package/pipewire: new package

PipeWire is a server and user space API to deal with multimedia
pipelines.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Thomas:
 - further bump to 0.2.7
 - select BR2_PACKAGE_DBUS instead of depending on it]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/jimtcl: bump to version 0.79

- Switch site from debian to github official mirror
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-bluezero: Bump to version 0.3.0

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libgit2: security bump to version 0.28.4

Fixes the following CVE:

- CVE-2019-1351: Windows provides the ability to substitute
  drive letters with arbitrary letters, including multi-byte
  Unicode letters. To fix any potential issues arising from
  interpreting such paths as relative paths, we have extended
  detection of DOS drive prefixes to accomodate for such cases.

- CVE-2019-1352: by using NTFS-style alternative file streams for
  the ".git" directory, it is possible to overwrite parts of the
  repository. While this has been fixed in the past for Windows,
  the same vulnerability may also exist on other systems that
  write to NTFS filesystems. We now reject any paths starting
  with ".git:" on all systems.

- CVE-2019-1353: by using NTFS-style 8.3 short names, it was
  possible to write to the ".git" directory and thus overwrite
  parts of the repository, leading to possible remote code
  execution. While this problem was already fixed in the past for
  Windows, other systems accessing NTFS filesystems are
  vulnerable to this issue too. We now enable NTFS protecions by
  default on all systems to fix this attack vector.

- CVE-2019-1354: on Windows, backslashes are not a valid part of
  a filename but are instead interpreted as directory separators.
  As other platforms allowed to use such paths, it was possible
  to write such invalid entries into a Git repository and was
  thus an attack vector to write into the ".git" dierctory. We
  now reject any entries starting with ".git" on all systems.

libgit2 is not affected by these git CVE:

- CVE-2019-1348: the fast-import stream command "feature
  export-marks=path" allows writing to arbitrary file paths.

- CVE-2019-1349: by using NTFS 8.3 short names, backslashes or
  alternate filesystreams, it is possible to cause submodules to
  be written into pre-existing directories during a recursive
  clone using git.

- CVE-2019-1350: recursive clones may lead to arbitrary remote
  code executing due to improper quoting of command line
  arguments.

- CVE-2019-1387: it is possible to let a submodule's git
  directory point into a sibling's submodule directory, which may
  result in overwriting parts of the Git repository and thus lead
  to arbitrary command execution. As libgit2 doesn't provide any
  way to do submodule clones natively, it is not susceptible to
  this vulnerability. Users of libgit2 that have implemented
  recursive submodule clones manually are encouraged to review
  their implementation for this vulnerability.

Signed-off-by: Nicolas Cavallari <nicolas.cavallari@green-communications.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/beaglebone: kernel builds needs host-openssl

Fixes:

514 scripts/extract-cert.c:21:25: fatal error: openssl/bio.h: No such file or directory
515  #include <openssl/bio.h>

Seen at:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/378314247

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libnice: add optional dependency to openssl

Support for OpenSSL was added in version 0.1.15:
https://lists.freedesktop.org/archives/nice/2018-December/001443.html

With the option of using OpenSSL as a crypto provider, we can't keep
GnuTLS as the default, because using:

       select BR2_PACKAGE_GNUTLS if !BR2_PACKAGE_OPENSSL

causes a Kconfig circular dependency:

package/openssl/Config.in:4:error: recursive dependency detected!
package/openssl/Config.in:4: symbol BR2_PACKAGE_OPENSSL is selected by BR2_PACKAGE_GNUTLS
package/gnutls/Config.in:1: symbol BR2_PACKAGE_GNUTLS is selected by BR2_PACKAGE_OPENSSL

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: pass --with-crypto-library argument]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libnice: bump version to 0.1.16

Release notes:
https://lists.freedesktop.org/archives/nice/2018-December/001443.html
https://lists.freedesktop.org/archives/nice/2019-May/001444.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/harfbuzz: bump version to 2.6.4

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas:
 - drop patch 0001-pool-Fix-alignment-assertion.patch, which is in
   upstream commit aade9b70aabd8a97dd8a28cda2cf4d0694dd7350, available
   since version 2.6.0
 - further bump to 2.6.4]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/coreutils: bump version to 8.31

Added license hash.
Added patch to fix build error with uclibc.

