git.libre-soc.org Git - buildroot.git/log

package/libhtp: new package

LibHTP is a security-aware parser for the HTTP protocol and the related
bits and pieces.

https://github.com/OISF/libhtp

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Thomas: always disable SSP, let our gcc/wrapper handle that]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pcre2: add JIT support option

Add JIT support option.

Signed-off-by: Artem Panfilov <panfilov.artyom@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lrandom: bump to version 20180729

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/luadbi-sqlite3: bump to version 0.7.2

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/luadbi: bump to version 0.7.2

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sconeserver: drop unneeded static openssl workaround

sconeserver can't be built statically since commit
a845798aa8af0535b85ea0e46cc9e8af9d1ffed1

So drop unneeded workaround for statically linking with openssl

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/bind: drop unneeded static openssl workarounds

bind can't be built statically since commit
6045904752b06a8b8e52ba8fc2e49a8548964e8d

So drop uneeded LIBS="-lz" which was added by commit
80ebf12906afc3a1e5f4e5682d4c5dc0779a556a to fix static build with
openssl

Also, drop ac_cv_func_EVP_{sha256,sha384,sha512} that was also added to
fix tests in static build by commit
26aefa672c96caefc17adf59a9ab3d327114ad36

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sqlcipher: fix static build with openssl and atomic

Use pkg-config to find openssl dependencies such as lz or latomic

Fixes: static build on sparc v8 (even if there are no autobuilder
failures yet)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/squid: bump to version 4.6

- Remove patch (already in version):
https://github.com/squid-cache/squid/commit/c34582b9e8c40529db7eb9c490b081a37972f6d4
- Drop autoreconf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/terminology: bump to version 1.4.0

Update COPYING file hash due to year update.

https://sourceforge.net/p/enlightenment/mailman/message/36626985/

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/efl: bump to version 1.22.0

Remove upstream commit.

https://www.enlightenment.org/news/efl-1.22.0

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

linux: simplify LINUX_BUILD_CMDS

We currently do the Linux build as follows:

   make <imagename>
   if modules enabled; make modules; fi

However, Clement Léger recently reported that due to us not using the
"all" target, the GDB scripts that the kernel can build when
CONFIG_GDB_SCRIPTS is enabled are not built, since upstream kernel
commit 67274c083438340ad16c1437caebc84e1253b224 (merged in v5.1) moved
that logic to a separate scripts_gdb target, which is a dependency of
the "all" target.

While we could add some more logic to explicit generate the
"scripts_gdb" target, this logic would fail on Linux < 5.1 for which
this make target doesn't exist.

So instead, let's simplify the build logic, and use:

  make all <imagename>

The "all" target automatically depends on "modules" if CONFIG_MODULES
is set, so we no longer need to explicit generate the "modules" target
separately.

As a result of this change, we may generate additional kernel images
compared to what was done previously, but such images would anyway not
be installed, and the additional build time is minimal.

We did some research as to why the kernel build was done like this in
Buildroot, and it's been like that since linux/linux.mk was added back
in 2010 by commit 487e21cff69b30b404146b2ffb46959a728a4002 ("New,
simpler, infrastructure for building the Linux kernel").

Reported-by: Clément Leger <cleger@kalray.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

linux: use host pkg-config when host libelf is set

A patch was added to the Linux kernel in 5.1.0-rc3 which adds a
requirement that the host build environment include pkg-config. Add the
correct host-pkgconf dependency and environment variables to ensure
Linux picks up the correct libraries.

Move the existing LINUX_MAKE_ENV assignment earlier, to simplify the
append-assignment in the libelf conditional block.

