wireshark: add libxml2 optional dependency

Optional dependency to libxml2 has been added with version 2.4.0 and
https://github.com/wireshark/wireshark/commit/cfab5ef035db7be8502623af203ab3494a9200e3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

wireshark: bump to version 2.6.4

- Remove first patch (inet_pton test removed since version 2.5.0 and
  https://github.com/wireshark/wireshark/commit/12d63c428f973b1f7e04ad58d432d778e2035a9a)
- Remove second patch (already in version, since
  https://github.com/wireshark/wireshark/commit/3761ef378537f6a9e0424f7cbded7e7403ba425c)
- Remove WIRESHARK_AUTORECONF=yes as configure.ac is not patched anymore
- gcrypt is a mandatory dependency since version 2.4.0 and
  https://github.com/wireshark/wireshark/commit/6b84ddee83e70aff944da084129624226b7a32fa
- geoip support has been replaced by maxminddb since version 2.5.0 and
  https://github.com/wireshark/wireshark/commit/a1da75c554881667dd92e11f098630f2d604872b
- Drop includedir "hack", this is not needed anymore and wireshark is
  now installing files in target. With this hack, build fails on:
  wireshark: installs files in /home/fabrice/buildroot/output/target//home/fabrice/buildroot/output
  package/pkg-generic.mk:310: recipe for target '/home/fabrice/buildroot/output/build/wireshark-2.6.4/.stamp_target_installed' failed
- Disable all new optional features

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Arnout: keep optional dependencies alphabetic on Config.in name;
         add comment of libgcrypt -> libgpg-error dependency.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

Config.in: security hardening: disable FORTIFY_SOURCE for gcc < 6

As reported in the bug report [1], gcc < 6 doesn't build when
FORTIFY_SOURCE is set to 1 or 2. The issue is related to the
upstream bug report [2] but the patch fixing the issue for gcc 6
has not been backported to earlier gcc versions.

Add a dependency on gcc at least version 6 to BR2_FORTIFY_SOURCE_1
and BR2_FORTIFY_SOURCE_2.

[1] https://bugs.busybox.net/show_bug.cgi?id=11476
[2] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61164
[3] https://github.com/gcc-mirror/gcc/commit/55f12fce4ccf77513644a247f9c401a5b1fa2402

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Matthew Weber <matthew.weber@rockwellcollins.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
[Peter: only limit for internal toolchain as suggested by Matthew]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

ifupdown-script: send current hostname in DHCP request

For the default (BR2_SYSTEM_DHCP) /etc/network/interfaces handling.

Both the "big" and busybox ifupdown variants pass the hostname argument to
the DHCP client through the shell, so we can use $() to expand to the
current hostname value.

Notice that this may not be handled by all DHCP clients.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

ngrep: fix static build

Commit 54eeb08d6498e54cc77e212e4f9873b579f76638 wrongly replaced
`$(STAGING_DIR)/usr/bin/pcap-config --static --additional-libs` by
"$(STAGING_DIR)/usr/bin/pcap-config --static --additional-libs"

Fixes:
 - http://autobuild.buildroot.org/results/3dd8c768beef075494d6be7eff4cbb57b5ec8a41

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

webkitgtk: disable JIT usage on MIPS32 R6

Currently JavaScriptCore does not support JIT on MIPS32 R6, so remove
it from the list of supported architectures. Reported upstream:

  https://bugs.webkit.org/show_bug.cgi?id=191258

This fixes the following autobuilder failure:

  http://autobuild.buildroot.net/results/eeaf3edbf6f5bf468b10adc3d053f703c6ceba96/

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ffmpeg: bump version to 3.4.5

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/tor: bump version to 0.3.4.9

Release notes: https://blog.torproject.org/new-release-tor-0349

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/ngrep: add optional dependency on libdnet

- Enable tcpkill based on libnet availability
- Add BSD-3-Clause for tcpkill, added in version 1.46 and
  https://github.com/jpr5/ngrep/commit/f2a1f8b09194a8ab87787c1fdb60b968f5957c05

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/ngrep: bump to version 1.47