Release notes:
https://lists.gnu.org/archive/html/coreutils/2019-03/msg00042.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/licheepi_zero: U-Boot needs pylibfdt

Like all Allwinner platforms, building the licheepi_zero U-Boot
configuration requires pylibfdt.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/378314331

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

board/pc/post-build.sh: fix typo in grub boot.img path

Commit 3468ef16fa55610bae3bacefaf816231a20cfab0
("configs/pc_x86_64_efi: use genimage GPT partition table support")
had a small typo on the path to grub boot.img file: i387-pc instead of
i386-pc, which causes a build failure.

Fixes:

  https://gitlab.com/buildroot.org/buildroot/-/jobs/378314412

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Alexandre PAYEN <alexandre.payen@smile.fr>
Cc: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/xdg-dbus-proxy: add patch to support building with musl

Import "0001-Fix-musl-compilation-by-adding-TEMP_FAILURE_RETRY.patch"
from the upstream repository, which allows building against the musl
libc (or any other which does not define the TEMP_FAILURE_RETRY macro).
The patch has been accepted upstream, but no releases have been made yet
which include the fix.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/wpewebkit: add option to enable sandboxing support

Add an option to enable WebKit's sandbox, which uses kernel
namespaces to isolate the processes used for Web content rendering
(WebKitWebProcess) and network/disk access (WebKitNetworkProcess).

The reason to have an option is that it needs additional dependencies
(bubblewrap, xdg-dbus-proxy, libseccomp), and that some users may
choose to deploy alternative solution (for example: putting all
of WebKit inside its own container, using systemd-nspawn or the
like).

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[Peter: select libseccomp]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/webkitgtk: select libseccomp when sandbox is enabled

Select BR2_PACKAGE_LIBSECCOMP when the sandboxing support is enabled
during configuration.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tpm2-tools: bump to version 4.1

- Drop patch (already in version)
- Update hash of license file (copyrights retained since version 4.0 and
  https://github.com/tpm2-software/tpm2-tools/commit/e4b469724eaa6eff0a1ce3bce9fd2ab9e010cd3b)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: disable man pages build]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tpm2-abrmd: bump to version 2.3.0

Drop dbus dependency as it is not needed since version 2.2.0 and
https://github.com/tpm2-software/tpm2-abrmd/commit/c1d42c9ebefbfe36255603aca065944836c14610

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: use --disable-defaultflags and explicitly pass -std=c99]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/openal: switch to github mirror

Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tpm2-totp: explicitly disable optional configure flags

Explicitly disable doxygen, plymouth, initramfstools and mkinitcpio support
as it is not needed / available in Buildroot.

Also use the new --disable-defaultflags option to ensure our compiler flags
are used rather than trying to disable -fstackprotector-all, similar to how
it is done in tpm2-tss.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tpm2-totp: bump to version 0.2.0

Add patch to fix build failure with musl

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tpm2-tss: bump to version 2.3.2

- Drop patch (already in version)
- Update hash of license file (SPDX ID has been removed with
  https://github.com/tpm2-software/tpm2-tss/commit/0dbc84ee45d0e4cd7eae528f53968f8877455aab)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: use --disable-defaultflags and explicitly pass -std=c99]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libkrb5: needs host-pkgconf for libedit

host-pkgconf is needed to find libedit

Fixes:
 - http://autobuild.buildroot.org/results/45eee300788f46975d292b21eead97f9e9a8b5d8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libscrypt: add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libnfc: add sub-options to enable individual drivers

Until now, the arygon and pn53x_usb were unconditionally enabled, and
there were no options to choose other drivers. Therefore, we had
sub-options for each individual driver, keeping arygon and pn53x_usb
enabled by default to preserve backward compatibility.

Also, due to this, the BR2_TOOLCHAIN_HAS_THREADS dependency on the
libnfc package is no longer needed, and is only needed for some of the
sub-options.

