Squashed 'import-layers/meta-openembedded/'.
1efa5d6 gpsd: fix multilib build
97b82f3 exo: unbreak Thunar's detailed file view
5829238 modemmanager: Fix build with clang
9dc61c3 libmad: Fix build with clang
3cb5bcd fribidi: Fix build with security flags turned on
c6bb220 flashrom: Remove redundant const qualifier
7ac8ead md5deep: Fix build with clang
6a08999 openldap: Fix Build error due to missing -fPIC
ae254b4 libqmi: Fix build with clang
1ae5293 android-tools: fix do_install
a67677b rsnapshot: fix host path in rsnapshot.conf.default
f98f05a xfwm4: add x11 to REQUIRED_DISTRO_FEATURES
0913142 xfdesktop: add x11 to REQUIRED_DISTRO_FEATURES
4abb9bd xfce4-settings: add x11 to REQUIRED_DISTRO_FEATURES
fbb8993 xfce4-session: add x11 to REQUIRED_DISTRO_FEATURES
a7033bf xfce4-power-manager: add x11 to REQUIRED_DISTRO_FEATURES
c628fef xfce4-panel: add x11 to REQUIRED_DISTRO_FEATURES
d6ff552 xfce4-appfinder: add x11 to REQUIRED_DISTRO_FEATURES
f470662 thunar-volman: add x11 to REQUIRED_DISTRO_FEATURES
a905a4b thunar: add x11 to REQUIRED_DISTRO_FEATURES
4898fc6 libxfce4ui: add x11 to REQUIRED_DISTRO_FEATURES
4ea40f3 gtk-xfce-engine: add x11 to REQUIRED_DISTRO_FEATURES
57faeed garcon: add x11 to REQUIRED_DISTRO_FEATURES
af6a177 exo: add x11 to REQUIRED_DISTRO_FEATURES
0b91d71 xfce-app.bbclass: add x11 to REQUIRED_DISTRO_FEATURES
33055f8 xfce-panel-plugin.bbclass: add x11 to REQUIRED_DISTRO_FEATURES
17c9299 thunar-plugin.bbclass: add x11 to REQUIRED_DISTRO_FEATURES
e3cc8a1 xfce4-pulseaudio-plugin: add x11 to REQUIRED_DISTRO_FEATURES
968e99e packagegroup-xfce-base: add x11 to REQUIRED_DISTRO_FEATURES
3a2f97e libxklavier: add x11 to REQUIRED_DISTRO_FEATURES
7a557a2b libwnck: add x11 to REQUIRED_DISTRO_FEATURES
179bcb1 gtksourceview2: add x11 to REQUIRED_DISTRO_FEATURES
eea7d0b gnome-disk-utility: add x11 to REQUIRED_DISTRO_FEATURES
bc9450c evince: add x11 to REQUIRED_DISTRO_FEATURES
121a333 dconf: add x11 to REQUIRED_DISTRO_FEATURES
74ee171 libunique: add x11 to REQUIRED_DISTRO_FEATURES
258f4f3 pavucontrol: add x11 to REQUIRED_DISTRO_FEATURES
c30411d gtkmm: add x11 to REQUIRED_DISTRO_FEATURES
d08864a opencv: checking existence of /usr/lib
cb24773 libeigen: set tarball name as ${BP}.tar.bz2
00b89f2 opencv: fix QA issue
d8d90a6 openjpeg: rename the download file
dcfb513 apache2: include .load files in modules.d
0ec9cb2 asio: fix a musl compilation warning
c840f78 asio: DEPENDS on openssl
d2a990b lockdev: Pretend GNU libc on musl
02bca9e libplist: Remove rpaths surgically
45c2854 augeas: fix QA warning
ebc3e16 edac-utils: fix systemd service
54b566a mariadb: use faster download URL
4ef0a72 krb5: Add -fPIC to compile flags
976fccd meta_oe_security_flags.inc: Add libcec, libmodplug, libcdio
2c3aaa7 meta_oe_security_flags: Disable PIE for s3c64xx-gpio/s3c24xx-gpio/cpufrequtils
9869a2d python-m2crypto: inherit siteinfo
f169b40 ttf-abyssinica: update SRC_URI
cce0d82 xterm: package /usr/lib/X11 to avoid installed-vs-shipped error on ppc64
2e71e6a fftw: Remove the fftw-dev package dependency on non-existent fftw package.
14c4d27 Revert "physfs: move to sources found at github/supertux"
24c9c2b wireshark: install missing header files
b840fce tunctl: fix QA warning for GNU_HASH
705a4c1 vblade: fix QA warning for GNU_HASH
a3d23d2 tsocks: fix QA warning for GNU_HASH
35dfe1a zeroconf: fix QA warning for GNU_HASH
052fe5e nuttcp: fix QA warning for GNU_HASH
b6d9486 aoetools: fix QA warning for GNU_HASH
6ea4941 iscsi-initiator-utils: fix postinstall and systemd service file
dbabbd8 lftp: fix PACKAGECONFIG[readline]
6f06d75 drbd-utils: 8.9.3 -> 8.9.6
5336366 lksctp-tools: 1.0.16 -> 1.0.17
659d9d3 meta-openembedded: Add me to morty maintainer's list
6e91977 c-ares: update 1.11.0 -> 1.12.0
406ca64 libmnl, nftables: Update versions
dce441f openl2tp: Fix build with clang
aebf681 lowpan-tools: Fix errors found with clang
c8f78ec linux-atm: fix do_compile error
7a491f3 nodejs: update to 4.6.1
2396e30 openldap: use recommended backend mdb
ce2b1ac rsyslog: upgrade to 8.22.0
ca3a032 librelp: add recipe
2f7c00b libfastjson: add recipe
9af1859 vim: Update to v8.0.0022
b096119 glmark2: Enabling c++ 11 features
3587696 android-tools: fix native build
e63aa5b dhcp_%.bbappend: fix replaces original key warning
51867d2 rsnapshot: update to 1.4.2
a4f713b python-unidiff: python module for parsing diff data
b6f38dd mg: Update to 20161005
9db48dc joe: Fix build with clang
cc5414c glcompbench: Demand c++11 explicitly
b8ecf24 flashrom: Fix build with clang and aarch64
2449866 gpm: Remove nested functions
09ac7a6 libdc1394: Upgrade to 2.2.4
71670ff python-greenlet: Rename register from rX to xX for aarch64
73c6871 frame: Fix build with clang
2280f69 libplist: Squash warnings found by clang
577604b libmbim: Fix build with clang
558d935 libbonobo: Fix missing dep on orbit2-native and build with clang
3fd6133 libndp: 1.5 -> 1.6
ccec146 adduser: always add -M option for useradd
dd2748d dvb-apps: fix recipe, and update to the latest version
d0b44b7 v4l-utils: add support for "native" build
74d5222 inotify-tools: add recipe
00ba3c8 nodejs: update to 4.6.0
a87270e postgresql.inc: Fix do_configure error (could not find Python.h)
887cdc7 mpich: update to version 3.2
8cefb2e libsoc: update to version 0.8.2
1872a8a libsodium: update to version 1.0.11
a5bc9e9 python-evdev: update to version 0.6.4
d4185c6 python-dbusmock: update to version 0.16.7
ecc78a9 python-cmd2: update to version 0.6.9
c8f992c python-bcrypt: update to version 3.1.1
e15a35a python-werkzeug: update to version 0.11.11
2810af5 python-urllib3: update to version 1.18
40efc44 python-rfc3987: update to version 1.3.7
3f000b5 python-pytest: update to version 3.0.1
f35e4e6 nginx: update to version 1.11.5
951d31e python-pyopenssl: update to version 16.1.0
0a812a0 python-pymongo: update to version 3.3.0
96819dd python-pymisp: update to version 2.4.51.1
13e2470 python-prompt-toolkit: update to version 1.0.7
ee0f810 python-lxml: update to version 3.6.4
47d12fe python-cffi: update to version 1.8.3
b7ae781 python-certifi: update to version 2016.9.26
4faba62 libsocketcan: upgrade to 0.0.10
2acaa8f tipcutils: upgrade to 2.2.0
8ba31c9 gpsd, mongodb: use PACKAGECONFIG_CONFARGS instead of now empty EXTRA_OECONF
f882db6 ipmiutil: uncomment PARALLEL_MAKE
fb6585f jansson: update to 2.9
54c7e78 pcsc-lite: Seperate GPLV3 portions from BSD
fded4cf opencv: fix packaging and install
df9dac1 xdg-user-dirs: initial add 0.15
2846999 a2jmidid: initial add v8
d6cd37b jack: remove portaudio PACKAGECONFIG
0f8f197 jack: swap to jack2
a7e7ecc python-pybind11: add pybind11 for operability between C++11 and Python
7f5236b alsa-equal: Add recipe for version 0.6
def0e38 caps: Add recipe for version 0.9.24
1c072cb gvfs: fix fetch error
3796741 tesseract: upgrade to 3.04
0cc3d06 leptonica: add PACKAGECONFIG for giflib
b850fda phytool: Add recipe
8eef5ab wireshark: update to 2.2.1
5dbbc99 nfacct: added nfacct recipe to meta-networking
dd77c3d libnetfilter-acct: added new recipe for libnetfilter-acct 1.0.3
812e940 ntp : Add openssl to default PACKAGECONFIG options
8760099 atftp: fixes musl libc build
af864a7 geoip-perl: upgrade to 1.50
5abe6ea arptables: add the directory for default /etc/sysconfig/arptables
a0e2240 arptables: add arptables systemd service file
93b0d65 iscsitarget: resolve build error with linux kernel 4.8
9e8d127 squid: fix ptest failure
6f54f29 squid: specify sysconfdir and logdir
307d1c9 libtdb: fixes for deterministic builds
5175c03 libldb: fixes for deterministic builds
5291715 libtevent: fixes for deterministic builds
778a2b6 libtalloc: fixes for deterministic builds
fe652f8 libldb: fix for LIC_FILES_CHKSUM
f25aa3d libtdb: fix for LIC_FILES_CHKSUM
d4a36f6 libtevent: fix for LIC_FILES_CHKSUM
0014397 libtalloc: fix for LIC_FILES_CHKSUM
1a5ae6a mbedtls: upgrade to 1.3.17
a95726d samba: replace pam packageconfig by hard dependency
3fdfdd8 samba: un-blacklist
f604ee6 mariadb: update to version 5.5.52
6d8cbfa gmock: fixed installing pkgconfig file and libraries on x86_64 architecture
63707b5 gst-plugins-base: fix rare but annoying build errors
8b68ed9 jq: add support for jq-native + misc minor fixes
dacf9a8 onig: update 5.9.3 -> 5.9.6
a6ad786 onig: add support for orig-native + misc minor fixes
ea21a3f mpd: disable automatic start at boot - service is activated on demand by socket
c7f39c7 thrift: disable java
39b03b0 libsmi: rdepends on wget and set WGET as target path
a0ef440 mariadb: replace the CC with CC_VERSION and CXX with CXX_VERSION
b23da47 webmin: ensure correct PERLLIB path
42f52f5 ttf-lklug: use fedora24 for source
ba54b98 edac-utils: add systemd support and required dependencies for edac
6ee4e53 haveged: don't compile in mips16e mode
3e4a0e2 lvm2: enable option o_direct
3c56c4f multipath-tools: Obey exported LDFLAGS
5e17038 pam-passwedqc: Obey exported LDFLAGS
aba02d7 libnet: fixes musl libc build
08b315e rsyslog: fixes musl libc build
5a9b947 Remove bashisms
3bbec2b physfs: move to sources found at github/supertux
a0c3cea poppler: update to 0.47.0
b77869a xfce4-clipman-plugin: update to 1.4.0
81e5975 xfce4-notifyd: update to 0.3.2
13975d3 xfce4-calculator-plugin: update to 0.6.0
9e36ee0 xfce4-weather-plugin: update to 0.8.8
86fcbf9 xfce4-whiskermenu-plugin: update to 2.0.1
8d6f8cc exo: update to 0.11.1
a60b025 xfce4-power-manager: update to 1.6.0
bf02c16 php: update 5.6.25
335ea17 layer.conf: add LAYERVERSION and LAYERDEPENDS
47ab72f hostapd: Security Advisory-CVE-2016-4476
510bcc8 gperftools: fix to work on aarch64
6ba3b30 xfsprogs, xfsdump, dmapi: blacklist, needs upgrade to stay compatible with default kernel
754111f mariadb: add libdbd-mysql-perl to RDEPENDS
aad32cf mariadb: add libdbi-perl to RDEPENDS
934104c libdbd-mysql-perl: add new recipe
67d6ed4 p7zip: do not hardcode path in native wrapper script
93d85f6 mpich: fix QA issue and remove blacklist
520dee9 evince: add intltool-native to DEPENDS
b187e7c logwatch: 7.4.1 -> 7.4.3
076b261 gthumb, libgnomekbd, gnome-desktop: add dependency on intltool-native
18b35eb vboxguestdrivers: upgrade to 5.1.6 to fix build with default kernel from oe-core 4.8
b70d4e2 p7zip, mce-inject: update LIC_FILES_CHKSUM
bfa1054 mozjs: fix crash on non-x86 64 bit systems
7742daa fftw: fix native build
4e84633 fftw: fix reconfigure error introduced in previous patch
4703a3d lirc: Fix build with clang
b18ac6d gpsd: Fix build with musl
7b05caa net-snmp: Fix build issue found with musl
f4ed1bc rtmpdump: fix QA warning for GNU_HASH
c5bd43a cdparanoia: fix QA warning for GNU_HASH
b2d3dac rsyslog: upgrade to 7.6.7
0de66c2 openl2tp: Obey LDFLAGS in Makefile
9c9cee6 crash: Enforce use of LDFLAGS during make
be8aa13 grubby: add bash to RDEPENDS_grubby-ptest
dfcb67a imagemagick: depend on fftw not virtual/fftw
395cb2d fftw: build all configurations by one recipe
1edf97a ristretto: have tumbler back - it builds fine and is an important feature
64a63fc gvfs: update to 1.28.3
e3a2814 gimp: update to 2.8.18
4618962 upower: don't start on boot by default - dbus does that on demand
c1a6b86 jack: update to 0.125.0rc1
df0c384 tslib: move recipe from oe-core
fe249f8 xtscal: move recipe from oe-core
0d103ba pointercal: move recipe from oe-core
dd01b4b portaudio: upgrade to latest release
0feb5f7 poco: update to 1.7.5
82f2e2b chrony: add PACKAGECONFIG for nss, libcap
e05536c mpv: include PACKAGECONFIG_CONFARGS in EXTRA_OECONF
5d131fd libgit2: add dependency on libssh2
4f3ae98 gammu: add dependency on unixodbc
7be1355 jasper: add PACKAGECONFIG for opengl
24e387a openldap: fix CVE-2015-3276
14a532d imsettings: 1.6.8 -> 1.7.1
a3cdf02 networkmanager: Fix package splitting and systemd service issue
a617fdc minini: update SRC_URI with new download path
02f77f7 snort: Add lzma to PACKAGECONFIG
4fde248 syslog-ng: remove unused patches
c8c68fb ttf-dejavu
870df18 iscsitarget,netmap-moduls,vboxguestdrivers: Blacklist, not compatible with default kernel version 4.8
85b5755 xterm: 320 -> 325
e05f59e geoclue: Update to 2.4.4
2ed5ad2 krb5: upgrade to 1.13.6
dd0f1ad ttf-dejavu: 2.35 -> 2.37
0836228 packagegroup-xfce-base: add librsvg-gtk
39be411 python-pyyaml: 3.11 -> 3.12
94a6bb9 python-dbus: 1.2.0 -> 1.2.4
29a6cb6 tk: 8.6.4 -> 8.6.6
3b675cb thrift: fix build on gcc-6
170b5ea abiword: unblacklist and fix
3e9313c geany-plugins: unblacklist / fix known bugs / update to 1.28
d70ccec geany: update to 1.28
a0fdd7f zile: uprev from 2.4.9 to 2.4.11 and add acl support
ee23e9d python-pylint: python source code analyzer
5641b25 Revert "gpsd, foxtrotgps: blacklist, fails to build with new binutils-2.27"
c7137fd gpsd: make sure the recipe uses LDFLAGS
a231c43 android-tools: add recipe from AOSP tag android-5.1.1_r37
4fad615 collectd: CVE-2016-6254
2f15702 libqmi: fix floating dependencies
d505a7a lmsensors: sensors-detect: print a special message when there isn't enough cpu info
35ee0a0 xpext-dev: Remove RDEPEND on empty xpext package.
5b4a557 glcompbench: Fix issues causing failures in GCC6
f3cd93f glade: fix typo introduced in last patch
098d32e tcpreplay: upgrade to 4.1.1
12a1189 waf-samba.bbclass: Add PACKAGECONFIG_CONFARGS to CONFIGUREOPTS
3a436ad wireshark: update to 2.2
554bbfb traceroute: update to 2.1.0
467dc1f dhcpcd: update to 6.11.3
fbffcf3 vsftpd: allow sysinfo() in the seccomp sandbox
e4365a2 proftpd: remove the script ftpmail
10abb68 stunnel: 5.28 -> 5.35
b60c608 samba: fix build by linking with bfd instead of gold
365fd1e strongswan: 5.3.2 -> 5.5.0
b4b6465 samba: fix to package pidl in samba-pidl
dd1ddae lvm2: add PACKAGECONFIG for lvm thin provisioning
07c1512 glade3: unbreak, unblacklist and other fixes
e9b5fc1 gtkmathview: unbreak gcc-6 build and unblacklist
0368f99 libgnome: add intltool-native to DEPENDS
1b6ee01 libgsf: add intltool-native to DEPENDS
d55334c pavucontrol: replace intltool by intltool-native in DEPENDS
8f6a485 p7zip: update to version 16.02
0a5c689 upower: add systemd support
11178d1 openjpeg: uprev from 2.1.0 to 2.1.1
83bb725 rdfind: add initial recipe, rdfind 1.3.4
c0e0c77 glmark2: Fix build error due a missing space before a macro
ce01b0a imagemagick: upgrade patchset
c4ff1c9 smartmontools: 6.4 -> 6.5
84e0dbe sg3-utils: 1.41 -> 1.42
f2f1b91 rrdtool: 1.5.4 -> 1.6.0
1cb3cdc python-six: Add native and nativesdk to BBCLASSEXTEND
c0fe31f python-certifi: Add native and nativesdk to BBCLASSEXTEND
88d9c59 python-pyopenssl: Extend recipe to support Python 3
80b2d4d samba: blacklist, fails to build with new binutils-2.27
df531c5 accel-ppp: blacklist, fails to build with new binutils-2.27
d0f90f8 crda: fix QA Issue: No GNU_HASH in the elf binary
fab248a openvpn: 2.3.8 -> 2.3.9
3143193 squid: don't do squid-conf-tests at build time
615872a inetutils: fixes for ipv6 feature
20681ef znc: control ipv6 support based on DISTRO_FEATURES
940a621 wolfssl: control ipv6 support based on DISTRO_FEATURES
59a9d6f tnftp: control ipv6 support based on DISTRO_FEATURES
513ae03 tftp-hpa: control ipv6 support based on DISTRO_FEATURES
bbba35e stunnel: control ipv6 support based on DISTRO_FEATURES
020db7d squid: control ipv6 support based on DISTRO_FEATURES
23b7656 ntp: control ipv6 support based on DISTRO_FEATURES
823570b mtr: control ipv6 support based on DISTRO_FEATURES
021e60b daq: control ipv6 support based on DISTRO_FEATURES
2e10d8f cyrus-sasl: control ipv6 support based on DISTRO_FEATURES
d4b6c7d chrony: control ipv6 support based on DISTRO_FEATURES
c13a706 iscsitarget: fix QA warning for GNU_HASH
1157490 ipvsadm: fix QA warning for GNU_HASH
490d792 yp-tools: fix compile errors
c7e8da3 squid: add missing patch header
e3a0a0b postfix: 3.0.3 -> 3.1.1
908a27c lftp: 4.6.3a -> 4.7.3
215740d ifenslave: upgrade to 2.7
13434cb wireshark: update to 2.0.5
291946d directfb: add PACKAGECONFIG for inputdrivers
0d4f922 geany-plugins: blacklist because of QA issues
e19c4ab tracker: blacklist, fails to build with new binutils-2.27
939b83a gnome-menus, gnome-panel3, gnome-control-center: blacklist, gnome-menus fails to build because of python
8c29023 gpsd, foxtrotgps: blacklist, fails to build with new binutils-2.27
c63f9c4 openwsman: 2.6.2 -> 2.6.3
bb7101e lua: 5.3.2 -> 5.3.3
038a6e7 thin-provisioning-tools: add version 0.6.3
2e386b7 lvm2: tweak MODPROBE_CMD for cross compile
99d4505 php: update to 5.5.38 and 5.6.25
cfbbe3f gnome-keyring: Turn off QA check dev-elf
40a075a python3-jsonschema: set dependency to vcversioner
2cdd3d6 python3-vcversioner: add recipe
2fe1b29 asio: fix musl compilation (strerror_r)
cc9b89f networkmanager: 1.0.10 -> 1.0.12
353a8c3 mcelog: 1.09 -> 1.40
709bd23 mailcap: 2.1.45 -> 2.1.46
f119c2a gtk-doc: disable where necessary
13b511c gnome-control-center, gthumb: correctly remove a file from the source tree
3b0093c libglade: add a recipe from oe-core
19dc711 krb5: Fix S4U2Self KDC crash when anon is restricted
0887841 vim: split tools directory into vim-tools package
ac960a6 openldap: 2.4.43 -> 2.4.44
bf918d5 libhugetlbfs: add libhugetlbfs-perl to RDEPENDS
aedcb85 gitpkgv: Fix $GITPKV for a single named git source
996f296 nodejs: update to 4.5.0
5dbdf0c xfce4-mailwatch-plugin: control ipv6 support based on DISTRO_FEATURES
20d4b5c cherokee: control ipv6 support based on DISTRO_FEATURES
a37ad37 php: control ipv6 support based on DISTRO_FEATURES
07539fb iperf: control ipv6 support based on DISTRO_FEATURES
ad30a26 geis: Add python3-argparse module to RDEPENDS
010d99d efivar: fix PIC not found
26b1013 python-requests, python3-requests: Update to version 2.11.1
ed70cd5 python-pysocks, python3-pysocks: Add recipe for version 1.5.7
43895d9 python-prompt-toolkit, python3-prompt-toolkit: Add recipe for version 1.0.6
97691e5 python-ndg-httpsclient, python3-ndg-httpsclient: Add recipe for version 0.4.2
70978e3 python-wcwidth, python3-wcwidth: Add recipe for version 0.1.7
83fb5cc python-py: Extend recipe to support Python 3
9dda623 python-pytest: Extend support to python 3
1d68def python-pretend: Extend recipe to support Python 3
7d5ec62 python-iso8601: Extend recipe to support Python 3
c4728e0 python-cryptography-vectors: Extend recipe to support Python 3
2eb51b6 python-urllib3: Extend recipe to support Python 3
6a144af python-pyopenssl: Extend recipe to support Python 3
775a576 python-pycparser: Extend recipe to support Python 3
96b1670 python-pyasn1: Extend recipe to support Python 3
57ce75d python-idna: Extend recipe to support Python 3
559ec40 python-cryptography: Extend recipe to support Python 3
445e595 python-cffi: Extend recipe to support Python 3
90eedcc core-image-minimal-xfce: add kernel modules to image
2892bd6 vboxguestdrivers: Add recipe for vbox 5.x
fef7b1f libqb: 0.17.1 -> 0.17.2
7e8eb9a yaffs2-utils: fix QA warning for GNU_HASH
62799e1 libnet-dns-perl: 0.81 -> 1.06.
