This patch rework the use of query.yahooapis.com to do the conversion
from xml to json required by our script and moves to the use of a js
library. Datas are therefore now converted in json format on the client.
Unfortunately, cause of the CORS restriction on nabble and
buildroot.org, we cannot retrieve directly the xml data from these
servers and we need a CORS proxy to do that.
James Hilliard [Mon, 4 Feb 2019 13:28:11 +0000 (14:28 +0100)]
docs/website: consolidate CDN's and enable SRI
Some of our cdn's are going discontinued (rawgit) and some others are
not recommended anymore, thus we update to the recommended cdnjs.
This patch enables also SRI protection on js to be sure the modules we
download are not manipulated in any way.
About SRI:
https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
Vivien Didelot [Sat, 26 Jan 2019 00:34:06 +0000 (19:34 -0500)]
Makefile: add update-defconfig target
For symmetry with the Kconfig-based packages offering comprehensive
targets like linux-update-defconfig, barebox-update-defconfig and so
on, add a new top level update-defconfig target to run savedefconfig.
Commit d2b52cebf3b8b4a922a54d38a44a8a183406c5f1 disabled clapack on MIPS
platforms, to fix an autobuild failure (unfortunately, the results are no
longer available). The argument was:
"Disable this package for MIPS because it needs IRIX headers and
libraries."
Nevertheless, today compilation on MIPS seems to work fine. Testing was done
with test-pkg (armadillo depends on clapack):
$ echo "BR2_PACKAGE_ARMADILLO=y" > config.snippet;
$ utils/test-pkg -p armadillo -a -c config.snippet
br-mips32r6-el-hf-glibc [1/8]: OK
br-mips64-n64-full [2/8]: OK
br-mips64r6-el-hf-glibc [3/8]: OK
br-mipsel-o32-full [4/8]: OK
mips64el-ctng_n32-linux-gnu [5/8]: OK
mips64el-ctng_n64-linux-gnu [6/8]: OK
sourcery-mips64 [7/8]: OK
sourcery-mips [8/8]: OK
8 builds, 0 skipped, 0 build failed, 0 legal-info failed
Manual build tests were also done for mips32r2 with gcc 4.9.x and gcc 7.x,
and for M5150 with gcc 7.x (Buildroot-built toolchains in these three
cases).
Also building and running on Octeon III, using the toolchain provided by
Cavium Networks / Marvell, works fine.
Not seeing any problem (but also not understanding the original problem),
re-enable clapack (and armadillo) on MIPS. If any problems would pop up in
the future, they should be investigated in detail and a more fine-grained
solution should be taken than disabling on MIPS altogether.
Fixes: http://autobuild.buildroot.net/results/121a9f2aacf9e7b1f5d0b3f2c55bc1da36c7cfb6/ Signed-off-by: Thomas De Schampheleire <[email protected]> Signed-off-by: Peter Korsgaard <[email protected]>
Adam Duskett [Sun, 16 Dec 2018 23:27:33 +0000 (18:27 -0500)]
dependencies.sh: Check for a host python version >= 2.7
Older distributions such as CentOS6 come with python2.6, which causes build
failures in packages such as host-libglib2 because they require python2.7 and
above.
host-libglib2 will produce the error message:
/bin/sh: python2.7: command not found
Python2.7 is a hard-coded value in configure.ac. If one changes the value to
just "python," the following stack trace is produced:
Traceback (most recent call last):
File "./gdbus-2.0/codegen/gdbus-codegen.in", line 55, in <module>
self.outfile.write(LICENSE_STR.format(config.VERSION))
ValueError : sys.exit(codegen_main.codegen_main())
zero length field name in format
Instead of supporting an ancient version of Python that had its support ended
in October os 2013, it would be more pragmatic only to support Python2.7 and
above.
Luckily; CentOS6 has the centos-release-scl repository, which allows users to
install python2.7, and Debian 8 comes with Python2.7 already, making this patch
relatively low impact.
