Compare commits

..

23 Commits

Author SHA1 Message Date
Peter Korsgaard aaf6c28a5c Update for 2016.02
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 21:47:30 +01:00
Baruch Siach 6aa9606e7a slang: fix static link with readline
slang forgets to link with ncurses that is a dependency of readline when
linking the slsh binary. Correct this.

While at it, also make sure to use staging ncurses5-config script and not the
host one. slang uses ncurses5-config to find terminfo location, and only
staging ncurses5-config provides the correct run-time location.

Fixes:
http://autobuild.buildroot.net/results/1dc/1dc52048254c32a24070fef1c1039cebb32e7ac1/
http://autobuild.buildroot.net/results/c17/c176511cbb147c2d8cb0ec0ff3c1612ce8971cb8/
http://autobuild.buildroot.net/results/78d/78dc2ba07b1d7f888aab94e223f3e0b1a1df3af5/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 21:00:50 +01:00
Gustavo Zacarias 318a4d8489 heirloom-mailx: disable SSLv2 support
Now that openssl has dropped SSLv2 support from the latest security bump
we need to patch it out here as well. Fixes:
http://autobuild.buildroot.net/results/dab/dab1629cfcb5cb33706d0c762dba57baa43299a5/

Patch status: debian upstream.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 20:53:29 +01:00
Peter Korsgaard c2f6b5d697 tn5250: don't reference SSLv2/v3 functions if openssl is built without them
Fixes:
http://autobuild.buildroot.net/results/83e/83e29482cad6adef18a0e97bc8e75df302467dbb/

The recent openssl security bump disabled SSLv2 support, but tn5250 was
still referencing SSLv2 functions breaking the build.

Include a patch from OpenBSD to only reference the SSLv2 / SSLv3 symbols if
openssl is built with support for them.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 19:52:49 +01:00
Peter Korsgaard aa016cd653 python-m2crypto: don't reference SSLv2 functions if openssl is built without SSLv2 support
Fixes:
http://autobuild.buildroot.net/results/018/0183ba8c9fccc87f9e72279c49c2fdc1a9fcb556/

The recent openssl security bump disabled SSLv2 support, but python-m2crypto
was still referencing SSLv2 functions causing undefined symbols when the
module was imported.  Backport an upstream patch to only reference these
symbols if openssl is built with SSLv2 support.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 18:13:58 +01:00
Antoine Ténart 1d916a5d16 imx-gpu-viv: fix build dependencies when linking against libGAL.so
Packages like QT5 Base with OpenGL and X support link against libGAL.so
at build time. This results in an error because some X functions used
in libGAL.so aren't referenced as the libXdamage, libXext and libXfixes
packages aren't built and installed into sysroot at the time. Fix this
by adding these three packages as build dependencies of imx-gpu-viv.

Signed-off-by: Antoine Tenart <antoine.tenart@free-electrons.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 17:46:52 +01:00
Gustavo Zacarias 25b218c144 openssl: security bump to version 1.0.2g
Fixes:
CVE-2016-0800 - Cross-protocol attack on TLS using SSLv2 (DROWN)
CVE-2016-0705 - Double-free in DSA code
CVE-2016-0798 - Memory leak in SRP database lookups
CVE-2016-0797 - BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption
CVE-2016-0799 - Fix memory issues in BIO_*printf functions
CVE-2016-0702 - Side channel attack on modular exponentiation

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 15:48:08 +01:00
Baruch Siach a6209d1b97 zsh: use the correct target pcre-config
zsh configure script mis-detects the location of pcre-config, and may use that
of host-pcre or that of the host instead of the target. Make configure use the
correct pcre-config.

Thanks to Thomas Petazzoni for pointing me at the right direction.

Fixes:
http://autobuild.buildroot.net/results/b12/b12aadf3016dab0941cae780fa9ee7bf9be8fcda/
http://autobuild.buildroot.net/results/8e8/8e8b12dbca4ef8cac2e5f33cd3cdcddd8e849840/
http://autobuild.buildroot.net/results/473/473197ec8e323ea7ae0e29e6363525dc42f9da2c/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 12:48:29 +01:00
Luca Ceresoli 2004003697 docs/manual: add section about patch licensing
Use the same text that is used in COPYING.

Signed-off-by: Luca Ceresoli <luca@lucaceresoli.net>
Cc: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Cc: Peter Korsgaard <peter@korsgaard.com>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Steve Calfee <stevecalfee@gmail.com>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 12:46:58 +01:00
Vicente Olivert Riera 1834024ba0 sox: disable SSP when using MIPS Codescape toolchains
MIPS Codescape toolchains don't support stack-smashing protection
despite of using glibc, therefore we see failures like this one:

mips-img-linux-gnu/bin/ld: cannot find -lssp

Fixes:
  http://autobuild.buildroot.net/results/957/95721f7b88c46a20202fb02e408817097df965c3/

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 11:30:34 +01:00
Luca Ceresoli 8b186e089d CHANGES: fix typo
Cc: Peter Korsgaard <peter@korsgaard.com>

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 11:23:34 +01:00
niranjan.reddy 2311d54ec4 libfcgi:add security patch for CVE-2012-6687
Fix-CVE-2012-6687 - remote attackers cause a denial of service (crash)
via a large number of connections (http://www.cvedetails.com/cve/CVE-2012-6687/).
use poll in os_unix.c instead of select to avoid problem with > 1024 connections.
The patch libfcgi_2.4.0-8.3.debian.tar.xz is taken from the below link:
(https://launchpad.net/ubuntu/+source/libfcgi/2.4.0-8.3)
The next release of libfcgi is 2.4.1 which may have this fix is yet to be released
officially.

