summaryrefslogtreecommitdiffstats
path: root/meta-networking
Commit message (Collapse)AuthorAgeFilesLines
* uftp: upgrade 5.0.1 -> 5.0.2Wang Mingyu2023-11-171-1/+1
| | | | | | | | | | Changelog: ========= -Fixed bug that caused crash when a CLIENT_KEY arrived out of order -Fixed option handling on Windows when an argument is missing Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openvpn: upgrade 2.6.6 -> 2.6.7Wang Mingyu2023-11-171-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ============ dco: fix crash when --multihome is used with --proto tcp Mock openvpn_exece on win32 also for test_tls_crypt Add warning for the --show-groups command that some groups are missing Print peer temporary key details Add warning if a p2p NCP client connects to a p2mp server Remove openssl engine method for loading the key Remove saving initial frame code Double check that we do not use a freed buffer when freeing a session Fix using to_link buffer after freed GHA: do not trigger builds in openvpn-build anymore GHA: new workflow to submit scan to Coverity Scan service buffer: use memcpy in buf_catrunc vcpkg-ports/pkcs11-helper: Backport MinGW series from master to release/2.6 CMake: backport CMake buildsystem from master to release/2.6 Remove all traces of the previous MSVC build system doc: fix argument name in --route-delay documentation dns option: remove support for exclude-domains Warn user if INFO control command is too long dco-win: get driver version dco: warn if DATA_V1 packets are sent to userspace Make cert_data.h and test_cryptoapi/pkcs11.c MSVC compliant Log OpenSSL errors on failure to set certificate configure: disable engines if OPENSSL_NO_ENGINE is defined Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* unbound: upgrade 1.18.0 -> 1.19.0Beniamin Sandu2023-11-151-1/+1
| | | | | | | Full changelog: https://github.com/NLnetLabs/unbound/releases/tag/release-1.19.0 Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* pkggrp: drop netkitArmin Kuster2023-11-151-17/+0
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* README: drop netkit maintainerArmin Kuster2023-11-151-1/+0
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* MAINTANERS: drop netkitArmin Kuster2023-11-151-4/+0
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* netkit: Drop old and no upstreamArmin Kuster2023-11-1542-3596/+0
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* system-config-printer: Add cups to rdependsMarkus Volk2023-11-141-0/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cannelloni: Fix build with clang and libc++ runtimeKhem Raj2023-11-132-1/+40
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openfortivpn: upgrade 1.20.5 -> 1.21.0alperak2023-11-121-1/+1
| | | | | | | | | | | | Changelog: * fix "Peer refused to agree to his IP address" message, again * deprecate option --plugin * better masking of password in logs * break on reading 0 from ppp pty, for non-Linux systems Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libdnet: upgrade 1.16.3 -> 1.17.0alperak2023-11-123-70/+3
| | | | | | | | | | | | Patches removed because fixed in the new version. Changelog: - Various fixes around the build process (esp. cmake support + string.h include fixes) - Stronger cmake support, updated autotools and a few smaller fixes. Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* civetweb: upgrade 1.12 -> 1.16alperak2023-11-121-3/+4
| | | | | | | | | | | | | | | | | | | ========================= - Added "-DCIVETWEB_SSL_OPENSSL_API_3_0=ON" because of following error: civetweb.c:1561:2: error: #error "Please define OPENSSL_API_#_# or USE_MBEDTLS" You may also want to check out the available CMake options here: https://github.com/civetweb/civetweb/blob/d7ba35bbb649209c66e582d5a0244ba988a15159/CMakeLists.txt ========================= Changelog: https://github.com/civetweb/civetweb/blob/d7ba35bbb649209c66e582d5a0244ba988a15159/RELEASE_NOTES.md Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* cannelloni: upgrade 1.0.0 -> 1.1.0alperak2023-11-121-1/+1
