meta-openembedded: subtree update:2258c9a767..164a6030b0
Alejandro Hernandez Samaniego (1):
emacs: Fix packaging for emacs-minimal
Andreas Müller (8):
fluidsynth: upgrade 2.1.3 -> 2.1.5
hdf5: Shorten SUMMARY and move long text to DESCRIPTION
wxwidgets: add opengl PACKAGECONFIG / enable it if opengl is in DISTRO_FEATURES
wxwidgets: Add what's necessary so that consumers of wxwidgets_git can find it
wxwidgets: upgrade 3.1.3 -> 3.1.4
babl: upgrade 0.1.78 -> 0.1.82
gegl: upgrade 0.4.24 -> 0.4.26
gimp: upgrade 2.10.20 -> 2.10.22
Andrej Valek (2):
nss: upgrade 3.56 -> 3.57
nspr: upgrade 4.26 -> 4.29
Chen Qi (2):
open-isns: use /run instead of /var/run in systemd service file
openhpi: use /run instead of /var/run in systemd service file
Daniel Ammann (2):
dhex: add homepage
pcsc-tools: add new package
Fagundes, Paulo (1):
vnstat: add recipe
Gianfranco Costamagna (1):
vboxguestdrivers: upgrade 6.1.14 -> 6.1.16
Gianluca Pacchiella (1):
Add missing dependencies for rsnapshot.
Khem Raj (5):
meta-openembedded: Add gatesgarth to LAYERSERIES_COMPAT
apitrace: Disable secuirty flags for clang
iscsi-initiator-utils: Silence a clang warning on 64bit systems
minifi-cpp: Do not use lld on riscv32
redis: Fix build with clang on riscv32
Leon Anavi (44):
python3-aiohttp: Upgrade 3.6.2 -> 3.6.3
python3-ujson: Upgrade 3.2.0 -> 4.0.1
python3-passlib: Upgrade 1.7.2 -> 1.7.4
python3-croniter: Upgrade 0.3.34 -> 0.3.35
python3-isort: Upgrade 5.5.4 -> 5.6.4
python3-prompt-toolkit: Upgrade 3.0.7 -> 3.0.8
python3-yarl: Upgrade 1.6.0 -> 1.6.2
python3-sqlparse: Upgrade 0.3.1 -> 0.4.1
python3-sqlalchemy: Upgrade 1.3.19 -> 1.3.20
python3-sentry-sdk: Upgrade 0.18.0 -> 0.19.0
python3-markdown: Upgrade 3.3 -> 3.3.1
python3-pywbemtools: Upgrade 0.7.3 -> 0.8.0
python3-xlsxwriter: Upgrade 1.3.6 -> 1.3.7
python3-luma-core: Upgrade 1.17.1 -> 1.17.2
python3-graphviz: Upgrade 0.14.1 -> 0.14.2
python3-yappi: Upgrade 1.2.5 -> 1.3.0
python3-iniconfig: Upgrade 1.0.1 -> 1.1.1
transmission: Upgrade 2.94 -> 3.00
python3-regex: Upgrade 2020.10.11 -> 2020.10.15
python3-colorama: Upgrade 0.4.3 -> 0.4.4
python3-zipp: Upgrade 3.3.0 -> 3.3.1
python3-pychromecast: Upgrade 7.5.0 -> 7.5.1
python3-semver: Upgrade 2.10.2 -> 2.13.0
python3-pydicti: Upgrade 1.1.3 -> 1.1.4
python3-humanize: Upgrade 3.0.1 -> 3.1.0
python3-dominate: Upgrade 2.5.2 -> 2.6.0
python3-urllib3: Upgrade 1.25.10 -> 1.25.11
python3-bitarray: Upgrade 1.5.3 -> 1.6.0
python3-markdown: Upgrade 3.3.1 -> 3.3.2
python3-pymisp: Upgrade 2.4.131 -> 2.4.133
python3-typeguard: Upgrade 2.9.1 -> 2.10.0
python3-traitlets: Upgrade 5.0.4 -> 5.0.5
python3-sentry-sdk: Upgrade 0.19.0 -> 0.19.1
python3-lxml: Upgrade 4.5.2 -> 4.6.1
python3-regex: Upgrade 2020.10.15 -> 2020.10.23
python3-google-api-python-client: Upgrade 1.12.3 -> 1.12.5
python3-cryptography: Upgrade 3.1.1 -> 3.2
python3-psutil: Upgrade 5.7.2 -> 5.7.3
python3-pyparted: Upgrade 3.11.6 -> 3.11.7
python3-tqdm: Upgrade 4.50.2 -> 4.51.0
python3-u-msgpack-python: Upgrade 2.7.0 -> 2.7.1