Fixes: #11761
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Stuart Summers <stuart.summers@intel.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
[Arnout: extend commit message as suggested by Yann]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/netsnmp: fix static build with openssl

Use pkg-config to find openssl dependencies such as lz or latomic

Fixes:
- http://autobuild.buildroot.org/results/8f6fdbf8a21967363b737bc771252bcded4278a9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/ipsec-tools: fix static build with openssl and atomic

Use pkg-config to find openssl dependencies such as lz or latomic

Fix static build on sparc v8 (even if there is no autobuilder failures
yet)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/softether: fix static build with openssl and atomic

Don't pass --with-openssl option to force softether to use pkg-config
(see autotools/ax_check_openssl.m4).

pkg-config will find openssl dependencies such as lz or latomic

Fix static build on sparc v8 (even if there is no autobuilder failures
yet)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/llvm: fix build with gcc < 5.1

Fixes:
http://autobuild.buildroot.net/results/0c046a1b57a4f0b992333003d41062e1b256eb0d

Signed-off-by: Valentin Korenblit <valentinkorenblit@gmail.com>
[Arnout: add explanatory comment suggested by Romain]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/thrift: drop unneeded static openssl workaround

thrift uses pkg-config to find openssl dependencies such as lz or
latomic so drop unneeded workaround. This was a leftover from the very
first integration of thrift 0.9.1 in 2013.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/hostapd: fix static build with openssl and atomic

Use pkg-config to find openssl dependencies such as lz or latomic

Fix build on sparc v8 (even if there is no autobuilder failures yet)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/wpa_supplicant: fix static build with openssl and atomic

Use pkg-config to find openssl dependencies such as lz or latomic

Fix build on sparc v8 (even if there is no autobuilder failures yet)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/msmtp: bump to version 1.8.3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/msmtp: drop unneeded static openssl workaround

msmtp uses pkg-config to find openssl dependencies such as lz or latomic
so drop unneeded openssl workaround that was added by
https://git.buildroot.net/buildroot/commit/package/msmtp?id=468bbc1538aaea87beaf455a2ad6ea5a255d5f58

I don't know why it was added seven years ago as msmtp already used
pkg-config at this time:
https://github.com/marlam/msmtp-mirror/blob/rel-1-4-27/configure.ac

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/pure-ftpd: fix static build with openssl and latomic

Use pkg-config to find openssl dependencies such as lz or latomic

Fixes:
- http://autobuild.buildroot.org/results/eba8d344446b0db6327c0588c456c14594984f76

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/pure-ftpd: add optional mysql dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/pure-ftpd: add optional postgresql dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/pure-ftpd: bump to version 1.0.49

- Update hash of license file (update in year)
- Remove patch (already in version)
- Remove --with-rfc2640 (option removed with
https://github.com/jedisct1/pure-ftpd/commit/33eda763bfca8dfcf736275272b84602dcd18549)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libsodium: bump to version 1.0.17

Update hash of license file (update in year)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

support/scripts/brpkutil.py: wrap at 80 columns

Previously, the flake8 script didn't help us to detect when Python
scripts were incorrectly wrapped. Now, however, it does report such
errors.

Fix one such an error now.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
[Arnout: give commit message a more positive tone]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/libfreefare: fix static build with latomic

Use pkg-config to retrieve openssl dependencies such as lz or latomic

Fixes:
- http://autobuild.buildroot.org/results/9bf69f238a63ea28690f7c0dbb8c30feb0afc5ad

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/lldpd: fix build without cdp

Fixes:
- http://autobuild.buildroot.org/results/e46055b86bcb03614f3fba076af2278e46a39714

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/qt5/qt5virtualkeyboard: fix legal-info failure

After version bump, all sha256 were updated, but not the changed license
files paths for version 5.12.2.

Update license files paths for 5.12.2.

Fixes:
http://autobuild.buildroot.net/results/3812f4a6313fab57766c7b98defa723c58a8fa76/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/musl: bump to version 1.1.22

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

.gitlab-ci.yml: reorder jobs

In order to make the file easier to maintain, reorder the keys in a more
logical way:
Keep the docker image at the top.
Then all check-* jobs in the case-insensitive alphabetical order they
appear on Gitlab-CI pipeline results.
Then all keys related to defconfigs.
Finally all keys related to runtime tests.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/squeezelite: faad2 is an optional dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/squeezelite: add optional wiringpi dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/squeezelite: add optional lirc-tools dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/squeezelite: bump to version 71c012ad9ba102feb95823b7b9dc17e5305689c7

- Switch site to https://github.com/ralph-irving/squeezelite.

