diff options
Diffstat (limited to 'meta-networking/recipes-support')
39 files changed, 195 insertions, 49 deletions
diff --git a/meta-networking/recipes-support/arptables/arptables_git.bb b/meta-networking/recipes-support/arptables/arptables_git.bb index 5afec7663a..7529ea3d01 100644 --- a/meta-networking/recipes-support/arptables/arptables_git.bb +++ b/meta-networking/recipes-support/arptables/arptables_git.bb @@ -6,7 +6,7 @@ SRCREV = "efae8949e31f8b2eb6290f377a28384cecaf105a" PV = "0.0.5+git${SRCPV}" SRC_URI = " \ - git://git.netfilter.org/arptables \ + git://git.netfilter.org/arptables;branch=master \ file://0001-Use-ARPCFLAGS-for-package-specific-compiler-flags.patch \ file://arptables-arpt-get-target-fix.patch \ file://arptables.service \ diff --git a/meta-networking/recipes-support/cifs/cifs-utils_6.13.bb b/meta-networking/recipes-support/cifs/cifs-utils_6.13.bb index 41a9b8e76a..a3a6972212 100644 --- a/meta-networking/recipes-support/cifs/cifs-utils_6.13.bb +++ b/meta-networking/recipes-support/cifs/cifs-utils_6.13.bb @@ -5,7 +5,7 @@ LICENSE = "GPLv3 & LGPLv3" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" SRCREV = "464a60344a324311a6f5bb326fdf5f422a3c9005" -SRC_URI = "git://git.samba.org/cifs-utils.git" +SRC_URI = "git://git.samba.org/cifs-utils.git;branch=master" S = "${WORKDIR}/git" DEPENDS += "libtalloc" @@ -22,10 +22,21 @@ PACKAGECONFIG[pam] = "--enable-pam --with-pamdir=${base_libdir}/security,--disab inherit autotools pkgconfig +do_configure_prepend() { + # want installed to /usr/sbin rather than /sbin to be DISTRO_FEATURES usrmerge compliant + # must override ROOTSBINDIR (default '/sbin'), + # setting --exec-prefix or --prefix in EXTRA_OECONF does not work + if ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','true','fakse',d)}; then + export ROOTSBINDIR=${sbindir} + fi +} + do_install_append() { - # Remove empty /usr/bin and /usr/sbin directories since the mount helper - # is installed to /sbin - rmdir --ignore-fail-on-non-empty ${D}${bindir} ${D}${sbindir} + if ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','false','true',d)}; then + # Remove empty /usr/bin and /usr/sbin directories since the mount helper + # is installed to /sbin + rmdir --ignore-fail-on-non-empty ${D}${bindir} ${D}${sbindir} + fi } FILES_${PN} += "${base_libdir}/security" diff --git a/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb b/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb index 799cf8611c..ae12ae1110 100644 --- a/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb +++ b/meta-networking/recipes-support/curlpp/curlpp_0.8.1.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://doc/LICENSE;md5=fd0c9adf285a69aa3b4faf34384e1029" DEPENDS = "curl" DEPENDS_class-native = "curl-native" -SRC_URI = "git://github.com/jpbarrette/curlpp.git" +SRC_URI = "git://github.com/jpbarrette/curlpp.git;branch=master;protocol=https" SRCREV = "592552a165cc569dac7674cb7fc9de3dc829906f" @@ -16,3 +16,10 @@ S = "${WORKDIR}/git" inherit cmake pkgconfig binconfig BBCLASSEXTEND = "native nativesdk" + +do_install_append() { + sed -e 's@[^ ]*-ffile-prefix-map=[^ "]*@@g' \ + -e 's@[^ ]*-fdebug-prefix-map=[^ "]*@@g' \ + -e 's@[^ ]*-fmacro-prefix-map=[^ "]*@@g' \ + -i ${D}${libdir}/pkgconfig/*.pc +} diff --git a/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb b/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb index c0f2863dbf..f767eb8430 100644 --- a/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb +++ b/meta-networking/recipes-support/dovecot/dovecot_2.3.14.bb @@ -71,3 +71,6 @@ FILES_${PN} += "${libdir}/dovecot/*plugin.so \ FILES_${PN}-staticdev += "${libdir}/dovecot/*/*.a" FILES_${PN}-dev += "${libdir}/dovecot/libdovecot*.so" FILES_${PN}-dbg += "${libdir}/dovecot/*/.debug" + +# CVE-2016-4983 affects only postinstall script on specific distribution +CVE_CHECK_WHITELIST += "CVE-2016-4983" diff --git a/meta-networking/recipes-support/drbd/drbd-utils_9.13.1.bb