Age | Commit message (Collapse) | Author |
|
An update in OpenSSL removed the -lcrypto from libssl's pkg-config
options. The old behaviour always linked it with -lssl, so revert to that
for now.
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Issue: TA79430
- Change to use append for PACKAGES so that:
* ptest package is added from ptest bbcalss
* the PN is back, allow empty and add rdepends on net-snmp-client
in case the user try to add net-snmp to the image
- Add a patch to fix the output format for ptest
- Add run-ptest
- Add rdepends on perl for ptest
(LOCAL REV: NOT UPSTREAM) -- Sent to meta-networking on 20150114
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Since net-snmp-config is a common tool, move it from dev package
to client package.
Signed-off-by: yzhu1 <yanjun.zhu@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Changes:
1. Add source function and status command.
2. make it possible to change the start arguments with a default file
in the same way as debian.
3. change the default INITSCRIPT_PARAMS
4. Add PIDFILE and fix restart
5. remove the postrm sicne we use the one from update-rc.d
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
LIB_LDCONFIG_CMD failed since it is using a host dir $(libdir)
which is /usr/lib64 does not exist on host when compile 64bit
image.
In fact, configuring dynamic linker run-time bindings is meaningless
at this step, If it is needed, Poky would write ldconfig scripts to
rpm-postinst for each recipe while do_package, in package.bbclass.
Signed-off-by: Roy.Li <rongqing.li@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Move persistent dir to /var/lib/net-snmp and fix security contexts for
them.
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
According to the following commit, net-snmp needs to have
mib-modules=smux enabled:
commit f64db3011c04ada0a8ac04b9eddde05b67d21eec
Author: Aws Ismail <aws.ismail@windriver.com>
Date: Mon Mar 25 11:30:06 2013 -0400
Quagga has no snmp support, unrecognized options --enable-tcp-md5
1. Quagga's tcp-md5 has been renamed to linux24-tcp-md5
2. net-snmp needs to have mib-modules=smux enabled to enable
quagga to support snmp. Make the net-snmp option dependent
on the DISTRO_FEATURE snmp.
3. Misc: install the sample conf files for quagga. Also,
Make sure that the post install script is being run
on the target rather than during the rootfs creation
stage.
Signed-off-by: Amy Fong <amy.fong@windriver.com>
Signed-off-by: Aws Ismail <aws.ismail@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Previously, it still was checked when there was no nlish.h in sysroots directory.
Add knob to decide whether nlist.h are checked or not.
Fixed by using PACKAGECONFIG to check elf, with default disabled set.
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Option -LS does not work, we should instead it by -Ls as usage said.
Deprecated options:
-l FILE use -Lf <FILE> instead
-P use -p instead
-s use -Lsd instead
-S d|i|0-7 use -Ls <facility> instead
Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Fix typo in systemd service file ripngd.service.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
OpenL2TP is an open source L2TP client / server, written specifically
for Linux. It has been designed for use as an enterprise L2TP VPN server
or in commercial, Linux-based, embedded networking products and is able
to support hundreds of sessions, each with different configuration.
It is used by several ISPs to provide L2TP services and by corporations
to implement L2TP VPNs.
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
RADIUS protocol client library.
It is Portable, easy-to-use and standard compliant library suitable
for developing free and commercial software that need support for a
RADIUS protocol (RFCs 2128 and 2139).
Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used,
allows remote attackers to cause a denial of service (snmptrapd crash) via
a crafted SNMP trap message, which triggers a conversion to the variable
type designated in the MIB file, as demonstrated by a NULL type in an ifMtu
trap message.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3565
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
There have been occasions that net-snmp sees valgrind and then later it's
not available, adding this setting ensures determinism by disabling it by
default
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
When we start with sysvinit, watchquagga uses quagga init script to
monitor zebra daemon. But we need not do this in systemd environment.
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Add systemd service for quagga.
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
We need subpkgs to start quagga, so add them to RDEPENDS.
Signed-off-by: Chong Lu <Chong.Lu@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
uprev it to 0.99.23
remove patches which have been in the latest version
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Stack-based buffer overflow in the new_msg_lsa_change_notify function in
the OSPFD API (ospf_api.c) in Quagga before 0.99.22.2, when
--enable-opaque-lsa and the -a command line option are used, allows
remote attackers to cause a denial of service (crash) via a large LSA.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2236
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Add a '\n' to the last line of the file to fix:
No newline at end of file
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier
allows remote attackers to cause a denial of service (assertion failure
and daemon exit) by leveraging a BGP peering relationship and sending a
malformed Outbound Route Filtering (ORF) capability TLV in an OPEN
message.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1820
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
Otherwise do_compile failed:
No rule to make target `pppoe.c', needed by `pppoe.o'. Stop.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
It needs autotools-brokensep, otherwise do_configure error:
run.do_configure.22953: line 109: ./boot.sh: No such file or directory
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
|
|
This recipe was installing net-snmp-config script to STAGING_BINDIR
instead of STAGING_BINDIR_CROSS, during the do_install. It is not
recommended and must be done after staging.
Changes:
* Remove STAGING_BINDIR manipulations from do_install_append
* Add net_snmp_sysroot_preprocess function instead
* Append net_snmp_sysroot_preprocess to SYSROOT_PREPROCESS_FUNCS
Signed-off-by: Alexandre Fournier <alexandre.fournier@kiplink.fr>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
savannah in SRC_URI
* The variables (SAVANNAH_MIRROR)
are defined in oe-core/meta/conf/bitbake.conf.