| | | | | | | | | | | | | Changelog: - Typo fix in cannelloni.h - workflows: add nix-test.yml - Add TCP mode - No peer checking - Add -Wall switch and fix all warnings Signed-off-by: alperak <alperyasinak1@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* meta-networking: Use autotools make systemKhem Raj2023-11-123-0/+3
| | | | | | OE-core is switching to default to meson for gnome recipes Signed-off-by: Khem Raj <raj.khem@gmail.com>
* drop GNOMEBASEBUILDCLASS = "meson"Markus Volk2023-11-112-2/+0
| | | | | | It is set to meson by default Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wireguard-tools: Use PACKAGECONFIG to select wg-quick and bash-completionDaiane Angolini2023-11-091-7/+5
| | | | | | | | | | | | Condition the creation of some files and their consequences to a PACKAGECONFIG, which can be overridden outside the meta layer. It removes the sub package wireguard-tools-wg-quick as PACKAGECONFIG is supposed to work to configure a package only, and not deal with sub packages. Signed-off-by: Daiane Angolini <daiane.angolini@foundries.io> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* tnftp: upgrade 20210827 -> 20230507Khem Raj2023-11-061-4/+3
| | | | | | License-Update: Its now under BSD-2-Clause Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wolfssl: upgrade 5.5.4 -> 5.6.4Khem Raj2023-11-061-1/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-scapy: upgrade to latest revisionKhem Raj2023-11-061-1/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* usrsctp: upgrade to latest revisionKhem Raj2023-11-061-1/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nng: upgrade 1.5.2 -> 12Khem Raj2023-11-061-0/+0
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* openvpn: upgrade 2.6.3 -> 2.6.6Khem Raj2023-11-061-2/+2
| | | | | | License-Update: Added Apache2 linking exception Signed-off-by: Khem Raj <raj.khem@gmail.com>
* ipset: upgrade 7.15 -> 7.19Khem Raj2023-11-061-1/+1
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mbedtls: upgrade 3.4.1 -> 3.5.0Beniamin Sandu2023-10-304-70/+89
| | | | | | | | | | | | | * Includes security fix for CVE-2023-43615 - Buffer overread in TLS stream cipher suites * Includes security fix for CVE-2023-45199 - Buffer overflow in TLS handshake parsing with ECDH * Includes aesce compilation fixes Full changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.5.0 The extra patch fixes x86 32-bit builds. Signed-off-by: Beniamin Sandu <beniaminsandu@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mdio-tools: Add virtual/kernel dependency to avoid stale SPDX referenceAndrew Jeffery2023-10-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | OpenBMC enables SPDX SBOM generation by default. For Meta's Bletchley platform we found that mdio-tools and its relationships with both mdio-netlink and the mdio-netlink kernel module break SPDX processing while generating the rootfs after a kernel bump. For example, the following output was generated by `bitbake obmc-phosphor-image`: ERROR: obmc-phosphor-image-1.0-r0 do_rootfs: Cannot find any SPDX file for document http://spdx.org/spdxdoc/kernel-module-mdio-netlink-6.5.4-da279e9-00089-gda279e98c07f-89187488-3164-50cb-94c5-8b76a30ea093 The error occurred after the following patch was applied (again, in the context of OpenBMC): diff --git a/meta-aspeed/recipes-kernel/linux/linux-aspeed_git.bb b/meta-aspeed/recipes-kernel/linux/linux-aspeed_git.bb index e6f98297c540..b852e993f0f6 100644 --- a/meta-aspeed/recipes-kernel/linux/linux-aspeed_git.bb +++ b/meta-aspeed/recipes-kernel/linux/linux-aspeed_git.bb @@ -1,6 +1,6 @@ KBRANCH ?= "dev-6.5" -LINUX_VERSION ?= "6.5.4" +LINUX_VERSION ?= "6.5.9" -SRCREV="da279e98c07f9c948c60a434ab0043a55c26ea1d" +SRCREV="fc8d4fdba5bd2b9b1cea2aa8a731531943c45aa7" require linux-aspeed.inc With the lack of a dependency the mdio-tools package is not rebuilt subsequent to the kernel bump and the package information remains stale, leading to an incorrect SPDX path being generated. Signed-off-by: Andrew Jeffery <andrew@codeconstruct.com.au> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* network-manager-applet,networkmanager-openvpn, networkmanager: Apply linker ↵Khem Raj2023-10-283-2/+2