Signed-off-by: Niranjan Reddy <niranjan.reddy@rockwellcollins.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 11:18:27 +01:00
Thomas Petazzoni 18f3a22dce linux-headers: fix circular dependency when HEADERS_AS_KERNEL is used
The linux-headers -> linux dependency causes a circular dependency, breaking
the source/legal-info/graph-depends/..  targets:

make graph-depends
Getting targets
Getting dependencies for ['toolchain-buildroot', 'toolchain', 'busybox',
'glibc', 'initscripts', 'linux-headers', 'skeleton', 'linux',
'host-fakeroot', 'host-makedevs', 'rootfs-cpio', 'rootfs-initramfs']
Getting dependencies for ['host-kmod', 'host-gcc-final',
'host-gcc-initial', 'host-gawk']
Getting dependencies for ['host-gmp', 'host-binutils', 'host-pkgconf',
'host-mpfr', 'host-mpc']
Getting dependencies for ['host-m4']

Recursion detected for  : toolchain
which is a dependency of: linux
which is a dependency of: linux-headers
which is a dependency of: glibc
which is a dependency of: host-gcc-final
which is a dependency of: toolchain-buildroot
which is a dependency of: toolchain
Makefile:721: recipe for target 'graph-depends' failed
make: *** [graph-depends] Error 1

Fix it by instead duplicating in linux-headers the 10-20 lines of linux.mk
logic that infer the _SOURCE/_SITE/_VERSION from the BR2_LINUX_KERNEL_*
variables.

This does mean that we extract the kernel sources twice though.

[Peter: use same git/hg tarball as linux kernel to not clone twice, minor fixes]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-03-01 09:43:37 +01:00
Gustavo Zacarias 4ac9738be9 squid: security bump to version 3.5.15
Fixes:
SQUID-2016:2 - Multiple Denial of Service issues in HTTP Response
processing.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-29 23:06:10 +01:00
Peter Korsgaard 8d1d6ddd1b CHANGES: Add note about the recent linux timeconst.pl patch feature
This was added just before -rc1, but was forgotten in CHANGES.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-02-29 22:00:43 +01:00
Gustavo Zacarias d42c714225 powerpc-utils: needs dynamic toolchain
Fixes:
http://autobuild.buildroot.net/results/a12/a1240ed6facb99518d71153c099dbd7d3d847af6/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-29 21:46:01 +01:00
Gustavo Zacarias 327c75b0c4 xerces: security bump to version 3.1.3
Fixes:
CVE-2016-0729 - Apache Xerces-C XML Parser Crashes on Malformed Input

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-29 21:43:49 +01:00
John Keeping 8f65c4151b bluez5_utils: fix big endian build
This patch has been accepted upstream and requires no changes to apply
to 5.37.

Fixes:

  http://autobuild.buildroot.org/results/2bf4e5ea9b67b80ba38bfeaf71b747a92be09011/

Signed-off-by: John Keeping <john@metanate.com>
[Thomas:
 - add reference to upstream commit
 - add John's SoB to the patch itself
 - add reference to autobuilder failure.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-28 23:07:08 +01:00
Eric Limpens 3c434d2afc pifmrds: add patch to correct linking in static build
This patch fixes an autobuild error during a static build:
http://autobuild.buildroot.net/results/f61ae46ba4d4fc3af3784d1f612a8c1cc7de3314/

