aboutsummaryrefslogtreecommitdiffstats
path: root/meta-networking/recipes-support
Commit message (Collapse)AuthorAgeFilesLines
* tcpslice: fix do_installRoy Li2015-12-271-1/+2
| | | | | | | | | | replace to run "make install" with directly calling install command, since "make install" asks "bin" user and group, and maybe fail when system has not; Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* tcpdump: add PACKAGECONFIG for smiMartin Jansa2015-10-161-0/+1
| | | | | | | | | | | | | | | | | | | * libsmi is autodetected in configure, but in most cases disabled because of cross-compilation so keep it explicitly disabled * resolves following difference in builds with and without libsmi built before tcpdump: 4.7.4-r0-with/temp/log.do_configure:checking smi.h usability... yes 4.7.4-r0-with/temp/log.do_configure:checking smi.h presence... yes 4.7.4-r0-with/temp/log.do_configure:checking for smi.h... yes 4.7.4-r0-with/temp/log.do_configure:checking for smiInit in -lsmi... yes 4.7.4-r0-with/temp/log.do_configure:checking whether to enable libsmi... not when cross-compiling 4.7.4-r0-without/temp/log.do_configure:checking smi.h usability... no 4.7.4-r0-without/temp/log.do_configure:checking smi.h presence... no 4.7.4-r0-without/temp/log.do_configure:checking for smi.h... no Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ipsec-tools: Security Advisory - CVE-2015-4047Roy Li2015-07-192-0/+37
| | | | | | | | | | | | | This fixed the CVE-2015-4047: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4047 Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Conflicts: meta-networking/recipes-support/ipsec-tools/ipsec-tools_0.8.2.bb
* pimd: add do_install to pimdHongxu Jia2015-04-011-0/+7
| | | | | | | | | | | | The previous do_install is empty and do nothing. Unset variables datadir and mandir, use pimd's default set. So it could install doc files correctly. Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: update to 12.4Armin Kuster2015-03-211-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | The following vulnerabilities have been fixed. * [1]wnpa-sec-2015-06 The ATN-CPDLC dissector could crash. ([2]Bug 9952) [3]CVE-2015-2187 * [4]wnpa-sec-2015-07 The WCP dissector could crash. ([5]Bug 10844) [6]CVE-2015-2188 * [7]wnpa-sec-2015-08 The pcapng file parser could crash. ([8]Bug 10895) [9]CVE-2015-2189 * [10]wnpa-sec-2015-09 The LLDP dissector could crash. ([11]Bug 10983) [12]CVE-2015-2190 * [13]wnpa-sec-2015-10 The TNEF dissector could go into an infinite loop. Discovered by Vlad Tsyrklevich. ([14]Bug 11023) [15]CVE-2015-2191 * [16]wnpa-sec-2015-11 The SCSI OSD dissector could go into an infinite loop. Discovered by Vlad Tsyrklevich. ([17]Bug 11024) [18]CVE-2015-2192 For more information see https://www.wireshark.org/docs/relnotes/wireshark-1.12.4.html Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: fix pcap-config issueArmin Kuster2015-03-211-3/+4
| | | | | | | | | | | | | configure: error: Header file pcap.h not found; if you installed libpcap don't use pcap. Use the internal version. And minor configure cleanups Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: fix rdepends issueArmin Kuster2015-03-211-3/+11
| | | | | | | | Added a few more PACKAGECONF options Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: update to 1.12.3Armin Kuster2015-03-211-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | The following vulnerabilities have been fixed. * [1]wnpa-sec-2015-01 The WCCP dissector could crash. ([2]Bug 10720, ws-buglink:10806) CVE-2015-0559, CVE-2015-0560 * [3]wnpa-sec-2015-02 The LPP dissector could crash. ([4]Bug 10773) CVE-2015-0561 * [5]wnpa-sec-2015-03 The DEC DNA Routing Protocol dissector could crash. ([6]Bug 10724) CVE-2015-0562 * [7]wnpa-sec-2015-04 The SMTP dissector could crash. ([8]Bug 10823) CVE-2015-0563 * wnpa-sec-2015-05 Wireshark could crash while decypting TLS/SSL sessions. Discovered by Noam Rathaus. CVE-2015-0564 Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* ntp: fix several security issuesArmin Kuster2014-12-296-3/+426
| | | | | | | | | * CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, and CVE-2014-9296. For more details please see: https://ics-cert.us-cert.gov/advisories/ICSA-14-353-01A Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* PNBLACKLIST: use weak assignmentsMartin Jansa2014-12-261-1/+1
| | | | | | | | * this makes it easier to unblacklist it from local.conf which is parsed before the recipes Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* wireshark: update to 1.12.2Armin Kuster2014-12-011-2/+2
| | | | | | | | | | | | | | | | | | | | | | | The following vulnerabilities have been fixed. * wnpa-sec-2014-20 SigComp UDVM buffer overflow. (Bug 10662) CVE-2014-8710 * wnpa-sec-2014-21 AMQP crash. (Bug 10582) CVE-2014-8711 * wnpa-sec-2014-22 NCP crashes. (Bug 10552, Bug 10628) CVE-2014-8712, CVE-2014-8713 * wnpa-sec-2014-23 TN5250 infinite loops. (Bug 10596) CVE-2014-8714 Reference: https://www.wireshark.org/docs/relnotes/wireshark-1.12.2.html Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* openvpn: bypass check for /sbin/ip on the hostBen Shelton2014-10-301-0/+3
| | | | | | | | | | | | | In the commit 'openvpn: use default iproute2 path', the configure flag to explicitly set the iproute2 path was removed, since busybox now provides the 'ip' applet at the default path. However, setting this flag is necessary to bypass the configure-time check for /sbin/ip on the host, which will otherwise fail if iproute2 is not installed on the host. Add back the flag (pointing to the correct path), and add a comment to describe why this is necessary. Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* tcpdump: Add ptestHongjun.Yang2014-10-303-1/+50
| | | | | | | Add ptest supports for tcpdump Signed-off-by: Hongjun.Yang <hongjun.yang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* wireshark: add PACKAGECONFIG for krb5Jackie Huang2014-10-211-0/+1
| | | | | | | | * fixes floating dependency: WARNING: QA Issue: wireshark rdepends on krb5, but it isn't a build dependency? [build-deps] Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* ntp: add status for initscriptWenzong Fan2014-10-211-1/+8
| | | | | Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* ntp: fix path to drift fileWenzong Fan2014-10-141-1/+1
| | | | | | | | | | | | The default path of ntp drift file is /etc/ntp.drift, ntp daemon maybe fails to create this file since the user ntp is not always permitted to write /etc. Refer to other distributions such as RedHat, Debian, just moving the file to /var/lib/ntp which the home dir of user ntp. Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* ntp: create and package ntp home directoryPeter Bigot2014-10-141-1/+7
| | | | | | | | This allows the base recipe and bbappends to reference persistent mutable state such as a drift file. Signed-off-by: Peter A. Bigot <pab@pabigot.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* openvpn: use default iproute2 pathpieterg2014-10-101-1/+0
| | | | | | | Since busybox 1.21, the 'ip' applet has the default path (/sbin/ip) Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* ssmping: add recipe for ssmping-0.9.1YangHaibo2014-09-261-0/+10
| | | | | Signed-off-by: YangHaibo <b40869@freescale.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* memcached: add bash to RDEPENDS_memcachedRobert Yang2014-09-261-1/+3
| | | | | | | | | | | | | | | | | | | | | | Bashism: possible bashism in memcached/etc/init.d/memcached line 40 (bash arrays, ${name[0|*|@]}): if [ -r "${FILES[0]}" ]; then possible bashism in memcached/etc/init.d/memcached line 42 (bash arrays, ${name[0|*|@]}): for FILE in "${FILES[@]}"; possible bashism in memcached/etc/init.d/memcached line 53 (should be VAR="${VAR}foo"): CONFIGS+=($NAME) possible bashism in memcached/etc/init.d/memcached line 54 (should be 'b = a'): elif [ "memcached_$2" == "$NAME" ]; possible bashism in memcached/etc/init.d/memcached line 62 (bash arrays, ${name[0|*|@]}): if [ ${#CONFIGS[@]} == 0 ]; possible bashism in memcached/etc/init.d/memcached line 71 (bash arrays, ${name[0|*|@]}): CONFIG_NUM=${#CONFIGS[@]} possible bashism in memcached/etc/init.d/memcached line 72 ('((' should be '$(('): for ((i=0; i < $CONFIG_NUM; i++)); do possible bashism in memcached/etc/init.d/memcached line 73 (bash arrays, ${name[0|*|@]}): NAME=${CONFIGS[${i}]} Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
