summaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-support
Commit message (Collapse)AuthorAgeFilesLines
...
* openvpn: upgrade 2.6.7 -> 2.6.9Yi Zhao2024-03-021-2/+2
| | | | | | | | | | | | License-Update: Remove conditional text for Apache2 linking exception[1] ChangeLog: https://github.com/OpenVPN/openvpn/blob/v2.6.9/Changes.rst [1] https://github.com/OpenVPN/openvpn/commit/20bc8bd5af9d1ee0489d0ee58ae9c2c2f9b0cf9f Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openipmi: fix do_configure error when using dashYi Zhao2024-02-281-2/+4
| | | | | | | | | | | | | | We encountered a do_configure error when using dash on Ubuntu 20.04: conftest.c:31:26: fatal error: Python.h: No such file or directory 31 | #include <Python.h> | ^~~~~~~~~~ It seems that PYTHON_CPPFLAGS is not passed to configure command correctly. Use configuration option --with-pythoncflags instead of passing it in cmdline. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* dnsmasq: Upgrade 2.89 -> 2.90Peter Marko2024-02-263-84/+1
| | | | | | | | | | Fixes CVE-2023-50387 and CVE-2023-50868 Remove backported CVE patch. Remove patch for lua as hardcoding lua version was removed. Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wavemon: add recipe for version 0.9.5Romain Naour2024-02-211-0/+28
| | | | | | | | | | | | | | | | | | | | | | wavemon is an ncurses-based monitoring application for wireless network devices on Linux. We have to provide the path to libnl3 headers since the build system is not able to find them. In order to workaround a link issue with pthread library, we have to add -pthread to CFLAGS in order to add the library after the object file. arm-none-linux-gnueabihf/bin/ld: info_scr.o: undefined reference to symbol 'pthread_mutex_trylock@@GLIBC_2.4' [...]/wavemon/0.9.5-r0/recipe-sysroot/lib/libpthread.so.0: error adding symbols: DSO missing from command line "We should mention the library on the command line after the object files being compiled" [1] [1] https://stackoverflow.com/questions/19901934/libpthread-so-0-error-adding-symbols-dso-missing-from-command-line Signed-off-by: Romain Naour <romain.naour@smile.fr> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wireshark: upgrade 4.2.2 -> 4.2.3Wang Mingyu2024-02-201-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* unbound: upgrade 1.19.0 -> 1.19.1Wang Mingyu2024-02-201-2/+2
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* dropwatch: Use header files from sysroot instead of build hostchenheyun2024-02-182-1/+31
| | | | | | | | | | | | | | | | | | | | | | it does not match with our real head file form kernel.(net_dropmon.h) net_dropmon.h in dropwatch local src/net_dropmon.h. linux kernel also have it in include/uapi/linux/net_dropmon.h for example,our kernel is linux5.10: diff tmp/work/cortexa57-poky-linux/dropwatch/1.5.4+git-r0/recipe-sysroot/usr/ include/linux/net_dropmon.h tmp/work/cortexa57-poky-linux/dropwatch/1.5.4+git-r0/git/src/net_dropmon.h 1c1,3 < 95a94 > NET_DM_ATTR_REASON, /* string */ it will cause mismatch when we use dropwatch in older kernel version(v5.10), will cause dropwatch and kernel drop_monitor module mismatch with netlink talk. we should build it with header from sysroot which comes from matching kernel. Signed-off-by: chenheyun <chen_heyun@163.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tcpslice: upgrade 1.6 -> 1.7Wang Mingyu2024-02-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: =========== - Use "git archive" for the "make releasetar" process. - Makefile.in: Add the releasecheck target. - Cirrus CI: Add the "make releasecheck" command in the Linux task. - INSTALL.md: Add missing files. - Makefile.in: Add "make -s install" in the releasecheck target. - Makefile.in: Add the whitespacecheck target. - Cirrus CI: Run the "make whitespacecheck" command in the Linux task. - Makefile.in: Add some missing files in the distclean target. - autoconf: Add autogen.sh, remove configure and config.h.in. - autoconf: Require at least autoconf 2.69. - autoconf: Address most warnings from Autoconf 2.71. - autoconf: Update install-sh script to the latest available version. - autoconf: Update config.