package/pure-ftpd: bump to version 1.0.49

- Update hash of license file (update in year)
- Remove patch (already in version)
- Remove --with-rfc2640 (option removed with
  https://github.com/jedisct1/pure-ftpd/commit/33eda763bfca8dfcf736275272b84602dcd18549)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libsodium: bump to version 1.0.17

Update hash of license file (update in year)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

support/scripts/brpkutil.py: wrap at 80 columns

Previously, the flake8 script didn't help us to detect when Python
scripts were incorrectly wrapped. Now, however, it does report such
errors.

Fix one such an error now.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
[Arnout: give commit message a more positive tone]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libfreefare: fix static build with latomic

Use pkg-config to retrieve openssl dependencies such as lz or latomic

Fixes:
 - http://autobuild.buildroot.org/results/9bf69f238a63ea28690f7c0dbb8c30feb0afc5ad

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/lldpd: fix build without cdp

Fixes:
 - http://autobuild.buildroot.org/results/e46055b86bcb03614f3fba076af2278e46a39714

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/qt5/qt5virtualkeyboard: fix legal-info failure

After version bump, all sha256 were updated, but not the changed license
files paths for version 5.12.2.

Update license files paths for 5.12.2.

Fixes:
http://autobuild.buildroot.net/results/3812f4a6313fab57766c7b98defa723c58a8fa76/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/musl: bump to version 1.1.22

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

.gitlab-ci.yml: reorder jobs

In order to make the file easier to maintain, reorder the keys in a more
logical way:
Keep the docker image at the top.
Then all check-* jobs in the case-insensitive alphabetical order they
appear on Gitlab-CI pipeline results.
Then all keys related to defconfigs.
Finally all keys related to runtime tests.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/squeezelite: faad2 is an optional dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/squeezelite: add optional wiringpi dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/squeezelite: add optional lirc-tools dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/squeezelite: bump to version 71c012ad9ba102feb95823b7b9dc17e5305689c7

- Switch site to https://github.com/ralph-irving/squeezelite.

  Indeed the current upstream used in Buildroot has been automatically
  exported from code.google.com/p/squeezelite and has seen no updates
  since 4 years. Comparatively the new upstream is active (updated in
  March 2019), includes the four out-of-tree patches we had, is
  declared as the official repository on wikipedia
  (https://en.wikipedia.org/wiki/Squeezelite), and drawn interest from
  debian maintainer
  (https://github.com/ralph-irving/squeezelite/issues/29).

- Remove all patches (already in version)

- Update hash of license file (new author added:
  https://github.com/ralph-irving/squeezelite/commit/b8e5cd2d94fd280b8e858dd52ba05a7c6b07a514)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mesa3d: add KMSRO support for vc4

kmsro allow to support KMS displays with the renderonly layer used to
attach a GPU [1].

Quote from mesa3d meson.build: "kmsro driver requires one or more
renderonly drivers (vc4, etnaviv, freedreno)". But only vc4 support is
available by using the (deprecated) autotools build system [2].

This will also be used by mesa to support KMSRO with the upcomming
Panfrost and Lima Gallium drivers.

[1] https://cgit.freedesktop.org/mesa/mesa/commit/?id=ed65aeec7810a7d98a19461ba933bd77268cb0f6
[2] https://cgit.freedesktop.org/mesa/mesa/tree/configure.ac?h=mesa-19.0.1#n2864

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-numpy: add missing sublibraries licenses

Release 1.16.2 tarball doesn't contain all sublibraries license files
listed in the base LICENSE.txt file, one is missing, even though it is
present in the project Git repository.

This makes python-numpy-legal-info incomplete.

