From f6f0669c1f9066ef8530eb45646bca16e616b5f0 Mon Sep 17 00:00:00 2001
From: Gianfranco Costamagna <costamagna.gianfranco@gmail.com>
Date: Fri, 6 Oct 2023 23:05:05 +0200
Subject: mosquitto: upgrade 2.0.15 -> 2.0.17

Fix for CVE-2023-28366, CVE-2023-0809, CVE-2023-3592

Signed-off-by: Gianfranco Costamagna <costamagnagianfranco@yahoo.it>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
 .../mosquitto/files/mosquitto.init                 | 20 ++---
 .../mosquitto/mosquitto_2.0.15.bb                  | 90 ----------------------
 .../mosquitto/mosquitto_2.0.17.bb                  | 90 ++++++++++++++++++++++
 3 files changed, 100 insertions(+), 100 deletions(-)
 delete mode 100644 meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.15.bb
 create mode 100644 meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.17.bb

diff --git a/meta-networking/recipes-connectivity/mosquitto/files/mosquitto.init b/meta-networking/recipes-connectivity/mosquitto/files/mosquitto.init
index 9d5963c418..d0da219d6d 100644
--- a/meta-networking/recipes-connectivity/mosquitto/files/mosquitto.init
+++ b/meta-networking/recipes-connectivity/mosquitto/files/mosquitto.init
@@ -1,18 +1,18 @@
-#! /bin/sh
+#!/bin/sh
 
