rpi/domo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

update buildroot to 2017.02.11

Browse Source
This commit is contained in:
jbnadal
2018-05-22 15:35:47 +02:00
parent 4bf1f5e091
commit a3c10bd762
9257 changed files with 433426 additions and 1701 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
bsp/buildroot/CHANGES
View File

@@ -1,3 +1,23 @@
2017.02.11, Released April 11th, 2018
Important / security related fixes.
dependencies: Blacklist tar 1.30+ and build our own host-tar
if needed as tar 1.30+ changed the --numeric-owner output for
long path names. Build host-tar before other host-dependencies
as they need it to extract their source tarballs.
Updated/fixed packages: apache, busybox, clamav, dhcp,
dnsmasq, dovecot, exim, imagemagick, irssi, jq, libcurl,
libpjsip, librsvg, libtasn1, libvorbis, libxml2, lz4, mariadb,
mbedtls, mosquitto, ntp, openblas, opencv3, openssl, patch,
postgresql, python-webpy, qt53d, qt5tools, quagga, rsync,
samba4, sngrep, tremor, wavpack, wireshark, xerces, xterm
Issues resolved (http://bugs.uclibc.org):
#10856: openblas on qemu_x86_64_defconfig fails with "sgemm_..
2017.02.10, Released January 31st, 2018
Important / security related fixes.

6
bsp/buildroot/Makefile
View File

@@ -2,7 +2,7 @@
#
# Copyright (C) 1999-2005 by Erik Andersen <andersen@codepoet.org>
# Copyright (C) 2006-2014 by the Buildroot developers <buildroot@uclibc.org>
# Copyright (C) 2014-2017 by the Buildroot developers <buildroot@buildroot.org>
# Copyright (C) 2014-2018 by the Buildroot developers <buildroot@buildroot.org>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -86,9 +86,9 @@ else # umask / $(CURDIR) / $(O)
all:
# Set and export the version string
export BR2_VERSION := 2017.02.10
export BR2_VERSION := 2017.02.11
# Actual time the release is cut (for reproducible builds)
BR2_VERSION_EPOCH = 1517426000
BR2_VERSION_EPOCH = 1523473000
# Save running make version since it's clobbered by the make package
RUNNING_MAKE_VERSION := $(MAKE_VERSION)

2
bsp/buildroot/VERSION
View File

@@ -1 +1 @@
buildroot 2017_02_10
buildroot 2017_02_11

20
bsp/buildroot/docs/manual/manual.html
View File

File diff suppressed because one or more lines are too long

BIN
bsp/buildroot/docs/manual/manual.pdf
View File

Binary file not shown.

6
bsp/buildroot/docs/manual/manual.text
View File

@@ -155,15 +155,15 @@ List of Examples
---------------------------------------------------------------------
Buildroot 2017.02.10 manual generated on 2018-01-31 19:26:34 UTC from
git revision 91850b3497
Buildroot 2017.02.11 manual generated on 2018-04-12 15:01:53 UTC from
git revision 8a0e4e865a
The Buildroot manual is written by the Buildroot developers. It is
licensed under the GNU General Public License, version 2. Refer to
the COPYING [http://git.buildroot.org/buildroot/tree/COPYING] file in
the Buildroot sources for the full text of this license.
Copyright © 2004-2017 The Buildroot developers
Copyright © 2004-2018 The Buildroot developers
Part I. Getting started

2
bsp/buildroot/docs/manual/manual.txt
View File

@@ -12,7 +12,7 @@ It is licensed under the GNU General Public License, version 2. Refer to the
http://git.buildroot.org/buildroot/tree/COPYING[COPYING] file in the Buildroot
sources for the full text of this license.
Copyright (C) 2004-2017 The Buildroot developers
Copyright (C) 2004-2018 The Buildroot developers
image::logo.png[]

2
bsp/buildroot/docs/website/copyright.txt
View File

@@ -1,6 +1,6 @@
The code and graphics on this website (and it's mirror sites, if any) are
Copyright (c) 1999-2005 by Erik Andersen, 2006-2014 The Buildroot
Copyright (c) 1999-2005 by Erik Andersen, 2006-2018 The Buildroot
developers. All rights reserved.
Documents on this Web site including their graphical elements, design, and

2
bsp/buildroot/linux/Config.in
View File

@@ -267,7 +267,7 @@ endchoice
choice
prompt "Kernel compression format"
help
This selection will just ensure that the correct host tools are build.
This selection will just ensure that the correct host tools are built.
The actual compression for the kernel should be selected in the
kernel configuration menu.