{guess,sub}, timestamps 2024-01-01 - Fix a build error on Haiku. - Do the version number the same way as in tcpdump and libpcap. - Lose unused missing/strlcpy.c. - Use posix_fadvise() on input files if available. - Prefer calloc() over malloc(). - Fix --static-pcap-only test on Solaris 10. - autoconf: replace --with-system-libpcap with --disable-local-libpcap. - autoconf: Find a local libpcap even with rcX directory suffix - configure: special-case macOS /usr/bin/pcap-config - On Solaris, for 64-bit builds, use the 64-bit pcap-config. - configure: don't use egrep, use $EGREP. - Add some warning flags for Clang 13 or newer. - Fix some warnings with -Wmissing-variable-declarations. - Make various improvements to the instrument functions. - autoconf: Remove many obsolete elements, including workarounds for BSD/OS, IRIX, OSF/1, Solaris, Ultrix and possibly other OSes. - autoconf: Refine reporting of os-proto.h. - tcpslice(1): Use bold font more consistently. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* rdma-core: upgrade 48.0 -> 50.0Wang Mingyu2024-02-092-8/+6
| | | | | | | | | | | | | | | | | | | | | Changelog: ============= -Merge pull request #1419 from EdwardSro/pr-update-to-fc39 -Merge pull request #1422 from nmorey/dev/master/min-version -README: Bump minimum supported version to v30.x -Merge pull request #1421 from ffontaine/master -cbuild: Update to Fedora 39 -build: Fix cmake warning -pyverbs: Adapt includes in Fedora 39 [ #5860 ] -pyverbs: Fix runtime warnings in Fedora 39 -pyverbs: Fix compilation error in Fedora 39 -util/udma_barrier.h: fix mips4 build 0001-cmake-Allow-SYSTEMCTL_BIN-to-be-overridden-from-envi.patch refreshed for 50.0 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* recipes: drop ${SRCPV} usageMartin Jansa2024-02-098-8/+8
| | | | | | | | | | * Drop SRCPV similarly like oe-core did in: https://git.openembedded.org/openembedded-core/commit/?h=nanbield&id=843f82a246a535c353e08072f252d1dc78217872 * SRCPV is deferred now from PV to PKGV since: https://git.openembedded.org/openembedded-core/commit/?h=nanbield&id=a8e7b0f932b9ea69b3a218fca18041676c65aba0 Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
* ndisc6: upgrade 1.0.7 -> 1.0.8Wang Mingyu2024-02-091-1/+1
| | | | | | | | | Changelog ============ Fix potential garbage whilst prining an advertised prefix. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wireshark: upgrade 4.2.0 -> 4.2.2Wang Mingyu2024-01-231-1/+1
| | | | | | | | | | | | | Changelog: ============ -sharkd is not installed by the Windows installer. -Fuzz job crash output: fuzz-2024-01-01-7740.pcap. -Can't open a snoop file from the Open dialog box unless I select \"All files\" as the file type. -Add s4607 dissector to \"decode as\" -Updater for 4.2.1 hangs. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* dropwatch: add new recipeChristophe Vu-Brugier2024-01-221-0/+18
| | | | | | | | | | | | Dropwatch is a utility to help developers and system administrators to diagnose problems in the Linux Networking stack, specifically their ability to diagnose where packets are getting dropped. References: * https://github.com/nhorman/dropwatch Signed-off-by: Christophe Vu-Brugier <christophe.vu-brugier@seagate.