- Switch site from sourceforge to github as there is no new releases on
  sourceforge and http://ngrep.sourceforge.net/ is redirected to
  https://github.com/jpr5/ngrep/
- Remove first patch, not needed since version 1.46 and
  https://github.com/jpr5/ngrep/commit/997c9d81d34d3a6646e6c5e363645015e644b3de
  as this commit added the support for system pcre
- Remove second patch, not needed since version 1.46 and
  https://github.com/jpr5/ngrep/commit/2d8fd9ac7ef1ac6947f738f6005e7b533654f331
- Remove third patch and LIBS=-lpcap -lpcre, not needed since 1.46 and
  https://github.com/jpr5/ngrep/commit/cca6e3121f2d80dd32a5a33dead9495fe40eed70
- LICENSE.txt has been renamed to LICENSE since version 1.47 and
  https://github.com/jpr5/ngrep/commit/3cb4c580a9de4afe11c2c17b0f354b59b74ae974
- Add an upstream patch to fix --enable-pcre: keep pcre as a mandatory
  dependency as this is the current behavior in version 1.45. PCRE will
  made optional in an other patch
- Remove --with-pcre which is not recognized anymore
- Add two other patches to fix --disable-tcpkill
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libssh2: fix static linking scenarios involving mbedtls

curl can be statically linked with mbedtls, in this case build will fail
on:
kex.c:(.text+0x1be0): undefined reference to `mbedtls_mpi_read_binary'

This is due to the fact that CURL_LIBRARIES does not contain mbedtls
library:
CURL_LIBRARIES:INTERNAL=curl;cares;ssh2;ssh2;z;ssl;crypto;z;z;crypto;z;z;ssl;z;z;crypto;z

even if libcurl.pc is correct:
Libs.private: -lcares -lssh2 -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lssh2 /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lz -lssl -lcrypto -lssl -lz -lz -lcrypto -lz -lz

This full library path is added by patch
0002-acinclude.m4-add-mbedtls-to-LIBS.patch on libssh2 so update it to
replace $LIBMBDEDCRYPTO by -lmbedcrypto

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Revert "package/libssh2: fix static linking scenarios involving mbedtls"

This reverts commit 48218732a3a7b983825ff3a8cf0767f847ac8d04 because
LTLIBMBEDCRYPTO will return "-lmbedcrypto
-R/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib"

On some compilers, -R option won't be recognized and this will prevent
the detection of libz:

configure:17809: /accts/mlweber1/scripts/instance-3/output/host/bin/i586-linux-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64  -Os   -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -I/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/include  conftest.c /accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib/libz.so -Wl,-rpath -Wl,/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib  -L/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib -lmbedcrypto -R/accts/mlweber1/scripts/instance-3/output/host/i586-buildroot-linux-musl/sysroot/usr/lib >&5
i586-linux-gcc.br_real: error: unrecognized command line option '-R'; did you mean '-R'?

Fixes:
 - http://autobuild.buildroot.org/results/68623f22b49473177c889fe7b12625d779cbd1ed

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

toolchain: disable SSP support if CFI support in binutils is missing

As reported by [1], SSP support is missing in the Buildroot toolchain
for microblaze even if it's requested by selecting
BR2_TOOLCHAIN_HAS_SSP config option.

In Buildroot, we are using libssp provided by the C library (glibc,
musl, uClibc-ng) when available. We are not using libssp from gcc.

So for a microblaze glibc based toolchain, the SSP support is enabled
unconditionally by a select BR2_TOOLCHAIN_HAS_SSP.

BR2_microblazeel=y
BR2_TOOLCHAIN_BUILDROOT_GLIBC=y
BR2_KERNEL_HEADERS_4_14=y
BR2_BINUTILS_VERSION_2_30_X=y
BR2_GCC_VERSION_8_X=y
BR2_TOOLCHAIN_BUILDROOT_CXX=y

While building the toolchain, we are building host-binutils which
provide "as" (assembler) and host-gcc-initial wich provide a
minimal cross gcc (C only cross-compiler without any C library).
When SSP support is requested, gcc_cv_libc_provides_ssp=yes is
added to the make command line (see [2] for full details)

With this setting, the SSP support is requested but it's not available
in the end and the toochain build succeed.

When the microblaze toolchain is imported to Biuldroot (2018.05) as
external toolchain with BR2_TOOLCHAIN_EXTERNAL_HAS_SSP set, the build
stop with :
"SSP support not available in this toolchain, please disable BR2_TOOLCHAIN_EXTERNAL_HAS_SSP"

The test is doing the following command line:

echo 'void main(){}' | [...]/host/bin/microblazeel-linux-gcc.br_real -Werror -fstack-protector -x c - -o [...]/build/.br-toolchain-test.tmp
cc1: error: -fstack-protector not supported for this target [-Werror]

When we look at the gcc-final log file (config.log) we can see this
error several time when using the minimal gcc (from host-gcc-initial).
So Why the minimal gcc doesn't support SSP?

