
index 8f5874e..68f1a46 100644
--- a/support/nsm/Makefile.am
+++ b/support/nsm/Makefile.am
@@ -10,7 +10,7 @@ GENFILES = $(GENFILES_CLNT) $(GENFILES_SVC) $(GENFILES_XDR) $(GENFILES_H)
EXTRA_DIST = sm_inter.x
noinst_LIBRARIES = libnsm.a
-libnsm_a_SOURCES = $(GENFILES) file.c rpc.c
+libnsm_a_SOURCES = $(GENFILES) ../misc/misc.c file.c rpc.c
BUILT_SOURCES = $(GENFILES)

36
sources/poky/meta/recipes-connectivity/nfs-utils/nfs-utils/0001-locktest-Makefile.am-Do-not-use-build-flags.patch Normal file
View File

@@ -0,0 +1,36 @@
From 9efa7a0d37665d9bb0f46d2407883a5ab42c2b84 Mon Sep 17 00:00:00 2001
From: Khem Raj <raj.khem@gmail.com>
Date: Mon, 24 Jul 2023 20:39:16 -0700
Subject: [PATCH] locktest: Makefile.am: Do not use build flags
Using CFLAGS_FOR_BUILD etc. here means it is using wrong flags
when thse flags are speficied different than target flags which
is common when cross-building. It can pass wrong paths to linker
and it would find incompatible libraries during link since they
are from host system and target maybe not same as build host.
Fixes subtle errors like
| aarch64-yoe-linux-ld.lld: error: /mnt/b/yoe/master/build/tmp/work/cortexa72-cortexa53-crypto-yoe-linux/nfs-utils/2.6.3-r0/recipe-sysroot-native/usr/lib/libsqlite3.so is incompatible with elf64-littleaarch64
Upstream-Status: Submitted [https://marc.info/?l=linux-nfs&m=169025681008001&w=2]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
tools/locktest/Makefile.am | 3 ---
1 file changed, 3 deletions(-)
diff --git a/tools/locktest/Makefile.am b/tools/locktest/Makefile.am
index e8914655..2fd36971 100644
--- a/tools/locktest/Makefile.am
+++ b/tools/locktest/Makefile.am
@@ -2,8 +2,5 @@
noinst_PROGRAMS = testlk
testlk_SOURCES = testlk.c
-testlk_CFLAGS=$(CFLAGS_FOR_BUILD)
-testlk_CPPFLAGS=$(CPPFLAGS_FOR_BUILD)
-testlk_LDFLAGS=$(LDFLAGS_FOR_BUILD)
MAINTAINERCLEANFILES = Makefile.in
--
2.41.0

Some files were not shown because too many files have changed in this diff Show More