 # Based on the Debian initscript for mosquitto
 
 ### BEGIN INIT INFO
-# Provides:         mosquitto
-# Required-Start:   $remote_fs $syslog
-# Required-Stop:    $remote_fs $syslog
-# Default-Start:    2 3 4 5
-# Default-Stop:     0 1 6
-# Short-Description:    mosquitto MQTT message broker
-# Description: 
-#  This is a message broker that supports version 3.1/3.1.1 of the MQ Telemetry
+# Provides:       mosquitto
+# Required-Start: $remote_fs $syslog
+# Required-Stop:  $remote_fs $syslog
+# Default-Start:  2 3 4 5
+# Default-Stop:   0 1 6
+# Short-Description: mosquitto MQTT 3.1/3.1.1 message broker
+# Description:
+#  This is a message broker that supports version 3.1 of the MQ Telemetry
 #  Transport (MQTT) protocol.
-#  
+#
 #  MQTT provides a method of carrying out messaging using a publish/subscribe
 #  model. It is lightweight, both in terms of bandwidth usage and ease of
 #  implementation. This makes it particularly useful at the edge of the network
diff --git a/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.15.bb b/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.15.bb
deleted file mode 100644
index eea672a706..0000000000
--- a/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.15.bb
+++ /dev/null
@@ -1,90 +0,0 @@
-SUMMARY = "Open source MQTT implementation"
-DESCRIPTION = "Mosquitto is an open source (Eclipse licensed) message broker \
-that implements the MQ Telemetry Transport protocol version 3.1, 3.1.1 and \
-5, providing both an MQTT broker and several command-line clients. MQTT \
-provides a lightweight method of carrying out messaging using a \
-publish/subscribe model. "
-HOMEPAGE = "http://mosquitto.org/"
-SECTION = "console/network"
-LICENSE = "EPL-2.0 | EDL-1.0"
-LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=ca9a8f366c6babf593e374d0d7d58749 \
-                    file://edl-v10;md5=9f6accb1afcb570f8be65039e2fcd49e \
-                    file://epl-v20;md5=2dd765ca47a05140be15ebafddbeadfe \
-                    file://NOTICE.md;md5=a7a91b4754c6f7995020d1b49bc829c6 \
-"
-DEPENDS = "uthash cjson"
-
-SRC_URI = "http://mosquitto.org/files/source/mosquitto-${PV}.tar.gz \
-           file://mosquitto.init \
-           file://1571.patch \
-"
-
-SRC_URI[sha256sum] = "4735b1d32e3f91c7a8896741d88a3022e89730a1ee897946decfa0df27039ac6"
-
-inherit systemd update-rc.d useradd cmake pkgconfig
-
-PACKAGECONFIG ??= "ssl websockets \
-                  ${@bb.utils.filter('DISTRO_FEATURES','systemd', d)} \
-                  "
-
-PACKAGECONFIG[manpages] = "-DDOCUMENTATION=ON,-DDOCUMENTATION=OFF,libxslt-native docbook-xsl-stylesheets-native"
-PACKAGECONFIG[dns-srv] = "-DWITH_SRV=ON,-DWITH_SRV=OFF,c-ares"
-PACKAGECONFIG[ssl] = "-DWITH_TLS=ON -DWITH_TLS_PSK=ON -DWITH_EC=ON,-DWITH_TLS=OFF -DWITH_TLS_PSK=OFF -DWITH_EC=OFF,openssl"
-PACKAGECONFIG[systemd] = "-DWITH_SYSTEMD=ON,-DWITH_SYSTEMD=OFF,systemd"
-PACKAGECONFIG[websockets] = "-DWITH_WEBSOCKETS=ON,-DWITH_WEBSOCKETS=OFF,libwebsockets"
-PACKAGECONFIG[dlt] = "-DWITH_DLT=ON,-DWITH_DLT=OFF,dlt-daemon"
-
-EXTRA_OECMAKE = " \
-    -DWITH_BUNDLED_DEPS=OFF \
-    -DWITH_ADNS=ON \
-"
-
-do_install:append() {
-    install -d ${D}${systemd_unitdir}/system/
-    install -m 0644 ${S}/service/systemd/mosquitto.service.notify ${D}${systemd_unitdir}/system/mosquitto.service
-
-    install -d ${D}${sysconfdir}/init.d/
-    install -m 0755 ${WORKDIR}/mosquitto.init ${D}${sysconfdir}/init.d/mosquitto
-    sed -i -e 's,@SBINDIR@,${sbindir},g' \
-        -e 's,@BASE_SBINDIR@,${base_sbindir},g' \
-        -e 's,@LOCALSTATEDIR@,${localstatedir},g' \
-        -e 's,@SYSCONFDIR@,${sysconfdir},g' \
-        ${D}${sysconfdir}/init.d/mosquitto
-}
-
-PACKAGES += "libmosquitto1 libmosquittopp1 ${PN}-clients"
-
-PACKAGE_BEFORE_PN = "${PN}-examples"
-
-FILES:${PN} = "${sbindir}/mosquitto \
-               ${bindir}/mosquitto_passwd \
-               ${bindir}/mosquitto_ctrl \
-               ${libdir}/mosquitto_dynamic_security.so \
-               ${sysconfdir}/mosquitto \
-               ${sysconfdir}/init.d \
-               ${systemd_unitdir}/system/mosquitto.service \
-"
-
-CONFFILES:${PN} += "${sysconfdir}/mosquitto/mosquitto.conf"
-
-FILES:libmosquitto1 = "${libdir}/libmosquitto.so.*"
-
-FILES:libmosquittopp1 = "${libdir}/libmosquittopp.so.*"
-
-FILES:${PN}-clients = "${bindir}/mosquitto_pub \
