git.libre-soc.org Git - buildroot.git/log

python-dateutil: bump to version 2.8.0

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/liquid-dsp: drop support for fftw-double and fftw-long-double

liquid-dsp has the following code:

So, if it uses the external fftw library, it can only use the fftwf
variant, i.e the fftw-single variant. Otherwise, it uses its internal
FFT library.

There is no way for liquid-dsp to use fftw-double or fftw-long-double.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pugixml: force-enable 'long long' support to support gcc<4.8

Although pugixml will enable 'long long' support automatically if it detects
C++11 (gcc 4.8+), we would like to support older gcc compilers too.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

support/download/scp: fix download with scheme prefix 'scp://'

The scp download helper is broken when the server URL starts with 'scp://'.
Such prefix is used in two situations:
1. to let FOO_SITE point to an scp location without explicitly having to set
'FOO_SITE_METHOD = scp'

2. when BR2_PRIMARY_SITE or BR2_BACKUP_SITE points to an scp location. In
this case, there is no equivalent of 'SITE_METHOD'.

Strip out the scheme prefix, similarly to how the 'file' download helper
does it. That helper has the same cases as above.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tn5250: remove package

The latest (0.17.4) tn5250 release is from 2008, doesn't build with openssl
1.1.x and was dropped from Debian in 2011 because nobody cared to maintain
it:

https://packages.qa.debian.org/t/tn5250.html

Given all of that, it is unlikely to be used much, so remove it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/dovecot: security bump to version 2.3.4.1

Fixes the following security issues:

* CVE-2019-3814: If imap/pop3/managesieve/submission client has
   trusted certificate with missing username field
   (ssl_cert_username_field), under some configurations Dovecot
   mistakenly trusts the username provided via authentication instead
   of failing.

* ssl_cert_username_field setting was ignored with external SMTP AUTH,
   because none of the MTAs (Postfix, Exim) currently send the
   cert_username field. This may have allowed users with trusted
   certificate to specify any username in the authentication. This bug
   didn't affect Dovecot's Submission service.

For more details, see the announcement:
https://www.dovecot.org/list/dovecot-news/2019-February/000394.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

utils/check-package: warn about overridden variables

For the general case, appending values to variables is OK and also a
good practice, like this:
|PACKAGE_VAR = value1
|ifeq ...
|PACKAGE_VAR += value2

or this, when the above is not possible:
|PACKAGE_VAR = value1
|ifeq ...
|PACKAGE_VAR := $(PACKAGE_VAR), value2

But this override is an error:
|PACKAGE_VAR = value1
|PACKAGE_VAR = value2

as well this one:
|ifeq ...
|PACKAGE_VAR += value1
|endif
|PACKAGE_VAR = value2

And this override is error-prone:
|PACKAGE_VAR = value1
|ifeq ...
|PACKAGE_VAR = value2

Create a check function to warn about overridden variables.

Some variables are likely to have a default value that gets overridden
in a conditional, so ignore them. The name of such variables end in
_ARCH, _CPU, _SITE, _SOURCE or _VERSION.

After ignoring these variable names, there are a few exceptions to this
rule in the tree. For them use the comment that disables the check.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Simon Dawson <spdawson@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Tested-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/zbar: bump to version 57d601e82089f2f31de9e1683c3834f237421f5d

When building statically zbar, build fails on:
configure: error: unable to find libv4l.so

The following errors are raised in config.log:
configure:19371:
/home/buildroot/buildroot-test/instance-0/output/host/bin/arm-linux-gcc -o conftest -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -g2 -static -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -static conftest.c -lv4l2 -lpthread >&5
/home/buildroot/buildroot-test/instance-0/output/host/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libv4l2.a(libv4l2_la-libv4l2.o): In function `v4l2_set_src_and_dest_format':
/home/buildroot/buildroot-test/instance-0/output/build/libv4l-1.16.2/lib/libv4l2/libv4l2.c:952: undefined reference to `v4lconvert_supported_dst_format'

To fix this error, bump to version
57d601e82089f2f31de9e1683c3834f237421f5d to replace AC_CHECK_LIB by
PKG_CHECK_MODULES to find the correct library (-lv4lconvert but also
-ljpeg, ...)

Fixes:
- http://autobuild.buildroot.org/results/acf39e4754508d7ee49e21f08ff0a1fcac4fb7cd

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/pound: Fix build with OpenSSL 1.1.x

The patches enable two new API configurations, one for OpenSSL 1.1.x
and the other LibreSSL.

A dependency is added to use the Buildroot host tool openssl to
create headers (dh512.h). This resolves a host OS mismatch with
openssl versions. (The Makefile does this generation as part of
the initial build)

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Patrick Havelange <patrick.havelange@essensium.com>
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

support/testing: test_dropbear.py: drop ssh port forward to the host

It is not used and may conflict with other services running on port 2222 on
the host machine.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

support/testing: test_dropbear.py: add test for ssh connection to localhost

Use sshpass to pass the password on the command line.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

support/testing: test_dropbear.py: use a constant for the password

The password is used in multiple places, so add a constant for it instead of
hardcoding it multiple times.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ipmitool: add openssl 1.1.x compatibility

Changes adapt the current codebase to use supported APIs now that openssl
1.1.x by default disables all deprecated items.