  Indeed the current upstream used in Buildroot has been automatically
  exported from code.google.com/p/squeezelite and has seen no updates
  since 4 years. Comparatively the new upstream is active (updated in
  March 2019), includes the four out-of-tree patches we had, is
  declared as the official repository on wikipedia
  (https://en.wikipedia.org/wiki/Squeezelite), and drawn interest from
  debian maintainer
  (https://github.com/ralph-irving/squeezelite/issues/29).

- Remove all patches (already in version)

- Update hash of license file (new author added:
  https://github.com/ralph-irving/squeezelite/commit/b8e5cd2d94fd280b8e858dd52ba05a7c6b07a514)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/mesa3d: add KMSRO support for vc4

kmsro allow to support KMS displays with the renderonly layer used to
attach a GPU [1].

Quote from mesa3d meson.build: "kmsro driver requires one or more
renderonly drivers (vc4, etnaviv, freedreno)". But only vc4 support is
available by using the (deprecated) autotools build system [2].

This will also be used by mesa to support KMSRO with the upcomming
Panfrost and Lima Gallium drivers.

[1] https://cgit.freedesktop.org/mesa/mesa/commit/?id=ed65aeec7810a7d98a19461ba933bd77268cb0f6
[2] https://cgit.freedesktop.org/mesa/mesa/tree/configure.ac?h=mesa-19.0.1#n2864

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-numpy: add missing sublibraries licenses

Release 1.16.2 tarball doesn't contain all sublibraries license files
listed in the base LICENSE.txt file, one is missing, even though it is
present in the project Git repository.

This makes python-numpy-legal-info incomplete.

- Add patch to add missing sublibrary license file:
numpy/linalg/lapack_lite/LICENSE.txt
- its sha256 into hash file.
- update PYTHON_NUMPY_LICENSE adding:
BSD-2-Clause, PSF, Apache-2.0, MIT, Zlib

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gli: new package

Needed for Kodi 18.x-compatible version of kodi-screensaver-rsxs.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/wpa_supplicant: add upstream 2019-1, 2, 3, 4 security patches

Fixes the following security vulnerabilities:

- CVE-2019-9494 (cache attack against SAE)

For details, see the advisory:
https://w1.fi/security/2019-1/sae-side-channel-attacks.txt

- CVE-2019-9495 (cache attack against EAP-pwd)

For details, see the advisory:
https://w1.fi/security/2019-2/eap-pwd-side-channel-attack.txt

- CVE-2019-9496 (SAE confirm missing state validation in hostapd/AP)

For details, see the advisory:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt

- CVE-2019-9497 (EAP-pwd server not checking for reflection attack)
- CVE-2019-9498 (EAP-pwd server missing commit validation for scalar/element)
- CVE-2019-9499 (EAP-pwd peer missing commit validation for scalar/element)

For details, see the advisory:
https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt

Notice that SAE is not currently enabled in Buildroot, but the patches are
included here anyway for completeness.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/hostapd: add upstream 2019-1, 2, 3, 4 security patches

Fixes the following security vulnerabilities:

- CVE-2019-9494 (cache attack against SAE)

For details, see the advisory:
https://w1.fi/security/2019-1/sae-side-channel-attacks.txt

- CVE-2019-9495 (cache attack against EAP-pwd)

For details, see the advisory:
https://w1.fi/security/2019-2/eap-pwd-side-channel-attack.txt

- CVE-2019-9496 (SAE confirm missing state validation in hostapd/AP)

For details, see the advisory:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt

- CVE-2019-9497 (EAP-pwd server not checking for reflection attack)
- CVE-2019-9498 (EAP-pwd server missing commit validation for scalar/element)
- CVE-2019-9499 (EAP-pwd peer missing commit validation for scalar/element)

