add layer meta-app-framework

meta-app-framework is a layer containing the AGL App Framework recipes 4 new layers are added for application framework: * meta-intel-iot-security/meta-security-smack * meta-intel-iot-security/meta-security-framework * meta-agl/meta-agl-security * meta-agl/meta-app-framework Configuration file changes to support AppFw: * activation of Smack and Cynara * modify the tar command to be used to support Smack extended attributes Change-Id: Idc8abdc8869787feb4b534ee45bf7b5d3dde3632 Signed-off-by: Stephane Desneux <stephane.desneux@iot.bzh>
author: Stephane Desneux <stephane.desneux@iot.bzh> 2016-06-23 16:00:59 +0000
committer: Stephane Desneux <stephane.desneux@iot.bzh> 2017-03-27 15:33:39 +0200
commit: 1ac5c704bb4b7fd72d9e382ccf23f4d186da0f86 (patch)
tree: f5df879594fb92d3c02c05ed240cbcfcc0e70c39 /meta-app-framework/recipes-support
parent: 5875cc45a671b1a3e7671ec84ec6ebb1ab17696a (diff)
8 files changed, 281 insertions, 0 deletions
diff --git a/meta-app-framework/recipes-support/libcap/libcap/removing-capability-enforcement.patch b/meta-app-framework/recipes-support/libcap/libcap/removing-capability-enforcement.patch
new file mode 100644
index 000000000..fd01c19e9
--- /dev/null
+++ b/meta-app-framework/recipes-support/libcap/libcap/removing-capability-enforcement.patch
@@ -0,0 +1,79 @@
+From c34b2725817d4fd1fd6878bbb16617cb9e3e3a70 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
+Date: Fri, 22 Jan 2016 16:23:59 +0100
+Subject: [PATCH] removing capability enforcement
+
+Change-Id: Idb724192ceab176a611bbed45c0ebc9c8eb5dd30
+---
+ progs/setcap.c | 43 -------------------------------------------
+ 1 file changed, 43 deletions(-)
+
+diff --git a/progs/setcap.c b/progs/setcap.c
+index 83090ae..01faa17 100644
+--- a/progs/setcap.c
++++ b/progs/setcap.c
+@@ -58,7 +58,6 @@ static int read_caps(int quiet, const char *filename, char *buffer)
+ 
+ int main(int argc, char **argv)
+ {
+-    int tried_to_cap_setfcap = 0;
+     char buffer[MAXCAP+1];
+     int retval, quiet=0, verify=0;
+     cap_t mycaps;
+@@ -150,53 +149,11 @@ int main(int argc, char **argv)
+ 		printf("%s: OK\n", *argv);
+ 	    }
+ 	} else {
+-	    if (!tried_to_cap_setfcap) {
+-		capflag = CAP_SETFCAP;
+-
+-		/*
+-		 * Raise the effective CAP_SETFCAP.
+-		 */
+-		if (cap_set_flag(mycaps, CAP_EFFECTIVE, 1, &capflag, CAP_SET)
+-		    != 0) {
+-		    perror("unable to manipulate CAP_SETFCAP - "
+-			   "try a newer libcap?");
+-		    exit(1);
+-		}
+-		if (cap_set_proc(mycaps) != 0) {
+-		    perror("unable to set CAP_SETFCAP effective capability");
+-		    exit(1);
+-		}
+-		tried_to_cap_setfcap = 1;
+-	    }
+ 	    retval = cap_set_file(*++argv, cap_d);
+ 	    if (retval != 0) {
+-		int explained = 0;
+-#ifdef linux
+-		cap_value_t cap;
+-		cap_flag_value_t per_state;
+-
+-		for (cap = 0;
+-		     cap_get_flag(cap_d, cap, CAP_PERMITTED, &per_state) != -1;
+-		     cap++) {
+-		    cap_flag_value_t inh_state, eff_state;
+-
+-		    cap_get_flag(cap_d, cap, CAP_INHERITABLE, &inh_state);
+-		    cap_get_flag(cap_d, cap, CAP_EFFECTIVE, &eff_state);
+-		    if ((inh_state | per_state) != eff_state) {
+-			fprintf(stderr, "NOTE: Under Linux, effective file capabilities must either be empty, or\n"
+-				"      exactly match the union of selected permitted and inheritable bits.\n");
+-			explained = 1;
+-			break;
+-		    }
+-		}
+-#endif /* def linux */
+-		
+ 		fprintf(stderr,
+ 			"Failed to set capabilities on file `%s' (%s)\n",
