package/audit: bump to version 2.8.4

Fix a segfault in auditd when dns resolution isn't available. Additional
changes since 2.8.2 can be seen at

    http://people.redhat.com/sgrubb/audit/ChangeLog

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

linux: enable CONFIG_AUDIT if the audit package is selected

We already turn on kernel features for several packages, so let's do it
for audit too, since the daemon is useless and fails to load otherwise.

Notice that we also turn NET on, since AUDIT depends on NET, like we do
for the wireguard package.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/audit: ensure that it starts after the logging daemon

audit uses syslog(). Rename its init script to S02auditd to ensure that
it will start after syslogd. Otherwise the initial log messages will be
sent to the console (and probably lost, since almost nobody watches the
system console on embedded systems).

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/audit: fix audispd path in auditd.conf

audispd is installed at /usr/sbin but the configuration file pointed
to /sbin, causing auditd to fail on startup.

This patch cannot be sent upstream because audispd does not exist
anymore on the master branch (it was merged to auditd).

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libssh2: fix static linking scenarios involving mbedtls

curl can be statically linked with mbedtls, in this case build will
fail on:
kex.c:(.text+0x1be0): undefined reference to `mbedtls_mpi_read_binary'

This is due to the fact that CURL_LIBRARIES does not contain mbedtls
library:
CURL_LIBRARIES:INTERNAL=curl;cares;ssh2;ssh2;z;ssl;crypto;z;z;crypto;z;z;ssl;z;z;crypto;z

even if libcurl.pc is correct:
Libs.private: -lcares -lssh2 -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lssh2 /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lz -lssl -lcrypto -lssl -lz -lz -lcrypto -lz -lz

This full library path is added by patch
0002-acinclude.m4-add-mbedtls-to-LIBS.patch on libssh2 so update it to
replace $LIBMBDEDCRYPTO by $LTLIBMBEDCRYPTO as suggested by Thomas
during review of https://patchwork.ozlabs.org/patch/989339

Fixes:
 - http://autobuild.buildroot.org/results/dc7810d5d5c62658837cdd2faae6fe3390f968a2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/x11r7/xdriver_xf86-video-geode: add upstream commits to fix build errors

Fixes
http://autobuild.buildroot.net/results/a9b/a9baf6ecf147f336021edda20bb091b8aa071209/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/wireshark: add libkrb5 optional dependency

Specify the path to found libkrb5 as this is done for other options

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libv4l: disable clang

For the time being, disable clang that is used to build BPF (in-kernel
bytecode machine) protocols.
Indeed, if an old version of clang is found on the host, it could be
used to build object files with a "None" architecture which will be
rejected by support/scripts/check-bin-arch

Fixes:
 - http://autobuild.buildroot.org/results/c18fb7f1ac81496db9c3a4e91ea028a26ca600b0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

uboot: bump to version 2018.09

Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs/Config.in: remove consecutive empty lines

This fixes the following check-package warning:

fs/f2fs/Config.in:51: consecutive empty lines

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

DEVELOPERS: add entry for fs/f2fs/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: add option to define list of filesystem features

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: split from the initial patch from Grzegorz]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: add option to define discard policy

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: split from the initial patch from Grzegorz]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: add option to define overprovision ratio

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: split from the initial patch from Grzegorz, reworded
Config.in help text]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: add option to define list of cold file extensions

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: split from the initial patch from Grzegorz]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: add support for creating a f2fs image

This patch makes possible to create rootfs image using f2fs
filesystem.

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas:
 - keep only the minimal functionality, as suggested by Yann E. Morin
 - use truncate -s instead of dd to create the initial empty image
   file, as suggested by Yann E. Morin]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/f2fs-tools: add host variant

Having a host variant of this package is useful to create f2fs
filesystem images.