c0e4ad7 nodejs, arm: map TUNE_FEATURES to --with-arm-fpu parameters
dcba10c nodejs: use shared zlib instead of bundled one
0a2bd4f poco: update to 1.7.4
bd9f653 Revert "testfloat: Fix No GNU_HASH in the elf binary warnings"
8579f18 testfloat: Fix No GNU_HASH in the elf binary warnings
dc48e76 meta-oe: remove trailing spaces
303a585 meta-oe: remove PR = "r0"
289217b meta-oe: fix indentation
f2bec07 nginx.inc: use 4 spaces for indentation
8e6425c nginx: optimize systemd unit file
6c7c69c spitools: bump git revision (SRCREV)
7988dfe collectd: make /etc/collectd.conf a CONFFILE
8885e4a testfloat: Fix No GNU_HASH in the elf binary warnings
c4ea812 wipe: fix QA warning for GNU_HASH
7fdf353 libx86-1: fix QA warning for GNU_HASH
107689a meta-oe: Standardize use of "_append" versus use of "+="
1a2cfa6 libdbi-perl: 1.634 -> 1.636
3c598be libedit: 20150325-3.1 -> 20160618-3.1
60b675a hwdata: 0.288 -> 0.291
b7ab152 python-jsonschema, python3-jsonschema: Add recipe for version 2.5.1
25b5e35 python-strict-rfc3339, python3-strict-rfc3339: Add recipe for version 0.7
9756c90 python-functools32: Add recipe for version 3.2.3-2
6713a6b python-webcolors, python3-webcolors: Add recipe for version 1.5
06b06a3 python3-requests: Add native and nativesdk to BBCLASSEXTEND
7fdedb7 python3-click: Add native and nativesdk to BBCLASSEXTEND
f0c1242 python-rfc3987, python3-rfc3987: Add recipe for version 1.3.6
6e17cf0 python-progress, python3-progress: Add recipe for version 1.2
4efb76b gperftools: upgrade to 2.5
41abb7e dialog: 1.2-20150920 -> 1.3-20160424
c7419bb ctapi-common: 1.1-11 -> 1.1-14
1c080cc corosync: 2.3.5 -> 2.4.0
0ebc756 python-requests: update to version 2.11.0
ccae17a python-monotonic: fix RDEPENDS for minimal python install
6fea657 python-monotonic: update to version 1.2
52cb4d5 python-jsonpatch: Fix RDEPENDS to work on minimal python install
3c20885 python-jsonpatch: update to version 1.14
7cf433a python-daemonize: update to version 2.4.7
7d12dd4 opensc: update to version 0.16.0
30ef6ad libp11: update to version 0.4.0
1aaa57e engine-pkcs11: update to version 0.2.2
dcf56c9 utouch-mtview: remove blacklist
0fcdae1 utouch-frame: fix build errors associated with xmllint
469a6ca nginx: PACKAGECONFIG for httpv2
9e78e4b thunar-volman: Fix build with clang
b415e2a udisks2: Update to 2.1.7
30eb09f libgphoto2: Fix build when security flags are enabled with clang
46248dc php: fix aclocal-copy aclocal-copy
63d1973 python-pymisp: Update to version 2.4.49
1df4b34 python-lxml: update to version 3.6.1
622788e python-cython: update to version 0.24.1
e38635e python-certifi: update to version 2016.8.8
d1ebcbc gd: update to version 2.2.3
bb689de imagemagick: Add new PACKAGECONFIG for graphviz
8900925 libp11: fix fetch error.
ec66063 imagemagick: upgrade from 6.9.2 to 7.0.2
02a390b tnftp: tnftp20130505 -> tnftp20151004
5fdc25a proftpd: 1.3.5a -> 1.3.5b
5793d60 libnftnl: 1.0.5 -> 1.0.6
af7893c radvd: 2.11 -> 2.14
4c8b9e1 geoipupdate: 2.2.1 -> 2.2.2
999f6c4 geoip: 1.6.6 -> 1.6.9
617d495 dovecot: 2.2.21 -> 2.2.25
10a1066 dnsmasq: update to version 2.76
e86c7ef opensaf: make sure /etc/init.d/opensafd exist
35326fa samba: upgrade to 4.4.5
6555c34 libldb: upgrade to 1.1.27
174a083 ctdb: upgrade to 2.5.6
e37d93f libtdb: upgrade to 1.3.10
80d23a2 libtevent: upgrade to 0.9.29
4e0bc78 libtalloc: upgrade to 2.1.8
fcdd7e2 quagga: 0.99.24.1 -> 1.0.20160315
74d994e samba: remove ${localstatedir}/log
2cf000c wireless-regdb: update 2014.11.18 -> 2016.06.10
2ea482d crda: split wireless-regdb out into own recipe
1ea6e9a proftpd: fix system account login failure
4307c6a squid: fix configure host contamination
f849b9f utouch-frame,utouch-mtview: Blacklist
b76cee6 ninja: update to version 1.7.1
10670f5 xf86-video-ati: Set RRECOMMENDS to linux-firmware-radeon
894f7ce gateone: remove custom prefix for /var
fdeb947 glog: Update to version 0.3.4
32e7012 gflags: New recipe
6752cba python-pygobject: update to version 3.20.1
66e6830 hiawatha: update to version 10.3
1a8e7aa hiawatha-init: create log directory during init
3146e64 evtest: update to version 1.33
f1dcff4 espeak: fix package for gcc6
42dd9f3 pidgin: upgrade to 2.11.0
7f30230 efivar: 0.23 -> 0.24
2ad60db nginx: update to version 1.11.3
ea75c65 nginx: add the LDFLAGS to the link arguments
2646e97 epeg: update to the latest version
5a81915 dstat: update to version 0.7.3
355cdb7 libmbim: update to 1.14.0
e22b9e0 upower: update to version 0.99.4
d95a980 devicekit-power: remove obsolete package that was migrated to upower in 2010
7c25fa4 daemonize: update to version 1.7.7
5f9728d cryptsetup: update to version 1.7.2
7151a9d breakpad: disable ppc from being built.
7e2e442 mongodb: failes to build on ppc
8ddc1b0 concurrencykit: fix fetch errors.
ff38717 openwsman: fix fetch error.
87cc923 engine-pkcs11: fix fetch error
35d56a1 libmicrohttpd: update 0.9.49 -> 0.9.50
03220d6 ttf-lklug: add version 0.6-14.20090803cvs.fc24 to support Sinhala language
185f576 ttf-lohit: add version 2 to support Indian languages
8cb799e fontforge-native: support python module
59d7086 ttf-abyssinica: add version 1.500 to support Amharic language
98c0577 glmark2: Fix gcc 6 deprecated declaration error
c29c7ed glmark2: Fix gcc 6 configure error
9405f93 libmodbus: update to upstream develop version 3.1.4
886a5da opencv: Fix build with gcc 6.0
2e0332c rygel: add intltool-native dependency
ed969f3 gparted: add intltool-native dependency
c598865 libgxim: add intltool-native dependency
0cd0b09 networkmanager-openvpn: add intltool-native dependency
6a6438b gnome-bluetooth: add intltool-native dependency
9dd576b dconf: add intltool-native dependency
3d0ca85 gupnp-tools: add intltool-native dependency
9e92fdc gegl: add intltool-native dependency
c16a8d6 gtksourceview2: add intltool-native dependency
8d84f58 geoclue: add missing intltool-native dependency
5f7fc33 gnokii: add missing intltool-native dependency
e231b02 libgit2: add a recipe for libgit2 version 0.24.1
fdb1bbe daemontools: fix QA Issues for daemontools and fix a warning for daemontools-native
92c500e postgresql: 9.4.5 -> 9.4.8
aff7b7e ccid: update to version 1.4.24
5d05955 asio: update to version 1.10.6
8bed54a Revert "gnome-disk-utility: blacklist because of avahi-ui"
70e7f34 meta-gnome/layer.conf: enable gtk for avahi-ui
4947695 xerces-c: upgrade to 3.1.4
b0ae995 ninja: support target builds
41414e0 adduser: upgrade to 3.115
7f4f2d7 grubby: fix no GNU_HASH warning
e48d02b network-manager-applet: addmissing intltool-native dependency
1d41fe4 mozjs: Fix incorrect usage of PN.
db97c32 gedit: remove blacklist caused by gtksourceview2 / fix/cleanup build
2ed31c7 modemmanager: update to 1.6.0 and unblacklist - libqmi was fixed
5b5bad7 libqmi: update to 1.16.0
2c86452 libgnomeui: update to 2.24.5 / fix build on gcc6 / cleanup
e9bf73f nostromo: add dependency for nroff used during compile phase
aac86aa nostromo: remove useradd of a user already provided by base-passwd
da81d9e proftpd: return stderr to syslog
bc8fd52 ntp: make ntp and alternative for ntpd
32a6fd4 samba: inherit update-rc.d to manage init script
8b28f07 bridge-utils: various build fixes (musl & CFLAGS)
9fb484e proftpd: clean the host path in prxs
85d96d1 proftpd: fix PACKAGECONFIG settings
f8dd8cd proftpd: start at boot time
4c854d2 wireshark: inherit perlnative
03b76ca squid: upgrade to 3.5.20
fa2c10c curlpp: fix QA issue for cav-octeon3
3683e46 snort: fix to remove from blacklist
b2eae93 meta_networking_security_flags.inc: add weak assignment for lcl_maybe_fortify
abf5445c meta-networking: override SECURITY_CFLAGS for c-ares
6204c13 c-ares: use our compilation flags
53794a7 atftp: do not create user nobody
7e4f225 python-mccabe: Remove unnecessary setup_requires pytest-runner
6cb4eb3 mercurial-native: upgrade to 3.8.4
7482f2d libssh2: Add native to BBCLASSEXTEND
cfdf135 nostromo: update to version 1.9.6
181f5f8 webmin: upgrade to version 1.801
df5141a libssh2: upgrade to 1.7.0
d71cccd libssh: upgrade to 0.7.3
d98b1a3 sysbench: add new recipe
a720b93 libnih: add new recipe to meta-oe
26fbc9b libebml: fix do_unpack failure
8f4c447 packagegroup-tools-bluetooth: Fix incorrect LIC_FILES_CHKSUMs
30eab2d xfce4-vala: unbreak by telling configure new vala API version
6255219 mariadb: upgrade to 5.5.50
4b24a6c psqlodbc: Add the new recipe
8bb4a8b unixodbc: Add the new recipe
f9f8578 efivar: add COMPATIBLE_HOST item
f5da671 x11vnc: fix do_patch failed
292d8f1 Revert "postgresql: blacklist because tcl in oe-core is broken for last month"
b142ab5 python-imaging: Fix CVE-2016-2533
6398643 juce: Improved juce class and recipes
3bbc28d juce: Added support for JUCE framework
ca6edca python-pygpgme: update tests
8dca4ab python-pygpgme: update ptest output format
9bf3e36 collectd: replace deprecated readdir_r() with readdir()
5ed0925 makedumpfile: add makedumpfile 1.6.0
a63b404 minicoredumper: add the recipe
014c361 grubby: add grubby 8.40-1
520610b xfce4-terminal: add dependency on vte9-termcap
1a6e6a9 phpmyadmin: upgrade to 4.6.3
aa01ab9 php: update to 5.5.37 and 5.6.23
0b6853f ttf-vlgothic: add a ttf font
5a319d3 ttf-liberation-sans-narrow: add a ttf font
06e58b6 cfengine: add recipe and base policy
898b397 tokyocabinet: add recipe
00f6dc9 poco: update to 1.7.3
958bfe3 contrib: add MIPS_INSTRUCTION_SET
ba733d1 klibc: fix install destination in 64bit env
eeaf3dd uw-imap: use cross-tools to create static library
4c03228 augeas: Move from oe-core
74466fc libsodium: Update to 1.0.10.
d0c4bdc zeromq: Update to version 4.1.5.
7707dd5 apache2: update to version 2.4.23
97e2e15 freeglut: add opengl to REQUIRED_DISTRO_FEATURES
9efd12b nginx: update to version 1.11.2
96fd3c5 mousepad: remove blacklist caused by gtksourceview2
ca36344 gtksourceview2: fix build with gcc6
a1647ea Mpd: use libsystemd
273be2e directfb: move recipe to meta-oe
37e1dd1 sshfs-fuse: update to 2.8
20df863 nodejs: update to 4.4.7
d209e32 x11vnc: remove redundant RPATH to fix QA issue
e7aeb11 libxfce4ui: Use native intltool for building the lib
b813911 cpuset: add new python package
ecf41ac libmad: add the recipe
1f87c7f mpg123: remove the recipe
5c69367 python-flask-bootstrap: update to version 3.3.6.0 and fix RDEPENDS
9d1d1e8 python-flask-navigation: update package RDEPENDS
06c87ef python-flask-bcrypt: update package RDEPENDS
01b7c1d python-flask: update RDEPENDS to include python-click
d070f5a python-click: add recipe for the python click package required by the new version of flask
a7195fc python-feedformatter: add package RDEPENDS
7ebe715 python-evdev: update to version 0.6.1 and add package RDEPENDS
18d5f11 python-feedparser: add package RDEPENDS
878ec0c python-epydoc: add package RDEPENDS
2daf0b0 python-dominate: update to version 2.2.1 and fix RDEPENDS
786b54e python-flufl-enum: remove deprecated package
468e565 python-django-south: add package RDEPENDS
795dc3f python-django: update to version 1.9.7 and add the required RDEPENDS
ac2336f python-dbusmock: update to version 0.16.6 and update required RDEPENDS
3cac200 python-cmd2: update RDEPENDS to pull in required packages
ae9a0c5 python-cryptography: update to version 1.4 and remove patches now available with the latest release
d212af4 lirc: inherit python3native instead of pythonnative
5e18b65 python-cffi: update to version 1.7.0
ca90791 python-decorator: add package RDEPENDS
9a3bf8e python-backports-ssl: add package RDEPENDS
8cde32a python-bcrypt: update to version 3.1.0
9c00cf3 python-six: update RDEPENDS to work on both python2.7 and python3
8d55746 python-werkzeug: update RDEPENDS to work for minimal python2.7 and python3
df36dff pyrtm: Add RDEPENDS to the package
04923b4 pyrtm: update to version 0.4.2
97f8a24 python-pyephem: add RDEPENDS to package
d27ad56 python-ujson: correct RDEPENDS to pull in needed python packages
63ebe28 python-urllib3: correct RDEPENDS to work on a minimal python instance
aa16b31 python-urllib3: update to version 1.16
b7efea7 python-vcversioner: add RDEPENDS for the package
bc892fb python-vcversioner: update to version 2.16.0.0
045d79e python-visitor: update to version 0.1.3
569cab0 python-vobject: add RDEPENDS for the package
5b4b806 python-vobject: update to version 0.9.2
f8ccd64 python-werkzeug: update to version 0.11.10
39fdd2e python-wtforms: add RDEPENDS to work correctly in minimal python environment
8f85bf0 python-wtforms: update to version 2.1
53f8a49 python-yappi: correct RDEPENDS to work on a minimal python install
d04adba python-zopeinterface: update to version 4.1.1
4e52a2e python-tornado: remove deprecated version 2.2.1
001dad1 python-xlrd: add RDEPENDS to allow module import with a minimal python install
5cfe9e7 python-xlrd: update to version 1.0.0
812162c meta-python: Add Derek Straka as a maintainer
4b65102 python-imaging: Add patch to fix host sysroot fails
f735a9c python-setuptools-scm: Add python-setuptools-scm bb
a9b7ae5 python-pytest-runner: Add python-pytest-runner bb
45baacb python-mccabe: Add python-pytest-runner dependency
8027e53 python-mock: Add python-pbr-native dependency
093d271 python-pbr: Add python-pbr bb
4fbb4d2 net-snmp: initscripts are located in net-snmp-server-snmp package
582eddb net-snmp: fix snmpd crash via AgentX connection
a27d4a7 openconnect: PACKAGECONFIG certain dependencies
303d9ea python-pyserial: update to version 3.1.1
e4691bb python-pymisp: update to version 2.4.48.1
116d715 python-flask: upgrade to version 0.11.1
0f89c4b python-decorator: update to version 4.0.10
5f92f38 python-yappi: add a recipe for a python profiler
45fc7c1 python-pyephem: update recipe to use the pypi class
1bef833 python-m2crypto: update recipe to use the pypi class
14e11e7 python-pyro4: update recipe to use the pypi class
7edad4d pypi: update the base pypi url to use the package info without requiring the hash
216e956 netmap: blacklist
b6e805c Samba: use only libsystemd
6b2fc93 lftp: fix issues with multiple signbit definitions and remove from the blacklist
3647a2c crda: fix errors about unused variables and remove from the blacklist
1cb7275 gnome-terminal, toscoterm, vala-terminal, xfce4-terminal: use vte9
ce37942 vte9: Add old vte into meta-oe
377d67a gtest: fix installation in multilib
5cdb839 gnome-disk-utility: blacklist because of avahi-ui
7a925f7 analyze-suspend: Bump to latest Git version
0e10dc7 efl e-module.inc: fix fetching in multi-lib configs
c29c8e3 krb5: add systemd support
016e748 Revert "python-pygobject, python-cloudeebus, python-dbusmock: Blacklist because of python-pygobject is broken"
0963084 python-cloudeebus: fix do_compile failure
c06411f python-pygobject: fix do_configure failed
64d874f libebml: don't rely on make -e, obey LDFLAGS
cff7a47 vboxguestdrivers: obey LDFLAGS
55dfb1b epdf, evince, tracker, gimp, tumbler: Remove blacklist caused by poppler build failures
979760c evince: fix build errors with gcc-6
675d1df poppler: fix ambiguity on math functions related to gcc-6
9b9eb83 faac: address gcc-6 narrowing errors via an explicit cast
d516719 libqmi: update to version 1.14.2
559c14a crash: update to version 7.1.5
80def85 geis: add a patch to fix incorrect indentation issues and remove -Wno-error=misleading-indentation
90488aa tvheadend: add a patch to fix issues with gcc 6 and drop the -Wno-error=misleading-indentation
d24e984 p7zip: update to version 15.14.1
0647b7d iperf: resolve issues with gcc6
e092a95 v4lutils: Update to latest upstream
9222832 libgphoto2: correct compatibility issues with libjpeg-turbo-1.5.0
7e8e0fb python-pyephem_3.7.6.0.bb: Add new recipe.
19ef3af gtk-engines: Move from oe-core
9cd117a chrony: Versatile implementation of NTP
5c8efcc curlpp: fix build with gcc-6 and remove blacklist
f316c4a wireshark: update to 2.0.4
13db3c6 ntp: Security fixes via Upgrade to 4.2.8p8
f0756d1 crda, lftp, curlpp: blacklist, fails to build with gcc-6
0561402 libgphoto2, v4l-utils: blacklist, not compatible with libjpeg-turbo-1.5.0
c119940 grail: update to version 3.1.1
ee42aeb fwts: add CFLAG to ignore misleading indentations
629d67a geis: add CFLAG to ignore misleading indentations
0aac049 tvheadend: add CFLAG to ignore misleading indentations
baa1ab2 fbreader: fix return code issue on gcc6
47e84b3 tcsh: fix the wait definition to support gcc6
87fc6bb geos: use std::isnan to support gcc6
aebac65 libeigen: update to 3.2.8
03f0be6 mpv: use waf.bbclass
7d399ca mpv: add DESCRIPTION
431ec7e libcgi-perl: add version 4.28 to provide perl-module-cgi
af6af86 redis: fix hiredis build so it's less failure-prone and links properly
548effe ruby.bbclass: Fix usage with python3
44ea80d postgresql: blacklist because tcl in oe-core is broken for last month
b0fae32 python-pygobject, python-cloudeebus, python-dbusmock: Blacklist because of python-pygobject is broken
33fc64c faac, iperf, crash, espeak, open-vcdiff: blacklist, fails to build with gcc-6
25a78e5 abiword, fbreader, tvheadend, glmark2, libqmi, modemmanager, thrift, wvdial, wvstreams, dt, collectd, gtkmathview, tcsh, glcompbench, geos, libspatialite, geis, grail, opencv, openwbem, fwts: blacklist, fails to build with gcc-6 or glibc-2.24
d78c521 evince, epdf, gdm, gnumeric, libgnomeprint, tumbler, gedit, gnome-panel, gnome-session, gnome-terminal, libgnomecups, gtksourceview2, libgweather, libgnomeui, tracker, gimp, poppler, mousepad, goffice, tasks: blacklist, fails to build with gcc-6
25e9400 fwts: Remove 14.09.00, newer 14.12.00 is in recipes-test
6dcee71 elementary, evas-generic-loaders: Drop poppler dependency
5221399 mpv: Media Player
1847d0b libass: add newer version
e781f8e mpd: update to 0.19.15
d609617 meta-oe: override SECURITY_CFLAGS for llvm3.3
f90b8d3 toybox: Upgrade to 0.7.1
3ff2e22 libftdi: update to 1.3
8b32e60 nginx: update to version 1.11.1
98c4e4f nginx: update stable version to 1.10.1
b5091a1 python-tornado: add missing python2 runtime deps
7650008 python-singledispatch: initial recipe for version 3.4.0.3
4c110ff python-backports-abc: initial recipe for version 0.4
4594d24 syslog-ng: expand service file @variables@ earlier
b27938b opencv: Reorder PACKAGES variable
d0952ad opencv: Make gphoto2 dep optional via PACKAGECONFIG
24fe575 abiword, gnome-vfs: Use print as a function
80cf5e0 netmap-modules: Avoid type warning with python v3
55cb2ec gitkpkgv: Ensure files are closed
b4d7caa gnome-doc-utils-stub: add a recipe
f0de8ed cmpi-bindings: fix build with python 3
a18991d python-pygobject: add a recipe
4f93338 python-pyrex: add a recipe
56a4d21 python-imaging: add a recipe
25a0003 python-dbus: add a recipe
f9ce43c Remove unnecessary exports of HOST_SYS and BUILD_SYS in python-based recipes
e5f01ca nano: fix license to GPLv3.
240e2eb plymouth: allow disabling the dracut dep
852cd67 luajit: fix build issues, obey more vars
0cce9fe efivar-native: fix compile failure with older host gcc (<=4.6)
25f31a5 nodejs: update to 4.4.5
ff41698 gnome-menus: Fix QA warnings.
c2c895e python-simplejson: change to setuptools
350bd0b dvd-apps: Fix several QA WARNINGS
6de06e4 geany-plugins: fix build
7be16bc libldb: add missing libaio dependency
126e48c libtalloc: add missing libaio dependency
81f3fb0 libtdb: add missing libaio dependency
18a1d69 libtevent: add missing libaio dependency
a6a3671 cifs-utils: make samba conditional dependency
d765990 netcat-openbsd: fix qa warning
a2256bb esmtp: Fix rootfs creation errors
7832c67 postfix: Fix rootfs creation errors
62e3df2 netkit-rsh: fix build issue.
880c3dc opensaf: update to 5.0.0
d46c89a squid: CVE-2016-4553
9a13040 ntp: avoid floating dependency on mdns (aka mDNSResponder)
387824f openct: Fix rootfs creation errors
e49c2c2 iptraf: Fix rootfs creation errors
5ec8663 fontforge: add back gnulib to DEPENDS
5adc7db florence: move to latest GTK2 version 0.5.4
5cc904b python-thrift: update to version 0.9.3
ad7fb0f python-urllib3: update to version 1.15.1
9a527fc python-pyudev: update to version 0.20.0
79174d7 python-pytz: update to version 2016.4
2383776 python-pyroute2: update to version 0.3.22
9e37a25 python-pyparsing: update to version 2.1.4
faa6511 python-pyopenssl: update to version 16.0.0
b1ca690 python-pyflakes: update to version 1.2.3
00ec1d5 python-psutil: update to version 4.2.0
3fe43f5 python-pip: update to version 8.1.2
b031bef python-monotonic: update to version 1.1
852f2a7 python-mock: update to version 2.0.0
81b3aa3 python-greenlet: update to version 0.4.9
beb3060 python-enum34: update to version 1.1.6
80517d2 python-cffi: update to version 1.6.0
87c914b python-backports-ssl: update to version 3.5.0.1
ab22ea3 sthttpd: update to 2.27.0
02b52ee freeglut: Add a recipe freeglut to replace mesa-glut
bb26012 mesa-glut: Remove the recipe
b917018 assimp: Add recipe for Open Asset Import Library
21a9e43 initramfs-kexecboot-klibc-image: Skip for nios2
f6db877 x11vnc: remove old libtool macros from acinclude.m4
a3d4309 networkmanager: add missing dep on dbus-glib-native
0839562 networkmanager: add missing dep on intltool-native
b22c290 openlmi-networking: add missing dep on konkretcmpi-native
4972132 mg: stop relying on make -e
2318f8e llvm: make llvm-config wrapper error message more understandable
4ff633a uim: Fix Warning
35c3f12 geany-plugins: initial add 1.27
1d4d6e7 geany: update to 1.27
5ce609f poppler: update to 0.43.0
207e971 python-cryptography: fix compile issue with openssl 1.0.2h
33f5a5b apache2: fix libtool's path in apxs
5e5e66d python-requests: update to version 2.10.0
319bbc1 python-pymisp: update to version 2.4.36
9aa6735 python-flask-login: update to 0.3.2
ae20c6d python-flask-pymongo: update to 0.4.1
daf619e rrdtool: only unset PERLHOSTLIB in do_configure
5ad18c4 pytest: fix runtime issues.
