summaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-connectivity
Commit message (Collapse)AuthorAgeFilesLines
...
* dhcpcd: pkg moved to coreArmin Kuster2020-09-033-108/+0
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* kea: pkg moved to coreArmin Kuster2020-09-035-140/+0
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mosquitto: Upgrade 1.6.11 -> 1.6.12Leon Anavi2020-09-031-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | Upgrade to release 1.6.12: Security: - In some circumstances, Mosquitto could leak memory when handling PUBLISH messages. This is limited to incoming QoS 2 messages, and is related to the combination of the broker having persistence enabled, a clean session=false client, which was connected prior to the broker restarting, then has reconnected and has now sent messages at a sufficiently high rate that the incoming queue at the broker has filled up and hence messages are being dropped. This is more likely to have an effect where max_queued_messages is a small value. This has now been fixed. Broker: - Build warning fixes when building with WITH_BRIDGE=no and WITH_TLS=no. Clients: - All clients exit with an error exit code on CONNACK failure. - Don't busy loop with `mosquitto_pub -l` on a slow connection. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* autossh: Depend on ssh instead of hardcoding opensshKhem Raj2020-09-011-1/+1
| | | | | | This helps it to use dropbear Signed-off-by: Khem Raj <raj.khem@gmail.com>
* bearssl: fix GNU_HASH link errorKhem Raj2020-09-012-0/+33
| | | | | | | | Fixes No GNU_HASH in the ELF binary /mnt/b/yoe/master/build/tmp/work/cortexa57-yoe-linux/bearssl/0.6-r0/packages-split/bearssl/usr/lib/libbearssl.so.6.0.0, didn't pass LDFLAGS? [ldflag s] Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: Depend on dhcpcdKhem Raj2020-09-011-1/+1
| | | | | | dhcp-client is being removed from oe-core Signed-off-by: Khem Raj <raj.khem@gmail.com>
* meta-networking: dhcpcd: backport ALIGN compile error fixJack Mitchell2020-08-252-1/+36
| | | | | | | | Fails to build on an aarch64 system with ipv6 disabled. This backported patch fixes it. Signed-off-by: Jack Mitchell <ml@embed.me.uk> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* bearssl: fix missing installJens Rehsack2020-08-211-0/+10
| | | | | | | | | | Default Makefile of bearssl doesn't have a make target which hadn't enough attraction when creating the recipe. Add missing functionality. Signed-off-by: Jens Rehsack <sno@netbsd.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* lftp: upgrade 4.9.1 -> 4.9.2Zang Ruochen2020-08-211-2/+2
| | | | | Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* bearssl: add new recipeJens Rehsack2020-08-193-0/+133
| | | | | | | | | | | | | | Add recipe for BearSSL - an an implementation of the SSL/TLS protocol with the approach of: * Be correct and secure. * Be small * Be highly portable * Be feature-rich and extensible See https://bearssl.org for more details. Signed-off-by: Jens Rehsack <sno@netbsd.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* autossh: Created recipeColin McAllister2020-08-171-0/+30
| | | | | | | Added recipe for autossh tool. Signed-off-by: Colin McAllister <colinmca242@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mosquitto: Upgrade 1.6.10 -> 1.6.11Leon Anavi2020-08-171-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Upgrade to release 1.6.11: Broker: - Fix usage message only mentioning v3.1.1. - Fix broker refusing to start if only websockets listeners were defined. - Change systemd unit files to create /var/log/mosquitto before starting. - Don't quit with an error if opening the log file isn't possible. - Fix bridge topic remapping when using "" as the topic. - Fix messages being queued for disconnected bridges when clean start was set to true. - Fix `autosave_interval` not being triggered by messages being delivered. - Fix websockets clients sometimes not being disconnected promptly. - Fix "slow" file based logging by switching to line based buffering. - Log protocol error message where appropriate from a bad UNSUBSCRIBE, rather than the generic "socket error". - Don't try to start DLT logging if DLT unavailable, to avoid a long delay when shutting down the broker. - Fix potential memory leaks. - Fix clients not receiving messages after a previous client with the same client ID and positive will delay interval quit. - Fix overly broad HAVE_PTHREAD_CANCEL compile guard. Client library: - Improved documentation around connect callback return codes. - Fix `mosquitto_publish*()` no longer returning `MOSQ_ERR_NO_CONN` when not connected. - `mosquitto_loop_start()` now sets a thread name on Linux, FreeBSD, NetBSD, and OpenBSD. - Fix `mosquitto_loop_stop()` not stopping on Windows. Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* daq: Upgrade to 2.0.7Khem Raj2020-08-131-4/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* snort: Upgrade to 2.9.16.1Khem Raj2020-08-131-3/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* dibbler: Update to latestKhem Raj2020-08-132-76/+1