Fixes
http://autobuild.buildroot.net/results/97d/97dab568f1f3d342b6bfcb9f597ced4de6f1309e

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

linux: bump Linux CIP to version v4.4.171-cip30

This patch bumps the Linux CIP version to v4.4.171-cip30 and updates the
download url to the new official one.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ibrdtnd: include cstring

Failure output
SecurityCertificateManager.lo
SecurityCertificateManager.cpp: In static member function 'static void dtn::security::SecurityCertificateManager::validateSubject(X509*, const string&)':
SecurityCertificateManager.cpp:208:53: error: 'memcmp' was not declared in this scope
if(memcmp(utf8_eid, utf8_cert_name, utf8_eid_len) == 0){

Upstream
https://github.com/ibrdtn/ibrdtn/commit/122fa8ed49f896abf6a389505f3d0b66d49d1e77

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ibrdtnd: add openssl 1.1.x compatibility

Upstream
https://github.com/ibrdtn/ibrdtn/pull/265

Fixes
http://autobuild.buildroot.net/results/385/3852a414afacbe3c044b1e49be8ccf8c554c8565

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/softether: bump to v4.28-9669-beta

Source code is now compatible with OpenSSL 1.1.x.

Fixes
http://autobuild.buildroot.net/results/a6f/a6f1f326ce2525ee0f9d423f1b6d989a89e6b87e/build-end.log

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tpm2-tss: bump version to 2.1.1

Fixes a number of issues since 2.1.0:
https://github.com/tpm2-software/tpm2-tss/releases/tag/2.1.1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mender: fixing init script naming

Commit f88947c2fe2d (package/mender: adding systemv init file) added an init
script, but the installation logic referred to S04mender instead of S42mender.

Update the installation logic to match the file name.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[Peter: expand commit message description]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/moarvm: resolve libtommath name collision

Fixes
http://autobuild.buildroot.net/results/02f/02ff68698603ebdce5d13d3130a15b5a1ecc14d2/build-end.log

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Makefile: unexport 'PLATFORM' and 'OS' environment variables

Some package builds may fail when environment variables are present with the
same names as make variables in a package. This is a bigger problem for
environment variables with generic names, like 'PLATFORM' and 'OS'.

'PLATFORM' is for example a problem for host-acl.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/qpid-proton: openssl 1.1.x compatibility

Updates are based on the original bug report upstream.
https://issues.apache.org/jira/browse/PROTON-1326

Fixes
http://autobuild.buildroot.net/results/f90/f9085f223cd54c70daf29b12e6c66edb416f7243/

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mender: adding a readme file

This patch adds a readme file with basic instructions to get mender up
and running on a production system.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Acked-by: <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mender: adding device_type file

In order to have the mender package working out of the box, the
/etc/mender/device_type should be present and should contain a
valid device_type value.
This patch provides a default file that can be overridden easily
from an overlay.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Acked-by: <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mender: adding artifact_info file

In order to have the mender package working out of the box, the
/etc/mender/artifact_info should be present and should contain a
valid artifact_name value.
This patch provides a default file that can be overridden easily
from an overlay.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Acked-by: <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mender: adding systemv init file

This patch adds a service file for the init system v.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Acked-by: <aduskett@gmail.com>
Reviewed-by: Titouan Christophe <titouan.christophe@railnova.eu>
[Peter: fix typo in stop()]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/mender: adding a writable location

Mender needs /var/lib/mender to be writable at the service start, the
path is hardcoded and thus we cannot change it.
This patch solves the problem using the same approach we have for
dropbear.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Acked-by: <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/netsurf: fix build

Fixes:
http://autobuild.buildroot.net/results/a5b/a5bd8969c398fc3101ffaec4aa715a827aec5770/
http://autobuild.buildroot.net/results/441/44112e8ad03f47125bbf4b231d800ebd5beef24b/

After commit 122089ad (package/netsurf: use TMP_PREFIX inside the build
directory), the build fails with:

COMPILE: src/stylesheet.c
In file included from src/stylesheet.c:12:0:
src/stylesheet.h:14:39: fatal error: libwapcaplet/libwapcaplet.h: No such file or directory
#include <libwapcaplet/libwapcaplet.h>

The reason is that netsurf installs its internal libraries to TMP_PREFIX
during the build, and uses pkg-config to add the correct include/linker
flags when building/linking the rest. Unfortunately this fails badly, as we
prefix STAGING_DIR to the paths returned by pkg-config, causing gcc to fail
to find the header / library files.

This worked (by accident) when we pointed TMP_PREFIX to STAGING_DIR/usr, as
STAGING_DIR/usr/include and STAGING_DIR/usr/lib are in the standard
include/library search paths.