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: add explicit --without-blkid and --without-selinux options,
following the review from Yann E. Morin.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/bdwgc: drop AUTORECONF = YES

Since commit 4e1dbd063d1f3ea7dfc95698320f6fd40139085d ("package/bdwgc:
bump to version 8.0.0"), we no longer have any patch that requires
autoreconf. In addition, the libtool shipped with the package seems to
no longer be bogus, because it builds perfectly fine without
autoreconf. Therefore, let's drop this autoreconf.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libv4l: add missing bpf_common.h header

Fixes [1] (for older toolchains not providing this header):

    CC       keytable.o
  In file included from bpf.h:26:0,
                   from keytable.c:37:
  ../../include/linux/bpf.h:12:10: fatal error: linux/bpf_common.h: No such file or directory
   #include <linux/bpf_common.h>
            ^~~~~~~~~~~~~~~~~~~~

[1] http://autobuild.buildroot.org/results/d22c0939eed4bc949f7eaeae7595d01ec45cc2cd

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-urllib3: bump to version 1.24.1

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

gcc: Don't mess with test-suite exclusion

We used to exclude GCC's test-suite for quite some time now
mostly for the sake of space reduction.

But:
 1. On each GCC version bump we need to revise that functionality
    as we need to accommodate changes in GCC sources and this
    couldn't be automated

 2. The space reduction is significant, but not huge. The two test
    suites together take up 290MB, out of 660MB total for GCC (each of
    them times two because there is the -initial and -final copy).
    However, whenever we build GCC, we also have kernel headers (about
    900MB) and a libc (e.g. glibc is 250MB). So at best, it saves less
    than 20%.

 3. It doesn't really save on build time either.
    Below are timings of 2 runs on my laptop:

    a) Vanilla master:
    --------------------->8---------------------
    time make host-gcc-final
    real 7m15.114s
    user 19m36.611s
    sys  2m26.927s
    --------------------->8---------------------

    b) master + testsuite:
    --------------------->8---------------------
    time make host-gcc-final
    real 7m59.860s
    user 20m21.668s
    sys  2m36.618s
    --------------------->8---------------------

    From figures above it's seen that difference is ~45 seconds
    or ~10%. On both host-gcc-initial and -final we may save ~1.5
    minutes... but these are not the only components we build and
    compared to a total toolchain build time IMHO it is not that
    much time to care especially traded for maintenance costs
    on GCC version bumps.

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
[Arnout: add explanation about size impact.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/davici: new package

This patch adds davici which is an alternative implementation of the
VICI client protocal used by Strongswan.  It targets better integration
with software stacks and uses a asynchronous, non-blocking API that can
be integrated in third-party main dispatching loops without the use of
threads.

Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
[Thomas: fix license, it's LGPL-2.1+, add entry in DEVELOPERS file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/wireshark: add lua optional dependency

- lua 5.3 or luajit is not supported
- Don't specify the path to find lua as pkgconfig is used for lua
  (this is not the case for the other options)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/wireshark: add libssh optional dependency

- Optional dependency to libssh has been added with version 2.2.1 and
  https://github.com/wireshark/wireshark/commit/d6da95231ee790fd884ca2a41fe59aa9b05ccde9
- Specify the path to found libssh as this is done for other options

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

utils/scanpypi: use archive file name to specify the extraction folder

Some packages have archive name that is different from package name.
For example websocket-client's archive name is websocket_client-*.tar.gz.
scanpypi expects the temporary extract folder to be:

/tmp-folder/BR-package-name/PyPI-packagename-and-version

In the case of websocket-client package the real extraction folder
will be different from the expected one because of the '_' in the
archive file name.

Use archive file name instead of package name to specify the extraction
folder. As the version is already part of this file, we don't need to
specify it.

Bonus: remove obsolete "return None, None" as the function doesn't return
anything. OSError class doesn't provide "message" member, so replace it
with "strerror".

Fixes:
https://bugs.busybox.net/show_bug.cgi?id=11251

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Reviewed-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/bdwgc: bump to version 8.0.0

- Remove first patch (already in version):
  https://github.com/ivmai/bdwgc/commit/7c13fb8fccdebfa4bf9a11abf6fa1619c5902828
- Remove second patch (already in version)
- Update license hash: Update header copyright (add Ivan Maidanski), see
  https://github.com/ivmai/bdwgc/commit/3bd265a64b612af9d906b73394f2adb161bd0dec

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

docs/manual: add external.desc to list of files needed for BR2_EXTERNAL

external.desc must be present when using a br2-external tree. The
documentation notes this later in the text, but the file is missing
from the initial overview of files.

