aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
Commit message (Collapse)AuthorAgeFilesLines
* openssl: add support for mingw64 as targetDeepak Rawat2020-12-181-0/+5
| | | | | | | | | | Engines are installed in a slightly different path, and the host type doesn't precisely match in x86_64 Co-authored-by: Paul Eggleton <paul.eggleton@microsoft.com> Co-authored-by: Deepak Rawat <derawa@microsoft.com> Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Update 1.1.1h -> 1.1.1iKhairul Rohaizzat Jamaluddin2020-12-181-1/+1
| | | | | | | | | | | | update version to 1.1.1i openssl 1.1.1i Fixed NULL pointer deref in GENERAL_NAME_cmp (CVE-2020-1971) updates include fix for CVE: CVE-2020-1971 Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: upgrade 9.3.2 -> 9.3.4Yi Zhao2020-12-152-1/+31
| | | | | | | Backport a patch to fix privsep build error on ppc. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: fix reproducibilityAlexander Kanavin2020-12-092-12/+44
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: upgrade 9.16.7 -> 9.16.9Alexander Kanavin2020-12-0910-2/+2
| | | | | | | License-Update: http -> https Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Revert "connman: set service to conflict with systemd-networkd"Jack Mitchell2020-12-062-30/+0
| | | | | | | | | | | | Without further examples of how this is failing revert as using both together is a valid use case, for example connman handling Wifi/AP and systemd-networkd handling more complex routing such as for containers and ethernet switches. This reverts commit 5303420ead25817f5caec276b79eec7ee797271a. Signed-off-by: Jack Mitchell <ml@embed.me.uk> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* socat: make building with OpenSSL support optionalAlexander Vickberg2020-11-241-4/+3
| | | | | Signed-off-by: Alexander Vickberg <wickbergster@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: whitelist CVE-2014-9278Steve Sakoman2020-11-111-0/+4
| | | | | | | | | | | | | The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended authentication requirements that would force a local login. Whitelist the CVE since this issue is Redhat specific. Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Add c_rehash to misc package and add perl runtime dependencyFederico Pellegrin2020-11-111-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | The following changes since commit f075071761172c69f8ae2be5868d51ef9ef646e7: conf: update for release 3.2 (2020-11-09 13:16:13 +0000) are available in the Git repository at: git://push.yoctoproject.org/poky-contrib fedepell/bug14083 Federico Pellegrin (1): openssl: Add c_rehash to misc package and add perl runtime dependency c_rehash implemented in perl is back (in history was moved to shell for some time), so handle it inside the -misc package so just that one will carry the heavy runtime dependency on perl and not the whole openssl package. Note: in misc there were already before a few perl files (tsget.pl and CA.pl) so the added perl dependency will fix those too. [YOCTO #14083] Signed-off-by: Federico Pellegrin <fede@evolware.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iproute2: upgrade 5.8.0 -> 5.9.0zangrc2020-11-112-26/+1
| | | | | | | | 0001-devlink.c-add-missing-include.patch Removed since this is included in 5.9.0. Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: upgrade 9.3.1 -> 9.3.2Yi Zhao2020-11-081-1/+1
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: install dhcpcd to /sbin rather than /usr/sbinYi Zhao2020-11-083-3/+4
| | | | | | | | | The dhcpcd path is hardcoded to /sbin in ifupdown package. Move dhcpcd from /usr/sbin to /sbin to make sure ifup/ifdown can find it when dhcpcd as the dhcp client backend. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* connman: set service to conflict with systemd-networkdYi Zhao2020-11-082-0/+30
| | | | | | | | Do not run systemd-networkd and connman simultaneously. These two network managers may conflict with each other. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: use odd-even version scheme for updatesAlexander Kanavin2020-11-081-1/+1
