diff options
Diffstat (limited to 'external/poky/meta/recipes-extended/iputils')
8 files changed, 254 insertions, 145 deletions
diff --git a/external/poky/meta/recipes-extended/iputils/iputils/0001-iputils-Initialize-libgcrypt.patch b/external/poky/meta/recipes-extended/iputils/iputils/0001-iputils-Initialize-libgcrypt.patch new file mode 100644 index 00000000..b56804ce --- /dev/null +++ b/external/poky/meta/recipes-extended/iputils/iputils/0001-iputils-Initialize-libgcrypt.patch @@ -0,0 +1,55 @@ +From 8576e0c218634e6f7ed1b6ff02fa164fb0c75f86 Mon Sep 17 00:00:00 2001 +From: Mingli Yu <mingli.yu@windriver.com> +Date: Wed, 29 Apr 2020 03:50:32 +0000 +Subject: [PATCH] iputils_md5dig.h: Initialize libgcrypt + +Initialize libgcrypt on first use otherwise +there comes below warning when check the status +of the ninfod.service. + # systemctl status ninfod.service + * ninfod.service - Respond to IPv6 Node Information Queries + Loaded: loaded (/lib/systemd/system/ninfod.service; enabled; vendor preset: enabled) + Active: active (running) since Wed 2020-04-29 05:18:21 UTC; 36s ago + Docs: man:ninfod(8) + Main PID: 347 (ninfod) + Tasks: 1 (limit: 9382) + Memory: 1.2M + CGroup: /system.slice/ninfod.service + `-347 /sbin/ninfod -d + + Apr 29 05:18:21 intel-x86-64 systemd[1]: Started Respond to IPv6 Node Information Queries. + Apr 29 05:18:24 intel-x86-64 ninfod[347]: Libgcrypt warning: missing initialization - please fix the application + +Upstream-Status: Inappropriate [the upstream avoids linking to crypto libraries in + commit 214ed83 common: copy md5 implementation to iputils project] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + iputils_md5dig.h | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/iputils_md5dig.h b/iputils_md5dig.h +index bfa7f02..3cc3fbf 100644 +--- a/iputils_md5dig.h ++++ b/iputils_md5dig.h +@@ -24,8 +24,17 @@ typedef struct { + gcry_md_hd_t dig; + } iputils_md5dig_ctx; + ++void maybeInit() ++{ ++ if (!gcry_control(GCRYCTL_INITIALIZATION_FINISHED_P)) ++ { ++ gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); ++ } ++} ++ + static void iputils_md5dig_init(iputils_md5dig_ctx *ctx) + { ++ maybeInit(); + if (gcry_md_open(&ctx->dig, GCRY_MD_MD5, 0) != GPG_ERR_NO_ERROR) + abort(); + return; +-- +2.24.1 + diff --git a/external/poky/meta/recipes-extended/iputils/iputils/0001-ninfod-change-variable-name-to-avoid-colliding-with-.patch b/external/poky/meta/recipes-extended/iputils/iputils/0001-ninfod-change-variable-name-to-avoid-colliding-with-.patch new file mode 100644 index 00000000..e106a0cf --- /dev/null +++ b/external/poky/meta/recipes-extended/iputils/iputils/0001-ninfod-change-variable-name-to-avoid-colliding-with-.patch @@ -0,0 +1,51 @@ +From ab1aa2eb0097a7ef05ffccac058b06812deb2695 Mon Sep 17 00:00:00 2001 +From: Sami Kerola <kerolasa@iki.fi> +Date: Sat, 28 Dec 2019 17:16:27 +0000 +Subject: [PATCH] ninfod: change variable name to avoid colliding with function + name + +The sys/capability.h header has 'extern int cap_setuid(uid_t uid);' +function prototype. + +Addresses: https://github.com/iputils/iputils/issues/246 + +Upstream-Status: Backport [https://github.com/iputils/iputils/commit/18f9a84e0e702841d6cc4d5f593de4fbd1348e83] +Signed-off-by: Sami Kerola <kerolasa@iki.fi> +Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> +--- + ninfod/ninfod.