Signed-off-by: Eric Limpens <limpens@gmail.com>
[Arnout: clean up commit message and patch log]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-28 23:04:25 +01:00
Bernd Kuhls 0b98bb7f83 package/kodi-pvr-nextpvr: Fix compile error with gcc5
Fixes
http://autobuild.buildroot.net/results/eea/eea7be8691bad11546fbc9b8d3f1c0528ffd2619/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-28 22:33:22 +01:00
Bernd Kuhls 66dd821bc8 package/kodi-pvr-mediaportal-tvserver: Fix compile error with gcc5
Fixes
http://autobuild.buildroot.net/results/651/651c47c611f0eaa317acb338d609d8851ea7b463/
http://autobuild.buildroot.net/results/63e/63edc869b780e387a8e94334bbe52ffa1c2a5f85/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-28 22:33:04 +01:00
Bernd Kuhls 45d4ead225 package/kodi-pvr-argustv: Fix compile error with gcc5
Fixes
http://autobuild.buildroot.net/results/dac/dacc3bd00ab2346d7655c0a1fb99f6c50b9da08b/
http://autobuild.buildroot.net/results/a6d/a6d3b510681f54f5625908930b4da73bf9edccf7/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-28 22:32:49 +01:00
Gustavo Zacarias a1f2a85277 linux-headers: bump 3.{2, 12}.x series
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-02-28 22:27:39 +01:00
30 changed files with 577 additions and 42 deletions
+17
View File
@@ -1,3 +1,15 @@
2016.02, Released March 1st, 2016
Minor fixes, mostly security related.
Circular dependency issue with same-as-kernel linux-headers
option fixed.
Updated/fixed packages: bluez5_utils, heirloom-mailx,
imx-gpu-viv, kodi-pvr-argustv, kodi-pvr-mediaportal-tvserver,
kodi-pvr-nextpvr, libfcgi, openssl, pifmrds, powerpc-utils,
python-m2crypto, slang, sox, squid, tn5250, xerces, zsh
2016.02-rc3, Released February 27th, 2016
Fixes all over the tree.
@@ -67,6 +79,11 @@
A number of defconfigs have been extended to generate complete
system images using genimage.
Linux: Automatically patch timeconst.pl for <3.9 kernels,
which isn't compatible with modern perl versions, breaking the
build when building on recent (Fedora 23, Debian
Testing/Unstable, ..) distributions.
Makedevs utility now accepts textual (non-numerical) user and
group names.
+1 -1
View File
@@ -41,7 +41,7 @@ else # umask
all:
# Set and export the version string
export BR2_VERSION := 2016.02-rc3
export BR2_VERSION := 2016.02
# Save running make version since it's clobbered by the make package
RUNNING_MAKE_VERSION := $(MAKE_VERSION)
+15 -2
View File
@@ -134,11 +134,13 @@ Buildroot, with the name used in the manifest files:
http://apache.org/licenses/LICENSE-2.0.html[
Apache License, version 2.0];
[[legal-info-buildroot]]
=== Complying with the Buildroot license
Buildroot itself is an open source software, released under the
http://www.gnu.org/licenses/old-licenses/gpl-2.0.html[GNU General Public
License, version 2] or (at your option) any later version.
http://www.gnu.org/licenses/old-licenses/gpl-2.0.html[GNU General
Public License, version 2] or (at your option) any later version, with
the exception of the package patches detailed below.
However, being a build system, it is not normally part of the end product:
if you develop the root filesystem, kernel, bootloader or toolchain for a
device, the code of Buildroot is only present on the development machine, not
@@ -159,3 +161,14 @@ material that must be redistributed.
Keep in mind that this is only the Buildroot developers' opinion, and you
should consult your legal department or lawyer in case of any doubt.
==== Patches to packages
Buildroot also bundles patch files, which are applied to the sources
of the various packages. Those patches are not covered by the license
of Buildroot. Instead, they are covered by the license of the software
to which the patches are applied. When said software is available
under multiple licenses, the Buildroot patches are only provided under
the publicly accessible licenses.
See xref:patch-policy[] for the technical details.
+1 -1
View File
@@ -91,7 +91,7 @@ If something goes wrong in the steps _3_ or _4_, then the build fails.
=== Format and licensing of the package patches
Patches are released under the same license as the software they apply
to.
to (see xref:legal-info-buildroot[]).
A message explaining what the patch does, and why it is needed, should
be added in the header commentary of the patch.
+11 -11
View File
@@ -8,40 +8,40 @@
<div class="panel-heading">Download</div>
<div class="panel-body">
<h3 style="text-align: center;">Latest stable release: <b>2015.11.1</b></h3>
<h3 style="text-align: center;">Latest stable release: <b>2016.02</b></h3>
<div class="row mt centered">
<div class="col-sm-6">
<div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
<div class="flipper">
<div class="front">
<a href="/downloads/buildroot-2015.11.1.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
<a href="/downloads/buildroot-2016.02.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
</div>
<div class="back">
<a href="/downloads/buildroot-2015.11.1.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