- Add patch to add missing sublibrary license file:
  numpy/linalg/lapack_lite/LICENSE.txt
- its sha256 into hash file.
- update PYTHON_NUMPY_LICENSE adding:
  BSD-2-Clause, PSF, Apache-2.0, MIT, Zlib

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gli: new package

Needed for Kodi 18.x-compatible version of kodi-screensaver-rsxs.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/wpa_supplicant: add upstream 2019-1, 2, 3, 4 security patches

Fixes the following security vulnerabilities:

- CVE-2019-9494 (cache attack against SAE)

For details, see the advisory:
https://w1.fi/security/2019-1/sae-side-channel-attacks.txt

- CVE-2019-9495 (cache attack against EAP-pwd)

For details, see the advisory:
https://w1.fi/security/2019-2/eap-pwd-side-channel-attack.txt

- CVE-2019-9496 (SAE confirm missing state validation in hostapd/AP)

For details, see the advisory:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt

- CVE-2019-9497 (EAP-pwd server not checking for reflection attack)
- CVE-2019-9498 (EAP-pwd server missing commit validation for scalar/element)
- CVE-2019-9499 (EAP-pwd peer missing commit validation for scalar/element)

For details, see the advisory:
https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt

Notice that SAE is not currently enabled in Buildroot, but the patches are
included here anyway for completeness.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/hostapd: add upstream 2019-1, 2, 3, 4 security patches

Fixes the following security vulnerabilities:

- CVE-2019-9494 (cache attack against SAE)

For details, see the advisory:
https://w1.fi/security/2019-1/sae-side-channel-attacks.txt

- CVE-2019-9495 (cache attack against EAP-pwd)

For details, see the advisory:
https://w1.fi/security/2019-2/eap-pwd-side-channel-attack.txt

- CVE-2019-9496 (SAE confirm missing state validation in hostapd/AP)

For details, see the advisory:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt

- CVE-2019-9497 (EAP-pwd server not checking for reflection attack)
- CVE-2019-9498 (EAP-pwd server missing commit validation for scalar/element)
- CVE-2019-9499 (EAP-pwd peer missing commit validation for scalar/element)

For details, see the advisory:
https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt

Notice that SAE is not currently enabled in Buildroot, but the patches are
included here anyway for completeness.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tpm2-totp: blacklist Codesourcery ARM toolchain

Fixes:
http://autobuild.buildroot.net/results/6c9bb17920749409e5a0c3388ccda411c6c7cfb4/

tpm2-totp uses _DEFAULT_SOURCE to make the htobe64() macro available,
support for which was only added in glibc 2.20:

https://www.gnu.org/software/libc/manual/html_node/Feature-Test-Macros.html#index-_005fDEFAULT_005fSOURCE

>From glibc 2.20 NEWS:

* The _BSD_SOURCE and _SVID_SOURCE feature test macros are no longer
  supported; they now act the same as _DEFAULT_SOURCE (but generate a
  warning).  Except for cases where _BSD_SOURCE enabled BSD interfaces that
  conflicted with POSIX (support for which was removed in 2.19), the
  interfaces those macros enabled remain available when compiling with
  _GNU_SOURCE defined, with _DEFAULT_SOURCE defined, or without any feature
  test macros defined.

This could be worked around by defining _BSD_SOURCE for this old toolchain
(cannot be done unconditionally as it generated warnings for modern glibc
versions), but given that platforms using this old toolchain are unlikely to
have a TPM 2.0 and use it for TOTP, simply blacklist it instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/testing: add test for xserver/Mesa OpenGL/glxinfo

This test allow to check if the xserver with GLX is working properly.
This is a basic test but it allow to trigger the current bug reported
by [1].

To test if the glxinfo test is working, you can change "-display :0" by
"-display :1" in the glxinfo command line.

[1] https://bugs.buildroot.org/show_bug.cgi?id=11591

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Youssef Harmouch <youssef.harmouch@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sslh: add optional libcap dependency

libcap dependency has been added in version 1.16 with
https://github.com/yrutschle/sslh/commit/009faa64b75801961f88ec5a7a09fd991168d4e9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sslh: add optional pcre dependency

pcre dependency has been added in version 1.18 and
https://github.com/yrutschle/sslh/commit/ab3324be477b2663196e0cc73d96aa38d59da65a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/refpolicy: bump to version 2.20190201