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/ninfod/ninfod.c b/ninfod/ninfod.c +index badbf80..28f03af 100644 +--- a/ninfod/ninfod.c ++++ b/ninfod/ninfod.c +@@ -454,7 +454,7 @@ static void do_daemonize(void) + /* --------- */ + #ifdef HAVE_LIBCAP + static const cap_value_t cap_net_raw = CAP_NET_RAW; +-static const cap_value_t cap_setuid = CAP_SETUID; ++static const cap_value_t cap_setuserid = CAP_SETUID; + static cap_flag_value_t cap_ok; + #else + static uid_t euid; +@@ -486,7 +486,7 @@ static void limit_capabilities(void) + + cap_get_flag(cap_cur_p, CAP_SETUID, CAP_PERMITTED, &cap_ok); + if (cap_ok != CAP_CLEAR) +- cap_set_flag(cap_p, CAP_PERMITTED, 1, &cap_setuid, CAP_SET); ++ cap_set_flag(cap_p, CAP_PERMITTED, 1, &cap_setuserid, CAP_SET); + + if (cap_set_proc(cap_p) < 0) { + DEBUG(LOG_ERR, "cap_set_proc: %s\n", strerror(errno)); +@@ -519,8 +519,8 @@ static void drop_capabilities(void) + + /* setuid / setuid */ + if (cap_ok != CAP_CLEAR) { +- cap_set_flag(cap_p, CAP_PERMITTED, 1, &cap_setuid, CAP_SET); +- cap_set_flag(cap_p, CAP_EFFECTIVE, 1, &cap_setuid, CAP_SET); ++ cap_set_flag(cap_p, CAP_PERMITTED, 1, &cap_setuserid, CAP_SET); ++ cap_set_flag(cap_p, CAP_EFFECTIVE, 1, &cap_setuserid, CAP_SET); + + if (cap_set_proc(cap_p) < 0) { + DEBUG(LOG_ERR, "cap_set_proc: %s\n", strerror(errno)); diff --git a/external/poky/meta/recipes-extended/iputils/iputils/0001-ninfod-fix-systemd-Documentation-url-error.patch b/external/poky/meta/recipes-extended/iputils/iputils/0001-ninfod-fix-systemd-Documentation-url-error.patch new file mode 100644 index 00000000..03a3f560 --- /dev/null +++ b/external/poky/meta/recipes-extended/iputils/iputils/0001-ninfod-fix-systemd-Documentation-url-error.patch @@ -0,0 +1,28 @@ +From c1f1527eb30d4a5feebf9a0757582bbf7fe3eae9 Mon Sep 17 00:00:00 2001 +From: Andrea Stevanato <andrea.stevanato.95@hotmail.it> +Date: Tue, 5 Nov 2019 19:08:30 +0000 +Subject: [PATCH] ninfod: fix systemd Documentation url error + +systemd[1]: /usr/lib/systemd/system/ninfod.service:3: Invalid URL, ignoring: ninfod(8) + +Upstream-Status: Backport [https://github.com/iputils/iputils/commit/c1f1527eb30d4a5feebf9a0757582bbf7fe3eae9] +Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> +--- + systemd/ninfod.service.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/systemd/ninfod.service.in b/systemd/ninfod.service.in +index 5ab69ca00e96..8e79fcd9238e 100644 +--- a/systemd/ninfod.service.in ++++ b/systemd/ninfod.service.in +@@ -1,6 +1,6 @@ + [Unit] + Description=Respond to IPv6 Node Information Queries +-Documentation=ninfod(8) ++Documentation=man:ninfod(8) + Requires=network.target + After=network.target + +-- +2.17.1 + diff --git a/external/poky/meta/recipes-extended/iputils/iputils/0001-rarpd-rdisc-Drop-PrivateUsers.patch b/external/poky/meta/recipes-extended/iputils/iputils/0001-rarpd-rdisc-Drop-PrivateUsers.patch new file mode 100644 index 00000000..d7367caf --- /dev/null +++ b/external/poky/meta/recipes-extended/iputils/iputils/0001-rarpd-rdisc-Drop-PrivateUsers.patch @@ -0,0 +1,46 @@ +From 6e51d529988cfc0bb357751fd767e9f1478e2b81 Mon Sep 17 00:00:00 2001 +From: Alex Kiernan <alex.kiernan@gmail.com> +Date: Thu, 13 Feb 2020 06:08:45 +0000 +Subject: [PATCH] rarpd: rdisc: Drop PrivateUsers + +Neither rarpd