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* nfs-utils: upgrade 2.5.1 -> 2.5.2Alexander Kanavin2020-11-032-36/+11
| | | | | | | Drop chunks from clang-warnings.patch that are merged upstream. Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: upgrade 1.1.1g -> 1.1.1hAlexander Kanavin2020-11-031-1/+1
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: upgrade 8.3p1 -> 8.4p1Alexander Kanavin2020-11-031-1/+1
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libuv: upgrade 1.39.0 -> 1.40.0Alexander Kanavin2020-11-031-1/+1
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iw: upgrade 5.8 -> 5.9Alexander Kanavin2020-11-031-2/+1
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: upgrade 9.2.0 -> 9.3.1Alexander Kanavin2020-11-031-1/+1
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* resolvconf: do not install dhclient hooksYi Zhao2020-10-311-1/+1
| | | | | | | | | Do not install the dhclient hooks /etc/dhcp/dhclient-enter-hooks.d/resolvconf because the dhclient has been removed from oe-core. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: update to 5.55Chee Yang Lee2020-10-311-2/+2
| | | | | | | | Release note: https://github.com/bluez/bluez/commit/5a180f2ec9edfacafd95e5fed20d36fe8e077f07 Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: fix some unresponsive homepages and bugtracker linksMaxime Roussin-Bélanger2020-10-302-2/+2
| | | | | | | remove some extra whitespaces Signed-off-by: Maxime Roussin-Bélanger <maxime.roussinbelanger@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: add init scriptsakuster2020-10-175-1/+174
| | | | | | | | | | | | | | | | [ Yocto # 14074 ] Add init scripts for dhcp4,6 and ddns Signed-off-by: Armin kuster <akuster808@gmail.com> -- V2] remove 'status' from usage add patch to fix ps -p in keactrl.in Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: add PACKAGECONFIG for ntp/chrony/ypbind hooksYi Zhao2020-10-171-0/+8
| | | | | | | | | By default, the dhcpcd will search ntp/chrony/ypbind in host path when configuring and install the hooks once it find them. Add PACKAGECONFIG for these hooks to avoid the host contamination. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: upgrade 9.16.5 -> 9.16.7zangrc2020-09-3010-1/+1
| | | | | Signed-off-by: Zang Ruochen <zangrc.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssh: Allow enable/disable of rng-tools recommendation on sshdOtavio Salvador2020-09-251-2/+8
| | | | | | | | | We are adding a new PACKAGECONFIG option ('rng-tools') to control if we wish the openssh-sshd to RRECOMMENDS the 'rng-tools' package. We are enabling it by default so there is no behavior change. Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: set service to conflict with connmanYi Zhao2020-09-242-0/+2
| | | | | | | | | As the default network manager, connman has its own internal DHCP implement. If run dhcpcd and connman simultaneously, they may conflict with each other. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ssh-pregen-hostkeys: Add a recipe with pregenerated ssh host keysRichard Purdie2020-09-238-0/+76
| | | | | | | | | | Host keys are getting bigger and taking an ever increasing amount of time to generate. Whilst we do need to test that works, we don't need to test it in every image. Add a recipe which can be added to images with pre-generated keys, allowing us to speed up tests on the autobuilder where it makes sense to. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: add dhcpcd user to support priviledge separationYi Zhao2020-09-231-1/+7
| | | | | | | | The dhcpcd enables privsep by default. It requires a user added to the system. Add dhcpcd user and group to support it. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: set --runstatedir to /runYi Zhao2020-09-232-1/+2
| | | | | | | Set --runstatedir to /run/dhcpcd rather than /var/run/dhcpcd Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: pass --dbdir to EXTRA_OECONF to set database directoryYi Zhao2020-09-231-1/+3
