Commit Graph

43099 Commits

Author SHA1 Message Date
Bernd Kuhls
3c85e9044b package/samba4: bump version to 4.9.2
Release notes: https://www.samba.org/samba/history/samba-4.9.2.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-08 22:17:20 +01:00
Fabrice Fontaine
92c32d3890 wireshark: disable build of user guide
--disable-guides has been added since version 2.5.0:
aa04d2355e

Fixes:
 - http://autobuild.buildroot.org/results/5ae6d46573942713687f4e659b3eaf0b768ebc71

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-08 22:16:05 +01:00
Peter Seiderer
0c15a3e82e ell: new package
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Thomas: fix Config.in comment dependencies, add DEVELOPERS entry.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:39:57 +01:00
Grzegorz Blach
5244fd29a1 support/testing: add test for the f2fs filesystem support
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:17:51 +01:00
Grzegorz Blach
3946f74b00 fs/f2fs: simplify overprovision option handling
Setting overprovision to 0 and omitting this option has exactly
the same effect.

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:17:49 +01:00
Grzegorz Blach
25076c94c0 fs/f2fs: add option to define list of hot file extensions
Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:07:40 +01:00
Grzegorz Blach
c3159a2d14 fs/f2fs: clarify help messages
For BR2_TARGET_ROOTFS_F2FS_COLD_FILES clarify that extension list must
be a coma separated.

For BR2_TARGET_ROOTFS_F2FS_OVERPROVISION clarify that the default
overprovision ratio is autocalculated according to the partition size.

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:06:27 +01:00
Asaf Kahlon
74804a6311 python-crossbar: bump to version 18.11.1
Adjust patch to fit the new version.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:05:10 +01:00
Asaf Kahlon
83c19a40c0 python-autobahn: bump to version 18.11.1
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:04:59 +01:00
Christian Stewart
0d4150a804 package/v4l2loopback: bump version to 0.12.0
Add license hash for COPYING file.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:03:21 +01:00
Christian Stewart
b869212d0c go: bump to v1.11.2
Bumps Golang host-go compiler to 1.11.2 release.

Add hash for LICENSE.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:02:06 +01:00
Christian Stewart
1aee7cc5a0 DEVELOPERS: add Christian Stewart for go
I am now maintaining / submitting regular patches for the Go toolchain as well.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:01:27 +01:00
Fabrice Fontaine
112667fd12 qt: disable static build for qt-zlib
Static build of applications using qt-zlib and zlib (such as mpv) will
fail because zlib and qt-zlib defines the same functions (inflateReset,
inflatePrime ...)

So add a dependency on !BR2_STATIC_LIBS on BR2_PACKAGE_QT_QTZLIB

Fixes:
 - http://autobuild.buildroot.org/results/0be6e359d46a8a701006305c32b514687854b035

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 21:00:49 +01:00
Peter Korsgaard
f680e57e48 postgresql: security bump to version 11.1
Fixes the following security issue:

CVE-2018-16850: SQL injection in pg_upgrade and pg_dump, via CREATE TRIGGER
...  REFERENCING

For more details, see the advisory:

https://www.postgresql.org/about/news/1905/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 20:55:19 +01:00
Asaf Kahlon
745132abc0 python-requests: bump to version 2.20.1
Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-08 20:54:53 +01:00
Thomas Petazzoni
b1c59c3027 package/alsa-lib: update upstream status of patches
The remaining two patches have been submitted upstream for inclusion,
so let's update their upstream status.

While at it, I update @free-electrons.com to @bootlin.com in the first
patch.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-07 23:47:40 +01:00
Thomas Petazzoni
fa627bacc2 package/alsa-lib: drop patch 0002-alsa-lib-provide-dummy-definitions-of-RTLD_-if-neces.patch
The description of this patch was no longer correct: it no longer
provided dummy definitions of RTLD_* macros since commit
ccad7db515 ("alsa-lib: bump to version
1.1.6"). All it did is make two <dlfcn.h> inclusions optional.