When we look at the gcc-initial log file (config.log) we can see an
error with 'as':

configure:23194: checking assembler for cfi directives
configure:23209: [...]microblazeel-buildroot-linux-gnu/bin/as    -o conftest.o conftest.s >&5
conftest.s: Assembler messages:
conftest.s:2: Error: CFI is not supported for this target
conftest.s:3: Error: CFI is not supported for this target
conftest.s:4: Error: CFI is not supported for this target
conftest.s:5: Error: CFI is not supported for this target
conftest.s:6: Error: CFI is not supported for this target
conftest.s:7: Error: CFI is not supported for this target
configure:23212: $? = 1
configure: failed program was
    .text
    .cfi_startproc
    .cfi_offset 0, 0
    .cfi_same_value 1
    .cfi_def_cfa 1, 2
    .cfi_escape 1, 2, 3, 4, 5
    .cfi_endproc

This is the only relevant difference compared to a nios2 toolchain where
libssp is enabled and available (nios2 is an example).

"CFI" stand for "Control Flow Integrity" and it seems that SSP support
requires CFI target support (see [3] for some explanation).

The SSP support seems to depends on CFI support, but the toolchain
infrastructure is not detailed enough to handle the CFI dependency.

The NiosII toolchains built with binutils < 2.30 are also affected by
this issue.

This patch improve the toolchain infrastructure by adding a new
BR2_PACKAGE_HOST_BINUTILS_SUPPORTS_CFI blind option

Disable SSP support for microblaze entirely.
Disable SSP support for nios2 only with Binutils < 2.30.

Fixes:
https://gitlab.com/free-electrons/toolchains-builder/-/jobs/72006389

[1] https://gitlab.com/free-electrons/toolchains-builder/issues/1
[2] https://git.buildroot.net/buildroot/tree/package/gcc/gcc.mk?h=2018.05#n275
[3] https://grsecurity.net/rap_faq.php

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Thomas: adjust how the BR2_PACKAGE_HOST_BINUTILS_SUPPORTS_CFI option
is expressed.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/php: add support for PostgreSQL (non-PDO)

Needed for example for phppgadmin.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: add missing BR2_USE_WCHAR dependency.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/audit: bump to version 2.8.4

Fix a segfault in auditd when dns resolution isn't available. Additional
changes since 2.8.2 can be seen at

    http://people.redhat.com/sgrubb/audit/ChangeLog

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

linux: enable CONFIG_AUDIT if the audit package is selected

We already turn on kernel features for several packages, so let's do it
for audit too, since the daemon is useless and fails to load otherwise.

Notice that we also turn NET on, since AUDIT depends on NET, like we do
for the wireguard package.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/audit: ensure that it starts after the logging daemon

audit uses syslog(). Rename its init script to S02auditd to ensure that
it will start after syslogd. Otherwise the initial log messages will be
sent to the console (and probably lost, since almost nobody watches the
system console on embedded systems).

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/audit: fix audispd path in auditd.conf

audispd is installed at /usr/sbin but the configuration file pointed
to /sbin, causing auditd to fail on startup.

This patch cannot be sent upstream because audispd does not exist
anymore on the master branch (it was merged to auditd).

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libssh2: fix static linking scenarios involving mbedtls

curl can be statically linked with mbedtls, in this case build will
fail on:
kex.c:(.text+0x1be0): undefined reference to `mbedtls_mpi_read_binary'

This is due to the fact that CURL_LIBRARIES does not contain mbedtls
library:
CURL_LIBRARIES:INTERNAL=curl;cares;ssh2;ssh2;z;ssl;crypto;z;z;crypto;z;z;ssl;z;z;crypto;z

even if libcurl.pc is correct:
Libs.private: -lcares -lssh2 -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lssh2 /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a /home/fabrice/buildroot/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libmbedcrypto.a -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -L/home/fabrice/buildroot/output/host/bin/../arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib -lz -lssl -lcrypto -lssl -lz -lz -lcrypto -lz -lz

This full library path is added by patch
0002-acinclude.m4-add-mbedtls-to-LIBS.patch on libssh2 so update it to
replace $LIBMBDEDCRYPTO by $LTLIBMBEDCRYPTO as suggested by Thomas
during review of https://patchwork.ozlabs.org/patch/989339

Fixes:
 - http://autobuild.buildroot.org/results/dc7810d5d5c62658837cdd2faae6fe3390f968a2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/x11r7/xdriver_xf86-video-geode: add upstream commits to fix build errors

Fixes
http://autobuild.buildroot.net/results/a9b/a9baf6ecf147f336021edda20bb091b8aa071209/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/wireshark: add libkrb5 optional dependency