nor rdisc can gain the necessary capabilities with +PrivateUsers enabled. + +Upstream-Status: Pending +Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> +--- + systemd/rarpd.service.in | 1 - + systemd/rdisc.service.in | 3 ++- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/systemd/rarpd.service.in b/systemd/rarpd.service.in +index e600c10c93e6..f5d7621a7ce8 100644 +--- a/systemd/rarpd.service.in ++++ b/systemd/rarpd.service.in +@@ -12,7 +12,6 @@ AmbientCapabilities=CAP_NET_RAW + DynamicUser=yes + PrivateTmp=yes + PrivateDevices=yes +-PrivateUsers=yes + ProtectSystem=strict + ProtectHome=yes + ProtectControlGroups=yes +diff --git a/systemd/rdisc.service.in b/systemd/rdisc.service.in +index 4e2a1ec9d0e5..a71b87d36b37 100644 +--- a/systemd/rdisc.service.in ++++ b/systemd/rdisc.service.in +@@ -8,9 +8,10 @@ After=network.target + EnvironmentFile=-/etc/sysconfig/rdisc + ExecStart=@sbindir@/rdisc -f -t $OPTIONS $SEND_ADDRESS $RECEIVE_ADDRESS + ++CapabilityBoundingSet=CAP_NET_RAW + AmbientCapabilities=CAP_NET_RAW + PrivateTmp=yes +-PrivateUsers=yes ++DynamicUser=yes + ProtectSystem=strict + ProtectHome=yes + ProtectControlGroups=yes +-- +2.17.1 + diff --git a/external/poky/meta/recipes-extended/iputils/iputils/ai_canonidn.patch b/external/poky/meta/recipes-extended/iputils/iputils/ai_canonidn.patch deleted file mode 100644 index cd91267b..00000000 --- a/external/poky/meta/recipes-extended/iputils/iputils/ai_canonidn.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 714e2b458c151c5bdfe93647445cd00dd8e36fff Mon Sep 17 00:00:00 2001 -From: Petr Vorel <petr.vorel@gmail.com> -Date: Sat, 21 Jul 2018 17:46:14 +0200 -Subject: [PATCH] ping: Fix AI_CANONIDN usage on some systems - -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@intel.com> - -Commit 99f67db used AI_CANONIDN in a way, which broke compilation on -systems where AI_CANONIDN is not defined in netdb.h (e.g. glibc < 2.3.4, -alternative libcs that don't support IDN: e.g. current musl 1.1.19 and -uClibc-ng 1.0.30) when not using the system libidn2. - -Fixes: 99f67db ping: Fix ping name encoded using ACE on C locale - -Reported-by: Nicholas Fish -Signed-off-by: Petr Vorel <petr.vorel@gmail.com> - ---- - ping.c | 2 +- - ping.h | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/ping.c b/ping.c -index 733477f..b241815 100644 ---- a/ping.c -+++ b/ping.c -@@ -207,9 +207,9 @@ main(int argc, char **argv) - - #ifdef USE_IDN - setlocale(LC_ALL, ""); --#endif - if (!strcmp(setlocale(LC_ALL, NULL), "C")) - hints.ai_flags &= ~ AI_CANONIDN; -+#endif - - /* Support being called using `ping4` or `ping6` symlinks */ - if (argv[0][strlen(argv[0])-1] == '4') -diff --git a/ping.h b/ping.h -index 3e09685..8a0c4ef 100644 ---- a/ping.h -+++ b/ping.h -@@ -28,7 +28,6 @@ - #include <netinet/icmp6.h> - #include <linux/filter.h> - #include <resolv.h> --#include <locale.h> - - #ifdef CAPABILITIES - #include <sys/prctl.h> -@@ -36,6 +35,7 @@ - #endif - - #ifdef USE_IDN -+#include <locale.h> - #include <idn2.h> - #define getaddrinfo_flags (AI_CANONNAME | AI_IDN | AI_CANONIDN) - #define getnameinfo_flags NI_IDN diff --git a/external/poky/meta/recipes-extended/iputils/iputils/install.patch b/external/poky/meta/recipes-extended/iputils/iputils/install.patch deleted file mode 100644 index abfefd7a..00000000 --- a/external/poky/meta/recipes-extended/iputils/iputils/install.