| Age | Commit message (Collapse) | Author |
|---|
|
The licenses were renamed to match their SPDX names, fix the
references in LIC_FILES_CHKSUM in OE-Core.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Bug fix only and includes two security fixes:
CVE-2021-26675
CVE-2021-26676
Changelog:
- Fix issue with scanning state synchronization and iwd.
- Fix issue with invalid key with 4-way handshake offloading.
- Fix issue with DNS proxy length checks to prevent buffer overflow.
- Fix issue with DHCP leaking stack data via uninitialized variable.
[Yocto #14231]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Without further examples of how this is failing revert as using both
together is a valid use case, for example connman handling Wifi/AP
and systemd-networkd handling more complex routing such as for
containers and ethernet switches.
This reverts commit 5303420ead25817f5caec276b79eec7ee797271a.
Signed-off-by: Jack Mitchell <ml@embed.me.uk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Do not run systemd-networkd and connman simultaneously. These two
network managers may conflict with each other.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
A directory can be specified in SRC_URI, there is no need to use
globbing. This means that the files are checksummed correctly and
the recipe rebuilds when the files change as globbing breaks that.
We're about to remove the use of globbing in SRC_URI so improve these.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When vpnc support is included through PACKAGECONFIG, there
is now an extra vpn-script coming after the atest upgrade,
include that script into FILES so it gets packaged.
Signed-off-by: Alejandro Hernandez Samaniego <alejandro@enedino.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Most of these were unused, remaining in the inc files long after the
PR values were removed from the recipes.
The only two which did anything wre in xorg-font and for those,
bump PR by hand and remove the INC_PR to clean up all references.
This kind of change is much better handled by PRServ now.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop a patch merged upstream.
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The client depends on readline which is GPLv3. Add a PACKAGECONFIG so users who
don't need the client and are against GPLv3 can disable it.
Also remove the explicit installation of the client in do_install_append, as the
Makefile installs it now.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
nf_tables_inet.ko and nf_tables_ipv4.ko and nf_tables_ipv6.o
(and nf_tables_arp.ko and nf_tables_netdev.ko) were merged into
the core nf_tables.ko before v4.17 in kernel commit
02c7b25e5f54 netfilter: nf_tables: build-in filter chain type
nf_meta.ko was merged to be a builtin of nf_tables.ko before
v4.18 in kernel commit
8a22543c8e70 netfilter: nf_tables: make meta expression builtin
Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
rename
Besides checking DISTRO_FEATURES for required or conflicting features,
being able to check MACHINE_FEATURES and/or COMBINED_FEATURES may also
be useful at times.
Temporarily support the old class name with a warning about future
deprecation.
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The connman-wait-online package currently isn't marked as
systemd-enabled package. This means it is impossible to
auto-enable the service during image creation or package
installation, as no preset files and no pkg_postinst()
snippet is being created.
This change should have been done as part of the
upgrade to v1.31
Note:
connman-wait-online is needed when connman is in use
in more complex network/interface setups for systemd's
network-online.target to report success.
systemd-networkd's systemd-networkd-wait-online.service
alone doesn't work in such scenarios and simply times
out, as it know nothing about the expected network/
interface configuration, meaning the target doesn't
boot successfully (systemctl list-units --failed),
and long delays are seen, caused by waiting for the
systemd-networkd-wait-online.service timeout.
Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
bluez4 was removed from meta-oe 2 years ago.
Simplfy the setup of the two level bluetooth and bluez4/bluez5
distro features by removing the bluez4/bluez5 distro features.
This also removes the no longer required bluetooth class.
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
musl > v1.1.21 changed the implementation of the freeaddrinfo() function
not allowing anymore to pass null pointers to it.
This was causing a segmentation fault in connman.
Signed-off-by: Nicola Lunghi <nick83ola@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
enabled
* import 2 fixes from LuneOS
* with l2tp PACKAGECONFIG enabled connman depends on MACHINE_ARCH xl2tpd:
=== Comparing signatures for task do_package_write_ipk.sigdata between hammerhead and mako ===
ERROR: connman different signature for task do_package_write_ipk.sigdata between hammerhead and mako
NOTE: Starting bitbake server...
Hash for dependent task xl2tpd/xl2tpd_git.bb.do_packagedata changed from 6312d5711b5c2c1a85ee235d09bf37a8ec00f7ad9e7248c087bb83ef1d5bd078 to c0d3ef52b37bda945d8b2a015980ddb8fe7b4b3dca3d82d71a84176cc5125142
Unable to find matching sigdata for /OE/build/luneos-master/webos-ports/meta-openembedded/meta-networking/recipes-protocols/xl2tpd/xl2tpd_git.bb.do_packagedata with hashes 6312d5711b5c2c1a85ee235d09bf37a8ec00f7ad9e7248c087bb83ef1d5bd078 or c0d3ef52b37bda945d8b2a015980ddb8fe7b4b3dca3d82d71a84176cc5125142
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Removed patch has been upstreamed.