569b11c obexftp: mark as compatible with bluez5
5da9408 krb5: fix uninitialized variable warning
87084fe libhugetlbfs: enable build for x86-32
c9c82d3 efivar: fix unknown option while gold linker used
beac69f efibootmgr: sync with upstream while efivar upgraded to 0.23
f0a1e61 efivar: fix do_install failed
d68c687 efibootmgr: update and unblacklist
fe4cb8b efivar: update to 0.23
bee16ff gnulib: bump git revision
44a13e6 libsoc: update to 0.8.1
901b9a2 libxkbui: Fix license WARNING
09ccbeb python-numeric: Add LLNL license
df2e3bb netcf: unconditionally remove gnulib dir to support reconfigure
8fe7d1e proftpd: fix mod_tls build issue
37297c3 nbd: fix LIC_FILES_CHKSUM
23ce88c znc: fix QA issue and remove from blacklist
0939421 netcf: fix mishandling of gnulib submodule causing build fail
00ec8bc autotools-bootstrap: make bootstrap package specific.
273d797 wireshark: Fix new QA Error
8b5662b curlpp: fix recipe
2f3a499 nodejs: update to 4.4.4
3384b41 upower: fix WARNING
76754d0 libwnck: fix WARNING
631efea python-dateutil: update to version 2.5.3
e62215e pypi: update the pypi class to support the updated URL scheme
ef735bb acpitests: Fix license issue
c45e8a3 tracker: update run-time dependencies
0f808a9 tracker: add missing depends for intltool-native
aebbd94 tracker: add a patch to support giflib 5
1bc1405 libnice, farsight2: unblacklist as libnice's nice.pc issue fixed.
786ab84 wvstreams: fixing segfault with new gcc optimizations
102e699 llvm3.3: Disable auto -dbg packages
5397ae5 packagegroup-tools-bluetooth: Selects the tools appropriate for the version of bluez being used.
4adec18 lmbench: avoid gcc optimize-away multiplication
35c7a5b leptonica: add PACAKGECONFIG for openjpeg
f347220 leptonica: update to version 1.73
904fd8d giflib: update to version 5.1.4
a6c172e poppler: add --std=c++11 to fix build with Qt 5.7
9087a59 pidgin: use pkg-config instead of hardcoded paths or python-config
fc1ee27 pidgin: add PACKAGECONFIGs
2ff8e7e pidgin: Update to 2.10.12
0980690 toybox: Upgrade to 0.7.0
3391c2e toybox: Remove out-of-date patch
be3d4c0 rrdtool: fix do_configure failure on some hosts
b957e27 python-pyparsing: modify build to correctly use setuptools rather than distutils
3132af1 opencv: Fix metapkg dependencies for opencv-java and opencv-locales
5bece73 fbreader: add cflags fix for fribidi 0.19.7
821414a protobuf: split package to main and compiler packages
3bae88a protobuf: add protobuf-c recipe
a78aebb packagegroup-tools-bluetooth.bb: Selects the tools appropriate for the version of bluez being used.
c7265a6 glmark2: wl_surface should be destoryed after destroying wl_window
f4ee554 xfce4-eyes-plugin: update to 4.4.5
d2e10b7 xfce4-cpufreq-plugin: update to 1.1.3
e211113 fluidsynth: set correct portaudio packageconfig dependency
7632939 xfce-polkit: fix warning not able to copy license
b86f2fa meta-xfce: add intltool-native to DEPENDS
c31ccab vim: Upgrade to v7.4.1689
6c0caad tinymembench: update to version 0.4.0 plus bug fixes
72c6229 nginx: update to version 1.9.15
e7ead2b nginx: update stable version to 1.10.0
c1ede48 iperf3: update to version 3.1.2 plus bug fixes
3df0760 iozone3: update to version 434
a29cece fio: update to version 2.9
4a47738 fribidi: update to version 0.19.7
7af4e55 sox: dep on ffmpeg, not libav
0307151 syslog-ng.inc: fix prerm script & class includes
1bd027e sblim-sfcb: add missing dependency on unzip-native
c22af99 libmicrohttpd: update to 0.9.49
c16b6e6 fluentbit: add new recipe
cdd326f fbida: use separate builddir
e03e5d6 netdata: replace deprecated 'base_contains' with 'bb.utils.contains'
546d55d netdata: fix whitespace in the patch that caused failures when applying
23a1c2e netdata: add new recipe
831f710 ltrace: Remove deprecated readdir_r()
a61cb51 ltrace: Error Fix for ARM
53adf32 thrift: Add recipe for Apache Thrift.
f79a851 squid: CVE-2016-3947
275b6c3 meta-networking: use bb.utils.contains() instead of base_contains()
7a9c626 wireshark: update package to 2.0.3
abc6e49 rp-pppoe: Fix rootfs creation errors
1296817 openconnect: add missing dependencies
6830c3b proftpd: CVE-2016-3125
f59daf6 samba: remove dependency on ctdb
8cd5bc5 ntp: Security fixes via update to 4.2.8p7
ce61eea dovecot: fix QA issue and remove from blacklist
73fa6a9 net-snmp: enable ipv6 support
aa8e156 samba: fix paths in sysv initscript
ffeb84e samba: fix QA warnings.
6fbaf07 mozjs: fix configure host contamination
b5a7dfb mariadb: Fix rootfs creation errors
d1be64c wayland-fits: update, get out of PNBLACKLIST
0d857a1 hwdata: add new recipe
98951db rsnapshot: use ${bindir} as rsync location
1e17ae1 mozjs_17.0.0.bb: Fix do_srpm error
4d6c013 krb5-CVE-2016-3119.patch
c16d59f xfce4-weather-plugin: update to 0.8.7
18e5f63 xfce4-whiskermenu-plugin: update to 1.5.3
eeac9ad poppler: update to 0.4.1
dad9a78 meta-initramfs: use bb.utils.contains() instead of base_contains()
aa72c9e meta-gnome: use bb.utils.contains() instead of base_contains()
0d7c615 meta-efl: use bb.utils.contains() instead of base_contains()
ab9f4d9 meta-multimedia: use bb.utils.contains() instead of base_contains()
f08b75f meta-xfce: use bb.utils.contains() instead of base_contains()
e5c807b meta-webserver: use bb.utils.contains() instead of base_contains()
21f10c1 meta-oe: use bb.utils.contains() instead of base_contains()
723b55f libubox: update to the latest git version for bug fixes
b188239 concurrencykit: update to version 0.5.1
2675ade bootchart: update to 1.17
08f7d59 libgee: update to the latest stable version (0.18.0)
819f73f log4cplus: update to version 1.2.0
3be4e86 libio-pty-perl: update to version 1.12
5d67ab6 libxml++: update to the latest stable version (2.38.1)
85c72f4 python-parted: update to version 3.10.7
d95712f mozjs: fix armeb builds
63606ed initramfs-{debug,kexecboot}-image: zero out the rootfs_extra_space in initramfs images
33fc545 gtest, gmock: allow building gtest-native and gmock-native
969cd47 crash: add cross package
ff70a60 Add simple-mtpfs recipe
834392b python-visitor: Add recipe for version 0.1.2
d3767d9 python-netaddr: Add recipe for version 0.7.18
5a20e87 python-dominate: Add recipe for version 2.2.0
71dcf41 flite: fix license issue.
7a7863b xcursorgen: fix License issue
40d7128 udisk2: fix build issue with missing depends
fb30db6 nodejs: update to 4.4.3
6475f14 apache2: update to 2.4.20
1eac35d libmodbus: add support for the libmodbus development release
9676ebb python-wtforms: Add recipe for version 2.0.2
49b3517 python-pam: Add recipe for version 1.8.2
4be7006 python-flask-wtf: Add recipe for version 0.12
3e4ecdd python-flask-sqlalchemy: Add recipe for version 2.1
381d498 python-flask-navigation: Add recipe for version 0.2.0
962e2ab python-flask-bootstrap: Add recipe for version 3.3.5.7
00d5837 python-flask-bcrypt: Add recipe for version 0.7.1
5a7f267 python-blinker: Add recipe for version 1.4
cb95c5e python-bcrypt: Add recipe for version 2.0.0
bfa6d1c umip: unblacklist and disable parallel make
bbb8373 nginx: update to 1.9.14
d436de8 llvm: correct fix for the multilib libdir
6336472 python-whoosh: update to 2.7.4
fdb2b66 python-decorator: update to 4.0.9
3fa8c30 python-dateutil: update to 2.5.2
4a90cbc python-cython: update to 0.24
ead0d3b krb5: add native and nativesdk extend
c073b9a ne10: use bb.debug for debug messages
54a18a0 libbonobo.inc: add libbonobo-bin package by lib_package class
d5e7b4b libhtml-parser-perl: update to 3.72
591cd39 libextutils-installpaths-perl: update to 0.011
edb883e libextutils-config-perl: update to 0.008
4c6da8a libencode-perl: update to 2.83
caeea00 libdbi-perl: update to 1.634
fa4bbb8 libdbd-sqlite-perl: update to 1.50
6a7fed1 libcurses-perl: update to 1.34
547fe92 libcrypt-openssl-random-perl: update to 0.11
2a42fba libclass-method-modifiers-perl: update to 2.11
4f6ba02 libcapture-tiny-perl: update to 0.36
ba5f235 adduser: update to 3.114
cc6b324 libtinyxml2: update 2.2.0 -> 3.0.0
536d146 gnome-themes: fix icon-name-mapping not found
c4358e7 fcgi: update SRC_URI to match new path to fcgi-2.4.0.tar.gz archive
9ece354 openbox: add run time dependency on openbox-theme-clearlooks
7321fe2 nodejs: update to 4.4.2
3dfea34 vpnc: stage vpnc-script
eb4ce40 openconnect: add recipe
388adb9 ctdb: drop duplicated DESCRIPTION
6914b91 ctdb: rdepend on procps
d1a8f14 ctdb: disable the service by default
ee61bec iscsitarget: resolve build error with linux kernel 4.3 and above
a9d1b61 c-ares: Add package to networking
60c1f6c lldpd: Update to version 0.9.2
12e31ce samba: add volatile file to support readonly rootfs
237ade5 dnsmasq: get systemd only working again
4caeb00 libtalloc: Update to latest stable
b20f3b1 libtdb: Update to latest stable
59b17c8 libtevent: Update to latest stable
37c158f libldb: Update to latest stable
70bde9a samba: Update to latest stable
ab62c74 cyrus-sasl: Drop unneeded group addition
REVERT: 247b126 Revert "leptonica: add PACAKGECONFIG for openjpeg"
REVERT: ff38c70 python-cryptography: fix compile issue with openssl 1.0.2h
REVERT: 107e624 nbd: fix LIC_FILES_CHKSUM
REVERT: f76ad6c znc: fix QA issue and remove from blacklist
REVERT: 9199968 netcf: fix mishandling of gnulib submodule causing build fail
REVERT: 3cec94a autotools-bootstrap: make bootstrap package specific.
REVERT: 761a686 wireshark: Fix new QA Error
REVERT: 88a4748 curlpp: fix recipe
REVERT: e00ad20 upower: fix WARNING
REVERT: d2077f0 libwnck: fix WARNING
REVERT: 84fdde3 acpitests: Fix license issue
REVERT: 947e7f1 libnice, farsight2: unblacklist as libnice's nice.pc issue fixed.
REVERT: f797b79 wvstreams: fixing segfault with new gcc optimizations
REVERT: 84f69f3 packagegroup-tools-bluetooth: Selects the tools appropriate for the version of bluez being used.
REVERT: e341fa0 lmbench: avoid gcc optimize-away multiplication
REVERT: 1726e71 leptonica: add PACAKGECONFIG for openjpeg
REVERT: ea71aa8 poppler: add --std=c++11 to fix build with Qt 5.7
REVERT: 0e06305 llvm3.3: Disable auto -dbg packages
REVERT: ebe5fb2 pidgin: use pkg-config instead of hardcoded paths or python-config
REVERT: 4a5b269 pidgin: add PACKAGECONFIGs
REVERT: 6bcf20d pidgin: Update to 2.10.12
REVERT: 085dcdc toybox: Remove out-of-date patch
REVERT: 7743d7e rrdtool: fix do_configure failure on some hosts
REVERT: 305329d python-pyparsing: modify build to correctly use setuptools rather than distutils
REVERT: 33874df opencv: Fix metapkg dependencies for opencv-java and opencv-locales
REVERT: 25b22fb packagegroup-tools-bluetooth.bb: Selects the tools appropriate for the version of bluez being used.
REVERT: d4b1497 glmark2: wl_surface should be destoryed after destroying wl_window
REVERT: 4ee8ab7 fluidsynth: set correct portaudio packageconfig dependency
REVERT: 87488dc xfce-polkit: fix warning not able to copy license
REVERT: c9b3f9f meta-xfce: add intltool-native to DEPENDS
REVERT: 76f7c9d sox: dep on ffmpeg, not libav
REVERT: 5e2bb87 syslog-ng.inc: fix prerm script & class includes
REVERT: 9f34a85 sblim-sfcb: add missing dependency on unzip-native
REVERT: e2764e6 fbida: use separate builddir
REVERT: a1b71fe squid: CVE-2016-3947
REVERT: d824682 rp-pppoe: Fix rootfs creation errors
REVERT: 6812a4a openconnect: add missing dependencies
REVERT: 959b617 proftpd: CVE-2016-3125
REVERT: 2ae294d dovecot: fix QA issue and remove from blacklist
REVERT: ea52766 net-snmp: enable ipv6 support
REVERT: 2092396 ntp: Security fixes via update to 4.2.8p7
REVERT: fd1e5ea mozjs: fix configure host contamination
REVERT: ebb31a9 mariadb: Fix rootfs creation errors
REVERT: 852b40f wayland-fits: update, get out of PNBLACKLIST
REVERT: 8a1c490 hwdata: add new recipe
REVERT: d4cb722 rsnapshot: use ${bindir} as rsync location
REVERT: 2463098 mozjs_17.0.0.bb: Fix do_srpm error
REVERT: de2fe0d krb5-CVE-2016-3119.patch
REVERT: 470ab81 xfce4-weather-plugin: update to 0.8.7
REVERT: 01bf016 xfce4-whiskermenu-plugin: update to 1.5.3
REVERT: 51ad2f8 poppler: update to 0.4.1
REVERT: fe8fbf1 meta-initramfs: use bb.utils.contains() instead of base_contains()
REVERT: 2e3d033 meta-gnome: use bb.utils.contains() instead of base_contains()
REVERT: 33837ef meta-efl: use bb.utils.contains() instead of base_contains()
REVERT: d336edb meta-multimedia: use bb.utils.contains() instead of base_contains()
REVERT: 09ae3b6 meta-xfce: use bb.utils.contains() instead of base_contains()
REVERT: 9078b0d meta-webserver: use bb.utils.contains() instead of base_contains()
REVERT: cf18193 meta-oe: use bb.utils.contains() instead of base_contains()
REVERT: 0e6cc19 libubox: update to the latest git version for bug fixes
REVERT: 9f1c8ee concurrencykit: update to version 0.5.1
REVERT: fb946ee bootchart: update to 1.17
REVERT: 49d4df3 libgee: update to the latest stable version (0.18.0)
REVERT: 7166c0a log4cplus: update to version 1.2.0
REVERT: 0791add libio-pty-perl: update to version 1.12
REVERT: 9b956d2 libxml++: update to the latest stable version (2.38.1)
REVERT: 526a602 python-parted: update to version 3.10.7
REVERT: cd0fe0f mozjs: fix armeb builds
REVERT: 4d94318 initramfs-{debug,kexecboot}-image: zero out the rootfs_extra_space in initramfs images
REVERT: 146c382 gtest, gmock: allow building gtest-native and gmock-native
REVERT: 19284f3 crash: add cross package
REVERT: 70a46ba Add simple-mtpfs recipe
REVERT: a34566c python-visitor: Add recipe for version 0.1.2
REVERT: 4bc8f37 python-netaddr: Add recipe for version 0.7.18
REVERT: 07a6eeb python-dominate: Add recipe for version 2.2.0
REVERT: b58d78f flite: fix license issue.
REVERT: 9f8053b xcursorgen: fix License issue
REVERT: f98090c udisk2: fix build issue with missing depends
REVERT: d6a6190 nodejs: update to 4.4.3
REVERT: c9f8cc3 apache2: update to 2.4.20
REVERT: 8b15907 libmodbus: add support for the libmodbus development release
REVERT: 7a0519d python-wtforms: Add recipe for version 2.0.2
REVERT: 44aa637 python-pam: Add recipe for version 1.8.2
REVERT: 3e88e5e python-flask-wtf: Add recipe for version 0.12
REVERT: 9b1377a python-flask-sqlalchemy: Add recipe for version 2.1
REVERT: 8c69a06 python-flask-navigation: Add recipe for version 0.2.0
REVERT: 80279a3 python-flask-bootstrap: Add recipe for version 3.3.5.7
REVERT: a68a27c python-flask-bcrypt: Add recipe for version 0.7.1
REVERT: b72a23a python-blinker: Add recipe for version 1.4
REVERT: fc3b141 python-bcrypt: Add recipe for version 2.0.0
REVERT: 93aa4aa umip: unblacklist and disable parallel make
REVERT: bf34b1e nginx: update to 1.9.14
REVERT: 4fe750a llvm: correct fix for the multilib libdir
REVERT: b7cbd44 python-whoosh: update to 2.7.4
REVERT: 607e275 python-decorator: update to 4.0.9
REVERT: 2d50716 python-dateutil: update to 2.5.2
REVERT: 18872d2 python-cython: update to 0.24
REVERT: da664f7 krb5: add native and nativesdk extend
REVERT: e317d95 ne10: use bb.debug for debug messages
REVERT: 0d28aba libbonobo.inc: add libbonobo-bin package by lib_package class
REVERT: 1db7299 libhtml-parser-perl: update to 3.72
REVERT: e9d95a5 libextutils-installpaths-perl: update to 0.011
REVERT: 224dad6 libextutils-config-perl: update to 0.008
REVERT: f9156de libencode-perl: update to 2.83
REVERT: 26be6da libdbi-perl: update to 1.634
REVERT: ebf03b9 libdbd-sqlite-perl: update to 1.50
REVERT: 1e04c8b libcurses-perl: update to 1.34
REVERT: aedee46 libcrypt-openssl-random-perl: update to 0.11
REVERT: 5acf9a1 libclass-method-modifiers-perl: update to 2.11
REVERT: 32d95f3 libcapture-tiny-perl: update to 0.36
REVERT: c8f9b9c adduser: update to 3.114
REVERT: d4cde5c libtinyxml2: update 2.2.0 -> 3.0.0
REVERT: d34fc2a gnome-themes: fix icon-name-mapping not found
REVERT: c8ec1be fcgi: update SRC_URI to match new path to fcgi-2.4.0.tar.gz archive
REVERT: 37c75b3 openbox: add run time dependency on openbox-theme-clearlooks
REVERT: 88b739e nodejs: update to 4.4.2
REVERT: 3c76d0a vpnc: stage vpnc-script
REVERT: 51717e1 openconnect: add recipe
REVERT: afaf3c2 c-ares: Add package to networking
REVERT: cb87e40 samba: remove dependency on ctdb
REVERT: d73f12b samba: fix paths in sysv initscript
REVERT: d5baf78 samba: fix QA warnings.
REVERT: e123d76 ctdb: drop duplicated DESCRIPTION
REVERT: 7290932 ctdb: rdepend on procps
REVERT: dc0bc56 ctdb: disable the service by default
REVERT: 37c8e1f iscsitarget: resolve build error with linux kernel 4.3 and above
REVERT: eba63b3 lldpd: Update to version 0.9.2
REVERT: d7c6dc8 samba: add volatile file to support readonly rootfs
REVERT: 72a2f2b libtalloc: Update to latest stable
REVERT: 2aad141 libtdb: Update to latest stable
REVERT: 8176853 libtevent: Update to latest stable
REVERT: b325cea libldb: Update to latest stable
REVERT: 825cf15 samba: Update to latest stable
REVERT: 5aa6f37 dnsmasq: get systemd only working again
REVERT: abd1795 cyrus-sasl: Drop unneeded group addition
REVERT: 156b381 README: update maintainers list for krogoth
Change-Id: Id1c465d3fe39327bf35a475756b103eab8a90a02
git-subtree-dir: import-layers/meta-openembedded
git-subtree-split: 1efa5d623bc64659b57389e50be2568b1355d5f7
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/gammu/gammu_1.32.0.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/gammu/gammu_1.32.0.bb
index f33b435..4441175 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/gammu/gammu_1.32.0.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/gammu/gammu_1.32.0.bb
@@ -1,6 +1,6 @@
SUMMARY = "GNU All Mobile Managment Utilities"
SECTION = "console/network"
-DEPENDS = "cmake-native virtual/libiconv libdbi mysql5 glib-2.0 udev libgudev"
+DEPENDS = "cmake-native virtual/libiconv libdbi mysql5 glib-2.0 udev libgudev unixodbc"
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=a17cb0a873d252440acfdf9b3d0e7fbf"
HOMEPAGE = "http://www.gammu.org/"
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/gnokii/gnokii_0.6.31.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/gnokii/gnokii_0.6.31.bb
index cfd794d..2de547a 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/gnokii/gnokii_0.6.31.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/gnokii/gnokii_0.6.31.bb
@@ -5,7 +5,7 @@
SRC_URI = "http://www.gnokii.org/download/gnokii/gnokii-${PV}.tar.bz2"
-DEPENDS = "glib-2.0"
+DEPENDS = "glib-2.0 intltool-native"
X11DEPENDS = " libxpm gtk+"
PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11', '', d)}"
@@ -24,8 +24,9 @@
FILES_${PN} = "${bindir} ${sbindir}"
FILES_libgnokii-dev = "${includedir} ${libdir}/lib*.so ${libdir}/*.la \
- ${libdir}/*.a ${libdir}/*.o ${libdir}/pkgconfig \
- /lib/*.a /lib/*.o ${datadir}/aclocal"
+ ${libdir}/*.a ${libdir}/*.o ${libdir}/pkgconfig \
+ /lib/*.a /lib/*.o ${datadir}/aclocal \
+"
FILES_${PN}-dev = ""
FILES_libgnokii = "${libdir}/libgnokii.so.*"
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/hostapd/hostapd/0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/hostapd/hostapd/0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch
new file mode 100644
index 0000000..2fc7896
--- /dev/null
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/hostapd/hostapd/0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch
@@ -0,0 +1,86 @@
+From ecbb0b3dc122b0d290987cf9c84010bbe53e1022 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni@qca.qualcomm.com>
+Date: Fri, 4 Mar 2016 17:20:18 +0200
+Subject: [PATCH 1/1] WPS: Reject a Credential with invalid passphrase
+
+WPA/WPA2-Personal passphrase is not allowed to include control
+characters. Reject a Credential received from a WPS Registrar both as
+STA (Credential) and AP (AP Settings) if the credential is for WPAPSK or
+WPA2PSK authentication type and includes an invalid passphrase.