b/meta-networking/recipes-support/drbd/drbd-utils_9.13.1.bb index 5b0979f961..4e0af88f5e 100644 --- a/meta-networking/recipes-support/drbd/drbd-utils_9.13.1.bb +++ b/meta-networking/recipes-support/drbd/drbd-utils_9.13.1.bb @@ -8,8 +8,8 @@ SECTION = "admin" LICENSE = "GPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=5574c6965ae5f583e55880e397fbb018" -SRC_URI = "git://github.com/LINBIT/drbd-utils;name=drbd-utils;branch=${PV} \ - git://github.com/LINBIT/drbd-headers;name=drbd-headers;destsuffix=git/drbd-headers \ +SRC_URI = "git://github.com/LINBIT/drbd-utils;name=drbd-utils;branch=${PV};protocol=https \ + git://github.com/LINBIT/drbd-headers;name=drbd-headers;destsuffix=git/drbd-headers;branch=master;protocol=https \ file://0001-v84-Make-setup_options-definitions-as-extern.patch \ ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','file://0001-drbd-utils-support-usrmerge.patch','',d)} \ " diff --git a/meta-networking/recipes-support/ettercap/ettercap_0.8.3.1.bb b/meta-networking/recipes-support/ettercap/ettercap_0.8.3.1.bb index c641c265e2..be9cb0585a 100644 --- a/meta-networking/recipes-support/ettercap/ettercap_0.8.3.1.bb +++ b/meta-networking/recipes-support/ettercap/ettercap_0.8.3.1.bb @@ -19,7 +19,7 @@ DEPENDS += "ethtool \ RDEPENDS_${PN} += "bash ethtool libgcc" -SRC_URI = "gitsm://github.com/Ettercap/ettercap" +SRC_URI = "gitsm://github.com/Ettercap/ettercap;branch=master;protocol=https" SRCREV = "7281fbddb7da7478beb1d21e3cb105fff3778b31" diff --git a/meta-networking/recipes-support/geoip/geoip-perl_1.51.bb b/meta-networking/recipes-support/geoip/geoip-perl_1.51.bb index 944c005763..d9e2094482 100644 --- a/meta-networking/recipes-support/geoip/geoip-perl_1.51.bb +++ b/meta-networking/recipes-support/geoip/geoip-perl_1.51.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=e4f3ea6e9b28af88dc0321190a1f8250" S = "${WORKDIR}/git" SRCREV = "4cdfdc38eca237c19c22a8b90490446ce6d970fa" -SRC_URI = "git://github.com/maxmind/geoip-api-perl.git;branch=main \ +SRC_URI = "git://github.com/maxmind/geoip-api-perl.git;branch=main;protocol=https \ file://run-ptest \ " diff --git a/meta-networking/recipes-support/geoip/geoip_1.6.12.bb b/meta-networking/recipes-support/geoip/geoip_1.6.12.bb index 143100e48e..0efcbec1fc 100644 --- a/meta-networking/recipes-support/geoip/geoip_1.6.12.bb +++ b/meta-networking/recipes-support/geoip/geoip_1.6.12.bb @@ -10,7 +10,7 @@ SECTION = "libdevel" GEOIP_DATABASE_VERSION = "20181205" -SRC_URI = "git://github.com/maxmind/geoip-api-c.git;branch=main \ +SRC_URI = "git://github.com/maxmind/geoip-api-c.git;branch=main;protocol=https \ http://sources.openembedded.org/GeoIP.dat.${GEOIP_DATABASE_VERSION}.gz;apply=no;name=GeoIP-dat; \ http://sources.openembedded.org/GeoIPv6.dat.${GEOIP_DATABASE_VERSION}.gz;apply=no;name=GeoIPv6-dat; \ http://sources.openembedded.org/GeoLiteCity.dat.${GEOIP_DATABASE_VERSION}.gz;apply=no;name=GeoLiteCity-dat; \ diff --git a/meta-networking/recipes-support/ifenslave/ifenslave_2.11.bb b/meta-networking/recipes-support/ifenslave/ifenslave_2.11.bb index 0db9e8a0a7..5e547a4621 100644 --- a/meta-networking/recipes-support/ifenslave/ifenslave_2.11.bb +++ b/meta-networking/recipes-support/ifenslave/ifenslave_2.11.bb @@ -9,7 +9,7 @@ inherit manpages MAN_PKG = "${PN}" SRCREV = "c26e9310f552e69d0d44eb48746e02c9ae4b4f6f" -SRC_URI = "git://salsa.debian.org/debian/ifenslave.git;protocol=https" +SRC_URI = "git://salsa.debian.org/debian/ifenslave.git;protocol=https;branch=main" S = "${WORKDIR}/git" diff --git a/meta-networking/recipes-support/ipcalc/ipcalc_0.2.3.bb b/meta-networking/recipes-support/ipcalc/ipcalc_0.2.3.bb index ad0ec27001..59e540a710 100644 --- a/meta-networking/recipes-support/ipcalc/ipcalc_0.2.3.bb +++ b/meta-networking/recipes-support/ipcalc/ipcalc_0.2.3.