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libtalloc, libtevent, libtdb, libldb: set PYTHONARCHDIR for waf to respect ↵Martin Jansa2024-01-224-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | python libdir * fixes installed-vs-shipped when libdir in target is different than in native python e.g. with multilib enabled: ERROR: QA Issue: libtdb: Files/directories were installed but not shipped in any package: /usr/lib/python3.12/site-packages/tdb.so /usr/lib/python3.12/site-packages/_tdb_text.py Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install. libtdb: 2 installed and not shipped files. [installed-vs-shipped] ERROR: QA Issue: libtalloc: Files/directories were installed but not shipped in any package: /usr/lib/python3.12/site-packages/talloc.so Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install. libtalloc: 1 installed and not shipped files. [installed-vs-shipped] ERROR: QA Issue: libtevent: Files/directories were installed but not shipped in any package: /usr/lib/python3.12/site-packages/_tevent.so /usr/lib/python3.12/site-packages/tevent.py Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install. lib32-libtevent: 2 installed and not shipped files. [installed-vs-shipped] * waflib has some fallback to query distutils when PYTHONARCHDIR isn't set in environment as in: https://gitlab.com/ita1024/waf/-/commit/84c26588fc3d479a1e79e1edacaa2cf052286c07 but this still returns wrong value from print(get_python_lib(plat_specific=1, standard_lib=0, prefix='/usr')) e.g. /usr/lib/python3.12/site-packages matching native layout instead of: /usr/lib64/python3.12/site-packages * python3targetconfig inherit breaks waflib as well as shown in config.log: ['libtdb/1.4.9/recipe-sysroot-native/usr/bin/python3-native/python3', '-c', "\ntry:\n\tfrom distutils.sysconfig import get_config_var, get_python_lib\nexcept ImportError:\n\tfrom sysconfig import get_config_var, get_path\n\tdef get_python_lib(*k, **kw):\n\t\tkeyword='platlib' if kw.get('plat_specific') else 'purelib'\n\t\tif 'prefix' in kw:\n\t\t\treturn get_path(keyword, vars={'installed_base': kw['prefix'], 'platbase': kw['prefix']})\n\t\treturn get_path(keyword)\n\nprint(repr(get_python_lib(standard_lib=0, prefix='/usr') or ''))"] err: Traceback (most recent call last): File "<string>", line 12, in <module> File "<string>", line 9, in get_python_lib File "libtdb/1.4.9/recipe-sysroot-native/usr/lib/python3.12/sysconfig.py", line 636, in get_path return get_paths(scheme, vars, expand)[name] ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "libtdb/1.4.9/recipe-sysroot-native/usr/lib/python3.12/sysconfig.py", line 626, in get_paths return _expand_vars(scheme, vars) ^^^^^^^^^^^^^^^^^^^^^^^^^^ File "libtdb/1.4.9/recipe-sysroot-native/usr/lib/python3.12/sysconfig.py", line 270, in _expand_vars _extend_dict(vars, get_config_vars()) ^^^^^^^^^^^^^^^^^ File "libtdb/1.4.9/recipe-sysroot-native/usr/lib/python3.12/sysconfig.py", line 728, in get_config_vars _init_config_vars() File "libtdb/1.4.9/recipe-sysroot-native/usr/lib/python3.12/sysconfig.py", line 670, in _init_config_vars _init_posix(_CONFIG_VARS) File "libtdb/1.4.9/recipe-sysroot-native/usr/lib/python3.12/sysconfig.py", line 536, in _init_posix _temp = __import__(name, globals(), locals(), ['build_time_vars'], 0) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ModuleNotFoundError: No module named '_sysconfigdata' * setting PYTHONARCHDIR is simplest fix * this also fixes libldb failure when it fails to find e.g. tevent after these installed-vs-shipped issues instealled it in wrong libdir: Checking for system tevent (>=0.15.0) : yes Traceback (most recent call last): File "lib32-libldb/2.8.0/ldb-2.8.0/third_party/waf/waflib/Scripting.py", line 159, in waf_entry_point run_commands() File "lib32-libldb/2.8.0/ldb-2.8.0/third_party/waf/waflib/Scripting.py", line 255, in run_commands ctx = run_command(cmd_name) ^^^^^^^^^^^^^^^^^^^^^ File "lib32-libldb/2.8.0/ldb-2.8.0/third_party/waf/waflib/Scripting.py", line 239, in run_command ctx.execute() File "lib32-libldb/2.8.0/ldb-2.8.0/third_party/waf/waflib/Configure.py", line 159, in execute super(ConfigurationContext, self).execute() File "lib32-libldb/2.8.0/ldb-2.8.0/third_party/waf/waflib/Context.py", line 214, in execute self.recurse([os.path.dirname(g_module.root_path)]) File "lib32-libldb/2.8.0/ldb-2.8.0/third_party/waf/waflib/Context.py", line 296, in recurse user_function(self) File "lib32-libldb/2.8.0/ldb-2.8.0/wscript", line 54, in configure conf.RECURSE('lib/tevent') File "lib32-libldb/2.8.0/ldb-2.8.0/buildtools/wafsamba/samba_utils.py", line 66, in fun return f(*k, **kw) ^^^^^^^^^^^ File "lib32-libldb/2.8.0/ldb-2.8.0/buildtools/wafsamba/samba_utils.py", line 469, in RECURSE return ctx.recurse(relpath) ^^^^^^^^^^^^^^^^^^^^ File "lib32-libldb/2.8.0/ldb-2.8.0/third_party/waf/waflib/Context.py", line 296, in recurse user_function(self) File "lib32-libldb/2.8.0/ldb-2.8.0/lib/tevent/wscript", line 51, in configure conf.CHECK_BUNDLED_SYSTEM_PYTHON('pytevent', 'tevent', minversion=VERSION): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "lib32-libldb/2.8.0/ldb-2.8.0/buildtools/wafsamba/samba_utils.py", line 66, in fun return f(*k, **kw) ^^^^^^^^^^^ File "lib32-libldb/2.8.0/ldb-2.8.0/buildtools/wafsamba/samba_bundled.py", line 270, in CHECK_BUNDLED_SYSTEM_PYTHON if not found and not conf.LIB_MAY_BE_BUNDLED(libname): ^^^^^ UnboundLocalError: cannot access local variable 'found' where it is not associated with a value and then it needs PYTHONARCHDIR as well to fix: ERROR: libldb-2.8.0-r0 do_package: QA Issue: libldb: Files/directories were installed but not shipped in any package: /usr/lib /usr/lib/python3.12 /usr/lib/python3.12/site-packages /usr/lib/python3.12/site-packages/_ldb_text.py /usr/lib/python3.12/site-packages/ldb.so /usr/lib/python3.12/site-packages/.debug /usr/lib/python3.12/site-packages/.debug/ldb.so Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install. libldb: 7 installed and not shipped files. [installed-vs-shipped] Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mdio-tools: upgrade 1.3.0 -> 1.3.1Michael Haener2024-01-093-1/+1
| | | | | | | | | | | | Changelog: * Multiple registers can now be dumped at once, via the generic dump operation. * Relax the driver matching to accept the strings used in kernels 6.2 and newer. Signed-off-by: Michael Haener <michael.haener@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* traceroute: upgrade 2.1.3 -> 2.1.5Wang Mingyu2024-01-081-1/+1
| | | | | | | | | Changelog ======== Fix rfc5837 parsing Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* chrony: upgrade 4.4 -> 4.5Wang Mingyu2024-01-081-1/+1
| | | | | | | | | | | | | Changelog ======== * Add support for AES-GCM-SIV in GnuTLS * Add support for corrections from PTP transparent clocks * Add support for systemd socket activation * Fix presend in interleaved mode * Fix reloading of modified sources from sourcedir Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libldb: upgrade 2.7.2 -> 2.8.0Yi Zhao2024-01-085-36/+27
| | | | | | | | | * Remove PACKAGECONFIG[libaio] as libaio is no longer required by libldb. * Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libtevent: upgrade 0.14.1 -> 0.16.0Yi Zhao2024-01-084-39/+55
| | | | | | | | | * Remove PACKAGECONFIG[libaio] as libaio is no longer required by libtevent. * Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libtalloc: upgrade 2.4.0 -> 2.4.1Yi Zhao2024-01-085-41/+60
| | | | | | | | | | * Remove PACKAGECONFIG[libaio] as libaio is no longer required by libtalloc. * Add ptest. * Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libtdb: upgrade 1.4.8 -> 1.4.9Yi Zhao2024-01-084-37/+53
| | | | | | | | | | * Remove PACKAGECONFIG[libaio] as libaio is no longer required by libtdb. * Add ptest. * Refresh patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openipmi: update 2.0.32 -> 2.0.34Alexander Kanavin2023-12-317-109/+16
| | | | | | | | | | This resolves dependency on removed python distutils in particular. openipmi-remove-host-path-from-la_LDFLAGS.patch is removed as issue is fixed upstream. Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wireshark: update 4.0.10 -> 4.2.0Alexander Kanavin2023-12-316-148/+73