Fix it by adding TMP_PREFIX/include and TMP_PREFIX/lib to the
include/library search paths. We cannot easily add them to CFLAGS/LDFLAGS
as the makefiles do not use override when appending to them, so instead pass
both in CC (which is also used for linking).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

testing/tests/download: test git branch

Add a branch to the static repo and check on the git refs test case the
download of a git package:
- with a sha1 reachable by a branch name, but not pointed by it, as
version. This is the most common use case for git refs in the tree;
- with a partial sha1 of a commit reachable by a branch as version;
- with a sha1 of the commit head of a branch as version;
- with a partial sha1 of the commit head of a branch as version;

Enforce the download always occurs by removing the BR2_DL_DIR used for
the tarballs generated by the git download infra.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@datacom.ind.br>
Cc: Arnout Vandecappelle <arnout@mind.be>
Tested-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/android-tools: Fix build with OpenSSL 1.1.x

Use patch from:

https://github.com/lede-project/source/commit/f63f20fb93c7e67775cb01d97fc88b5b29452b81

which fixes compilation of adb with OpenSSL 1.1.x, and took only part
for adb only.

Fixes:

http://autobuild.buildroot.net/results/66f/66f05eb9a56aa8526a1420334d68c7eda094e90e/

Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/website/js/buildroot.js: fix unterminated statements

Some statements are missing their semicolons.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Acked-by: <angelo@amarulasolutions.com>
Tested-by: <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

docs/website/js/buildroot.js: fix possible type coercion

With javascript, when comparing variables, using === instead of ==
is preferred.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Acked-by: <angelo@amarulasolutions.com>
Tested-by: <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

docs/website/js/buildroot.js: switch var to let

In javascript, let is preferred for local, var is preferred for global.
Change any local variables from "var" to "let"

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Acked-by: <angelo@amarulasolutions.com>
Tested-by: <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/gnu-efi: fix build on armv5

Don't override the user-provided ARCH when cross-compiling otherwise
ARCH won't be correct for armv5, aarch64 and x86_64

Fixes:
- http://autobuild.buildroot.org/results/2dfc0e10da25a8382a43557420d7dc3444c02dbb

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/openmpi: bump to version 4.0.0

Add hash for licence file

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

libopenssl: bump version to 1.1.1a

- use BR2_TOOLCHAIN_HAS_UCONTEXT
    This is used to set -DOPENSSL_NO_ASYNC if needed.

- apply the CFLAGS correctly when compiling with -Os (bugfix).

- use -latomic when needed
    This fixes the build for br-sparc-uclibc-2018.05

- don't use madvise() if no MMU
    Trying to do so results in undefined reference to madvise() as
    it is not available on uclibc without MMU.
    The original openssl code checks if a macro used in the madvise call
    is defined. The problem comes from the fact that the code in
    crypto/mem_sec.c also includes a kernel header defining the same macro
    unconditionally. Thus the check is always true in that case.
    Upstream: https://github.com/openssl/openssl/pull/8089

- don't compile test/fuzzers
    These binaries introduced with 1.1.x sometimes do not compile.
    This is the case with the br-arm-cortex-m4-full toolchain

- don't build ocsp daemon if no MMU.
    Patch from  Richard Levitte.

- correctly enable cryptodev engine
    Thanks to Arnout Vandecappelle for spotting this.

- remove all parallel build patches (openssl build-system changed)

- rebased 0001-Dont-waste-time-building-manpages-if-we-re-not-going.patch
  to apply to Configurations/unix-Makefile.tmpl (Makefile template)

- removed 0002-cryptodev-Fix-issue-with-signature-generation.patch
  (upstream applied)

- rebased 0003-Reproducible-build-do-not-leak-compiler-path.patch to
  apply to crypto/build.info (Makefile template)

- fix musl/uclibc build failure, use '-DOPENSSL_NO_ASYNC'

- remove legacy enable-tlsext configure option

- remove target/host libdir configure options, fixes openssl.pc installation
  path, fixes wget compile

- change legacy INSTALL_PREFIX to DESTDIR

- remove 'libraries gets installed read only, so strip fails'
  workaround (not needed anymore)

- change engine directory from /usr/lib/engines to
  /usr/lib/engines-1.1

- change license file hash, no license change, only the following
  hint was removed:

    Actually both licenses are BSD-style Open Source licenses.
    In case of any license issues related to OpenSSL please
    contact openssl-core@openssl.org.

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Tested-by: Ryan Coe <bluemrp9@gmail.com>
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Patrick Havelange <patrick.havelange@essensium.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

toolchain: add variadic MI thunk support flag

GCC uses thunk functions to adjust the 'this' pointer when calling C++
member functions in classes derived with multiple inheritance.
Generation of thunk functions requires support from the compiler back
end. In the absence of that support target-independent code in the C++
front end is used to generate thunk functions, but it does not support
vararg functions.

Support for this feature is currently missing in or1k and xtensa
toolchains.