Fixes bug #11481.

Signed-off-by: Philipp Wagner <mail@philipp-wagner.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/mkmakefile: make wrapper silent by default

Suppose we use Makefile wrapper and build some project out of
buildroot tree (O=...). A command like "make
busybox-all-external-deps" will output the string "uname 022 && make
..." to stdout before the usefull information. It pollutes stdout. At
the same time if we use the same command in the buildroot source-tree
then we don't get the additional output. This patch makes wrapper
silent by default. People who prefer to see more verbose output can
use V=1.

Signed-off-by: Serj Kalichev <serj.kalichev@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-tornado: bump version to 5.1.1

Add hash for the license file.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-pip: bump to version 18.1

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-django: select BR2_PACKAGE_PYTHON_SETUPTOOLS

The django-admin cli tool is loaded as entry point with pkg_resources,
which is provided by setuptools.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-cython: use full package name in .mk comment header

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

nfs-utils: add patch to fix build with glibc 2.28

Fixes:

  http://autobuild.buildroot.net/results/feb2b42028f7035f791db9cb76d07ead55d7733a/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/{mesa3d, mesa3d-headers}: bump version to 18.2.4

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/opencv3: fix build on sparc64 due to missing 64-bit Release_CompareAndSwap()

Fixes:

  http://autobuild.buildroot.org/results/d27fa3eb3ea600698571837981a3a15d556724ea

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/ltp-testsuite: fix build with glibc 2.28 or uclibc-ng 1.0.30

LTP fails to build 20180926 with both glibc 2.28 and uclibc-ng 1.0.30,
due error in m4 macro check:

In file included from /home/rclinux/rc-buildroot-test/scripts/instance-0/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/include/sys/stat.h:446:0,
                 from ../../../../include/tst_safe_macros.h:26,
                 from ../../../../include/tst_test.h:85,
                 from statx05.c:27:
/home/rclinux/rc-buildroot-test/scripts/instance-0/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/include/bits/statx.h:87:5: note: expected 'struct statx * restrict' but argument is of type 'struct statx *'
 int statx (int __dirfd, const char *__restrict __path, int __flags,
     ^~~~~
<builtin>: recipe for target 'statx01' failed
make[5]: *** [statx01] Error 1
<builtin>: recipe for target 'statx05' failed
make[5]: *** [statx05] Error 1

This patch requires to regenerate configure.

Fixes:
http://autobuild.buildroot.net/results/69566d0c728970a6dd6a793b08c5804df3cc00eb
http://autobuild.buildroot.net/results/3c53ddfaca70b490a401c9123602965f3803cd0a
http://autobuild.buildroot.net/results/8fb63f627a4ba55afea49ad0566064d20021889a
http://autobuild.buildroot.net/results/496a1b40d378eaca98e532c03afb47e5291427b3
http://autobuild.buildroot.net/results/47abceeda8044029b6d3200f3877d4d2c494202c

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Reported-by: Florian La Roche <F.LaRoche@pilz.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

bdwgc: add optional cplusplus support

Use CFLAGS_EXTRA to pass C and C++ flags in a single variable

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/postgresql: needs wchar

Upstream removed support for non-wchar toolchains:
https://github.com/postgres/postgres/commit/85feb77aa09cda9ff3e12cf95c757c499dc25343

Propagate the new dependency to other packages.

Fixes
http://autobuild.buildroot.net/results/b73/b73342a39167ed7f293224d4e3b23dde691b9abf/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: also propagate to the php, qt and qt5base packages.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

utils/scancpan: print package/Config.in only when useful

Currently, utils/scancpan always outputs what should be placed in
package/Config.in to include all Perl packages Config.in
files. However, in practice, this is only useful when a new package is
added. This commit adjusts this behavior so that what should be place
in package/Config for Perl packages is only displayed when scancpan
has produced a new Buildroot package for a Perl module.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-pip: needs python-setuptools

pip needs pkg_resources, which is installed with setuptools.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/common: always depend on build host-tar if needed

Currently, the filesystems do not depend on building host-tar when it
is needed, even though all of them have to extract the intermediate
tarball.