| | | | | | | | Set --dbdir to /var/lib/dhcpcd rather than /var/db/dhcpcd to satisfy FHS compliance Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: fix conflict between multilibsKai Kang2020-09-232-0/+56
| | | | | | | | | | | | | | | | There are conflict of config files between kea and lib32-kea: | Error: Transaction test error: | file /etc/kea/kea-ctrl-agent.conf conflicts between attempted installs of lib32-kea-1.7.10-r0.core2_32 and kea-1.7.10-r0.core2_64 | file /etc/kea/kea-dhcp4.conf conflicts between attempted installs of lib32-kea-1.7.10-r0.core2_32 and kea-1.7.10-r0.core2_64 Because they are all commented out, replace the expanded libdir path with '$libdir' in the config files to avoid conflict. Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: remove -r option for rndc-confgenMingli Yu2020-09-212-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The named service fail to start as below: # systemctl status named.service named.service - Berkeley Internet Name Domain (DNS) Loaded: loaded (/lib/systemd/system/named.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Wed 2020-09-16 06:07:49 UTC; 9s ago Process: 134206 ExecStartPre=/usr/sbin/generate-rndc-key.sh (code=exited, status=1/FAILURE) Sep 16 06:07:49 intel-x86-64 systemd[1]: Starting Berkeley Internet Name Domain (DNS)... Sep 16 06:07:49 intel-x86-64 generate-rndc-key.sh[134206]: Generating /etc/bind/rndc.key: Sep 16 06:07:49 intel-x86-64 generate-rndc-key.sh[134207]: rndc-confgen: The -r option has been deprecated. Sep 16 06:07:49 intel-x86-64 generate-rndc-key.sh[134208]: chown: cannot access '/etc/bind/rndc.key': No such file or directory Sep 16 06:07:49 intel-x86-64 generate-rndc-key.sh[134209]: chmod: cannot access '/etc/bind/rndc.key': No such file or directory Sep 16 06:07:49 intel-x86-64 systemd[1]: named.service: Control process exited, code=exited, status=1/FAILURE Sep 16 06:07:49 intel-x86-64 systemd[1]: named.service: Failed with result 'exit-code'. Sep 16 06:07:49 intel-x86-64 systemd[1]: Failed to start Berkeley Internet Name Domain (DNS). It is because fail to execute "/usr/sbin/generate-rndc-key.sh" as -r is deprecated since bind 9.13.x and the random function changes in [1], so remove -r option to fix the above issue. DNSSEC validation is now active by default after bind upgrade to 9.16.x, but it is not in 9.11.x. So disable DNSSEC validation explicitly to silence below message. Sep 18 03:21:37 intel-x86-64 named[23272]: managed-keys-zone: Unable to fetch DNSKEY set '.': timed out [1]: https://gitlab.isc.org/isc-projects/bind9/-/commit/3a4f820d625c214cfb21f5e6d18ce9160d2a193b Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: create /var/lib/kea and /var/run/kea folderMingli Yu2020-09-212-1/+41
| | | | | | | | | | | | | | | | | Create /var/lib/kea and /var/run/kea folder if they don't exist to fix below error: # keactrl start INFO/keactrl: Starting /usr/sbin/kea-dhcp4 -c /etc/kea/kea-dhcp4.conf INFO/keactrl: Starting /usr/sbin/kea-dhcp6 -c /etc/kea/kea-dhcp6.conf INFO/keactrl: Starting /usr/sbin/kea-ctrl-agent -c /etc/kea/kea-ctrl-agent.conf Unable to use interprocess sync lockfile (No such file or directory): /var/run/kea/logger_lockfile Service failed: Launch failed: Unable to open PID file '/var/run/kea/kea-ctrl-agent.kea-ctrl-agent.pid' for write [snip] ERROR [kea-dhcp4.dhcp4/615.140641792751488] DHCP4_CONFIG_LOAD_FAIL configuration error using file: /etc/kea/kea-dhcp4.conf, reason: Unable to open database: unable to open '/var/lib/kea/kea-leases4.csv' [snip] Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dropbear/openssh: Lower priority of key generationRichard Purdie2020-09-201-0/+1
| | | | | | | | | | | | | Where we have images with PAM+systemd, serial login can be extremely slow. The load generated by key generation does slow down the rest of the boot process. Lower the priority level of these systemd services, since we'd prefer to have the rest of the system boot more effectively. This doesn't "solve" the slow systemd boot issues but does help. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Inherit update-alternativesKhem Raj2020-09-141-1/+1
