summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/gnutls
Commit message (Collapse)AuthorAgeFilesLines
* gnutls: upgrade 3.7.0 -> 3.7.1Wang Mingyu2021-03-311-1/+1
| | | | | Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes-support: Add missing HOMEPAGE and DESCRIPTION for recipesMeh Mbeh Ida Delphine2021-03-022-1/+5
| | | | | | | Fixes: [YOCTO #13471] Signed-off-by: Ida Delphine <idadelm@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: update 3.6.15 -> 3.7.0Alexander Kanavin2020-12-312-3/+14
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: explicitly set --with-librt-prefixMartin Jansa2020-11-021-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * it will try to link with librt from host and if you have it on host (libc6-dev-i386 in ubuntu) it fails with: /usr/lib32/librt.so: error: undefined reference to '__clock_settime', version 'GLIBC_PRIVATE' /usr/lib32/librt.so: error: undefined reference to '__clock_getcpuclockid', version 'GLIBC_PRIVATE' /usr/lib32/librt.so: error: undefined reference to '__clock_getres', version 'GLIBC_PRIVATE' /usr/lib32/librt.so: error: undefined reference to '__clock_nanosleep', version 'GLIBC_PRIVATE' collect2: error: ld returned 1 exit status in older 3.6.14 it was using /usr/lib32/librt.so from host as well, but without do_compile failing configure:17539: checking for librt configure:17563: i686-oe-linux-gcc -m32 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Werror=return-type --sysroot=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.14-r0/recipe-sysroot -o conftest -O2 -pipe -g -feliminate-unused-debug-types -fmacro-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.14-r0=/usr/src/debug/gnutls/3.6.14-r0 -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.14-r0=/usr/src/debug/gnutls/3.6.14-r0 -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.14-r0/recipe-sysroot= -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.14-r0/recipe-sysroot-native= -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -Wl,-z,relro,-z,now conftest.c /usr/lib32/librt.so >&5 configure:17563: $? = 0 configure:17573: result: yes configure:17580: checking how to link with librt configure:17582: result: /usr/lib32/librt.so with --with-librt-prefix passed, it finds the right one as shown in build/config.log: configure:17551: checking for librt configure:17575: i686-oe-linux-gcc -m32 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Werror=return-type --sysroot=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot -o conftest -O2 -pipe -g -feliminate-unused-debug-types -fmacro-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0=/usr/src/debug/gnutls/3.6.15-r0 -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0=/usr/src/debug/gnutls/3.6.15-r0 -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot= -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot-native= -I/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot/usr/include -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -Wl,-z,relro,-z,now conftest.c /tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot/usr/lib/librt.so >&5 configure:17575: $? = 0 configure:17585: result: yes configure:17592: checking how to link with librt configure:17594: result: /tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot/usr/lib/librt.so Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: update 3.16.4 -> 3.16.5Alexander Kanavin2020-10-303-211/+2
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: CVE-2020-24659Zhixiong Chi2020-09-082-0/+118
| | | | | | | | | Backport the CVE patch from the usptream: https://gitlab.com/gnutls/gnutls.git commit 29ee67c205855e848a0a26e6d0e4f65b6b943e0a Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Fix krb5 code license to GPLv2.1+ to match the LICENSE file.zhengruoqin2020-07-122-0/+91
| | | | | | | | | This was discussed and accepted upstream by the project so their license is consistent. Please reference to https://gitlab.com/gnutls/gnutls/-/issues/1018 and https://gitlab.com/gnutls/gnutls/-/merge_requests/1285. Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.13 -> 3.6.14Alexander Kanavin2020-06-081-2/+1
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtasn1: Remove workaround for host gcc < 5Adrian Bunk2020-05-141-2/+0
| | | | | Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.12 -> 3.6.13Wang Mingyu2020-04-241-2/+2
| | | | | Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.11.1 -> 3.6.12Alexander Kanavin2020-02-281-2/+2
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtasn1: upgrade 4.15.0 -> 4.16.0Wang Mingyu2020-02-141-2/+2
| | | | | Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtasn1: upgrade 4.14 -> 4.15.0Anuj Mittal2019-12-283-73/+4
| | | | | | | | Remove backported patches and explicitly pass -std=gnu99 to native CFLAGS to make sure build passes on older and still supported OSes like CentOS 7. Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* gnutls: upgrade 3.6.8 -> 3.6.11.1Alex Kiernan2019-12-282-42/+2
| | | | | | | | | Drop patch from 81485be19b18 ("gnutls: don't use HOSTTOOLS_DIR/bash as a shell on target") as upstream now honours POSIX_SHELL when set as the primary target shell. Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libtasn1: fix build with api-documentation enabledRoss Burton2019-09-152-0/+39
| | | | Signed-off-by: Ross Burton <ross.burton@intel.com>
* libtasn1: Enable nativesdk supportPhilippe Normand2019-08-211-1/+1
| | | | | | | This is required before enabling p11-kit support by default in gnutls. Signed-off-by: Philippe Normand <philn@igalia.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libtasn1: upgrade 4.13 -> 4.14Anuj Mittal2019-07-314-86/+54