However, in degenerate (but legally valid) configurations with no
user-selectable package selected, host-tar would not be built, so the
rootfs images would use whatever improper tar the system has.

Add the conditional dependency to host-tar to the rootfs-common
intermediate image. Since this is the internal step that all real rootfs
generators depend on, they now properly depend on host-tar when needed.

In practice, when host-tar is needed, it will always be built before the
rootfs images, because it is a dependency of all packages (except a very
few, like the skeleton), of which host-fakeroot, which is a mandatory
dependency of rootfs-comon anyway. But for consistency sake, let's
explicitly add host-tar as a dependency to rootfs-common too.

Note that rootfs-tar already had that dependency, and we leave it as-is
because it is semantically correct, even if superfluous.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pkg-generic: add host-tar dependency for downloads from repositories

Three of our download backends need a host tar that can generate
reproducible archives: cvs, git, and svn. The other two, bzr and hg,
use their internal implementation.

So, for those three that need it, and a dependency on host-tar when the
system tar is not appropriate.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pkg-genric: add possibility to declare download dependencies

For some packages, we may need to have a certain set of host-tools built
before the download of said packages are attempted. For example, when
the system tar is not suitable, we will want to build our own tar before
we attempt a git download (because we generate a tarball in the git
backend).

Mimick the _EXTRACT_DEPENDENCIES, and introduce _DOWNLOAD_DEPENDENCIES.
As for _EXTRACT_DEPENDENCIES, we do not document _DOWNLOAD_DEPENDENCIES,
on the assumption that it is mostly for internal use.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pkg-generic: postpone evaluation of dependency conditions

In the pkg-inner macros, all variables, but the positional arguments,
must be $$-prefixed, so that they are expanded only when the macro is
evaluated in each package, not when the macro is parsed.

It is to be noted, though, that the current code, even though
incorrect by the above rules, seemed to work. However, the upcoming
addition of download dependencies, mimicking that code, would not work
unless it was $$-prefixed.

So, for consistency sake, and for correctness sake, let's always use
the $$-prefix in the inner macro.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

meson: re-add patch for skipping RPATH fixing

The patch to skip RPATH fixing performed by Meson was removed in commit
a03f46ca6e9f43028003aedc92f1a1204ae7480f, as the script
support/scripts/check-host-rpath was not complaining anymore.

But without it, the problem still occurs for host packages [1].

So, restore this patch to fix build of host packages with Meson.

[1] http://lists.busybox.net/pipermail/buildroot/2018-October/232956.html

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-django: bump to version 2.1.3

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

lua-curl: fix build with libcurl 7.62.0

The last libcurl bump changed error code definitions in a way that
breaks lua-curl build. Add a patch to fix that.

Fixes:
http://autobuild.buildroot.net/results/fa6/fa6e289162124b3e079c4a2d9c3f00910c8cc063/
http://autobuild.buildroot.net/results/7b9/7b962a63630abaed21d99f719c1bd710ec4d4b28/
http://autobuild.buildroot.net/results/c5b/c5b2a7f21259bbf79861bd95a2d7ca055920bf09/

Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libv4l: renumber patches

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libv4l: bump version to 1.16.1

Removed patches:

- 0003-libdvbv5-add-optional-copy-of-TEMP_FAILURE_RETRY-mac.patch
  (Upstream accepted, see [1])

- 0005-libv4lconvert-fix-compiler-warning.patch
  (From upstream, see [2])

- 0006-v4l2-ctl-fix-glibc-2.28-build.patch
  (From upstream, see [3])

Disable new qvidcap for now.

[1] https://git.linuxtv.org/v4l-utils.git/commit/?id=c28248deeb2d7fe43fcde948c00b9b8fa2bc1e8f
[2] https://git.linuxtv.org/v4l-utils.git/commit/?id=380fe7d4548a99bfcfc1594b6f0b3dd2369978f1
[3] https://git.linuxtv.org/v4l-utils.git/commit/?id=65e7b2a4076845d3932b88cb9c76f1fa4b78c32c

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Thomas: pass --disable-qvidcap only once.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

cargo-bin: bump version to 0.30.0

Bump version to 0.30.0.