Also change the site location to the non-archived URL.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/semodule-utils: bump to version 2.9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/restorecond: bump to version 2.9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/selinux-python: bump to version 2.9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/policycoreutils: bump to version 2.9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/checkpolicy: bump to version 2.9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libsemanage: bump to version 2.9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libselinux: bump version to 2.9

Other changes:
 - Remove upstream patch
 - Add PYTHON=$(LIBSELINUX_PYLIBVER) to LIBSELINUX_MAKE_OPTS
 - Add PYTHON=$(HOST_LIBSELINUX_PYLIBVER) to HOST_LIBSELINUX_MAKE_OPTS

The python changes are necessary because libselinux python tools now defaults
to python3.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libsepol: bump version to 2.9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/audit: bump version to 2.8.5

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/{mesa3d, mesa3d-headers}: bump version to 19.0.2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/rust: bump version to 1.33.0

Bump rust to 1.33.0 with the following changes:

- drop support for jemalloc
- add dependency on host-openssl
- add a patch to fix bootstraping with rust 1.33.0 [1]

[1] https://github.com/rust-lang/rust/pull/57765

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/rust-bin: bump version to 1.33.0

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/cargo-bin: bump version to 0.33.0

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/wireguard: bump version to 0.0.20190406

For details of the changes, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2019-April/004062.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/android-tools: host-android-tools need pkg-conf

Host version of this package needs pkg-conf the same way as target
package: for Makefiles library dependencies retrieving.

Fixes:

  http://autobuild.buildroot.net/results/8543eb3815a67747349a2e60654d19b9804a3a89/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/xz: fix whitespace

A strange unicode character was used instead of a standard white space

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/uboot-tools: add option to install fit_check_sign

This commit adds an option to install fit_check_sign to target for fit
image validation.

This will allow a fit image to have its signature and hashes validated
from Linux, assuming a device-tree of keys (the same as which is in
u-boot) is available.

Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/log4cplus: bump to version 2.0.4

- Remove atomic "hack", not needed since:
  https://github.com/log4cplus/log4cplus/commit/f14427a871219ea69c3f26925bc2f92b87967dab
- Manage new lto option added by
  https://github.com/log4cplus/log4cplus/commit/66d3d36495e0670f20d88b1bf2ba9245093ef2de

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pixman: bump version to 0.38.4

Removed patch 0002, applied upstream
https://cgit.freedesktop.org/pixman/commit/?id=7c6066b700c7cdd4aeb8be426b14b3a5f0de4b6c

Added md5 hash provided by upstream and sha256 hashes for tarball and
license file.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python3: fix hash for license file

The year was updated.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lldpd: add libcap optional dependency

libcap optional dependency has been added in version 1.0.2 with
https://github.com/vincentbernat/lldpd/commit/f6933edaf2edea12ef72ef7c70958c2a617f6a1f

Also refactor check and valgrind optional dependencies to put them on a
single line

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lldpd: bump to version 1.0.3

- Remove patch (already in version)
- Drop autoreconf as patch has been removed

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lldpd: add optional libxml2 dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lldpd: add optional netsnmp dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lldpd: remove --without-json

json option has been removed in version 0.9.7 with
https://github.com/vincentbernat/lldpd/commit/06987a24ce053cbb57f8853bbf544bc7c067c8aa

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lldpd: update license file

- Instead of README.md, use LICENSE file that has been added in version
  0.9.5 with
  https://github.com/vincentbernat/lldpd/commit/4d534a60ee33aa2431acb6bfe6d499d2e72d66d5
- Add hash of license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Julien Floret <julien.floret@6wind.com
Signed-off-by: Fabrice Fontaine &lt;<a href="mailto:fontaine.fabrice@gmail.com" target="_blank" rel="noreferrer">fontaine.fabrice@gmail.com</a>&gt;<br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freerdp: bump version to 2.0.0-rc4

Add support to set tls security level (for openssl >= 1.1.0), for RDP
protocol version 10 (needed for windows 10 and windows server
2016). Also have some fix and features, see
https://github.com/FreeRDP/FreeRDP/commit/e21b72c95f857817b4b32b5ef5406355c005a9e8