For details, see the advisory:
https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt

Notice that SAE is not currently enabled in Buildroot, but the patches are
included here anyway for completeness.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tpm2-totp: blacklist Codesourcery ARM toolchain

Fixes:
http://autobuild.buildroot.net/results/6c9bb17920749409e5a0c3388ccda411c6c7cfb4/

tpm2-totp uses _DEFAULT_SOURCE to make the htobe64() macro available,
support for which was only added in glibc 2.20:

https://www.gnu.org/software/libc/manual/html_node/Feature-Test-Macros.html#index-_005fDEFAULT_005fSOURCE

>From glibc 2.20 NEWS:

* The _BSD_SOURCE and _SVID_SOURCE feature test macros are no longer
  supported; they now act the same as _DEFAULT_SOURCE (but generate a
  warning).  Except for cases where _BSD_SOURCE enabled BSD interfaces that
  conflicted with POSIX (support for which was removed in 2.19), the
  interfaces those macros enabled remain available when compiling with
  _GNU_SOURCE defined, with _DEFAULT_SOURCE defined, or without any feature
  test macros defined.

This could be worked around by defining _BSD_SOURCE for this old toolchain
(cannot be done unconditionally as it generated warnings for modern glibc
versions), but given that platforms using this old toolchain are unlikely to
have a TPM 2.0 and use it for TOTP, simply blacklist it instead.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/testing: add test for xserver/Mesa OpenGL/glxinfo

This test allow to check if the xserver with GLX is working properly.
This is a basic test but it allow to trigger the current bug reported
by [1].

To test if the glxinfo test is working, you can change "-display :0" by
"-display :1" in the glxinfo command line.

[1] https://bugs.buildroot.org/show_bug.cgi?id=11591

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Youssef Harmouch <youssef.harmouch@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sslh: add optional libcap dependency

libcap dependency has been added in version 1.16 with
https://github.com/yrutschle/sslh/commit/009faa64b75801961f88ec5a7a09fd991168d4e9

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sslh: add optional pcre dependency

pcre dependency has been added in version 1.18 and
https://github.com/yrutschle/sslh/commit/ab3324be477b2663196e0cc73d96aa38d59da65a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/refpolicy: bump to version 2.20190201

Also change the site location to the non-archived URL.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/semodule-utils: bump to version 2.9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/restorecond: bump to version 2.9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/selinux-python: bump to version 2.9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/policycoreutils: bump to version 2.9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/checkpolicy: bump to version 2.9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libsemanage: bump to version 2.9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libselinux: bump version to 2.9

Other changes:
- Remove upstream patch
- Add PYTHON=$(LIBSELINUX_PYLIBVER) to LIBSELINUX_MAKE_OPTS
- Add PYTHON=$(HOST_LIBSELINUX_PYLIBVER) to HOST_LIBSELINUX_MAKE_OPTS

The python changes are necessary because libselinux python tools now defaults
to python3.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libsepol: bump version to 2.9

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/audit: bump version to 2.8.5

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/{mesa3d, mesa3d-headers}: bump version to 19.0.2

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/rust: bump version to 1.33.0

Bump rust to 1.33.0 with the following changes:

- drop support for jemalloc
- add dependency on host-openssl
- add a patch to fix bootstraping with rust 1.33.0 [1]

[1] https://github.com/rust-lang/rust/pull/57765

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/rust-bin: bump version to 1.33.0

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/cargo-bin: bump version to 0.33.0

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/wireguard: bump version to 0.0.20190406

For details of the changes, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2019-April/004062.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/android-tools: host-android-tools need pkg-conf

Host version of this package needs pkg-conf the same way as target
package: for Makefiles library dependencies retrieving.

Fixes:

http://autobuild.buildroot.net/results/8543eb3815a67747349a2e60654d19b9804a3a89/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/xz: fix whitespace

A strange unicode character was used instead of a standard white space

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/uboot-tools: add option to install fit_check_sign

This commit adds an option to install fit_check_sign to target for fit
image validation.