30
bsp/buildroot/package/apache/0003-CVS-2017-9798.patch
View File

@@ -1,30 +0,0 @@
core: Disallow Methods' registration at run time (.htaccess), they may
be used only if registered at init time (httpd.conf).
Calling ap_method_register() in children processes is not the right scope
since it won't be shared for all requests.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1807655 13f79535-47bb-0310-9956-ffa450edef68
Fixes CVE-2017-9798: https://nvd.nist.gov/vuln/detail/CVE-2017-9798
Downloaded from upstream repo:
https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
--- a/server/core.c 2017/08/16 16:50:29 1805223
+++ b/server/core.c 2017/09/08 13:13:11 1807754
@@ -2266,6 +2266,12 @@
/* method has not been registered yet, but resource restriction
* is always checked before method handling, so register it.
*/
+ if (cmd->pool == cmd->temp_pool) {
+ /* In .htaccess, we can't globally register new methods. */
+ return apr_psprintf(cmd->pool, "Could not register method '%s' "
+ "for %s from .htaccess configuration",
+ method, cmd->cmd->name);
+ }
methnum = ap_method_register(cmd->pool,
apr_pstrdup(cmd->pool, method));
}

5
bsp/buildroot/package/apache/apache.hash
View File

@@ -1,2 +1,3 @@
# From http://www.apache.org/dist/httpd/httpd-2.4.27.tar.bz2.sha256
sha256 71fcc128238a690515bd8174d5330a5309161ef314a326ae45c7c15ed139c13a httpd-2.4.27.tar.bz2
# From http://archive.apache.org/dist/httpd/httpd-2.4.33.tar.bz2.sha256
sha256 de02511859b00d17845b9abdd1f975d5ccb5d0b280c567da5bf2ad4b70846f05 httpd-2.4.33.tar.bz2
sha256 c49c0819a726b70142621715dae3159c47b0349c2bc9db079070f28dadac0229 LICENSE

2
bsp/buildroot/package/apache/apache.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
APACHE_VERSION = 2.4.27
APACHE_VERSION = 2.4.33
APACHE_SOURCE = httpd-$(APACHE_VERSION).tar.bz2
APACHE_SITE = http://archive.apache.org/dist/httpd
APACHE_LICENSE = Apache-2.0

87
bsp/buildroot/package/busybox/0003-wget-fix-for-brain-damaged-HTTP-servers.-Closes-9471.patch
View File