Signed-off-by: Alexey Lukyanchuk <skif@skif-web.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libunwind: bump to version 1.3.1

- Remove first, third and fourth patches (already in version)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libnfs: bump version to 4.0.0

Removed patch 0002, applied upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/glm: bump version to 0.9.9.5

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/json-for-modern-cpp: bump version to 3.6.1

Updated license hash after upstream bumped copyright year:
https://github.com/nlohmann/json/commit/b37392b7ace1a830d95b7140bc6b449bd7c70a34#diff-8d416c704c45322db422b7169afb686a

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/rapidxml: fix install path

kodi-pvr-iptvsimple as of
https://github.com/kodi-pvr/pvr.iptvsimple/commit/d27b3ed1d379d2f865e95f08bdf2dbf086f8c0ad

depends on rapidxml but expects the headers in usr/include/rapidxml
instead of usr/include.

This changes the install path to be consistent with Debian and Gentoo:

https://packages.debian.org/stretch/all/librapidxml-dev/filelist
https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-libs/rapidxml/rapidxml-1.13-r1.ebuild#n22

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/clang: bump to 8.0.0

Clang no longer needs llvm-config. It now looks for LLVMConfig.cmake,
which is specified by LLVM_DIR option.

The license file hash changed due to a copyright year update:

-Copyright (c) 2007-2018 University of Illinois at Urbana-Champaign.
+Copyright (c) 2007-2019 University of Illinois at Urbana-Champaign.

Signed-off-by: Valentin Korenblit <valentinkorenblit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/llvm: bump to 8.0.0

The license file hash changed due to a copyright year update:

-Copyright (c) 2003-2018 University of Illinois at Urbana-Champaign.
+Copyright (c) 2003-2019 University of Illinois at Urbana-Champaign.

Signed-off-by: Valentin Korenblit <valentinkorenblit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/xz: bump to version 5.2.4

- Switch site to https
- Update hash for COPYING: website URL changed from http to https

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/xz: update license

- Add COPYING to license files as it gives useful info on license
- Add "Public Domain" to XZ_LICENSE (see COPYING)
- Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/linux-tools: some selftests needs kmod's modprobe

Some kernel-selftests are using modprobe options (-n) that are not available
from busybox's modprobe, so make sure that BR2_PACKAGE_KMOD_TOOLS is selected.

[linux-4.19 selftests]$ git grep tput
drivers/gpu/drm_mm.sh:if ! /sbin/modprobe -n -q test-drm_mm; then
drivers/usb/usbip/usbip_test.sh:if ! /sbin/modprobe -q -n usbip_host; then

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/linux-tools: some selftests needs tput

Some kernel-selftests are using tput program, so make sure that
BR2_PACKAGE_NCURSES_TARGET_PROGS is selected.

[linux-4.19 selftests]$ git grep tput
[...]
futex/run.sh:tput setf 7 || tput setaf 7
futex/run.sh:    tput sgr0

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/linux-tools: some selftests needs util-linux schedutils

Some kernel-selftests are using taskset program, so make sure that
BR2_PACKAGE_UTIL_LINUX_SCHEDUTILS is selected.

[linux-4.19 selftests]$ git grep taskset
bpf/test_progs.c:       assert(system("taskset 0x1 ./urandom_read 100000") == 0);
cpu-hotplug/cpu-on-off-test.sh: taskset -p 01 $$
cpufreq/main.sh:        taskset -p 01 $$
netfilter/nft_trans_stress.sh:        ip netns exec "$testns" taskset $mask ping -4 127.0.0.1 -fq > /dev/null &
netfilter/nft_trans_stress.sh:        ip netns exec "$testns" taskset $mask ping -6 ::1 -fq > /dev/null &
rcutorture/bin/jitter.sh:       if ! taskset -p $cpumask $$ > /dev/null 2>&1

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/syslog-ng: fix segfault on startup due to pthread_atfork

syslog-ng may segfault at startup (during library initialization, before
reaching main) in newer toolchains. I have witnessed it on aarch64 (but with
32-bit arm userland) with glibc 2.28.