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 5c8c3b04d73304679340f893636e87691992053b Mon Sep 17 00:00:00 2001 -From: Ross Burton <ross@burtonini.com> -Date: Mon, 23 Jul 2018 14:21:03 +0100 -Subject: [PATCH] Add install - -Add a simple install rule so that we always install the binaries that were built. - -Upstream-Status: Inappropriate -Signed-off-by: Ross Burton <ross.burton@intel.com> - ---- - Makefile | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/Makefile b/Makefile -index 17fc5c9..e0c2784 100644 ---- a/Makefile -+++ b/Makefile -@@ -231,3 +231,7 @@ rpm: - @$(RPMBUILD) -ta --define 'current yes' $(RPMTMP)/iputils.tar.bz2 - @rm -f $(RPMTMP)/iputils.tar.bz2 - -+install: -+ for t in $(TARGETS); do \ -+ install -D $$t $(DESTDIR)$(bindir)/$$t; \ -+ done diff --git a/external/poky/meta/recipes-extended/iputils/iputils_s20180629.bb b/external/poky/meta/recipes-extended/iputils/iputils_s20180629.bb deleted file mode 100644 index eff44be1..00000000 --- a/external/poky/meta/recipes-extended/iputils/iputils_s20180629.bb +++ /dev/null @@ -1,61 +0,0 @@ -SUMMARY = "Network monitoring tools" -DESCRIPTION = "Utilities for the IP protocol, including traceroute6, \ -tracepath, tracepath6, ping, ping6 and arping." -HOMEPAGE = "https://github.com/iputils/iputils" -SECTION = "console/network" - -LICENSE = "BSD & GPLv2+" - -LIC_FILES_CHKSUM = "file://LICENSE;md5=b792e38abdc59f766a3153908f23e766 \ - file://LICENSE.BSD3;md5=0f00d99239d922ffd13cabef83b33444 \ - file://LICENSE.GPL2;md5=b234ee4d69f5fce4486a80fdaf4a4263" - -DEPENDS = "gnutls libcap libgcrypt" - -SRC_URI = "git://github.com/iputils/iputils \ - file://ai_canonidn.patch \ - file://install.patch" -SRCREV = "f6aac8dbe3f8c45c53424854a3312bdd8cdd58d3" - -S = "${WORKDIR}/git" - -UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>s\d+)" - -EXTRA_OEMAKE = "-e MAKEFLAGS=" - -PACKAGECONFIG ??= "" -PACKAGECONFIG[libidn] = "USE_IDN=yes,USE_IDN=no,libidn2" - -do_compile () { - oe_runmake 'CC=${CC} -D_GNU_SOURCE' VPATH="${STAGING_LIBDIR}:${STAGING_DIR_HOST}/${base_libdir}" ${PACKAGECONFIG_CONFARGS} all -} - -do_install() { - oe_runmake DESTDIR=${D} bindir=${base_bindir} install - for b in ping traceroute6 clockdiff; do - chmod u+s ${D}${base_bindir}/$b - done -} - -inherit update-alternatives - -ALTERNATIVE_PRIORITY = "100" - -ALTERNATIVE_${PN}-ping = "ping" -ALTERNATIVE_LINK_NAME[ping] = "${base_bindir}/ping" - -SPLITPKGS = "${PN}-ping ${PN}-arping ${PN}-tracepath ${PN}-traceroute6 ${PN}-clockdiff ${PN}-tftpd ${PN}-rarpd ${PN}-rdisc" -PACKAGES += "${SPLITPKGS}" - -ALLOW_EMPTY_${PN} = "1" -RDEPENDS_${PN} += "${SPLITPKGS}" - -FILES_${PN} = "" -FILES_${PN}-ping = "${base_bindir}/ping.${BPN}" -FILES_${PN}-arping = "${base_bindir}/arping" -FILES_${PN}-tracepath = "${base_bindir}/tracepath" -FILES_${PN}-traceroute6 = "${base_bindir}/traceroute6" -FILES_${PN}-clockdiff = "${base_bindir}/clockdiff" -FILES_${PN}-tftpd = "${base_bindir}/tftpd" -FILES_${PN}-rarpd = "${base_bindir}/rarpd" -FILES_${PN}-rdisc = "${base_bindir}/rdisc" diff --git a/external/poky/meta/recipes-extended/iputils/iputils_s20190709.bb b/external/poky/meta/recipes-extended/iputils/iputils_s20190709.bb new file mode 100644 index 00000000..545f3d5e --- /dev/null +++ b/external/poky/meta/recipes-extended/iputils/iputils_s20190709.bb @@ -0,0 +1,74 @@ +SUMMARY = "Network monitoring tools" +DESCRIPTION = "Utilities for the IP protocol, including traceroute6, \ +tracepath, tracepath6, ping, ping6 and arping." +HOMEPAGE = "https://github.com/iputils/iputils" +SECTION = "console/network" + +LICENSE = "BSD & GPLv2+" + +LIC_FILES_CHKSUM = "file://LICENSE;md5=55aa8c9fcad0691cef0ecd420361e390" + +DEPENDS = "gnutls" + +SRC_URI = "git://github.com/iputils/iputils \ + file://0001-ninfod-change-variable-name-to-avoid-colliding-with-.patch \ + file://0001-ninfod-fix-systemd-Documentation-url-error.patch \ + file://0001-rarpd-rdisc-Drop-PrivateUsers.patch \ + file://0001-iputils-Initialize-libgcrypt.patch \ + " +SRCREV = "13e00847176aa23683d68fce1d17ffb523510946" + +S = "${WORKDIR}/git" + +UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>s\d+)" + +# Fixed in 2000-10-10, but the versioning of iputils +# breaks the version order. +CVE_CHECK_WHITELIST += "CVE-2000-1213 CVE-2000-1214" + +PACKAGECONFIG ??= "libcap libgcrypt rarpd \ + ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ninfod traceroute6', '', d)} \ + ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" +PACKAGECONFIG[libcap] = "-DUSE_CAP=true, -DUSE_CAP=false, libcap" +PACKAGECONFIG[libgcrypt] = "-DUSE_CRYPTO=gcrypt, -DUSE_CRYPTO=none, libgcrypt" +PACKAGECONFIG[libidn] = "-DUSE_IDN=true, -DUSE_IDN=false, libidn2" +PACKAGECONFIG[gettext] = "-DUSE_GETTEXT=true, -DUSE_GETTEXT=false, gettext" +PACKAGECONFIG[ninfod] = "-DBUILD_NINFOD=true,-DBUILD_NINFOD=false," +PACKAGECONFIG[rarpd] = "-DBUILD_RARPD=true,-DBUILD_RARPD=false," +PACKAGECONFIG[systemd] = "-Dsystemdunitdir=${systemd_unitdir}/system,,systemd" +PACKAGECONFIG[traceroute6] = "-DBUILD_TRACEROUTE6=true,-DBUILD_TRACEROUTE6=false," +PACKAGECONFIG[docs] = "-DBUILD_HTML_MANS=true -DBUILD_MANS=true,-DBUILD_HTML_MANS=false -DBUILD_MANS=false, libxslt" + +inherit meson systemd update-alternatives + +# Have to disable setcap/suid as its not deterministic +EXTRA_OEMESON += "--prefix=${root_prefix}/ -DNO_SETCAP_OR_SUID=true" + +ALTERNATIVE_PRIORITY = "100" + +ALTERNATIVE_${PN}-ping = "ping" +ALTERNATIVE_LINK_NAME[ping] = "${base_bindir}/ping" + +SPLITPKGS = "${PN}-ping ${PN}-arping ${PN}-tracepath ${PN}-clockdiff ${PN}-tftpd ${PN}-rdisc \ + ${@bb.utils.contains('PACKAGECONFIG', 'rarpd', '${PN}-rarpd', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '${PN}-traceroute6 ${PN}-ninfod', '', d)}" +PACKAGES += "${SPLITPKGS}" + +ALLOW_EMPTY_${PN} = "1" +RDEPENDS_${PN} += "${SPLITPKGS}" + +FILES_${PN} = "" +FILES_${PN}-ping = "${base_bindir}/ping.${BPN}" +FILES_${PN}-arping = "${base_bindir}/arping" +FILES_${PN}-tracepath = "${base_bindir}/tracepath" +FILES_${PN}-traceroute6 = "${base_bindir}/traceroute6" +FILES_${PN}-clockdiff = "${base_bindir}/clockdiff" +FILES_${PN}-tftpd = "${base_bindir}/tftpd" +FILES_${PN}-rarpd = "${base_sbindir}/rarpd ${systemd_unitdir}/system/rarpd@.service" +FILES_${PN}-rdisc = "${base_sbindir}/rdisc" +FILES_${PN}-ninfod = "${base_sbindir}/ninfod ${sysconfdir}/init.d/ninfod.sh" + +SYSTEMD_PACKAGES = "${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', '${PN}-ninfod', '', d)} \ + ${PN}-rdisc" +SYSTEMD_SERVICE_${PN}-ninfod = "ninfod.service" +SYSTEMD_SERVICE_${PN}-rdisc = "rdisc.service" |