However, this is no longer needed, since the alsa-lib code base
contains four inclusions of <dlfcn.h>, which are all properly handled:

 - include/local.h, the include is guarded by #ifdef HAVE_LIBDL

 - modules/mixer/simple/sbasedl.c, modules are only built if
   BUILD_MODULES is enabled, and BUILD_MODULES is only enabled if
   HAVE_LIBDL is enabled

 - src/mixer/simple_abst.c, this file is only built if BUILD_MODULES
   is enabled, which itself is only enabled if HAVE_LIBDL is enabled

 - src/pcm/pcm_meter.c, this file is only built if
   BUILD_PCM_PLUGIN_METER is enabled, and this is not enabled if
   HAVE_LIBDL is not enabled.

Conclusion: the patch can be dropped. The third patch is renumbered as
appropriate.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-07 23:47:11 +01:00
Thomas Petazzoni
dc717ce339 package/alsa-utils: re-enable in BR2_STATIC_LIBS configuration
In commit 4707383c5d ("alsa-utils: needs
dynamic library support"), we added a !BR2_STATIC_LIBS dependency
because topology/topology.c was including <dlfcn.h>.

However, it turns out that this include is not needed/used at all, so
we can instead drop it, and re-enable the package in BR2_STATIC_LIBS
configuration.

This was discovered when analyzing why we have
package/alsa-lib/0003-alsa-lib-conditionally-enable-libdl-in-AM_PATH_ALSA-.patch. This
patch fixes the AM_PATH_ALSA autoconf macro, used by alsa-utils, so
that ALSA_LIBS doesn't carry the -ldl option, fixing static-linking
scenarios. This patch had become useless since alsa-utils was no
longer available in BR2_STATIC_LIBS configuration.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-07 23:46:33 +01:00
Sumit Garg
2e6adf5258 fwts: Enable optional efi_runtime kernel module build
Firmware test suite does provides efi_runtime kernel module required
to run UEFI tests. So optionally enable this module build.

[Peter: fix -/_ in comment as suggested by Erico]
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Erico Nunes <nunes.erico@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-07 23:16:27 +01:00
Daniel Fahlgren
1182a8baef package/python-posix-ipc: enable also for python3
The python-posix-ipc package can be used both with python2 and python3.

Signed-off-by: Daniel Fahlgren <daniel@fahlgren.se>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-07 23:07:54 +01:00
Fabrice Fontaine
406f70416e bdwgc: update bdw-gc.pc to fix link with guile
When bdw-gc is linked with libatomic_ops, bdw-gc.pc must contain the
needed libraries (such as -latomic_ops) otherwise build of applications
such as guile will fail on link stage:

.libs/libguile_2.0_la-posix.o: In function `scm_tmpnam':
posix.c:(.text+0x2080): warning: the use of `tmpnam' is dangerous, better use `mkstemp'
  CCLD     guile
/home/buildroot/autobuild/run/instance-2/output/host/arm-buildroot-linux-gnueabi/sysroot/usr/lib/libgc.so: undefined reference to `AO_fetch_compare_and_swap_emulation'
/home/buildroot/autobuild/run/instance-2/output/host/arm-buildroot-linux-gnueabi/sysroot/usr/lib/libgc.so: undefined reference to `AO_store_full_emulation'

So set ATOMIC_OPS_LIBS to -latomic_ops when a system atomic_ops library
is used and use ATOMIC_OPS_LIBS in bdw-gc.pc.in

Fixes:
 - http://autobuild.buildroot.org/results/2b23d445e57a5e0f417f5cb9417b0a668bb7bf1c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-07 23:06:32 +01:00
Peter Korsgaard
955df7463b bind: security bump to version 9.11.5
Fixes the following security issues:

- CVE-2018-5738: Some versions of BIND can improperly permit recursive query
  service to unauthorized clients

- CVE-2018-5740: A flaw in the "deny-answer-aliases" feature can cause an
  INSIST assertion failure in named

For more details, see the release notes:

https://ftp.isc.org/isc/bind9/9.11.5/RELEASE-NOTES-bind-9.11.5.html

Drop patch 0003-Rename-ptrsize-to-ptr_size.patch as the uClibc-ng issue was
fixed upstream in commit 931fd627f6195 (mips: fix clashing symbols), which
is included in uclibc-1.0.12 (January 2016).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-07 23:04:06 +01:00
Carlos Santos
3da9d6f988 DEVELOPERS: take aer-inject
Tiago is leaving the company and is unlikely to have access to the hardware
required to test the package.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-07 22:23:54 +01:00
Sébastien Szymanski
ee6217d52b package/mmc-utils: add patch to fix build failure
Patch taken from:
 - https://patchwork.kernel.org/patch/10654531/

Fixes:
 - http://autobuild.buildroot.net/results/404bfbd095a7b80273391ea36ea81ba496164b80
 - http://autobuild.buildroot.net/results/233ef5c00951b5be10a59408f4a8781ecc658d74
 - http://autobuild.buildroot.net/results/eba3cf4ac21095bca5af2d5d1d69aca0c9098f9b

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-07 22:21:02 +01:00
Sergio Prado
49dd099650 traceroute: fix 'no rule to make target -lm' error
Fix the following build error:

make[3]: *** No rule to make target '-lm', needed by 'traceroute'.