Add hidden option BR2_TOOLCHAIN_SUPPORTS_VARIADIC_MI_THUNK that
indicates presence of this feature in the toolchain. Add dependency to
packages that require this feature to be built.

Fixes:
http://autobuild.buildroot.net/results/c9e660c764edbd7cf0ae54ab0f0f412464721446/
http://autobuild.buildroot.net/results/9a3bf4b411c418ea78d59e35d23ba865dd453890/

Signed-off-by: Max Filippov <jcmvbkbc@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/thrift: bump to 0.12.0, add support for openssl 1.1.x

Switching to CMake as the autotools are not crosscompiler compatible.
Removed the patches related to autotools as no longer used.
Added patch to avoid linker issue.
Added license hash.

Signed-off-by: Patrick Havelange <patrick.havelange@essensium.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/ffmpeg: fix build with libfdk-aac 2.0.0

Add upstream patches to fix
http://autobuild.buildroot.net/results/909/9097a2b190f4032ff51eda531f4379a99da5181a/

after fdk-aac was bumped to 2.0.0:
https://git.buildroot.net/buildroot/commit/package/fdk-aac?id=31ff32824a4f3d09351367c3418b5605f9c40521

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/setlocalversion: ignore user settings for Mercurial

setlocalversion will use 'hg id' to determine whether or not the current
revision is tagged. If there is no tag, the Mercurial revision is printed,
otherwise nothing is printed.

The problem is that the user may have custom configuration settings (in
their ~/.hgrc file or similar) that changes the output of 'hg id' in a way
that the script does not expect. In such cases, the Mercurial revision may
not be printed or printed incorrectly.

It is good practice to ignore the user environment when calling Mercurial
commands from a well-defined script, by setting the environment variable
HGRCPATH to the empty string. See also 'hg help environment'.

In the particular case of Nokia, a custom extension adds dynamic tags in the
repository, i.e. tags that are stored in a file external to the repository
and only visible when the extension is active. These tags should not
influence the behavior of setlocalversion as they are not official Buildroot
tags, i.e. even if a revision is tagged, the Mercurial revision should still
be printed.

Note that this still does not solve the problem where an organization adds
_real_ tags in their Buildroot repository. For example, there might be a
moving tag 'last-validated' or tags indicating in which product release that
Buildroot revision was used. In these cases, setlocalversion will still not
behave as expected, i.e. show the Mercurial revision.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/scripts/setlocalversion: fix detection of hg revision when _not_ on branch 'default'

When Buildroot is stored in a Mercurial repository on a branch other than
'default' ('master' in git terms), setlocalversion (used to populate
/etc/os-release) will incorrectly think that this is a tagged version and
will NOT print out the revision hash.

This is due to the fact that the output of 'hg id' is assumed to be
"<revision> <tags-if-any>"
but when on a branch it actually is:
"<revision> (<branch>) <tags-if-any>"

To let setlocalversion receive the output it expects, explicitly ask 'hg id'
to retrieve only the revision hash and any tags, ommitting any branch
information.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/rtmpdump: drop openssl support

Rtmpdump does not support openssl 1.1.x, has not seen any changes upstream
since 2015, is only used with the gnutls backend in Debian and Fedora.

There exists a 3rd party patch for openssl 1.1.x support:

https://github.com/JudgeZarbi/RTMPDump-OpenSSL-1.1

But there is an open issue reported about a crash in the handshake code
(which is modified by the patch):

https://github.com/JudgeZarbi/RTMPDump-OpenSSL-1.1/issues/1

And the README for the repo states:

I modified a few of the files in the librtmp directory to conform to the new
getters and setters in OpenSSL 1.1.0. I don't claim to be a security
expert, and neither have I had any experience with OpenSSL in a programming
sense, so I'm not sure exactly if it's correct, but it compiles and seems to
work for what I use it for.

Which does not sound very reassuring, so instead drop the openssl support.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

testing/tests/download: test case for git refs

All upcoming tests for git refs will rely on the return code of make to
determine whether a git ref can be downloaded or not and also to
determine whether the downloaded content is correct (all of this taking
advantage of the check-hash mechanism already in place for git
packages).
So to avoid false results i.e. in the case the check-hash mechanism
become broken in the master branch, add some sanity checks before the
actual test of download git refs.

Add the minimum test case for git refs containing only sanity checks.
Reuse the commit in the static repo.
Add a br2-external with two packages to check that:
- trying to download an invalid sha1 generates an error;
- downloading a valid sha1 that contains unexpected content generates
an error.

In order to ease the maintenance and review, each upcoming patch adding
checks to this test case will add at same time the commits to the static
repo, the equivalent packages to the br2-external and code to the test
case.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@datacom.ind.br>
Cc: Arnout Vandecappelle <arnout@mind.be>
Tested-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/rrdtool: bump version from 1.6.0 to 1.7.0

>From the releases at https://github.com/oetiker/rrdtool-1.x/releases
which mentions this is not a user facing release but attempts to
be more robust against odd input.

Signed-off-by: Charles Hardin <charles.hardin@storagecraft.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python-docker: bump version to 3.5.1

Pypi now proves a sha256 hash as well.