Signed-off-by: Adam Duskett <[email protected]>
[Peter: only look at major.minor to handle x.y.z with z < 10] Signed-off-by: Peter Korsgaard <[email protected]>
KCoreAddons provides classes built on top of QtCore to perform various
tasks such as manipulating mime types, autosaving files, creating
backup files, generating random sequences, performing text
manipulations such as macro replacement, accessing user information
and many more.
Signed-off-by: Pierre Ducroquet <[email protected]>
[[email protected] + [email protected]:
- add missing qt5tools select
- fix hash for new version
- fix check-package
] Signed-off-by: Yann E. MORIN <[email protected]> Signed-off-by: Titouan Christophe <[email protected]>
[Thomas:
- fix typo in LICENSE_FILE -> LICENSE_FILES
- add hash for license file
- change license to LGPL-2.1 instead of LGPL-2.1+, since at least one
file says "2.1" without the "or later" option, and so saying just
LGPL-2.1 is the safe choice
] Signed-off-by: Thomas Petazzoni <[email protected]>
Do not check for C++ compiler as libgeotiff is written in C otherwise
build will fail on toolchains without a working C++ compiler:
checking how to run the C++ preprocessor... /lib/cpp
configure: error: in
`/data/buildroot/buildroot-test/instance-1/output/build/libgeotiff-1.4.2':
configure: error: C++ preprocessor "/lib/cpp" fails sanity check
Chris Lesiak [Mon, 17 Dec 2018 22:25:32 +0000 (22:25 +0000)]
package/openssh: Set /var/empty permissions
The openssh privilege separation feature, enabled by default,
requires that the path /var/empty exists and has certain permissions
(not writable by the sshd user). Note that nothing ever gets writting
in this directory, so it works fine on a readonly rootfs.
See README.privsep included as part of the openssh distribution.
Thomas Petazzoni [Mon, 17 Dec 2018 08:47:10 +0000 (09:47 +0100)]
package/netsurf: use TMP_PREFIX inside the build directory
The netsurf build system creates a stamp file inside TMP_PREFIX to
know if the build was done, and if the stamp file exists, it doesn't
do any build. Therefore, having this stamp file in STAGING_DIR
prevents from rebuilding netsurf, even after removing its entire build
directory: the stamp file exists in STAGING_DIR, and netsurf doesn't
build anything, causing the installation to fail.
We fix this by putting this temporary directory inside the netsurf
build directory. We must mkdir this directory manually, otherwise the
build fails with:
COMPILE: src/stylesheet.c
In file included from src/stylesheet.c:12:0:
src/stylesheet.h:14:10: fatal error: libwapcaplet/libwapcaplet.h: No such file or directory
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
Signed-off-by: Thomas Petazzoni <[email protected]>
[Arnout: mkdir it first] Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <[email protected]>
Matt Weber [Wed, 12 Dec 2018 03:45:37 +0000 (21:45 -0600)]
package/ntp: sntp time sync script
This patch adds the installation of a startup script if the sntp
utility is selected as an option. The utility is design to do a
one time step/slew adjustment of the system time (similar to the
ntpdate tool http://support.ntp.org/bin/view/Dev/DeprecatingNtpdate).
One nice benefit over ntpdate is that sntp can run while ntpd is still
running. However, ntpd may still need to be restarted if the time
step was large enough.
The script provides the ability to override the arguments as part of a
/etc/defaults/sntp file.
On a local LAN, the initial large step adjustment took less then
one second to be retrieved and system time updated. If a user already
has a RTC maintaining the time and the system was powered off for
a long period of time, the script assumes a slew adjustment when
+/- 128ms, rather then a time step(jump). This could be further
tuned by a user with the /etc/defaults/sntp configuration file.