Problem is described in syslog-ng issue #2263 [1], which in turn leads to a
problem in 'ivykis' which is shipped with syslog-ng, see ivykis issue #15
[2].

Root cause is that 'pthread_atfork' is used by ivykis but searched by its
configure script in libpthread_nonshared only. In newer toolchains, it seems
this symbol is in libc_nonshared.

Apply a patch someone proposed via pullrequest [3] to the ivykis project,
but which is at this moment not yet merged upstream.

[1] https://github.com/balabit/syslog-ng/issues/2263
[2] https://github.com/buytenh/ivykis/issues/15
[3] https://github.com/buytenh/ivykis/pull/16

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python3: bump version to 3.7.3

Aslo remove upstream patch 0033.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/samba4: security bump to version 4.9.6

Fixes the following security vulnerabilities:

 - CVE-2019-3870:
   During the provision of a new Active Directory DC, some files in the private/
   directory are created world-writable.
   https://www.samba.org/samba/security/CVE-2019-3870.html

 - CVE-2019-3880:
   Authenticated users with write permission can trigger a symlink traversal to
   write or detect files outside the Samba share.
   https://www.samba.org/samba/security/CVE-2019-3880.html

For more details, see the release notes:
https://www.samba.org/samba/history/samba-4.9.6.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/civetweb: fix linking failure caused by wrong argument passed to pkg-config

On commit 027a8b29f1e62d5ff5bbb15b79376614f902a680 pkg-config has been
added to retrieve OpenSSL dependencies, but it's been passed `libssl`
instead of `openssl`, this makes fail some linking. Indeed we need
OpenSSL dependency, so let's use `openssl` with pkg-config.

Substitute `libssl` with `openssl`.

Fixes:

  http://autobuild.buildroot.net/results/b225425ee237852bd9fee4ca0b8d24f3e37d64f9/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/nanopi_m1_plus: bump to linux 5.0 and u-boot 2019.01

This bumps to linux/linux-headers 5.0 and u-boot version 2019.01. The
kernel patch is no longer needed, as the Device Tree for the platform
is now upstream.

Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/nanopi_m1: bump to the linux 5.0 and u-boot 2019.01

This bumps to linux/linux-headers 5.0 and u-boot version 2019.01

Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/orangepi_plus: bump to linux 5.0 and u-boot 2019.01

This bumps to linux/linux-headers 5.0 and u-boot version 2019.01

Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/olimex_a64_olinuxino: bump to linux 5.0 and u-boot 2019.01

This bumps to linux/linux-headers 5.0 and u-boot version 2019.01

Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/orangepi_prime: bump to linux 5.0 and u-boot 2019.01

This bumps to linux/linux-headers 5.0 and u-boot version 2019.01

Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/pine64_sopine: bump to linux 5.0 and u-boot 2019.01

This bumps to linux/linux-headers 5.0 and u-boot version 2019.01

Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gettext: ensure GETTEXTIZE is always defined

After introducing gettext-tiny in:

5367a1b253 package/gettext-tiny: new package

GETTEXTIZE variable is conditionally defined separately by gettext-gnu
or gettext-tiny package depending on which of them is
enabled. However, gettext-gnu only defines it when the target
gettext-gnu package is enabled. This is wrong, because the target
gettext-gnu package is only needed when the C library doesn't provide
a proper gettext implementation (uClibc, musl). When glibc is used,
gettext functionality is provided by the toolchain, and the target
gettext-gnu package is not enabled, causing GETTEXTIZE to not be
defined. This causes build failures in packages that need
gettextizing, in configurations that have BR2_SYSTEM_ENABLE_NLS=y and
use glibc.

This commit fixes this issue by defining GETTEXTIZE unconditionally in
package/gettext/gettext.mk. It is not needed to define it in each
gettext-*.mk because the difference is only in passing the 'data_dir'
parameter which points to ${PREFIX}/share/gettext-tiny (in case of
gettext-tiny provider), but a simple symlink:

${PREFIX}/share/gettext -> ${PREFIX}/share/gettext-tiny

solves this issue.

Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
[Thomas: improve commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

.flake8: fix check for 80/132 columns

We recommend wrapping at 80 columns but we accept 132 columns when it
makes more readable.

When running flake8 locally, use maximum line length 80.
But when running in GitLab CI, keep the check-flake8 job failing only
for lines longer than 132.

Reported-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/gettext-gnu: fix typo BR2_PACKAGE_GETTEXT_GNU_PROVIDES_LIBINTL

After commit:

ea1e7ee606 package/gettext: turn into virtual package

package/gettext was renamed to package/gettext-gnu and introduced typo
BR2_PACKAGE_GETTEXT_GNU_PROVIDES_LIBINTL which should be
BR2_PACKAGE_GETTEXT_PROVIDES_LIBINTL (w/o "_GNU" part).

Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gettext-tiny: drop dependency of host-variant on libiconv

The host variant of gettext-tiny incorrectly has a dependency on the
target libiconv. Not only this is wrong (a host package cannot use a
target library), but it also causes a circular dependencies:
host-gettext-tiny is needed as part of the toolchain build in some
configurations, and all target packages depend on the toolchain being
available.

For host packages, we assume that iconv functionnality is provided by
the host system, so there is no host-libiconv package.

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Reviewed-by: Alexey Brodkin <abrokdin@synopsys.com>
[Thomas: rework commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

boot/opensbi: add hash file

All downloads performed by buildroot should be integrity-checked if
possible. Enable integrity-checking for the RISC-V OpenSBI sources by
adding a corresponding hash file.

Signed-off-by: Karsten Merker <merker@debian.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/dependencies/dependencies.sh: simplify an error message

There is no need to break the "\n" sequence using "%sn". We can just
escape it. Note: the escaping backslash needs to be escaped too,
because the shell will process the string before printf gets to see it.

Signed-off-by: Markus Mayer <mmayer@broadcom.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ghostscript: security bump to version 9.27

Fixes CVE-2019-3835, CVE-2019-3838: A specially crafted PostScript file
could use these flaws to have access to the file system outside of the
constrains imposed by -dSAFER.

Drop upstream patches.

Use the make subst function to compute the download site from version.

Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/olimex_a20_olinuxino_lime*: bump Linux and U-Boot versions

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xserver_xorg-server: disable unit tests

Fixes:
 - http://autobuild.buildroot.org/results/95a5004c9245f1f90758631b02e17d3df12812ec

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/civetweb: fix link failure due to missing OpenSSL dependency

During linking one OpenSSL dependecy is missing(-latomic) on linking
library list.

- Substitute explicit library list with `pkg-config libssl` when
  BR2_PACKAGE_OPENSSL is enabled. In such way all needed libraries
  will be included in linking list.

- Add also `host-pkgconf` to CIVETWEB_DEPENDENCIES if
  BR2_PACKAGE_OPENSSL is enabled to make it available for previous
  point.

Fixes:

  http://autobuild.buildroot.net/results/b2e210bdefe84f4ec9cfda79a33d81788fb7e66c/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tor: fix static build with openssl and atomic

Update patch so -latomic (provided in LIBS) is added after openssl libs
(provided in $3)

Fixes:
 - http://autobuild.buildroot.org/results/4b90b7d02e354ebf3d8f95023547bf4a18e0165e

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tpm2-totp: new package

Library and utility for TOTP based attestation using the tpm2-tss software
stack.

Add an upstream patch to fix format string mismatch errors when building for
32bit architectures.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tpm2-tss: add upstream patch to drop hardcoded -lgcrypt from tss2-esys.pc

tss2-esys.pc contains a hardcoded -lgcrypt even though the openssl crypto
backend (as in Buildroot) may be used, leading to linker errors when using
esys.

Given that tpm2-tss doesn't allow static linking, there is no need to
explicitly list the crypto library dependency.