Signed-off-by: Louis Aussedat <aussedat.louis@gmail.com>
[Thomas:
 - drop the default ""
 - remove the top-level HAS_THREADS dependency, and move it down to
   the sub-options that need it
 - improve commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-aiozipkin: new package

Distributed tracing instrumentation for asyncio application
with zipkin.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-aiosignal: new package

aiosignal: a list of registered asynchronous callbacks.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-frozenlist: new package

A list-like structure which implements
collections.abc.MutableSequence.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-janus: new package

Mixed sync-async queue to interoperate between asyncio
tasks and classic threads.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-async-lru: new package

Simple lru_cache for asyncio.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-aiohttp-mako: new package

mako template renderer for aiohttp.web (http server for
asyncio).

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-aiohttp-debugtoolbar: new package

debugtoolbar for aiohttp.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-sockjs: new package

SockJS server implementation for aiohttp.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/glibc: bump version for post-2.30 security fixes

Fixes the following security vulnerability:

- CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
  environment variable during program execution after a security
  transition, allowing local attackers to restrict the possible mapping
  addresses for loaded libraries and thus bypass ASLR for a setuid
  program.  Reported by Marcin Kościelnicki.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-subprocess32: add PYTHON_SUBPROCESS32_CONFIGURE_CMDS

Since commit 1745fcde740057951dcc5429f3bfabd103b764a1,
python-subprocess32 fails to build because it runs configure with
incorrect arguments so add a PYTHON_SUBPROCESS32_CONFIGURE_CMDS

Fixes:
 - http://autobuild.buildroot.org/results/dcf944129392ee6cacc106e096d8d3adfa4447bb

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/webrtc-audio-processing: needs host-pkgconf

configure fails if the pkgconfig.m4 macros are not available during
this package autoreconf:

./configure: line 11829: syntax error near unexpected token `GNUSTL,'
./configure: line 11829: `  PKG_CHECK_MODULES(GNUSTL, gnustl)'

Fixes:
 - http://autobuild.buildroot.org/results/9cbdfb76ea38864fce1acca88714c48c41c77255

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ljsyscall: add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/ljsyscall: fix build with aarch64

luajit supports aarch64 since commit
2ca0accc21a090874ac6e97670b47153a1f0a0b5

However this raise a build failure with ljsyscall because aarch64
directory does not exist so use arm64 instead

Fixes:
 - http://autobuild.buildroot.org/results/3a0bd14349b3cab3e09d0b8b24ddab66dfab91ff

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/memtool: bump to version 2018.03.0

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/dialog: bump version to 1.3-20191210

Fixes a number of regressions in 1.3-20190808:

- Menu shadows are not longer (erroneously) drawn with --no-shadow
- Spaces in menu fields are now correctly handled on uClibc-ng

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/cups-filters: bump to version 1.26.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/cups: security bump to version 2.3.1

Fix CVE-2019-2228: The ippSetValuetag function did not validate the
default language value.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/polkit: needs C++11

polkit depends on spidermonkey since bump to version 0.116 in commit
ce2a5eff7890815afeb26105c7760b6f8d2986e0 however build fails with gcc 5:

/home/naourr/work/instance-0/output-1/host/opt/ext-toolchain/mips-linux-gnu/include/c++/5.3.0/bits/c++0x_warning.h:32:2: error: #error This file requires compiler and library support for the ISO C++ 2011 standard. This support is currently experimental, and must be enabled with the -std=c++11 or -std=gnu++11 compiler options.
 #error This file requires compiler and library support for the \
  ^
polkitbackendjsauthority.cpp:223:13: warning: G_ADD_PRIVATE
                                                  PolkitBackendJsAuthorityPrivate);
             ^
In file included from /home/naourr/work/instance-0/output-1/host/bin/../mips64el-buildroot-linux-gnu/sysroot/usr/include/mozjs-60/js/RequiredDefines.h:32:0,
                 from <command-line>:0:
/home/naourr/work/instance-0/output-1/host/bin/../mips64el-buildroot-linux-gnu/sysroot/usr/include/mozjs-60/mozilla/Char16.h:136:15: error: 'char16_t' does not name a type
 typedef const char16_t* char16ptr_t;
               ^