| | | | | | | Drop upstreamed patch Fixed compatibility with g++-10 Signed-off-by: Khem Raj <raj.khem@gmail.com>
* netplan: Update to latest to fix build with -fno-commonKhem Raj2020-08-134-1/+104
| | | | | | Add patches to fix build with clang-11 Signed-off-by: Khem Raj <raj.khem@gmail.com>
* freeradius: fix the occasional verification failureMingli Yu2020-08-052-0/+136
| | | | | | | | | | | | | | | | | | | | | | | Fixes: # cd /etc/raddb/certs # ./bootstrap [snip] chmod g+r ca.key openssl pkcs12 -in server.p12 -out server.pem -passin pass:'whatever' -passout pass:'whatever' chmod g+r server.pem C = FR, ST = Radius, O = Example Inc., CN = Example Server Certificate, emailAddress = admin@example.org error 7 at 0 depth lookup: certificate signature failure 140066667427072:error:04067084:rsa routines:rsa_ossl_public_decrypt:data too large for modulus:../openssl-1.1.1g/crypto/rsa/rsa_ossl.c:553: 140066667427072:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:../openssl-1.1.1g/crypto/asn1/a_verify.c:170: error server.pem: verification failed make: *** [Makefile:107: server.vrfy] Error 2 It seems the ca.pem mismatchs server.pem which results in failing to execute "openssl verify -CAfile ca.pem server.pem", so add the logic to check the file to avoid inconsistency. Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* rdist: fix parallel buildKai Kang2020-08-032-0/+32
| | | | | | | | | | | | | | | | | It fails to compile rdist occasionally when system load of build server is high: | In file included from common.c:57: | ../include/defs.h:49:10: fatal error: y.tab.h: No such file or directory | 49 | #include "y.tab.h" | | ^~~~~~~~~ | compilation terminated. Make $(COMMONOBJS) which include common.o to depends on related header files and y.tab.h to fix the parallel build failure. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: upgrade 4.10.15 -> 4.10.17Yi Zhao2020-07-314-2/+193
| | | | | | | | | | | | | | | | | This is a security release in order to address the following defects: CVE-2020-10730: NULL pointer de-reference and use-after-free in Samba AD DC LDAP Server with ASQ, VLV and paged_results. CVE-2020-10745: Parsing and packing of NBT and DNS packets can consume excessive CPU CVE-2020-10760: LDAP Use-after-free in Samba AD DC Global Catalog with paged_results and VLV. CVE-2020-14303: Empty UDP packet DoS in Samba AD DC nbtd. Also backport 3 patches to fix build error with musl. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* relayd: bump to latest revisionOleksandr Kravchuk2020-07-311-1/+1
| | | | | Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openconnect: update to 8.10Oleksandr Kravchuk2020-07-312-74/+6
| | | | | Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* firewalld: update to 0.8.3Oleksandr Kravchuk2020-07-311-3/+1
| | | | | | | nft build dependency has been removed in @3f7419dcb50a5bdcf800512d2491. Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* dhcpcd: update to 9.1.4Oleksandr Kravchuk2020-07-311-4/+5
| | | | | | | License checksum changed due to modified copyright years. Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nngpp: Add recipeJohan Jeppsson2020-07-281-0/+14
| | | | | | | nngpp is a c++ wrapper for nng Signed-off-by: Johan Jeppsson <johanje@axis.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: Fix conflicts with nss.h from glibcKhem Raj2020-07-222-0/+97
| | | | | | This is seen with glibc 2.32 where these names are also defined Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: Fix udev dependencyChristian Eggers2020-07-201-1/+1
| | | | | | | NetworkManager depends on libudev, but not on libgudev. Signed-off-by: Christian Eggers <ceggers@arri.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: Package nmcli separatelyChristian Eggers2020-07-201-0/+9
| | | | | | | nmcli depends on libreadline which is licensed under GPLv3. Signed-off-by: Christian Eggers <ceggers@arri.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* freeradius: fix the existed certificate errorMingli Yu2020-07-132-0/+56