Fixes:
http://autobuild.buildroot.org/results/dde63672e1de1d4ba036331ab127ccc8ff044444
http://autobuild.buildroot.org/results/4efb67e6a29c3dd784676d30a1051f9f0c2a6c80
http://autobuild.buildroot.org/results/7ac23a3959aec22297695899c0f76dbbc4e114d3
And many more...

As explained by Arnout, this happens when host-make is built (E.G.  when
glibc is built on a machine with an old make version) because the traceroute
Makefiles have a target with a dependency on -lm, and make automatically will
look in make's $prefix/lib directory for libm.so / libm.a to satisfy this
dependency.  From the make info pages:

   When a prerequisite's name has the form '-lNAME', 'make' handles it
specially by searching for the file 'libNAME.so', and, if it is not
found, for the file 'libNAME.a' in the current directory, in directories
specified by matching 'vpath' search paths and the 'VPATH' search path,
and then in the directories '/lib', '/usr/lib', and 'PREFIX/lib'
(normally '/usr/local/lib', but MS-DOS/MS-Windows versions of 'make'
behave as if PREFIX is defined to be the root of the DJGPP installation
tree).

Our host-make is configured with prefix=$(HOST_DIR), and $(HOST_DIR)/lib
does not contain libm.so / libm.a, causing make to error out.

Work around it by pointing VPATH to $(STAGING_DIR)/usr/lib, so make will
find the (target) libm.so / libm.a.

[Peter: extend description based on Arnouts investigation]
Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-07 22:09:38 +01:00
Fabrice Fontaine
7cd1baf25b wireshark: add snappy optional dependency
- Optional dependency to snappy has been added with version 2.4.0 and
  47649d1c7f
- Specify the path to found libssh as this is done for other options

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2018-11-07 00:21:36 +01:00
Fabrice Fontaine
1ac4950382 wireshark: add lz4 optional dependency
- Optional dependency to lz4 has been added with version 2.4.0 and
  47649d1c7f
- Specify the path to found lz4 as this is done for other options

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2018-11-07 00:21:21 +01:00
Fabrice Fontaine
55ae4bc4d3 wireshark: add bcg729 optional dependency
- Optional dependency to bcg729 has been added with version 2.5.0 and
  3e54cabf81
- Specify the path to found bcg729 as this is done for other options

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2018-11-07 00:14:04 +01:00
Fabrice Fontaine
c859af7c83 wireshark: add nghttp2 optional dependency
- Embedded nghttp2 code has been removed and an optional dependency to
  nghttp2 has been added with version 2.4.0 and
  b1cc056b12
- Specify the path to found nghttp2 as this is done for other options

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2018-11-07 00:13:34 +01:00
Fabrice Fontaine
7d7d57560c wireshark: add libxml2 optional dependency
Optional dependency to libxml2 has been added with version 2.4.0 and
cfab5ef035

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2018-11-07 00:13:18 +01:00
Fabrice Fontaine
72bafd5e45 wireshark: bump to version 2.6.4
- Remove first patch (inet_pton test removed since version 2.5.0 and
  12d63c428f)
- Remove second patch (already in version, since
  3761ef3785)
- Remove WIRESHARK_AUTORECONF=yes as configure.ac is not patched anymore
- gcrypt is a mandatory dependency since version 2.4.0 and
  6b84ddee83
- geoip support has been replaced by maxminddb since version 2.5.0 and
  a1da75c554
- Drop includedir "hack", this is not needed anymore and wireshark is
  now installing files in target. With this hack, build fails on:
  wireshark: installs files in /home/fabrice/buildroot/output/target//home/fabrice/buildroot/output
  package/pkg-generic.mk:310: recipe for target '/home/fabrice/buildroot/output/build/wireshark-2.6.4/.stamp_target_installed' failed
- Disable all new optional features