| | | | | | | | | | | | | | * For changes in this version, see: https://gitlab.com/gnutls/libtasn1/-/releases * Remove the musl patch as it's no longer needed. * Backport a patch to ensure LDFLAGS are not over-ridden. License-Update: License clarification, no change in actual terms. Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: don't use HOSTTOOLS_DIR/bash as a shell on targetRoss Burton2019-07-262-0/+43
| | | | | | | | | The libopts configure script looks for a shell on the build host and assumes it's good for the target. However in our builds it find $HOSTTOOLS_DIR/bash which isn't useful, so patch out the detection and force $base_bindir/sh. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls:upgrade 3.6.7 -> 3.6.8Zang Ruochen2019-06-191-2/+2
| | | | | | | -Upgrade from gnutls_3.6.7.bb to gnutls_3.6.8.bb. Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Use the sysconfdir variable for the ca-certificates pathPhilippe Normand2019-06-071-1/+1
| | | | | Signed-off-by: Philippe Normand <philn@igalia.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Use ca-certificates as default trust store filePhilippe Normand2019-05-311-0/+1
| | | | | | | | | | | Since version 2.58 the glib-networking TLS database relies on GnuTLS's system trust store, so not enabling it leads to TLS errors in applications depending on glib-networking. The raised runtime warning is: process:500): GLib-Net-WARNING **: 09:14:09.321: Failed to load TLS database: Failed to load system trust store: GnuTLS was not configured with a system trust (app:490): ... TLS Error: TLS certificate has unknown CA. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: upgrade 3.6.5 -> 3.6.7Adrian Bunk2019-04-151-4/+3
| | | | | | | | | | | | This is a new upstream release from the same stable branch bringing new features and bugfixes (including CVE fixes). COPYING changed http -> https. configure no longer has a --without-libunistring-prefix option. Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: update to 3.6.5Armin Kuster2019-01-071-2/+2
| | | | | | | | | | Bug fix only release Full details: https://lists.gnupg.org/pipermail/gnutls-help/2018-December/004465.html Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: no need to inherit binconfigRoss Burton2018-12-051-1/+1
| | | | | | This recipe doesn't ship a *-config binary, so don't inherit binconfig. Signed-off-by: Ross Burton <ross.burton@intel.com>
* libtasn1: no need to inherit binconfigRoss Burton2018-12-011-1/+1
| | | | | | | This recipe doesn't ship a *-config binary, so don't inherit binconfig. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: update to 3.6.4Armin Kuster2018-11-091-2/+2
| | | | | | | | | | | | | | | Notable change: libgnutls: Added the final (RFC8446) version numbering of the TLS1.3 protocol. see: https://lists.gnupg.org/pipermail/gnutls-help/2018-September/004457.html Signed-off-by: Armin Kuster <akuster808@gmail.com> -- [v2] Fix typo in version in subject Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: drop PACKAGECONFIG options for SSL v3 and TLS v1.3Andre McCurdy2018-08-231-2/+0
| | | | | | | | | | | | | By including PACKAGECONFIG options, the recipe takes responsibility for defining the default state of these options. Although the recipe currently aligns with the gnutls defaults (ie both disabled) tracking new gnutls releases will be a maintenance effort. Unless there's a clear reason to do otherwise, it seems safer to leave the choice of which SSL/TLS versions to enable by default up to the gnutls developers. Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: drop obsolete configure.ac patchAndre McCurdy2018-08-232-30/+0
| | | | | | | | | | | >From gnutls 3.5.8 onwards, the code in configure.ac has been passing "basename $i" to sed, rather than "echo $i". Since the full ${srcdir} path is not being processed, there's no risk of unexpected matches. https://gitlab.com/armcc/gnutls/commit/478179316bc815e1ad518ae318f46e94a13b0e1f Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: merge gnutls.inc into the gnutls recipeAndre McCurdy2018-08-232-63/+61
| | | | | Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Update to 3.6.3Armin Kuster2018-08-202-2/+5
| | | | | | | | | | | | | [v2] Fix new config options form with to disable. [v1] release notes: https://lists.gnupg.org/pipermail/gnutls-devel/2018-July/008584.html add ssl3 and tls1.3 config options now supported. Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "gnutls: rationalise libunistring arguments"Khem Raj2018-08-071-0/+1
| | | | | | | | | | | This causes regression on build machines where libunistring is installed on host. It is also because gnuts is using non standard AC macro called AC_LIB_HAVE_LINKFLAGS to detect this library and it confusing cross builds. This reverts commit 60fef4940de7f0440f1216eb2ea0ea683b3e8fdd. Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: fix libidn dependenciesRoss Burton2018-07-301-3/+1
| | | | | | gnutls only works with libidn2, so update the build dependency. Signed-off-by: Ross Burton <ross.burton@intel.com>
* gnutls: rationalise libunistring argumentsRoss Burton2018-07-261-1/+0
| | | | | | | No need to pass --without-libunistring-prefix, and it looks a lot like we're trying to disable it. Signed-off-by: Ross Burton <ross.burton@intel.com>
* gnutls: use HTTP instead of FTPRoss Burton2018-07-181-1/+1
| | | | | | HTTP is in general more reliable so use that in the SRC_URI. Signed-off-by: Ross Burton <ross.burton@intel.com>