Fixes:
 - http://autobuild.buildroot.org/results/a7ea21a8e10f32239ee28f58331899912f232ca2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libp11: add host-pkgconf dependency for host variant

host-pkgconf is needed to find host-openssl

Fixes:
 - http://autobuild.buildroot.org/results/05adf424050cb56f74ae4106b3c9b61f8daff7d2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gpsd: remove bogus select of BR2_PACKAGE_GPSD_NTP_SHM

In commit 57f85e52a7b29363e76735930bc1bb51a38718ac ("package/gpsd:
unconditionally enable NTP time hinting support"), the option
BR2_PACKAGE_GPSD_NTP_SHM was removed, because NTP time hinting support
is now enabled unconditionally.

However, in one place, a select of this option was kept, which is
obviously no longer needed.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/openpowerlink: drop bogus select

There is no option BR2_PACKAGE_OPENPOWERLINK_PCAP_DAEMON, and we never
had any option named like this, so it seems like a leftover from
previous iterations of the openpowerlink patch series. Since the
option does not exist, the select doesn't do anything, and we can
simply drop it.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/easy-rsa: select the appropriate option for openssl binary

Since openssl was converted to a virtual package,
BR2_PACKAGE_OPENSSL_BIN no longer exists: it was renamed to
BR2_PACKAGE_LIBOPENSSL_BIN, but easy-rsa was not changed accordingly.

easy-rsa needs to take into account the two providers of openssl, and
select the appropriate suboptions depending on which openssl
implementation was chosen.

Ideally, we would probably need a more elaborate option that ensures
easy-rsa doesn't have to know the details of which openssl
implementation is selected, but practically speaking with just two
providers of openssl at the moment, the proposed solution is good
enough.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/syslog-ng: remove bogus select

The eventlog package was removed as part of commit
5e0b1f9c2386e9184256b10ca19a6a7e4f4865cc ("package/eventlog: remove
package"). It used to be a separate package, but it is now part of
syslog-ng itself, which is why the eventlog package was removed.

But commit 5e0b1f9c2386e9184256b10ca19a6a7e4f4865cc forgot to drop the
select BR2_PACKAGE_EVENTLOG, so let's fix this.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gstreamer1/gst1-plugins-bad: drop bogus select

BR2_PACKAGE_WEBRTC does not exist, and we already select
BR2_PACKAGE_WEBRTC_AUDIO_PROCESSING, which is the package really
needed by the webrtcdsp plugin.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-pylibftdi: Fix LICENSE hash after 0.18.1 bump

Commit dd90d40b5226 (package/python-pylibftdi: bump version to 0.18.1)
bumped the version of the package but failed to take into account the change
of copyright year in the license file:

-Copyright (c) 2010-2018 Ben Bass
+Copyright (c) 2010-2019 Ben Bass

Adjust the license file to match the new content.

Signed-off-by: Christian Kellermann <christian.kellermann@solectrix.de>
[Peter: extend commit message, add SOB]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-pyasn-modules: select correct option

BR2_PACKAGE_PYASN does not exist, it is BR2_PACKAGE_PYTHON_PYASN that
should be selected.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/efl: drop invalid select BR2_PACKAGE_XLIB_LIBXP

The option BR2_PACKAGE_XLIB_LIBXP does not exist, but is select by
efl/Config.in since the package was introduced. Since all xlib_*
dependency in the .mk file each have a corresponding select in the
Config.in file, we simply drop this bogus dependency.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/webkitgtk: add option to enable sandboxing support

Add an option to enable WebKit's sandbox, which uses kernel
namespaces to isolate the processes used for Web content rendering
(WebKitWebProcess) and network/disk access (WebKitNetworkProcess).

The reason to have an option is that it needs additional dependencies
(bubblewrap, xdg-dbus-proxy, libseccomp), and that some users may
choose to deploy alternative solutions (for example: putting all
of WebKit inside its own container, using systemd-nspawn or the
like).