| | | | | | | | | versioning patch when using lld only This patch caused GNU linker to fail linking, therefore limit it to just lld. Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mosquitto: Support building for native againPeter Kjellerstedt2023-10-261-0/+2
| | | | | | | | | | Support for building from native was removed in commit e1b332f2e (meta-networking: Drop broken BBCLASSEXTEND variants), most likely due to no support for building libwebsockets-native. That support has now been added, so it is now possible to build mosquitto-native again. Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* meta-networking: Drop broken BBCLASSEXTEND variantsRichard Purdie2023-10-242-3/+1
| | | | | | | | | | | | | | | | | | The command "bitbake universe -c fetch" currently throws a ton of warnings as there are many 'impossible' dependencies. In some cases these variants may never have worked and were just added by copy and paste of recipes. In some cases they once clearly did work but became broken somewhere along the way. Users may also be carrying local bbappend files which add further BBCLASSEXTEND. Having universe fetch work without warnings is desireable so clean up the broken variants. Anyone actually needing something dropped here can propose adding it and the correct functional dependencies back quite easily. This also then ensures we're not carrying or fixing things nobody uses. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* wireshark: upgrade 4.0.8 -> 4.0.10Wang Mingyu2023-10-231-1/+1
| | | | | | | | Bugfix: Error loading g729.so plugin with Wireshark 4.0.9 and 3.6.17 on macOS. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* rdma-core: upgrade 47.0 -> 48.0Wang Mingyu2023-10-231-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* nftables: upgrade 1.0.8 -> 1.0.9Yi Zhao2023-10-231-3/+2
| | | | | | | | | | Changelog: https://www.netfilter.org/projects/nftables/files/changes-nftables-1.0.9.txt Drop configure option --disable-python as it has been removed upstream. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* conntrack-tools: upgrade 1.4.7 -> 1.4.8Yi Zhao2023-10-231-2/+2
| | | | | | | | This release fixes several regressions in 1.4.7 with the -U/--update and -D/--delete commands. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libcoap: upgrade 4.3.3 -> 4.3.4Wang Mingyu2023-10-231-1/+1
| | | | | | | | | | | | | Changelog: =========== * Clean up use of tags. * Support for MacOS with Contiki-NG builds. * Support for Windows with OpenSSL 3.x builds. * Reported bugs fixed. * Documentation updated. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba.bb : Disable ad-dc by defaultFabien Thomas2023-10-191-1/+1
| | | | | | | | | | | | When this feature is enabled by default in packageconfig this implies a dependency to python3-dnspython which is in meta-python. Disable ac-dc PACKAGECONFIG by default to avoid adding a layer dependency only for this feature. Signed-off-by: Fabien Thomas <fabien.thomas@smile.fr> Reviewed-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libexosip2: add recipeCharles Perry2023-10-171-0/+15
| | | | | | | | libexosip2 extends the capabilities of the osip2 library. It can be a useful building block for an embedded device application. Signed-off-by: Charles Perry <charles.perry@savoirfairelinux.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libosip2: add recipeCharles Perry2023-10-171-0/+15
| | | | | | | | The GNU oSIP library is an implementation of SIP - rfc3261. It can be a useful building block for an embedded device application. Signed-off-by: Charles Perry <charles.perry@savoirfairelinux.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libldb: add ptestYi Zhao2023-10-123-50/+26
| | | | | | | | | | | | | | | | | | | | | * use external cmocka instead of bundled cmocka * add run-ptest script Ptest results: $ ptest-runner libldb START: ptest-runner 2023-10-12T11:49 BEGIN: /usr/lib/libldb/ptest PASS: test_ldb_dn PASS: test_ldb_qsort DURATION: 0 END: /usr/lib/libldb/ptest 2023-10-12T11:49 STOP: ptest-runner TOTAL: 1 FAIL: 0 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* libtevent: fix ptestYi Zhao2023-10-123-58/+24