+
+This fixes an issue where hostapd or wpa_supplicant could have updated
+the configuration file PSK/passphrase parameter with arbitrary data from
+an external device (Registrar) that may not be fully trusted. Should
+such data include a newline character, the resulting configuration file
+could become invalid and fail to be parsed.
+
+Upstream-Status: Backport
+
+CVE: CVE-2016-4476
+
+Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
+Signed-off-by: Zhixiong Chi <Zhixiong.Chi@windriver.com>
+---
+ src/utils/common.c | 12 ++++++++++++
+ src/utils/common.h | 1 +
+ src/wps/wps_attr_process.c | 10 ++++++++++
+ 3 files changed, 23 insertions(+)
+
+diff --git a/src/utils/common.c b/src/utils/common.c
+index 450e2c6..27b7c02 100644
+--- a/src/utils/common.c
++++ b/src/utils/common.c
+@@ -697,6 +697,18 @@ int is_hex(const u8 *data, size_t len)
+ }
+
+
++int has_ctrl_char(const u8 *data, size_t len)
++{
++ size_t i;
++
++ for (i = 0; i < len; i++) {
++ if (data[i] < 32 || data[i] == 127)
++ return 1;
++ }
++ return 0;
++}
++
++
+ size_t merge_byte_arrays(u8 *res, size_t res_len,
+ const u8 *src1, size_t src1_len,
+ const u8 *src2, size_t src2_len)
+diff --git a/src/utils/common.h b/src/utils/common.h
+index 701dbb2..a972240 100644
+--- a/src/utils/common.h
++++ b/src/utils/common.h
+@@ -488,6 +488,7 @@ const char * wpa_ssid_txt(const u8 *ssid, size_t ssid_len);
+
+ char * wpa_config_parse_string(const char *value, size_t *len);
+ int is_hex(const u8 *data, size_t len);
++int has_ctrl_char(const u8 *data, size_t len);
+ size_t merge_byte_arrays(u8 *res, size_t res_len,
+ const u8 *src1, size_t src1_len,
+ const u8 *src2, size_t src2_len);
+diff --git a/src/wps/wps_attr_process.c b/src/wps/wps_attr_process.c
+index eadb22f..e8c4579 100644
+--- a/src/wps/wps_attr_process.c
++++ b/src/wps/wps_attr_process.c
+@@ -229,6 +229,16 @@ static int wps_workaround_cred_key(struct wps_credential *cred)
+ cred->key_len--;
+ #endif /* CONFIG_WPS_STRICT */
+ }
++
++
++ if (cred->auth_type & (WPS_AUTH_WPAPSK | WPS_AUTH_WPA2PSK) &&
++ (cred->key_len < 8 || has_ctrl_char(cred->key, cred->key_len))) {
++ wpa_printf(MSG_INFO, "WPS: Reject credential with invalid WPA/WPA2-Personal passphrase");
++ wpa_hexdump_ascii_key(MSG_INFO, "WPS: Network Key",
++ cred->key, cred->key_len);
++ return -1;
++ }
++
+ return 0;
+ }
+
+--
+1.9.1
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/hostapd/hostapd_2.5.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/hostapd/hostapd_2.5.bb
index c38e20a..ab01235 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/hostapd/hostapd_2.5.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/hostapd/hostapd_2.5.bb
@@ -16,6 +16,7 @@
file://defconfig \
file://init \
file://hostapd.service \
+ file://0001-WPS-Reject-a-Credential-with-invalid-passphrase.patch \
"
S = "${WORKDIR}/hostapd-${PV}"
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch
deleted file mode 100644
index b771b41..0000000
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch
+++ /dev/null
@@ -1,739 +0,0 @@
-From f6e57c402688f4bc386d1a39512657a30f0bafd3 Mon Sep 17 00:00:00 2001
-From: Nicolas Williams <nico@twosigma.com>
-Date: Mon, 14 Sep 2015 12:28:36 -0400
-Subject: [PATCH 2/4] Fix IAKERB context aliasing bugs [CVE-2015-2696]
-
-The IAKERB mechanism currently replaces its context handle with the
-krb5 mechanism handle upon establishment, under the assumption that
-most GSS functions are only called after context establishment. This
-assumption is incorrect, and can lead to aliasing violations for some
-programs. Maintain the IAKERB context structure after context
-establishment and add new IAKERB entry points to refer to it with that
-type. Add initiate and established flags to the IAKERB context
-structure for use in gss_inquire_context() prior to context
-establishment.
-
-CVE-2015-2696:
-
-In MIT krb5 1.9 and later, applications which call
-gss_inquire_context() on a partially-established IAKERB context can
-cause the GSS-API library to read from a pointer using the wrong type,
-generally causing a process crash. Java server applications using the
-native JGSS provider are vulnerable to this bug. A carefully crafted
-IAKERB packet might allow the gss_inquire_context() call to succeed
-with attacker-determined results, but applications should not make
-access control decisions based on gss_inquire_context() results prior
-to context establishment.
-
- CVSSv2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C
-
-[ghudson@mit.edu: several bugfixes, style changes, and edge-case
-behavior changes; commit message and CVE description]
-
-ticket: 8244
-target_version: 1.14
-tags: pullup
-
-Backport upstream commit:
-https://github.com/krb5/krb5/commit/e04f0283516e80d2f93366e0d479d13c9b5c8c2a
-
-Upstream-Status: Backport
----
- src/lib/gssapi/krb5/gssapiP_krb5.h | 114 ++++++++++++
- src/lib/gssapi/krb5/gssapi_krb5.c | 105 +++++++++--
- src/lib/gssapi/krb5/iakerb.c | 351 +++++++++++++++++++++++++++++++++----
- 3 files changed, 529 insertions(+), 41 deletions(-)
-
-diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h
-index a0e8625..05dc321 100644
---- a/src/lib/gssapi/krb5/gssapiP_krb5.h
-+++ b/src/lib/gssapi/krb5/gssapiP_krb5.h
-@@ -620,6 +620,21 @@ OM_uint32 KRB5_CALLCONV krb5_gss_accept_sec_context_ext
- );
- #endif /* LEAN_CLIENT */
-
-+OM_uint32 KRB5_CALLCONV krb5_gss_inquire_sec_context_by_oid
-+(OM_uint32*, /* minor_status */
-+ const gss_ctx_id_t,
-+ /* context_handle */
-+ const gss_OID, /* desired_object */
-+ gss_buffer_set_t* /* data_set */
-+);
-+
-+OM_uint32 KRB5_CALLCONV krb5_gss_set_sec_context_option
-+(OM_uint32*, /* minor_status */
-+ gss_ctx_id_t*, /* context_handle */
-+ const gss_OID, /* desired_object */
-+ const gss_buffer_t/* value */
-+);
-+
- OM_uint32 KRB5_CALLCONV krb5_gss_process_context_token
- (OM_uint32*, /* minor_status */
- gss_ctx_id_t, /* context_handle */
-@@ -1301,6 +1316,105 @@ OM_uint32 KRB5_CALLCONV
- krb5_gss_import_cred(OM_uint32 *minor_status, gss_buffer_t token,
- gss_cred_id_t *cred_handle);
-
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_process_context_token(OM_uint32 *minor_status,
-+ const gss_ctx_id_t context_handle,
-+ const gss_buffer_t token_buffer);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_context_time(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ OM_uint32 *time_rec);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_inquire_context(OM_uint32 *minor_status,
-+ gss_ctx_id_t context_handle, gss_name_t *src_name,
-+ gss_name_t *targ_name, OM_uint32 *lifetime_rec,
-+ gss_OID *mech_type, OM_uint32 *ctx_flags,
-+ int *locally_initiated, int *opened);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_get_mic(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ gss_qop_t qop_req, gss_buffer_t message_buffer,
-+ gss_buffer_t message_token);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_get_mic_iov(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ gss_qop_t qop_req, gss_iov_buffer_desc *iov,
-+ int iov_count);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_get_mic_iov_length(OM_uint32 *minor_status,
-+ gss_ctx_id_t context_handle, gss_qop_t qop_req,
-+ gss_iov_buffer_desc *iov, int iov_count);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_verify_mic(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ gss_buffer_t msg_buffer, gss_buffer_t token_buffer,
-+ gss_qop_t *qop_state);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_verify_mic_iov(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ gss_qop_t *qop_state, gss_iov_buffer_desc *iov,
-+ int iov_count);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_wrap(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ int conf_req_flag, gss_qop_t qop_req,
-+ gss_buffer_t input_message_buffer, int *conf_state,
-+ gss_buffer_t output_message_buffer);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_wrap_iov(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ int conf_req_flag, gss_qop_t qop_req, int *conf_state,
-+ gss_iov_buffer_desc *iov, int iov_count);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_wrap_iov_length(OM_uint32 *minor_status,
-+ gss_ctx_id_t context_handle, int conf_req_flag,
-+ gss_qop_t qop_req, int *conf_state,
-+ gss_iov_buffer_desc *iov, int iov_count);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_unwrap(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ gss_buffer_t input_message_buffer,
-+ gss_buffer_t output_message_buffer, int *conf_state,
-+ gss_qop_t *qop_state);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_unwrap_iov(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ int *conf_state, gss_qop_t *qop_state,
-+ gss_iov_buffer_desc *iov, int iov_count);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_wrap_size_limit(OM_uint32 *minor_status,
-+ gss_ctx_id_t context_handle, int conf_req_flag,
-+ gss_qop_t qop_req, OM_uint32 req_output_size,
-+ OM_uint32 *max_input_size);
-+
-+#ifndef LEAN_CLIENT
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_export_sec_context(OM_uint32 *minor_status,
-+ gss_ctx_id_t *context_handle,
-+ gss_buffer_t interprocess_token);
-+#endif /* LEAN_CLIENT */
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_inquire_sec_context_by_oid(OM_uint32 *minor_status,
-+ const gss_ctx_id_t context_handle,
-+ const gss_OID desired_object,
-+ gss_buffer_set_t *data_set);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_set_sec_context_option(OM_uint32 *minor_status,
-+ gss_ctx_id_t *context_handle,
-+ const gss_OID desired_object,
-+ const gss_buffer_t value);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_pseudo_random(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ int prf_key, const gss_buffer_t prf_in,
-+ ssize_t desired_output_len, gss_buffer_t prf_out);
-+
- /* Magic string to identify exported krb5 GSS credentials. Increment this if
- * the format changes. */
- #define CRED_EXPORT_MAGIC "K5C1"
-diff --git a/src/lib/gssapi/krb5/gssapi_krb5.c b/src/lib/gssapi/krb5/gssapi_krb5.c
-index 77b7fff..9a23656 100644
---- a/src/lib/gssapi/krb5/gssapi_krb5.c
-+++ b/src/lib/gssapi/krb5/gssapi_krb5.c
-@@ -345,7 +345,7 @@ static struct {
- }
- };
-
--static OM_uint32 KRB5_CALLCONV
-+OM_uint32 KRB5_CALLCONV
- krb5_gss_inquire_sec_context_by_oid (OM_uint32 *minor_status,
- const gss_ctx_id_t context_handle,
- const gss_OID desired_object,
-@@ -459,7 +459,7 @@ static struct {
- };
- #endif
-
--static OM_uint32 KRB5_CALLCONV
-+OM_uint32 KRB5_CALLCONV
- krb5_gss_set_sec_context_option (OM_uint32 *minor_status,
- gss_ctx_id_t *context_handle,
- const gss_OID desired_object,
-@@ -904,20 +904,103 @@ static struct gss_config krb5_mechanism = {
- krb5_gss_get_mic_iov_length,
- };
-
-+/* Functions which use security contexts or acquire creds are IAKERB-specific;
-+ * other functions can borrow from the krb5 mech. */
-+static struct gss_config iakerb_mechanism = {
-+ { GSS_MECH_KRB5_OID_LENGTH, GSS_MECH_KRB5_OID },
-+ NULL,
-+ iakerb_gss_acquire_cred,
-+ krb5_gss_release_cred,
-+ iakerb_gss_init_sec_context,
-+#ifdef LEAN_CLIENT
-+ NULL,
-+#else
-+ iakerb_gss_accept_sec_context,
-+#endif
-+ iakerb_gss_process_context_token,
-+ iakerb_gss_delete_sec_context,
-+ iakerb_gss_context_time,
-+ iakerb_gss_get_mic,
-+ iakerb_gss_verify_mic,
-+#if defined(IOV_SHIM_EXERCISE_WRAP) || defined(IOV_SHIM_EXERCISE)
-+ NULL,
-+#else
-+ iakerb_gss_wrap,
-+#endif
-+#if defined(IOV_SHIM_EXERCISE_UNWRAP) || defined(IOV_SHIM_EXERCISE)
-+ NULL,
-+#else
-+ iakerb_gss_unwrap,
-+#endif
-+ krb5_gss_display_status,
-+ krb5_gss_indicate_mechs,
-+ krb5_gss_compare_name,
-+ krb5_gss_display_name,
-+ krb5_gss_import_name,
-+ krb5_gss_release_name,
-+ krb5_gss_inquire_cred,
-+ NULL, /* add_cred */
-+#ifdef LEAN_CLIENT
-+ NULL,
-+ NULL,
-+#else
-+ iakerb_gss_export_sec_context,
-+ NULL,
-+#endif
-+ krb5_gss_inquire_cred_by_mech,
-+ krb5_gss_inquire_names_for_mech,
-+ iakerb_gss_inquire_context,
-+ krb5_gss_internal_release_oid,
-+ iakerb_gss_wrap_size_limit,
-+ krb5_gss_localname,
-+ krb5_gss_authorize_localname,
-+ krb5_gss_export_name,
-+ krb5_gss_duplicate_name,
-+ krb5_gss_store_cred,
-+ iakerb_gss_inquire_sec_context_by_oid,
-+ krb5_gss_inquire_cred_by_oid,
-+ iakerb_gss_set_sec_context_option,
-+ krb5_gssspi_set_cred_option,
-+ krb5_gssspi_mech_invoke,
-+ NULL, /* wrap_aead */
-+ NULL, /* unwrap_aead */
-+ iakerb_gss_wrap_iov,
-+ iakerb_gss_unwrap_iov,
-+ iakerb_gss_wrap_iov_length,
-+ NULL, /* complete_auth_token */
-+ NULL, /* acquire_cred_impersonate_name */
-+ NULL, /* add_cred_impersonate_name */
-+ NULL, /* display_name_ext */
-+ krb5_gss_inquire_name,
-+ krb5_gss_get_name_attribute,
-+ krb5_gss_set_name_attribute,
-+ krb5_gss_delete_name_attribute,
-+ krb5_gss_export_name_composite,
-+ krb5_gss_map_name_to_any,
-+ krb5_gss_release_any_name_mapping,
-+ iakerb_gss_pseudo_random,
-+ NULL, /* set_neg_mechs */
-+ krb5_gss_inquire_saslname_for_mech,
-+ krb5_gss_inquire_mech_for_saslname,
-+ krb5_gss_inquire_attrs_for_mech,
-+ krb5_gss_acquire_cred_from,
-+ krb5_gss_store_cred_into,
-+ iakerb_gss_acquire_cred_with_password,
-+ krb5_gss_export_cred,
-+ krb5_gss_import_cred,
-+ NULL, /* import_sec_context_by_mech */
-+ NULL, /* import_name_by_mech */
-+ NULL, /* import_cred_by_mech */
-+ iakerb_gss_get_mic_iov,
-+ iakerb_gss_verify_mic_iov,
-+ iakerb_gss_get_mic_iov_length,
-+};
-+
- #ifdef _GSS_STATIC_LINK
- #include "mglueP.h"
- static int gss_iakerbmechglue_init(void)
- {
- struct gss_mech_config mech_iakerb;
-- struct gss_config iakerb_mechanism = krb5_mechanism;
--
-- /* IAKERB mechanism mirrors krb5, but with different context SPIs */
-- iakerb_mechanism.gss_accept_sec_context = iakerb_gss_accept_sec_context;
-- iakerb_mechanism.gss_init_sec_context = iakerb_gss_init_sec_context;
-- iakerb_mechanism.gss_delete_sec_context = iakerb_gss_delete_sec_context;
-- iakerb_mechanism.gss_acquire_cred = iakerb_gss_acquire_cred;
-- iakerb_mechanism.gssspi_acquire_cred_with_password
-- = iakerb_gss_acquire_cred_with_password;
-
- memset(&mech_iakerb, 0, sizeof(mech_iakerb));
- mech_iakerb.mech = &iakerb_mechanism;
-diff --git a/src/lib/gssapi/krb5/iakerb.c b/src/lib/gssapi/krb5/iakerb.c
-index f30de32..4662bd9 100644
---- a/src/lib/gssapi/krb5/iakerb.c
-+++ b/src/lib/gssapi/krb5/iakerb.c
-@@ -47,6 +47,8 @@ struct _iakerb_ctx_id_rec {
- gss_ctx_id_t gssc;
- krb5_data conv; /* conversation for checksumming */
- unsigned int count; /* number of round trips */
-+ int initiate;
-+ int established;
- krb5_get_init_creds_opt *gic_opts;
- };
-
-@@ -695,7 +697,7 @@ cleanup:
- * Allocate and initialise an IAKERB context
- */
- static krb5_error_code
--iakerb_alloc_context(iakerb_ctx_id_t *pctx)
-+iakerb_alloc_context(iakerb_ctx_id_t *pctx, int initiate)
- {
- iakerb_ctx_id_t ctx;
- krb5_error_code code;
-@@ -709,6 +711,8 @@ iakerb_alloc_context(iakerb_ctx_id_t *pctx)
- ctx->magic = KG_IAKERB_CONTEXT;
- ctx->state = IAKERB_AS_REQ;
- ctx->count = 0;
-+ ctx->initiate = initiate;
-+ ctx->established = 0;
-
- code = krb5_gss_init_context(&ctx->k5c);
- if (code != 0)
-@@ -732,7 +736,7 @@ iakerb_gss_delete_sec_context(OM_uint32 *minor_status,
- gss_ctx_id_t *context_handle,
- gss_buffer_t output_token)
- {
-- OM_uint32 major_status = GSS_S_COMPLETE;
-+ iakerb_ctx_id_t iakerb_ctx = (iakerb_ctx_id_t)*context_handle;
-
- if (output_token != GSS_C_NO_BUFFER) {
- output_token->length = 0;
-@@ -740,23 +744,10 @@ iakerb_gss_delete_sec_context(OM_uint32 *minor_status,
- }
-
- *minor_status = 0;
-+ *context_handle = GSS_C_NO_CONTEXT;
-+ iakerb_release_context(iakerb_ctx);
-
-- if (*context_handle != GSS_C_NO_CONTEXT) {
-- iakerb_ctx_id_t iakerb_ctx = (iakerb_ctx_id_t)*context_handle;
--
-- if (iakerb_ctx->magic == KG_IAKERB_CONTEXT) {
-- iakerb_release_context(iakerb_ctx);
-- *context_handle = GSS_C_NO_CONTEXT;
-- } else {
-- assert(iakerb_ctx->magic == KG_CONTEXT);
--
-- major_status = krb5_gss_delete_sec_context(minor_status,
-- context_handle,
-- output_token);
-- }
-- }
--
-- return major_status;
-+ return GSS_S_COMPLETE;
- }
-
- static krb5_boolean
-@@ -802,7 +793,7 @@ iakerb_gss_accept_sec_context(OM_uint32 *minor_status,
- int initialContextToken = (*context_handle == GSS_C_NO_CONTEXT);
-
- if (initialContextToken) {
-- code = iakerb_alloc_context(&ctx);
-+ code = iakerb_alloc_context(&ctx, 0);
- if (code != 0)
- goto cleanup;
-
-@@ -854,11 +845,8 @@ iakerb_gss_accept_sec_context(OM_uint32 *minor_status,
- time_rec,
- delegated_cred_handle,
- &exts);
-- if (major_status == GSS_S_COMPLETE) {
-- *context_handle = ctx->gssc;
-- ctx->gssc = NULL;
-- iakerb_release_context(ctx);
-- }
-+ if (major_status == GSS_S_COMPLETE)
-+ ctx->established = 1;
- if (mech_type != NULL)
- *mech_type = (gss_OID)gss_mech_krb5;
- }
-@@ -897,7 +885,7 @@ iakerb_gss_init_sec_context(OM_uint32 *minor_status,
- int initialContextToken = (*context_handle == GSS_C_NO_CONTEXT);
-
- if (initialContextToken) {
-- code = iakerb_alloc_context(&ctx);
-+ code = iakerb_alloc_context(&ctx, 1);
- if (code != 0) {
- *minor_status = code;
- goto cleanup;
-@@ -983,11 +971,8 @@ iakerb_gss_init_sec_context(OM_uint32 *minor_status,
- ret_flags,
- time_rec,
- &exts);
-- if (major_status == GSS_S_COMPLETE) {
-- *context_handle = ctx->gssc;
-- ctx->gssc = GSS_C_NO_CONTEXT;
-- iakerb_release_context(ctx);
-- }
-+ if (major_status == GSS_S_COMPLETE)
-+ ctx->established = 1;
- if (actual_mech_type != NULL)
- *actual_mech_type = (gss_OID)gss_mech_krb5;
- } else {
-@@ -1010,3 +995,309 @@ cleanup:
-
- return major_status;
- }
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_unwrap(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ gss_buffer_t input_message_buffer,
-+ gss_buffer_t output_message_buffer, int *conf_state,
-+ gss_qop_t *qop_state)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_NO_CONTEXT;
-+
-+ return krb5_gss_unwrap(minor_status, ctx->gssc, input_message_buffer,
-+ output_message_buffer, conf_state, qop_state);
-+}
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_wrap(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ int conf_req_flag, gss_qop_t qop_req,
-+ gss_buffer_t input_message_buffer, int *conf_state,
-+ gss_buffer_t output_message_buffer)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_NO_CONTEXT;
-+
-+ return krb5_gss_wrap(minor_status, ctx->gssc, conf_req_flag, qop_req,
-+ input_message_buffer, conf_state,
-+ output_message_buffer);
-+}
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_process_context_token(OM_uint32 *minor_status,
-+ const gss_ctx_id_t context_handle,
-+ const gss_buffer_t token_buffer)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_DEFECTIVE_TOKEN;
-+
-+ return krb5_gss_process_context_token(minor_status, ctx->gssc,
-+ token_buffer);
-+}
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_context_time(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ OM_uint32 *time_rec)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_NO_CONTEXT;
-+
-+ return krb5_gss_context_time(minor_status, ctx->gssc, time_rec);
-+}
-+
-+#ifndef LEAN_CLIENT
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_export_sec_context(OM_uint32 *minor_status,
-+ gss_ctx_id_t *context_handle,
-+ gss_buffer_t interprocess_token)
-+{
-+ OM_uint32 maj;
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ /* We don't currently support exporting partially established contexts. */
-+ if (!ctx->established)
-+ return GSS_S_UNAVAILABLE;
-+
-+ maj = krb5_gss_export_sec_context(minor_status, &ctx->gssc,
-+ interprocess_token);
-+ if (ctx->gssc == GSS_C_NO_CONTEXT) {
-+ iakerb_release_context(ctx);
-+ *context_handle = GSS_C_NO_CONTEXT;
-+ }
-+ return maj;
-+}
-+
-+/*
-+ * Until we implement partial context exports, there are no SPNEGO exported
-+ * context tokens, only tokens for the underlying krb5 context. So we do not
-+ * need to implement an iakerb_gss_import_sec_context() yet; it would be
-+ * unreachable except via a manually constructed token.