This will allow a fit image to have its signature and hashes validated
from Linux, assuming a device-tree of keys (the same as which is in
u-boot) is available.

Signed-off-by: Sam Voss <sam.voss@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/log4cplus: bump to version 2.0.4

- Remove atomic "hack", not needed since:
https://github.com/log4cplus/log4cplus/commit/f14427a871219ea69c3f26925bc2f92b87967dab
- Manage new lto option added by
https://github.com/log4cplus/log4cplus/commit/66d3d36495e0670f20d88b1bf2ba9245093ef2de

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pixman: bump version to 0.38.4

Removed patch 0002, applied upstream
https://cgit.freedesktop.org/pixman/commit/?id=7c6066b700c7cdd4aeb8be426b14b3a5f0de4b6c

Added md5 hash provided by upstream and sha256 hashes for tarball and
license file.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python3: fix hash for license file

The year was updated.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lldpd: add libcap optional dependency

libcap optional dependency has been added in version 1.0.2 with
https://github.com/vincentbernat/lldpd/commit/f6933edaf2edea12ef72ef7c70958c2a617f6a1f

Also refactor check and valgrind optional dependencies to put them on a
single line

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lldpd: bump to version 1.0.3

- Remove patch (already in version)
- Drop autoreconf as patch has been removed

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lldpd: add optional libxml2 dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lldpd: add optional netsnmp dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lldpd: remove --without-json

json option has been removed in version 0.9.7 with
https://github.com/vincentbernat/lldpd/commit/06987a24ce053cbb57f8853bbf544bc7c067c8aa

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/lldpd: update license file

- Instead of README.md, use LICENSE file that has been added in version
0.9.5 with
https://github.com/vincentbernat/lldpd/commit/4d534a60ee33aa2431acb6bfe6d499d2e72d66d5
- Add hash of license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Julien Floret <julien.floret@6wind.com
Signed-off-by: Fabrice Fontaine <<a href="mailto:fontaine.fabrice@gmail.com" target="_blank" rel="noreferrer">fontaine.fabrice@gmail.com</a>><br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/freerdp: bump version to 2.0.0-rc4

Add support to set tls security level (for openssl >= 1.1.0), for RDP
protocol version 10 (needed for windows 10 and windows server
2016). Also have some fix and features, see
https://github.com/FreeRDP/FreeRDP/commit/e21b72c95f857817b4b32b5ef5406355c005a9e8

Signed-off-by: Alexey Lukyanchuk <skif@skif-web.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libunwind: bump to version 1.3.1

- Remove first, third and fourth patches (already in version)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libnfs: bump version to 4.0.0

Removed patch 0002, applied upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/glm: bump version to 0.9.9.5

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/json-for-modern-cpp: bump version to 3.6.1

Updated license hash after upstream bumped copyright year:
https://github.com/nlohmann/json/commit/b37392b7ace1a830d95b7140bc6b449bd7c70a34#diff-8d416c704c45322db422b7169afb686a

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/rapidxml: fix install path

kodi-pvr-iptvsimple as of
https://github.com/kodi-pvr/pvr.iptvsimple/commit/d27b3ed1d379d2f865e95f08bdf2dbf086f8c0ad

depends on rapidxml but expects the headers in usr/include/rapidxml
instead of usr/include.

This changes the install path to be consistent with Debian and Gentoo:

https://packages.debian.org/stretch/all/librapidxml-dev/filelist
https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-libs/rapidxml/rapidxml-1.13-r1.ebuild#n22

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/clang: bump to 8.0.0

Clang no longer needs llvm-config. It now looks for LLVMConfig.cmake,
which is specified by LLVM_DIR option.

The license file hash changed due to a copyright year update:

-Copyright (c) 2007-2018 University of Illinois at Urbana-Champaign.
+Copyright (c) 2007-2019 University of Illinois at Urbana-Champaign.