Specify the path to found libkrb5 as this is done for other options

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libv4l: disable clang

For the time being, disable clang that is used to build BPF (in-kernel
bytecode machine) protocols.
Indeed, if an old version of clang is found on the host, it could be
used to build object files with a "None" architecture which will be
rejected by support/scripts/check-bin-arch

Fixes:
 - http://autobuild.buildroot.org/results/c18fb7f1ac81496db9c3a4e91ea028a26ca600b0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

uboot: bump to version 2018.09

Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs/Config.in: remove consecutive empty lines

This fixes the following check-package warning:

fs/f2fs/Config.in:51: consecutive empty lines

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

DEVELOPERS: add entry for fs/f2fs/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: add option to define list of filesystem features

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: split from the initial patch from Grzegorz]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: add option to define discard policy

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: split from the initial patch from Grzegorz]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: add option to define overprovision ratio

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: split from the initial patch from Grzegorz, reworded
Config.in help text]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: add option to define list of cold file extensions

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: split from the initial patch from Grzegorz]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/f2fs: add support for creating a f2fs image

This patch makes possible to create rootfs image using f2fs
filesystem.

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas:
 - keep only the minimal functionality, as suggested by Yann E. Morin
 - use truncate -s instead of dd to create the initial empty image
   file, as suggested by Yann E. Morin]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/f2fs-tools: add host variant

Having a host variant of this package is useful to create f2fs
filesystem images.

Signed-off-by: Grzegorz Blach <grzegorz@blach.pl>
[Thomas: add explicit --without-blkid and --without-selinux options,
following the review from Yann E. Morin.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/bdwgc: drop AUTORECONF = YES

Since commit 4e1dbd063d1f3ea7dfc95698320f6fd40139085d ("package/bdwgc:
bump to version 8.0.0"), we no longer have any patch that requires
autoreconf. In addition, the libtool shipped with the package seems to
no longer be bogus, because it builds perfectly fine without
autoreconf. Therefore, let's drop this autoreconf.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libv4l: add missing bpf_common.h header

Fixes [1] (for older toolchains not providing this header):

    CC       keytable.o
  In file included from bpf.h:26:0,
                   from keytable.c:37:
  ../../include/linux/bpf.h:12:10: fatal error: linux/bpf_common.h: No such file or directory
   #include <linux/bpf_common.h>
            ^~~~~~~~~~~~~~~~~~~~

[1] http://autobuild.buildroot.org/results/d22c0939eed4bc949f7eaeae7595d01ec45cc2cd

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-urllib3: bump to version 1.24.1

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

gcc: Don't mess with test-suite exclusion

We used to exclude GCC's test-suite for quite some time now
mostly for the sake of space reduction.

But:
 1. On each GCC version bump we need to revise that functionality
    as we need to accommodate changes in GCC sources and this
    couldn't be automated

 2. The space reduction is significant, but not huge. The two test
    suites together take up 290MB, out of 660MB total for GCC (each of
    them times two because there is the -initial and -final copy).
    However, whenever we build GCC, we also have kernel headers (about
    900MB) and a libc (e.g. glibc is 250MB). So at best, it saves less
    than 20%.

 3. It doesn't really save on build time either.
    Below are timings of 2 runs on my laptop:

    a) Vanilla master:
    --------------------->8---------------------
    time make host-gcc-final
    real 7m15.114s
    user 19m36.611s
    sys  2m26.927s
    --------------------->8---------------------

    b) master + testsuite:
    --------------------->8---------------------
    time make host-gcc-final
    real 7m59.860s
    user 20m21.668s
    sys  2m36.618s
    --------------------->8---------------------

    From figures above it's seen that difference is ~45 seconds
    or ~10%. On both host-gcc-initial and -final we may save ~1.5
    minutes... but these are not the only components we build and
    compared to a total toolchain build time IMHO it is not that
    much time to care especially traded for maintenance costs
    on GCC version bumps.

Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Cc: Romain Naour <romain.naour@gmail.com>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
[Arnout: add explanation about size impact.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/davici: new package

This patch adds davici which is an alternative implementation of the
VICI client protocal used by Strongswan.  It targets better integration
with software stacks and uses a asynchronous, non-blocking API that can
be integrated in third-party main dispatching loops without the use of
threads.