One NTP pool server is being set as sntp uses all of the servers
provided when the DNS is resolved as servers to attempt to retrieve
time from before timing out. It looks like currently that is 4 servers
per *pool.ntp.org hostname.
linux: add option to enable support for Device Tree overlays
Add an option to compile device trees in Linux with symbol generation
such that device tree overlays can be loaded on the target system
Signed-off-by: Titouan Christophe <[email protected]>
[Arnout: remove "default n" and move setting of LINUX_MAKE_ENV to the
place where the rest is set.] Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <[email protected]>
In 2.4.0.2, compilation under glibc 2.28 is fixed (and our local patch can
thus be removed).
While at it, bump to the latest released version 2.5.0.0.
Note: change in COPYING file is only the copyright year.
>From the NEWS file:
"""
In 2.5.0.0
----------
- Optional nsss support.
- s6-devd, s6-uevent-listener, s6-uevent-spawner removed.
In 2.4.0.2
----------
- s6-logwatch rewrite.
- Better portability with old glibc versions.
- s6-uevent-listener and s6-uevent-spawner are marked as deprecated. (The
mdevd package obsoletes them.)
"""
Jan Heylen [Thu, 31 Jan 2019 20:38:45 +0000 (21:38 +0100)]
package/opentracing-cpp: bump version to v1.5.1
Bump opentracing-cpp from 1.2.0 to 1.5.1.
The license has changed from MIT to Apache-2.0.
The patch is removed because it has been upstreamed.
Signed-off-by: Jan Heylen <[email protected]>
[ThomasDS: Additional bump from v1.3.0 to v1.5.1] Signed-off-by: Thomas De Schampheleire <[email protected]> Signed-off-by: Peter Korsgaard <[email protected]>
Peter Korsgaard [Fri, 1 Feb 2019 22:04:08 +0000 (23:04 +0100)]
package/docker-engine: drop unused _DAEMON option
Since commit de336584d2 (package/docker-engine: split docker-{cli, engine},
bump to v18.09.0), the docker-engine package only builds the daemon part,
and the .mk file no longer use the _DAEMON option, so drop it.
Peter Korsgaard [Wed, 30 Jan 2019 21:27:13 +0000 (22:27 +0100)]
docker-compose: backport upstream patch for pyyaml 4.x support
Otherwise docker-compose fails at runtime with:
docker-compose
Traceback (most recent call last):
File "/usr/bin/docker-compose", line 6, in <module>
from pkg_resources import load_entry_point
File "usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 3123, in <module>
File "usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 3107, in _call_aside
File "usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 3136, in _initialize_master_working_set
File "usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 580, in _build_master
File "usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 593, in _build_from_requirements
File "usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 781, in resolve
pkg_resources.DistributionNotFound: The 'PyYAML<4,>=3.10' distribution was not found and is required by docker-compose
Fabrice Fontaine [Tue, 29 Jan 2019 19:39:29 +0000 (20:39 +0100)]
leveldb: disable parallel build
Commit abba4e701246f69bc22ca9045e9932abfe9228e9 did not succeed in
fixing all parallel build failures because sometimes $(SHARED_OUTDIR) is
created but not $(SHARED_OUTDIR)/db so instead of fixing this mess,
revert the patch and disable parallel build as upstream switched to
cmake
Fabrice Fontaine [Tue, 29 Jan 2019 20:27:35 +0000 (21:27 +0100)]
mbedtls: security bump to version 2.7.9
CVE-2018-19608 is fixed by bumping mbdedtls to a version greater or
equal to 2.7.8, see
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03
Chris Packham [Mon, 28 Jan 2019 07:29:34 +0000 (20:29 +1300)]
package/syslog-ng: allow building with static libraries
Bring in an upstream patch to fix builds for targets which lack dlfcn.h
and revert "package/syslog-ng: depend on !BR2_STATIC_LIBS".
This reverts commit 44dbd2907c5995b0b0c56cb2274dc60415205dd8. Now that
upstream has different fix for the build issues with a static libc we
can re-enable syslog-ng on these systems.
support/testing/infra/basetest: support br2-external
Some upcoming test cases can use one or more br2-external trees as
fixtures that provide packages used only in runtime tests.
