diff options
Diffstat (limited to 'external/meta-openembedded/meta-networking/recipes-netkit')
8 files changed, 228 insertions, 52 deletions
diff --git a/external/meta-openembedded/meta-networking/recipes-netkit/netkit-ftp/netkit-ftp_0.17.bb b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-ftp/netkit-ftp_0.17.bb index 394a69e6..cf306ec8 100644 --- a/external/meta-openembedded/meta-networking/recipes-netkit/netkit-ftp/netkit-ftp_0.17.bb +++ b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-ftp/netkit-ftp_0.17.bb @@ -1,7 +1,7 @@ DESCRIPTION = "netkit-ft includes the ftp client." SECTION = "net" HOMEPAGE="ftp://ftp.uk.linux.org/pub/linux/Networking/netkit" -LICENSE = "BSD" +LICENSE = "BSD-4-Clause" LIC_FILES_CHKSUM = "file://ftp/ftp.c;beginline=2;endline=3;md5=2d40a75a50d83b8f6317b3f53db72bfa" @@ -18,6 +18,8 @@ SRC_URI[patch31.sha256sum] = "4edd46a32d70daa7ba00f0ebf0118dc5d17dff23d6e46aa21a inherit autotools-brokensep +CLEANBROKEN = "1" + do_configure () { ./configure --prefix=${prefix} echo "LDFLAGS=${LDFLAGS}" >> MCONFIG diff --git a/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh_0.17.bb b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh_0.17.bb index 6f203c5a..f6c05daa 100644 --- a/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh_0.17.bb +++ b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh_0.17.bb @@ -37,7 +37,7 @@ CFLAGS += " -D_GNU_SOURCE -Wno-deprecated-declarations" LDFLAGS += " -L${STAGING_LIBDIR} -lutil -lcrypt" PACKAGECONFIG ??= "" -PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" +PACKAGECONFIG_append = " ${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" PACKAGECONFIG[pam] = " , --without-pam, libpam, libpam" COMPATIBLE_HOST_libc-musl = 'null' @@ -103,6 +103,3 @@ RPROVIDES_${PN}-server = "rshd" RDEPENDS_${PN}-server = "xinetd" RDEPENDS_${PN}-server += "tcp-wrappers" - -# http://errors.yoctoproject.org/Errors/Details/186963/ -EXCLUDE_FROM_WORLD_libc-musl = "1" diff --git a/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rusers/netkit-rusers/0001-Link-with-libtirpc.patch b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rusers/netkit-rusers/0001-Link-with-libtirpc.patch index 55926468..3655a571 100644 --- a/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rusers/netkit-rusers/0001-Link-with-libtirpc.patch +++ b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rusers/netkit-rusers/0001-Link-with-libtirpc.patch @@ -13,21 +13,69 @@ Upstream-Status: Pending rup/rup.c | 2 +- 4 files changed, 4 insertions(+), 13 deletions(-) -diff --git a/configure b/configure -index 85f6ca6..2d2d4b7 100755 --- a/configure +++ b/configure -@@ -147,7 +147,7 @@ else +@@ -92,7 +92,6 @@ else + echo -n 'Checking if C compiler works... ' + if ( + $CC __conftest.c -o __conftest || exit 1 +- ./__conftest || exit 1 + ) >/dev/null 2>&1; then + echo 'yes' + else +@@ -146,8 +145,7 @@ else + fi - LDFLAGS= +-LDFLAGS= -LIBS= -+LIBS="-ltirpc" ++LIBS="$LIBS -ltirpc" rm -f __conftest* -diff --git a/rpc.rusersd/rusers_proc.c b/rpc.rusersd/rusers_proc.c -index 9ae6306..f9e237c 100644 +@@ -172,13 +170,11 @@ int main() { + EOF + if ( + $CC $CFLAGS __conftest.c -o __conftest || exit 1 +- ./__conftest || exit 1 + ) >/dev/null 2>&1; then + echo 'yes' + else + if ( + $CC $CFLAGS -D__USE_BSD_SIGNAL __conftest.c -o __conftest || exit 1 +- ./__conftest || exit 1 + ) >/dev/null 