Changelog:
- Fix issue with handling invalid gateway addresses.
- Fix issue with handling updates of default gateway.
- Fix issue with DHCP servers that require broadcast flag.
- Add support for option to use gateways as time servers.
- Add support for option to select default technology.
- Add support for Address Conflict Detection (ACD).
- Add support for IPv6 iptables management.
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Commit 85b76e52d206 "connman: update to 1.36" dropped
0001-inet-Add-prefixlen-to-iproute_default_function.patch
from recipe, but left the patch itself in source tree.
Remove this patch since nobody uses it.
Cc: Oleksandr Kravchuk <dev@sashko.rv.ua>
Signed-off-by: Ruslan Bilovol <ruslan.bilovol@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Fix handling of escape characters in regexs and hence fix python
Deprecation warnings which will be problematic in python 3.8.
Note that some show up as:
"""
meta/classes/package.bbclass:1293: DeprecationWarning: invalid escape sequence \.
"""
where the problem isn't on 1293 in package.bbclass but in some _prepend to a
package.bbclass function in a different file like mesa.inc, often from
do_package_split() calls.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
- updated connman to v1.36
- removed mainstreamed patches
- includes.patch has been rabased and transformed into git format
Signed-off-by: Oleksandr Kravchuk <dev@sashko.rv.ua>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
These patches are all upstream now, so mark as Backport.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The upstreamable include-tweaking patches contained fragments that should be in
the not-upstreamable musl-specific res_ninit replacement, so move them to the
right patch.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Implement subnet route creation/deletion in session, e.g.
default via 192.168.100.1 dev eth0
192.168.100.0/24 dev eth0
Signed-off-by: Jian Liang <jianliang@tycoint.com>
Signed-off-by: André Draszik <andre.draszik@jci.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is happened when doing wispr against a HTTPS URL
rather than the default one, i.e.
http://ipv4.connman.net/online/status.html
When gnutls_channel is instantiated, the gnutls_channel->established
has to be initiated as FALSE. Otherwise, check_handshake function
won't work. A random initial value 1 of gnutls_channel->established
will make check_handshake return G_IO_STATUS_NORMAL, when the channel
is actually not ready to be used. The observed behaviours are,
- wispr is getting random errors in wispr_portal_web_result
- ConnMan crashes on exit after those random errors
- when wispr is luckly working, ConnMan doesn't crash on exit
Signed-off-by: Jian Liang <jianliang@tycoint.com>
Signed-off-by: André Draszik <andre.draszik@jci.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When more than one session are created with the same
"AllowedInterface", connman failed to update nat-
postrouting rules when new IP address was got
Signed-off-by: Jian Liang <jianliang@tycoint.com>
Signed-off-by: André Draszik <andre.draszik@jci.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Recipes can't rely on IMAGE_FEATURES to determine whether the
resulting packages will be used in an image with read/write or
read-only rootfs because IMAGE_FEATURES is a per-image recipe
variable.
The connman.inc code checked IMAGE_FEATURES to determine whether
/var/run/connman needs to be created via tmpfiles.d when booting a
read-only rootfs. In my tests that is not necessary (anymore?),
something (connman itself?) creates the missing directory.
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Below two patches are applied in v1.35
- 0001-firewall-nftables-fix-build-with-libnftnl-1.0.7.patch
- CVE-2017-12865.patch
Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
dnsproxy: Fix crash on malformed DNS response
If the response query string is malformed, we might access memory
pass the end of "name" variable in parse_response().
[YOCTO #11959]
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
libc headers now have a backported patch that fixes this.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
When building with nftables support, connman doesn't ever
depend on the nftables command line tool.
connman will depend on libmnl and libnftnl at build and
run time. In addition, the nftables rules it creates
depend on various kernel modules being present.
Update the PACKAGECONFIG to reflect this. We use the
just introduced RRECOMMENDS field so as to make the
build still succeed if those kernel modules have been
linked statically into the kernel, i.e. when the
packages haven't actually been created.
Signed-off-by: André Draszik <adraszik@tycoint.com>
Acked-by: Sylvain Lemieux <slemieux@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Due to recent modifications related to systemd, sysvinit builds began
to show this warning:
WARNING: connman-1.34-r0 do_package: connman: NOT adding alternative
provide /etc/resolv.conf: /etc/resolv-conf.connman does not exist
Fix this warning by making those updates specific to systemd.
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
connman fails to start in systemd based read-only images while creating links:
Jun 08 12:53:56 qemux86-64 systemd[1]: Starting Create Volatile Files
and Directories...