Add support for br2-external into the BRTest class. Any test case can
then provide a list of paths for being used as br2-external trees
during the build of the image to test.
support/testing/infra/builder: configure and build with make target and environment
Make the builder able to call 'VAR1=1 make VAR2=2 target'.
Allow sending extra parameters to be added to the end of make command
line. Uses for these purposes:
- to configure a br2-external, using the 'BR2_EXTERNAL="dir" variable.
- to specify a make target, such as 'foo-source.'
Allow adding variables to the environment when calling make.
These added variables allow a user to override default values from BuildRoot,
such as 'BR2_DL_DIR="dl"'.
utils/check-package: allow to disable warning for a line
Currently any exceptions for a check function need to be coded into the
check-package script itself.
Create a pattern that can be used in a comment to make check-package
ignore one or more warning types in the line immediately below:
# check-package Indent, VariableWithBraces
Yann E. MORIN [Tue, 29 Jan 2019 12:36:08 +0000 (13:36 +0100)]
package/busybox: drop empty configure command
Since commit 50dc350c65 (package/busybox: update to 1.29.0), we no
longer define the BUSYBOX_NOCLOBBER_INSTALL macro, so it expands to an
empty string, so we end up with no action in BUSYBOX_CONFIGURE_CMDS.
Drop BUSYBOX_CONFIGURE_CMDS now that it serves no purpose.
jemalloc uses architecture #ifdefs to determine LG_QUANTUM and gives an
error when an unsupported architecture is used.
For this reason, Buildroot commit 3baf996c6a2b57ffaaa4627c1e04ff67c30e9754
introduced BR2_PACKAGE_JEMALLOC_ARCH_SUPPORTS.
In the jemalloc sources, 'mips' is checked via '__mips__' which is set both
for 32-bit as 64-bit MIPS (including MIPS64 n32).
However, the Buildroot arch selection only includes 32-bit MIPS via BR2_mips
and BR2_mipsel.
Peter Korsgaard [Fri, 25 Jan 2019 15:03:04 +0000 (16:03 +0100)]
tpm2-tools: drop dependency on tpm2-abrmd
tpm2-tools is commonly used with the resource manager, tpm2-abrmd - But it
CAN be used without, E.G. by setting the TPM2TOOLS_TCTI_NAME environment
variable to communicate directly with the kernel driver:
export TPM2TOOLS_TCTI_NAME=device
Either directly with the TPM device (/dev/tpmN) or through the in-kernel
resource manager provided by Linux kernel since 4.12 (/dev/tpmrmN)
For some use cases (E.G. initramfs) it makes sense to use tpm2-tools
without abrmd, so remove the tpm2-abrmd select, and instead a note in the
help text that it may be needed.
Fabrice Fontaine [Mon, 28 Jan 2019 20:04:07 +0000 (21:04 +0100)]
minizip: disable compatibility headers
minizip enables zip.h and unzip.h compatibility headers since version
2.7.2 and
https://github.com/nmoinvaz/minizip/commit/1b2b32c8b8c7ea441b14a2fd827d7e2dc886776c
This is an issue as php fails to build if minizip is built after libzip
because minizip installs a zip.h header without zip_stat, ZIP_CREATE,
ZIP_FL_NOCASE, zip_fopen, etc ...
So until the compatibility headers are enhanced/fixed in minizip, disable them
Fabrice Fontaine [Thu, 17 Jan 2019 19:02:52 +0000 (20:02 +0100)]
gnutls: fix build on sparc
gnutls source code uses the C++11 <atomic> functionality since
https://github.com/gnutls/gnutls/commit/7978a733460f92b31033affd0e487c86d66c643d,
which internally is implemented using the __atomic_*() gcc built-ins
On certain architectures, the __atomic_*() built-ins are implemented in
the libatomic library that comes with the rest of the gcc runtime. Due
to this, code using <atomic> might need to link against libatomic,
otherwise one hits build issues such as:
../lib/.libs/libgnutls.so: undefined reference to `__atomic_fetch_sub_4'
on an architecture like SPARC.