Signed-off-by: Valentin Korenblit <valentinkorenblit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/llvm: bump to 8.0.0

The license file hash changed due to a copyright year update:

-Copyright (c) 2003-2018 University of Illinois at Urbana-Champaign.
+Copyright (c) 2003-2019 University of Illinois at Urbana-Champaign.

Signed-off-by: Valentin Korenblit <valentinkorenblit@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/xz: bump to version 5.2.4

- Switch site to https
- Update hash for COPYING: website URL changed from http to https

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/xz: update license

- Add COPYING to license files as it gives useful info on license
- Add "Public Domain" to XZ_LICENSE (see COPYING)
- Add hash for license files

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/linux-tools: some selftests needs kmod's modprobe

Some kernel-selftests are using modprobe options (-n) that are not available
from busybox's modprobe, so make sure that BR2_PACKAGE_KMOD_TOOLS is selected.

[linux-4.19 selftests]$ git grep tput
drivers/gpu/drm_mm.sh:if ! /sbin/modprobe -n -q test-drm_mm; then
drivers/usb/usbip/usbip_test.sh:if ! /sbin/modprobe -q -n usbip_host; then

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/linux-tools: some selftests needs tput

Some kernel-selftests are using tput program, so make sure that
BR2_PACKAGE_NCURSES_TARGET_PROGS is selected.

[linux-4.19 selftests]$ git grep tput
[...]
futex/run.sh:tput setf 7 || tput setaf 7
futex/run.sh: tput sgr0

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/linux-tools: some selftests needs util-linux schedutils

Some kernel-selftests are using taskset program, so make sure that
BR2_PACKAGE_UTIL_LINUX_SCHEDUTILS is selected.

[linux-4.19 selftests]$ git grep taskset
bpf/test_progs.c:       assert(system("taskset 0x1 ./urandom_read 100000") == 0);
cpu-hotplug/cpu-on-off-test.sh: taskset -p 01 $$
cpufreq/main.sh:        taskset -p 01 $$
netfilter/nft_trans_stress.sh:        ip netns exec "$testns" taskset $mask ping -4 127.0.0.1 -fq > /dev/null &
netfilter/nft_trans_stress.sh:        ip netns exec "$testns" taskset $mask ping -6 ::1 -fq > /dev/null &
rcutorture/bin/jitter.sh:       if ! taskset -p $cpumask $$ > /dev/null 2>&1

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/syslog-ng: fix segfault on startup due to pthread_atfork

syslog-ng may segfault at startup (during library initialization, before
reaching main) in newer toolchains. I have witnessed it on aarch64 (but with
32-bit arm userland) with glibc 2.28.

Problem is described in syslog-ng issue #2263 [1], which in turn leads to a
problem in 'ivykis' which is shipped with syslog-ng, see ivykis issue #15
[2].

Root cause is that 'pthread_atfork' is used by ivykis but searched by its
configure script in libpthread_nonshared only. In newer toolchains, it seems
this symbol is in libc_nonshared.

Apply a patch someone proposed via pullrequest [3] to the ivykis project,
but which is at this moment not yet merged upstream.

[1] https://github.com/balabit/syslog-ng/issues/2263
[2] https://github.com/buytenh/ivykis/issues/15
[3] https://github.com/buytenh/ivykis/pull/16

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python3: bump version to 3.7.3

Aslo remove upstream patch 0033.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/samba4: security bump to version 4.9.6

Fixes the following security vulnerabilities:

- CVE-2019-3870:
   During the provision of a new Active Directory DC, some files in the private/
   directory are created world-writable.
   https://www.samba.org/samba/security/CVE-2019-3870.html

- CVE-2019-3880:
   Authenticated users with write permission can trigger a symlink traversal to
   write or detect files outside the Samba share.
   https://www.samba.org/samba/security/CVE-2019-3880.html

For more details, see the release notes:
https://www.samba.org/samba/history/samba-4.9.6.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/civetweb: fix linking failure caused by wrong argument passed to pkg-config

On commit 027a8b29f1e62d5ff5bbb15b79376614f902a680 pkg-config has been
added to retrieve OpenSSL dependencies, but it's been passed `libssl`
instead of `openssl`, this makes fail some linking. Indeed we need
OpenSSL dependency, so let's use `openssl` with pkg-config.