-                       ${bindir}/mosquitto_sub \
-                       ${bindir}/mosquitto_rr \
-"
-
-FILES:${PN}-examples = "${sysconfdir}/mosquitto/*.example"
-
-SYSTEMD_SERVICE:${PN} = "mosquitto.service"
-
-INITSCRIPT_NAME = "mosquitto"
-INITSCRIPT_PARAMS = "defaults 30"
-
-USERADD_PACKAGES = "${PN}"
-USERADD_PARAM:${PN} = "--system --no-create-home --shell /bin/false \
-                       --user-group mosquitto"
-
-BBCLASSEXTEND += "native nativesdk"
diff --git a/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.17.bb b/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.17.bb
new file mode 100644
index 0000000000..690b6bc126
--- /dev/null
+++ b/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.17.bb
@@ -0,0 +1,90 @@
+SUMMARY = "Open source MQTT implementation"
+DESCRIPTION = "Mosquitto is an open source (Eclipse licensed) message broker \
+that implements the MQ Telemetry Transport protocol version 3.1, 3.1.1 and \
+5, providing both an MQTT broker and several command-line clients. MQTT \
+provides a lightweight method of carrying out messaging using a \
+publish/subscribe model. "
+HOMEPAGE = "http://mosquitto.org/"
+SECTION = "console/network"
+LICENSE = "EPL-2.0 | EDL-1.0"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=ca9a8f366c6babf593e374d0d7d58749 \
+                    file://edl-v10;md5=9f6accb1afcb570f8be65039e2fcd49e \
+                    file://epl-v20;md5=2dd765ca47a05140be15ebafddbeadfe \
+                    file://NOTICE.md;md5=a7a91b4754c6f7995020d1b49bc829c6 \
+"
+DEPENDS = "uthash cjson"
+
+SRC_URI = "http://mosquitto.org/files/source/mosquitto-${PV}.tar.gz \
+           file://mosquitto.init \
+           file://1571.patch \
+"
+
+SRC_URI[sha256sum] = "3be7a911236567c1a9fbe25baf3e3167004ba4a0c151a448ef1f7fc077dba52f"
+
+inherit systemd update-rc.d useradd cmake pkgconfig
+
+PACKAGECONFIG ??= "ssl websockets \
+                  ${@bb.utils.filter('DISTRO_FEATURES','systemd', d)} \
+                  "
+
+PACKAGECONFIG[manpages] = "-DDOCUMENTATION=ON,-DDOCUMENTATION=OFF,libxslt-native docbook-xsl-stylesheets-native"
+PACKAGECONFIG[dns-srv] = "-DWITH_SRV=ON,-DWITH_SRV=OFF,c-ares"
+PACKAGECONFIG[ssl] = "-DWITH_TLS=ON -DWITH_TLS_PSK=ON -DWITH_EC=ON,-DWITH_TLS=OFF -DWITH_TLS_PSK=OFF -DWITH_EC=OFF,openssl"
+PACKAGECONFIG[systemd] = "-DWITH_SYSTEMD=ON,-DWITH_SYSTEMD=OFF,systemd"
+PACKAGECONFIG[websockets] = "-DWITH_WEBSOCKETS=ON,-DWITH_WEBSOCKETS=OFF,libwebsockets"
+PACKAGECONFIG[dlt] = "-DWITH_DLT=ON,-DWITH_DLT=OFF,dlt-daemon"
+
+EXTRA_OECMAKE = " \
+    -DWITH_BUNDLED_DEPS=OFF \
+    -DWITH_ADNS=ON \
+"
+
+do_install:append() {
+    install -d ${D}${systemd_unitdir}/system/
+    install -m 0644 ${S}/service/systemd/mosquitto.service.notify ${D}${systemd_unitdir}/system/mosquitto.service
+
+    install -d ${D}${sysconfdir}/init.d/
+    install -m 0755 ${WORKDIR}/mosquitto.init ${D}${sysconfdir}/init.d/mosquitto
+    sed -i -e 's,@SBINDIR@,${sbindir},g' \
+        -e 's,@BASE_SBINDIR@,${base_sbindir},g' \
+        -e 's,@LOCALSTATEDIR@,${localstatedir},g' \
+        -e 's,@SYSCONFDIR@,${sysconfdir},g' \
+        ${D}${sysconfdir}/init.d/mosquitto
+}
+
+PACKAGES += "libmosquitto1 libmosquittopp1 ${PN}-clients"
+
+PACKAGE_BEFORE_PN = "${PN}-examples"
+
+FILES:${PN} = "${sbindir}/mosquitto \
+               ${bindir}/mosquitto_passwd \
+               ${bindir}/mosquitto_ctrl \
+               ${libdir}/mosquitto_dynamic_security.so \
+               ${sysconfdir}/mosquitto \
+               ${sysconfdir}/init.d \
+               ${systemd_unitdir}/system/mosquitto.service \
+"
+
+CONFFILES:${PN} += "${sysconfdir}/mosquitto/mosquitto.conf"
+
+FILES:libmosquitto1 = "${libdir}/libmosquitto.so.*"
+
+FILES:libmosquittopp1 = "${libdir}/libmosquittopp.so.*"
+
+FILES:${PN}-clients = "${bindir}/mosquitto_pub \
+                       ${bindir}/mosquitto_sub \
+                       ${bindir}/mosquitto_rr \
+"
+
+FILES:${PN}-examples = "${sysconfdir}/mosquitto/*.example"
+
+SYSTEMD_SERVICE:${PN} = "mosquitto.service"
+
+INITSCRIPT_NAME = "mosquitto"
+INITSCRIPT_PARAMS = "defaults 30"
+
+USERADD_PACKAGES = "${PN}"
+USERADD_PARAM:${PN} = "--system --no-create-home --shell /bin/false \
+                       --user-group mosquitto"
+
+BBCLASSEXTEND += "native nativesdk"
-- 
cgit v1.2.3-54-g00ecf