+ 			argv[0], strerror(errno));
+-		if (!explained) {
+-		    usage();
+-		}
+ 	    }
+ 	}
+ 	if (cap_d) {
+-- 
+2.1.4
+
diff --git a/meta-app-framework/recipes-support/libcap/libcap_%.bbappend b/meta-app-framework/recipes-support/libcap/libcap_%.bbappend
new file mode 100644
index 000000000..fbe893501
--- /dev/null
+++ b/meta-app-framework/recipes-support/libcap/libcap_%.bbappend
@@ -0,0 +1,5 @@
+FILESEXTRAPATHS_append_class-native := ":${THISDIR}/${PN}"
+SRC_URI_append_class-native = " file://removing-capability-enforcement.patch"
+PACKAGECONFIG_class-native ?= "attr"
+DEPENDS_append_class-native = " attr-native"
+
diff --git a/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd/allows-upgrade.patch b/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd/allows-upgrade.patch
new file mode 100644
index 000000000..b35d9705e
--- /dev/null
+++ b/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd/allows-upgrade.patch
@@ -0,0 +1,14 @@
+diff -Naur a/src/microhttpd/connection.c b/src/microhttpd/connection.c
+--- a/src/microhttpd/connection.c	2016-04-20 11:35:50.259534537 +0000
++++ b/src/microhttpd/connection.c	2016-04-20 11:29:46.291569583 +0000
+@@ -733,8 +733,7 @@
+   {
+     if (NULL == end)
+       return MHD_YES;
+-    if ( (MHD_str_equal_caseless_ (end, "close")) ||
+-         (MHD_str_equal_caseless_ (end, "upgrade")) )
++    if ( (MHD_str_equal_caseless_ (end, "close")) )
+       return MHD_NO;
+    return MHD_YES;
+   }
+
diff --git a/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.48.bb b/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.48.bb
new file mode 100644
index 000000000..892009e3e
--- /dev/null
+++ b/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.48.bb
@@ -0,0 +1,27 @@
+DESCRIPTION = "A small C library that is supposed to make it easy to run an HTTP server as part of another application"
+HOMEPAGE = "http://www.gnu.org/software/libmicrohttpd/"
+LICENSE = "LGPL-2.1+"
+LIC_FILES_CHKSUM = "file://COPYING;md5=9331186f4f80db7da0e724bdd6554ee5"
+SECTION = "net"
+DEPENDS = "libgcrypt gnutls file"
+
+SRC_URI = "http://ftp.gnu.org/gnu/libmicrohttpd/${BPN}-${PV}.tar.gz"
+SRC_URI[md5sum] = "9c298c890088a91fe0d7ac3fec9d0097"
+SRC_URI[sha256sum] = "87667e158f2bf8c691a002e256ffe30885d4121a9ee4143af0320c47cdf8a2a4"
+
+inherit autotools lib_package
+
+# disable spdy, because it depends on openssl
+EXTRA_OECONF += "--disable-static --with-gnutls=${STAGING_LIBDIR}/../"
+
+PACKAGECONFIG ?= "curl"
+PACKAGECONFIG_append_class-target = "\
+        ${@base_contains('DISTRO_FEATURES', 'largefile', 'largefile', '', d)} \
+"
+PACKAGECONFIG[largefile] = "--enable-largefile,--disable-largefile,,"
+PACKAGECONFIG[curl] = "--enable-curl,--disable-curl,curl,"
+
+do_compile_append() {
+	sed -i s:-L${STAGING_LIBDIR}::g libmicrohttpd.pc
+}
+
diff --git a/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.48.bbappend b/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.48.bbappend
new file mode 100644
index 000000000..c26b8119f
--- /dev/null
+++ b/meta-app-framework/recipes-support/libmicrohttpd/libmicrohttpd_0.9.48.bbappend
@@ -0,0 +1,5 @@
+
+FILESEXTRAPATHS_append := ":${THISDIR}/${PN}"
+SRC_URI += " file://allows-upgrade.patch"
+
+
diff --git a/meta-app-framework/recipes-support/libzip/libzip_1.1.1.bb b/meta-app-framework/recipes-support/libzip/libzip_1.1.1.bb
new file mode 100644
index 000000000..450971176
--- /dev/null
+++ b/meta-app-framework/recipes-support/libzip/libzip_1.1.1.bb