@@ -1,87 +0,0 @@
From dac762a702d01c8c2d42135795cc9bf23ff324a2 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Wed, 11 Jan 2017 20:16:45 +0100
Subject: [PATCH] wget: fix for brain-damaged HTTP servers. Closes 9471
write(3, "GET / HTTP/1.1\r\nUser-Agent: Wget\r\nConnection: close\r\n\r\n", 74) = 74
shutdown(3, SHUT_WR) = 0
alarm(900) = 900
read(3, "", 1024) = 0
write(2, "wget: error getting response\n", 29) = 29
exit(1)
The peer simply does not return anything. It closes its connection.
Probably it detects wget closing its writing end: shutdown(3, SHUT_WR).
The point it, closing write side of the socket is _valid_ for HTTP.
wget sent the full request, it won't be sending anything more:
it will only receive the response, and that's it.
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
networking/wget.c | 26 ++++++++++++++++++--------
1 file changed, 18 insertions(+), 8 deletions(-)
diff --git a/networking/wget.c b/networking/wget.c
index b082a0f59..afb09f587 100644
--- a/networking/wget.c
+++ b/networking/wget.c
@@ -141,6 +141,8 @@
#endif
+#define SSL_SUPPORTED (ENABLE_FEATURE_WGET_OPENSSL || ENABLE_FEATURE_WGET_SSL_HELPER)
+
struct host_info {
char *allocated;
const char *path;
@@ -151,7 +153,7 @@ struct host_info {
};
static const char P_FTP[] ALIGN1 = "ftp";
static const char P_HTTP[] ALIGN1 = "http";
-#if ENABLE_FEATURE_WGET_OPENSSL || ENABLE_FEATURE_WGET_SSL_HELPER
+#if SSL_SUPPORTED
static const char P_HTTPS[] ALIGN1 = "https";
#endif
@@ -452,7 +454,7 @@ static void parse_url(const char *src_url, struct host_info *h)
if (strcmp(url, P_FTP) == 0) {
h->port = bb_lookup_port(P_FTP, "tcp", 21);
} else
-#if ENABLE_FEATURE_WGET_OPENSSL || ENABLE_FEATURE_WGET_SSL_HELPER
+#if SSL_SUPPORTED
if (strcmp(url, P_HTTPS) == 0) {
h->port = bb_lookup_port(P_HTTPS, "tcp", 443);
h->protocol = P_HTTPS;
@@ -1093,12 +1095,20 @@ static void download_one_url(const char *url)
}
fflush(sfp);
- /* If we use SSL helper, keeping our end of the socket open for writing
- * makes our end (i.e. the same fd!) readable (EAGAIN instead of EOF)
- * even after child closes its copy of the fd.
- * This helps:
- */
- shutdown(fileno(sfp), SHUT_WR);
+
+/* Tried doing this unconditionally.
+ * Cloudflare and nginx/1.11.5 are shocked to see SHUT_WR on non-HTTPS.
+ */
+#if SSL_SUPPORTED
+ if (target.protocol == P_HTTPS) {
+ /* If we use SSL helper, keeping our end of the socket open for writing
+ * makes our end (i.e. the same fd!) readable (EAGAIN instead of EOF)
+ * even after child closes its copy of the fd.
+ * This helps:
+ */
+ shutdown(fileno(sfp), SHUT_WR);
+ }
+#endif
/*
* Retrieve HTTP response line and check for "200" status code.
--
2.11.0

494
bsp/buildroot/package/busybox/0004-unzip-properly-use-CDF-to-find-compressed-files.-Clo.patch
View File