| | | | | | | | | | | | | | | | | | | | | | | | Fixes the occasional error: # cd /etc/raddb/certs # ./bootstrap [snip] openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key 'whatever' -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf Using configuration from ./client.cnf Check that the request matches the signature Signature ok ERROR:There is already a certificate for /C=FR/ST=Radius/O=Example Inc./CN=user@example.org/emailAddress=user@example.org The matching entry has the following details Type :Valid Expires on :200908024833Z Serial Number :02 File name :unknown Subject Name :/C=FR/ST=Radius/O=Example Inc./CN=user@example.org/emailAddress=user@example.org make: *** [Makefile:128: client.crt] Error 1 Add the check to fix the above error and it does the same for server.crt. Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: fix Files/directories were installed but not shippedHongxu Jia2020-07-072-0/+31
| | | | | | | | | | | | | | | Since networkmanager: upgrade 1.22.10 -> 1.22.14, it added a new build option 'firewalld-zone', while enabling multilib, there is a QA issue ... ERROR: QA Issue: networkmanager: Files/directories were installed but not shipped in any package: /usr/lib/firewalld /usr/lib/firewalld/zones /usr/lib/firewalld/zones/nm-shared.xml ... Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* firewalld: upgrade 0.7.3 -> 0.7.5Adrian2020-07-021-4/+7
| | | | | | | | | | | | | See full changelogs - https://github.com/firewalld/firewalld/releases/tag/v0.7.4 - https://github.com/firewalld/firewalld/releases/tag/v0.7.5 Make documentation build optional. Delete RedHat specific modprobe config file. Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* blueman: upgrade 2.1.1 -> 2.1.3Andreas Müller2020-06-291-2/+1
| | | | | | | | | | | | | | | | | | | 2.1.3 Changes * Force cython to use python language version 3 Bugs fixed * Fix tooltip not updating when bluetooth is disabled * Fix dbus timeout in DhcClient * Call the right method when pulseaudio crashes * Handle os.remove failing 2.1.2 Bugs fixed * Signal bar updates with multiple adapters * Pairing with pincode Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* networkmanager: upgrade 1.22.10 -> 1.22.14Andreas Müller2020-06-291-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ================================================ NetworkManager-1.22.14 Overview of changes since NetworkManager-1.22.12 ================================================ This is a new stable release of NetworkManager. Notable changes include: * ifcfg-rh: handle "802-1x.{,phase2-}ca-path". Otherwise setting this property silently fails and a profile might accidentally not perform any authentication (CVE-2020-10754). * ifcfg-rh: handle 802-1x.pin properties. ================================================ NetworkManager-1.22.12 Overview of changes since NetworkManager-1.22.10 ================================================ This is a new stable release of NetworkManager. Notable changes include: * Fix a bug preventing lease renewal in the internal DHCP client. * Add a new build option 'firewalld-zone'; when enabled, NetworkManager installs a firewalld zone for connection sharing and puts interfaces using IPv4 or IPv6 shared mode in this zone during activation. The option is enabled by default. Note that NetworkManager still calls to iptables to enable masquerading and open needed ports for DHCP and DNS. The new option is useful on systems using firewalld with the nftables backend, where the iptables rules would not be sufficient. * Support changing the MTU of OVS interfaces. * Better handle a restart of ovsdb process. * Support the 'no-reload' and 'trust-ad' resolv.conf options. * Various minor bug fixes and improvements. Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* netplan: upgrade 0.98 -> 0.99Jacopo Dall'Aglio2020-06-261-10/+10
| | | | | | | | | | | | Main new features of netplan release 0.99: - YAML parser is now in a separate library named libnetplan - Systemd unit file for launching WPA Supplicant with netplan configuration is now generated at runtime See here for a full comparison: https://github.com/CanonicalLtd/netplan/compare/0.98...0.99 Signed-off-by: Jacopo Dall'Aglio <jacopo.dallaglio@kynetics.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mosquitto: typo fixMartin Kelly2020-06-081-1/+1