Signed-off-by: Jared Bents <jared.bents@rockwellcollins.com>
[Thomas: fix license, it's LGPL-2.1+, add entry in DEVELOPERS file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/wireshark: add lua optional dependency

- lua 5.3 or luajit is not supported
- Don't specify the path to find lua as pkgconfig is used for lua
  (this is not the case for the other options)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/wireshark: add libssh optional dependency

- Optional dependency to libssh has been added with version 2.2.1 and
  https://github.com/wireshark/wireshark/commit/d6da95231ee790fd884ca2a41fe59aa9b05ccde9
- Specify the path to found libssh as this is done for other options

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

utils/scanpypi: use archive file name to specify the extraction folder

Some packages have archive name that is different from package name.
For example websocket-client's archive name is websocket_client-*.tar.gz.
scanpypi expects the temporary extract folder to be:

/tmp-folder/BR-package-name/PyPI-packagename-and-version

In the case of websocket-client package the real extraction folder
will be different from the expected one because of the '_' in the
archive file name.

Use archive file name instead of package name to specify the extraction
folder. As the version is already part of this file, we don't need to
specify it.

Bonus: remove obsolete "return None, None" as the function doesn't return
anything. OSError class doesn't provide "message" member, so replace it
with "strerror".

Fixes:
https://bugs.busybox.net/show_bug.cgi?id=11251

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Reviewed-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/bdwgc: bump to version 8.0.0

- Remove first patch (already in version):
  https://github.com/ivmai/bdwgc/commit/7c13fb8fccdebfa4bf9a11abf6fa1619c5902828
- Remove second patch (already in version)
- Update license hash: Update header copyright (add Ivan Maidanski), see
  https://github.com/ivmai/bdwgc/commit/3bd265a64b612af9d906b73394f2adb161bd0dec

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

docs/manual: add external.desc to list of files needed for BR2_EXTERNAL

external.desc must be present when using a br2-external tree. The
documentation notes this later in the text, but the file is missing
from the initial overview of files.

Fixes bug #11481.

Signed-off-by: Philipp Wagner <mail@philipp-wagner.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/mkmakefile: make wrapper silent by default

Suppose we use Makefile wrapper and build some project out of
buildroot tree (O=...). A command like "make
busybox-all-external-deps" will output the string "uname 022 && make
..." to stdout before the usefull information. It pollutes stdout. At
the same time if we use the same command in the buildroot source-tree
then we don't get the additional output. This patch makes wrapper
silent by default. People who prefer to see more verbose output can
use V=1.

Signed-off-by: Serj Kalichev <serj.kalichev@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-tornado: bump version to 5.1.1

Add hash for the license file.

Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-pip: bump to version 18.1

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-django: select BR2_PACKAGE_PYTHON_SETUPTOOLS

The django-admin cli tool is loaded as entry point with pkg_resources,
which is provided by setuptools.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-cython: use full package name in .mk comment header

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

nfs-utils: add patch to fix build with glibc 2.28

Fixes:

  http://autobuild.buildroot.net/results/feb2b42028f7035f791db9cb76d07ead55d7733a/

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/{mesa3d, mesa3d-headers}: bump version to 18.2.4

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/opencv3: fix build on sparc64 due to missing 64-bit Release_CompareAndSwap()

Fixes:

  http://autobuild.buildroot.org/results/d27fa3eb3ea600698571837981a3a15d556724ea

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/ltp-testsuite: fix build with glibc 2.28 or uclibc-ng 1.0.30

LTP fails to build 20180926 with both glibc 2.28 and uclibc-ng 1.0.30,
due error in m4 macro check:

In file included from /home/rclinux/rc-buildroot-test/scripts/instance-0/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/include/sys/stat.h:446:0,
                 from ../../../../include/tst_safe_macros.h:26,
                 from ../../../../include/tst_test.h:85,
                 from statx05.c:27:
/home/rclinux/rc-buildroot-test/scripts/instance-0/output/host/arm-buildroot-linux-gnueabihf/sysroot/usr/include/bits/statx.h:87:5: note: expected 'struct statx * restrict' but argument is of type 'struct statx *'
 int statx (int __dirfd, const char *__restrict __path, int __flags,
     ^~~~~
<builtin>: recipe for target 'statx01' failed
make[5]: *** [statx01] Error 1
<builtin>: recipe for target 'statx05' failed
make[5]: *** [statx05] Error 1

This patch requires to regenerate configure.

Fixes:
http://autobuild.buildroot.net/results/69566d0c728970a6dd6a793b08c5804df3cc00eb
http://autobuild.buildroot.net/results/3c53ddfaca70b490a401c9123602965f3803cd0a
http://autobuild.buildroot.net/results/8fb63f627a4ba55afea49ad0566064d20021889a
http://autobuild.buildroot.net/results/496a1b40d378eaca98e532c03afb47e5291427b3
http://autobuild.buildroot.net/results/47abceeda8044029b6d3200f3877d4d2c494202c

Signed-off-by: Petr Vorel <petr.vorel@gmail.com>
Reported-by: Florian La Roche <F.LaRoche@pilz.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

bdwgc: add optional cplusplus support

Use CFLAGS_EXTRA to pass C and C++ flags in a single variable

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/postgresql: needs wchar

Upstream removed support for non-wchar toolchains:
https://github.com/postgres/postgres/commit/85feb77aa09cda9ff3e12cf95c757c499dc25343

Propagate the new dependency to other packages.