@@ -1,494 +0,0 @@
From fa654812e79d2422b41cfff6443e2abcb7737517 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Thu, 5 Jan 2017 11:43:53 +0100
Subject: [PATCH] unzip: properly use CDF to find compressed files. Closes 9536
function old new delta
unzip_main 2437 2350 -87
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
archival/unzip.c | 285 +++++++++++++++++++++++++++++---------------------
testsuite/unzip.tests | 6 +-
2 files changed, 168 insertions(+), 123 deletions(-)
diff --git a/archival/unzip.c b/archival/unzip.c
index c540485ac..edef22f75 100644
--- a/archival/unzip.c
+++ b/archival/unzip.c
@@ -16,7 +16,6 @@
* TODO
* Zip64 + other methods
*/
-
//config:config UNZIP
//config: bool "unzip"
//config: default y
@@ -24,8 +23,17 @@
//config: unzip will list or extract files from a ZIP archive,
//config: commonly found on DOS/WIN systems. The default behavior
//config: (with no options) is to extract the archive into the
-//config: current directory. Use the `-d' option to extract to a
-//config: directory of your choice.
+//config: current directory.
+//config:
+//config:config FEATURE_UNZIP_CDF
+//config: bool "Read and use Central Directory data"
+//config: default y
+//config: depends on UNZIP
+//config: help
+//config: If you know that you only need to deal with simple
+//config: ZIP files without deleted/updated files, SFX archves etc,
+//config: you can reduce code size by unselecting this option.
+//config: To support less trivial ZIPs, say Y.
//applet:IF_UNZIP(APPLET(unzip, BB_DIR_USR_BIN, BB_SUID_DROP))
//kbuild:lib-$(CONFIG_UNZIP) += unzip.o
@@ -80,30 +88,20 @@ typedef union {
uint32_t ucmpsize PACKED; /* 18-21 */
uint16_t filename_len; /* 22-23 */
uint16_t extra_len; /* 24-25 */
+ /* filename follows (not NUL terminated) */
+ /* extra field follows */
+ /* data follows */
} formatted PACKED;
} zip_header_t; /* PACKED - gcc 4.2.1 doesn't like it (spews warning) */
-/* Check the offset of the last element, not the length. This leniency
- * allows for poor packing, whereby the overall struct may be too long,
- * even though the elements are all in the right place.
- */
-struct BUG_zip_header_must_be_26_bytes {
- char BUG_zip_header_must_be_26_bytes[
- offsetof(zip_header_t, formatted.extra_len) + 2
- == ZIP_HEADER_LEN ? 1 : -1];
-};
-
-#define FIX_ENDIANNESS_ZIP(zip_header) do { \
- (zip_header).formatted.version = SWAP_LE16((zip_header).formatted.version ); \
- (zip_header).formatted.method = SWAP_LE16((zip_header).formatted.method ); \
- (zip_header).formatted.modtime = SWAP_LE16((zip_header).formatted.modtime ); \
- (zip_header).formatted.moddate = SWAP_LE16((zip_header).formatted.moddate ); \
+#define FIX_ENDIANNESS_ZIP(zip_header) \
+do { if (BB_BIG_ENDIAN) { \
(zip_header).formatted.crc32 = SWAP_LE32((zip_header).formatted.crc32 ); \
(zip_header).formatted.cmpsize = SWAP_LE32((zip_header).formatted.cmpsize ); \
(zip_header).formatted.ucmpsize = SWAP_LE32((zip_header).formatted.ucmpsize ); \
(zip_header).formatted.filename_len = SWAP_LE16((zip_header).formatted.filename_len); \
(zip_header).formatted.extra_len = SWAP_LE16((zip_header).formatted.extra_len ); \
-} while (0)
+}} while (0)
#define CDF_HEADER_LEN 42
@@ -115,8 +113,8 @@ typedef union {
uint16_t version_needed; /* 2-3 */
uint16_t cdf_flags; /* 4-5 */