-+ */
-+
-+#endif /* LEAN_CLIENT */
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_inquire_context(OM_uint32 *minor_status,
-+ gss_ctx_id_t context_handle, gss_name_t *src_name,
-+ gss_name_t *targ_name, OM_uint32 *lifetime_rec,
-+ gss_OID *mech_type, OM_uint32 *ctx_flags,
-+ int *initiate, int *opened)
-+{
-+ OM_uint32 ret;
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (src_name != NULL)
-+ *src_name = GSS_C_NO_NAME;
-+ if (targ_name != NULL)
-+ *targ_name = GSS_C_NO_NAME;
-+ if (lifetime_rec != NULL)
-+ *lifetime_rec = 0;
-+ if (mech_type != NULL)
-+ *mech_type = (gss_OID)gss_mech_iakerb;
-+ if (ctx_flags != NULL)
-+ *ctx_flags = 0;
-+ if (initiate != NULL)
-+ *initiate = ctx->initiate;
-+ if (opened != NULL)
-+ *opened = ctx->established;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_COMPLETE;
-+
-+ ret = krb5_gss_inquire_context(minor_status, ctx->gssc, src_name,
-+ targ_name, lifetime_rec, mech_type,
-+ ctx_flags, initiate, opened);
-+
-+ if (!ctx->established) {
-+ /* Report IAKERB as the mech OID until the context is established. */
-+ if (mech_type != NULL)
-+ *mech_type = (gss_OID)gss_mech_iakerb;
-+
-+ /* We don't support exporting partially-established contexts. */
-+ if (ctx_flags != NULL)
-+ *ctx_flags &= ~GSS_C_TRANS_FLAG;
-+ }
-+
-+ return ret;
-+}
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_wrap_size_limit(OM_uint32 *minor_status,
-+ gss_ctx_id_t context_handle, int conf_req_flag,
-+ gss_qop_t qop_req, OM_uint32 req_output_size,
-+ OM_uint32 *max_input_size)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_NO_CONTEXT;
-+
-+ return krb5_gss_wrap_size_limit(minor_status, ctx->gssc, conf_req_flag,
-+ qop_req, req_output_size, max_input_size);
-+}
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_get_mic(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ gss_qop_t qop_req, gss_buffer_t message_buffer,
-+ gss_buffer_t message_token)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_NO_CONTEXT;
-+
-+ return krb5_gss_get_mic(minor_status, ctx->gssc, qop_req, message_buffer,
-+ message_token);
-+}
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_verify_mic(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ gss_buffer_t msg_buffer, gss_buffer_t token_buffer,
-+ gss_qop_t *qop_state)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_NO_CONTEXT;
-+
-+ return krb5_gss_verify_mic(minor_status, ctx->gssc, msg_buffer,
-+ token_buffer, qop_state);
-+}
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_inquire_sec_context_by_oid(OM_uint32 *minor_status,
-+ const gss_ctx_id_t context_handle,
-+ const gss_OID desired_object,
-+ gss_buffer_set_t *data_set)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_UNAVAILABLE;
-+
-+ return krb5_gss_inquire_sec_context_by_oid(minor_status, ctx->gssc,
-+ desired_object, data_set);
-+}
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_set_sec_context_option(OM_uint32 *minor_status,
-+ gss_ctx_id_t *context_handle,
-+ const gss_OID desired_object,
-+ const gss_buffer_t value)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)*context_handle;
-+
-+ if (ctx == NULL || ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_UNAVAILABLE;
-+
-+ return krb5_gss_set_sec_context_option(minor_status, &ctx->gssc,
-+ desired_object, value);
-+}
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_wrap_iov(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ int conf_req_flag, gss_qop_t qop_req, int *conf_state,
-+ gss_iov_buffer_desc *iov, int iov_count)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_NO_CONTEXT;
-+
-+ return krb5_gss_wrap_iov(minor_status, ctx->gssc, conf_req_flag, qop_req,
-+ conf_state, iov, iov_count);
-+}
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_unwrap_iov(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ int *conf_state, gss_qop_t *qop_state,
-+ gss_iov_buffer_desc *iov, int iov_count)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_NO_CONTEXT;
-+
-+ return krb5_gss_unwrap_iov(minor_status, ctx->gssc, conf_state, qop_state,
-+ iov, iov_count);
-+}
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_wrap_iov_length(OM_uint32 *minor_status,
-+ gss_ctx_id_t context_handle, int conf_req_flag,
-+ gss_qop_t qop_req, int *conf_state,
-+ gss_iov_buffer_desc *iov, int iov_count)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_NO_CONTEXT;
-+
-+ return krb5_gss_wrap_iov_length(minor_status, ctx->gssc, conf_req_flag,
-+ qop_req, conf_state, iov, iov_count);
-+}
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_pseudo_random(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ int prf_key, const gss_buffer_t prf_in,
-+ ssize_t desired_output_len, gss_buffer_t prf_out)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_NO_CONTEXT;
-+
-+ return krb5_gss_pseudo_random(minor_status, ctx->gssc, prf_key, prf_in,
-+ desired_output_len, prf_out);
-+}
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_get_mic_iov(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ gss_qop_t qop_req, gss_iov_buffer_desc *iov,
-+ int iov_count)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_NO_CONTEXT;
-+
-+ return krb5_gss_get_mic_iov(minor_status, ctx->gssc, qop_req, iov,
-+ iov_count);
-+}
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_verify_mic_iov(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
-+ gss_qop_t *qop_state, gss_iov_buffer_desc *iov,
-+ int iov_count)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_NO_CONTEXT;
-+
-+ return krb5_gss_verify_mic_iov(minor_status, ctx->gssc, qop_state, iov,
-+ iov_count);
-+}
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_get_mic_iov_length(OM_uint32 *minor_status,
-+ gss_ctx_id_t context_handle, gss_qop_t qop_req,
-+ gss_iov_buffer_desc *iov, int iov_count)
-+{
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+
-+ if (ctx->gssc == GSS_C_NO_CONTEXT)
-+ return GSS_S_NO_CONTEXT;
-+
-+ return krb5_gss_get_mic_iov_length(minor_status, ctx->gssc, qop_req, iov,
-+ iov_count);
-+}
---
-1.9.1
-
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-export-import-CVE-2015-2698.patch b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-export-import-CVE-2015-2698.patch
deleted file mode 100644
index 2f45d30..0000000
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/Fix-IAKERB-context-export-import-CVE-2015-2698.patch
+++ /dev/null
@@ -1,134 +0,0 @@
-From aa769c8c6905d1abfac66d4d1b0fc73740ccbe7d Mon Sep 17 00:00:00 2001
-From: Greg Hudson <ghudson@mit.edu>
-Date: Sat, 14 Nov 2015 02:47:04 -0500
-Subject: [PATCH 4/4] Fix IAKERB context export/import [CVE-2015-2698]
-
-The patches for CVE-2015-2696 contained a regression in the newly
-added IAKERB iakerb_gss_export_sec_context() function, which could
-cause it to corrupt memory. Fix the regression by properly
-dereferencing the context_handle pointer before casting it.
-
-Also, the patches did not implement an IAKERB gss_import_sec_context()
-function, under the erroneous belief that an exported IAKERB context
-would be tagged as a krb5 context. Implement it now to allow IAKERB
-contexts to be successfully exported and imported after establishment.
-
-CVE-2015-2698:
-
-In any MIT krb5 release with the patches for CVE-2015-2696 applied, an
-application which calls gss_export_sec_context() may experience memory
-corruption if the context was established using the IAKERB mechanism.
-Historically, some vulnerabilities of this nature can be translated
-into remote code execution, though the necessary exploits must be
-tailored to the individual application and are usually quite
-complicated.
-
- CVSSv2 Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C/E:POC/RL:OF/RC:C
-
-ticket: 8273 (new)
-target_version: 1.14
-tags: pullup
-
-Backport upstream commit:
-https://github.com/krb5/krb5/commit/3db8dfec1ef50ddd78d6ba9503185995876a39fd
-
-Upstream-Status: Backport
----
- src/lib/gssapi/krb5/gssapiP_krb5.h | 5 +++++
- src/lib/gssapi/krb5/gssapi_krb5.c | 2 +-
- src/lib/gssapi/krb5/iakerb.c | 42 +++++++++++++++++++++++++++++++-------
- 3 files changed, 41 insertions(+), 8 deletions(-)
-
-diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h
-index 05dc321..ac53662 100644
---- a/src/lib/gssapi/krb5/gssapiP_krb5.h
-+++ b/src/lib/gssapi/krb5/gssapiP_krb5.h
-@@ -1396,6 +1396,11 @@ OM_uint32 KRB5_CALLCONV
- iakerb_gss_export_sec_context(OM_uint32 *minor_status,
- gss_ctx_id_t *context_handle,
- gss_buffer_t interprocess_token);
-+
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_import_sec_context(OM_uint32 *minor_status,
-+ const gss_buffer_t interprocess_token,
-+ gss_ctx_id_t *context_handle);
- #endif /* LEAN_CLIENT */
-
- OM_uint32 KRB5_CALLCONV
-diff --git a/src/lib/gssapi/krb5/gssapi_krb5.c b/src/lib/gssapi/krb5/gssapi_krb5.c
-index 9a23656..d7ba279 100644
---- a/src/lib/gssapi/krb5/gssapi_krb5.c
-+++ b/src/lib/gssapi/krb5/gssapi_krb5.c
-@@ -945,7 +945,7 @@ static struct gss_config iakerb_mechanism = {
- NULL,
- #else
- iakerb_gss_export_sec_context,
-- NULL,
-+ iakerb_gss_import_sec_context,
- #endif
- krb5_gss_inquire_cred_by_mech,
- krb5_gss_inquire_names_for_mech,
-diff --git a/src/lib/gssapi/krb5/iakerb.c b/src/lib/gssapi/krb5/iakerb.c
-index 4662bd9..48beaee 100644
---- a/src/lib/gssapi/krb5/iakerb.c
-+++ b/src/lib/gssapi/krb5/iakerb.c
-@@ -1061,7 +1061,7 @@ iakerb_gss_export_sec_context(OM_uint32 *minor_status,
- gss_buffer_t interprocess_token)
- {
- OM_uint32 maj;
-- iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)context_handle;
-+ iakerb_ctx_id_t ctx = (iakerb_ctx_id_t)*context_handle;
-
- /* We don't currently support exporting partially established contexts. */
- if (!ctx->established)
-@@ -1076,13 +1076,41 @@ iakerb_gss_export_sec_context(OM_uint32 *minor_status,
- return maj;
- }
-
--/*
-- * Until we implement partial context exports, there are no SPNEGO exported
-- * context tokens, only tokens for the underlying krb5 context. So we do not
-- * need to implement an iakerb_gss_import_sec_context() yet; it would be
-- * unreachable except via a manually constructed token.
-- */
-+OM_uint32 KRB5_CALLCONV
-+iakerb_gss_import_sec_context(OM_uint32 *minor_status,
-+ gss_buffer_t interprocess_token,
-+ gss_ctx_id_t *context_handle)
-+{
-+ OM_uint32 maj, tmpmin;
-+ krb5_error_code code;
-+ gss_ctx_id_t gssc;
-+ krb5_gss_ctx_id_t kctx;
-+ iakerb_ctx_id_t ctx;
-+
-+ maj = krb5_gss_import_sec_context(minor_status, interprocess_token, &gssc);
-+ if (maj != GSS_S_COMPLETE)
-+ return maj;
-+ kctx = (krb5_gss_ctx_id_t)gssc;
-+
-+ if (!kctx->established) {
-+ /* We don't currently support importing partially established
-+ * contexts. */
-+ krb5_gss_delete_sec_context(&tmpmin, &gssc, GSS_C_NO_BUFFER);
-+ return GSS_S_FAILURE;
-+ }
-
-+ code = iakerb_alloc_context(&ctx, kctx->initiate);
-+ if (code != 0) {
-+ krb5_gss_delete_sec_context(&tmpmin, &gssc, GSS_C_NO_BUFFER);
-+ *minor_status = code;
-+ return GSS_S_FAILURE;
-+ }
-+
-+ ctx->gssc = gssc;
-+ ctx->established = 1;
-+ *context_handle = (gss_ctx_id_t)ctx;
-+ return GSS_S_COMPLETE;
-+}
- #endif /* LEAN_CLIENT */
-
- OM_uint32 KRB5_CALLCONV
---
-1.9.1
-
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch
deleted file mode 100644
index 227e6c6..0000000
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch
+++ /dev/null
@@ -1,572 +0,0 @@
-From 884913e807414a1e06245918dea71243c5fdd0e6 Mon Sep 17 00:00:00 2001
-From: Nicolas Williams <nico@twosigma.com>
-Date: Mon, 14 Sep 2015 12:27:52 -0400
-Subject: [PATCH 1/4] Fix SPNEGO context aliasing bugs [CVE-2015-2695]
-
-The SPNEGO mechanism currently replaces its context handle with the
-mechanism context handle upon establishment, under the assumption that
-most GSS functions are only called after context establishment. This
-assumption is incorrect, and can lead to aliasing violations for some
-programs. Maintain the SPNEGO context structure after context
-establishment and refer to it in all GSS methods. Add initiate and
-opened flags to the SPNEGO context structure for use in
-gss_inquire_context() prior to context establishment.
-
-CVE-2015-2695:
-
-In MIT krb5 1.5 and later, applications which call
-gss_inquire_context() on a partially-established SPNEGO context can
-cause the GSS-API library to read from a pointer using the wrong type,
-generally causing a process crash. This bug may go unnoticed, because
-the most common SPNEGO authentication scenario establishes the context
-after just one call to gss_accept_sec_context(). Java server
-applications using the native JGSS provider are vulnerable to this
-bug. A carefully crafted SPNEGO packet might allow the
-gss_inquire_context() call to succeed with attacker-determined
-results, but applications should not make access control decisions
-based on gss_inquire_context() results prior to context establishment.
-
- CVSSv2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C
-
-[ghudson@mit.edu: several bugfixes, style changes, and edge-case
-behavior changes; commit message and CVE description]
-
-ticket: 8244
-target_version: 1.14
-tags: pullup
-
-Backport upstream commit:
-https://github.com/krb5/krb5/commit/b51b33f2bc5d1497ddf5bd107f791c101695000d
-
-Upstream-Status: Backport
----
- src/lib/gssapi/spnego/gssapiP_spnego.h | 2 +
- src/lib/gssapi/spnego/spnego_mech.c | 254 ++++++++++++++++++++++++---------
- 2 files changed, 192 insertions(+), 64 deletions(-)
-
-diff --git a/src/lib/gssapi/spnego/gssapiP_spnego.h b/src/lib/gssapi/spnego/gssapiP_spnego.h
-index bc23f56..8e05736 100644
---- a/src/lib/gssapi/spnego/gssapiP_spnego.h
-+++ b/src/lib/gssapi/spnego/gssapiP_spnego.h
-@@ -102,6 +102,8 @@ typedef struct {
- int firstpass;
- int mech_complete;
- int nego_done;
-+ int initiate;
-+ int opened;
- OM_uint32 ctx_flags;
- gss_name_t internal_name;
- gss_OID actual_mech;
-diff --git a/src/lib/gssapi/spnego/spnego_mech.c b/src/lib/gssapi/spnego/spnego_mech.c
-index f9248ab..3423f22 100644
---- a/src/lib/gssapi/spnego/spnego_mech.c
-+++ b/src/lib/gssapi/spnego/spnego_mech.c
-@@ -101,7 +101,7 @@ static OM_uint32 get_negotiable_mechs(OM_uint32 *, spnego_gss_cred_id_t,
- gss_cred_usage_t, gss_OID_set *);
- static void release_spnego_ctx(spnego_gss_ctx_id_t *);
- static void check_spnego_options(spnego_gss_ctx_id_t);
--static spnego_gss_ctx_id_t create_spnego_ctx(void);
-+static spnego_gss_ctx_id_t create_spnego_ctx(int);
- static int put_mech_set(gss_OID_set mechSet, gss_buffer_t buf);
- static int put_input_token(unsigned char **, gss_buffer_t, unsigned int);
- static int put_mech_oid(unsigned char **, gss_OID_const, unsigned int);
-@@ -439,7 +439,7 @@ check_spnego_options(spnego_gss_ctx_id_t spnego_ctx)
- }
-
- static spnego_gss_ctx_id_t
--create_spnego_ctx(void)
-+create_spnego_ctx(int initiate)
- {
- spnego_gss_ctx_id_t spnego_ctx = NULL;
- spnego_ctx = (spnego_gss_ctx_id_t)
-@@ -462,6 +462,8 @@ create_spnego_ctx(void)
- spnego_ctx->mic_rcvd = 0;
- spnego_ctx->mech_complete = 0;
- spnego_ctx->nego_done = 0;
-+ spnego_ctx->opened = 0;
-+ spnego_ctx->initiate = initiate;
- spnego_ctx->internal_name = GSS_C_NO_NAME;
- spnego_ctx->actual_mech = GSS_C_NO_OID;
-
-@@ -627,7 +629,7 @@ init_ctx_new(OM_uint32 *minor_status,
- OM_uint32 ret;
- spnego_gss_ctx_id_t sc = NULL;
-
-- sc = create_spnego_ctx();
-+ sc = create_spnego_ctx(1);
- if (sc == NULL)
- return GSS_S_FAILURE;
-
-@@ -644,10 +646,7 @@ init_ctx_new(OM_uint32 *minor_status,
- ret = GSS_S_FAILURE;
- goto cleanup;
- }
-- /*
-- * The actual context is not yet determined, set the output
-- * context handle to refer to the spnego context itself.
-- */
-+
- sc->ctx_handle = GSS_C_NO_CONTEXT;
- *ctx = (gss_ctx_id_t)sc;
- sc = NULL;
-@@ -1088,16 +1087,11 @@ cleanup:
- }
- gss_release_buffer(&tmpmin, &mechtok_out);
- if (ret == GSS_S_COMPLETE) {
-- /*
-- * Now, switch the output context to refer to the
-- * negotiated mechanism's context.
-- */
-- *context_handle = (gss_ctx_id_t)spnego_ctx->ctx_handle;
-+ spnego_ctx->opened = 1;
- if (actual_mech != NULL)
- *actual_mech = spnego_ctx->actual_mech;
- if (ret_flags != NULL)
- *ret_flags = spnego_ctx->ctx_flags;
-- release_spnego_ctx(&spnego_ctx);
- } else if (ret != GSS_S_CONTINUE_NEEDED) {
- if (spnego_ctx != NULL) {
- gss_delete_sec_context(&tmpmin,
-@@ -1341,7 +1335,7 @@ acc_ctx_hints(OM_uint32 *minor_status,
- if (ret != GSS_S_COMPLETE)
- goto cleanup;
-
-- sc = create_spnego_ctx();
-+ sc = create_spnego_ctx(0);
- if (sc == NULL) {
- ret = GSS_S_FAILURE;
- goto cleanup;
-@@ -1423,7 +1417,7 @@ acc_ctx_new(OM_uint32 *minor_status,
- gss_release_buffer(&tmpmin, &sc->DER_mechTypes);
- assert(mech_wanted != GSS_C_NO_OID);
- } else
-- sc = create_spnego_ctx();
-+ sc = create_spnego_ctx(0);
- if (sc == NULL) {
- ret = GSS_S_FAILURE;
- *return_token = NO_TOKEN_SEND;
-@@ -1806,13 +1800,12 @@ cleanup:
- ret = GSS_S_FAILURE;
- }
- if (ret == GSS_S_COMPLETE) {
-- *context_handle = (gss_ctx_id_t)sc->ctx_handle;
-+ sc->opened = 1;
- if (sc->internal_name != GSS_C_NO_NAME &&
- src_name != NULL) {
- *src_name = sc->internal_name;
- sc->internal_name = GSS_C_NO_NAME;
- }
-- release_spnego_ctx(&sc);
- } else if (ret != GSS_S_CONTINUE_NEEDED) {
- if (sc != NULL) {
- gss_delete_sec_context(&tmpmin, &sc->ctx_handle,
-@@ -2125,8 +2118,13 @@ spnego_gss_unwrap(
- gss_qop_t *qop_state)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_NO_CONTEXT);
-+
- ret = gss_unwrap(minor_status,
-- context_handle,
-+ sc->ctx_handle,
- input_message_buffer,
- output_message_buffer,
- conf_state,
-@@ -2146,8 +2144,13 @@ spnego_gss_wrap(
- gss_buffer_t output_message_buffer)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_NO_CONTEXT);
-+
- ret = gss_wrap(minor_status,
-- context_handle,
-+ sc->ctx_handle,
- conf_req_flag,
- qop_req,
- input_message_buffer,
-@@ -2164,8 +2167,14 @@ spnego_gss_process_context_token(
- const gss_buffer_t token_buffer)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ /* SPNEGO doesn't have its own context tokens. */
-+ if (!sc->opened)
-+ return (GSS_S_DEFECTIVE_TOKEN);
-+
- ret = gss_process_context_token(minor_status,
-- context_handle,
-+ sc->ctx_handle,
- token_buffer);
-
- return (ret);
-@@ -2189,19 +2198,9 @@ spnego_gss_delete_sec_context(
- if (*ctx == NULL)
- return (GSS_S_COMPLETE);
-
-- /*
-- * If this is still an SPNEGO mech, release it locally.
-- */
-- if ((*ctx)->magic_num == SPNEGO_MAGIC_ID) {
-- (void) gss_delete_sec_context(minor_status,
-- &(*ctx)->ctx_handle,
-- output_token);
-- (void) release_spnego_ctx(ctx);
-- } else {
-- ret = gss_delete_sec_context(minor_status,
-- context_handle,
-- output_token);
-- }
-+ (void) gss_delete_sec_context(minor_status, &(*ctx)->ctx_handle,
-+ output_token);
-+ (void) release_spnego_ctx(ctx);
-
- return (ret);
- }
-@@ -2213,8 +2212,13 @@ spnego_gss_context_time(
- OM_uint32 *time_rec)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_NO_CONTEXT);
-+
- ret = gss_context_time(minor_status,
-- context_handle,
-+ sc->ctx_handle,
- time_rec);
- return (ret);
- }
-@@ -2226,9 +2230,20 @@ spnego_gss_export_sec_context(
- gss_buffer_t interprocess_token)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = *(spnego_gss_ctx_id_t *)context_handle;
-+
-+ /* We don't currently support exporting partially established
-+ * contexts. */
-+ if (!sc->opened)
-+ return GSS_S_UNAVAILABLE;
-+
- ret = gss_export_sec_context(minor_status,
-- context_handle,
-+ &sc->ctx_handle,
- interprocess_token);
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT) {
-+ release_spnego_ctx(&sc);
-+ *context_handle = GSS_C_NO_CONTEXT;
-+ }
- return (ret);
- }
-
-@@ -2238,11 +2253,12 @@ spnego_gss_import_sec_context(
- const gss_buffer_t interprocess_token,
- gss_ctx_id_t *context_handle)
- {
-- OM_uint32 ret;
-- ret = gss_import_sec_context(minor_status,
-- interprocess_token,
-- context_handle);
-- return (ret);
-+ /*
-+ * Until we implement partial context exports, there are no SPNEGO
-+ * exported context tokens, only tokens for underlying mechs. So just
-+ * return an error for now.
-+ */
-+ return GSS_S_UNAVAILABLE;
- }
- #endif /* LEAN_CLIENT */
-
-@@ -2259,16 +2275,48 @@ spnego_gss_inquire_context(
- int *opened)
- {
- OM_uint32 ret = GSS_S_COMPLETE;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (src_name != NULL)
-+ *src_name = GSS_C_NO_NAME;
-+ if (targ_name != NULL)
-+ *targ_name = GSS_C_NO_NAME;
-+ if (lifetime_rec != NULL)
-+ *lifetime_rec = 0;
-+ if (mech_type != NULL)
-+ *mech_type = (gss_OID)gss_mech_spnego;
-+ if (ctx_flags != NULL)
-+ *ctx_flags = 0;
-+ if (locally_initiated != NULL)
-+ *locally_initiated = sc->initiate;
-+ if (opened != NULL)
-+ *opened = sc->opened;
-+
-+ if (sc->ctx_handle != GSS_C_NO_CONTEXT) {
-+ ret = gss_inquire_context(minor_status, sc->ctx_handle,
-+ src_name, targ_name, lifetime_rec,
-+ mech_type, ctx_flags, NULL, NULL);
-+ }
-
-- ret = gss_inquire_context(minor_status,
-- context_handle,
-- src_name,
-- targ_name,
-- lifetime_rec,
-- mech_type,
-- ctx_flags,
-- locally_initiated,
-- opened);
-+ if (!sc->opened) {
-+ /*
-+ * We are still doing SPNEGO negotiation, so report SPNEGO as
-+ * the OID. After negotiation is complete we will report the
-+ * underlying mechanism OID.