<a href="/downloads/buildroot-2016.02.tar.gz"><img src="images/zip.png" width="180" alt=""></a>
</div>
</div>
</div>
<h3><a href="/downloads/buildroot-2015.11.1.tar.gz">buildroot-2015.11.1.tar.gz</a></h3>
<p><a href="/downloads/buildroot-2015.11.1.tar.gz.sign">PGP signature</a></p>
<h3><a href="/downloads/buildroot-2016.02.tar.gz">buildroot-2016.02.tar.gz</a></h3>
<p><a href="/downloads/buildroot-2016.02.tar.gz.sign">PGP signature</a></p>
</div>
<div class="col-sm-6">
<div class="flip-container center-block" ontouchstart="this.classList.toggle('hover');">
<div class="flipper">
<div class="front">
<a href="/downloads/buildroot-2015.11.1.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
<a href="/downloads/buildroot-2016.02.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
</div>
<div class="back">
<a href="/downloads/buildroot-2015.11.1.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
<a href="/downloads/buildroot-2016.02.tar.bz2"><img src="images/package.png" width="180" alt=""></a>
</div>
</div>
</div>
<h3><a href="/downloads/buildroot-2015.11.1.tar.bz2">buildroot-2015.11.1.tar.bz2</a></h3>
<p><a href="/downloads/buildroot-2015.11.1.tar.bz2.sign">PGP signature</a></p>
<h3><a href="/downloads/buildroot-2016.02.tar.bz2">buildroot-2016.02.tar.bz2</a></h3>
<p><a href="/downloads/buildroot-2016.02.tar.bz2.sign">PGP signature</a></p>
</div>
</div>
<!--
<h3 style="text-align: center;">Latest release candidate: <b>2016.02-rc3</b></h3>
<div class="row mt centered">
<div class="col-sm-6">
@@ -75,7 +75,7 @@
<p><a href="/downloads/buildroot-2016.02-rc3.tar.bz2.sign">PGP signature</a></p>
</div>
</div>
-->
This and earlier releases (and their PGP signatures) can always be downloaded from
<a href="/downloads/">http://buildroot.net/downloads/</a>.
</div>
+18
View File
@@ -9,6 +9,24 @@
<h2>News</h2>
<ul class="timeline">
<li class="timeline-inverted">
<div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
<div class="timeline-panel">
<div class="timeline-heading">
<h4 class="timeline-title">2016.02 released</h4>
<p><small class="text-muted"><i class="glyphicon glyphicon-time"></i>1 March 2016</small></p>
</div>
<div class="timeline-body">
<p>The stable 2016.02 release is out - Thanks to everyone
contributing and testing the release candidates. See the
<a href="http://git.buildroot.net/buildroot/plain/CHANGES?id=2016.02">CHANGES</a>
file for more details
and go to the <a href="/downloads/">downloads page</a> to pick up the
<a href="/downloads/buildroot-2016.02.tar.bz2">2016.02 release</a>.</p>
</div>
</div>
</li>
<li>
<div class="timeline-badge"><i class="glyphicon glyphicon-thumbs-up"></i></div>
<div class="timeline-panel">
@@ -0,0 +1,39 @@
From 01d85fdf6a45150e82143803be3373d779d18522 Mon Sep 17 00:00:00 2001
From: John Keeping <john@metanate.com>
Date: Wed, 24 Feb 2016 13:57:38 +0000
Subject: [PATCH] tools/avinfo: Fix big endian build
Commit 101b439 (tools/avinfo: Add partial support for Sony LDAC) added a
new a2dp_ldac_t structure but only inside a little endian ifdef. Add
the same structure in the big endian code.
The structure definition doesn't differ for the big/little endian cases
but if the unknown fields are discovered in the future it might, so a
copy is added rather than pulling the existing definition below the
endif.
[John: backport from upstream commit 01d85fdf6a45150e82143803be3373d779d18522.]
Signed-off-by: John Keeping <john@metanate.com>
---
profiles/audio/a2dp-codecs.h | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/profiles/audio/a2dp-codecs.h b/profiles/audio/a2dp-codecs.h
index e9da0bf..4fb5c0c 100644
--- a/profiles/audio/a2dp-codecs.h
+++ b/profiles/audio/a2dp-codecs.h
@@ -234,6 +234,11 @@ typedef struct {
uint8_t channel_mode:4;
} __attribute__ ((packed)) a2dp_aptx_t;
+typedef struct {
+ a2dp_vendor_codec_t info;
+ uint8_t unknown[2];
+} __attribute__ ((packed)) a2dp_ldac_t;
+
#else
#error "Unknown byte order"
#endif
--
2.7.0.226.gfe986fe
+3 -2
View File
@@ -33,8 +33,9 @@ choice
config BR2_PACKAGE_IMX_GPU_VIV_OUTPUT_X11
bool "X11"
depends on BR2_PACKAGE_XORG7
select BR2_PACKAGE_XLIB_LIBXDAMAGE # Runtime dependency
select BR2_PACKAGE_XLIB_LIBXEXT # Runtime dependency
select BR2_PACKAGE_XLIB_LIBXDAMAGE
select BR2_PACKAGE_XLIB_LIBXEXT
select BR2_PACKAGE_XLIB_LIBXFIXES
comment "X11 backend needs Xorg package"
depends on !BR2_PACKAGE_XORG7
@@ -22,6 +22,14 @@ IMX_GPU_VIV_REDISTRIBUTE = NO
IMX_GPU_VIV_PROVIDES = libegl libgles libopenvg
IMX_GPU_VIV_LIB_TARGET = $(call qstrip,$(BR2_PACKAGE_IMX_GPU_VIV_OUTPUT))
ifeq ($(IMX_GPU_VIV_LIB_TARGET),x11)
# The libGAL.so library provided by imx-gpu-viv uses X functions. Packages
# may want to link against libGAL.so (QT5 Base with OpenGL and X support
# does so). For this to work we need build dependencies to libXdamage,
# libXext and libXfixes so that X functions used in libGAL.so are referenced.
IMX_GPU_VIV_DEPENDENCIES += xlib_libXdamage xlib_libXext xlib_libXfixes
endif
define IMX_GPU_VIV_EXTRACT_CMDS