| | | | | | | | | We are setting u-a for nslookup and it won't work unless we inherit this class Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Andrey Zhizhikin <andrey.z@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: 9.1.4 -> 9.2.0Kai Kang2020-09-113-4/+40
| | | | | | | | | | Upgrade dhcpcd from 9.1.4 to 9.2.0. And add systemd services files dhcpcd.service and dhcpcd@.service from Fedora: https://src.fedoraproject.org/rpms/dhcpcd/tree/master Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: bump to 1.7.10Ross Burton2020-09-052-37/+1
| | | | | | | | | This is the latest release in the 1.7.x series so should be a safe upgrade, and means we can drop a patch as the AC_TRY_RUN has an optimistic fallback for cross-compiling now. Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: don't use PACKAGECONFIG inappropriatelyRoss Burton2020-09-051-6/+6
| | | | | | | | | | | | The Kea recipe has PACKAGECONFIG options for boost, openssl, and log4cplus. However, these are not optional but mandatory dependencies. Remove the PACKAGECONFIGs and replace with explicit DEPENDS and EXTRA_OECONF. Also the RDEPENDS in the PACKAGECONFIGs are redundant as the library dependencies are generated correctly. Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: no need to depend on kea-nativeRoss Burton2020-09-051-8/+2
| | | | | | | | | | | | | kea-msg-compiler is only needed if you alter the messages and the generated sources need to be rebuilt. When this is the case, there are better ways to build kea-msg-compiler that don't involve building all of Kea. Don't depend on kea-native, remove BBCLASSEXTEND=native, and the target overrides. Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* resolvconf: upgrade 1.82 -> 1.83Alexander Kanavin2020-09-031-1/+1
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* libuv: upgrade 1.38.1 -> 1.39.0Alexander Kanavin2020-09-031-1/+1
| | | | | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: 9.11 removeakuster2020-09-0211-747/+0
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bind: Add 9.16.xakuster2020-09-0210-0/+701
| | | | | | | | | | | | | | | | | | | | Removed obsolete packageconfig options License change to MPL-2.0 https://gitlab.isc.org/isc-projects/bind9/blob/master/LICENSE Refreshed: bind-ensure-searching-for-json-headers-searches-sysr.patch 0001-named-lwresd-V-and-start-log-hide-build-options.patch bind-ensure-searching-for-json-headers-searches-sysr.patch Drop obsolete patch: 0001-configure.in-remove-useless-L-use_openssl-lib.patch RP: Dropped the multilib scripts handling as those scripts are no longer present in this version. Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcp: remove from coreakuster2020-09-0223-1092/+0
| | | | | | | update maintainers.inc too Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* dhcpcd: Move from meta-network as OE-Core needs a clientakuster2020-09-022-0/+73
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* kea: Move from meta-networkingakuster2020-09-025-0/+140
| | | | | Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* iw: upgrade 5.4 -> 5.8Changhyeok Bae2020-09-021-2/+2
| | | | | Signed-off-by: Changhyeok Bae <changhyeok.bae@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* bluez5: fix builds that require ell supportPeter A. Bigot2020-08-261-2/+2
| | | | | | | | | | | | | | | | Shortly after the recipe was updated to add ell as a mesh dependency the way ell was integrated into bluez5 was changed. BlueZ requires ell only for mesh and for btpclient (external test programs). It will be ignored unless either mesh or btpclient are selected. ell can be supplied externally, or it can be copied into the bluez build directory from an existing sibling source directory. Since bitbake builds do not provide a sibling source directory tell bluez to look for it as an external library in the conditions where it's required. Signed-off-by: Peter A. Bigot <pab@pabigot.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>