python3-luma-core: Upgrade 1.17.2 -> 1.17.3
python3-zipp: Upgrade 3.3.1 -> 3.4.0
python3-aiohttp: Upgrade 3.6.3 -> 3.7.1
Luca Boccassi (2):
Add recipe for fsverity-utils
Add new recipe for squashfs-tools-ng
Mario Schuknecht (1):
wireguard-tools: Fix systemd service installation
Martin Jansa (3):
packagegroup-meta-multimedia: include fdk-aac and mpd only with commercial in LICENSE_FLAGS_WHITELIST
python3-colorama: add native and nativesdk to BBCLASSEXTEND
mpd: add commercial LICENSE_FLAGS when ffmpeg or aac PACKAGECONFIG is enabled
Michael Tretter (1):
apitrace: add new recipe
Mingli Yu (1):
mariadb: Upgrade to 10.5.6
Pascal Bach (1):
fmt: make available as native and nativesdk
Pierre-Jean Texier (3):
c-periphery: upgrade 2.2.1 -> 2.2.4
c-periphery: fix typo in SUMMARY
stunnel: upgrade 5.56 -> 5.57
Qi.Chen@windriver.com (4):
php: use /run instead /var/run in systemd service file
lmsensors: use /run instead of /var/run for systemd service
cyrus-sasl: use /run instead of /var/run for systemd service file
freediameter: use /run instead of /var/run in systemd service file
Ross Burton (2):
mpv: fetch waf in do_fetch
glmark2: no need to patch waf
Sakib Sajal (1):
python3-prettytable: add python3-wcwidth to RDEPENDS
Siming Yuan (1):
python3-paramiko: fixing runtime dependencies
Taisei Nakano (1):
anthy: add GPLv2 to LICENSE and add LIC_FILES_CHKSUM
Ulrich Ölmann (1):
usb-modeswitch, usb-modeswitch-data: fix usrmerge
Yi Zhao (2):
samba: upgrade 4.10.17 -> 4.10.18
networkmanager: remove PACKAGECONFIG[dhclient]
Zang Ruochen (13):
firewalld: upgrade 0.9.0 -> 0.9.1
mtr: upgrade 0.93 -> 0.94
wireshark: upgrade 3.2.6 -> 3.2.7
hwdata: upgrade 0.339 -> 0.340
libmbim: upgrade 1.24.2 -> 1.24.4
linuxptp: upgrade 3.0 -> 3.1
memtester: upgrade 4.4.0 -> 4.5.0
paho-mqtt-c: upgrade 1.3.5 -> 1.3.6
mm-common: upgrade 1.0.1 -> 1.0.2
poppler: upgrade 20.09.0 -> 20.10.0
spdlog: upgrade 1.8.0 -> 1.8.1
libcgi-perl: upgrade 4.50 -> 4.51
libcurses-perl: upgrade 1.36 -> 1.37
zangrc (8):
gphoto2: upgrade 2.5.23 -> 2.5.26
libgphoto2: upgrade 2.5.25 -> 2.5.26
libmtp: upgrade 1.1.17 -> 1.1.18
libp11: upgrade 0.4.10 -> 0.4.11
libpwquality: upgrade 1.4.2 -> 1.4.4
libqmi: upgrade 1.26.4 -> 1.26.6
nano: upgrade 5.2 -> 5.3
protobuf: upgrade 3.13.0 -> 3.13.0.1
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Change-Id: Ie105cfe99ae7dab0f6f1fd8d88d43a1979faf486
diff --git a/meta-openembedded/meta-oe/recipes-support/nss/nss_3.57.bb b/meta-openembedded/meta-oe/recipes-support/nss/nss_3.57.bb
new file mode 100644
index 0000000..5d9318a
--- /dev/null
+++ b/meta-openembedded/meta-oe/recipes-support/nss/nss_3.57.bb
@@ -0,0 +1,271 @@
+SUMMARY = "Mozilla's SSL and TLS implementation"
+DESCRIPTION = "Network Security Services (NSS) is a set of libraries \
+designed to support cross-platform development of \
+security-enabled client and server applications. \
+Applications built with NSS can support SSL v2 and v3, \
+TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 \
+v3 certificates, and other security standards."