$(call FREESCALE_IMX_EXTRACT_HELPER,$(DL_DIR)/$(IMX_GPU_VIV_SOURCE))
endef
@@ -0,0 +1,42 @@
From: Hilko Bengen <bengen@debian.org>
Date: Wed, 27 Apr 2011 00:18:42 +0200
Subject: Patched out SSL2 support since it is no longer supported by OpenSSL.
Now that openssl has dropped SSLv2 support we need to patch it out.
Patch picked up from debian patchseries 5.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
mailx.1 | 2 +-
openssl.c | 4 +---
2 files changed, 2 insertions(+), 4 deletions(-)
diff --git a/mailx.1 b/mailx.1
index 417ea04..a02e430 100644
--- a/mailx.1
+++ b/mailx.1
@@ -3575,7 +3575,7 @@ Only applicable if SSL/TLS support is built using OpenSSL.
.TP
.B ssl-method
Selects a SSL/TLS protocol version;
-valid values are `ssl2', `ssl3', and `tls1'.
+valid values are `ssl3', and `tls1'.
If unset, the method is selected automatically,
if possible.
.TP
diff --git a/openssl.c b/openssl.c
index b4e33fc..44fe4e5 100644
--- a/openssl.c
+++ b/openssl.c
@@ -216,9 +216,7 @@ ssl_select_method(const char *uhp)
cp = ssl_method_string(uhp);
if (cp != NULL) {
- if (equal(cp, "ssl2"))
- method = SSLv2_client_method();
- else if (equal(cp, "ssl3"))
+ if (equal(cp, "ssl3"))
method = SSLv3_client_method();
else if (equal(cp, "tls1"))
method = TLSv1_client_method();
@@ -0,0 +1,45 @@
From 2c15b3931410669f281cd7e183c81e550b7e7221 Mon Sep 17 00:00:00 2001
From: Balint Reczey <balint@balintreczey.hu>
Date: Wed, 23 Dec 2015 12:55:00 +0100
Subject: [PATCH 01/19] Sync enum representation of char_class_e in struct
traits with definition
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[backport of upstream patch from master branch:
https://github.com/kodi-pvr/pvr.argustv/commit/2c15b3931410669f281cd7e183c81e550b7e7221]
---
src/uri.h | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/uri.h b/src/uri.h
index 0b2afcd..c20600f 100644
--- a/src/uri.h
+++ b/src/uri.h
@@ -21,13 +21,13 @@
namespace uri
{
/// Char class.
- enum char_class_e
+ typedef enum char_class_e : signed char
{
CINV = -2, ///< invalid
CEND = -1, ///< end delimitor
CVAL = 0, ///< valid any position
CVA2 = 1, ///< valid anywhere but 1st position
- };
+ } char_class_e_type;
/// Traits used for parsing and encoding components.
struct traits
@@ -35,7 +35,7 @@ namespace uri
char* begin_cstring; ///< begin cstring (or 0 if none)
char begin_char; ///< begin char (or 0 if none)
char end_char; ///< end char (or 0 if none)
- char char_class[256]; ///< map of char to class
+ char_class_e_type char_class[256]; ///< map of char to class
};
/**
--
2.7.0
@@ -0,0 +1,42 @@
From 7b14e0657a1308e8e133991b778e2fdcb2eb6b9c Mon Sep 17 00:00:00 2001
From: Balint Reczey <balint@balintreczey.hu>
Date: Wed, 23 Dec 2015 12:55:00 +0100
Subject: [PATCH] Sync enum representation of char_class_e in struct traits
with definition
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[backport of upstream patch from master branch:
https://github.com/kodi-pvr/pvr.mediaportal.tvserver/commit/7b14e0657a1308e8e133991b778e2fdcb2eb6b9c]
---
src/uri.h | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/uri.h b/src/uri.h
index d2cc949..415e917 100644
--- a/src/uri.h
+++ b/src/uri.h
@@ -21,13 +21,13 @@
namespace uri
{
/// Char class.
- enum char_class_e
+ typedef enum char_class_e : signed char
{
CINV = -2, ///< invalid
CEND = -1, ///< end delimitor
CVAL = 0, ///< valid any position
CVA2 = 1, ///< valid anywhere but 1st position
- };
+ } char_class_e_type;
/// Traits used for parsing and encoding components.
struct traits
@@ -35,7 +35,7 @@ namespace uri
const char* begin_cstring; ///< begin cstring (or 0 if none)
const char begin_char; ///< begin char (or 0 if none)
const char end_char; ///< end char (or 0 if none)
- const char char_class[256]; ///< map of char to class
+ const char_class_e_type char_class[256]; ///< map of char to class
};
/**
@@ -0,0 +1,48 @@
From 2698ac4eeca3a82967ff83386460c070ce387ead Mon Sep 17 00:00:00 2001
From: Bernd Kuhls <bernd.kuhls@t-online.de>
Date: Sun, 28 Feb 2016 01:07:52 +0100
Subject: [PATCH] Sync enum representation of char_class_e in struct traits
with definition
Copied from
https://github.com/kodi-pvr/pvr.mediaportal.tvserver/pull/28
https://github.com/kodi-pvr/pvr.mediaportal.tvserver/pull/35
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Patch sent upstream: https://github.com/kodi-pvr/pvr.nextpvr/pull/42]
---
src/uri.h | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/uri.h b/src/uri.h
index 2757cf0..3dbca88 100644
--- a/src/uri.h
+++ b/src/uri.h
@@ -21,13 +21,13 @@
namespace uri
{
/// Char class.
- enum char_class_e
+ typedef enum char_class_e : signed char
{
CINV = -2, ///< invalid
CEND = -1, ///< end delimitor
CVAL = 0, ///< valid any position
CVA2 = 1, ///< valid anywhere but 1st position
- };
+ } char_class_e_type;
/// Traits used for parsing and encoding components.
struct traits
@@ -35,7 +35,7 @@ namespace uri
const char* begin_cstring; ///< begin cstring (or 0 if none)
const char begin_char; ///< begin char (or 0 if none)