-+ */
-+ if (mech_type != NULL)
-+ *mech_type = (gss_OID)gss_mech_spnego;
-+
-+ /*
-+ * Remove flags we don't support with partially-established
-+ * contexts. (Change this to keep GSS_C_TRANS_FLAG if we add
-+ * support for exporting partial SPNEGO contexts.)
-+ */
-+ if (ctx_flags != NULL) {
-+ *ctx_flags &= ~GSS_C_PROT_READY_FLAG;
-+ *ctx_flags &= ~GSS_C_TRANS_FLAG;
-+ }
-+ }
-
- return (ret);
- }
-@@ -2283,8 +2331,13 @@ spnego_gss_wrap_size_limit(
- OM_uint32 *max_input_size)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_NO_CONTEXT);
-+
- ret = gss_wrap_size_limit(minor_status,
-- context_handle,
-+ sc->ctx_handle,
- conf_req_flag,
- qop_req,
- req_output_size,
-@@ -2301,8 +2354,13 @@ spnego_gss_get_mic(
- gss_buffer_t message_token)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_NO_CONTEXT);
-+
- ret = gss_get_mic(minor_status,
-- context_handle,
-+ sc->ctx_handle,
- qop_req,
- message_buffer,
- message_token);
-@@ -2318,8 +2376,13 @@ spnego_gss_verify_mic(
- gss_qop_t *qop_state)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_NO_CONTEXT);
-+
- ret = gss_verify_mic(minor_status,
-- context_handle,
-+ sc->ctx_handle,
- msg_buffer,
- token_buffer,
- qop_state);
-@@ -2334,8 +2397,14 @@ spnego_gss_inquire_sec_context_by_oid(
- gss_buffer_set_t *data_set)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ /* There are no SPNEGO-specific OIDs for this function. */
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_UNAVAILABLE);
-+
- ret = gss_inquire_sec_context_by_oid(minor_status,
-- context_handle,
-+ sc->ctx_handle,
- desired_object,
- data_set);
- return (ret);
-@@ -2404,8 +2473,15 @@ spnego_gss_set_sec_context_option(
- const gss_buffer_t value)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)*context_handle;
-+
-+ /* There are no SPNEGO-specific OIDs for this function, and we cannot
-+ * construct an empty SPNEGO context with it. */
-+ if (sc == NULL || sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_UNAVAILABLE);
-+
- ret = gss_set_sec_context_option(minor_status,
-- context_handle,
-+ &sc->ctx_handle,
- desired_object,
- value);
- return (ret);
-@@ -2422,8 +2498,13 @@ spnego_gss_wrap_aead(OM_uint32 *minor_status,
- gss_buffer_t output_message_buffer)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_NO_CONTEXT);
-+
- ret = gss_wrap_aead(minor_status,
-- context_handle,
-+ sc->ctx_handle,
- conf_req_flag,
- qop_req,
- input_assoc_buffer,
-@@ -2444,8 +2525,13 @@ spnego_gss_unwrap_aead(OM_uint32 *minor_status,
- gss_qop_t *qop_state)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_NO_CONTEXT);
-+
- ret = gss_unwrap_aead(minor_status,
-- context_handle,
-+ sc->ctx_handle,
- input_message_buffer,
- input_assoc_buffer,
- output_payload_buffer,
-@@ -2464,8 +2550,13 @@ spnego_gss_wrap_iov(OM_uint32 *minor_status,
- int iov_count)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_NO_CONTEXT);
-+
- ret = gss_wrap_iov(minor_status,
-- context_handle,
-+ sc->ctx_handle,
- conf_req_flag,
- qop_req,
- conf_state,
-@@ -2483,8 +2574,13 @@ spnego_gss_unwrap_iov(OM_uint32 *minor_status,
- int iov_count)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_NO_CONTEXT);
-+
- ret = gss_unwrap_iov(minor_status,
-- context_handle,
-+ sc->ctx_handle,
- conf_state,
- qop_state,
- iov,
-@@ -2502,8 +2598,13 @@ spnego_gss_wrap_iov_length(OM_uint32 *minor_status,
- int iov_count)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_NO_CONTEXT);
-+
- ret = gss_wrap_iov_length(minor_status,
-- context_handle,
-+ sc->ctx_handle,
- conf_req_flag,
- qop_req,
- conf_state,
-@@ -2520,8 +2621,13 @@ spnego_gss_complete_auth_token(
- gss_buffer_t input_message_buffer)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_UNAVAILABLE);
-+
- ret = gss_complete_auth_token(minor_status,
-- context_handle,
-+ sc->ctx_handle,
- input_message_buffer);
- return (ret);
- }
-@@ -2773,8 +2879,13 @@ spnego_gss_pseudo_random(OM_uint32 *minor_status,
- gss_buffer_t prf_out)
- {
- OM_uint32 ret;
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_NO_CONTEXT);
-+
- ret = gss_pseudo_random(minor_status,
-- context,
-+ sc->ctx_handle,
- prf_key,
- prf_in,
- desired_output_len,
-@@ -2915,7 +3026,12 @@ spnego_gss_get_mic_iov(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
- gss_qop_t qop_req, gss_iov_buffer_desc *iov,
- int iov_count)
- {
-- return gss_get_mic_iov(minor_status, context_handle, qop_req, iov,
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_NO_CONTEXT);
-+
-+ return gss_get_mic_iov(minor_status, sc->ctx_handle, qop_req, iov,
- iov_count);
- }
-
-@@ -2924,7 +3040,12 @@ spnego_gss_verify_mic_iov(OM_uint32 *minor_status, gss_ctx_id_t context_handle,
- gss_qop_t *qop_state, gss_iov_buffer_desc *iov,
- int iov_count)
- {
-- return gss_verify_mic_iov(minor_status, context_handle, qop_state, iov,
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_NO_CONTEXT);
-+
-+ return gss_verify_mic_iov(minor_status, sc->ctx_handle, qop_state, iov,
- iov_count);
- }
-
-@@ -2933,7 +3054,12 @@ spnego_gss_get_mic_iov_length(OM_uint32 *minor_status,
- gss_ctx_id_t context_handle, gss_qop_t qop_req,
- gss_iov_buffer_desc *iov, int iov_count)
- {
-- return gss_get_mic_iov_length(minor_status, context_handle, qop_req, iov,
-+ spnego_gss_ctx_id_t sc = (spnego_gss_ctx_id_t)context_handle;
-+
-+ if (sc->ctx_handle == GSS_C_NO_CONTEXT)
-+ return (GSS_S_NO_CONTEXT);
-+
-+ return gss_get_mic_iov_length(minor_status, sc->ctx_handle, qop_req, iov,
- iov_count);
- }
-
---
-1.9.1
-
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/Fix-build_principal-memory-bug-CVE-2015-2697.patch b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/Fix-build_principal-memory-bug-CVE-2015-2697.patch
deleted file mode 100644
index 9b0c18b..0000000
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/Fix-build_principal-memory-bug-CVE-2015-2697.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From 9cb63711e63042f22da914ba039c4537b22e8fb0 Mon Sep 17 00:00:00 2001
-From: Greg Hudson <ghudson@mit.edu>
-Date: Fri, 25 Sep 2015 12:51:47 -0400
-Subject: [PATCH 3/4] Fix build_principal memory bug [CVE-2015-2697]
-
-In build_principal_va(), use k5memdup0() instead of strdup() to make a
-copy of the realm, to ensure that we allocate the correct number of
-bytes and do not read past the end of the input string. This bug
-affects krb5_build_principal(), krb5_build_principal_va(), and
-krb5_build_principal_alloc_va(). krb5_build_principal_ext() is not
-affected.
-
-CVE-2015-2697:
-
-In MIT krb5 1.7 and later, an authenticated attacker may be able to
-cause a KDC to crash using a TGS request with a large realm field
-beginning with a null byte. If the KDC attempts to find a referral to
-answer the request, it constructs a principal name for lookup using
-krb5_build_principal() with the requested realm. Due to a bug in this
-function, the null byte causes only one byte be allocated for the
-realm field of the constructed principal, far less than its length.
-Subsequent operations on the lookup principal may cause a read beyond
-the end of the mapped memory region, causing the KDC process to crash.
-
-CVSSv2: AV:N/AC:L/Au:S/C:N/I:N/A:C/E:POC/RL:OF/RC:C
-
-ticket: 8252 (new)
-target_version: 1.14
-tags: pullup
-
-Backport upstream commit:
-https://github.com/krb5/krb5/commit/f0c094a1b745d91ef2f9a4eae2149aac026a5789
-
-Upstream-Status: Backport
----
- src/lib/krb5/krb/bld_princ.c | 6 ++----
- 1 file changed, 2 insertions(+), 4 deletions(-)
-
-diff --git a/src/lib/krb5/krb/bld_princ.c b/src/lib/krb5/krb/bld_princ.c
-index ab6fed8..8604268 100644
---- a/src/lib/krb5/krb/bld_princ.c
-+++ b/src/lib/krb5/krb/bld_princ.c
-@@ -40,10 +40,8 @@ build_principal_va(krb5_context context, krb5_principal princ,
- data = malloc(size * sizeof(krb5_data));
- if (!data) { retval = ENOMEM; }
-
-- if (!retval) {
-- r = strdup(realm);
-- if (!r) { retval = ENOMEM; }
-- }
-+ if (!retval)
-+ r = k5memdup0(realm, rlen, &retval);
-
- while (!retval && (component = va_arg(ap, char *))) {
- if (count == size) {
---
-1.9.1
-
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/krb5-CVE-2016-3119.patch b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/krb5-CVE-2016-3119.patch
deleted file mode 100644
index 67fefed..0000000
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/krb5-CVE-2016-3119.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-Subject: kerb: Fix LDAP null deref on empty arg [CVE-2016-3119]
-From: Greg Hudson
-
-In the LDAP KDB module's process_db_args(), strtok_r() may return NULL
-if there is an empty string in the db_args array. Check for this case
-and avoid dereferencing a null pointer.
-
-CVE-2016-3119:
-
-In MIT krb5 1.6 and later, an authenticated attacker with permission
-to modify a principal entry can cause kadmind to dereference a null
-pointer by supplying an empty DB argument to the modify_principal
-command, if kadmind is configured to use the LDAP KDB module.
-
- CVSSv2 Vector: AV:N/AC:H/Au:S/C:N/I:N/A:C/E:H/RL:OF/RC:ND
-
-ticket: 8383 (new)
-target_version: 1.14-next
-target_version: 1.13-next
-tags: pullup
-
-Upstream-Status: Backport
-
-Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
-Index: krb5-1.13.2/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c
-===================================================================
---- krb5-1.13.2.orig/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 2015-05-09 07:27:02.000000000 +0800
-+++ krb5-1.13.2/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c 2016-04-11 15:17:12.874140518 +0800
-@@ -267,6 +267,7 @@
- if (db_args) {
- for (i=0; db_args[i]; ++i) {
- arg = strtok_r(db_args[i], "=", &arg_val);
-+ arg = (arg != NULL) ? arg : "";
- if (strcmp(arg, TKTPOLICY_ARG) == 0) {
- dptr = &xargs->tktpolicydn;
- } else {
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/krb5-admin-server.service b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/krb5-admin-server.service
new file mode 100644
index 0000000..1b42716
--- /dev/null
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/krb5-admin-server.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=MIT Kerberos KDC administrative daemon
+After=syslog.target network.target
+ConditionPathExists=/etc/krb5.conf
+
+[Service]
+Type=forking
+ExecStartPre=/bin/sh -c "test ! -f /var/log/kadmind.log || test ! -x /sbin/restorecon || /sbin/restorecon -F /var/log/kadmind.log"
+ExecStart=/usr/sbin/kadmind
+SuccessExitStatus=1 2 SIGKILL
+TimeoutStopSec=30
+
+[Install]
+WantedBy=multi-user.target
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/krb5-kdc.service b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/krb5-kdc.service
new file mode 100644
index 0000000..d5e5a95
--- /dev/null
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5/krb5-kdc.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=MIT Kerberos KDC
+After=syslog.target network.target
+ConditionPathExists=/etc/krb5.conf
+
+[Service]
+Type=forking
+ExecStart=/usr/sbin/krb5kdc
+SuccessExitStatus=1 2 SIGKILL
+TimeoutStopSec=30
+
+[Install]
+WantedBy=multi-user.target
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5_1.13.6.bb
similarity index 68%
rename from import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb
rename to import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5_1.13.6.bb
index 713b76c..06f7f90 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5_1.13.2.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/krb5/krb5_1.13.6.bb
@@ -14,31 +14,31 @@
HOMEPAGE = "http://web.mit.edu/Kerberos/"
SECTION = "console/network"
LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://${S}/../NOTICE;md5=f64248328d2d9928e1f04158b5243e7f"
+LIC_FILES_CHKSUM = "file://${S}/../NOTICE;md5=c6f37efad53b098e420f45e7ab6807dc"
DEPENDS = "ncurses util-linux e2fsprogs e2fsprogs-native"
-inherit autotools-brokensep binconfig perlnative
+inherit autotools-brokensep binconfig perlnative systemd
SHRT_VER = "${@oe.utils.trim_version("${PV}", 2)}"
-SRC_URI = "http://web.mit.edu/kerberos/dist/${BPN}/${SHRT_VER}/${BP}-signed.tar \
+SRC_URI = "http://web.mit.edu/kerberos/dist/${BPN}/${SHRT_VER}/${BP}.tar.gz \
file://0001-aclocal-Add-parameter-to-disable-keyutils-detection.patch \
file://debian-suppress-usr-lib-in-krb5-config.patch;striplevel=2 \
- file://Fix-SPNEGO-context-aliasing-bugs-CVE-2015-2695.patch;striplevel=2 \
- file://Fix-IAKERB-context-aliasing-bugs-CVE-2015-2696.patch;striplevel=2 \
- file://Fix-build_principal-memory-bug-CVE-2015-2697.patch;striplevel=2 \
- file://Fix-IAKERB-context-export-import-CVE-2015-2698.patch;striplevel=2 \
file://crosscompile_nm.patch \
file://etc/init.d/krb5-kdc \
file://etc/init.d/krb5-admin-server \
file://etc/default/krb5-kdc \
file://etc/default/krb5-admin-server \
- file://krb5-CVE-2016-3119.patch;striplevel=2 \
+ file://krb5-kdc.service \
+ file://krb5-admin-server.service \
"
-SRC_URI[md5sum] = "f7ebfa6c99c10b16979ebf9a98343189"
-SRC_URI[sha256sum] = "e528c30b0209c741f6f320cb83122ded92f291802b6a1a1dc1a01dcdb3ff6de1"
+SRC_URI[md5sum] = "6164ca9c075b4ecc68eadd6d13040417"
+SRC_URI[sha256sum] = "9c0a46b8918237a53916370d2e02298c2b294f55f0351f9404e18930bc26badc"
S = "${WORKDIR}/${BP}/src"
+SYSTEMD_SERVICE_${PN} = "krb5-admin-server.service krb5-kdc.service"
+SYSTEMD_AUTO_ENABLE = "disable"
+
PACKAGECONFIG ??= "openssl"
PACKAGECONFIG[libedit] = "--with-libedit,--without-libedit,libedit"
PACKAGECONFIG[openssl] = "--with-pkinit-crypto-impl=openssl,,openssl"
@@ -51,8 +51,8 @@
ac_cv_printf_positional=yes ac_cv_file__etc_environment=yes \
ac_cv_file__etc_TIMEZONE=no"
-CFLAGS_append += "-DDESTRUCTOR_ATTR_WORKS=1 -I${STAGING_INCDIR}/et"
-LDFLAGS_append += "-lpthread"
+CFLAGS_append = " -fPIC -DDESTRUCTOR_ATTR_WORKS=1 -I${STAGING_INCDIR}/et"
+LDFLAGS_append = " -pthread"
FILES_${PN} += "${datadir}/gnats"
FILES_${PN}-doc += "${datadir}/examples"
@@ -61,16 +61,6 @@
# As this recipe doesn't inherit update-rc.d, we need to add this dependency here
RDEPENDS_${PN}_class-target += "initscripts-functions"
-krb5_do_unpack() {
- # ${P}-signed.tar contains ${P}.tar.gz.asc and ${P}.tar.gz
- tar xzf ${WORKDIR}/${BP}.tar.gz -C ${WORKDIR}/
-}
-
-python do_unpack() {
- bb.build.exec_func('base_do_unpack', d)
- bb.build.exec_func('krb5_do_unpack', d)
-}
-
do_configure() {
gnu-configize --force
autoreconf
@@ -78,20 +68,26 @@
}
do_install_append() {
- mkdir -p ${D}/${sysconfdir}/init.d ${D}/${sysconfdir}/default
- install -m 0755 ${WORKDIR}/etc/init.d/* ${D}/${sysconfdir}/init.d
- install -m 0644 ${WORKDIR}/etc/default/* ${D}/${sysconfdir}/default
-
rm -rf ${D}/${localstatedir}/run
- mkdir -p ${D}/${sysconfdir}/default/volatiles
- echo "d root root 0755 ${localstatedir}/run/krb5kdc none" \
- > ${D}${sysconfdir}/default/volatiles/87_krb5
+
+ if ${@bb.utils.contains('DISTRO_FEATURES', 'sysvinit', 'true', 'false', d)}; then
+ mkdir -p ${D}/${sysconfdir}/init.d ${D}/${sysconfdir}/default
+ install -m 0755 ${WORKDIR}/etc/init.d/* ${D}/${sysconfdir}/init.d
+ install -m 0644 ${WORKDIR}/etc/default/* ${D}/${sysconfdir}/default
+
+ mkdir -p ${D}/${sysconfdir}/default/volatiles
+ echo "d root root 0755 ${localstatedir}/run/krb5kdc none" \
+ > ${D}${sysconfdir}/default/volatiles/87_krb5
+ fi
if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
install -d ${D}${sysconfdir}/tmpfiles.d
echo "d /run/krb5kdc - - - -" \
> ${D}${sysconfdir}/tmpfiles.d/krb5.conf
- fi
+ install -d ${D}${systemd_system_unitdir}
+ install -m 0644 ${WORKDIR}/krb5-admin-server.service ${D}${systemd_system_unitdir}
+ install -m 0644 ${WORKDIR}/krb5-kdc.service ${D}${systemd_system_unitdir}
+ fi
}
pkg_postinst_${PN} () {
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libmbim/libmbim/clang.patch b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libmbim/libmbim/clang.patch
new file mode 100644
index 0000000..92e657c
--- /dev/null
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libmbim/libmbim/clang.patch
@@ -0,0 +1,73 @@
+Check for clang compiler since we need to disable
+unused-function warning for clang, at same time
+pass werror when checking for compiler options if
+werror is enabled so spurious options do not get
+enabled. Only the ones that are supported by given
+compiler are accepted.
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+Upstream-Status: Pending
+
+Index: libmbim-1.14.0/m4/compiler-warnings.m4
+===================================================================
+--- libmbim-1.14.0.orig/m4/compiler-warnings.m4
++++ libmbim-1.14.0/m4/compiler-warnings.m4
+@@ -2,10 +2,30 @@ AC_DEFUN([LIBMBIM_COMPILER_WARNINGS],
+ [AC_ARG_ENABLE(more-warnings,
+ AS_HELP_STRING([--enable-more-warnings], [Possible values: no/yes/error]),
+ set_more_warnings="$enableval",set_more_warnings=error)
++
++# Clang throws a lot of warnings when it does not understand a flag. Disable
++# this warning for now so other warnings are visible.
++AC_MSG_CHECKING([if compiling with clang])
++AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [[
++#ifndef __clang__
++ not clang
++#endif
++ ]])],
++ [CLANG=yes],
++ [CLANG=no]
++)
++AC_MSG_RESULT([$CLANG])
++AS_IF([test "x$CLANG" = "xyes"], [CLANG_FLAGS=-Wno-error=unused-function])
++CFLAGS="$CFLAGS $CLANG_FLAGS"
++LDFLAGS="$LDFLAGS $CLANG_FLAGS"
++
+ AC_MSG_CHECKING(for more warnings)
+ if test "$GCC" = "yes" -a "$set_more_warnings" != "no"; then
+ AC_MSG_RESULT(yes)
+ CFLAGS="-Wall -std=gnu89 $CFLAGS"
++ if test "x$set_more_warnings" = xerror; then
++ WERROR="-Werror"
++ fi
+
+ for option in -Wmissing-declarations -Wmissing-prototypes \
+ -Wdeclaration-after-statement -Wstrict-prototypes \
+@@ -17,22 +37,23 @@ if test "$GCC" = "yes" -a "$set_more_war
+ -Wmissing-include-dirs -Waggregate-return \
+ -Wformat-security; do
+ SAVE_CFLAGS="$CFLAGS"
+- CFLAGS="$CFLAGS $option"
++ CFLAGS="$CFLAGS $option $WERROR"
+ AC_MSG_CHECKING([whether gcc understands $option])
+ AC_TRY_COMPILE([], [],
+ has_option=yes,
+ has_option=no,)
+ if test $has_option = no; then
+ CFLAGS="$SAVE_CFLAGS"
++ else
++ CFLAGS="$SAVE_CFLAGS $option"
+ fi
+ AC_MSG_RESULT($has_option)
+ unset has_option
+ unset SAVE_CFLAGS
+ done
++ CFLAGS="$CFLAGS $WERROR"
+ unset option
+- if test "x$set_more_warnings" = xerror; then
+- CFLAGS="$CFLAGS -Werror"
+- fi
++ unset WERROR
+ else
+ AC_MSG_RESULT(no)
+ fi
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libmbim/libmbim_1.12.2.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libmbim/libmbim_1.14.0.bb
similarity index 70%
rename from import-layers/meta-openembedded/meta-oe/recipes-connectivity/libmbim/libmbim_1.12.2.bb
rename to import-layers/meta-openembedded/meta-oe/recipes-connectivity/libmbim/libmbim_1.14.0.bb
index f1ecce5..02a1788 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libmbim/libmbim_1.12.2.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libmbim/libmbim_1.14.0.bb
@@ -9,8 +9,10 @@
DEPENDS = "glib-2.0 libgudev"
-inherit autotools pkgconfig
+inherit autotools pkgconfig bash-completion
-SRC_URI = "http://www.freedesktop.org/software/${BPN}/${BPN}-${PV}.tar.xz"
-SRC_URI[md5sum] = "921fb5ab3f13f1e00833e009d8f3b4f6"
-SRC_URI[sha256sum] = "949351d3e3d69b81e40a49f1d187944c26149e0647a415f0227ccdc112047b29"
+SRC_URI = "http://www.freedesktop.org/software/${BPN}/${BPN}-${PV}.tar.xz \
+ file://clang.patch \
+"
+SRC_URI[md5sum] = "2ed809e65c85353d3ab59e372890e549"
+SRC_URI[sha256sum] = "ca8d52a95a18cbabae8f15f83f1572316e888b6504f946e6645d24405127ab5b"
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libndp/libndp_1.5.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libndp/libndp_1.6.bb
similarity index 61%
rename from import-layers/meta-openembedded/meta-oe/recipes-connectivity/libndp/libndp_1.5.bb
rename to import-layers/meta-openembedded/meta-oe/recipes-connectivity/libndp/libndp_1.6.bb
index 8f1d1ff..a35dff8 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libndp/libndp_1.5.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libndp/libndp_1.6.bb
@@ -4,7 +4,7 @@
LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c"
SRC_URI = "http://libndp.org/files/${BPN}-${PV}.tar.gz"
-SRC_URI[md5sum] = "beb82e8d75d8382d1b7c0bb0f68be429"
-SRC_URI[sha256sum] = "faf116ab70ce9514ec4e8573556025debea08f606e7f38b616de1f26e120c795"
+SRC_URI[md5sum] = "1e54d26bcb4a4110bc3f90c5dd04f1a7"
+SRC_URI[sha256sum] = "0c7dfa84e013bd5e569ef2c6292a6f72cfaf14f4ff77a77425e52edc33ffac0e"
inherit autotools
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libnet/libnet/0001-Support-musl-libc-remove-support-for-glibc-2.1.patch b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libnet/libnet/0001-Support-musl-libc-remove-support-for-glibc-2.1.patch
new file mode 100644
index 0000000..98008db
--- /dev/null
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libnet/libnet/0001-Support-musl-libc-remove-support-for-glibc-2.1.patch
@@ -0,0 +1,58 @@
+From ffd7fab744a9ad2893169a8fb6244074604d5d0d Mon Sep 17 00:00:00 2001
+From: rofl0r <retnyg@gmx.net>
+Date: Tue, 12 Aug 2014 21:51:39 +0200
+Subject: [PATCH] Support musl libc, remove support for glibc < 2.1
+
+Upstream-Status: Backport
+
+The workarounds for glibc < 2.1 (was released february 1999) break the
+build with musl libc.