@@ -0,0 +1,32 @@
+inherit autotools
+
+SUMMARY = "Library providing support for handling zip files"
+DESCRIPTION = "\
+ This library is wrapping zlib and allows \
+ to easily create, browse, inflate of deflate \
+ the zip files. \
+ It also provides tools for zip comparing, merging or browsing.\
+"
+
+HOMEPAGE = "http://nih.at/libzip/index.html"
+LICENSE = "BSD"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=23ebf7ca347ed9703b4ef40824d0ef66"
+
+SRC_URI = "http://nih.at/libzip/libzip-1.1.1.tar.xz;md5sum=0c86a1a94fbc3ec6724801036726ae1f"
+
+#SRC_URI = "hg://hg.nih.at/libzip;module=libzip;protocol=http"
+#SRCREV = "5895e34af7f9"
+#S = "${HGDIR}"
+
+SECTION = "base"
+
+DEPENDS = "zlib"
+
+RDEPENDS_${PN} = "zlib"
+
+PROVIDES += "${PN}-tools"
+RDEPENDS_${PN}-tools = "${PN}"
+FILES_${PN}-tools = "${bindir}/zipcmp ${bindir}/zipmerge ${bindir}/ziptool"
+
+BBCLASSEXTEND = "native nativesdk"
+
diff --git a/meta-app-framework/recipes-support/xmlsec1/xmlsec1/Only-require-libxslt-in-.pc-files-when-necessary.patch b/meta-app-framework/recipes-support/xmlsec1/xmlsec1/Only-require-libxslt-in-.pc-files-when-necessary.patch
new file mode 100644
index 000000000..c92df77f0
--- /dev/null
+++ b/meta-app-framework/recipes-support/xmlsec1/xmlsec1/Only-require-libxslt-in-.pc-files-when-necessary.patch
@@ -0,0 +1,115 @@
+From 1e39acf581ef47876b058da41774cbc92560d797 Mon Sep 17 00:00:00 2001
+From: Manuel Bachmann <manuel.bachmann@iot.bzh>
+Date: Wed, 27 Jan 2016 14:16:40 +0100
+Subject: [PATCH] Only require libxslt in .pc files when necessary
+
+If we build xmlsec without libxslt ("--without-libxslt" at
+configure time), dependent packages will still require it
+because it is unconditionally mentioned in .pc files (used
+by pkg-config).
+
+We now make sure that this dependency is mentioned only if
+the configure script validates libxslt presence.
+
+Signed-off-by: Manuel Bachmann <manuel.bachmann@iot.bzh>
+---
+ configure.in         | 4 ++++
+ xmlsec-gcrypt.pc.in  | 2 +-
+ xmlsec-gnutls.pc.in  | 2 +-
+ xmlsec-nss.pc.in     | 2 +-
+ xmlsec-openssl.pc.in | 2 +-
+ xmlsec.pc.in         | 2 +-
+ 6 files changed, 9 insertions(+), 5 deletions(-)
+
+diff --git a/configure.in b/configure.in
+index 7d976d0..a8350a9 100644
+--- a/configure.in
++++ b/configure.in
+@@ -255,6 +255,7 @@ dnl ==========================================================================
+ dnl find libxslt
+ dnl ==========================================================================
+ XMLSEC_NO_LIBXSLT="1"
++LIBXSLT_COND="libxslt >="
+ LIBXSLT_MIN_VERSION=1.0.20
+ LIBXSLT_CONFIG="xslt-config"
+ LIBXSLT_CFLAGS=""
+@@ -324,6 +325,8 @@ fi
+ if test "z$LIBXSLT_FOUND" = "zyes" ; then
+     XMLSEC_NO_LIBXSLT="0"
+ else
++    LIBXSLT_COND=""
++    LIBXSLT_MIN_VERSION=""
+     XMLSEC_DEFINES="$XMLSEC_DEFINES -DXMLSEC_NO_XSLT=1"
+ fi
+ 
+@@ -332,6 +335,7 @@ AC_SUBST(LIBXSLT_CFLAGS)
+ AC_SUBST(LIBXSLT_LIBS)
+ AC_SUBST(LIBXSLT_CONFIG)
+ AC_SUBST(LIBXSLT_MIN_VERSION)
++AC_SUBST(LIBXSLT_COND)
+ 
+ dnl ==========================================================================
+ dnl See if we can find a crypto library
+diff --git a/xmlsec-gcrypt.pc.in b/xmlsec-gcrypt.pc.in
+index 1c00496..33bc2ff 100644
+--- a/xmlsec-gcrypt.pc.in
++++ b/xmlsec-gcrypt.pc.in
+@@ -6,6 +6,6 @@ includedir=@includedir@
+ Name: xmlsec1-gcrypt
+ Version: @VERSION@
+ Description: XML Security Library implements XML Signature and XML Encryption standards