const char end_char; ///< end char (or 0 if none)
- char char_class[256]; ///< map of char to class
+ const char_class_e_type char_class[256]; ///< map of char to class
};
/**
--
2.7.0
@@ -0,0 +1,104 @@
libfcgi:add security patch for CVE-2012-6687
CVE-2012-6687 - remote attackers cause a denial of service (crash) via a large number
of connections (http://www.cvedetails.com/cve/CVE-2012-6687/).
Fix:use poll in os_unix.c instead of select to avoid problem with > 1024 connections.
This patch libfcgi_2.4.0-8.3.debian.tar.xz is pulled from the below link:
(https://launchpad.net/ubuntu/+source/libfcgi/2.4.0-8.3)
The next release of libfcgi is 2.4.1 which may have this fix is yet to be released
officially.
Signed-off-by: Anton Kortunov <toshic.toshic@gmail.com>
Signed-off-by: Niranjan Reddy <niranjan.reddy@rockwellcollins.com>
Index: b/libfcgi/os_unix.c
===================================================================
--- a/libfcgi/os_unix.c
+++ b/libfcgi/os_unix.c
@@ -42,6 +42,7 @@
#include <sys/time.h>
#include <sys/un.h>
#include <signal.h>
+#include <poll.h>
#ifdef HAVE_NETDB_H
#include <netdb.h>
@@ -103,6 +104,9 @@
static int shutdownPending = FALSE;
static int shutdownNow = FALSE;
+static int libfcgiOsClosePollTimeout = 2000;
+static int libfcgiIsAfUnixKeeperPollTimeout = 2000;
+
void OS_ShutdownPending()
{
shutdownPending = TRUE;
@@ -168,6 +172,16 @@
if(libInitialized)
return 0;
+ char *libfcgiOsClosePollTimeoutStr = getenv( "LIBFCGI_OS_CLOSE_POLL_TIMEOUT" );
+ if(libfcgiOsClosePollTimeoutStr) {
+ libfcgiOsClosePollTimeout = atoi(libfcgiOsClosePollTimeoutStr);
+ }
+
+ char *libfcgiIsAfUnixKeeperPollTimeoutStr = getenv( "LIBFCGI_IS_AF_UNIX_KEEPER_POLL_TIMEOUT" );
+ if(libfcgiIsAfUnixKeeperPollTimeoutStr) {
+ libfcgiIsAfUnixKeeperPollTimeout = atoi(libfcgiIsAfUnixKeeperPollTimeoutStr);
+ }
+
asyncIoTable = (AioInfo *)malloc(asyncIoTableSize * sizeof(AioInfo));
if(asyncIoTable == NULL) {
errno = ENOMEM;
@@ -755,19 +769,16 @@
if (shutdown(fd, 1) == 0)
{
- struct timeval tv;
- fd_set rfds;
+ struct pollfd pfd;
int rv;
char trash[1024];
- FD_ZERO(&rfds);
+ pfd.fd = fd;
+ pfd.events = POLLIN;
do
{
- FD_SET(fd, &rfds);
- tv.tv_sec = 2;
- tv.tv_usec = 0;
- rv = select(fd + 1, &rfds, NULL, NULL, &tv);
+ rv = poll(&pfd, 1, libfcgiOsClosePollTimeout);
}
while (rv > 0 && read(fd, trash, sizeof(trash)) > 0);
}
@@ -1116,13 +1127,11 @@
*/
static int is_af_unix_keeper(const int fd)
{
- struct timeval tval = { READABLE_UNIX_FD_DROP_DEAD_TIMEVAL };
- fd_set read_fds;
-
- FD_ZERO(&read_fds);
- FD_SET(fd, &read_fds);
+ struct pollfd pfd;
+ pfd.fd = fd;
+ pfd.events = POLLIN;
- return select(fd + 1, &read_fds, NULL, NULL, &tval) >= 0 && FD_ISSET(fd, &read_fds);
+ return poll(&pfd, 1, libfcgiIsAfUnixKeeperPollTimeout) >= 0 && (pfd.revents & POLLIN);
}
/*
Index: b/examples/Makefile.am
===================================================================
--- a/examples/Makefile.am
+++ b/examples/Makefile.am
@@ -34,5 +34,5 @@ threaded_CFLAGS = @PTHREAD_CFLAGS@
threaded_LDFLAGS = @PTHREAD_CFLAGS@ @PTHREAD_LIBS@
echo_cpp_SOURCES = $(INCLUDE_FILES) $(INCLUDEDIR)/fcgio.h echo-cpp.cpp
-echo_cpp_LDADD = $(LIBDIR)/libfcgi++.la
+echo_cpp_LDADD = $(LIBDIR)/libfcgi++.la $(LIBDIR)/libfcgi.la
+2 -2
View File
@@ -207,10 +207,10 @@ endchoice
config BR2_DEFAULT_KERNEL_HEADERS
string
default "3.2.77" if BR2_KERNEL_HEADERS_3_2
default "3.2.78" if BR2_KERNEL_HEADERS_3_2
default "3.4.110" if BR2_KERNEL_HEADERS_3_4
default "3.10.98" if BR2_KERNEL_HEADERS_3_10
default "3.12.54" if BR2_KERNEL_HEADERS_3_12
default "3.12.55" if BR2_KERNEL_HEADERS_3_12
default "3.14.62" if BR2_KERNEL_HEADERS_3_14
default "3.17.8" if BR2_KERNEL_HEADERS_3_17
default "3.18.27" if BR2_KERNEL_HEADERS_3_18
+63 -12
View File
@@ -9,14 +9,67 @@
ifeq ($(BR2_KERNEL_HEADERS_AS_KERNEL),y)
LINUX_HEADERS_VERSION = none
LINUX_HEADERS_SOURCE =
LINUX_HEADERS_VERSION = $(call qstrip,$(BR2_LINUX_KERNEL_VERSION))
LINUX_HEADERS_LICENSE = $(LINUX_LICENSE)
LINUX_HEADERS_LICENSE_FILES = $(LINUX_LICENSE_FILES)
# Compute LINUX_HEADERS_SOURCE and LINUX_HEADERS_SITE from the configuration
ifeq ($(BR2_LINUX_KERNEL_CUSTOM_TARBALL),y)
LINUX_HEADERS_TARBALL = $(call qstrip,$(BR2_LINUX_KERNEL_CUSTOM_TARBALL_LOCATION))
LINUX_HEADERS_SITE = $(patsubst %/,%,$(dir $(LINUX_HEADERS_TARBALL)))
LINUX_HEADERS_SOURCE = $(notdir $(LINUX_HEADERS_TARBALL))
BR_NO_CHECK_HASH_FOR += $(LINUX_HEADERS_SOURCE)
else ifeq ($(BR2_LINUX_KERNEL_CUSTOM_LOCAL),y)
LINUX_HEADERS_SITE = $(call qstrip,$(BR2_LINUX_KERNEL_CUSTOM_LOCAL_PATH))
LINUX_HEADERS_SITE_METHOD = local
else ifeq ($(BR2_LINUX_KERNEL_CUSTOM_GIT),y)
LINUX_HEADERS_SITE = $(call qstrip,$(BR2_LINUX_KERNEL_CUSTOM_REPO_URL))
LINUX_HEADERS_SITE_METHOD = git
# use same git tarball as linux kernel
LINUX_HEADERS_SOURCE = linux-$(LINUX_HEADERS_VERSION).tar.gz
else ifeq ($(BR2_LINUX_KERNEL_CUSTOM_HG),y)
LINUX_HEADERS_SITE = $(call qstrip,$(BR2_LINUX_KERNEL_CUSTOM_REPO_URL))
LINUX_HEADERS_SITE_METHOD = hg
# use same hg tarball as linux kernel
LINUX_HEADERS_SOURCE = linux-$(LINUX_HEADERS_VERSION).tar.gz