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Arnout: keep optional dependencies alphabetic on Config.in name;
         add comment of libgcrypt -> libgpg-error dependency.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2018-11-07 00:10:29 +01:00
Romain Naour
a75ee0e812 Config.in: security hardening: disable FORTIFY_SOURCE for gcc < 6
As reported in the bug report [1], gcc < 6 doesn't build when
FORTIFY_SOURCE is set to 1 or 2. The issue is related to the
upstream bug report [2] but the patch fixing the issue for gcc 6
has not been backported to earlier gcc versions.

Add a dependency on gcc at least version 6 to BR2_FORTIFY_SOURCE_1
and BR2_FORTIFY_SOURCE_2.

[1] https://bugs.busybox.net/show_bug.cgi?id=11476
[2] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164
[3] 55f12fce4c

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
[Peter: only limit for internal toolchain as suggested by Matthew]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-06 08:54:25 +01:00
Peter Korsgaard
7a3f85ddff ifupdown-script: send current hostname in DHCP request
For the default (BR2_SYSTEM_DHCP) /etc/network/interfaces handling.

Both the "big" and busybox ifupdown variants pass the hostname argument to
the DHCP client through the shell, so we can use $() to expand to the
current hostname value.

Notice that this may not be handled by all DHCP clients.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-05 23:20:55 +01:00
Fabrice Fontaine
16db3937c0 ngrep: fix static build
Commit 54eeb08d64 wrongly replaced
`$(STAGING_DIR)/usr/bin/pcap-config --static --additional-libs` by
"$(STAGING_DIR)/usr/bin/pcap-config --static --additional-libs"

Fixes:
 - http://autobuild.buildroot.org/results/3dd8c768beef075494d6be7eff4cbb57b5ec8a41

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-05 23:18:28 +01:00
Adrian Perez de Castro
6a982d037b webkitgtk: disable JIT usage on MIPS32 R6
Currently JavaScriptCore does not support JIT on MIPS32 R6, so remove
it from the list of supported architectures. Reported upstream:

  https://bugs.webkit.org/show_bug.cgi?id=191258

This fixes the following autobuilder failure:

  http://autobuild.buildroot.net/results/eeaf3edbf6f5bf468b10adc3d053f703c6ceba96/

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2018-11-05 23:14:33 +01:00
Bernd Kuhls
0f9a6eb790 package/ffmpeg: bump version to 3.4.5
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-04 22:36:13 +01:00
Bernd Kuhls
79cc6caae4 package/tor: bump version to 0.3.4.9
Release notes: https://blog.torproject.org/new-release-tor-0349

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-04 22:35:51 +01:00
Fabrice Fontaine
100ba8351c package/ngrep: add optional dependency on libdnet
- Enable tcpkill based on libnet availability
- Add BSD-3-Clause for tcpkill, added in version 1.46 and
  f2a1f8b091

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-04 21:31:50 +01:00
Fabrice Fontaine
54eeb08d64 package/ngrep: bump to version 1.47
- Switch site from sourceforge to github as there is no new releases on
  sourceforge and http://ngrep.sourceforge.net/ is redirected to
  https://github.com/jpr5/ngrep/
- Remove first patch, not needed since version 1.46 and
  997c9d81d3
  as this commit added the support for system pcre
- Remove second patch, not needed since version 1.46 and
  2d8fd9ac7e
- Remove third patch and LIBS=-lpcap -lpcre, not needed since 1.46 and
  cca6e3121f
- LICENSE.txt has been renamed to LICENSE since version 1.47 and
  3cb4c580a9
- Add an upstream patch to fix --enable-pcre: keep pcre as a mandatory
  dependency as this is the current behavior in version 1.45. PCRE will
  made optional in an other patch
- Remove --with-pcre which is not recognized anymore
- Add two other patches to fix --disable-tcpkill
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-04 21:31:47 +01:00
Fabrice Fontaine
8b575ffd1b libssh2: fix static linking scenarios involving mbedtls
curl can be statically linked with mbedtls, in this case build will fail
on:
kex.c:(.text+0x1be0): undefined reference to `mbedtls_mpi_read_binary'