+-Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@
++Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_COND@ @LIBXSLT_MIN_VERSION@
+ Cflags: -DXMLSEC_CRYPTO=\"gcrypt\" @XMLSEC_GCRYPT_CFLAGS@
+ Libs: @XMLSEC_GCRYPT_LIBS@
+diff --git a/xmlsec-gnutls.pc.in b/xmlsec-gnutls.pc.in
+index e538cd4..d01cf82 100644
+--- a/xmlsec-gnutls.pc.in
++++ b/xmlsec-gnutls.pc.in
+@@ -6,6 +6,6 @@ includedir=@includedir@
+ Name: xmlsec1-gnutls
+ Version: @VERSION@
+ Description: XML Security Library implements XML Signature and XML Encryption standards
+-Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@
++Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_COND@ @LIBXSLT_MIN_VERSION@
+ Cflags: -DXMLSEC_CRYPTO=\"gnutls\" @XMLSEC_GNUTLS_CFLAGS@
+ Libs: @XMLSEC_GNUTLS_LIBS@
+diff --git a/xmlsec-nss.pc.in b/xmlsec-nss.pc.in
+index a6d6c5c..75f0232 100644
+--- a/xmlsec-nss.pc.in
++++ b/xmlsec-nss.pc.in
+@@ -6,6 +6,6 @@ includedir=@includedir@
+ Name: xmlsec1-nss
+ Version: @VERSION@
+ Description: XML Security Library implements XML Signature and XML Encryption standards
+-Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@ @NSPR_PACKAGE@ >= @MOZILLA_MIN_VERSION@ @NSS_PACKAGE@ >= @MOZILLA_MIN_VERSION@
++Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_COND@ @LIBXSLT_MIN_VERSION@ @NSPR_PACKAGE@ >= @MOZILLA_MIN_VERSION@ @NSS_PACKAGE@ >= @MOZILLA_MIN_VERSION@
+ Cflags: -DXMLSEC_CRYPTO=\"nss\" -DXMLSEC_CRYPTO_NSS=1 @XMLSEC_CORE_CFLAGS@
+ Libs: -L${libdir} -lxmlsec1-nss @XMLSEC_CORE_LIBS@
+diff --git a/xmlsec-openssl.pc.in b/xmlsec-openssl.pc.in
+index 85ee2b0..e9d0651 100644
+--- a/xmlsec-openssl.pc.in
++++ b/xmlsec-openssl.pc.in
+@@ -6,6 +6,6 @@ includedir=@includedir@
+ Name: xmlsec1-openssl
+ Version: @VERSION@
+ Description: XML Security Library implements XML Signature and XML Encryption standards
+-Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@ 
++Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_COND@ @LIBXSLT_MIN_VERSION@
+ Cflags: -DXMLSEC_CRYPTO=\"openssl\" @XMLSEC_OPENSSL_CFLAGS@
+ Libs: @XMLSEC_OPENSSL_LIBS@
+diff --git a/xmlsec.pc.in b/xmlsec.pc.in
+index a750ab8..14ea670 100644
+--- a/xmlsec.pc.in
++++ b/xmlsec.pc.in
+@@ -6,6 +6,6 @@ includedir=@includedir@
+ Name: xmlsec1
+ Version: @VERSION@
+ Description: XML Security Library implements XML Signature and XML Encryption standards
+-Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ libxslt >= @LIBXSLT_MIN_VERSION@ 
++Requires: libxml-2.0 >= @LIBXML_MIN_VERSION@ @LIBXSLT_COND@ @LIBXSLT_MIN_VERSION@ 
+ Cflags: -DXMLSEC_CRYPTO=\"@XMLSEC_CRYPTO@\" -DXMLSEC_CRYPTO_DYNAMIC_LOADING=1 @XMLSEC_CORE_CFLAGS@
+ Libs: -L${libdir} @XMLSEC_CORE_LIBS@ 
+-- 
+2.6.2
+
diff --git a/meta-app-framework/recipes-support/xmlsec1/xmlsec1_1.%.bbappend b/meta-app-framework/recipes-support/xmlsec1/xmlsec1_1.%.bbappend
new file mode 100644
index 000000000..539a88f1e
--- /dev/null
+++ b/meta-app-framework/recipes-support/xmlsec1/xmlsec1_1.%.bbappend
@@ -0,0 +1,4 @@
+FILESEXTRAPATHS_append := ":${THISDIR}/${PN}"
+SRC_URI += "file://Only-require-libxslt-in-.pc-files-when-necessary.patch"
+
+DEPENDS += "libxml2"
author	Stephane Desneux <stephane.desneux@iot.bzh>	2016-06-23 16:00:59 +0000
committer	Stephane Desneux <stephane.desneux@iot.bzh>	2017-03-27 15:33:39 +0200
commit	1ac5c704bb4b7fd72d9e382ccf23f4d186da0f86 (patch)
tree	f5df879594fb92d3c02c05ed240cbcfcc0e70c39 /meta-app-framework/recipes-support
parent	5875cc45a671b1a3e7671ec84ec6ebb1ab17696a (diff)