uint16_t method; /* 6-7 */
- uint16_t mtime; /* 8-9 */
- uint16_t mdate; /* 10-11 */
+ uint16_t modtime; /* 8-9 */
+ uint16_t moddate; /* 10-11 */
uint32_t crc32; /* 12-15 */
uint32_t cmpsize; /* 16-19 */
uint32_t ucmpsize; /* 20-23 */
@@ -127,27 +125,27 @@ typedef union {
uint16_t internal_file_attributes; /* 32-33 */
uint32_t external_file_attributes PACKED; /* 34-37 */
uint32_t relative_offset_of_local_header PACKED; /* 38-41 */
+ /* filename follows (not NUL terminated) */
+ /* extra field follows */
+ /* comment follows */
} formatted PACKED;
} cdf_header_t;
-struct BUG_cdf_header_must_be_42_bytes {
- char BUG_cdf_header_must_be_42_bytes[
- offsetof(cdf_header_t, formatted.relative_offset_of_local_header) + 4
- == CDF_HEADER_LEN ? 1 : -1];
-};
-
-#define FIX_ENDIANNESS_CDF(cdf_header) do { \
+#define FIX_ENDIANNESS_CDF(cdf_header) \
+do { if (BB_BIG_ENDIAN) { \
+ (cdf_header).formatted.version_made_by = SWAP_LE16((cdf_header).formatted.version_made_by); \
+ (cdf_header).formatted.version_needed = SWAP_LE16((cdf_header).formatted.version_needed); \
+ (cdf_header).formatted.method = SWAP_LE16((cdf_header).formatted.method ); \
+ (cdf_header).formatted.modtime = SWAP_LE16((cdf_header).formatted.modtime ); \
+ (cdf_header).formatted.moddate = SWAP_LE16((cdf_header).formatted.moddate ); \
(cdf_header).formatted.crc32 = SWAP_LE32((cdf_header).formatted.crc32 ); \
(cdf_header).formatted.cmpsize = SWAP_LE32((cdf_header).formatted.cmpsize ); \
(cdf_header).formatted.ucmpsize = SWAP_LE32((cdf_header).formatted.ucmpsize ); \
(cdf_header).formatted.file_name_length = SWAP_LE16((cdf_header).formatted.file_name_length); \
(cdf_header).formatted.extra_field_length = SWAP_LE16((cdf_header).formatted.extra_field_length); \
(cdf_header).formatted.file_comment_length = SWAP_LE16((cdf_header).formatted.file_comment_length); \
- IF_DESKTOP( \
- (cdf_header).formatted.version_made_by = SWAP_LE16((cdf_header).formatted.version_made_by); \
(cdf_header).formatted.external_file_attributes = SWAP_LE32((cdf_header).formatted.external_file_attributes); \
- ) \
-} while (0)
+}} while (0)
#define CDE_HEADER_LEN 16
@@ -166,20 +164,38 @@ typedef union {
} formatted PACKED;
} cde_header_t;
-struct BUG_cde_header_must_be_16_bytes {
+#define FIX_ENDIANNESS_CDE(cde_header) \
+do { if (BB_BIG_ENDIAN) { \
+ (cde_header).formatted.cdf_offset = SWAP_LE32((cde_header).formatted.cdf_offset); \
+}} while (0)
+
+struct BUG {
+ /* Check the offset of the last element, not the length. This leniency
+ * allows for poor packing, whereby the overall struct may be too long,
+ * even though the elements are all in the right place.
+ */
+ char BUG_zip_header_must_be_26_bytes[
+ offsetof(zip_header_t, formatted.extra_len) + 2
+ == ZIP_HEADER_LEN ? 1 : -1];
+ char BUG_cdf_header_must_be_42_bytes[
+ offsetof(cdf_header_t, formatted.relative_offset_of_local_header) + 4
+ == CDF_HEADER_LEN ? 1 : -1];
char BUG_cde_header_must_be_16_bytes[
sizeof(cde_header_t) == CDE_HEADER_LEN ? 1 : -1];
};
-#define FIX_ENDIANNESS_CDE(cde_header) do { \
- (cde_header).formatted.cdf_offset = SWAP_LE32((cde_header).formatted.cdf_offset); \
-} while (0)
enum { zip_fd = 3 };
-#if ENABLE_DESKTOP
+/* This value means that we failed to find CDF */
+#define BAD_CDF_OFFSET ((uint32_t)0xffffffff)
+
+#if !ENABLE_FEATURE_UNZIP_CDF