* gnutls: update to 3.6.2Armin Kuster2018-05-041-2/+2
| | | | | Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: refresh patchesRoss Burton2018-03-091-9/+6
| | | | | | | | | | | | | | | | | | The patch tool will apply patches by default with "fuzz", which is where if the hunk context isn't present but what is there is close enough, it will force the patch in. Whilst this is useful when there's just whitespace changes, when applied to source it is possible for a patch applied with fuzz to produce broken code which still compiles (see #10450). This is obviously bad. We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For that to be realistic the existing patches with fuzz need to be rebased and reviewed. Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libtasn1: upgrade to version 4.13Maxin B. John2018-01-262-66/+2
| | | | | | | | Remove backported patch: CVE-2017-10790.patch Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* gnutls: update to 3.6.1Armin Kuster2017-12-024-87/+10
| | | | | | | | zlib configure.ac support removed in 3.6.1 drop patch Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* gnutls: update to 3.5.16Armin Kuster2017-11-051-2/+2
| | | | | | | | | | | | | This is a bug fix release on the current stable branch. Note that, I've also switched the release cadence to bi-monthly as less and less bug fixes/updates accumulate each month on this branch. ** API and ABI modifications: No changes since last version. Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libtasn1: CVE-2017-10790Yue Tao2017-08-162-0/+64
| | | | | | | | | | | | | | | | The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack. References: https://nvd.nist.gov/vuln/detail/CVE-2017-10790 http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=commit; h=d8d805e1f2e6799bb2dff4871a8598dc83088a39 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Remove further uclibc remnants (inc. patches and site files)Richard Purdie2017-06-162-70/+1
| | | | | | | | | | Some of these are clearly dead, e.g. one binutils patch reverts the effects of the earlier one. This also removes the uclibc site files. We now have mechanisms to allow these to be extended from another layer should someone ever wish to do that. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Drop remnants of uclibc supportRichard Purdie2017-06-161-1/+0
| | | | | | | | | | | | uclibc support was removed a while ago and musl works much better. Start to remove the various overrides and patches related to uclibc which are no longer needed. uclibc support in a layer would still be possible. I have strong reasons to believe nobody is still using uclibc since patches are missing and I doubt the metadata even parses anymore. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: Upgrade to 3.5.13Fan Xin2017-06-122-12/+20
| | | | | | | | | | 1. Upgrade gnutls from 3.5.9 to 3.5.13 2. Rebase the following patch file. use-pkg-config-to-locate-zlib.patch Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libtasn1: upgrade 4.10 -> 4.12Maxin B. John2017-06-031-2/+2
| | | | | | | | | | | | | | Noteworthy changes: 1. Introduced the ASN1_TIME_ENCODING_ERROR error code to indicate an invalid encoding in the DER time fields. 2. Introduced flag ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME. This flag allows decoding errors in time fields even when in strict DER mode. 3. Added safety check in asn1_find_node(). That prevents a crash when a very long variable name is provided by the developer. Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* gnutls: move BBCLASSEXTEND from gnutls.inc into the gnutls recipeAndre McCurdy2017-05-102-2/+1
| | | | | | | | There may be alternative gnutls recipes outside oe-core which include gnutls.inc but which don't want BBCLASSEXTEND = "native nativesdk". Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* gnutls: update to 3.5.9Alexander Kanavin2017-03-013-43/+15
| | | | | | | | Drop 0001-Do-not-add-cli-args.h-to-cli-args.stamp-Makefile-tar.patch, it's merged upstream. Rebase 0001-configure.ac-fix-sed-command.patch. Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libtasn1: Upgrade 4.9 -> 4.10Maxin B. John2017-02-056-191/+66
| | | | | | | | | | | | | | | | | | Removed the following Backported patches: 1. 0001-configure-don-t-add-Werror-to-build-flags.patch 2. 0002-ASN.y-corrected-compiler-warning.patch 3. 0003-parser_aux-corrected-potential-null-pointer-derefere.patch 4. 0004-tools-eliminated-compiler-warnings.patch fixed the following build error with musl ... | from ../../libtasn1-4.10/gl/getopt.c:28: | ./stdint.h:89:5: error: #if with no expression | #if | ^ Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* libtasn1: depends on yaccPatrick Ohly2017-01-311-0/+2
| | | | | | | | | | | | This fixes a potential pollution by the build host and build error when yacc isn't installed on the build host: | ../../libtasn1-4.9/build-aux/ylwrap: line 175: yacc: command not found | Makefile:1116: recipe for target 'ASN1.c' failed | make[3]: *** [ASN1.c] Error 127 Signed-off-by: Patrick Ohly <patrick.ohly@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnutls: avoid accidentally using libseccompJoe Slater2017-01-311-0/+5
| | | | | | | | Specify whether to use libseccomp or not. Do not just let configure check for it. Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
* gnutls: account for ARM_EABIJoe Slater2017-01-312-0/+20
| | | | | | | | Do not reference unavailable system calls when building for ARM_EABI. Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>