| | | | | | | This resolves python 3.12 issues. Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* uftp: upgrade 5.0.2 -> 5.0.3Wang Mingyu2023-12-291-1/+1
| | | | | | | | | | Changelog: =========== -A memory leak fix in the prior version wasn't applied correctly, resulting in an invalid memory access causing a crash. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* open-vm-tools: upgrade 12.1.5 -> 12.3.5Yi Zhao2023-12-2717-227/+67
| | | | | | | | | | Release Notes: https://github.com/vmware/open-vm-tools/blob/stable-12.3.5/ReleaseNotes.md ChangeLog: https://github.com/vmware/open-vm-tools/blob/stable-12.3.5/open-vm-tools/ChangeLog Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* strongswan: upgrade 5.9.12 -> 5.9.13Wang Mingyu2023-12-181-1/+1
| | | | | | | | | | | Changelog: - Fixes a regression with handling OCSP error responses and adds a new option to specify the length of nonces in OCSP requests. Also adds some other improvements for OCSP handling and fuzzers for OCSP requests/responses. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ifenslave: upgrade 2.13 -> 2.14Wang Mingyu2023-12-181-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* pgpool2: use autotools-brokensep instead of setting Balperak2023-12-121-2/+2
| | | | | Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* spice-gtk: Set meson version based on PVMarkus Volk2023-11-291-0/+4
| | | | | | | This fixes build for gnome-boxes Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* spice: Set meson version based on PVMarkus Volk2023-11-291-0/+4
| | | | | | | | | | | | | This fixes: | Dependency spice-server found: NO found UNKNOWN but need: '>=0.14.0' | Run-time dependency spice-server found: NO | | ../qemu-8.1.2/meson.build:1038:10: ERROR: Dependency lookup for spice-server with method 'pkgconfig' failed: Invalid version, need 'spice-server' ['>=0.14.0'] found 'UNKNOWN'. Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libcacard: set meson version based on PVMarkus Volk2023-11-292-38/+5
| | | | | Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libcacard: fix version string in libcacard.pcMarkus Volk2023-11-232-1/+38
| | | | | Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libexosip2: package binaries in a separate packageCharles Perry2023-11-221-0/+3
| | | | | | | | Put sip_monitor, sip_reg and sip_storm in a separate libexosip2-tools package as they won't be needed most of the time. Signed-off-by: Charles Perry <charles.perry@savoirfairelinux.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libexosip2: add c-ares and openssl PACKAGECONFIGCharles Perry2023-11-221-0/+4
| | | | | | | They are enabled by default as libexosip2 works better with those. Signed-off-by: Charles Perry <charles.perry@savoirfairelinux.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* strongswan: upgrade 5.9.11 -> 5.9.12Wang Mingyu2023-11-211-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ========== - Fixed a vulnerability in charon-tkm related to processing DH public values that can lead to a buffer overflow and potentially remote code execution. - The new `pki --ocsp` command produces OCSP responses based on certificate status information provided by plugins. - The cert-enroll script handles the initial enrollment of an X.509 host certificate with a PKI server via the EST or SCEP protocols. - The --priv argument for charon-cmd allows using any type of private key. - Support for nameConstraints of type iPAddress has been added (the openssl plugin previously didn't support nameConstraints at all). - SANs of type uniformResourceIdentifier can now be encoded in certificates. - Password-less PKCS#12 and PKCS#8 files are supported. - A new global option allows preventing peers from authenticating with trusted end-entity certificates (i.e. local certificates). - ECDSA public keys that encode curve parameters explicitly are now rejected by all plugins that support ECDSA. - charon-nm now actually uses