+# define find_cdf_offset() BAD_CDF_OFFSET
+
+#else
/* Seen in the wild:
* Self-extracting PRO2K3XP_32.exe contains 19078464 byte zip archive,
* where CDE was nearly 48 kbytes before EOF.
@@ -188,25 +204,26 @@ enum { zip_fd = 3 };
* To make extraction work, bumped PEEK_FROM_END from 16k to 64k.
*/
#define PEEK_FROM_END (64*1024)
-
-/* This value means that we failed to find CDF */
-#define BAD_CDF_OFFSET ((uint32_t)0xffffffff)
-
/* NB: does not preserve file position! */
static uint32_t find_cdf_offset(void)
{
cde_header_t cde_header;
+ unsigned char *buf;
unsigned char *p;
off_t end;
- unsigned char *buf = xzalloc(PEEK_FROM_END);
uint32_t found;
- end = xlseek(zip_fd, 0, SEEK_END);
+ end = lseek(zip_fd, 0, SEEK_END);
+ if (end == (off_t) -1)
+ return BAD_CDF_OFFSET;
+
end -= PEEK_FROM_END;
if (end < 0)
end = 0;
+
dbg("Looking for cdf_offset starting from 0x%"OFF_FMT"x", end);
xlseek(zip_fd, end, SEEK_SET);
+ buf = xzalloc(PEEK_FROM_END);
full_read(zip_fd, buf, PEEK_FROM_END);
found = BAD_CDF_OFFSET;
@@ -252,30 +269,36 @@ static uint32_t find_cdf_offset(void)
static uint32_t read_next_cdf(uint32_t cdf_offset, cdf_header_t *cdf_ptr)
{
off_t org;
+ uint32_t magic;
- org = xlseek(zip_fd, 0, SEEK_CUR);
+ if (cdf_offset == BAD_CDF_OFFSET)
+ return cdf_offset;
- if (!cdf_offset)
- cdf_offset = find_cdf_offset();
-
- if (cdf_offset != BAD_CDF_OFFSET) {
- dbg("Reading CDF at 0x%x", (unsigned)cdf_offset);
- xlseek(zip_fd, cdf_offset + 4, SEEK_SET);
- xread(zip_fd, cdf_ptr->raw, CDF_HEADER_LEN);
- FIX_ENDIANNESS_CDF(*cdf_ptr);
- dbg(" file_name_length:%u extra_field_length:%u file_comment_length:%u",
- (unsigned)cdf_ptr->formatted.file_name_length,
- (unsigned)cdf_ptr->formatted.extra_field_length,
- (unsigned)cdf_ptr->formatted.file_comment_length
- );
- cdf_offset += 4 + CDF_HEADER_LEN
- + cdf_ptr->formatted.file_name_length
- + cdf_ptr->formatted.extra_field_length
- + cdf_ptr->formatted.file_comment_length;
+ org = xlseek(zip_fd, 0, SEEK_CUR);
+ dbg("Reading CDF at 0x%x", (unsigned)cdf_offset);
+ xlseek(zip_fd, cdf_offset, SEEK_SET);
+ xread(zip_fd, &magic, 4);
+ /* Central Directory End? */
+ if (magic == ZIP_CDE_MAGIC) {
+ dbg("got ZIP_CDE_MAGIC");
+ return 0; /* EOF */
}
+ xread(zip_fd, cdf_ptr->raw, CDF_HEADER_LEN);
+ /* Caller doesn't need this: */
+ /* dbg("Returning file position to 0x%"OFF_FMT"x", org); */
+ /* xlseek(zip_fd, org, SEEK_SET); */
+
+ FIX_ENDIANNESS_CDF(*cdf_ptr);
+ dbg(" file_name_length:%u extra_field_length:%u file_comment_length:%u",
+ (unsigned)cdf_ptr->formatted.file_name_length,
+ (unsigned)cdf_ptr->formatted.extra_field_length,
+ (unsigned)cdf_ptr->formatted.file_comment_length
+ );
+ cdf_offset += 4 + CDF_HEADER_LEN
+ + cdf_ptr->formatted.file_name_length
+ + cdf_ptr->formatted.extra_field_length
+ + cdf_ptr->formatted.file_comment_length;
- dbg("Returning file position to 0x%"OFF_FMT"x", org);
- xlseek(zip_fd, org, SEEK_SET);
return cdf_offset;
};
#endif
@@ -324,6 +347,7 @@ static void unzip_extract(zip_header_t *zip_header, int dst_fd)
bb_error_msg("bad length");
}
}
+ /* TODO? method 12: bzip2, method 14: LZMA */
}
static void my_fgets80(char *buf80)
@@ -339,15 +363,12 @@ int unzip_main(int argc, char **argv)
{
enum { O_PROMPT, O_NEVER, O_ALWAYS };
- zip_header_t zip_header;
smallint quiet = 0;