* MIRRORS in quagga and libunwind is removed.
because the MIRRORS of savannah is globally defined
in oe-core/meta/classes/mirrors.bbclass
Signed-off-by: Changhyeok Bae <changhyeok.bae@lge.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs
in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions,
allows remote attackers to cause a denial of service (snmptrapd
crash) via an empty community string in an SNMP trap, which triggers
a NULL pointer dereference within the newSVpv function in Perl.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2285
Signed-off-by: yzhu1 <yanjun.zhu@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before
5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does
not properly validate input, which allows remote attackers
to cause a denial of service via unspecified vectors.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2284
Signed-off-by: yanjun.zhu <yanjun.zhu@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
Set the PERLPROG to target perl to avoid host contamination.
Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
Backport patch to fix CVE-2013-6051.
Signed-off-by: Hu <yadi.hu@windriver.com>
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
When build quagga, it shows QA warnings:
WARNING: QA Issue: ELF binary '/home/build/poky/build/tmp/work/i586-poky-linux/quagga/0.99.21-r2.0/packages-split/quagga-bgpd/usr/sbin/bgpd' has relocations in .text
WARNING: QA Issue: ELF binary '/home/build/poky/build/tmp/work/i586-poky-linux/quagga/0.99.21-r2.0/packages-split/quagga-ripngd/usr/sbin/ripngd' has relocations in .text
The configure script tests compiler whether support option '-fPIE'. If
support, it pass option '-fPIE' to compiler then cause these QA
warnings.
Disable configure script to check option '-fPIC'.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
* The SRC_URI is not accessible.
So need to add mirror site referred by the original site.
* The problem is that
http://download.savannah.nongnu.org/releases redirects to closest mirror
and few mirrors (e.g. .jp) weren't working correctly while
http://download-mirror.savannah.gnu.org/releases/ seems to be reliable.
Signed-off-by: Changhyeok Bae <changhyeok.bae@lge.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
The Function and CPPFunction had been removed by in readline 6.3, use
the new functions to replace them.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com>
|
|
Changes:
- rename SUMMARY with length > 80 to DESCRIPTION
- rename DESCRIPTION with length < 80 to (non present tag) SUMMARY
- drop final point character at the end of SUMMARY string
- remove trailing whitespace of SUMMARY line
Note: don't bump PR
Signed-off-by: Matthieu Crapet <Matthieu.Crapet@ingenico.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Once babald becomes a background daemon, it should not output information to
stdout, so need to close stdout.
In fact, other daemons close their stdout when they run into background, like
ospfd, isisd and bgpd, by calling daemon() which is in lib/daemon.c
Closing the stdout can fix a tee hang issue { #/usr/sbin/babeld -d |tee tmp }
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
it should be CPP, not cpp; this typOS makes vtysh unable to work.
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
According to DISTRO_FEATURES to add pam support for quagga, and import
configure file from Fedora.
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
Change the default config file for making watchquagga can startup successful
Signed-off-by: Bopeng Liu <Bopeng.Liu@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
commit 27ba970b9("quagga/ripd: Fix two bugs after received SIGHUP signal")
introduces an regression: ifp->connected list is cleaned up when ripd is
restarting, however, for interface addresses which are not specified in
ripd configuration file, they are never to be added into ifp->connected
again, this will lead to some abnormal behavior for route advertising.
Instead of cleaning up the ifp->connected list to avoid duplicated
connected address being added into this list, we can check this
condition during interface address adding process and return early
when an identical address has already been added.
Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
Use /bin/false as the login shell, just like what Ubuntu does,
otherwise there might be secure issue.
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
enabled on qemux86-64
While multilib enabled on qemux86-64, accel-ppp-lib should be installed to
'${baselib}/accel-ppp', but the accel-ppp's CMakeLists.txt hardcoded
to install to 'lib/accel-ppp', such as:
...
INSTALL(TARGETS log_file
LIBRARY DESTINATION lib/accel-ppp
)
...
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
|
|
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
This patch mainly involves two changes.
1. Create necessary files at do_install task. Add these configuration
files to the CONFFILES variable.
2. Move the `chmod' and `chown' commands to do_install task.
After these two changes, qugga can run successfully at rootfs time.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
There are two problems for ripd implementation after received
SIGHUP signal:
1). ripd didn't clean up ifp->connected list before reload
configuration file which makes the same advertise packet
being sent multiple times(depends on how many SIGHUP was recieved).
2). ripd reset ri->split_horizon flag to RIP_NO_SPLIT_HORIZON
during restart which is different from the flag when ripd is
firstly started up, leading to unnecessary route to be advertised.
[YOCTO #5266]
Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
Based on work by David Nyström (meta-virtualization) and Laszlo Papp
(meta-oe).
- Import OpenFlow 1.0 from meta-virtualization and provide an updated
version of the recipe for the head of tree in the OpenFlow git
repository.
- Minor tweak in both recipes for do_install_append() spacing.
- Update 'libssl' PACKAGECONFIG flag in both to follow the 'openssl'
convention used elsewhere in meta-oe.
- Create common include file for both versioned and git recipes.
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
Fix babeld_option to make babeld start correctly.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
|
|
Correct the warning:
quagga-0.99.21: The /usr/share/info/dir file is not meant to be shipped in a particular package.
Simply remove the installed 'dir' file if info docs are installed.
Signed-off-by: Joe MacDonald <joe@deserted.net>
|