* stunnel: add perl to RDEPENDS_stunnelRobert Yang2014-09-261-0/+2
| | | | | | | Perl: stunnel/usr/bin/stunnel3:#!/usr/bin/perl Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
* ndisc6: add perl to RDEPENDS_ndisc6-miscRobert Yang2014-09-261-0/+1
| | | | | | | Perl: ndisc6-misc/usr/bin/dnssort:#! /usr/bin/perl Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
* arptables: remove bashismRobert Yang2014-09-262-0/+38
| | | | | | | | | | | | | Bashism: possible bashism in arptables/etc/init.d/arptables line 14 (should be '.', not 'source'): source /etc/init.d/functions possible bashism in arptables/etc/init.d/arptables line 96 ($"foo" should be eval_gettext "foo"): echo $"Usage $0 {start|stop|restart|condrestart|save|status}" Use "." to replace of "source", and change /bin/bash to /bin/sh, the echo $"foo" works well in our busybox. Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
* aoetools: no bashism in aoe-statRobert Yang2014-09-262-1/+30
| | | | | | So use /bin/sh. Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
* pimd: add recipe for pimd-2.1.8YangHaibo2014-09-231-0/+10
| | | | | | Signed-off-by: YangHaibo <b40869@freescale.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* wireshark: not put the CC options into CFLAGS_FOR_BUILDRoy.Li2014-09-232-0/+47
| | | | | Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* wireshark: update to 12.1Armin Kuster2014-09-231-11/+10
| | | | | | | | | | | | | | | | | following security fixes included: MEGACO dissector infinite loop. (Bug 10333) CVE-2014-6423 Netflow dissector crash. (Bug 10370) CVE-2014-6424 CUPS dissector crash. (Bug 10353) CVE-2014-6425 HIP dissector infinite loop. CVE-2014-6426 RTSP dissector crash. (Bug 10381) CVE-2014-6427 SES dissector crash. (Bug 10454) CVE-2014-6428 Sniffer file parser crash. (Bug 10461) CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432 re-org'd dd file to be more in-line with style guide. Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* tcpslice: add recipe under tcpdumpRoy Li2014-09-093-0/+125
| | | | | | | | | tcpslice is a tool for extracting parts of a tcpdump packet trace, so put it under tcpdump dir Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* dnsmasq: uprev it to 2.71Joe MacDonald2014-09-093-23/+37
| | | | | | | Refreshed lua.patch due to whitespace changes in top-level Makefile. Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* ipsec-tools: Fix pfkey UPDATE failure caused by EINTRJackie Huang2014-09-092-0/+221
| | | | | | | | | | | | | While kernel is processing the UPDATE message which is sent from racoon, it maybe interrupted by certain system signal and if this case happens, kernel responds with an EINTR message to racoon and kernel fails to establish the corresponding SA. Fix this problem by resend the UPDATE message when EINTR(Interrupted system call) error happens. Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* aoetools: uprev to version 36Roy Li2014-09-081-2/+2
| | | | | Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* lowpan-tools: Move to 0.3.1 releaseKhem Raj2014-09-081-3/+3
| | | | | | | Also fix the git SRC_URI location Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* ipsec-tools: Fix build with glibc 2.20Khem Raj2014-09-082-0/+24
| | | | | Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* memcached: add knob to detect whether hugetlbfs are checkedChong Lu2014-09-082-3/+42
| | | | | | | | | Add knob to detect whether hugetlbfs are checked or not. This patch fixed the error: ld: cannot find -lhugetlbfs Signed-off-by: Chong Lu <Chong.Lu@windriver.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* ntp: add deterministic support for KPPS interfacePeter Bigot2014-09-011-0/+2
| | | | | | | | | | | | | | ntp checks for presence of sys/timepps.h to determine whether the kernel supports the RFC 2783 KPPS interface. Under Linux the pps-tools package installs this header. Without this feature the ATOM clock driver does not work, and other drivers like NMEA have reduced precision. Remove the feature non-determinism and increase ntpd capabilities by adding an explicit dependency. See: http://doc.ntp.org/4.2.6/kernpps.html Signed-off-by: Peter A. Bigot <pab@pabigot.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* ntp: re-enable server debugging and control by PACKAGECONFIGPeter Bigot2014-09-012-25/+3