- IF_NOT_DESKTOP(const) smallint verbose = 0;
+ IF_NOT_FEATURE_UNZIP_CDF(const) smallint verbose = 0;
smallint listing = 0;
smallint overwrite = O_PROMPT;
smallint x_opt_seen;
-#if ENABLE_DESKTOP
uint32_t cdf_offset;
-#endif
unsigned long total_usize;
unsigned long total_size;
unsigned total_entries;
@@ -430,7 +451,7 @@ int unzip_main(int argc, char **argv)
break;
case 'v': /* Verbose list */
- IF_DESKTOP(verbose++;)
+ IF_FEATURE_UNZIP_CDF(verbose++;)
listing = 1;
break;
@@ -545,78 +566,102 @@ int unzip_main(int argc, char **argv)
total_usize = 0;
total_size = 0;
total_entries = 0;
-#if ENABLE_DESKTOP
- cdf_offset = 0;
-#endif
+ cdf_offset = find_cdf_offset(); /* try to seek to the end, find CDE and CDF start */
while (1) {
- uint32_t magic;
+ zip_header_t zip_header;
mode_t dir_mode = 0777;
-#if ENABLE_DESKTOP
+#if ENABLE_FEATURE_UNZIP_CDF
mode_t file_mode = 0666;
#endif
- /* Check magic number */
- xread(zip_fd, &magic, 4);
- /* Central directory? It's at the end, so exit */
- if (magic == ZIP_CDF_MAGIC) {
- dbg("got ZIP_CDF_MAGIC");
- break;
- }
-#if ENABLE_DESKTOP
- /* Data descriptor? It was a streaming file, go on */
- if (magic == ZIP_DD_MAGIC) {
- dbg("got ZIP_DD_MAGIC");
- /* skip over duplicate crc32, cmpsize and ucmpsize */
- unzip_skip(3 * 4);
- continue;
- }
-#endif
- if (magic != ZIP_FILEHEADER_MAGIC)
- bb_error_msg_and_die("invalid zip magic %08X", (int)magic);
- dbg("got ZIP_FILEHEADER_MAGIC");
-
- /* Read the file header */
- xread(zip_fd, zip_header.raw, ZIP_HEADER_LEN);
- FIX_ENDIANNESS_ZIP(zip_header);
- if ((zip_header.formatted.method != 0) && (zip_header.formatted.method != 8)) {
- bb_error_msg_and_die("unsupported method %d", zip_header.formatted.method);
- }
-#if !ENABLE_DESKTOP
- if (zip_header.formatted.zip_flags & SWAP_LE16(0x0009)) {
- bb_error_msg_and_die("zip flags 1 and 8 are not supported");
- }
-#else
- if (zip_header.formatted.zip_flags & SWAP_LE16(0x0001)) {
- /* 0x0001 - encrypted */
- bb_error_msg_and_die("zip flag 1 (encryption) is not supported");
- }
+ if (!ENABLE_FEATURE_UNZIP_CDF || cdf_offset == BAD_CDF_OFFSET) {
+ /* Normally happens when input is unseekable.
+ *
+ * Valid ZIP file has Central Directory at the end
+ * with central directory file headers (CDFs).
+ * After it, there is a Central Directory End structure.
+ * CDFs identify what files are in the ZIP and where
+ * they are located. This allows ZIP readers to load
+ * the list of files without reading the entire ZIP archive.
+ * ZIP files may be appended to, only files specified in
+ * the CD are valid. Scanning for local file headers is
+ * not a correct algorithm.
+ *
+ * We try to do the above, and resort to "linear" reading
+ * of ZIP file only if seek failed or CDE wasn't found.
+ */
+ uint32_t magic;
- if (cdf_offset != BAD_CDF_OFFSET) {
+ /* Check magic number */
+ xread(zip_fd, &magic, 4);
+ /* Central directory? It's at the end, so exit */
+ if (magic == ZIP_CDF_MAGIC) {
+ dbg("got ZIP_CDF_MAGIC");
+ break;
+ }
+ /* Data descriptor? It was a streaming file, go on */
+ if (magic == ZIP_DD_MAGIC) {
+ dbg("got ZIP_DD_MAGIC");
+ /* skip over duplicate crc32, cmpsize and ucmpsize */
+ unzip_skip(3 * 4);
+ continue;
+ }
+ if (magic != ZIP_FILEHEADER_MAGIC)
+ bb_error_msg_and_die("invalid zip magic %08X", (int)magic);