+
+It is very unlikely that 2.0 or earlier is still in use, and if so,
+1) that's a big security hole
+2) code wouldnt compile anyway since noone tested build in the last decade
+3) user of it wouldn't expect anyway to get bleeding edge sw built on it,
+ so he would just use the latest version that works for him.
+
+Closes #52
+
+Signed-off-by: rofl0r <retnyg@gmx.net>
+Signed-off-by: Ming Liu <peter.x.liu@external.atlascopco.com>
+---
+ libnet/src/libnet_link_linux.c | 11 -----------
+ 1 file changed, 11 deletions(-)
+
+diff --git a/src/libnet_link_linux.c b/src/libnet_link_linux.c
+index 054458d..3c6df3c 100644
+--- a/src/libnet_link_linux.c
++++ b/src/libnet_link_linux.c
+@@ -30,26 +30,15 @@
+ #include <sys/time.h>
+
+ #include <net/if.h>
+-#if (__GLIBC__)
+ #include <netinet/if_ether.h>
+ #include <net/if_arp.h>
+-#else
+-#include <linux/if_arp.h>
+-#include <linux/if_ether.h>
+-#endif
+
+ #if (HAVE_PACKET_SOCKET)
+ #ifndef SOL_PACKET
+ #define SOL_PACKET 263
+ #endif /* SOL_PACKET */
+-#if __GLIBC__ >= 2 && __GLIBC_MINOR >= 1
+ #include <netpacket/packet.h>
+ #include <net/ethernet.h> /* the L2 protocols */
+-#else
+-#include <asm/types.h>
+-#include <linux/if_packet.h>
+-#include <linux/if_ether.h> /* The L2 protocols */
+-#endif
+ #endif /* HAVE_PACKET_SOCKET */
+
+ #include "../include/libnet.h"
+--
+1.9.1
+
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libnet/libnet_1.2-rc3.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libnet/libnet_1.2-rc3.bb
index a558e80..dfc2049 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libnet/libnet_1.2-rc3.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libnet/libnet_1.2-rc3.bb
@@ -8,7 +8,9 @@
# There are major API changes beween libnet v1.0 and libnet v1.1
PROVIDES = "libnet-1.2rc2"
-SRC_URI = "${SOURCEFORGE_MIRROR}/libnet-dev/${BPN}-${PV}.tar.gz"
+SRC_URI = "${SOURCEFORGE_MIRROR}/libnet-dev/${BPN}-${PV}.tar.gz \
+ file://0001-Support-musl-libc-remove-support-for-glibc-2.1.patch \
+ "
SRC_URI[md5sum] = "f051e6e5bdecddb90f77c701c2ca1804"
SRC_URI[sha256sum] = "72c380785ad44183005e654b47cc12485ee0228d7fa6b0a87109ff7614be4a63"
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libqmi/libqmi/0001-Detect-clang.patch b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libqmi/libqmi/0001-Detect-clang.patch
new file mode 100644
index 0000000..4047ffb
--- /dev/null
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libqmi/libqmi/0001-Detect-clang.patch
@@ -0,0 +1,84 @@
+From 4cfb728804157e8f3c69e11ba4df449d8f76388f Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Thu, 20 Oct 2016 04:42:26 +0000
+Subject: [PATCH] Detect clang
+
+Check for clang compiler since we need to disable
+unused-function warning for clang, at same time
+pass werror when checking for compiler options if
+werror is enabled so spurious options do not get
+enabled. Only the ones that are supported by given
+compiler are accepted.
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+Upstream-Status: Pending
+---
+ m4/compiler-warnings.m4 | 29 +++++++++++++++++++++++++----
+ 1 file changed, 25 insertions(+), 4 deletions(-)
+
+diff --git a/m4/compiler-warnings.m4 b/m4/compiler-warnings.m4
+index de4a8b0..e4ba718 100644
+--- a/m4/compiler-warnings.m4
++++ b/m4/compiler-warnings.m4
+@@ -2,10 +2,30 @@ AC_DEFUN([LIBQMI_COMPILER_WARNINGS],
+ [AC_ARG_ENABLE(more-warnings,
+ AS_HELP_STRING([--enable-more-warnings], [Possible values: no/yes/error]),
+ set_more_warnings="$enableval",set_more_warnings=error)
++
++# Clang throws a lot of warnings when it does not understand a flag. Disable
++# this warning for now so other warnings are visible.
++AC_MSG_CHECKING([if compiling with clang])
++AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [[
++#ifndef __clang__
++ not clang
++#endif
++ ]])],
++ [CLANG=yes],
++ [CLANG=no]
++)
++AC_MSG_RESULT([$CLANG])
++AS_IF([test "x$CLANG" = "xyes"], [CLANG_FLAGS=-Wno-error=unused-function])
++CFLAGS="$CFLAGS $CLANG_FLAGS"
++LDFLAGS="$LDFLAGS $CLANG_FLAGS"
++
+ AC_MSG_CHECKING(for more warnings)
+ if test "$GCC" = "yes" -a "$set_more_warnings" != "no"; then
+ AC_MSG_RESULT(yes)
+ CFLAGS="-Wall -std=gnu89 $CFLAGS"
++ if test "x$set_more_warnings" = xerror; then
++ WERROR="-Werror"
++ fi
+
+ for option in -Wmissing-declarations -Wmissing-prototypes \
+ -Wdeclaration-after-statement -Wstrict-prototypes \
+@@ -17,22 +37,23 @@ if test "$GCC" = "yes" -a "$set_more_warnings" != "no"; then
+ -Wmissing-include-dirs -Waggregate-return \
+ -Wformat-security; do
+ SAVE_CFLAGS="$CFLAGS"
+- CFLAGS="$CFLAGS $option"
++ CFLAGS="$CFLAGS $option $WERROR"
+ AC_MSG_CHECKING([whether gcc understands $option])
+ AC_TRY_COMPILE([], [],
+ has_option=yes,
+ has_option=no,)
+ if test $has_option = no; then
+ CFLAGS="$SAVE_CFLAGS"
++ else
++ CFLAGS="$SAVE_CFLAGS $option"
+ fi
+ AC_MSG_RESULT($has_option)
+ unset has_option
+ unset SAVE_CFLAGS
+ done
++ CFLAGS="$CFLAGS $WERROR"
+ unset option
+- if test "x$set_more_warnings" = xerror; then
+- CFLAGS="$CFLAGS -Werror"
+- fi
++ unset WERROR
+ else
+ AC_MSG_RESULT(no)
+ fi
+--
+1.9.1
+
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libqmi/libqmi_1.12.6.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libqmi/libqmi_1.16.0.bb
similarity index 63%
rename from import-layers/meta-openembedded/meta-oe/recipes-connectivity/libqmi/libqmi_1.12.6.bb
rename to import-layers/meta-openembedded/meta-oe/recipes-connectivity/libqmi/libqmi_1.16.0.bb
index 7a15527..679b102 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libqmi/libqmi_1.12.6.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/libqmi/libqmi_1.16.0.bb
@@ -7,10 +7,12 @@
file://COPYING.LIB;md5=4fbd65380cdd255951079008b364516c \
"
-DEPENDS = "glib-2.0"
+DEPENDS = "glib-2.0 libgudev libmbim"
-inherit autotools pkgconfig
+inherit autotools pkgconfig bash-completion
-SRC_URI = "http://www.freedesktop.org/software/${BPN}/${BPN}-${PV}.tar.xz"
-SRC_URI[md5sum] = "24c9eb300662ba6cff0152de89bd9ec0"
-SRC_URI[sha256sum] = "0857bffece4e8ddfa7f721dd9ca63b4c78de345ac9ae2faebf04062cacba3780"
+SRC_URI = "http://www.freedesktop.org/software/${BPN}/${BPN}-${PV}.tar.xz \
+ file://0001-Detect-clang.patch \
+ "
+SRC_URI[md5sum] = "4970c110f160b33637a3515004c637b2"
+SRC_URI[sha256sum] = "7ab6bb47fd23bf4d3fa17424e40ea5552d08b19e5ee4f125f21f316c8086ba2a"
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/linuxptp/linuxptp_1.6.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/linuxptp/linuxptp_1.6.bb
index 254b855..0939d17 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/linuxptp/linuxptp_1.6.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/linuxptp/linuxptp_1.6.bb
@@ -9,7 +9,7 @@
SRC_URI[sha256sum] = "e7fd16a9f235b059be527bd512e86f0c1d9f2e7c36736e6d6d9727a4427ac14c"
EXTRA_OEMAKE = "ARCH=${TARGET_ARCH} \
- EXTRA_CFLAGS='-D_GNU_SOURCE -DHAVE_CLOCK_ADJTIME -DHAVE_ONESTEP_SYNC ${CFLAGS}'"
+ EXTRA_CFLAGS='-D_GNU_SOURCE -DHAVE_CLOCK_ADJTIME -DHAVE_ONESTEP_SYNC ${CFLAGS}'"
do_install () {
install -d ${D}/${bindir}
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/lirc/lirc/0001-lircrcd-Mark-local-inline-funtions-as-static.patch b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/lirc/lirc/0001-lircrcd-Mark-local-inline-funtions-as-static.patch
new file mode 100644
index 0000000..e19d276
--- /dev/null
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/lirc/lirc/0001-lircrcd-Mark-local-inline-funtions-as-static.patch
@@ -0,0 +1,49 @@
+From c2be4543e4777c9e3d74b30326ba37b01917b0a9 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Thu, 25 Aug 2016 03:02:37 +0000
+Subject: [PATCH] lircrcd: Mark local inline funtions as static
+
+These functions are not used anywhere outside
+this file, so they should be converted into static
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+Upstream-Status: Pending
+
+ daemons/lircrcd.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/daemons/lircrcd.c b/daemons/lircrcd.c
+index 55777cd..5ddc94d 100644
+--- a/daemons/lircrcd.c
++++ b/daemons/lircrcd.c
+@@ -153,7 +153,7 @@ char *s;
+ /* A safer write(), since sockets might not write all but only some of the
+ bytes requested */
+
+-inline int write_socket(int fd, char *buf, int len)
++static inline int write_socket(int fd, char *buf, int len)
+ {
+ int done, todo = len;
+
+@@ -167,7 +167,7 @@ inline int write_socket(int fd, char *buf, int len)
+ return (len);
+ }
+
+-inline int write_socket_len(int fd, char *buf)
++static inline int write_socket_len(int fd, char *buf)
+ {
+ int len;
+
+@@ -177,7 +177,7 @@ inline int write_socket_len(int fd, char *buf)
+ return (1);
+ }
+
+-inline int read_timeout(int fd, char *buf, int len, int timeout)
++static inline int read_timeout(int fd, char *buf, int len, int timeout)
+ {
+ fd_set fds;
+ struct timeval tv;
+--
+1.9.1
+
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/lirc/lirc_0.9.2.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/lirc/lirc_0.9.2.bb
index 900b68d..1726192 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/lirc/lirc_0.9.2.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/lirc/lirc_0.9.2.bb
@@ -1,6 +1,7 @@
require lirc.inc
SRC_URI += " \
+ file://0001-lircrcd-Mark-local-inline-funtions-as-static.patch \
file://lircd.service \
file://lircd.init \
file://lircexec.init \
@@ -17,7 +18,7 @@
SYSTEMD_SERVICE_${PN} = "lircd.service lircmd.service"
SYSTEMD_AUTO_ENABLE_lirc = "enable"
-inherit autotools pkgconfig systemd pythonnative
+inherit autotools pkgconfig systemd python3native
PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/,--without-systemdsystemunitdir,systemd"
PACKAGECONFIG[x11] = "--with-x,--with-x=no,libx11,"
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/modemmanager/enum-conversion.patch b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/modemmanager/enum-conversion.patch
new file mode 100644
index 0000000..a3fb0f3
--- /dev/null
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/modemmanager/enum-conversion.patch
@@ -0,0 +1,21 @@
+Fixes errors found bt Clang
+
+| ../../ModemManager-1.6.4/src/mm-bearer-qmi.c:774:50: error: implicit conversion from enumeration type 'MMBearerStatus' to different enumeration type 'MMBearerConnectionStatus' [-Werror,-Wenum-conversion]
+| MMBearerConnectionStatus bearer_status = mm_base_bearer_get_status (MM_BASE_BEARER (self));
+| ~~~~~~~~~~~~~ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+| 1 error generated.
+
+
+Index: ModemManager-1.6.4/src/mm-bearer-qmi.c
+===================================================================
+--- ModemManager-1.6.4.orig/src/mm-bearer-qmi.c
++++ ModemManager-1.6.4/src/mm-bearer-qmi.c
+@@ -771,7 +771,7 @@ packet_service_status_indication_cb (Qmi
+ &connection_status,
+ NULL,
+ NULL)) {
+- MMBearerConnectionStatus bearer_status = mm_base_bearer_get_status (MM_BASE_BEARER (self));
++ MMBearerConnectionStatus bearer_status = (MMBearerConnectionStatus)mm_base_bearer_get_status (MM_BASE_BEARER (self));
+
+ if (connection_status == QMI_WDS_CONNECTION_STATUS_DISCONNECTED &&
+ bearer_status != MM_BEARER_CONNECTION_STATUS_DISCONNECTED &&
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.4.12.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.6.4.bb
similarity index 81%
rename from import-layers/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.4.12.bb
rename to import-layers/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.6.4.bb
index a173e69..5e4e220 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.4.12.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.6.4.bb
@@ -7,13 +7,15 @@
file://COPYING.LIB;md5=4fbd65380cdd255951079008b364516c \
"
-inherit gnomebase gettext systemd vala gobject-introspection
+inherit gnomebase gettext systemd vala gobject-introspection bash-completion
-DEPENDS = "glib-2.0 libgudev dbus-glib"
+DEPENDS = "glib-2.0 libgudev dbus-glib intltool-native"
-SRC_URI = "http://www.freedesktop.org/software/ModemManager/ModemManager-${PV}.tar.xz"
-SRC_URI[md5sum] = "66cc7266b15525cb366253e6639fc564"
-SRC_URI[sha256sum] = "7ef5035375a953b285a742591df0a65fd442f4641ce4d8f4392a41d6d6bc70b3"
+SRC_URI = "http://www.freedesktop.org/software/ModemManager/ModemManager-${PV}.tar.xz \
+ file://enum-conversion.patch \
+"
+SRC_URI[md5sum] = "06488186c7dd53f8104183b86f7a1568"
+SRC_URI[sha256sum] = "cdd5b4cb1e4d7643643a28ccbfc4bb354bfa9cb89a77ea160ebdf7926171c668"
S = "${WORKDIR}/ModemManager-${PV}"
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/mosh/mosh_1.2.4.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/mosh/mosh_1.2.4.bb
index 16e2a7d..4bf238d 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/mosh/mosh_1.2.4.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/mosh/mosh_1.2.4.bb
@@ -25,11 +25,11 @@
FILES_${PN}-server = "${bindir}/mosh-server"
NEEDED_PERL_MODULES = "\
- perl-module-socket \
- perl-module-getopt-long \
- perl-module-errno \
- perl-module-io-socket-inet \
- perl-module-posix \
+ perl-module-socket \
+ perl-module-getopt-long \
+ perl-module-errno \
+ perl-module-io-socket-inet \
+ perl-module-posix \
"
# mosh uses SSH to authenticate and the client uses OpenSSH-specific features
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/networkmanager/networkmanager-openvpn_1.0.8.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/networkmanager/networkmanager-openvpn_1.0.8.bb
index 258ee68..fe1d601 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/networkmanager/networkmanager-openvpn_1.0.8.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/networkmanager/networkmanager-openvpn_1.0.8.bb
@@ -4,7 +4,7 @@
LICENSE = "GPLv2+"
LIC_FILES_CHKSUM = "file://COPYING;md5=100d5a599bead70ddcd70dcd73f2e29c"
-DEPENDS = "dbus dbus-glib networkmanager openvpn"
+DEPENDS = "dbus dbus-glib networkmanager openvpn intltool-native"
inherit gnomebase useradd gettext systemd
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/networkmanager/networkmanager/0002-networkmanager-fixed-issues-of-NetworkManager-wait-o.patch b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/networkmanager/networkmanager/0002-networkmanager-fixed-issues-of-NetworkManager-wait-o.patch
new file mode 100644
index 0000000..4eb9e21
--- /dev/null
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/networkmanager/networkmanager/0002-networkmanager-fixed-issues-of-NetworkManager-wait-o.patch
@@ -0,0 +1,44 @@
+From 0690452b863286e524d2037427816b7850301f93 Mon Sep 17 00:00:00 2001
+From: Haiqing Bai <Haiqing.Bai@windriver.com>
+Date: Tue, 6 Sep 2016 09:27:38 +0800
+Subject: [PATCH] networkmanager: fixed issues of
+ NetworkManager-wait-online.service.in.
+
+Remove network.target in "Before" to avoid circle dependency.
+Wants=network.target
+Before=network.target network-online.target
+
+Correct the "WantedBy" to network-online.target.
+
+Upstream-status: Pending
+
+Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com>
+---
+ data/NetworkManager-wait-online.service.in | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/data/NetworkManager-wait-online.service.in b/data/NetworkManager-wait-online.service.in
+index 6ad6942..1753d20 100644
+--- a/data/NetworkManager-wait-online.service.in
++++ b/data/NetworkManager-wait-online.service.in
+@@ -1,13 +1,14 @@
+ [Unit]
+ Description=Network Manager Wait Online
++Documentation=man:nm-online(1)
+ Requisite=NetworkManager.service
+ After=NetworkManager.service
+-Wants=network.target
+-Before=network.target network-online.target
++Before=network-online.target
+
+ [Service]
+ Type=oneshot
+ ExecStart=@bindir@/nm-online -s -q --timeout=30
++RemainAfterExit=yes
+
+ [Install]
+-WantedBy=multi-user.target
++WantedBy=network-online.target
+--
+1.9.1
+
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.0.10.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.0.12.bb
similarity index 86%
rename from import-layers/meta-openembedded/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.0.10.bb
rename to import-layers/meta-openembedded/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.0.12.bb
index 831ddf0..9134880 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.0.10.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/networkmanager/networkmanager_1.0.12.bb
@@ -7,7 +7,7 @@
file://docs/api/html/license.html;md5=51d7fb67bde992e58533a8481cee070b \
"
-DEPENDS = "libnl dbus dbus-glib libgudev util-linux libndp libnewt polkit"
+DEPENDS = "intltool-native libnl dbus dbus-glib dbus-glib-native libgudev util-linux libndp libnewt polkit"
inherit gnomebase gettext systemd bluetooth bash-completion vala gobject-introspection
@@ -15,13 +15,11 @@
${GNOME_MIRROR}/NetworkManager/${@gnome_verdir("${PV}")}/NetworkManager-${PV}.tar.xz \
file://0001-don-t-try-to-run-sbin-dhclient-to-get-the-version-nu.patch \
file://0002-add-pkg-config-for-libgcrypt.patch \
- file://0003-core-fix-failure-to-configure-routes-due-to-wrong-de.patch \
- file://0004-ppp-manager-clear-ppp_watch_id-upon-pppd-termination.patch \
- file://0005-device-update-ip_iface-only-if-IP-interface-exists.patch \
file://0006-Fix-nm-version-macro-includes.patch \
+ file://0002-networkmanager-fixed-issues-of-NetworkManager-wait-o.patch \
"
-SRC_URI[md5sum] = "a8f54460a4708efd840358f32d0968fd"
-SRC_URI[sha256sum] = "1bcfce8441dfd9f432a100d06b54f3831a2275cccc3b74b1b4c09a011e179fbc"
+SRC_URI[md5sum] = "ebb273456a81ccf9dfaf2461061b0e96"
+SRC_URI[sha256sum] = "3a470f8c60109b1acb5784ddc2423501706b5fe34c793a6faee87e591eb04a9e"
S = "${WORKDIR}/NetworkManager-${PV}"
@@ -65,7 +63,7 @@
PACKAGECONFIG[netconfig] = "--with-netconfig=yes,--with-netconfig=no"
PACKAGECONFIG[qt4-x11-free] = "--enable-qt,--disable-qt,qt4-x11-free"
-PACKAGES =+ "libnmutil libnmglib libnmglib-vpn ${PN}-tests \
+PACKAGES =+ "libnmutil libnmglib libnmglib-vpn \
${PN}-nmtui ${PN}-nmtui-doc \
${PN}-adsl \
"
@@ -102,10 +100,6 @@
${libdir}/NetworkManager/*.la \
"
-FILES_${PN}-tests = " \
- ${bindir}/nm-online \
-"
-
FILES_${PN}-nmtui = " \
${bindir}/nmtui \
${bindir}/nmtui-edit \
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/obexftp/obexftp_0.23.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/obexftp/obexftp_0.23.bb
index fcd447c..b6bdfb7 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/obexftp/obexftp_0.23.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/obexftp/obexftp_0.23.bb
@@ -4,9 +4,6 @@
DEPENDS += "openobex"
-# Depends on openobex
-PNBLACKLIST[obexftp] ?= "${@bb.utils.contains('DISTRO_FEATURES', 'bluez5', 'bluez5 conflicts with bluez4 and bluez5 is selected in DISTRO_FEATURES', '', d)}"
-
SRC_URI = "http://sourceforge.net/projects/openobex/files/obexftp/${PV}/obexftp-${PV}.tar.bz2 \
file://Remove_some_printf_in_obexftpd.patch "
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/packagegroups/packagegroup-tools-bluetooth.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/packagegroups/packagegroup-tools-bluetooth.bb
index dde4599..0ede5e5 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/packagegroups/packagegroup-tools-bluetooth.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/packagegroups/packagegroup-tools-bluetooth.bb
@@ -2,7 +2,7 @@
# Released under the MIT license (see COPYING.MIT for the terms)
LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=3f40d7994397109285ec7b81fdeb3b58 \
+LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=4d92cd373abda3937c2bc47fbc49d690 \
file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
SUMMARY = "Set of Bluetooth related tools for inclusion in images"
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/smstools3/smstools3_3.1.15.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/smstools3/smstools3_3.1.15.bb
index 95adecd..b8a9d4a 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/smstools3/smstools3_3.1.15.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/smstools3/smstools3_3.1.15.bb
@@ -22,25 +22,25 @@
inherit update-rc.d
do_install () {
-
- install -d ${D}${bindir}
- install -m 755 ${S}/src/smsd "${D}${bindir}/smsd"
-
- install -m 755 ${S}/scripts/sendsms "${D}${bindir}/sendsms"
- install -m 755 ${S}/scripts/sms2html "${D}${bindir}/sms2html"
- install -m 755 ${S}/scripts/sms2unicode "${D}${bindir}/sms2unicode"
- install -m 755 ${S}/scripts/unicode2sms "${D}${bindir}/unicode2sms"
- install -d ${D}${sysconfdir}
- install -m 644 ${S}/examples/smsd.conf.easy "${D}${sysconfdir}/smsd.conf"
+ install -d ${D}${bindir}
+ install -m 755 ${S}/src/smsd "${D}${bindir}/smsd"
- install -d "${D}${localstatedir}/spool"
- install -d "${D}${localstatedir}/spool/sms"
- install -d "${D}${localstatedir}/spool/sms/incoming"
- install -d "${D}${localstatedir}/spool/sms/outgoing"
- install -d "${D}${localstatedir}/spool/sms/checked"
+ install -m 755 ${S}/scripts/sendsms "${D}${bindir}/sendsms"
+ install -m 755 ${S}/scripts/sms2html "${D}${bindir}/sms2html"
+ install -m 755 ${S}/scripts/sms2unicode "${D}${bindir}/sms2unicode"
+ install -m 755 ${S}/scripts/unicode2sms "${D}${bindir}/unicode2sms"
- install -d ${D}${sysconfdir}/init.d
- install -m 755 ${S}/scripts/sms3 "${D}${sysconfdir}/init.d/${INITSCRIPT_NAME}"
+ install -d ${D}${sysconfdir}
+ install -m 644 ${S}/examples/smsd.conf.easy "${D}${sysconfdir}/smsd.conf"
+
+ install -d "${D}${localstatedir}/spool"
+ install -d "${D}${localstatedir}/spool/sms"
+ install -d "${D}${localstatedir}/spool/sms/incoming"
+ install -d "${D}${localstatedir}/spool/sms/outgoing"
+ install -d "${D}${localstatedir}/spool/sms/checked"
+
+ install -d ${D}${sysconfdir}/init.d
+ install -m 755 ${S}/scripts/sms3 "${D}${sysconfdir}/init.d/${INITSCRIPT_NAME}"
}
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/telepathy/libtelepathy_0.3.3.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/telepathy/libtelepathy_0.3.3.bb
index f13e709..c398dc1 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/telepathy/libtelepathy_0.3.3.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/telepathy/libtelepathy_0.3.3.bb
@@ -11,8 +11,9 @@
PR = "r5"
SRC_URI = "http://telepathy.freedesktop.org/releases/libtelepathy/libtelepathy-${PV}.tar.gz \
- file://prefer_python_2.5.patch \
- file://doublefix.patch"
+ file://prefer_python_2.5.patch \
+ file://doublefix.patch \
+"
SRC_URI[md5sum] = "490ca1a0c614d4466394b72d43bf7370"
SRC_URI[sha256sum] = "e0d230be855125163579743418203c6f6be2f10f98c4f065735c1dc9ed115878"
@@ -20,4 +21,4 @@
inherit autotools pkgconfig pythonnative
FILES_${PN} += "${datadir}/telepathy \
- ${datadir}/dbus-1"
+ ${datadir}/dbus-1"
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/telepathy/telepathy-mission-control_5.16.1.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/telepathy/telepathy-mission-control_5.16.1.bb
index 9ae68dd..582783c 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/telepathy/telepathy-mission-control_5.16.1.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/telepathy/telepathy-mission-control_5.16.1.bb
@@ -23,15 +23,15 @@
PACKAGECONFIG[nm] = "--with-connectivity=nm,,networkmanager"
PACKAGES =+ " \
- libmissioncontrol \
- libmissioncontrol-config \
- libmissioncontrol-server \
- libmissioncontrol-dev \
- libmissioncontrol-config-dev \
- libmissioncontrol-server-dev \
- libmissioncontrol-dbg \
- libmissioncontrol-config-dbg \
- libmissioncontrol-server-dbg \
+ libmissioncontrol \
+ libmissioncontrol-config \
+ libmissioncontrol-server \
+ libmissioncontrol-dev \
+ libmissioncontrol-config-dev \
+ libmissioncontrol-server-dev \
+ libmissioncontrol-dbg \
+ libmissioncontrol-config-dbg \
+ libmissioncontrol-server-dbg \
"
FILES_${PN} += "${datadir}/dbus* ${datadir}/glib-2.0/schemas"
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0001-Forcibly-disable-check-for-Qt5.patch b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0001-Forcibly-disable-check-for-Qt5.patch
new file mode 100644
index 0000000..fcc2f08
--- /dev/null
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0001-Forcibly-disable-check-for-Qt5.patch
@@ -0,0 +1,27 @@
+From b3da0d8677b7e8467367a303c18551c56ed20e15 Mon Sep 17 00:00:00 2001
+From: Philip Balister <philip@balister.org>
+Date: Tue, 12 Apr 2016 17:30:15 -0400
+Subject: [PATCH] Forcibly disable check for Qt5.