The signature of the tarballs have been verified and their hash compared to the
upstream reference.

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pdbg: bump to version v2.0

Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/alsa-utils: install systemd service files

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/perl-*: regeneration of Config.in files with full stop

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

utils/scancpan: add a full stop to the help text when missing

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

lua-compat53: bump to version 0.7

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

pppd: fix build with glibc 2.28

Since glibc 2.28
(https://savannah.gnu.org/forum/forum.php?forum_id=9205), the obsolete
functions encrypt, encrypt_r, setkey, setkey_r, cbc_crypt, ecb_crypt,
and des_setparity are no longer available to newly linked binaries, and
the headers <rpc/des_crypt.h> and <rpc/rpc_des.h> are no longer
installed. These functions encrypted and decrypted data with the DES
block cipher, which is no longer considered secure. Software that still
uses these functions should switch to a modern cryptography library,
such as libgcrypt.

So retrieve an upstream patch to use openssl instead of these functions
and a new patch to remove the unsafe header/library path
'-I/usr/include/openssl'

Fixes:
 - http://autobuild.buildroot.org/results/c13ca8b8afa8de700caf8cd2fa1812b8552b3f4a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/amarula_a64_relic: add WiFi support

Amarula A64-Relic board has AP6330 WiFi/BT combo, but does
not have ethernet port. So it makes sense to enable wireless
networking by default:
- add broadcom wireless firmware package to image
- add basic wireless tools to image
- add rootfs overlay with proper NVRAM file for on-board AP6330 chip
- add mdev to image to enable module autoloading
- update readme.txt to test wifi

Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/amarula_a64_relic: new defconfig

Add initial support for Amarula A64-Relic board
with below features:
- U-Boot 2018.07
- Linux 4.17.0-rc6
- Default packages from buildroot

Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
[Thomas: add missing BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y and
BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y options.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

gnupg2: bump to version 2.2.10

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libgcrypt: bump to version 1.8.4

Drop patch 0001. We patch the configure script directly in patch 0002,
and we don't autoreconf. So this patch has no effect (never had).

Rename patch 0002. The next version bump should drop this patch as well.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libnpth: bump to version 1.6

Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libgpgme: bump to version 1.12.0

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libgpg-error: bump to version 1.32

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libgpg-error: enable riscv64 support

libgpg-error version 1.28 added support for riscv64.

Cc: Mark Corbin <mark.corbin@embecosm.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-async-timeout: add missing blank line in .mk file

Fixes the following check-package warning:

package/python-async-timeout/python-async-timeout.mk:6: should be a blank line (http://nightly.buildroot.org/#writing-rules-mk)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-yarl: add missing blank line in .mk file

Fixes the following check-package warning:

package/python-yarl/python-yarl.mk:6: should be a blank line (http://nightly.buildroot.org/#writing-rules-mk)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-async-timeout: new package

asyncio-compatible timeout context manager.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

DEVELOPERS: add James Hilliard for python-multidict

This was forgotten when the python-multidict package was added.

python-yarl: new package

Yet another URL library

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

python-scapy: new package

Interactive packet manipulation tool.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

python-multidict: new package

Multidict is dict-like collection of key-value pairs where a key may
occur more than once in the container.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
[Arnout: extend help text based on commit message.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

python-uvloop: new package

Fast implementation of asyncio event loop on top of libuv.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
[Arnout: change order of 'depends on' lines]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

libxmlpp: bump to version 3.0.1

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libxmlrpc: bump to version 1.43.08

- Remove first patch and pass CC_FOR_BUILD and other variables in
  LIBXMLRPC_CONF_OPTS instead of LIBXMLRPC_CONF_ENV because a similar
  solution is already in version thanks to
  https://sourceforge.net/p/xmlrpc-c/code/2905
- Remove second patch (already in version thanks to
  https://sourceforge.net/p/xmlrpc-c/code/2908)
- Remove third path (already in version thanks to
  https://sourceforge.net/p/xmlrpc-c/code/2909)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

uclibc: fix mkostemp

Pull a patch already submitted upstream[1] that fixes mkostemp when
_LARGEFILE64_SOURCE is defined. This is required to prevent failures
on eudev[2]:

    # udevadm hwdb --update
    Failure writing database //etc/udev/hwdb.bin: Invalid argument

1. https://patchwork.ozlabs.org/patch/990045/
2. https://patchwork.ozlabs.org/patch/984848/

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

webkitgtk: bump to version 2.22.3

Release notes:

    https://webkitgtk.org/2018/10/29/webkitgtk2.22.3-released.html

Patch "0001-ARM-Building-FELightingNEON.cpp-fails-due-to-missing.patch"
is removed because it is included in the new release.

This is a maintenance release which further improves playback of video
when using media source extensions (MSE), specially for WebM content,
and provides a few correctness fixes.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-zope-interface: bump to version 4.6.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

lighttpd: adjust Config.in to make check-package happy

Commit b9d75c717e01aed474b7567c969236418e87eda8 ("lighttpd: add
optional pam support") introduced a new Config.in option, but
check-package was not happy about it:

package/lighttpd/Config.in:30: should be indented with one tab (http://nightly.buildroot.org/#_config_files)
package/lighttpd/Config.in:31: should be indented with one tab (http://nightly.buildroot.org/#_config_files)
package/lighttpd/Config.in:32: attributes order: type, default, depends on, select, help (http://nightly.buildroot.org/#_config_files)
package/lighttpd/Config.in:32: should be indented with one tab (http://nightly.buildroot.org/#_config_files)
package/lighttpd/Config.in:33: should be indented with one tab (http://nightly.buildroot.org/#_config_files)
package/lighttpd/Config.in:34: help text: <tab><2 spaces><62 chars> (http://nightly.buildroot.org/#writing-rules-config-in)

This commit fixes those indentation and ordering issues.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

webkitgtk: add an option to control USE_GSTREAMER_GL

This covers the case where GL/GLES is available (so -DENABLE_OPENGL=ON
gets passed), which makes the webkitgtk build system assume GStreamer-GL
is available, while actually it is not.

Also, providing an option to manually disable usage of GStremer-GL can
help with certain target configurations in which using OpenGL for video
handling might result in incorrect rendering.

This fixes some autobuilder failures like the following:

  http://autobuild.buildroot.net/results/187796535af53ece426641ff7d88aabada281674
  http://autobuild.buildroot.net/results/00c1a8ea23a99728a4f3f4478705f2383414ae41

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

go: bump to v1.11.1

Bumps Golang host-go compiler to 1.11.1 release.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

lighttpd: add optional pam support

Let the option depend on linux-pam as pam has quite some dependencies and
this is unlikely to be used if pam isn't explicitly enabled.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

wolfssl: install into staging

wolfssl is a library, so it should be installed into staging so other
packages can find the header files / library.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libcurl: security bump to version 7.62.0

Fixes the following security issues:

CVE-2018-16839: SASL password overflow via integer overflow
https://curl.haxx.se/docs/CVE-2018-16839.html

CVE-2018-16840: use-after-free in handle close
https://curl.haxx.se/docs/CVE-2018-16840.html

CVE-2018-16842: warning message out-of-buffer read
https://curl.haxx.se/docs/CVE-2018-16842.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-typing: rewrap Config.in help text

Fixes the following check-package warning:

package/python-typing/Config.in:5: help text: <tab><2 spaces><62 chars> (http://nightly.buildroot.org/#writing-rules-config-in)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

luarocks: bump to version 3.0.4

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/network-manager: Add upstream patch to fix CVE-2018-15688

NetworkManager includes some parts of the systemd-networkd code in its
codebase. That can be found at src/systemd/src/libsystemd-networkd.
The DHCP implementation provided by systemd-networkd is used when
NetworkManager is configured to use the internal implementation,
however the default is to use dhclient.

When NetworkManager is configured to use the internal dhcp and an
interface is setup with ipv6.method=auto (which is the default value)
or ipv6.method=dhcp, this flaw can be exploited. When using
ipv6.method=auto, the DHCPv6 client can be automatically started with a
Router Advertisement packet.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/network-manager: bump version to 1.10.8

Added license hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/{at91, atmel}*_dev*: drop Dropbear as it duplicates OpenSSH

The "development" defconfigs for Atmel platforms enable both OpenSSH
and Dropbear, which doesn't make a lot of sense, as only one SSH
server can start on port 22.