Fixes
http://autobuild.buildroot.net/results/b73/b73342a39167ed7f293224d4e3b23dde691b9abf/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: also propagate to the php, qt and qt5base packages.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

utils/scancpan: print package/Config.in only when useful

Currently, utils/scancpan always outputs what should be placed in
package/Config.in to include all Perl packages Config.in
files. However, in practice, this is only useful when a new package is
added. This commit adjusts this behavior so that what should be place
in package/Config for Perl packages is only displayed when scancpan
has produced a new Buildroot package for a Perl module.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python-pip: needs python-setuptools

pip needs pkg_resources, which is installed with setuptools.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

fs/common: always depend on build host-tar if needed

Currently, the filesystems do not depend on building host-tar when it
is needed, even though all of them have to extract the intermediate
tarball.

However, in degenerate (but legally valid) configurations with no
user-selectable package selected, host-tar would not be built, so the
rootfs images would use whatever improper tar the system has.

Add the conditional dependency to host-tar to the rootfs-common
intermediate image. Since this is the internal step that all real rootfs
generators depend on, they now properly depend on host-tar when needed.

In practice, when host-tar is needed, it will always be built before the
rootfs images, because it is a dependency of all packages (except a very
few, like the skeleton), of which host-fakeroot, which is a mandatory
dependency of rootfs-comon anyway. But for consistency sake, let's
explicitly add host-tar as a dependency to rootfs-common too.

Note that rootfs-tar already had that dependency, and we leave it as-is
because it is semantically correct, even if superfluous.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pkg-generic: add host-tar dependency for downloads from repositories

Three of our download backends need a host tar that can generate
reproducible archives: cvs, git, and svn. The other two, bzr and hg,
use their internal implementation.

So, for those three that need it, and a dependency on host-tar when the
system tar is not appropriate.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pkg-genric: add possibility to declare download dependencies

For some packages, we may need to have a certain set of host-tools built
before the download of said packages are attempted. For example, when
the system tar is not suitable, we will want to build our own tar before
we attempt a git download (because we generate a tarball in the git
backend).

Mimick the _EXTRACT_DEPENDENCIES, and introduce _DOWNLOAD_DEPENDENCIES.
As for _EXTRACT_DEPENDENCIES, we do not document _DOWNLOAD_DEPENDENCIES,
on the assumption that it is mostly for internal use.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pkg-generic: postpone evaluation of dependency conditions

In the pkg-inner macros, all variables, but the positional arguments,
must be $$-prefixed, so that they are expanded only when the macro is
evaluated in each package, not when the macro is parsed.

It is to be noted, though, that the current code, even though
incorrect by the above rules, seemed to work. However, the upcoming
addition of download dependencies, mimicking that code, would not work
unless it was $$-prefixed.

So, for consistency sake, and for correctness sake, let's always use
the $$-prefix in the inner macro.

Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

meson: re-add patch for skipping RPATH fixing

The patch to skip RPATH fixing performed by Meson was removed in commit
a03f46ca6e9f43028003aedc92f1a1204ae7480f, as the script
support/scripts/check-host-rpath was not complaining anymore.

But without it, the problem still occurs for host packages [1].

So, restore this patch to fix build of host packages with Meson.

[1] http://lists.busybox.net/pipermail/buildroot/2018-October/232956.html

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-django: bump to version 2.1.3

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

lua-curl: fix build with libcurl 7.62.0

The last libcurl bump changed error code definitions in a way that
breaks lua-curl build. Add a patch to fix that.

Fixes:
http://autobuild.buildroot.net/results/fa6/fa6e289162124b3e079c4a2d9c3f00910c8cc063/
http://autobuild.buildroot.net/results/7b9/7b962a63630abaed21d99f719c1bd710ec4d4b28/
http://autobuild.buildroot.net/results/c5b/c5b2a7f21259bbf79861bd95a2d7ca055920bf09/

Cc: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libv4l: renumber patches

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libv4l: bump version to 1.16.1

Removed patches:

- 0003-libdvbv5-add-optional-copy-of-TEMP_FAILURE_RETRY-mac.patch
  (Upstream accepted, see [1])

- 0005-libv4lconvert-fix-compiler-warning.patch
  (From upstream, see [2])

- 0006-v4l2-ctl-fix-glibc-2.28-build.patch
  (From upstream, see [3])

Disable new qvidcap for now.