Patch "0002-GTK-WPE-Do-not-run-the-Bubblewrap-executable-when-co.patch"
is imported from upstream, as it is needed to avoid trying to run
the "bwrap" command from the target during cross-compilation.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/pango: add dependency on libfribidi

Since commit 5cce413eb11ac75f5c48ed351896c5d1c33961d5 ("package/pango:
bump to version 1.44.6"), pango needs libfribidi. Through the Meson
subprojects mechanism, it tries to download it by itself if not
available. But in Buildroot, we definitely want to use the separate
libfribidi package, so let's add it as a dependency of pango.

Fixes:
  http://autobuild.buildroot.net/results/f16fda910da23dfe5f8ac1cb51f9dbcec444b516

  subprocess.CalledProcessError: Command '['git', 'clone', 'https://github.com/fribidi/fribidi.git', 'fribidi']' returned non-zero exit status 128.

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libfribidi: enable host build

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libqmi: bump to version 1.24.2

Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/xdg-dbus-proxy: new package

xdg-dbus-proxy is a filtering proxy for D-Bus connections, which can
be used to limit access to a set of services. Typically it is used in
combination with containers to provide them with access to certain
services running outside the container.

https://github.com/flatpak/xdg-dbus-proxy

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
[Peter: license is LGPL-2.1+]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/imx7d-sdb: bump U-Boot and kernel versions

Bump kernel to 5.4.1 version and U-Boot to 2019.10.

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sdl_mixer: prefer tremor over libvorbis

When Tremor is enabled, configure SDL_mixer to use this Vorbis decoding
library instead of libvorbis. Since Tremor does fixed-point math, it is
safe to assume that if it's enabled then it is faster than libvorbis on
the target architecture.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-multidict: bump to version 4.7.1

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/modem-manager: bump to version 1.12.2

Signed-off-by: Aleksander Morgado <aleksander@aleksander.es>
Tested-by: Carlos Santos <unixmania@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Revert "support/download/git: rename local refs to avoid confusing Git warning"

This reverts commit 6f35d967564863ab150eabf32ca462889bf1e049.

Repeat after me: on the master branch you will not work. On the master
branch you will not work.

This definitely shouldn't have been pushed. Sorry about that.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

boot/boot-wrapper-aarch64: add gicv3 support

This patch adds support for GICv3 (such as GIC-500).

Signed-off-by: Jan Kotas <jank@cadence.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

boot/boot-wrapper-aarch64: improve dtb handling

This patch improves the DTB handling, using a parameter
in more recent versions of the bootwrapper.

Signed-off-by: Jan Kotas <jank@cadence.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

boot/boot-wrapper-aarch64: bump version

This patch bumps the bootwrapper version to the latest.

Signed-off-by: Jan Kotas <jank@cadence.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/download/git: rename local refs to avoid confusing Git warning

Running "git fetch origin ${cset}:${cset}" to create a local ref
${cset} from the remote ref ${cset} causes Git to issue a warning like
the below, when the version is a full commit hash:

===

warning: refname '49eb4ecb1ef9879ebc6789a1bdb536ab2b1d9871' is ambiguous.
Git normally never creates a ref that ends with 40 hex characters
because it will be ignored when you just specify 40-hex. These refs
may be created by mistake. For example,

  git switch -c $br $(git rev-parse ...)

where "$br" is somehow empty and a 40-hex ref is created. Please
examine these refs and maybe delete them. Turn this message off by
running "git config advice.objectNameWarning false"

===

This warning is very confusing for users, and is caused by the fact
that Git doesn't like our local ref name to look like a commit hash.

So, this commit proposes to fix the issue by having the local ref
named buildroot-${cset}, i.e
buildroot-${version-specified-by-the-package}.

The generated tarballs are exactly identical, nothing changes, it is
really just internally the local ref we are using to checkout the
correct version that is different. And it avoids the confusing
warning.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/dante: add optional libminiupnpc dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/dante: remove --without-pam

--without-pam was wrongly put back when next was merged into master for
2019.02 in commit 13c43455a05b (Merge branch 'next')

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Peter: mention next merge]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-pylibftdi: bump version to 0.18.1

Signed-off-by: Christian Kellermann <christian.kellermann@solectrix.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-aiologstash: new package

asyncio-compatible logstash logging handler.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-logstash: new package