| | | | | | | | | | | | | | * use external cmocka instead of bundled cmocka * add run-ptest script Ptest results: $ ./run-ptest PASS: replace_testsuite PASS: test_tevent_tag PASS: test_tevent_trace Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: use external cmocka instead of bundled cmockaYi Zhao2023-10-122-54/+2
| | | | | | | | Do not use bundled cmocka to get rid of bundled library libcmocka-samba4.so. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* samba: upgrade 4.18.6 -> 4.18.8Yi Zhao2023-10-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a security release in order to address the following defects: CVE-2023-3961: Unsanitized pipe names allow SMB clients to connect as root to existing unix domain sockets on the file system. https://www.samba.org/samba/security/CVE-2023-3961.html CVE-2023-4091: SMB client can truncate files to 0 bytes by opening files with OVERWRITE disposition when using the acl_xattr Samba VFS module with the smb.conf setting "acl_xattr:ignore system acls = yes" https://www.samba.org/samba/security/CVE-2023-4091.html CVE-2023-4154: An RODC and a user with the GET_CHANGES right can view all attributes, including secrets and passwords. Additionally, the access check fails open on error conditions. https://www.samba.org/samba/security/CVE-2023-4154.html CVE-2023-42669: Calls to the rpcecho server on the AD DC can request that the server block for a user-defined amount of time, denying service. https://www.samba.org/samba/security/CVE-2023-42669.html CVE-2023-42670: Samba can be made to start multiple incompatible RPC listeners, disrupting service on the AD DC. https://www.samba.org/samba/security/CVE-2023-42670.html Release Notes: https://www.samba.org/samba/history/samba-4.18.8.html Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* static-group: Match nogroup id to base-passwd from core.Khem Raj2023-10-111-2/+2
| | | | Signed-off-by: Khem Raj <raj.khem@gmail.com>
* Add static-passwd and static-group filesFabien Thomas2023-10-102-0/+33
| | | | | | | | | In order to pass reproducible tests, recipes that use the useradd class must have static ids configured. Signed-off-by: Fabien Thomas <fabien.thomas@smile.fr> Reviewed-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* open62541: add Backport status and link to patchJohannes Kauffmann2023-10-071-1/+1
| | | | | Signed-off-by: Johannes Kauffmann <johanneskauffmann@hotmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* images: Rename <layer>-image to <layer>-image-allKhem Raj2023-10-061-0/+0
| | | | | | | | These are test images to build all recipes in layer. Renaming them makes them refect what they are. Moreover we can rename the ptest images to match OE-Core naming conventions for meta-oe/meta-perl/meta-python Signed-off-by: Khem Raj <raj.khem@gmail.com>
* images: Delete layer specific base imagesKhem Raj2023-10-061-7/+0
| | | | | | | | These were essentially duplicates of core-image-minimal, however core-image-base is a better baseline for upper layers, so switched the consumers of these images to use core-image-base Signed-off-by: Khem Raj <raj.khem@gmail.com>
* images: Inherit from core-image-baseKhem Raj2023-10-061-1/+1
| | | | | | | We really do not need to define base images which already exist in core layer, reuse them here. Signed-off-by: Khem Raj <raj.khem@gmail.com>
* recipes-connectivity: Add tayga recipePawel Langowski2023-10-044-0/+154
| | | | | | | Recipe for TAYGA - an out-of-kernel stateless NAT64 implementation for Linux Signed-off-by: Pawel Langowski <pawel.langowski@3mdeb.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* relayd: Fix build with clangKhem Raj2023-10-021-0/+2
| | | | | | GNU extention is now in use in 6.5 kernel headers sadly Signed-off-by: Khem Raj <raj.khem@gmail.com>
* relayd: Update to latest tip of trunkKhem Raj2023-10-022-38/+2
| | | | | | Drop the patch fixing an issue already addressed upstream Signed-off-by: Khem Raj <raj.khem@gmail.com>
* mosquitto, etcd-cpp-apiv3: add missing Upstream-StatusMartin Jansa2023-09-272-0/+4
| | | | | Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-05 16:51:34 +0000