+HOMEPAGE = "http://www.mozilla.org/projects/security/pki/nss/"
+SECTION = "libs"
+
+DEPENDS = "sqlite3 nspr zlib nss-native"
+DEPENDS_class-native = "sqlite3-native nspr-native zlib-native"
+
+LICENSE = "MPL-2.0 | (MPL-2.0 & GPL-2.0+) | (MPL-2.0 & LGPL-2.1+)"
+
+LIC_FILES_CHKSUM = "file://nss/COPYING;md5=3b1e88e1b9c0b5a4b2881d46cce06a18 \
+ file://nss/lib/freebl/mpi/doc/LICENSE;md5=491f158d09d948466afce85d6f1fe18f \
+ file://nss/lib/freebl/mpi/doc/LICENSE-MPL;md5=5d425c8f3157dbf212db2ec53d9e5132"
+
+VERSION_DIR = "${@d.getVar('BP').upper().replace('-', '_').replace('.', '_') + '_RTM'}"
+
+SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSION_DIR}/src/${BP}.tar.gz \
+ file://nss.pc.in \
+ file://0001-nss-fix-support-cross-compiling.patch \
+ file://nss-no-rpath-for-cross-compiling.patch \
+ file://nss-fix-incorrect-shebang-of-perl.patch \
+ file://disable-Wvarargs-with-clang.patch \
+ file://pqg.c-ULL_addend.patch \
+ file://blank-cert9.db \
+ file://blank-key4.db \
+ file://system-pkcs11.txt \
+ file://nss-fix-nsinstall-build.patch \
+ file://0001-freebl-add-a-configure-option-to-disable-ARM-HW-cryp.patch \
+ "
+SRC_URI[sha256sum] = "55a86c01be860381d64bb4e5b94eb198df9b0f098a8af0e58c014df398bdc382"
+
+UPSTREAM_CHECK_URI = "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_Releases"
+UPSTREAM_CHECK_REGEX = "NSS_(?P<pver>.+)_release_notes"
+
+inherit siteinfo
+
+TD = "${S}/tentative-dist"
+TDS = "${S}/tentative-dist-staging"
+
+# cortex-a55 is ARMv8.2-a based but libatomic explicitly asks for -march=armv8.1-a
+# which caused -march conflicts in gcc
+TUNE_CCARGS_remove = "-mcpu=cortex-a55+crc -mcpu=cortex-a55 -mcpu=cortex-a55+crc+crypto"
+
+TARGET_CC_ARCH += "${LDFLAGS}"
+
+do_configure_prepend_libc-musl () {
+ sed -i -e '/-DHAVE_SYS_CDEFS_H/d' ${S}/nss/lib/dbm/config/config.mk
+}
+
+do_compile_prepend_class-native() {
+ export NSPR_INCLUDE_DIR=${STAGING_INCDIR_NATIVE}/nspr
+ export NSPR_LIB_DIR=${STAGING_LIBDIR_NATIVE}
+}
+
+do_compile_prepend_class-nativesdk() {
+ export LDFLAGS=""
+}
+
+do_compile_prepend_class-native() {
+ # Need to set RPATH so that chrpath will do its job correctly
+ RPATH="-Wl,-rpath-link,${STAGING_LIBDIR_NATIVE} -Wl,-rpath-link,${STAGING_BASE_LIBDIR_NATIVE} -Wl,-rpath,${STAGING_LIBDIR_NATIVE} -Wl,-rpath,${STAGING_BASE_LIBDIR_NATIVE}"
+}
+
+do_compile() {
+ export NSPR_INCLUDE_DIR=${STAGING_INCDIR}/nspr
+ export NSS_ENABLE_WERROR=0
+
+ export CROSS_COMPILE=1
+ export NATIVE_CC="${BUILD_CC}"
+ # Additional defines needed on Centos 7
+ export NATIVE_FLAGS="${BUILD_CFLAGS} -DLINUX -Dlinux"
+ export BUILD_OPT=1
+
+ export FREEBL_NO_DEPEND=1
+ export FREEBL_LOWHASH=1
+
+ export LIBDIR=${libdir}
+ export MOZILLA_CLIENT=1