To solve this, a configure.ac check is added to know if we need to
link against libatomic or not. The library is also added to gnutls.pc.
Overriding variables in packages recipes is an error-prone practice.
Current behavior of installing either only as a script or only as a
binary is intended, as describe in the commit log of "d3e4db4e34
usb_modeswitch: bump to version 1.2.6" from 2013.
Rewrite the code to keep the same behavior while replacing variable
override [1] by conditional assignments [2].
package/usb_modeswitch: drop unicode space in comment
Commit "a554109af8 package/usb_modeswitch: disable parallel build" added
a unicode space in a comment. Replace it with a normal ASCII space for
consistency with elsewhere.
This reverts commit d1f545004bf0533064363d87c2d7c71e7acf7435 from 2014
because the added variables already existed. The real problem at the
time was that one of the pre-existent variables had a typo, fixed in a
later commit.
Currently AVRDUDE_LICENSE and AVRDUDE_LICENSE_FILES are declared twice
with the same values for each one. So remove one of them.
package/sdl_sound: actually use the optional CONF_OPTS
Since "57ace26b6c package/sdl_sound: add optional support for
libmodplug" from 2016, optional CONF_OPTS are added but they do not
really take effect because there is an unconditional override below the
conditional append.
Currently this does not cause build failures, but it can lead to wrong
detection of dependencies because many explicit --enable/--disable are
not passed to configure.
Fix this by moving the unconditional code to the top.
package/s6-networking: fix dependency when libressl is enabled
Commit "c5b85231fb s6-networking: enable SSL if libressl is selected"
actually dropped the dependency on s6-dns and s6 when libressl is
enabled.
Fix this by using += inside the conditional code.
Vadim Kochan [Fri, 25 Jan 2019 16:04:13 +0000 (17:04 +0100)]
package/vboot-utils: Add support for openssl 1.1.x
Backported changes from commit bce7904376beee2912932433a4634c1c25afe2f5,
there was some conflicts in few places which includes openssl_compat.h and
1 place in vb2_rsa_sig_alg function.
Jörg Krause [Thu, 24 Jan 2019 10:07:17 +0000 (11:07 +0100)]
package/upmpdcli: fix static build issue
The spotify plugin requires shared library support and needs <dlfcn.h>.
Explicitly disable the spotify plugin when building upmpdcli in a static
context.
"libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards
(release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in
RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(),
realloc(rar->lzss.window, new_size) with new_size = 0 that can result in
Crash/DoS. This attack appear to be exploitable via the victim must open a
specially crafted RAR archive."
"libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards
(release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in
RAR decoder - libarchive/archive_read_support_format_rar.c that can result
in Crash/DoS - it is unknown if RCE is possible. This attack appear to be
exploitable via the victim must open a specially crafted RAR archive."
"libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards
(release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference
vulnerability in ACL parser - libarchive/archive_acl.c,
archive_acl_from_text_l() that can result in Crash/DoS. This attack appear
to be exploitable via the victim must open a specially crafted archive
file."
"libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards
(release v3.2.0 onwards) contains a CWE-20: Improper Input Validation
vulnerability in WARC parser -
libarchive/archive_read_support_format_warc.c, _warc_read() that can result
in DoS - quasi-infinite run time and disk usage from tiny file. This attack
appear to be exploitable via the victim must open a specially crafted WARC
file."
Bernd Kuhls [Sun, 27 Jan 2019 16:04:56 +0000 (17:04 +0100)]
package/freeswitch: bump version to 1.8.5
Removed patch 0002, not needed anymore after upstream commit
https://freeswitch.org/stash/projects/FS/repos/freeswitch/commits/13f6890f411598bd2c567762d457d1a8163a7a8a
projects / buildroot-mgba.git / log