Drop 0001-setup.py-make-pip-optional.patch as upstream has now completely
removed the docker-py checks:

https://github.com/docker/docker-py/commit/accb9de52f6e383ad0335807f73c8c35bd6e7426

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

python-docker-pycreds: bump version to 0.4.0

Needed by newer python-docker versions.

Pypi now proves a sha256 hash as well.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

packages/glibc: Fix mcontext_t error that breaks RISC-V package builds

The riscv-glibc repository version of glibc 2.26 will build for
RISC-V 32bit, but when many packages are built against the resulting
library an 'unknown type name mcontext_t' error is reported. The
definition of mcontext_h in the ucontext.h header file needs to be
moved outside of the '#ifdef __USE_MISC' structure to fix this
issue.

Fixes:
http://autobuild.buildroot.net/results/5aa9cb29c459f511dc9c4fcf218dc9a842505aa3

Signed-off-by: Mark Corbin <mark.corbin@embecosm.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libtommath: bump to version 1.1.0

The library was re-licensed to The Unlicense (https://unlicense.org/),
more details on https://www.libtom.net/news/LTM_1.1.0RC1/

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/pamtester: new package

Utility for testing pluggable authentication modules (PAM) facility.

While specifically designed to help PAM module authors to test their
modules, that might also be handy for system administrators interested
in building a centralised authentication system using common standards
such as NIS, SASL and LDAP.

Signed-off-by: Carlos Santos <casantos@datacom.com.br>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[Peter: drop spelling fix patch]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

arch/mips: add (Marvell) Octeon III processor

The compiler recognizes a specific 'march' value for Octeon III processors,
so create a 'Target Architecture Variant' entry for it in the target menu.

Note: support for '-march=octeon3' was added in gcc 5.x. However, the
official compiler provided by Marvell (Cavium Networks) uses gcc 4.7.x (and
supports -march=octeon3 via their own modifications). For this reason, no
line 'select BR2_ARCH_NEEDS_GCC_AT_LEAST_5' is added.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

arch/mips: add (Marvell) Octeon II processor

The compiler recognizes a specific 'march' value for Octeon II processors,
so create a 'Target Architecture Variant' entry for it in the target menu.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

arch/mips: introduce mips32r3 and mips64r3

It's unclear why Buildroot only defined MIPS 32/64 releases 1, 2, 5 and 6
while 3 exists as well.

Interesting fact:
"Release 4 was skipped because the number four is perceived as unlucky in
many Asian cultures."
https://en.wikipedia.org/wiki/MIPS_architecture#MIPS32/MIPS64

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

support/testing/tests/download/gitremote: remove trailing whitespace

Fixes the following flake8 warnings:

support/testing/tests/download/gitremote.py:29:67: W291 trailing whitespace
support/testing/tests/download/gitremote.py:30:60: W291 trailing whitespace

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/bird: bump version to 2.0.3

Patch 0001 is no longer needed as it has been ported to this version.
Also, the README changes but the licence is still GPL-2.0+

Signed-off-by: Adrien Gallouët <adrien@gallouet.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Makefile: respect strip exclusions for special libraries

ld-*.so and libpthread*.so* are not stripped in the same way as other
binaries because some applications need symbols in these libraries in
order to operate correctly.

However, the special handling for these binaries ignores the usual
BR2_STRIP_EXCLUDE_* rules so it is not possible to build an image which
has debugging symbols in these binaries.

Pull out the common find functionality so that we can build two find
commands that re-use the common exclusion rules.

Fix-suggested-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: John Keeping <john@metanate.com>
Tested-by: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

testing/tests/download: add git hash test

Add one test case to ensure the hash is checked for git packages:
- correct hash;
- wrong hash;
- no hash file.

Add required infra:
- a GitRemote class, that can start a git server in the host machine to
   emulate a remote git server under the control of the test;
- a new base class, called GitTestBase, that inherits from BRTest and
   must be subclassed by all git test cases.
   Its setUp() method takes care of configuring the build with a
   br2-external, avoiding to hit http://sources.buildroot.net by using
   an empty BR2_BACKUP_SITE. It also avoids downloading not
   pre-installed dependencies (i.e. lzip) every time by calling 'make
   dependencies' using the common dl directory, and it instantiates the
   GitRemote object.

Besides the Python scripts, add some fixtures used during the tests:
- a br2-external (git-hash) with one package for each part of the test
   case;
- a static git bare repo (repo.git) to be served using GitRemote class.

Neither the br2-external nor the check hash functionalities are the
subject of these tests per se, so for simplicity limit the check to the
error codes and don't look for the messages in the log.

Thanks to Arnout for the hint about how to add a bare repo to test.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@datacom.ind.br>
Cc: Arnout Vandecappelle <arnout@mind.be>
Tested-by: Matthew Weber <matthew.weber@rockwellcollins.com>
[Arnout: split long line; reorder imports to satisfy flake8]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/utp_com: new package

This tool is used to send commands to imx6 based hardware using NXP's
UTP protocol.

Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Vincent Prince <vincent.prince.fr@gmail.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/sg3_utils: add support for building host variant

Initially used by the host build of the utp_com package.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

infra: add force build flag for host dependencies

This commit adds a config option which will force buildroot to
build all host dependencies even if they are already present on the
host system. This may be a desirable option if different hosts are
used to build the same source. In this case, some packages will be
built on one host that are not built on another. This is problematic
if build source archives are cached afterwards for offline builds.

Cc: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Bryce Ferguson <bryce.ferguson@rockwellcollins.com>
Signed-off-by: Matt Weber <matthew.weber@rockwellcollins.com>
[Peter: reword, drop exit 1, reshuffle]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

support/scripts/graph-build-time: replace confusing colors

The color for 'extract' is very similar to the one for 'install-images'.
Both are cyan-like.

Replace the former by a pale blue to make all colors sufficiently distinct.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Tested-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

support/scripts/graph-build-time: add download times

Total build time also involves download. Getting a visibility on the impact
of that step can be important for users/admins, e.g. to evaluate different
methods of BR2_PRIMARY_SITE.

Colors used are some kind of purple (primary scheme) and light orange
(alternate scheme).

Signed-off-by: Mathias De Maré <mathias.de_mare@nokia.com>
[ThomasDS: rebase and update colors to avoid confusion]
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Tested-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/pugixml: add support for a limited set of configuration options

Add config options for a few pugixml configurables.

- Xpath support is enabled by default but has a size impact. Disabling it
  reduces the size significantly (it almost halves). Output of 'size' on the
  library compiled for x86:
  - Xpath support enabled
160374    1244      28 161646   2776e output/target/usr/lib/libpugixml.so.1.7
  - Xpath support disabled
  92754     880       8   93642   16dca usr/lib/libpugixml.so.1.7

- Compact and header-only modes are not strictly needed for our use case, but we
  did the work anyway and may be useful for someone else.

Signed-off-by: Wouter Vermeiren <wouter.vermeiren@nokia.com>
[ThomasDS:
- align with Buildroot coding style
- retain only feature options: xpath, compact mode, header-only]
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Tested-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/ntp: use common sysv init install

Previously the sysv init script install was conditional based on ntpd
being selected, now that sntp also has an init script and could be
selected independent of ntpd, a common install is necessary.

Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

docs/website: fixing query.yahooapis.com shutdown

This patch rework the use of query.yahooapis.com to do the conversion
from xml to json required by our script and moves to the use of a js
library. Datas are therefore now converted in json format on the client.

Unfortunately, cause of the CORS restriction on nabble and
buildroot.org, we cannot retrieve directly the xml data from these
servers and we need a CORS proxy to do that.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
[Peter: use sha256 integrity]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/website: consolidate CDN's and enable SRI

Some of our cdn's are going discontinued (rawgit) and some others are
not recommended anymore, thus we update to the recommended cdnjs.
This patch enables also SRI protection on js to be sure the modules we
download are not manipulated in any way.

About SRI:
https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/systemd: fix build on mips32

Fixes:
- http://autobuild.buildroot.org/results/e484bc976266633029b26c8e21959ae4e9137da3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Makefile: add update-defconfig target

For symmetry with the Kconfig-based packages offering comprehensive
targets like linux-update-defconfig, barebox-update-defconfig and so
on, add a new top level update-defconfig target to run savedefconfig.

Signed-off-by: Vivien Didelot <vivien.didelot@gmail.com>
Reviewed-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/{clapack,armadillo}: re-enable on MIPS

Commit d2b52cebf3b8b4a922a54d38a44a8a183406c5f1 disabled clapack on MIPS
platforms, to fix an autobuild failure (unfortunately, the results are no
longer available). The argument was:

    "Disable this package for MIPS because it needs IRIX headers and
    libraries."

Nevertheless, today compilation on MIPS seems to work fine. Testing was done
with test-pkg (armadillo depends on clapack):

$ echo "BR2_PACKAGE_ARMADILLO=y" > config.snippet;
$ utils/test-pkg -p armadillo -a -c config.snippet
                 br-mips32r6-el-hf-glibc [1/8]: OK
                      br-mips64-n64-full [2/8]: OK
                 br-mips64r6-el-hf-glibc [3/8]: OK
                      br-mipsel-o32-full [4/8]: OK
             mips64el-ctng_n32-linux-gnu [5/8]: OK
             mips64el-ctng_n64-linux-gnu [6/8]: OK
                         sourcery-mips64 [7/8]: OK
                           sourcery-mips [8/8]: OK
8 builds, 0 skipped, 0 build failed, 0 legal-info failed

Manual build tests were also done for mips32r2 with gcc 4.9.x and gcc 7.x,
and for M5150 with gcc 7.x (Buildroot-built toolchains in these three
cases).

Also building and running on Octeon III, using the toolchain provided by
Cavium Networks / Marvell, works fine.