else
LINUX_HEADERS_SOURCE = linux-$(LINUX_HEADERS_VERSION).tar.xz
ifeq ($(BR2_LINUX_KERNEL_CUSTOM_VERSION),y)
BR_NO_CHECK_HASH_FOR += $(LINUX_HEADERS_SOURCE)
endif
# In X.Y.Z, get X and Y. We replace dots and dashes by spaces in order
# to use the $(word) function. We support versions such as 4.0, 3.1,
# 2.6.32, 2.6.32-rc1, 3.0-rc6, etc.
ifeq ($(findstring x2.6.,x$(LINUX_HEADERS_VERSION)),x2.6.)
LINUX_HEADERS_SITE = $(BR2_KERNEL_MIRROR)/linux/kernel/v2.6
else ifeq ($(findstring x3.,x$(LINUX_HEADERS_VERSION)),x3.)
LINUX_HEADERS_SITE = $(BR2_KERNEL_MIRROR)/linux/kernel/v3.x
else ifeq ($(findstring x4.,x$(LINUX_HEADERS_VERSION)),x4.)
LINUX_HEADERS_SITE = $(BR2_KERNEL_MIRROR)/linux/kernel/v4.x
endif
# release candidates are in testing/ subdir
ifneq ($(findstring -rc,$(LINUX_HEADERS_VERSION)),)
LINUX_HEADERS_SITE := $(LINUX_HEADERS_SITE)/testing
endif # -rc
endif
LINUX_HEADERS_PATCH_DEPENDENCIES = linux
LINUX_HEADERS_REAL_DIR = $(LINUX_DIR)
LINUX_HEADERS_PATCHES = $(call qstrip,$(BR2_LINUX_KERNEL_PATCH))
# We rely on the generic package infrastructure to download and apply
# remote patches (downloaded from ftp, http or https). For local
# patches, we can't rely on that infrastructure, because there might
# be directories in the patch list (unlike for other packages).
LINUX_HEADERS_PATCH = $(filter ftp://% http://% https://%,$(LINUX_HEADERS_PATCHES))
define LINUX_HEADERS_APPLY_LOCAL_PATCHES
for p in $(filter-out ftp://% http://% https://%,$(LINUX_HEADERS_PATCHES)) ; do \
if test -d $$p ; then \
$(APPLY_PATCHES) $(@D) $$p \*.patch || exit 1 ; \
else \
$(APPLY_PATCHES) $(@D) `dirname $$p` `basename $$p` || exit 1; \
fi \
done
endef
LINUX_HEADERS_POST_PATCH_HOOKS += LINUX_HEADERS_APPLY_LOCAL_PATCHES
else # ! BR2_KERNEL_HEADERS_AS_KERNEL
@@ -30,13 +83,11 @@ LINUX_HEADERS_SITE = $(BR2_KERNEL_MIRROR)/linux/kernel/v4.x
endif
LINUX_HEADERS_SOURCE = linux-$(LINUX_HEADERS_VERSION).tar.xz
endif # ! BR2_KERNEL_HEADERS_AS_KERNEL
LINUX_HEADERS_LICENSE = GPLv2
LINUX_HEADERS_LICENSE_FILES = COPYING
LINUX_HEADERS_REAL_DIR = $(@D)
endif # ! BR2_KERNEL_HEADERS_AS_KERNEL
LINUX_HEADERS_INSTALL_STAGING = YES
# linux-headers is part of the toolchain so disable the toolchain dependency
@@ -53,7 +104,7 @@ LINUX_HEADERS_ADD_TOOLCHAIN_DEPENDENCY = NO
# uClibc building. This way uClibc doesn't modify linux headers on installation
# of "its" headers
define LINUX_HEADERS_CONFIGURE_CMDS
(cd $(LINUX_HEADERS_REAL_DIR); \
(cd $(@D); \
$(TARGET_MAKE_ENV) $(MAKE) \
ARCH=$(KERNEL_ARCH) \
HOSTCC="$(HOSTCC)" \
@@ -64,7 +115,7 @@ define LINUX_HEADERS_CONFIGURE_CMDS
endef
define LINUX_HEADERS_INSTALL_STAGING_CMDS
(cd $(LINUX_HEADERS_REAL_DIR); \
(cd $(@D); \
$(TARGET_MAKE_ENV) $(MAKE) \
ARCH=$(KERNEL_ARCH) \
HOSTCC="$(HOSTCC)" \
+2 -2
View File
@@ -1,5 +1,5 @@
# From https://www.openssl.org/source/openssl-1.0.2f.tar.gz.sha256
sha256 932b4ee4def2b434f85435d9e3e19ca8ba99ce9a065a61524b429a9d5e9b2e9c openssl-1.0.2f.tar.gz
# From https://www.openssl.org/source/openssl-1.0.2g.tar.gz.sha256
sha256 b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33 openssl-1.0.2g.tar.gz
# Locally computed
sha256 eddd8a5123748052c598214487ac178e4bfa4e31ba2ec520c70d59c8c5bfa2e9 openssl-1.0.2a-parallel-install-dirs.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d
sha256 147c3eeaad614c044749ea527cb433eae5e2d5cad34a78c6ba61cd967bfbe01f openssl-1.0.2a-parallel-obj-headers.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
OPENSSL_VERSION = 1.0.2f
OPENSSL_VERSION = 1.0.2g
OPENSSL_SITE = http://www.openssl.org/source
OPENSSL_LICENSE = OpenSSL or SSLeay
OPENSSL_LICENSE_FILES = LICENSE
@@ -0,0 +1,23 @@
Makefile: Fix static linking
Since libsndfile uses funtions from libm, the -lm should be specified
after libsndfile for static linking.
Signed-off-by: "Eric Limpens" <Limpens@gmail.com>
diff -purN pifmrds-0bf57f9ce0d954365a38d8af8e7be6f28521c3f2.orig/src/Makefile pifmrds-0bf57f9ce0d954365a38d8af8e7be6f28521c3f2/src/Makefile
--- pifmrds-0bf57f9ce0d954365a38d8af8e7be6f28521c3f2.orig/src/Makefile 2016-02-26 08:06:43.102962592 +0100
+++ pifmrds-0bf57f9ce0d954365a38d8af8e7be6f28521c3f2/src/Makefile 2016-02-26 08:27:11.069148203 +0100
@@ -1,10 +1,10 @@
CC = gcc
app: rds.o waveforms.o pi_fm_rds.o fm_mpx.o control_pipe.o
- $(CC) $(LDFLAGS) -o pi_fm_rds rds.o waveforms.o pi_fm_rds.o fm_mpx.o control_pipe.o -lm -lsndfile
+ $(CC) $(LDFLAGS) -o pi_fm_rds rds.o waveforms.o pi_fm_rds.o fm_mpx.o control_pipe.o -lsndfile -lm
rds_wav: rds.o waveforms.o rds_wav.o fm_mpx.o
- $(CC) $(LDFLAGS) -o rds_wav rds_wav.o rds.o waveforms.o fm_mpx.o -lm -lsndfile
+ $(CC) $(LDFLAGS) -o rds_wav rds_wav.o rds.o waveforms.o fm_mpx.o -lsndfile -lm
rds.o: rds.c waveforms.h
$(CC) $(CFLAGS) rds.c
+5
View File
@@ -1,5 +1,10 @@
comment "powerpc-utils tools needs a toolchain w/ dynamic library"
depends on BR2_powerpc || BR2_powerpc64 || BR2_powerpc64le
depends on BR2_STATIC_LIBS
config BR2_PACKAGE_POWERPC_UTILS
bool "powerpc-utils"
depends on !BR2_STATIC_LIBS # dlfcn.h