| | | | | | | | | | | | | | | | | | The description in a previous patch to disable debugging is incorrect. Although the option is default-enabled in configure.ac, configure does respect the option that disables it. In ntp 4.2.7 the option code is refactored to ntp_debug.m4 and has an effect in sntp as well. Adding --disable-debugging to the top-level configure options overrides the default for both 4.2.6 and 4.2.7 without patching the distribution. Make the selection explicit and configurable, but restore the historical default. Absence of debugging capability in the server makes it difficult to validate complex configurations. Signed-off-by: Peter A. Bigot <pab@pabigot.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* strongswan: uprev to version 5.2.0Jackie Huang2014-08-213-68/+2
| | | | | | | | | * removed two patches which were already integrated in 5.2.0: strongswan-4.3.3-5.1.1_asn1_unwrap.patch strongswan-5.0.0-5.1.2_reject_child_sa.patch Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* traceroute: uprev it to 2.0.20Roy Li2014-08-211-7/+5
| | | | | | | | | | | | | | 1. uprev to 2.0.20 2. Update the license md5sum, since the address is changed in COPYING*: From: Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA To: Copyright (C) 1989, 1991 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* tcpdump: uprev it to 4.6.1Roy Li2014-08-218-98/+6
| | | | | | | | | 1. uprev to 4.6.1 2. remove three obsolete patches 3. use PACKAGECONFIG, and the default value is ipv6 openssl Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* wireshark: add libsmi portaudio to PACKAGECONFIGRoy.Li2014-08-211-1/+3
| | | | | Signed-off-by: Roy.Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* ntp: fix CVE-2013-5211Zhang Xiao2014-08-212-0/+113
| | | | | | | | | | | The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013. Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* ntp: Disable debugging by defaultXufeng Zhang2014-08-212-0/+24
| | | | | | | | | | There is a problem in configure.ac file that whether or not '--enable-debugging' is specified in configure cmdline, debugging is always enabled. We should disable ntp debugging by default. Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* curlpp: fix do_compile failed since gcc upgrade to 4.9Hongxu Jia2014-08-132-2/+48
| | | | | | | | | | | | | The deprecated test code was no longer used, so remove it to avoid compiling failure with -Werror=unused-function ... | example21.cpp:51:8: error: 'size_t {anonymous}::readData(char*, size_t, size_t)' defined but not used [-Werror=unused-function] | size_t readData(char *buffer, size_t size, size_t nitems) ... Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* ipsec-tools: uprev it to 0.8.2Roy Li2014-08-132-39/+2
| | | | | | | Remove 0001-Fix-warning-with-gcc-4.8.patch, it has been in 0.8.2 Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* ifenslave: add recipesRoy Li2014-08-131-0/+18
| | | | | Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* dnsmasq: add packageconfigs for idn, conntrack, luaChristopher Larson2014-08-131-4/+10
| | | | | Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* dnsmasq: look for lua.pc, not lua5.1.pcChristopher Larson2014-08-133-1/+20
| | | | | Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* dnsmasq: move parallel make patch to .bb, add upstream-statusChristopher Larson2014-08-133-1/+3
| | | | | | | | Patches really belong in the recipe, not the .inc, given patches are generally version-bound. Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* dnsmasq: obey CFLAGS & LDFLAGSChristopher Larson2014-08-131-0/+4
| | | | | Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* dnsmasq: add missing inherit pkgconfigChristopher Larson2014-08-131-1/+1
| | | | | | | dnsmasq runs pkg-config to get cflags/libs for its dependencies. Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>