the XFRM interfaces added with 5.9.10, it can also use the name in connection.interface-name. - The resolve plugin tries to maintain the order of installed DNS servers. - The kernel-libipsec plugin always installs routes even if no address is found in the local traffic selectors. - Increased the default receive buffer size for Netlink sockets to 8 MiB and simplified its configuration. - Copy the issuer's subjectKeyIdentifier as authorityKeyIdentifier instead of always generating a hash of the subjectPublicKey. - Fixed issues while reestablishing multiple CHILD_SAs (e.g. after a DPD timeout) that could cause a reqid to get assigned to multiple CHILD_SAs with unrelated traffic selectors. - Fixed a possible infinite loop issue in watcher_t and removed WATCHER_EXCEPT, instead callbacks are always invoked even if only errors are signaled. - Fixed a regression in the IKE_SA_INIT tracking code added with 5.9.6 when handling invalid messages. - Fixed adding the XFRMA_REPLAY_ESN_VAL attribute twice when updating SAs. - Correctly encode SPI from REKEY_SA notify in CHILD_SA_NOT_FOUND notify if CHILD_SA is not found during rekeying. - The testing environment is now based on Debian 12 (bookworm), by default. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ntpsec, net-snmp: drop ${PE}, ${PR} from /usr/src/debug pathsMartin Jansa2023-11-201-1/+1
| | | | | Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* uftp: upgrade 5.0.1 -> 5.0.2Wang Mingyu2023-11-171-1/+1
| | | | | | | | | | Changelog: ========= -Fixed bug that caused crash when a CLIENT_KEY arrived out of order -Fixed option handling on Windows when an argument is missing Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openvpn: upgrade 2.6.6 -> 2.6.7Wang Mingyu2023-11-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ============ dco: fix crash when --multihome is used with --proto tcp Mock openvpn_exece on win32 also for test_tls_crypt Add warning for the --show-groups command that some groups are missing Print peer temporary key details Add warning if a p2p NCP client connects to a p2mp server Remove openssl engine method for loading the key Remove saving initial frame code Double check that we do not use a freed buffer when freeing a session Fix using to_link buffer after freed GHA: do not trigger builds in openvpn-build anymore GHA: new workflow to submit scan to Coverity Scan service buffer: use memcpy in buf_catrunc vcpkg-ports/pkcs11-helper: Backport MinGW series from master to release/2.6 CMake: backport CMake buildsystem from master to release/2.6 Remove all traces of the previous MSVC build system doc: fix argument name in --route-delay documentation dns option: remove support for exclude-domains Warn user if INFO control command is too long dco-win: get driver version dco: warn if DATA_V1 packets are sent to userspace Make cert_data.h and test_cryptoapi/pkcs11.c MSVC compliant Log OpenSSL errors on failure to set certificate configure: disable engines if OPENSSL_NO_ENGINE is defined Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* unbound: upgrade 1.18.0 -> 1.19.0Beniamin Sandu2023-11-151-1/+1
| | | | | | | Full changelog: https://github.com/NLnetLabs/unbound/releases/tag/release-1.19.0 Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* drop GNOMEBASEBUILDCLASS = "meson"Markus Volk2023-11-111-1/+0
| | | | | | It is set to meson by default Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tnftp: upgrade 20210827 -> 20230507Khem Raj2023-11-061-4/+3
| | | | | | License-Update: Its now under BSD-2-Clause Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openvpn: upgrade 2.6.3 -> 2.6.6Khem Raj2023-11-061-2/+2