Not seeing any problem (but also not understanding the original problem),
re-enable clapack (and armadillo) on MIPS.  If any problems would pop up in
the future, they should be investigated in detail and a more fine-grained
solution should be taken than disabling on MIPS altogether.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libgeotiff: add optional proj dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/qemu: remove host-python dependency.

Now that Buildroot requires python >= 2.7, qemu no longer needs a
host-python, as it does not use any external Python modules to build.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/libcpprestsdk: bump to version v2.10.10

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/opentracing-cpp: needs threads

opentracing-cpp uses std::mutex since 1.3.0.

Fixes: http://autobuild.buildroot.net/results/121a9f2aacf9e7b1f5d0b3f2c55bc1da36c7cfb6/
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

prerequisite.txt: Bump python dependency to 2.7

We now require python 2.7+, so update prerequisite.txt to match.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

dependencies.sh: Check for a host python version >= 2.7

Older distributions such as CentOS6 come with python2.6, which causes build
failures in packages such as host-libglib2 because they require python2.7 and
above.

host-libglib2 will produce the error message:
/bin/sh: python2.7: command not found

Python2.7 is a hard-coded value in configure.ac. If one changes the value to
just "python," the following stack trace is produced:

Traceback (most recent call last):
  File "./gdbus-2.0/codegen/gdbus-codegen.in", line 55, in <module>
    self.outfile.write(LICENSE_STR.format(config.VERSION))
ValueError    : sys.exit(codegen_main.codegen_main())
zero length field name in format

Instead of supporting an ancient version of Python that had its support ended
in October os 2013, it would be more pragmatic only to support Python2.7 and
above.

Luckily; CentOS6 has the centos-release-scl repository, which allows users to
install python2.7, and Debian 8 comes with Python2.7 already, making this patch
relatively low impact.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
[Peter: only look at major.minor to handle x.y.z with z < 10]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libpcap: bump to version 1.9.0

- Disable Endace DAG card support as libdag is not available in
buildroot
- Add upstream patch to fix build on musl

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Titouan Christophe <titouan.christophe@railnova.eu>
Tested-by: Yann E . MORIN <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/systemd: add optional iptables dependency

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/kf5/kf5-kcoreaddons: new package

KCoreAddons provides classes built on top of QtCore to perform various
tasks such as manipulating mime types, autosaving files, creating
backup files, generating random sequences, performing text
manipulations such as macro replacement, accessing user information
and many more.

Signed-off-by: Pierre Ducroquet <pinaraf@pinaraf.info>
[yann.morin.1998@free.fr + titouan.christophe@railnova.eu:
  - add missing qt5tools select
  - fix hash for new version
  - fix check-package
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
[Thomas:
- fix typo in LICENSE_FILE -> LICENSE_FILES
- add hash for license file
- change license to LGPL-2.1 instead of LGPL-2.1+, since at least one
   file says "2.1" without the "or later" option, and so saying just
   LGPL-2.1 is the safe choice
]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Introduce the variable BR2_TOOLCHAIN_HAS_UCONTEXT

It is set when the platform exposes the struct ucontext_t.

This avoids duplication of logic inside each package requiring
the use of that type.

Signed-off-by: Patrick Havelange <patrick.havelange@essensium.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libgeotiff: fix build without C++

Do not check for C++ compiler as libgeotiff is written in C otherwise
build will fail on toolchains without a working C++ compiler:

checking how to run the C++ preprocessor... /lib/cpp
configure: error: in
`/data/buildroot/buildroot-test/instance-1/output/build/libgeotiff-1.4.2':
configure: error: C++ preprocessor "/lib/cpp" fails sanity check

Fixes:
- http://autobuild.buildroot.org/results/72f1c5c1b8fc337a1cff4b280abe99afd65f945b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/intel-gmmlib: new package

Signed-off-by: Louis-Paul Cordier <lpdev@cordier.org>
[Thomas: updated DEVELOPERS file, bump to 18.4.1.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/ncdu: bump to version 1.13

Also added license hash

Signed-off-by: Gilles Talis <gilles.talis@gmail.com>
[Thomas: use a sha256 hash for the license file.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/openssh: Set /var/empty permissions

The openssh privilege separation feature, enabled by default,
requires that the path /var/empty exists and has certain permissions
(not writable by the sshd user). Note that nothing ever gets writting
in this directory, so it works fine on a readonly rootfs.

See README.privsep included as part of the openssh distribution.

Signed-off-by: Chris Lesiak <chris.lesiak@licor.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/netsurf: use TMP_PREFIX inside the build directory

The netsurf build system creates a stamp file inside TMP_PREFIX to
know if the build was done, and if the stamp file exists, it doesn't
do any build. Therefore, having this stamp file in STAGING_DIR
prevents from rebuilding netsurf, even after removing its entire build
directory: the stamp file exists in STAGING_DIR, and netsurf doesn't
build anything, causing the installation to fail.