2>&1; then + echo '-D__USE_BSD_SIGNAL' + CFLAGS="$CFLAGS -D__USE_BSD_SIGNAL" +@@ -231,7 +227,6 @@ if ( + else + if ( + $CC $CFLAGS -D_GNU_SOURCE __conftest.c -o __conftest || exit 1 +- ./__conftest || exit 1 + ) >/dev/null 2>&1; then + echo '-D_GNU_SOURCE' + CFLAGS="$CFLAGS -D_GNU_SOURCE" +@@ -262,20 +257,17 @@ int main() { + EOF + if ( + $CC $CFLAGS __conftest.c $LIBBSD -o __conftest || exit 1 +- ./__conftest || exit 1 + ) >/dev/null 2>&1; then + echo 'ok' + else + if ( + $CC $CFLAGS __conftest.c -lsnprintf $LIBBSD -o __conftest || exit 1 +- ./__conftest || exit 1 + ) >/dev/null 2>&1; then + echo '-lsnprintf' + LIBS="$LIBS -lsnprintf" + else + if ( + $CC $CFLAGS __conftest.c -ldb $LIBBSD -o __conftest || exit 1 +- ./__conftest || exit 1 + ) >/dev/null 2>&1; then + echo '-ldb' + LIBS="$LIBS -ldb" --- a/rpc.rusersd/rusers_proc.c +++ b/rpc.rusersd/rusers_proc.c @@ -57,12 +57,7 @@ char rp_rcsid[] = @@ -44,8 +92,6 @@ index 9ae6306..f9e237c 100644 void rusers_service(struct svc_req *rqstp, SVCXPRT *transp); -diff --git a/rpc.rusersd/rusersd.c b/rpc.rusersd/rusersd.c -index 762be9b..dd355ac 100644 --- a/rpc.rusersd/rusersd.c +++ b/rpc.rusersd/rusersd.c @@ -38,11 +38,7 @@ char rusersd_rcsid[] = @@ -61,11 +107,9 @@ index 762be9b..dd355ac 100644 #include "../version.h" -diff --git a/rup/rup.c b/rup/rup.c -index e5669ff..887f89d 100644 --- a/rup/rup.c +++ b/rup/rup.c -@@ -48,7 +48,7 @@ char rcsid[] = "$Id: rup.c,v 1.8 2000/07/22 19:51:40 dholland Exp $"; +@@ -48,7 +48,7 @@ char rcsid[] = "$Id: rup.c,v 1.8 2000/07 #undef FSHIFT /* Use protocol's shift and scale values */ #undef FSCALE @@ -74,6 +118,3 @@ index e5669ff..887f89d 100644 #include "../version.h" --- -2.17.0 - diff --git a/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rusers/netkit-rusers_0.17.bb b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rusers/netkit-rusers_0.17.bb index 9b8af27f..c39faef8 100644 --- a/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rusers/netkit-rusers_0.17.bb +++ b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rusers/netkit-rusers_0.17.bb @@ -2,9 +2,9 @@ DESCRIPTION = "netkit-rusers includes rusers - Displays who is logged in to mach rusersd - Logged in users server" HOMEPAGE = "ftp://ftp.uk.linux.org/pub/linux/Networking/netkit" SECTION = "net" -LICENSE = "BSD" +LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://rusers/rusers.c;beginline=2;endline=3;md5=f4fc634a4ce8c569911196b72b10770e" -DEPENDS = " tcp-wrappers libtirpc rpcbind" +DEPENDS = " tcp-wrappers libtirpc rpcbind rpcsvc-proto rpcsvc-proto-native" SRC_URI = "http://http.debian.net/debian/pool/main/n/${BPN}/${BPN}_${PV}.orig.tar.gz;name=archive \ http://http.debian.net/debian/pool/main/n/${BPN}/${BPN}_${PV}-8.diff.gz;name=patch8 \ @@ -17,16 +17,12 @@ SRC_URI[archive.sha256sum] = "f00138651865ad2dcfec5dedda0cda403cb80c4ab68efcc3bb SRC_URI[patch8.md5sum] = "1ff498113e0f920d92088092e5570bdc" SRC_URI[patch8.sha256sum] = "14882dbdda4e37baa84d55b54b46c7e063a20fc9e04d1be1a2807643cd0f3067" -inherit autotools-brokensep - CFLAGS += "-I${STAGING_INCDIR}/tirpc" -LIBS += "-ltirpc" + +EXTRA_OEMAKE = "RUSERSX=${STAGING_INCDIR}/rpcsvc/rusers.x" do_configure () { - ./configure --prefix=${prefix} - echo "LDFLAGS=${LDFLAGS}" >> MCONFIG - echo "USE_GLIBC=1" >> MCONFIG - echo "LIBS=${LIBS}" >> MCONFIG + ./configure --prefix=${prefix} --installroot=${D} --with-c-compiler="${CC}" } do_install () { @@ -62,9 +58,6 @@ EOF install rusersd.conf ${D}/${sysconfdir}/xinetd.d/rusersd } - -INSANE_SKIP_${PN} = "already-stripped" - PACKAGES = "${PN}-client ${PN}-server ${PN}-doc ${BPN}-dbg" FILES_${PN}-client = "${bindir}/*" FILES_${PN}-server = "${sbindir}/* ${sysconfdir}" @@ -72,7 +65,8 @@ FILES_${PN}-doc = "${mandir}" FILES_${PN}-dbg = "${prefix}/src/debug \ ${bindir}/.debug ${sbindir}/.debug" -RDEPENDS_${PN}-server = "tcp-wrappers xinetd rpcbind" +RDEPENDS_${PN}-server += "tcp-wrappers xinetd rpcbind" # http://errors.yoctoproject.org/Errors/Details/186962/ -EXCLUDE_FROM_WORLD_libc-musl = "1" +COMPATIBLE_HOST_libc-musl = 'null' +PNBLACKLIST[netkit-rusers] = "Fails to build rup.c:51:10: fatal error: rstat.h: No such file or directory" diff --git a/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rwho/netkit-rwho/0002-Fix-build-issues-found-with-musl.patch b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rwho/netkit-rwho/0002-Fix-build-issues-found-with-musl.patch index 717b4d73..349a1351 100644 --- a/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rwho/netkit-rwho/0002-Fix-build-issues-found-with-musl.patch +++ b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rwho/netkit-rwho/0002-Fix-build-issues-found-with-musl.patch @@ -12,8 +12,6 @@ Upstream-Status: Pending rwhod/rwhod.c | 5 +++-- 3 files changed, 5 insertions(+), 2 deletions(-) -diff --git a/ruptime/ruptime.c b/ruptime/ruptime.c -index 1d4f7b6..f1f043c 100644 --- a/ruptime/ruptime.c +++ b/ruptime/ruptime.c @@ -53,6 +53,7 @@ char ruptime_rcsid[] = @@ -24,11 +22,9 @@ index 1d4f7b6..f1f043c 100644 struct hs { char hs_hostname[MAXHOSTNAMELEN]; -diff --git a/rwho/rwho.c b/rwho/rwho.c -index 63919ac..71aec9e 100644 --- a/rwho/rwho.c +++ b/rwho/rwho.c -@@ -49,6 +49,7 @@ char rcsid[] = "$Id: rwho.c,v 1.7 1999/08/01 20:44:18 dholland Exp $"; +@@ -49,6 +49,7 @@ char rcsid[] = "$Id: rwho.c,v 1.7 1999/0 #include <assert.h> #include <stdio.h> #include <time.h> @@ -36,8 +32,6 @@ index 63919ac..71aec9e 100644 #include <protocols/rwhod.h> #include "../version.h" -diff --git a/rwhod/rwhod.c b/rwhod/rwhod.c -index 54498d0..40cabcf 100644 --- a/rwhod/rwhod.c +++ b/rwhod/rwhod.c @@ -76,6 +76,7 @@ char rcsid[] = @@ -66,6 +60,13 @@ index 54498d0..40cabcf 100644 /* * Taken from: * --- -2.14.1 - +--- a/include/protocols/rwhod.h ++++ b/include/protocols/rwhod.h +@@ -37,6 +37,7 @@ + #ifndef _RWHOD_H_ + #define _RWHOD_H_ + ++#include <stdint.h> + /* + * rwho protocol packet format. + */ diff --git a/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rwho/netkit-rwho_0.17.bb b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rwho/netkit-rwho_0.17.bb index 5685f03d..ad543b0f 100644 --- a/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rwho/netkit-rwho_0.17.bb +++ b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-rwho/netkit-rwho_0.17.bb @@ -1,11 +1,11 @@ DESCRIPTION = "netkit-rwho includes, ruptime rwho and rwhod (Daemon to maintain data for rwho/ruptime)" HOMEPAGE = "ftp://ftp.uk.linux.org/pub/linux/Networking/netkit" SECTION = "net" -LICENSE = "BSD" +LICENSE = "BSD-4-Clause" LIC_FILES_CHKSUM = "file://rwho/rwho.c;beginline=2;endline=3;md5=5a85f13c0142d72fc378e00f15da5b9e" SRC_URI = "${DEBIAN_MIRROR}/main/n/netkit-rwho/netkit-rwho_${PV}.orig.tar.gz;name=archive \ - ${DEBIAN_MIRROR}/main/n/netkit-rwho/netkit-rwho_${PV}-13.debian.tar.gz;name=patch13 \ + ${DEBIAN_MIRROR}/main/n/netkit-rwho/netkit-rwho_${PV}-13.debian.tar.gz;subdir=${BP};name=patch13 \ file://rwhod \ file://rwhod.default \ file://0001-Add-missing-include-path-to-I-options.patch \ @@ -20,13 +20,37 @@ inherit autotools-brokensep useradd update-rc.d update-alternatives CFLAGS += " -D_GNU_SOURCE" -debian_do_patch() { - cd ${S} - while read line; do patch -p1 < ${WORKDIR}/debian/patches/$line; done < ${WORKDIR}/debian/patches/series +# Unlike other Debian packages, net-tools *.diff.gz contains another series of +# patches maintained by quilt. So manually apply them before applying other local +# patches. Also remove all temp files before leaving, because do_patch() will pop +# up all previously applied patches in the start +do_patch[depends] += "quilt-native:do_populate_sysroot" +netkit_do_patch() { + cd ${S} + # it's important that we only pop the existing patches when they've + # been applied, otherwise quilt will climb the directory tree + # and reverse out some completely different set of patches + if [ -d ${S}/patches ]; then + # whilst this is the default directory, doing it like this + # defeats the directory climbing that quilt will otherwise + # do; note the directory must exist to defeat this, hence + # the test inside which we operate + QUILT_PATCHES=${S}/patches quilt pop -a + fi + if [ -d ${S}/.pc-${BPN} ]; then + rm -rf ${S}/.pc + mv ${S}/.pc-${BPN} ${S}/.pc + QUILT_PATCHES=${S}/debian/patches quilt pop -a + rm -rf ${S}/.pc ${S}/debian + fi + QUILT_PATCHES=${S}/debian/patches quilt push -a + mv ${S}/.pc ${S}/.pc-${BPN} } +do_unpack[cleandirs] += "${S}" + python do_patch() { - bb.build.exec_func('debian_do_patch', d) + bb.build.exec_func('netkit_do_patch', d) bb.build.exec_func('patch_do_patch', d) } diff --git a/external/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/files/CVE-2020-10188.patch b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/files/CVE-2020-10188.patch new file mode 100644 index 00000000..d21c6027 --- /dev/null +++ b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/files/CVE-2020-10188.patch @@ -0,0 +1,112 @@ +From 6ab007dbb1958371abff2eaaad2b26da89b3c74e Mon Sep 17 00:00:00 2001 +From: Yi Zhao <yi.zhao@windriver.com> +Date: Fri, 24 Apr 2020 09:43:44 +0800 +Subject: [PATCH] telnetd/utility.c: fix CVE-2020-10188 + +Upstream-Status: Backport +[Fedora: https://src.fedoraproject.org/rpms/telnet/raw/master/f/telnet-0.17-overflow-exploit.patch] + +CVE: CVE-2020-10188 + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + telnetd/utility.c | 32 +++++++++++++++++++++----------- + 1 file changed, 21 insertions(+), 11 deletions(-) + +diff --git a/telnetd/utility.c b/telnetd/utility.c +index 75314cb..b9a46a6 100644 +--- a/telnetd/utility.c ++++ b/telnetd/utility.c +@@ -169,31 +169,38 @@ void ptyflush(void) + */ + static + char * +-nextitem(char *current) ++nextitem(char *current, const char *endp) + { ++ if (current >= endp) { ++ return NULL; ++ } + if ((*current&0xff) != IAC) { + return current+1; + } ++ if (current+1 >= endp) { ++ return NULL; ++ } + switch (*(current+1)&0xff) { + case DO: + case DONT: + case WILL: + case WONT: +- return current+3; ++ return current+3 <= endp ? current+3 : NULL; + case SB: /* loop forever looking for the SE */ + { + register char *look = current+2; + +- for (;;) { ++ while (look < endp) { + if ((*look++&0xff) == IAC) { +- if ((*look++&0xff) == SE) { ++ if (look < endp && (*look++&0xff) == SE) { + return look; + } + } + } ++ return NULL; + } + default: +- return current+2; ++ return current+2 <= endp ? current+2 : NULL; + } + } /* end of nextitem */ + +@@ -219,7 +226,7 @@ void netclear(void) + register char *thisitem, *next; + char *good; + #define wewant(p) ((nfrontp > p) && ((*p&0xff) == IAC) && \ +- ((*(p+1)&0xff) != EC) && ((*(p+1)&0xff) != EL)) ++ (nfrontp > p+1 && (((*(p+1)&0xff) != EC) && ((*(p+1)&0xff) != EL)))) + + #if defined(ENCRYPT) + thisitem = nclearto > netobuf ? nclearto : netobuf; +@@ -227,7 +234,7 @@ void netclear(void) + thisitem = netobuf; + #endif + +- while ((next = nextitem(thisitem)) <= nbackp) { ++ while ((next = nextitem(thisitem, nbackp)) != NULL && next <= nbackp) { + thisitem = next; + } + +@@ -239,20 +246,23 @@ void netclear(void) + good = netobuf; /* where the good bytes go */ + #endif + +- while (nfrontp > thisitem) { ++ while (thisitem != NULL && nfrontp > thisitem) { + if (wewant(thisitem)) { + int length; + + next = thisitem; + do { +- next = nextitem(next); +- } while (wewant(next) && (nfrontp > next)); ++ next = nextitem(next, nfrontp); ++ } while (next != NULL && wewant(next) && (nfrontp > next)); ++ if (next == NULL) { ++ next = nfrontp; ++ } + length = next-thisitem; + bcopy(thisitem, good, length); + good += length; + thisitem = next; + } else { +- thisitem = nextitem(thisitem); ++ thisitem = nextitem(thisitem, nfrontp); + } + } + +-- +2.7.4 + diff --git a/external/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/netkit-telnet_0.17.bb b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/netkit-telnet_0.17.bb index db4b1c98..0e92add6 100644 --- a/external/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/netkit-telnet_0.17.bb +++ b/external/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/netkit-telnet_0.17.bb @@ -2,7 +2,7 @@ DESCRIPTION = "netkit-telnet includes the telnet daemon and client." HOMEPAGE = "http://www.hcs.harvard.edu/~dholland/computers/netkit.html" SECTION = "net" DEPENDS = "ncurses" -LICENSE = "BSD" +LICENSE = "BSD-4-Clause" LIC_FILES_CHKSUM = "file://telnet/telnet.cc;beginline=2;endline=3;md5=780868e7b566313e70cb701560ca95ef" SRC_URI = "http://ftp.linux.org.uk/pub/linux/Networking/netkit/${BP}.tar.gz \ @@ -12,6 +12,7 @@ SRC_URI = "http://ftp.linux.org.uk/pub/linux/Networking/netkit/${BP}.tar.gz \ file://cross-compile.patch \ file://0001-telnet-telnetd-Fix-print-format-strings.patch \ file://0001-telnet-telnetd-Fix-deadlock-on-cleanup.patch \ + file://CVE-2020-10188.patch \ " UPSTREAM_CHECK_URI = "${DEBIAN_MIRROR}/main/n/netkit-telnet/" @@ -57,9 +58,13 @@ ALTERNATIVE_${PN} = "telnet" ALTERNATIVE_LINK_NAME[telnet] = "${bindir}/telnet" ALTERNATIVE_TARGET[telnet] = "${bindir}/telnet.${PN}" +ALTERNATIVE_${PN}-doc = "telnetd.8" +ALTERNATIVE_LINK_NAME[telnetd.8] = "${mandir}/man8/telnetd.8" + SRC_URI[md5sum] = "d6beabaaf53fe6e382c42ce3faa05a36" SRC_URI[sha256sum] = "9c80d5c7838361a328fb6b60016d503def9ce53ad3c589f3b08ff71a2bb88e00" FILES_${PN} += "${sbindir}/in.* ${libdir}/* ${sysconfdir}/xinetd.d/*" # http://errors.yoctoproject.org/Errors/Details/186954/ -EXCLUDE_FROM_WORLD_libc-musl = "1" +COMPATIBLE_HOST_libc-musl = 'null' +RCONFLICTS_${PN} = "inetutils-telnetd" |