+
+Signed-off-by: Philip Balister <philip@balister.org>
+---
+ build/cmake/DefineOptions.cmake | 3 ---
+ 1 file changed, 3 deletions(-)
+
+diff --git a/build/cmake/DefineOptions.cmake b/build/cmake/DefineOptions.cmake
+index 62e240f..f8b4493 100644
+--- a/build/cmake/DefineOptions.cmake
++++ b/build/cmake/DefineOptions.cmake
+@@ -52,9 +52,6 @@ CMAKE_DEPENDENT_OPTION(WITH_LIBEVENT "Build with libevent support" ON
+ find_package(Qt4 QUIET COMPONENTS QtCore QtNetwork)
+ CMAKE_DEPENDENT_OPTION(WITH_QT4 "Build with Qt4 support" ON
+ "QT4_FOUND" OFF)
+-find_package(Qt5 QUIET COMPONENTS Core Network)
+-CMAKE_DEPENDENT_OPTION(WITH_QT5 "Build with Qt5 support" ON
+- "Qt5_FOUND" OFF)
+ if(${WITH_QT4} AND ${WITH_QT5} AND ${CMAKE_MAJOR_VERSION} LESS 3)
+ # cmake < 3.0.0 causes conflict when building both Qt4 and Qt5
+ set(WITH_QT4 OFF)
+--
+2.5.5
+
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0001-THRIFT-3828-In-cmake-avoid-use-of-both-quoted-paths-.patch b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0001-THRIFT-3828-In-cmake-avoid-use-of-both-quoted-paths-.patch
new file mode 100644
index 0000000..7cc8d17
--- /dev/null
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0001-THRIFT-3828-In-cmake-avoid-use-of-both-quoted-paths-.patch
@@ -0,0 +1,110 @@
+From bc577820ad25795543b31f123e309cdaebc7d6c6 Mon Sep 17 00:00:00 2001
+From: Cody P Schafer <dev@codyps.com>
+Date: Mon, 16 May 2016 15:21:10 -0400
+Subject: [PATCH 1/2] THRIFT-3828 In cmake avoid use of both quoted paths and
+ SYSTEM with include_directories()
+
+This allows us to avoid issues where there are no paths to be added to
+the include path (include_directories() errors when given an empty
+string).
+
+Specifically, gcc-6 requires that libraries stop passing paths like
+'/usr/include' (or they will get libstdc++ build errors), so these paths
+will be empty more often in the future.
+---
+ lib/cpp/CMakeLists.txt | 8 ++++----
+ lib/cpp/test/CMakeLists.txt | 2 +-
+ test/cpp/CMakeLists.txt | 6 +++---
+ tutorial/cpp/CMakeLists.txt | 2 +-
+ 4 files changed, 9 insertions(+), 9 deletions(-)
+
+diff --git a/lib/cpp/CMakeLists.txt b/lib/cpp/CMakeLists.txt
+index 4c7caeb..a716ac3 100755
+--- a/lib/cpp/CMakeLists.txt
++++ b/lib/cpp/CMakeLists.txt
+@@ -24,7 +24,7 @@ else()
+ find_package(Boost 1.53.0 REQUIRED)
+ endif()
+
+-include_directories(SYSTEM "${Boost_INCLUDE_DIRS}")
++include_directories(${Boost_INCLUDE_DIRS})
+ include_directories(src)
+
+ # SYSLIBS contains libraries that need to be linked to all lib targets
+@@ -104,7 +104,7 @@ if(OPENSSL_FOUND AND WITH_OPENSSL)
+ src/thrift/transport/TSSLSocket.cpp
+ src/thrift/transport/TSSLServerSocket.cpp
+ )
+- include_directories(SYSTEM "${OPENSSL_INCLUDE_DIR}")
++ include_directories(${OPENSSL_INCLUDE_DIR})
+ list(APPEND SYSLIBS "${OPENSSL_LIBRARIES}")
+ endif()
+
+@@ -162,7 +162,7 @@ TARGET_LINK_LIBRARIES_THRIFT(thrift ${SYSLIBS})
+
+ if(WITH_LIBEVENT)
+ find_package(Libevent REQUIRED) # Libevent comes with CMake support form upstream
+- include_directories(SYSTEM ${LIBEVENT_INCLUDE_DIRS})
++ include_directories(${LIBEVENT_INCLUDE_DIRS})
+
+ ADD_LIBRARY_THRIFT(thriftnb ${thriftcppnb_SOURCES})
+ TARGET_LINK_LIBRARIES_THRIFT(thriftnb ${SYSLIBS} ${LIBEVENT_LIBRARIES})
+@@ -171,7 +171,7 @@ endif()
+
+ if(WITH_ZLIB)
+ find_package(ZLIB REQUIRED)
+- include_directories(SYSTEM ${ZLIB_INCLUDE_DIRS})
++ include_directories(${ZLIB_INCLUDE_DIRS})
+
+ ADD_LIBRARY_THRIFT(thriftz ${thriftcppz_SOURCES})
+ TARGET_LINK_LIBRARIES_THRIFT(thriftz ${SYSLIBS} ${ZLIB_LIBRARIES})
+diff --git a/lib/cpp/test/CMakeLists.txt b/lib/cpp/test/CMakeLists.txt
+index 5de9fc4..c956c38 100644
+--- a/lib/cpp/test/CMakeLists.txt
++++ b/lib/cpp/test/CMakeLists.txt
+@@ -20,7 +20,7 @@
+ # Find required packages
+ set(Boost_USE_STATIC_LIBS ON) # Force the use of static boost test framework
+ find_package(Boost 1.53.0 REQUIRED COMPONENTS chrono filesystem system thread unit_test_framework)
+-include_directories(SYSTEM "${Boost_INCLUDE_DIRS}")
++include_directories(${Boost_INCLUDE_DIRS})
+
+ #Make sure gen-cpp files can be included
+ include_directories("${CMAKE_CURRENT_BINARY_DIR}")
+diff --git a/test/cpp/CMakeLists.txt b/test/cpp/CMakeLists.txt
+index 2d75f2e..b1409de 100755
+--- a/test/cpp/CMakeLists.txt
++++ b/test/cpp/CMakeLists.txt
+@@ -22,13 +22,13 @@ include(ThriftMacros)
+
+ set(Boost_USE_STATIC_LIBS ON)
+ find_package(Boost 1.53.0 REQUIRED COMPONENTS program_options system filesystem)
+-include_directories(SYSTEM "${Boost_INCLUDE_DIRS}")
++include_directories(${Boost_INCLUDE_DIRS})
+
+ find_package(OpenSSL REQUIRED)
+-include_directories(SYSTEM "${OPENSSL_INCLUDE_DIR}")
++include_directories(${OPENSSL_INCLUDE_DIR})
+
+ find_package(Libevent REQUIRED) # Libevent comes with CMake support from upstream
+-include_directories(SYSTEM ${LIBEVENT_INCLUDE_DIRS})
++include_directories(${LIBEVENT_INCLUDE_DIRS})
+
+ #Make sure gen-cpp files can be included
+ include_directories("${CMAKE_CURRENT_BINARY_DIR}")
+diff --git a/tutorial/cpp/CMakeLists.txt b/tutorial/cpp/CMakeLists.txt
+index 2b0c143..5ecae17 100644
+--- a/tutorial/cpp/CMakeLists.txt
++++ b/tutorial/cpp/CMakeLists.txt
+@@ -18,7 +18,7 @@
+ #
+
+ find_package(Boost 1.53.0 REQUIRED)
+-include_directories(SYSTEM "${Boost_INCLUDE_DIRS}")
++include_directories(${Boost_INCLUDE_DIRS})
+
+ #Make sure gen-cpp files can be included
+ include_directories("${CMAKE_CURRENT_BINARY_DIR}")
+--
+2.9.3
+
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0002-THRIFT-3831-in-test-cpp-explicitly-use-signed-char.patch b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0002-THRIFT-3831-in-test-cpp-explicitly-use-signed-char.patch
new file mode 100644
index 0000000..f13adbb
--- /dev/null
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift-0.9.3/0002-THRIFT-3831-in-test-cpp-explicitly-use-signed-char.patch
@@ -0,0 +1,40 @@
+From f6cad0580e5391c37af7f60adddb71bf1a403dc4 Mon Sep 17 00:00:00 2001
+From: Cody P Schafer <dev@codyps.com>
+Date: Fri, 9 Sep 2016 15:50:26 -0400
+Subject: [PATCH 2/2] THRIFT-3831 in test/cpp explicitly use `signed char`
+
+`char`'s signed-ness is implimentation dependent, and in the case where
+`char` was not signed, we previously recieved errors like
+
+ thrift/0.9.3-r0/git/test/cpp/src/TestClient.cpp:404:15: error: narrowing conversion of '-127' from 'int' to 'char' inside { } [-Wnarrowing]
+
+(This example from gcc-6 on arm)
+---
+ test/cpp/src/TestClient.cpp | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/test/cpp/src/TestClient.cpp b/test/cpp/src/TestClient.cpp
+index e709899..4a961f8 100644
+--- a/test/cpp/src/TestClient.cpp
++++ b/test/cpp/src/TestClient.cpp
+@@ -383,7 +383,7 @@ int main(int argc, char** argv) {
+ * BINARY TEST
+ */
+ printf("testBinary([-128..127]) = {");
+- const char bin_data[256]
++ const signed char bin_data[256]
+ = {-128, -127, -126, -125, -124, -123, -122, -121, -120, -119, -118, -117, -116, -115, -114,
+ -113, -112, -111, -110, -109, -108, -107, -106, -105, -104, -103, -102, -101, -100, -99,
+ -98, -97, -96, -95, -94, -93, -92, -91, -90, -89, -88, -87, -86, -85, -84,
+@@ -404,7 +404,7 @@ int main(int argc, char** argv) {
+ 127};
+ try {
+ string bin_result;
+- testClient.testBinary(bin_result, string(bin_data, 256));
++ testClient.testBinary(bin_result, string(reinterpret_cast<const char *>(bin_data), 256));
+ if (bin_result.size() != 256) {
+ printf("}\n*** FAILED ***\n");
+ printf("invalid length: %lu\n", bin_result.size());
+--
+2.9.3
+
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift_0.9.3.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift_0.9.3.bb
new file mode 100644
index 0000000..905e561
--- /dev/null
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/thrift/thrift_0.9.3.bb
@@ -0,0 +1,36 @@
+SUMMARY = "Apache Thrift"
+DESCRIPTION = "A software framework, for scalable cross-language services development"
+HOMEPAGE = "https://thrift.apache.org/"
+
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=e4ed21f679b2aafef26eac82ab0c2cbf"
+
+DEPENDS = "thrift-native boost python libevent flex-native bison-native \
+ glib-2.0 openssl"
+
+SRC_URI = "git://git-wip-us.apache.org/repos/asf/thrift.git;protocol=https \
+ file://0001-Forcibly-disable-check-for-Qt5.patch \
+ file://0001-THRIFT-3828-In-cmake-avoid-use-of-both-quoted-paths-.patch \
+ file://0002-THRIFT-3831-in-test-cpp-explicitly-use-signed-char.patch \
+"
+SRCREV = "61b8a29b0704ccd81b520f2300f5d1bb261fea3e"
+S = "${WORKDIR}/git"
+
+BBCLASSEXTEND = "native nativesdk"
+
+inherit pkgconfig cmake pythonnative
+
+export STAGING_INCDIR
+export STAGING_LIBDIR
+export BUILD_SYS
+export HOST_SYS
+
+EXTRA_OECMAKE = "-DWITH_QT4=OFF -DWITH_QT5=OFF -DBUILD_JAVA=OFF"
+EXTRA_OECMAKE_append_class-native = "\
+ -DBUILD_TESTING=OFF -DBUILD_EXAMPLES=OFF -DWITH_CPP=OFF"
+EXTRA_OECMAKE_append_class-nativesdk = "\
+ -DBUILD_TESTING=OFF -DBUILD_EXAMPLES=OFF -DWITH_PYTHON=OFF"
+
+do_install_append () {
+ ln -sf thrift ${D}/${bindir}/thrift-compiler
+}
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/wvdial/wvdial_1.61.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/wvdial/wvdial_1.61.bb
index f7adf4c..65617fa 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/wvdial/wvdial_1.61.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/wvdial/wvdial_1.61.bb
@@ -28,3 +28,5 @@
do_install() {
oe_runmake prefix=${D}/usr PPPDIR=${D}/etc/ppp/peers install
}
+
+PNBLACKLIST[wvdial] ?= "Depends on broken wvstreams"
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/wvdial/wvstreams_4.6.1.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/wvdial/wvstreams_4.6.1.bb
index 6199a2f..8d86448 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/wvdial/wvstreams_4.6.1.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/wvdial/wvstreams_4.6.1.bb
@@ -46,3 +46,6 @@
FILES_${PN}-valgrind = "${libdir}/valgrind/wvstreams.supp"
RDEPENDS_${PN} += "perl"
+
+# http://errors.yoctoproject.org/Errors/Details/68614/
+PNBLACKLIST[wvstreams] ?= "BROKEN: fails to build with gcc-6"
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_2.4.7.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_2.4.7.bb
index c2c4eae..8b9c4b8 100644
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_2.4.7.bb
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/zabbix/zabbix_2.4.7.bb
@@ -24,8 +24,9 @@
PACKAGE_ARCH = "${MACHINE_ARCH}"
SRC_URI = "http://jaist.dl.sourceforge.net/project/zabbix/ZABBIX%20Latest%20Stable/${PV}/${BPN}-${PV}.tar.gz \
- file://0001-Fix-configure.ac.patch \
- file://zabbix-agent.service"
+ file://0001-Fix-configure.ac.patch \
+ file://zabbix-agent.service \
+"
SRC_URI[md5sum] = "9f8aeb11d8415585f41c3f2f22566b78"
SRC_URI[sha256sum] = "d2c47b8f5b9b91f18010d54c45de55845d979014a8b3fe4bef64e0b08f8b00da"
@@ -39,21 +40,23 @@
USERADD_PACKAGES = "${PN}"
GROUPADD_PARAM_${PN} = "-r zabbix"
USERADD_PARAM_${PN} = "-r -g zabbix -d /var/lib/zabbix \
- -s /sbin/nologin -c \"Zabbix Monitoring System\" zabbix"
+ -s /sbin/nologin -c \"Zabbix Monitoring System\" zabbix \
+"
KERNEL_VERSION = "${@get_kernelversion_headers('${STAGING_KERNEL_DIR}')}"
-EXTRA_OECONF = '--enable-dependency-tracking \
- --enable-agent \
- --enable-ipv6 \
- --with-net-snmp \
- --with-ldap=${STAGING_EXECPREFIXDIR} \
- --with-jabber \
- --with-unixodbc \
- --with-ssh2 \
- --with-sqlite3 \
- '
-CFLAGS_append += "-lldap -llber"
+EXTRA_OECONF = " \
+ --enable-dependency-tracking \
+ --enable-agent \
+ --enable-ipv6 \
+ --with-net-snmp \
+ --with-ldap=${STAGING_EXECPREFIXDIR} \
+ --with-jabber \
+ --with-unixodbc \
+ --with-ssh2 \
+ --with-sqlite3 \
+"
+CFLAGS_append = " -lldap -llber"
do_configure_prepend() {
export KERNEL_VERSION="${KERNEL_VERSION}"
@@ -62,7 +65,7 @@
do_install_append() {
if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then
install -d ${D}${systemd_unitdir}/system
- install -m 0644 ${WORKDIR}/zabbix-agent.service ${D}${systemd_unitdir}/system/
+ install -m 0644 ${WORKDIR}/zabbix-agent.service ${D}${systemd_unitdir}/system/
sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/zabbix-agent.service
fi
}
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/zeromq/zeromq_4.1.4.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/zeromq/zeromq_4.1.4.bb
deleted file mode 100644
index 2090152..0000000
--- a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/zeromq/zeromq_4.1.4.bb
+++ /dev/null
@@ -1,30 +0,0 @@
-DESCRIPTION = "ZeroMQ looks like an embeddable networking library but acts like a concurrency framework"
-HOMEPAGE = "http://www.zeromq.org"
-LICENSE = "LGPLv3+"
-LIC_FILES_CHKSUM = "file://COPYING.LESSER;md5=d5311495d952062e0e4fbba39cbf3de1"
-DEPENDS = "libsodium"
-
-SRC_URI = "http://download.zeromq.org/zeromq-${PV}.tar.gz \
- file://run-ptest \
- "
-SRC_URI[md5sum] = "a611ecc93fffeb6d058c0e6edf4ad4fb"
-SRC_URI[sha256sum] = "e99f44fde25c2e4cb84ce440f87ca7d3fe3271c2b8cfbc67d55e4de25e6fe378"
-
-S = "${WORKDIR}/zeromq-${PV}"
-
-#Uncomment to choose polling system manually. valid values are kqueue, epoll, devpoll, poll or select
-#EXTRA_OECONF += "--with-poller=kqueue"
-#CFLAGS_append += "-O0"
-#CXXFLAGS_append += "-O0"
-
-inherit autotools ptest pkgconfig
-
-do_compile_ptest () {
- echo 'buildtest-TESTS: $(check_PROGRAMS)' >> ${B}/Makefile
- oe_runmake buildtest-TESTS
-}
-
-do_install_ptest () {
- install -d ${D}${PTEST_PATH}/tests
- install -m 0755 ${B}/.libs/test_* ${D}${PTEST_PATH}/tests
-}
diff --git a/import-layers/meta-openembedded/meta-oe/recipes-connectivity/zeromq/zeromq_4.1.5.bb b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/zeromq/zeromq_4.1.5.bb
new file mode 100644
index 0000000..8da8674
--- /dev/null
+++ b/import-layers/meta-openembedded/meta-oe/recipes-connectivity/zeromq/zeromq_4.1.5.bb
@@ -0,0 +1,32 @@
+DESCRIPTION = "ZeroMQ looks like an embeddable networking library but acts like a concurrency framework"
+HOMEPAGE = "http://www.zeromq.org"
+LICENSE = "LGPLv3+"
+LIC_FILES_CHKSUM = "file://COPYING.LESSER;md5=d5311495d952062e0e4fbba39cbf3de1"
+
+PACKAGECONFIG ??= "libsodium"
+PACKAGECONFIG[libsodium] = "--with-libsodium, --without-libsodium, libsodium"
+
+SRC_URI = "http://github.com/zeromq/zeromq4-1/releases/download/v${PV}/zeromq-${PV}.tar.gz \
+ file://run-ptest \
+"
+SRC_URI[md5sum] = "e7adf4b7dbae09b28cfd10d26cd67fac"
+SRC_URI[sha256sum] = "04aac57f081ffa3a2ee5ed04887be9e205df3a7ddade0027460b8042432bdbcf"
+
+S = "${WORKDIR}/zeromq-${PV}"
+
+#Uncomment to choose polling system manually. valid values are kqueue, epoll, devpoll, poll or select
+#EXTRA_OECONF += "--with-poller=kqueue"
+#CFLAGS_append = " -O0"
+#CXXFLAGS_append = " -O0"
+
+inherit autotools ptest pkgconfig
+
+do_compile_ptest () {
+ echo 'buildtest-TESTS: $(check_PROGRAMS)' >> ${B}/Makefile
+ oe_runmake buildtest-TESTS
+}
+
+do_install_ptest () {
+ install -d ${D}${PTEST_PATH}/tests
+ install -m 0755 ${B}/.libs/test_* ${D}${PTEST_PATH}/tests
+}