| | | | | | | | The "ssl" PACKAGECONFIG setting contains WITH_EC_OFF instead of WITH_EC=OFF, resulting in a build break when "ssl" is not set. Signed-off-by: Martin Kelly <mkelly@xevo.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mosquitto: add native, nativesdk supportMartin Kelly2020-06-081-0/+2
| | | | | Signed-off-by: Martin Kelly <mkelly@xevo.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* snort: upgrade 2.9.15 -> 2.9.16Zang Ruochen2020-05-312-51/+2
| | | | | | | | -0001-chdeck-for-gettid-API-during-configure.patch Removed since this is included in 2.9.16 Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mosquitto: upgrade 1.6.9 -> 1.6.10Zang Ruochen2020-05-311-2/+2
| | | | | Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* kea: upgrade 1.7.6 -> 1.7.7Zheng Ruoqin2020-05-211-2/+2
| | | | | Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* netplan: Depend on systemd if it is in distroKhem Raj2020-05-161-1/+2
| | | | | | | | | | it needs to link with libsystemd when using systemd as init system Fixes Package libsystemd was not found in the pkg-config search path. Perhaps you should add the directory containing `libsystemd.pc' to the PKG_CONFIG_PATH environment variable Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: upgrade 4.10.13 -> 4.10.15Yi Zhao2020-05-151-2/+2
| | | | | | | | | | This is a security release in order to address the following defects: CVE-2020-10700: Use-after-free in Samba AD DC LDAP Server with ASQ CVE-2020-10704: LDAP Denial of Service (stack overflow) in Samba AD DC Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: Remove the dependency on libbsdPeter Kjellerstedt2020-04-292-1/+106
| | | | | | | | | | | | It is unnecessary, and libbsd uses the "BSD-4-Clause" license, which can be problematic. To make it deterministic, a patch is introduced to allow libbsd support to be disabled. It resembles similar patches in, e.g., libldb, libtalloc, libtdb and libtevent. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wolfssl: upgrade 4.3.0 -> 4.4.0Pierre-Jean Texier2020-04-261-1/+1
| | | | | | | | | | Release 4.4.0 of wolfSSL embedded TLS has bug fixes, new features and fixes for security vulnerabilities. See full changelog https://github.com/wolfSSL/wolfssl/releases/tag/v4.4.0-stablefixes Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* kea: improve reproducibilityMingli Yu2020-04-261-0/+4
| | | | | | | | | | | | | | There are some shell scripts such as kea-admin, upgrade_4.0_to_5.0.sh, wipe_data.sh and etc contain build path. Actually the build path is meanlingless on the target, so replace abs_top_builddir to abs_top_builddir_placeholder to avoid expanding abs_top_builddir which introduces build path. Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mbedtls: upgrade 2.16.5 -> 2.16.6Pierre-Jean Texier2020-04-151-2/+2
| | | | | | | | | | Mbed TLS 2.16.6 is a maintenance release of the Mbed TLS 2.16 branch, and provides security fixes and bug fixes, see: - https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.6-and-2.7.15-released Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* relayd: use UPSTREAM_CHECK_COMMITSPierre-Jean Texier2020-04-041-0/+2
| | | | | | | | | | | | Fixes: $: devtool check-upgrade-status relayd <...> INFO: relayd 0.0.1 UNKNOWN_BROKEN None Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* miniupnpd: Package miniupnpd_functions.shVinothkumar2020-04-021-0/+1
| | | | | | | | Currently miniupnpd.service fails to start without miniupnpd_functions.sh in rootfs Signed-off-by: Vinothkumar <vinothkumar_baskaran@comcast.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* kea: upgrade 1.7.5 -> 1.7.6Wang Mingyu2020-03-311-2/+2
| | | | | Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* freeradius: don't download LFS content by defaultChangqing Li2020-03-261-1/+1
| | | | | | | | | | | | | fix error: Fetcher failure: Repository git://github.com/FreeRADIUS/freeradius-server.git has LFS content, install git-lfs on host to download (or set lfs=0 to ignore it) upstream has file .lfsconfig to make it not download lfs files by default, so we also don't download it by default Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ufw: fix upstream check URLPierre-Jean Texier2020-03-231-0/+3
| | | | | | | | | | | | Fixes: $: devtool check-upgrade-status ufw <...> INFO: ufw 0.33 UNKNOWN_BROKEN None Signed-off-by: Pierre-Jean Texier <pjtexier@koncepto.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* civetweb: upgrade 1.11 -> 1.12Wang Mingyu2020-03-201-3/+3
| | | | | | | -License-Update: Copyright year updated to 2020. Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>