Python logging handler for Logstash.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libuio: add missing dependency on host-pkgconf

configure fails if the pkgconfig.m4 macros are not available during
this package autoreconf:

./configure: line 12003: syntax error near unexpected token `PKGCONF,'
./configure: line 12003: `   PKG_CHECK_MODULES(PKGCONF, glib-2.0)

Fixes:

  http://autobuild.buildroot.net/results/9be944e35090bf270fbc9572423466be9af7b1f2/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/pkg-generic.mk, support/scripts/fix-rpath: fix per-package regexp

Commit c4e6d5c8be6ada8e7c60950e3b499c55d48761cb ("core: implement
per-package SDK and target") had a mistake on the regexp that is used
to match $(PER_PACKAGE_DIR)/<something>/, and due to this, the regexp
was never matched.

The + sign in [^/]+ which was suggested by Yann E. Morin during the
review of the per-package patch series (instead of [^/]*) needs to be
escaped to be taken into account correctly. Without this, the regexp
doesn't match, and the replacement is not done, causing:

 (1) For the libtool fixup in pkg-generic.mk, the lack of replacement
     causes libtool .la files to not be tweaked as expected, which it
     turn causes build failures reported by the autobuilder.

 (2) For the fix-rpath, the RPATH of host binaries in the SDK were not
     correct.

Interestingly, we have the same regexp in
support/scripts/check-host-rpath, but here the + sign does not need to
be escaped.

Fixes:

  http://autobuild.buildroot.net/results/d4d996f3923699e266afd40cc7180de0f7257d99/ (libsvg-cairo)
  http://autobuild.buildroot.net/results/56330f86872f67a2ce328e09b4c7b12aa835a432/ (bind)
  http://autobuild.buildroot.net/results/9e0fc42d2c9f856b92954b08019b83ce668ef289/ (ibrcommon)
  and probably a number of other similar issues

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libostree: bump to version 2019.6

Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/git: security bump to version 2.24.1

Fixes the following security vulnerabilities:

* CVE-2019-1348:
   The --export-marks option of git fast-import is exposed also via
   the in-stream command feature export-marks=... and it allows
   overwriting arbitrary paths.

 * CVE-2019-1349:
   When submodules are cloned recursively, under certain circumstances
   Git could be fooled into using the same Git directory twice. We now
   require the directory to be empty.

 * CVE-2019-1350:
   Incorrect quoting of command-line arguments allowed remote code
   execution during a recursive clone in conjunction with SSH URLs.

 * CVE-2019-1351:
   While the only permitted drive letters for physical drives on
   Windows are letters of the US-English alphabet, this restriction
   does not apply to virtual drives assigned via subst <letter>:
   <path>. Git mistook such paths for relative paths, allowing writing
   outside of the worktree while cloning.

 * CVE-2019-1352:
   Git was unaware of NTFS Alternate Data Streams, allowing files
   inside the .git/ directory to be overwritten during a clone.

 * CVE-2019-1353:
   When running Git in the Windows Subsystem for Linux (also known as
   "WSL") while accessing a working directory on a regular Windows
   drive, none of the NTFS protections were active.

 * CVE-2019-1354:
   Filenames on Linux/Unix can contain backslashes. On Windows,
   backslashes are directory separators. Git did not use to refuse to
   write out tracked files with such filenames.

 * CVE-2019-1387:
   Recursive clones are currently affected by a vulnerability that is
   caused by too-lax validation of submodule names, allowing very
   targeted attacks via remote code execution in recursive clones.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

SDL_mixer: Add support for libmodplug

Add support for playing back tracker modules using libmodplug.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/sunxi-mali-mainline-driver: bump version

For A64 frequency stability.

git shortlog --invert-grep --grep=travis --no-merges
a5e38ca3f05f0f74fdd5e85a711c964383ad23df..
Vasily Khoruzhick (1):
      Set GPU clock to 432MHz on A64

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-tqdm: bump to version 4.40.1

Signed-off-by: Louis Aussedat <aussedat.louis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/friendlyarm_nanopi_neo_plus2: use an extlinux instead of boot.cmd

This remove the file boot.cmd to use an extlinux.conf instead.