This is due to the fact that CURL_LIBRARIES does not contain mbedtls
library:
CURL_LIBRARIES:INTERNAL=curl;cares;ssh2;ssh2;z;ssl;crypto;z;z;crypto;z;z;ssl;z;z;crypto;z

even if libcurl.pc is correct:
Libs.private: -lcares -lssh2 -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lssh2 /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lz -lssl -lcrypto -lssl -lz -lz -lcrypto -lz -lz

This full library path is added by patch
0002-acinclude.m4-add-mbedtls-to-LIBS.patch on libssh2 so update it to
replace $LIBMBDEDCRYPTO by -lmbedcrypto

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-04 21:28:29 +01:00
Fabrice Fontaine
ac21b43f32 Revert "package/libssh2: fix static linking scenarios involving mbedtls"
This reverts commit 48218732a3 because
LTLIBMBEDCRYPTO will return "-lmbedcrypto
-R/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib"

On some compilers, -R option won't be recognized and this will prevent
the detection of libz:

configure:17809: /accts/mlweber1/scripts/instance-3/output/host/bin/i586-linux-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -Os   -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -I/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/include  conftest.c /accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib/libz.so -Wl,-rpath -Wl,/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib  -L/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib -lmbedcrypto -R/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib >&5
i586-linux-gcc.br_real: error: unrecognized command line option '-R'; did you mean '-R'?

Fixes:
 - http://autobuild.buildroot.org/results/68623f22b49473177c889fe7b12625d779cbd1ed

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-04 21:28:26 +01:00
Romain Naour
435613ef29 toolchain: disable SSP support if CFI support in binutils is missing
As reported by [1], SSP support is missing in the Buildroot toolchain
for microblaze even if it's requested by selecting
BR2_TOOLCHAIN_HAS_SSP config option.

In Buildroot, we are using libssp provided by the C library (glibc,
musl, uClibc-ng) when available. We are not using libssp from gcc.

So for a microblaze glibc based toolchain, the SSP support is enabled
unconditionally by a select BR2_TOOLCHAIN_HAS_SSP.

BR2_microblazeel=y
BR2_TOOLCHAIN_BUILDROOT_GLIBC=y
BR2_KERNEL_HEADERS_4_14=y
BR2_BINUTILS_VERSION_2_30_X=y
BR2_GCC_VERSION_8_X=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y

While building the toolchain, we are building host-binutils which
provide "as" (assembler) and host-gcc-initial wich provide a
minimal cross gcc (C only cross-compiler without any C library).
When SSP support is requested, gcc_cv_libc_provides_ssp=yes is
added to the make command line (see [2] for full details)

With this setting, the SSP support is requested but it's not available
in the end and the toochain build succeed.

When the microblaze toolchain is imported to Biuldroot (2018.05) as
external toolchain with BR2_TOOLCHAIN_EXTERNAL_HAS_SSP set, the build
stop with :
"SSP support not available in this toolchain, please disable BR2_TOOLCHAIN_EXTERNAL_HAS_SSP"

The test is doing the following command line:

echo 'void main(){}' | [...]/host/bin/microblazeel-linux-gcc.br_real -Werror -fstack-protector -x c - -o [...]/build/.br-toolchain-test.tmp
cc1: error: -fstack-protector not supported for this target [-Werror]

When we look at the gcc-final log file (config.log) we can see this
error several time when using the minimal gcc (from host-gcc-initial).
So Why the minimal gcc doesn't support SSP?

When we look at the gcc-initial log file (config.log) we can see an
error with 'as':

configure:23194: checking assembler for cfi directives
configure:23209: [...]microblazeel-buildroot-linux-gnu/bin/as    -o conftest.o conftest.s >&5
conftest.s: Assembler messages:
conftest.s:2: Error: CFI is not supported for this target
conftest.s:3: Error: CFI is not supported for this target
conftest.s:4: Error: CFI is not supported for this target
conftest.s:5: Error: CFI is not supported for this target
conftest.s:6: Error: CFI is not supported for this target
conftest.s:7: Error: CFI is not supported for this target
configure:23212: $? = 1
configure: failed program was
    .text
    .cfi_startproc
    .cfi_offset 0, 0
    .cfi_same_value 1
    .cfi_def_cfa 1, 2
    .cfi_escape 1, 2, 3, 4, 5
    .cfi_endproc

This is the only relevant difference compared to a nios2 toolchain where
libssp is enabled and available (nios2 is an example).