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" S = "${WORKDIR}/git" SRCREV = "c3ee70c878b9c5833a77a1f339f1ca4dc6f225c5" SRC_URI = "\ - git://github.com/nmav/ipcalc.git;protocol=https; \ + git://github.com/nmav/ipcalc.git;protocol=https;branch=master \ file://0001-Makefile-pass-extra-linker-flags.patch \ " diff --git a/meta-networking/recipes-support/libtalloc/libtalloc_2.3.2.bb b/meta-networking/recipes-support/libtalloc/libtalloc_2.3.3.bb index ae92de2db3..1d227dac6c 100644 --- a/meta-networking/recipes-support/libtalloc/libtalloc_2.3.2.bb +++ b/meta-networking/recipes-support/libtalloc/libtalloc_2.3.3.bb @@ -3,14 +3,14 @@ HOMEPAGE = "http://talloc.samba.org" SECTION = "libs" LICENSE = "LGPL-3.0+ & GPL-3.0+" LIC_FILES_CHKSUM = "file://talloc.h;beginline=3;endline=27;md5=a301712782cad6dd6d5228bfa7825249 \ - file://pytalloc.h;beginline=1;endline=18;md5=2c498cc6f2263672483237b20f46b43d" + file://pytalloc.h;beginline=1;endline=18;md5=21ab13bd853679d7d47a1739cb3b7db6 \ + " SRC_URI = "https://www.samba.org/ftp/talloc/talloc-${PV}.tar.gz \ file://options-2.2.0.patch \ " -SRC_URI[md5sum] = "3376a86bdf9dd4abc6b8d8d645390902" -SRC_URI[sha256sum] = "27a03ef99e384d779124df755deb229cd1761f945eca6d200e8cfd9bf5297bd7" +SRC_URI[sha256sum] = "6be95b2368bd0af1c4cd7a88146eb6ceea18e46c3ffc9330bf6262b40d1d8aaa" inherit waf-samba diff --git a/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.18.bb b/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.18.bb index f481ffee1d..7a28751e66 100644 --- a/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.18.bb +++ b/meta-networking/recipes-support/lksctp-tools/lksctp-tools_1.0.18.bb @@ -14,7 +14,7 @@ PV .= "+git${SRCPV}" LK_REL = "1.0.18" SRC_URI = " \ - git://github.com/sctp/lksctp-tools.git \ + git://github.com/sctp/lksctp-tools.git;branch=master;protocol=https \ file://0001-m4-sctp.m4-make-conpatible-to-autoconf-2.70.patch \ file://run-ptest \ file://v4test.sh \ diff --git a/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb b/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb index 4a1bbe6206..970a9b2b8b 100644 --- a/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb +++ b/meta-networking/recipes-support/lowpan-tools/lowpan-tools_git.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" DEPENDS = "flex-native bison-native libnl python" PV = "0.3.1+git${SRCPV}" -SRC_URI = "git://github.com/linux-wpan/lowpan-tools \ +SRC_URI = "git://github.com/linux-wpan/lowpan-tools;branch=master;protocol=https \ file://no-help2man.patch \ file://0001-Fix-build-errors-with-clang.patch \ file://0001-addrdb-coord-config-parse.y-add-missing-time.h-inclu.patch \ diff --git a/meta-networking/recipes-support/mtr/mtr_0.94.bb b/meta-networking/recipes-support/mtr/mtr_0.94.bb index 265eefb94b..d5c4618886 100644 --- a/meta-networking/recipes-support/mtr/mtr_0.94.bb +++ b/meta-networking/recipes-support/mtr/mtr_0.94.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://ui/mtr.c;beginline=5;endline=16;md5=00a894a39d53726a27386534d1c4e468" SRCREV = "2c73cbf4094e4eed343ed11ae5bab2580f3122d1" -SRC_URI = "git://github.com/traviscross/mtr" +SRC_URI = "git://github.com/traviscross/mtr;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-networking/recipes-support/nbdkit/nbdkit_1.25.6.bb b/meta-networking/recipes-support/nbdkit/nbdkit_1.25.6.bb index 067911b4ea..80810c49cc 100644 --- a/meta-networking/recipes-support/nbdkit/nbdkit_1.25.6.bb +++ b/meta-networking/recipes-support/nbdkit/nbdkit_1.25.6.bb @@ -9,7 +9,7 @@ HOMEPAGE = "https://github.com/libguestfs/nbdkit" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=f9dcc2d8acdde215fa4bd6ac12bb14f0" -SRC_URI = "git://github.com/libguestfs/nbdkit.git;protocol=https \ +SRC_URI = "git://github.com/libguestfs/nbdkit.git;protocol=https;branch=master \ " SRCREV = "023dac3e09a0e39d6f91dea4b7f8efb8f5faae36" diff --git a/meta-networking/recipes-support/ndisc6/ndisc6_git.bb b/meta-networking/recipes-support/ndisc6/ndisc6_git.bb index 5f866052c6..d359b620b8 100644 --- a/meta-networking/recipes-support/ndisc6/ndisc6_git.bb +++ b/meta-networking/recipes-support/ndisc6/ndisc6_git.