We fix this by putting this temporary directory inside the netsurf
build directory. We must mkdir this directory manually, otherwise the
build fails with:

COMPILE: src/stylesheet.c
In file included from src/stylesheet.c:12:0:
src/stylesheet.h:14:10: fatal error: libwapcaplet/libwapcaplet.h: No such file or directory
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[Arnout: mkdir it first]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

package/ntp: sntp time sync script

This patch adds the installation of a startup script if the sntp
utility is selected as an option. The utility is design to do a
one time step/slew adjustment of the system time (similar to the
ntpdate tool http://support.ntp.org/bin/view/Dev/DeprecatingNtpdate).
One nice benefit over ntpdate is that sntp can run while ntpd is still
running. However, ntpd may still need to be restarted if the time
step was large enough.

The script provides the ability to override the arguments as part of a
/etc/defaults/sntp file.

On a local LAN, the initial large step adjustment took less then
one second to be retrieved and system time updated. If a user already
has a RTC maintaining the time and the system was powered off for
a long period of time, the script assumes a slew adjustment when
+/- 128ms, rather then a time step(jump). This could be further
tuned by a user with the /etc/defaults/sntp configuration file.

One NTP pool server is being set as sntp uses all of the servers
provided when the DNS is resolved as servers to attempt to retrieve
time from before timing out. It looks like currently that is 4 servers
per *pool.ntp.org hostname.

Cc: Oscar Gomez Fuente <oscargomezf@gmail.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Tested-by: Oscar Gomez Fuente <oscargomezf@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

linux: add option to enable support for Device Tree overlays

Add an option to compile device trees in Linux with symbol generation
such that device tree overlays can be loaded on the target system

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
[Arnout: remove "default n" and move setting of LINUX_MAKE_ENV to the
place where the rest is set.]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>

libpcap: add support for bluez5_utils

bluez5_utils support has been added since version 1.8.0 and
https://github.com/the-tcpdump-group/libpcap/commit/b3776f3d50df9de9fcf702bd21a3ecb2539ffef4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

libpcap: remove unrecognized canusb option

canusb has been removed since version 1.8.1 and
https://github.com/the-tcpdump-group/libpcap/commit/93ca5ff7030aaf1219e1de05ec89a68384bfc50b

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Reviewed-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/wireguard: bump version to 0.0.20190123

For details of the changes, see the announcement:
https://lists.zx2c4.com/pipermail/wireguard/2019-January/003805.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/s6-linux-utils: bump to 2.5.0.0

In 2.4.0.2, compilation under glibc 2.28 is fixed (and our local patch can
thus be removed).
While at it, bump to the latest released version 2.5.0.0.

Note: change in COPYING file is only the copyright year.

>From the NEWS file:
"""
In 2.5.0.0
----------
- Optional nsss support.
- s6-devd, s6-uevent-listener, s6-uevent-spawner removed.

In 2.4.0.2
----------
- s6-logwatch rewrite.
- Better portability with old glibc versions.
- s6-uevent-listener and s6-uevent-spawner are marked as deprecated. (The
mdevd package obsoletes them.)
"""

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

pcre2: bump to version 10.32

- Remove patch (already in version)
- Update hash of license file:
https://vcs.pcre.org/pcre2/code/trunk/LICENCE?r1=1001&r2=910

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/opentracing-cpp: bump version to v1.5.1

Bump opentracing-cpp from 1.2.0 to 1.5.1.
The license has changed from MIT to Apache-2.0.
The patch is removed because it has been upstreamed.

Signed-off-by: Jan Heylen <jan.heylen@nokia.com>
[ThomasDS: Additional bump from v1.3.0 to v1.5.1]
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/aircrack-ng: bump to version 1.5.2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/aircrack-ng: add optional cmocka dependency

cmocka dependency has been added in version 1.3 with
https://github.com/aircrack-ng/aircrack-ng/commit/e3a3a6db30ca99c2473928621a1ba234abcaebf3

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/aircrack-ng: add optional hwloc dependency

hwloc dependency has been added in version 1.4 with
https://github.com/aircrack-ng/aircrack-ng/commit/c31b27449962bc69638b32ec14e0ffdb8997dfcf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

package/python3: add upstream security fix for CVE-2019-5010

Fixes CVE-2019-5010: NULL pointer dereference using a specially crafted X509
certificate

https://bugs.python.org/issue35746

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python: add upstream security fix for CVE-2019-5010

Fixes CVE-2019-5010: NULL pointer dereference using a specially crafted X509
certificate

https://bugs.python.org/issue35746

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/docker-engine: drop unused _DAEMON option

Since commit de336584d2 (package/docker-engine: split docker-{cli, engine},
bump to v18.09.0), the docker-engine package only builds the daemon part,
and the .mk file no longer use the _DAEMON option, so drop it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Tested-by: Christian Stewart <christian@paral.in>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

python-cython: bump to version 0.29.4

Signed-off-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

docs/website: update for 2018.02.10

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Update for 2018.02.10

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5a697610a0af405aac0f7bd98ddf38bc48bc1b7a)
[Peter: drop Makefile changes]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>