Jun 08 12:53:56 qemux86-64 systemd-tmpfiles[366]:
[[0;1;31msymlink(/var/run/connman/resolv.conf, /etc/resolv.conf) failed:
Read-only file system[[0m
Fix this failure and make connman co-exist with systemd-resolved.
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
1.33 -> 1.34
1. Refreshed 0001-Fix-compile-on-musl-with-kernel-4.9-headers.patch
2. Removed upstreamed patch:
0003-stats-Fix-bad-file-descriptor-initialisation.patch
3. Provided PACKAGECONFIGs for nftables and iptables support
4. Add new patch to fix build with nftables:
0001-firewall-nftables-fix-build-with-libnftnl-1.0.7.patch
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Kernel headers break when musl defines IFF_LOWER_UP. While
waiting for more proper fix in musl, add a workaround to connman.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
getVar() now defaults to expanding by default, thus remove the True
option from getVar() calls with a regex search and replace.
Search made with the following regex: getVar ?\(( ?[^,()]*), True\)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Import a patch from upstream, which fixes a connman daemon freeze
under certain conditions (multiple active interfaces, no r/w storage).
Signed-off-by: Lukasz Nowak <lnowak@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The aim of the original commit was to make connman-gnome load the icons
at the exact size of the systray. There are two problems with this:
* There are not enough icon sizes provided to make the scaling
look good at most sizes (including current panel size)
* Both connman-gnome and mb-panel have bugs in the icon size update
code and using scaling to exact size makes these much more visible
(See bug 9995 for example).
The problems the original commit tried to fix can be worked around
with better packing in matchbox-panel-2.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We do that everywhere else, and otherwise anybody
extending SRC_URI through bbappend must know to
add a space at the end, which is an unusual
requirement.
Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The upstreamable include fixes have been sent upstream. The patch set adds
AC_USE_SYSTEM_EXTENSIONS so we don't need to explictly define _GNU_SOURCE
anymore.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
With binutils 2.27 on at least MIPS, connmand will crash on startup. This
appears to be due to the symbol visibilty scripts hiding symbols that stdio
looks up at runtime, resulting in it segfaulting.
This certainly appears to be a bug in binutils 2.27 although the problem has
been known about for some time:
https://sourceware.org/bugzilla/show_bug.cgi?id=17908
As the version scripts are only used to hide symbols from plugins we can safely
remove the scripts to work around the problem until binutils is fixed.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
1.32 -> 1.33
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Update the Gtk3 patch to make the StatusIcon load pixbufs at (more)
correct sizes -- Gtk3 does not seem to reliably position the icon
otherwise.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Upstream is not really active anymore: patch the Gtk+3 upgrade
in for now (long term solution is to change to another UI).
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
They are not compatible with python 3, and require python-dbus
and python-gobject (which are provided only for Python 3).
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Removed following upstreamed/backported patches:
a) 0001-Detect-backtrace-API-availability-before-using-it.patch
b) 0001-iptables-Add-missing-function-item-of-xtables-to-mat.patch
Rearranged musl related patches.
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This is required for dbus-binding-tool.
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The struct of xtables_globals has been modified in iptables 1.6.
If connman runs with iptables 1.6, it can crash.
Program received signal SIGSEGV, Segmentation fault.
0x00000000 in ?? ()
0xb7dea89c in xtables_find_target () from /usr/lib/libxtables.so.11
0xb7deac1c in ?? () from /usr/lib/libxtables.so.11
0xb7dea793 in xtables_find_target () from /usr/lib/libxtables.so.11
The the missing function item of xtables is added to xtables_globals.
It can fix the above issue.
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
connman-conf is now a systemd oneshot and therefore doesn't need to
be sed'ed in to the ConnMan service file.
Note: this doesn't affect sysvinit where we provide a ConnMan
init script which checks for the presence of the wired-networking
script and, if it exists, executes it as part of the connman init.
[YOCTO #8399]
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Install a oneshot unit file that is started before ConnMan to
configure a wired network inteface with the wired-setup script,
rather than requiring this script to be manually run some how.
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
Richard Purdie
akuster
Jack Mitchell
Yi Zhao
Alejandro Hernandez
Alexander Kanavin
Ross Burton
André Draszik
Denys Dmytriyenko
Adrian Bunk
Changqing Li
Nicola Lunghi
Martin Jansa
Oleksandr Kravchuk
Ruslan Bilovol
Olekandr Kravchuk
Jian Liang
Patrick Ohly
Changhyeok Bae
Sona Sarmadi
Jussi Kukkonen
André Draszik
Maxin B. John
Peter Kjellerstedt
Joshua Lock
Lukasz Nowak
Alexander Kanavin
Joshua Lock