Signed-off-by: Louis Aussedat <aussedat.louis@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gst-omx: bump version to 1.16.2

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gstreamer1-editing-services: bump version to 1.16.2

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gst1-rtsp-server: bump version to 1.16.2

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gst1-vaapi: bump version to 1.16.2

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gst1-libav: bump version to 1.16.2

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gst1-validate: bump version to 1.16.2

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gst1-plugins-ugly: bump version to 1.16.2

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gst1-plugins-bad: bump version to 1.16.2

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gst1-plugins-good: bump version to 1.16.2

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gst1-plugins-base: bump version to 1.16.2

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

gstreamer1: bump version to 1.16.2

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/lirc-tools: use single quote with SETUPTOOLS_ENV

With the change to pkg-python to use TARGET_CONFIGURE_OPTS in
PKG_PYTHON_SETUPTOOLS_ENV in commit 1745fcde74, the
LIRC_TOOLS_MAKE_ENV is incorrect as it sets the SETUPTOOLS_ENV using
double quotes. This causes issues because the
PKG_PYTHON_SETUPTOOLS_ENV contain double quotes as well. This causes a
build error such as:

  /bin/sh: -I/home/naourr/work/instance-0/output-1/host/include
          CXXFLAGS_FOR_BUILD=-O2: No such file or directory

Fix this by using single quotes with PKG_PYTHON_SETUPTOOLS_ENV instead
of double quotes.

Fixes:
  http://autobuild.buildroot.net/results/f7a9c02add9bde563c7289f7c0be2cb7aefd96b8

Signed-off-by: Ryan Barnett <ryan.barnett@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

configs/wandboard: Bump the kernel version to 5.4.1

Bump the kernel version to 5.4.1.

Signed-off-by: Fabio Estevam <festevam@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/swupdate: bump to version 2019.11

Add support for:
 * mbedTLS as SSL choice
 * zstd as compression option
 * libgpiod to support microcontroller firmware update
 * efibootmgr to support EFI Boot Guard
 * libwebsockets and liburiparser to support SWU forwarder

Also:
 * drop upstream patches
 * drop CONFIG_GUNZIP. Setting it because Buxybox provides a binary named gunzip is wrong.
   CONFIG_GUNZIP should only be set if zlib is provided, which Buxybox'
   gunzip does not.

Regenerated the .config file by doing:

```
make swupdate-menuconfig
make swupdate-update-config
```
.. and removing the paths for the build options manually.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-yarl: bump to version 1.4.2

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/gdb: disable gdbserver if full gdb is enabled for ARC

With recent update of ARC toolchain to arc-2019.09-eng/rc1 versions
GDB package builds started to fail in autobuilder:

 http://autobuild.buildroot.net/results/bc5/bc52d0012944e15dee30a6e00a92f23c87d0dfda//

This error is caused by 73cc72729a18 ("Move gnulib to top level")
commit in binutils-gdb master branch and appears in ARC case because
arc-2019.09 GDB is based on binutils-gdb master branch and includes
this commit.

More information about this bug can be found there:
https://sourceware.org/bugzilla/show_bug.cgi?id=24729
https://sourceware.org/bugzilla/show_bug.cgi?id=25171
https://github.com/foss-for-synopsys-dwc-arc-processors/binutils-gdb/issues/30

Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: arc-buildroot@synopsys.com
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/imx-mkimage: bump to rel_imx_4.14.98_2.0.0_ga

This patch update the imx-mkimage package to version
rel_imx_4.14.98_2.0.0_ga.

Signed-off-by: Julien Olivain <juju@cotds.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/isl: bump to version 0.22

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/shairport-sync: add mqtt option

Shairport Sync added support for the MQTT protocol in version 3.2. For
full MQTT support Avahi and DBus support are required.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/shairport-sync: add dbus option

Shairport Sync added DBus support in version 3.2.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/shairport-sync: add audio DSP convolution option

Already in version 3.1, shairport-sync added audio DSP convolution support. This
optional feature requires the sndfile library.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/shairport-sync: make libdaemon an optional dependency

Since version 3.3 libdaemon is an optional dependency.

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/shairport-sync: bump to version 3.3.5

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>