Substitute `libssl` with `openssl`.

Fixes:

http://autobuild.buildroot.net/results/b225425ee237852bd9fee4ca0b8d24f3e37d64f9/

Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/nanopi_m1_plus: bump to linux 5.0 and u-boot 2019.01

This bumps to linux/linux-headers 5.0 and u-boot version 2019.01. The
kernel patch is no longer needed, as the Device Tree for the platform
is now upstream.

Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/nanopi_m1: bump to the linux 5.0 and u-boot 2019.01

This bumps to linux/linux-headers 5.0 and u-boot version 2019.01

Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/orangepi_plus: bump to linux 5.0 and u-boot 2019.01

This bumps to linux/linux-headers 5.0 and u-boot version 2019.01

Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/olimex_a64_olinuxino: bump to linux 5.0 and u-boot 2019.01

This bumps to linux/linux-headers 5.0 and u-boot version 2019.01

Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/orangepi_prime: bump to linux 5.0 and u-boot 2019.01

This bumps to linux/linux-headers 5.0 and u-boot version 2019.01

Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/pine64_sopine: bump to linux 5.0 and u-boot 2019.01

This bumps to linux/linux-headers 5.0 and u-boot version 2019.01

Signed-off-by: Shyam Saini <shyam.saini@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gettext: ensure GETTEXTIZE is always defined

After introducing gettext-tiny in:

5367a1b253 package/gettext-tiny: new package

GETTEXTIZE variable is conditionally defined separately by gettext-gnu
or gettext-tiny package depending on which of them is
enabled. However, gettext-gnu only defines it when the target
gettext-gnu package is enabled. This is wrong, because the target
gettext-gnu package is only needed when the C library doesn't provide
a proper gettext implementation (uClibc, musl). When glibc is used,
gettext functionality is provided by the toolchain, and the target
gettext-gnu package is not enabled, causing GETTEXTIZE to not be
defined. This causes build failures in packages that need
gettextizing, in configurations that have BR2_SYSTEM_ENABLE_NLS=y and
use glibc.

This commit fixes this issue by defining GETTEXTIZE unconditionally in
package/gettext/gettext.mk. It is not needed to define it in each
gettext-*.mk because the difference is only in passing the 'data_dir'
parameter which points to ${PREFIX}/share/gettext-tiny (in case of
gettext-tiny provider), but a simple symlink:

${PREFIX}/share/gettext -> ${PREFIX}/share/gettext-tiny

solves this issue.

Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
[Thomas: improve commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

.flake8: fix check for 80/132 columns

We recommend wrapping at 80 columns but we accept 132 columns when it
makes more readable.

When running flake8 locally, use maximum line length 80.
But when running in GitLab CI, keep the check-flake8 job failing only
for lines longer than 132.

Reported-by: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/gettext-gnu: fix typo BR2_PACKAGE_GETTEXT_GNU_PROVIDES_LIBINTL

After commit:

ea1e7ee606 package/gettext: turn into virtual package

package/gettext was renamed to package/gettext-gnu and introduced typo
BR2_PACKAGE_GETTEXT_GNU_PROVIDES_LIBINTL which should be
BR2_PACKAGE_GETTEXT_PROVIDES_LIBINTL (w/o "_GNU" part).

Reported-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gettext-tiny: drop dependency of host-variant on libiconv

The host variant of gettext-tiny incorrectly has a dependency on the
target libiconv. Not only this is wrong (a host package cannot use a
target library), but it also causes a circular dependencies:
host-gettext-tiny is needed as part of the toolchain build in some
configurations, and all target packages depend on the toolchain being
available.

For host packages, we assume that iconv functionnality is provided by
the host system, so there is no host-libiconv package.

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Reviewed-by: Alexey Brodkin <abrokdin@synopsys.com>
[Thomas: rework commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>