This commit therefore drops BR2_PACKAGE_DROPBEAR=y from those
defconfigs, keeping OpenSSH as an SSH server/client, as was requested
by Atmel/Microchip folks in the review of an earlier version of this
patch [1]. Since those defconfigs are "development" defconfigs, they
are not meant to be minimal, and already provide an arbitrary set of
packages, so using openssh is just as good as using dropbear in this
case.

[1] https://patchwork.ozlabs.org/patch/989516/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Nicolas Ferre <nicolas.ferre@microchip.com>
Cc: Joshua Henderson <joshua.henderson@microchip.com>
Cc: Ludovic Desroches <ludovic.desroches@microchip.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

python-pytz: bump to version 2018.7

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

python-psutil: bump to version 5.4.8

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

openswan: bump to version 2.56.1.1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

python-can: bump to version 3.0.0

Add new dependencies and change download location.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Reviewed-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

python-typing: new package

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Reviewed-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

python-wrapt: new package

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Reviewed-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/systemd: Add upstream patch to fix CVE-2018-15688

Systemd-networkd is vulnerable to an out out-of-bounds heap write in the
DHCPv6 client when handling options sent by network adjacent DHCP servers.
A attacker could exploit this via malicious DHCP server to corrupt heap
memory on client machines, resulting in a denial of service or potential
code execution.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Peter: add description]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

ruby: security bump to version 2.4.5

Fixes the following security issues:

- CVE-2018-16396: Tainted flags are not propagated in Array#pack and
  String#unpack with some directives
https://www.ruby-lang.org/en/news/2018/10/17/not-propagated-taint-flag-in-some-formats-of-pack-cve-2018-16396/

- CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly
https://www.ruby-lang.org/en/news/2018/10/17/openssl-x509-name-equality-check-does-not-work-correctly-cve-2018-16395/

Update hash of LEGAL as it had a few (wayback machine) URLs added/changed.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

lighttpd: security bump to version 1.14.51

Fixes the following security issues:

1.4.50:
[mod_alias] security: potential path traversal with specific configs
[core] security: use-after-free invalid Range req
[mod_alias] security: path traversal in mod_alias (in some use cases) (fixes #2898)
[core] security: use-after-free after invalid Range request (fixes #2899)

1.4.51:
[core,security] process headers after combining folded headers
[mod_userdir] security: skip username “.” and “..”

1.4.51 brings optional pam and wolfssl support.  Explicitly disable these
options for now.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

qemu: switch to sdl2

Since version 2.12.0 and
https://github.com/qemu/qemu/commit/e52c6ba34149b4f39c3fd60e59ee32b809db2bfa,
SDL 1.2 is deprecated so switch to SDL 2.0 as SDL 1.2 will be removed in
the last release of 2018

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

qemu: sdl frontend needs x11

Since qemu 2.12.0 and
https://github.com/qemu/qemu/commit/2ec78706d188df7d3dab43d07b19b05ef7800a44,
x_keymap.h has been converted from "SDL display driver" to "X11 keymaps"

So add a select on BR2_PACKAGE_SDL_X11

Fixes:
 - http://autobuild.buildroot.org/results/1908d2d7de8d3aff11ed6fbb8fe4cf3eff54b5a5

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

synergy: needs gcc >= 4.9

Since version 1.9.0 and
https://github.com/symless/synergy-core/commit/c0376e9e2f659aec23a748f9a8d8ee6cd82f1281,
synergy needs C++14 so add a dependency on
BR2_TOOLCHAIN_GCC_AT_LEAST_4_9

Fixes:
 - http://autobuild.buildroot.org/results/c4646ee9342ea8bd906bfe2b29996c48cb403ccc

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Tested-by: Pieterjan Camerlynck <pieterjan.camerlynck@gmail.com>
Reviewed-by: Pieterjan Camerlynck <pieterjan.camerlynck@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>