depends on BR2_powerpc || BR2_powerpc64 || BR2_powerpc64le
select BR2_PACKAGE_ZLIB
help
@@ -0,0 +1,36 @@
From ac01b38302474920288c1a9eb63fd35fa8d1db5b Mon Sep 17 00:00:00 2001
From: Bosse Klykken <larkly@gmail.com>
Date: Tue, 17 Jul 2012 15:55:00 +0200
Subject: [PATCH] =?UTF-8?q?Don=E2=80=99t=20try=20to=20build=20with=20SSLv2?=
=?UTF-8?q?=20when=20it=20is=20not=20available.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The patch originally from http://stackoverflow.com/a/11072709/164233
Fixes #30
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
SWIG/_ssl.i | 2 ++
1 file changed, 2 insertions(+)
diff --git a/SWIG/_ssl.i b/SWIG/_ssl.i
index 3f6bd61..89b1ad1 100644
--- a/SWIG/_ssl.i
+++ b/SWIG/_ssl.i
@@ -52,8 +52,10 @@ extern const char *SSL_alert_desc_string(int);
%rename(ssl_get_alert_desc_v) SSL_alert_desc_string_long;
extern const char *SSL_alert_desc_string_long(int);
+#ifndef OPENSSL_NO_SSL2
%rename(sslv2_method) SSLv2_method;
extern SSL_METHOD *SSLv2_method(void);
+#endif
%rename(sslv3_method) SSLv3_method;
extern SSL_METHOD *SSLv3_method(void);
%rename(sslv23_method) SSLv23_method;
--
2.7.0
+4
View File
@@ -40,6 +40,7 @@ endif
ifeq ($(BR2_PACKAGE_NCURSES),y)
SLANG_DEPENDENCIES += ncurses
SLANG_CONF_ENV += ac_cv_path_nc5config=$(STAGING_DIR)/usr/bin/ncurses5-config
else
SLANG_CONF_OPTS += ac_cv_path_nc5config=no
endif
@@ -47,6 +48,9 @@ endif
ifeq ($(BR2_PACKAGE_READLINE),y)
SLANG_CONF_OPTS += --with-readline=gnu
SLANG_DEPENDENCIES += readline
ifeq ($(BR2_STATIC_LIBS),y)
SLANG_CONF_ENV += LIBS="`$(STAGING_DIR)/usr/bin/ncurses5-config --libs`"
endif
endif
ifeq ($(BR2_STATIC_LIBS),y)
+6
View File
@@ -13,6 +13,12 @@ SOX_CONF_OPTS = --with-distro="Buildroot" --without-ffmpeg --disable-gomp \
SOX_LICENSE = GPLv2+ (sox binary), LGPLv2.1+ (libraries)
SOX_LICENSE_FILES = LICENSE.GPL LICENSE.LGPL
# MIPS Codescape toolchains don't support stack-smashing protection
# despite of using glibc.
ifeq ($(BR2_TOOLCHAIN_EXTERNAL_CODESCAPE_IMG_MIPS)$(BR2_TOOLCHAIN_EXTERNAL_CODESCAPE_MTI_MIPS),y)
SOX_CONF_OPTS += --disable-stack-protector
endif
ifeq ($(BR2_PACKAGE_ALSA_LIB_PCM),y)
SOX_DEPENDENCIES += alsa-lib
else
+3 -3
View File
@@ -1,3 +1,3 @@
# From http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.14.tar.bz2.asc
md5 d589a2dd8ea8867170cef582e7334442 squid-3.5.14.tar.bz2
sha1 f6a0262b09f7f463822cbdb50bac8f5dd1213d27 squid-3.5.14.tar.bz2
# From http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.15.tar.bz2.asc
md5 59d6732a4ebd3f63e2164d9847dc37c0 squid-3.5.15.tar.bz2
sha1 72279380ea94aa731f5cf82f3fb50f9250f1692a squid-3.5.15.tar.bz2
+1 -1
View File
@@ -5,7 +5,7 @@
################################################################################
SQUID_VERSION_MAJOR = 3.5
SQUID_VERSION = $(SQUID_VERSION_MAJOR).14
SQUID_VERSION = $(SQUID_VERSION_MAJOR).15
SQUID_SOURCE = squid-$(SQUID_VERSION).tar.bz2
SQUID_SITE = http://www.squid-cache.org/Versions/v3/$(SQUID_VERSION_MAJOR)
SQUID_LICENSE = GPLv2+
@@ -0,0 +1,32 @@
$OpenBSD: patch-lib5250_sslstream_c,v 1.1 2015/10/07 16:09:04 jca Exp $
Allow building against OpenSSL without SSLv2/SSLv3 support.
Download from:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/net/tn5250/patches/patch-lib5250_sslstream_c
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
--- a/lib5250/sslstream.c.orig Fri Nov 21 09:12:21 2008
+++ b/lib5250/sslstream.c Tue Oct 6 21:32:29 2015
@@ -368,13 +368,19 @@ int tn5250_ssl_stream_init (Tn5250Stream *This)
methstr[4] = '\0';
}
+#ifndef OPENSSL_NO_SSL2
if (!strcmp(methstr, "ssl2")) {
meth = SSLv2_client_method();
TN5250_LOG(("SSL Method = SSLv2_client_method()\n"));
- } else if (!strcmp(methstr, "ssl3")) {
+ } else
+#endif
+#ifndef OPENSSL_NO_SSL3
+ if (!strcmp(methstr, "ssl3")) {
meth = SSLv3_client_method();
TN5250_LOG(("SSL Method = SSLv3_client_method()\n"));
- } else {
+ } else
+#endif
+ {
meth = SSLv23_client_method();
TN5250_LOG(("SSL Method = SSLv23_client_method()\n"));
}
+2 -2
View File
@@ -1,2 +1,2 @@
# From http://www.apache.org/dist/xerces/c/3/sources/xerces-c-3.1.2.tar.xz.sha256
sha256 a847529ab6125f36039f54fa61f3d5043791accf7da2f43917cd2b49deb768f1 xerces-c-3.1.2.tar.xz
# From http://www.apache.org/dist/xerces/c/3/sources/xerces-c-3.1.3.tar.xz.sha256
sha256 d35ae442db333f73c7ef41b2ce2e33bc8aba8dbacf582af765eda26415d25c94 xerces-c-3.1.3.tar.xz
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
XERCES_VERSION = 3.1.2
XERCES_VERSION = 3.1.3
XERCES_SOURCE = xerces-c-$(XERCES_VERSION).tar.xz
XERCES_SITE = http://archive.apache.org/dist/xerces/c/3/sources
XERCES_LICENSE = Apache-2.0
+1
View File
@@ -28,6 +28,7 @@ endif
ifeq ($(BR2_PACKAGE_PCRE),y)
ZSH_CONF_OPTS += --enable-pcre
ZSH_CONF_ENV += ac_cv_prog_PCRECONF=$(STAGING_DIR)/usr/bin/pcre-config
ZSH_DEPENDENCIES += pcre
else
ZSH_CONF_OPTS += --disable-pcre
+1 -1
View File
@@ -5,7 +5,7 @@
################################################################################
# Buildroot version to use
RELEASE='2015.11.1'
RELEASE='2016.02'
### Change here for more memory/cores ###
VM_MEMORY=2048