+ export NS_USE_GCC=1
+ export NSS_USE_SYSTEM_SQLITE=1
+ export NSS_ENABLE_ECC=1
+
+ ${@bb.utils.contains("TUNE_FEATURES", "crypto", "export NSS_USE_ARM_HW_CRYPTO=1", "", d)}
+
+ export OS_RELEASE=3.4
+ export OS_TARGET=Linux
+ export OS_ARCH=Linux
+
+ if [ "${TARGET_ARCH}" = "powerpc" ]; then
+ OS_TEST=ppc
+ elif [ "${TARGET_ARCH}" = "powerpc64" ]; then
+ OS_TEST=ppc64
+ elif [ "${TARGET_ARCH}" = "mips" -o "${TARGET_ARCH}" = "mipsel" -o "${TARGET_ARCH}" = "mips64" -o "${TARGET_ARCH}" = "mips64el" ]; then
+ OS_TEST=mips
+ elif [ "${TARGET_ARCH}" = "aarch64_be" ]; then
+ OS_TEST="aarch64"
+ else
+ OS_TEST="${TARGET_ARCH}"
+ fi
+
+ if [ "${SITEINFO_BITS}" = "64" ]; then
+ export USE_64=1
+ elif [ "${TARGET_ARCH}" = "x86_64" -a "${SITEINFO_BITS}" = "32" ]; then
+ export USE_X32=1
+ fi
+
+ export NSS_DISABLE_GTESTS=1
+
+ # We can modify CC in the environment, but if we set it via an
+ # argument to make, nsinstall, a host program, will also build with it!
+ #
+ # nss pretty much does its own thing with CFLAGS, so we put them into CC.
+ # Optimization will get clobbered, but most of the stuff will survive.
+ # The motivation for this is to point to the correct place for debug
+ # source files and CFLAGS does that. Nothing uses CCC.
+ #
+ export CC="${CC} ${CFLAGS}"
+ make -C ./nss CCC="${CXX} -g" \
+ OS_TEST=${OS_TEST} \
+ RPATH="${RPATH}" \
+ autobuild
+}
+
+do_compile[vardepsexclude] += "SITEINFO_BITS"
+
+do_install_prepend_class-nativesdk() {
+ export LDFLAGS=""
+}
+
+do_install() {
+ export CROSS_COMPILE=1
+ export NATIVE_CC="${BUILD_CC}"
+ export BUILD_OPT=1
+
+ export FREEBL_NO_DEPEND=1
+
+ export LIBDIR=${libdir}
+ export MOZILLA_CLIENT=1
+ export NS_USE_GCC=1
+ export NSS_USE_SYSTEM_SQLITE=1
+ export NSS_ENABLE_ECC=1
+
+ export OS_RELEASE=3.4
+ export OS_TARGET=Linux
+ export OS_ARCH=Linux
+
+ if [ "${TARGET_ARCH}" = "powerpc" ]; then
+ OS_TEST=ppc
+ elif [ "${TARGET_ARCH}" = "powerpc64" ]; then
+ OS_TEST=ppc64
+ elif [ "${TARGET_ARCH}" = "mips" -o "${TARGET_ARCH}" = "mipsel" -o "${TARGET_ARCH}" = "mips64" -o "${TARGET_ARCH}" = "mips64el" ]; then
+ OS_TEST=mips
+ elif [ "${TARGET_ARCH}" = "aarch64_be" ]; then
+ CPU_ARCH=aarch64
+ OS_TEST="aarch64"
+ else
+ OS_TEST="${TARGET_ARCH}"
+ fi
+ if [ "${SITEINFO_BITS}" = "64" ]; then
+ export USE_64=1
+ elif [ "${TARGET_ARCH}" = "x86_64" -a "${SITEINFO_BITS}" = "32" ]; then
+ export USE_X32=1
+ fi
+
+ export NSS_DISABLE_GTESTS=1
+
+ make -C ./nss \
+ CCC="${CXX}" \
+ OS_TEST=${OS_TEST} \
+ SOURCE_LIB_DIR="${TD}/${libdir}" \
+ SOURCE_BIN_DIR="${TD}/${bindir}" \
+ install
+
+ install -d ${D}/${libdir}/
+ for file in ${S}/dist/*.OBJ/lib/*.so; do
+ echo "Installing `basename $file`..."