"CFI" stand for "Control Flow Integrity" and it seems that SSP support
requires CFI target support (see [3] for some explanation).

The SSP support seems to depends on CFI support, but the toolchain
infrastructure is not detailed enough to handle the CFI dependency.

The NiosII toolchains built with binutils < 2.30 are also affected by
this issue.

This patch improve the toolchain infrastructure by adding a new
BR2_PACKAGE_HOST_BINUTILS_SUPPORTS_CFI blind option

Disable SSP support for microblaze entirely.
Disable SSP support for nios2 only with Binutils < 2.30.

Fixes:
https://gitlab.com/free-electrons/toolchains-builder/-/jobs/72006389

[1] https://gitlab.com/free-electrons/toolchains-builder/issues/1
[2] https://git.buildroot.net/buildroot/tree/package/gcc/gcc.mk?h=2018.05#n275
[3] https://grsecurity.net/rap_faq.php

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Thomas: adjust how the BR2_PACKAGE_HOST_BINUTILS_SUPPORTS_CFI option
is expressed.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-04 12:49:25 +01:00
Bernd Kuhls
03d52226e2 package/php: add support for PostgreSQL (non-PDO)
Needed for example for phppgadmin.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: add missing BR2_USE_WCHAR dependency.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-04 11:42:05 +01:00
Carlos Santos
0d03c33f22 package/audit: bump to version 2.8.4
Fix a segfault in auditd when dns resolution isn't available. Additional
changes since 2.8.2 can be seen at

    http://people.redhat.com/sgrubb/audit/ChangeLog

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-03 22:22:49 +01:00
Carlos Santos
2c828ed72f linux: enable CONFIG_AUDIT if the audit package is selected
We already turn on kernel features for several packages, so let's do it
for audit too, since the daemon is useless and fails to load otherwise.

Notice that we also turn NET on, since AUDIT depends on NET, like we do
for the wireguard package.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-03 22:22:05 +01:00
Carlos Santos
6fe5fe4c4d package/audit: ensure that it starts after the logging daemon
audit uses syslog(). Rename its init script to S02auditd to ensure that
it will start after syslogd. Otherwise the initial log messages will be
sent to the console (and probably lost, since almost nobody watches the
system console on embedded systems).

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-03 22:21:53 +01:00
Carlos Santos
4be494b804 package/audit: fix audispd path in auditd.conf
audispd is installed at /usr/sbin but the configuration file pointed
to /sbin, causing auditd to fail on startup.

This patch cannot be sent upstream because audispd does not exist
anymore on the master branch (it was merged to auditd).

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-03 22:21:31 +01:00
Fabrice Fontaine
48218732a3 package/libssh2: fix static linking scenarios involving mbedtls
curl can be statically linked with mbedtls, in this case build will
fail on:
kex.c:(.text+0x1be0): undefined reference to `mbedtls_mpi_read_binary'

This is due to the fact that CURL_LIBRARIES does not contain mbedtls
library:
CURL_LIBRARIES:INTERNAL=curl;cares;ssh2;ssh2;z;ssl;crypto;z;z;crypto;z;z;ssl;z;z;crypto;z

even if libcurl.pc is correct:
Libs.private: -lcares -lssh2 -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lssh2 /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lz -lssl -lcrypto -lssl -lz -lz -lcrypto -lz -lz

This full library path is added by patch
0002-acinclude.m4-add-mbedtls-to-LIBS.patch on libssh2 so update it to
replace $LIBMBDEDCRYPTO by $LTLIBMBEDCRYPTO as suggested by Thomas
during review of https://patchwork.ozlabs.org/patch/989339

Fixes:
 - http://autobuild.buildroot.org/results/dc7810d5d5c62658837cdd2faae6fe3390f968a2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-03 22:16:36 +01:00
Bernd Kuhls
34743203e1 package/x11r7/xdriver_xf86-video-geode: add upstream commits to fix build errors
Fixes
http://autobuild.buildroot.net/results/a9b/a9baf6ecf147f336021edda20bb091b8aa071209/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-03 15:56:59 +01:00
Fabrice Fontaine
eceb09c3b8 package/wireshark: add libkrb5 optional dependency
Specify the path to found libkrb5 as this is done for other options

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-11-03 15:56:57 +01:00