Cherry pick an upstream patch to fix this.  Notice that the upstream patch
also changes the default crypto backend to openssl.  As this isn't stricly
needed (we explicitly configure for openssl) and requires autoreconv, drop
the configure.ac hunk from the patch.

https://github.com/tpm2-software/tpm2-tss/pull/1173

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

boot/barebox: add missing newline at EOF in hash file

Fixes the following check-package warning:

   boot/barebox/barebox.hash:5: missing newline at end of file

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tpm2-tools: license is 3c BSD, not 2c

The license contains the "no endorsement" clause, so it should be listed as
BSD-3-Clause:

  * Neither the name of Intel Corporation nor the names of its contributors
    may be used to endorse or promote products derived from this software
    without specific prior written permission.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/android-tools: fix static linking failure due to OpenSSL dependencies

When static linking some dependency library can be missing
(i.e. -latomic for -lcrypto) on linking libraries list. This is
because when static linking libraries dependencies are not
transparently linked into binary.

To avoid moving libraries before/after one another or add new ones
that are not needed at all in the dynamic linking case, we use `pkg-config --libs
LIBRARY` where LIBRARY is the library we "probe" for its existence and
dependency.

In this commit, we:

- Remove 0005-fix-static-link-zlib.patch where -lcrypto and -lz were
  swapped, as it is no longer needed thanks to the following point.

- Replace it with 0005-Use-pkgconf-to-get-libs-deps.patch where
  -lcrypto has been substituted with `pkg-config --libs libcrypto`

- Add host-pkgconf to ANDROID_TOOLS_DEPENDENCIES

Fixes:

  http://autobuild.buildroot.net/results/d3d6679cfc8afe4467368bd3d31483172c1032de/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/openjdk: fix alsa-lib dependencies

OpenJDK requires the following alsa-lib modules to be build:
  - mixer
  - pcm
  - rawmidi
  - seq

Fixes:

  http://autobuild.buildroot.net/results/c35d64e659960663c935a31f4cb8ed4180728eb1
  http://autobuild.buildroot.net/results/845fe32967c9879b6c1adbf0630f358be215e174

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

DEVELOPERS: monitor pkg-golang.mk

Signed-off-by: Anisse Astier <anisse@astier.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

DEVELOPERS: add Christian Stewart for package/pkg-golang

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gnutls: security bump to 3.6.7.1

Fixes the following security issues:

 * CVE-2019-3836: It was discovered in gnutls before version 3.6.7 upstream
   that there is an uninitialized pointer access in gnutls versions 3.6.3 or
   later which can be triggered by certain post-handshake messages

 * CVE-2019-3829: A vulnerability was found in gnutls versions from 3.5.8
   before 3.6.7. A memory corruption (double free) vulnerability in the
   certificate verification API. Any client or server application that
   verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.

3.6.7.1 is identical to 3.6.7, but fixes a packaging issue in the release
tarball:

https://lists.gnutls.org/pipermail/gnutls-devel/2019-April/013086.html

HTTP URLs changed to HTTPS in COPYING, so update license hash.

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

boot/barebox: bump version to 2019.04.0

Signed-off-by: Bartosz Bilas <b.bilas@grinn-global.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/nvme: bump to version 1.7

- Remove patch (already in version)
- Add upstream patch to fix build
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/nvme: add optional util-linux dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gst1-plugins-good: add option for qmlgl plugin (qt5 plugin)

gst1-plugins-good is built with --disable-qt option, so qmlgl plugin
is disabled. Add an option to enable it, allowing to use the qmlglsrc
and qmlglsink GStreamer elements.

Signed-off-by: Iñigo Huguet <inigohuguet@fanamoel.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/docker-cli: bump to version v18.09.4

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/docker-engine: bump to version v18.09.4

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/docker-containerd: refer to official website

Containerd is no longer maintained under the docker github project and now
has an official website, so refer to that in the help text.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/docker-containerd: bump version to v1.2.5

Contains a number of bugfixes. For more details, see the announcement:

https://github.com/containerd/containerd/releases/tag/v1.2.5

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Revert "runc: depend on linux headers >= 3.11 for O_TMPFILE"

This reverts commit 905e976a6af224b3ed015c46fcea2d717c155f55.

With the bump to 1.0.0-rc7, runc no longer needs O_TMPFILE.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>