+ cp $file ${D}/${libdir}/
+ done
+
+ for shared_lib in ${TD}/${libdir}/*.so.*; do
+ if [ -f $shared_lib ]; then
+ cp $shared_lib ${D}/${libdir}
+ ln -sf $(basename $shared_lib) ${D}/${libdir}/$(basename $shared_lib .1oe)
+ fi
+ done
+ for shared_lib in ${TD}/${libdir}/*.so; do
+ if [ -f $shared_lib -a ! -e ${D}/${libdir}/$shared_lib ]; then
+ cp $shared_lib ${D}/${libdir}
+ fi
+ done
+
+ install -d ${D}/${includedir}/nss3
+ install -m 644 -t ${D}/${includedir}/nss3 dist/public/nss/*
+
+ install -d ${D}/${bindir}
+ for binary in ${TD}/${bindir}/*; do
+ install -m 755 -t ${D}/${bindir} $binary
+ done
+}
+
+do_install[vardepsexclude] += "SITEINFO_BITS"
+
+do_install_append() {
+ # Create empty .chk files for the NSS libraries at build time. They could
+ # be regenerated at target's boot time.
+ for file in libsoftokn3.chk libfreebl3.chk libnssdbm3.chk; do
+ touch ${D}/${libdir}/$file
+ chmod 755 ${D}/${libdir}/$file
+ done
+
+ install -d ${D}${libdir}/pkgconfig/
+ sed 's/%NSS_VERSION%/${PV}/' ${WORKDIR}/nss.pc.in | sed 's/%NSPR_VERSION%/4.9.2/' > ${D}${libdir}/pkgconfig/nss.pc
+ sed -i s:OEPREFIX:${prefix}:g ${D}${libdir}/pkgconfig/nss.pc
+ sed -i s:OEEXECPREFIX:${exec_prefix}:g ${D}${libdir}/pkgconfig/nss.pc
+ sed -i s:OELIBDIR:${libdir}:g ${D}${libdir}/pkgconfig/nss.pc
+ sed -i s:OEINCDIR:${includedir}/nss3:g ${D}${libdir}/pkgconfig/nss.pc
+}
+
+do_install_append_class-target() {
+ # It used to call certutil to create a blank certificate with empty password at
+ # build time, but the checksum of key4.db changes every time when certutil is called.
+ # It causes non-determinism issue, so provide databases with a blank certificate
+ # which are originally from output of nss in qemux86-64 build. You can get these
+ # databases by:
+ # certutil -N -d sql:/database/path/ --empty-password
+ install -d ${D}${sysconfdir}/pki/nssdb/
+ install -m 0644 ${WORKDIR}/blank-cert9.db ${D}${sysconfdir}/pki/nssdb/cert9.db
+ install -m 0644 ${WORKDIR}/blank-key4.db ${D}${sysconfdir}/pki/nssdb/key4.db
+ install -m 0644 ${WORKDIR}/system-pkcs11.txt ${D}${sysconfdir}/pki/nssdb/pkcs11.txt
+}
+
+PACKAGE_WRITE_DEPS += "nss-native"
+
+pkg_postinst_${PN} () {
+ for I in $D${libdir}/lib*.chk; do
+ DN=`dirname $I`
+ BN=`basename $I .chk`
+ FN=$DN/$BN.so
+ shlibsign -i $FN
+ if [ $? -ne 0 ]; then
+ echo "shlibsign -i $FN failed"
+ fi
+ done
+}
+
+PACKAGES =+ "${PN}-smime"
+FILES_${PN}-smime = "\
+ ${bindir}/smime \
+"
+
+FILES_${PN} = "\
+ ${sysconfdir} \
+ ${bindir} \
+ ${libdir}/lib*.chk \
+ ${libdir}/lib*.so \
+ "
+
+FILES_${PN}-dev = "\
+ ${libdir}/nss \
+ ${libdir}/pkgconfig/* \
+ ${includedir}/* \
+ "
+
+RDEPENDS_${PN}-smime = "perl"
+
+BBCLASSEXTEND = "native nativesdk"