[1] https://git.linuxtv.org/v4l-utils.git/commit/?id=c28248deeb2d7fe43fcde948c00b9b8fa2bc1e8f
[2] https://git.linuxtv.org/v4l-utils.git/commit/?id=380fe7d4548a99bfcfc1594b6f0b3dd2369978f1
[3] https://git.linuxtv.org/v4l-utils.git/commit/?id=65e7b2a4076845d3932b88cb9c76f1fa4b78c32c

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Thomas: pass --disable-qvidcap only once.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

cargo-bin: bump version to 0.30.0

Bump version to 0.30.0.

The signature of the tarballs have been verified and their hash compared to the
upstream reference.

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pdbg: bump to version v2.0

Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/alsa-utils: install systemd service files

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/perl-*: regeneration of Config.in files with full stop

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

utils/scancpan: add a full stop to the help text when missing

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

lua-compat53: bump to version 0.7

Signed-off-by: Jörg Krause <joerg.krause@embedded.rocks>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

pppd: fix build with glibc 2.28

Since glibc 2.28
(https://savannah.gnu.org/forum/forum.php?forum_id=9205), the obsolete
functions encrypt, encrypt_r, setkey, setkey_r, cbc_crypt, ecb_crypt,
and des_setparity are no longer available to newly linked binaries, and
the headers <rpc/des_crypt.h> and <rpc/rpc_des.h> are no longer
installed. These functions encrypted and decrypted data with the DES
block cipher, which is no longer considered secure. Software that still
uses these functions should switch to a modern cryptography library,
such as libgcrypt.

So retrieve an upstream patch to use openssl instead of these functions
and a new patch to remove the unsafe header/library path
'-I/usr/include/openssl'

Fixes:
 - http://autobuild.buildroot.org/results/c13ca8b8afa8de700caf8cd2fa1812b8552b3f4a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/amarula_a64_relic: add WiFi support

Amarula A64-Relic board has AP6330 WiFi/BT combo, but does
not have ethernet port. So it makes sense to enable wireless
networking by default:
- add broadcom wireless firmware package to image
- add basic wireless tools to image
- add rootfs overlay with proper NVRAM file for on-board AP6330 chip
- add mdev to image to enable module autoloading
- update readme.txt to test wifi

Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

configs/amarula_a64_relic: new defconfig

Add initial support for Amarula A64-Relic board
with below features:
- U-Boot 2018.07
- Linux 4.17.0-rc6
- Default packages from buildroot

Signed-off-by: Jagan Teki <jagan@amarulasolutions.com>
[Thomas: add missing BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y and
BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y options.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

gnupg2: bump to version 2.2.10

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libgcrypt: bump to version 1.8.4

Drop patch 0001. We patch the configure script directly in patch 0002,
and we don't autoreconf. So this patch has no effect (never had).

Rename patch 0002. The next version bump should drop this patch as well.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libnpth: bump to version 1.6

Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libgpgme: bump to version 1.12.0

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libgpg-error: bump to version 1.32

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libgpg-error: enable riscv64 support

libgpg-error version 1.28 added support for riscv64.

Cc: Mark Corbin <mark.corbin@embecosm.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-async-timeout: add missing blank line in .mk file

Fixes the following check-package warning:

package/python-async-timeout/python-async-timeout.mk:6: should be a blank line (http://nightly.buildroot.org/#writing-rules-mk)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-yarl: add missing blank line in .mk file

Fixes the following check-package warning:

package/python-yarl/python-yarl.mk:6: should be a blank line (http://nightly.buildroot.org/#writing-rules-mk)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-async-timeout: new package

asyncio-compatible timeout context manager.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

DEVELOPERS: add James Hilliard for python-multidict

This was forgotten when the python-multidict package was added.

python-yarl: new package

Yet another URL library

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

python-scapy: new package

Interactive packet manipulation tool.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

python-multidict: new package

Multidict is dict-like collection of key-value pairs where a key may
occur more than once in the container.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
[Arnout: extend help text based on commit message.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

python-uvloop: new package

Fast implementation of asyncio event loop on top of libuv.