| | | | | | License-Update: Added Apache2 linking exception Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mdio-tools: Add virtual/kernel dependency to avoid stale SPDX referenceAndrew Jeffery2023-10-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | OpenBMC enables SPDX SBOM generation by default. For Meta's Bletchley platform we found that mdio-tools and its relationships with both mdio-netlink and the mdio-netlink kernel module break SPDX processing while generating the rootfs after a kernel bump. For example, the following output was generated by `bitbake obmc-phosphor-image`: ERROR: obmc-phosphor-image-1.0-r0 do_rootfs: Cannot find any SPDX file for document http://spdx.org/spdxdoc/kernel-module-mdio-netlink-6.5.4-da279e9-00089-gda279e98c07f-89187488-3164-50cb-94c5-8b76a30ea093 The error occurred after the following patch was applied (again, in the context of OpenBMC): diff --git a/meta-aspeed/recipes-kernel/linux/linux-aspeed_git.bb b/meta-aspeed/recipes-kernel/linux/linux-aspeed_git.bb index e6f98297c540..b852e993f0f6 100644 --- a/meta-aspeed/recipes-kernel/linux/linux-aspeed_git.bb +++ b/meta-aspeed/recipes-kernel/linux/linux-aspeed_git.bb @@ -1,6 +1,6 @@ KBRANCH ?= "dev-6.5" -LINUX_VERSION ?= "6.5.4" +LINUX_VERSION ?= "6.5.9" -SRCREV="da279e98c07f9c948c60a434ab0043a55c26ea1d" +SRCREV="fc8d4fdba5bd2b9b1cea2aa8a731531943c45aa7" require linux-aspeed.inc With the lack of a dependency the mdio-tools package is not rebuilt subsequent to the kernel bump and the package information remains stale, leading to an incorrect SPDX path being generated. Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* meta-networking: Drop broken BBCLASSEXTEND variantsRichard Purdie2023-10-241-1/+1
| | | | | | | | | | | | | | | | | | The command "bitbake universe -c fetch" currently throws a ton of warnings as there are many 'impossible' dependencies. In some cases these variants may never have worked and were just added by copy and paste of recipes. In some cases they once clearly did work but became broken somewhere along the way. Users may also be carrying local bbappend files which add further BBCLASSEXTEND. Having universe fetch work without warnings is desireable so clean up the broken variants. Anyone actually needing something dropped here can propose adding it and the correct functional dependencies back quite easily. This also then ensures we're not carrying or fixing things nobody uses. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wireshark: upgrade 4.0.8 -> 4.0.10Wang Mingyu2023-10-231-1/+1
| | | | | | | | Bugfix: Error loading g729.so plugin with Wireshark 4.0.9 and 3.6.17 on macOS. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* rdma-core: upgrade 47.0 -> 48.0Wang Mingyu2023-10-231-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libexosip2: add recipeCharles Perry2023-10-171-0/+15
| | | | | | | | libexosip2 extends the capabilities of the osip2 library. It can be a useful building block for an embedded device application. Signed-off-by: Charles Perry <charles.perry@savoirfairelinux.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libosip2: add recipeCharles Perry2023-10-171-0/+15
| | | | | | | | The GNU oSIP library is an implementation of SIP - rfc3261. It can be a useful building block for an embedded device application. Signed-off-by: Charles Perry <charles.perry@savoirfairelinux.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libldb: add ptestYi Zhao2023-10-123-50/+26
| | | | | | | | | | | | | | | | | | | | | * use external cmocka instead of bundled cmocka * add run-ptest script Ptest results: $ ptest-runner libldb START: ptest-runner 2023-10-12T11:49 BEGIN: /usr/lib/libldb/ptest PASS: test_ldb_dn PASS: test_ldb_qsort DURATION: 0 END: /usr/lib/libldb/ptest 2023-10-12T11:49 STOP: ptest-runner TOTAL: 1 FAIL: 0 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libtevent: fix ptestYi Zhao2023-10-123-58/+24
| | | | | | | | | | | | | | * use external cmocka instead of bundled cmocka * add run-ptest script Ptest results: $ ./run-ptest PASS: replace_testsuite PASS: test_tevent_tag PASS: test_tevent_trace Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>