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" PV = "1.0.4+git${SRCPV}" SRCREV = "4c794b5512d23c649def1f94a684225dcbb6ac3e" -SRC_URI = "git://git.remlab.net/git/ndisc6.git;protocol=http \ +SRC_URI = "git://git.remlab.net/git/ndisc6.git;protocol=http;branch=master \ file://0001-replace-VLAIS-with-malloc-free-pair.patch \ file://0002-Do-not-undef-_GNU_SOURCE.patch \ file://0001-autogen-Do-not-symlink-gettext.h-from-build-host.patch \ diff --git a/meta-networking/recipes-support/netcf/netcf_0.2.8.bb b/meta-networking/recipes-support/netcf/netcf_0.2.8.bb index a180571f2d..af617ce922 100644 --- a/meta-networking/recipes-support/netcf/netcf_0.2.8.bb +++ b/meta-networking/recipes-support/netcf/netcf_0.2.8.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fb919cc88dbe06ec0b0bd50e001ccf1f" SRCREV = "2c5d4255857531bc09d91dcd02e86545f29004d4" PV .= "+git${SRCPV}" -SRC_URI = "git://pagure.io/netcf.git;protocol=https \ +SRC_URI = "git://pagure.io/netcf.git;protocol=https;branch=master \ " UPSTREAM_CHECK_GITTAGREGEX = "release-(?P<pver>(\d+(\.\d+)+))" diff --git a/meta-networking/recipes-support/netperf/netperf_git.bb b/meta-networking/recipes-support/netperf/netperf_git.bb index a084fb4c15..b47c1c1059 100644 --- a/meta-networking/recipes-support/netperf/netperf_git.bb +++ b/meta-networking/recipes-support/netperf/netperf_git.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=a0ab17253e7a3f318da85382c7d5d5d6" PV = "2.7.0+git${SRCPV}" -SRC_URI = "git://github.com/HewlettPackard/netperf.git \ +SRC_URI = "git://github.com/HewlettPackard/netperf.git;branch=master;protocol=https \ file://cpu_set.patch \ file://vfork.patch \ file://init \ diff --git a/meta-networking/recipes-support/nghttp2/nghttp2_1.43.0.bb b/meta-networking/recipes-support/nghttp2/nghttp2_1.44.0.bb index 959cccf357..32a9307c3f 100644 --- a/meta-networking/recipes-support/nghttp2/nghttp2_1.43.0.bb +++ b/meta-networking/recipes-support/nghttp2/nghttp2_1.44.0.bb @@ -11,7 +11,7 @@ SRC_URI = "\ https://github.com/nghttp2/nghttp2/releases/download/v${PV}/nghttp2-${PV}.tar.xz \ file://0001-fetch-ocsp-response-use-python3.patch \ " -SRC_URI[sha256sum] = "f7d54fa6f8aed29f695ca44612136fa2359013547394d5dffeffca9e01a26b0f" +SRC_URI[sha256sum] = "5699473b29941e8dafed10de5c8cb37a3581edf62ba7d04b911ca247d4de3c5d" inherit cmake manpages python3native PACKAGECONFIG[manpages] = "" diff --git a/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb b/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb index bb401666c6..0c67f67d70 100644 --- a/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb +++ b/meta-networking/recipes-support/nis/yp-tools_4.2.3.bb @@ -14,7 +14,7 @@ and ypdomainname. \ # v4.2.3 SRCREV = "1bfda29c342a81b97cb1995ffd9e8da5de63e7ab" -SRC_URI = "git://github.com/thkukuk/yp-tools \ +SRC_URI = "git://github.com/thkukuk/yp-tools;branch=master;protocol=https \ file://domainname.service \ " diff --git a/meta-networking/recipes-support/ntimed/ntimed_git.bb b/meta-networking/recipes-support/ntimed/ntimed_git.bb index a749b16593..43ed1abe38 100644 --- a/meta-networking/recipes-support/ntimed/ntimed_git.bb +++ b/meta-networking/recipes-support/ntimed/ntimed_git.bb @@ -8,7 +8,7 @@ SECTION = "net" LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://main.c;beginline=2;endline=24;md5=89db8e76f2951f3fad167e7aa9718a44" -SRC_URI = "git://github.com/bsdphk/Ntimed \ +SRC_URI = "git://github.com/bsdphk/Ntimed;branch=master;protocol=https \ file://use-ldflags.patch" PV = "0.0+git${SRCPV}" diff --git a/meta-networking/recipes-support/ntopng/files/CVE-2021-36082.patch b/meta-networking/recipes-support/ntopng/files/CVE-2021-36082.patch new file mode 100644 index 0000000000..8fdd62d186 --- /dev/null +++ b/meta-networking/recipes-support/ntopng/files/CVE-2021-36082.patch @@ -0,0 +1,116 @@ +From 1ec621c85b9411cc611652fd57a892cfef478af3 Mon Sep 17 00:00:00 2001 +From: Luca Deri <deri@ntop.org> +Date: Sat, 15 May 2021 19:53:46 +0200 +Subject: [PATCH] Added further checks + +Upstream-Status: Backport [https://github.com/ntop/nDPI/commit/1ec621c85b9411cc611652fd57a892cfef478af3] +CVE: CVE-2021-36082 + +Signed-off-by: Changqing Li <changqing.li@windriver.com> + +--- + src/lib/protocols/netbios.c | 2 +- + src/lib/protocols/tls.c | 32 +++++++++++++++++--------------- + 2 files changed, 18 insertions(+), 16 deletions(-) + +diff --git a/src/lib/protocols/netbios.c b/src/lib/protocols/netbios.c +index 1f3850cb..0d3b705f 100644 +--- a/src/lib/protocols/netbios.c ++++ b/src/lib/protocols/netbios.c +@@ -42,7 +42,7 @@ int ndpi_netbios_name_interpret(char *in, size_t inlen, char *out, u_int out_len + int ret = 0, len, idx = inlen; + char *b; + +- len = (*in++)/2; ++ len = (*in++)/2, inlen--; + b = out; + *out = 0; + +diff --git a/src/lib/protocols/tls.c b/src/lib/protocols/tls.c +index 5b572cae..c115ac08 100644 +--- a/src/lib/protocols/tls.c ++++ b/src/lib/protocols/tls.c +@@ -994,21 +994,23 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, + i += 4 + extension_len, offset += 4 + extension_len; + } + +- ja3_str_len = snprintf(ja3_str, sizeof(ja3_str), "%u,", ja3.tls_handshake_version); ++ ja3_str_len = snprintf(ja3_str, JA3_STR_LEN, "%u,", ja3.tls_handshake_version); + +- for(i=0; i<ja3.num_cipher; i++) { +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.cipher[i]); ++ for(i=0; (i<ja3.num_cipher) && (JA3_STR_LEN > ja3_str_len); i++) { ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.cipher[i]); + + if(rc <= 0) break; else ja3_str_len += rc; + } + +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ","); +- if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; ++ if(JA3_STR_LEN > ja3_str_len) { ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ","); ++ if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; ++ } + + /* ********** */ + +- for(i=0; i<ja3.num_tls_extension; i++) { +- int rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.tls_extension[i]); ++ for(i=0; (i<ja3.num_tls_extension) && (JA3_STR_LEN-ja3_str_len); i++) { ++ int rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", (i > 0) ? "-" : "", ja3.tls_extension[i]); + + if(rc <= 0) break; else ja3_str_len += rc; + } +@@ -1443,41 +1445,41 @@ int processClientServerHello(struct ndpi_detection_module_struct *ndpi_struct, + int rc; + + compute_ja3c: +- ja3_str_len = snprintf(ja3_str, sizeof(ja3_str), "%u,", ja3.tls_handshake_version); ++ ja3_str_len = snprintf(ja3_str, JA3_STR_LEN, "%u,", ja3.tls_handshake_version); + + for(i=0; i<ja3.num_cipher; i++) { +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", + (i > 0) ? "-" : "", ja3.cipher[i]); + if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break; + } + +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ","); ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ","); + if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; + + /* ********** */ + + for(i=0; i<ja3.num_tls_extension; i++) { +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", + (i > 0) ? "-" : "", ja3.tls_extension[i]); + if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break; + } + +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ","); ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ","); + if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; + + /* ********** */ + + for(i=0; i<ja3.num_elliptic_curve; i++) { +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", + (i > 0) ? "-" : "", ja3.elliptic_curve[i]); + if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break; + } + +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, ","); ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, ","); + if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; + + for(i=0; i<ja3.num_elliptic_curve_point_format; i++) { +- rc = snprintf(&ja3_str[ja3_str_len], sizeof(ja3_str)-ja3_str_len, "%s%u", ++ rc = snprintf(&ja3_str[ja3_str_len], JA3_STR_LEN-ja3_str_len, "%s%u", + (i > 0) ? "-" : "", ja3.elliptic_curve_point_format[i]); + if(rc > 0 && ja3_str_len + rc < JA3_STR_LEN) ja3_str_len += rc; else break; + } +-- +2.17.1 + diff --git a/meta-networking/recipes-support/ntopng/ndpi_3.4.bb b/meta-networking/recipes-support/ntopng/ndpi_3.4.bb index 22e4d8e9ae..15f110d38c 100644 --- a/meta-networking/recipes-support/ntopng/ndpi_3.4.bb +++ b/meta-networking/recipes-support/ntopng/ndpi_3.4.bb @@ -9,8 +9,9 @@ LICENSE = "GPLv3" LIC_FILES_CHKSUM = "file://COPYING;md5=b52f2d57d10c4f7ee67a7eb9615d5d24" SRCREV = "64929a75e0a7a60d864bd25a9fd97fdf9ac892a2" -SRC_URI = "git://github.com/ntop/nDPI.git;branch=3.4-stable \ +SRC_URI = "git://github.com/ntop/nDPI.git;branch=3.4-stable;protocol=https \ file://0001-autogen.sh-not-generate-configure.patch \ + file://CVE-2021-36082.patch \ " S = "${WORKDIR}/git" diff --git a/meta-networking/recipes-support/ntopng/ntopng_4.2.bb b/meta-networking/recipes-support/ntopng/ntopng_4.2.bb index 5961866515..dede07bf5a 100644 --- a/meta-networking/recipes-support/ntopng/ntopng_4.2.bb +++ b/meta-networking/recipes-support/ntopng/ntopng_4.2.bb @@ -12,7 +12,7 @@ LICENSE = "GPLv3" LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504" SRCREV = "5e649a2d1130b4a3ab0c5bb673d615172cc0bdbb" -SRC_URI = "git://github.com/ntop/ntopng.git;protocol=git;branch=4.2-stable \ +SRC_URI = "git://github.com/ntop/ntopng.git;protocol=https;branch=4.2-stable \ file://0001-configure.seed-fix-configure-error.patch \ file://0001-configure.seed-fix-host-contamination.patch \ file://0001-Makefile.in-don-t-use-the-internal-lua.patch \ diff --git a/meta-networking/recipes-support/ntp/ntp/ntpdate b/meta-networking/recipes-support/ntp/ntp/ntpdate index 17b64d1335..be3bacfcd1 100755 --- a/meta-networking/recipes-support/ntp/ntp/ntpdate +++ b/meta-networking/recipes-support/ntp/ntp/ntpdate @@ -52,3 +52,8 @@ if [ -x /usr/bin/lockfile-create ] ; then fi ) & + +# wait for all subprocesses to finish +# this is required when using systemd service as ntpd will start before ntpdate finishes +# and results in a bind error (port 123) +wait diff --git a/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb b/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb index 7e168825e0..e668113c50 100644 --- a/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb +++ b/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb @@ -26,6 +26,9 @@ SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.g SRC_URI[sha256sum] = "f65840deab68614d5d7ceb2d0bb9304ff70dcdedd09abb79754a87536b849c19" +# CVE-2016-9312 is only for windows. +CVE_CHECK_WHITELIST += "CVE-2016-9312" + inherit autotools update-rc.d useradd systemd pkgconfig # The ac_cv_header_readline_history is to stop ntpdc depending on either diff --git a/meta-networking/recipes-support/open-isns/open-isns_0.101.bb b/meta-networking/recipes-support/open-isns/open-isns_0.101.bb index 0b1bb6d512..775f8b1998 100644 --- a/meta-networking/recipes-support/open-isns/open-isns_0.101.bb +++ b/meta-networking/recipes-support/open-isns/open-isns_0.101.bb @@ -13,7 +13,7 @@ SECTION = "net" DEPENDS = "openssl" -SRC_URI = "git://github.com/open-iscsi/open-isns \ +SRC_URI = "git://github.com/open-iscsi/open-isns;branch=master;protocol=https \ file://0001-isnsd.socket-use-run-instead-of-var-run.patch \ " diff --git a/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.2.5.bb b/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.2.5.bb index 473af8d41b..f1454405ee 100644 --- a/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.2.5.bb +++ b/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.2.5.bb @@ -25,7 +25,7 @@ LICENSE_modules/freebsd/vmxnet = "GPL-2.0" LICENSE_modules/linux = "GPL-2.0" LICENSE_modules/solaris = "CDDL-1.0" -SRC_URI = "git://github.com/vmware/open-vm-tools.git;protocol=https \ +SRC_URI = "git://github.com/vmware/open-vm-tools.git;protocol=https;branch=master \ file://tools.conf \ file://vmtoolsd.service \ file://vmtoolsd.init \ diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.5.2.bb b/meta-networking/recipes-support/openvpn/openvpn_2.5.2.bb index f82107dbee..646f0387ad 100644 --- a/meta-networking/recipes-support/openvpn/openvpn_2.5.2.bb +++ b/meta-networking/recipes-support/openvpn/openvpn_2.5.2.bb @@ -17,6 +17,9 @@ UPSTREAM_CHECK_URI = "https://openvpn.net/community-downloads" SRC_URI[md5sum] = "7643f135b49aee49df7d83c1f434dc4e" SRC_URI[sha256sum] = "b9d295988b34e39964ac475b619c3585d667b36c350cf1adec19e5e3c843ba11" +# CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn. +CVE_CHECK_WHITELIST += "CVE-2020-7224 CVE-2020-27569" + SYSTEMD_SERVICE_${PN} += "openvpn@loopback-server.service openvpn@loopback-client.service" SYSTEMD_AUTO_ENABLE = "disable" diff --git a/meta-networking/recipes-support/phytool/phytool.bb b/meta-networking/recipes-support/phytool/phytool.bb index 29499d6d7a..7fde88c447 100644 --- a/meta-networking/recipes-support/phytool/phytool.bb +++ b/meta-networking/recipes-support/phytool/phytool.bb @@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=39bba7d2cf0ba1036f2a6e2be52fe3f0" PV = "2+git${SRCPV}" SRCREV = "8882328c08ba2efb13c049812098f1d0cb8adf0c" -SRC_URI = "git://github.com/wkz/phytool.git" +SRC_URI = "git://github.com/wkz/phytool.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-networking/recipes-support/rdma-core/rdma-core_33.0.bb b/meta-networking/recipes-support/rdma-core/rdma-core_33.0.bb index 1c1569cfb0..d0a99ce297 100644 --- a/meta-networking/recipes-support/rdma-core/rdma-core_33.0.bb +++ b/meta-networking/recipes-support/rdma-core/rdma-core_33.0.bb @@ -5,7 +5,7 @@ SECTION = "libs" DEPENDS = "libnl" RDEPENDS_${PN} = "bash perl" -SRC_URI = "git://github.com/linux-rdma/rdma-core.git" +SRC_URI = "git://github.com/linux-rdma/rdma-core.git;branch=master;protocol=https" SRCREV = "e66ca0832e58dafac7af7ad9e6799eaef438061a" S = "${WORKDIR}/git" diff --git a/meta-networking/recipes-support/smcroute/smcroute_2.4.4.bb b/meta-networking/recipes-support/smcroute/smcroute_2.4.4.bb index 0b63f79aca..d8a1f6140f 100644 --- a/meta-networking/recipes-support/smcroute/smcroute_2.4.4.bb +++ b/meta-networking/recipes-support/smcroute/smcroute_2.4.4.bb @@ -6,7 +6,7 @@ LICENSE = "GPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" SRCREV = "a8e5847e5f7e411be424f9b52a6cdf9d2ed4aeb5" -SRC_URI = "git://github.com/troglobit/smcroute.git;branch=master;protocol=git" +SRC_URI = "git://github.com/troglobit/smcroute.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta-networking/recipes-support/spice/spice-protocol_git.bb b/meta-networking/recipes-support/spice/spice-protocol_git.bb index 1d56bea17c..ca683bf220 100644 --- a/meta-networking/recipes-support/spice/spice-protocol_git.bb +++ b/meta-networking/recipes-support/spice/spice-protocol_git.bb @@ -18,7 +18,7 @@ PV = "0.14.1+git${SRCPV}" SRCREV = "e0ec178a72aa33e307ee5ac02b63bf336da921a5" SRC_URI = " \ - git://anongit.freedesktop.org/spice/spice-protocol \ + git://anongit.freedesktop.org/spice/spice-protocol;branch=master \ " S = "${WORKDIR}/git" diff --git a/meta-networking/recipes-support/spice/spice_git.bb b/meta-networking/recipes-support/spice/spice_git.bb index 52dad71242..de53aedd2d 100644 --- a/meta-networking/recipes-support/spice/spice_git.bb +++ b/meta-networking/recipes-support/spice/spice_git.bb @@ -21,8 +21,8 @@ SRCREV_spice-common = "4fc4c2db36c7f07b906e9a326a9d3dc0ae6a2671" SRCREV_FORMAT = "spice_spice-common" SRC_URI = " \ - git://anongit.freedesktop.org/spice/spice;name=spice \ - git://anongit.freedesktop.org/spice/spice-common;destsuffix=git/subprojects/spice-common;name=spice-common \ + git://anongit.freedesktop.org/spice/spice;name=spice;branch=master \ + git://anongit.freedesktop.org/spice/spice-common;destsuffix=git/subprojects/spice-common;name=spice-common;branch=master \ file://0001-Convert-pthread_t-to-be-numeric.patch \ file://0001-Fix-compile-errors-on-Linux-32bit-system.patch \ file://0001-configure.ac-explicitly-link-to-jpeg-lib.patch \ diff --git a/meta-networking/recipes-support/spice/usbredir_0.9.0.bb b/meta-networking/recipes-support/spice/usbredir_0.9.0.bb index 079f52f99b..5245f95f5c 100644 --- a/meta-networking/recipes-support/spice/usbredir_0.9.0.bb +++ b/meta-networking/recipes-support/spice/usbredir_0.9.0.bb @@ -10,7 +10,7 @@ DEPENDS = "libusb1" SRCREV = "bca484fc6f206ab9da2f73e8a0118fad45374d4e" SRC_URI = " \ - git://anongit.freedesktop.org/spice/usbredir \ + git://anongit.freedesktop.org/spice/usbredir;branch=master \ " S = "${WORKDIR}/git" diff --git a/meta-networking/recipes-support/unbound/unbound_1.12.0.bb b/meta-networking/recipes-support/unbound/unbound_1.12.0.bb index 6fc1631714..9a41744f40 100644 --- a/meta-networking/recipes-support/unbound/unbound_1.12.0.bb +++ b/meta-networking/recipes-support/unbound/unbound_1.12.0.bb @@ -9,7 +9,7 @@ SECTION = "net" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=5308494bc0590c0cb036afd781d78f06" -SRC_URI = "git://github.com/NLnetLabs/unbound.git;protocol=http;branch=master \ +SRC_URI = "git://github.com/NLnetLabs/unbound.git;protocol=http;branch=master;protocol=https \ file://0001-contrib-add-yocto-compatible-init-script.patch \ " SRCREV="52b04806f4236c37acd10179ab465a54adc7e86a" diff --git a/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch b/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch index c1a528f90d..134633f668 100644 --- a/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch +++ b/meta-networking/recipes-support/wireshark/files/0004-lemon-Remove-line-directives.patch @@ -12,11 +12,11 @@ Signed-off-by: Oleksiy Obitotskyy <oobitots@cisco.com> cmake/modules/UseLemon.cmake | 49 +++++++++++++++++++++++++----------- 1 file changed, 34 insertions(+), 15 deletions(-) -diff --git a/cmake/modules/UseLemon.cmake b/cmake/modules/UseLemon.cmake -index 849ffc1..ca38ab7 100644 ---- a/cmake/modules/UseLemon.cmake -+++ b/cmake/modules/UseLemon.cmake -@@ -7,21 +7,40 @@ MACRO(ADD_LEMON_FILES _source _generated) +Index: wireshark-3.4.11/cmake/modules/UseLemon.cmake +=================================================================== +--- wireshark-3.4.11.orig/cmake/modules/UseLemon.cmake ++++ wireshark-3.4.11/cmake/modules/UseLemon.cmake +@@ -7,21 +7,40 @@ MACRO(ADD_LEMON_FILES _source _generated SET(_out ${CMAKE_CURRENT_BINARY_DIR}/${_basename}) @@ -26,7 +26,7 @@ index 849ffc1..ca38ab7 100644 - # These files are generated as side-effect - ${_out}.h - ${_out}.out -- COMMAND lemon +- COMMAND $<TARGET_FILE:lemon> - -T${_lemonpardir}/lempar.c - -d. - ${_in} @@ -72,6 +72,3 @@ index 849ffc1..ca38ab7 100644 LIST(APPEND ${_source} ${_in}) LIST(APPEND ${_generated} ${_out}.c) --- -2.26.2.Cisco - diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.5.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb index f440328027..df1fb89f0a 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_3.4.5.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb @@ -19,7 +19,7 @@ SRC_URI += " \ UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" -SRC_URI[sha256sum] = "de1aafd100a1e1207c850d180e97dd91ab8da0f5eb6beec545f725cdb145d333" +SRC_URI[sha256sum] = "a0e227bce2cc3a51ef3301891a0243231990b52a39b68a84a6e32f69c4e75279" PE = "1" diff --git a/meta-networking/recipes-support/wpan-tools/wpan-tools_0.9.bb b/meta-networking/recipes-support/wpan-tools/wpan-tools_0.9.bb index bab75fee3f..6b83cbd522 100644 --- a/meta-networking/recipes-support/wpan-tools/wpan-tools_0.9.bb +++ b/meta-networking/recipes-support/wpan-tools/wpan-tools_0.9.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4cfd939b1d7e6aba9fcefb7f6e2fd45d" DEPENDS = "libnl" -SRC_URI = "git://github.com/linux-wpan/wpan-tools" +SRC_URI = "git://github.com/linux-wpan/wpan-tools;branch=master;protocol=https" SRCREV = "a316ca2caa746d60817400e5bf646c2820f09273" S = "${WORKDIR}/git" |