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
[Arnout: change order of 'depends on' lines]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

libxmlpp: bump to version 3.0.1

Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libxmlrpc: bump to version 1.43.08

- Remove first patch and pass CC_FOR_BUILD and other variables in
  LIBXMLRPC_CONF_OPTS instead of LIBXMLRPC_CONF_ENV because a similar
  solution is already in version thanks to
  https://sourceforge.net/p/xmlrpc-c/code/2905
- Remove second patch (already in version thanks to
  https://sourceforge.net/p/xmlrpc-c/code/2908)
- Remove third path (already in version thanks to
  https://sourceforge.net/p/xmlrpc-c/code/2909)
- Add hash for license file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

uclibc: fix mkostemp

Pull a patch already submitted upstream[1] that fixes mkostemp when
_LARGEFILE64_SOURCE is defined. This is required to prevent failures
on eudev[2]:

    # udevadm hwdb --update
    Failure writing database //etc/udev/hwdb.bin: Invalid argument

1. https://patchwork.ozlabs.org/patch/990045/
2. https://patchwork.ozlabs.org/patch/984848/

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

webkitgtk: bump to version 2.22.3

Release notes:

    https://webkitgtk.org/2018/10/29/webkitgtk2.22.3-released.html

Patch "0001-ARM-Building-FELightingNEON.cpp-fails-due-to-missing.patch"
is removed because it is included in the new release.

This is a maintenance release which further improves playback of video
when using media source extensions (MSE), specially for WebM content,
and provides a few correctness fixes.

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-zope-interface: bump to version 4.6.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

lighttpd: adjust Config.in to make check-package happy

Commit b9d75c717e01aed474b7567c969236418e87eda8 ("lighttpd: add
optional pam support") introduced a new Config.in option, but
check-package was not happy about it:

package/lighttpd/Config.in:30: should be indented with one tab (http://nightly.buildroot.org/#_config_files)
package/lighttpd/Config.in:31: should be indented with one tab (http://nightly.buildroot.org/#_config_files)
package/lighttpd/Config.in:32: attributes order: type, default, depends on, select, help (http://nightly.buildroot.org/#_config_files)
package/lighttpd/Config.in:32: should be indented with one tab (http://nightly.buildroot.org/#_config_files)
package/lighttpd/Config.in:33: should be indented with one tab (http://nightly.buildroot.org/#_config_files)
package/lighttpd/Config.in:34: help text: <tab><2 spaces><62 chars> (http://nightly.buildroot.org/#writing-rules-config-in)

This commit fixes those indentation and ordering issues.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

webkitgtk: add an option to control USE_GSTREAMER_GL

This covers the case where GL/GLES is available (so -DENABLE_OPENGL=ON
gets passed), which makes the webkitgtk build system assume GStreamer-GL
is available, while actually it is not.

Also, providing an option to manually disable usage of GStremer-GL can
help with certain target configurations in which using OpenGL for video
handling might result in incorrect rendering.

This fixes some autobuilder failures like the following:

  http://autobuild.buildroot.net/results/187796535af53ece426641ff7d88aabada281674
  http://autobuild.buildroot.net/results/00c1a8ea23a99728a4f3f4478705f2383414ae41

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

go: bump to v1.11.1

Bumps Golang host-go compiler to 1.11.1 release.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

lighttpd: add optional pam support

Let the option depend on linux-pam as pam has quite some dependencies and
this is unlikely to be used if pam isn't explicitly enabled.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

wolfssl: install into staging

wolfssl is a library, so it should be installed into staging so other
packages can find the header files / library.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libcurl: security bump to version 7.62.0

Fixes the following security issues:

CVE-2018-16839: SASL password overflow via integer overflow
https://curl.haxx.se/docs/CVE-2018-16839.html

CVE-2018-16840: use-after-free in handle close
https://curl.haxx.se/docs/CVE-2018-16840.html

CVE-2018-16842: warning message out-of-buffer read
https://curl.haxx.se/docs/CVE-2018-16842.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

python-typing: rewrap Config.in help text

Fixes the following check-package warning:

package/python-typing/Config.in:5: help text: <tab><2 spaces><62 chars> (http://nightly.buildroot.org/#writing-rules-config-in)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

luarocks: bump to version 3.0.4

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/network-manager: Add upstream patch to fix CVE-2018-15688

NetworkManager includes some parts of the systemd-networkd code in its
codebase. That can be found at src/systemd/src/libsystemd-networkd.
The DHCP implementation provided by systemd-networkd is used when
NetworkManager is configured to use the internal implementation,
however the default is to use dhclient.

When NetworkManager is configured to use the internal dhcp and an
interface is setup with ipv6.method=auto (which is the default value)
or ipv6.method=dhcp, this flaw can be exploited. When using
ipv6.method=auto, the DHCPv6 client can be automatically started with a
Router Advertisement packet.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>