+ dbg("got ZIP_FILEHEADER_MAGIC");
+
+ xread(zip_fd, zip_header.raw, ZIP_HEADER_LEN);
+ FIX_ENDIANNESS_ZIP(zip_header);
+ if ((zip_header.formatted.method != 0)
+ && (zip_header.formatted.method != 8)
+ ) {
+ /* TODO? method 12: bzip2, method 14: LZMA */
+ bb_error_msg_and_die("unsupported method %d", zip_header.formatted.method);
+ }
+ if (zip_header.formatted.zip_flags & SWAP_LE16(0x0009)) {
+ bb_error_msg_and_die("zip flags 1 and 8 are not supported");
+ }
+ }
+#if ENABLE_FEATURE_UNZIP_CDF
+ else {
+ /* cdf_offset is valid (and we know the file is seekable) */
cdf_header_t cdf_header;
cdf_offset = read_next_cdf(cdf_offset, &cdf_header);
- /*
- * Note: cdf_offset can become BAD_CDF_OFFSET after the above call.
- */
+ if (cdf_offset == 0) /* EOF? */
+ break;
+# if 0
+ xlseek(zip_fd,
+ SWAP_LE32(cdf_header.formatted.relative_offset_of_local_header) + 4,
+ SEEK_SET);
+ xread(zip_fd, zip_header.raw, ZIP_HEADER_LEN);
+ FIX_ENDIANNESS_ZIP(zip_header);
if (zip_header.formatted.zip_flags & SWAP_LE16(0x0008)) {
/* 0x0008 - streaming. [u]cmpsize can be reliably gotten
- * only from Central Directory. See unzip_doc.txt
+ * only from Central Directory.
*/
zip_header.formatted.crc32 = cdf_header.formatted.crc32;
zip_header.formatted.cmpsize = cdf_header.formatted.cmpsize;
zip_header.formatted.ucmpsize = cdf_header.formatted.ucmpsize;
}
+# else
+ /* CDF has the same data as local header, no need to read the latter */
+ memcpy(&zip_header.formatted.version,
+ &cdf_header.formatted.version_needed, ZIP_HEADER_LEN);
+ xlseek(zip_fd,
+ SWAP_LE32(cdf_header.formatted.relative_offset_of_local_header) + 4 + ZIP_HEADER_LEN,
+ SEEK_SET);
+# endif
if ((cdf_header.formatted.version_made_by >> 8) == 3) {
/* This archive is created on Unix */
dir_mode = file_mode = (cdf_header.formatted.external_file_attributes >> 16);
}
}
- if (cdf_offset == BAD_CDF_OFFSET
- && (zip_header.formatted.zip_flags & SWAP_LE16(0x0008))
- ) {
- /* If it's a streaming zip, we _require_ CDF */
- bb_error_msg_and_die("can't find file table");
- }
#endif
+
+ if (zip_header.formatted.zip_flags & SWAP_LE16(0x0001)) {
+ /* 0x0001 - encrypted */
+ bb_error_msg_and_die("zip flag 1 (encryption) is not supported");
+ }
dbg("File cmpsize:0x%x extra_len:0x%x ucmpsize:0x%x",
(unsigned)zip_header.formatted.cmpsize,
(unsigned)zip_header.formatted.extra_len,
@@ -751,7 +796,7 @@ int unzip_main(int argc, char **argv)
overwrite = O_ALWAYS;
case 'y': /* Open file and fall into unzip */
unzip_create_leading_dirs(dst_fn);
-#if ENABLE_DESKTOP
+#if ENABLE_FEATURE_UNZIP_CDF
dst_fd = xopen3(dst_fn, O_WRONLY | O_CREAT | O_TRUNC, file_mode);
#else
dst_fd = xopen(dst_fn, O_WRONLY | O_CREAT | O_TRUNC);
diff --git a/testsuite/unzip.tests b/testsuite/unzip.tests
index d8738a3bd..d9c45242c 100755
--- a/testsuite/unzip.tests
+++ b/testsuite/unzip.tests
@@ -31,11 +31,10 @@ rmdir foo
rm foo.zip
# File containing some damaged encrypted stream
+optional FEATURE_UNZIP_CDF
testing "unzip (bad archive)" "uudecode; unzip bad.zip 2>&1; echo \$?" \
"Archive: bad.zip
- inflating: ]3j½r«IK-%Ix
-unzip: corrupted data
-unzip: inflate error
+unzip: short read
1
" \
"" "\
@@ -49,6 +48,7 @@ BDYAAAAMAAEADQAAADIADQAAAEEAAAASw73Ct1DKokohPXQiNzA+FAI1HCcW
NzITNFBLBQUKAC4JAA04Cw0EOhZQSwUGAQAABAIAAgCZAAAAeQAAAAIALhM=
====
"
+SKIP=
rm *
--
2.11.0

4
bsp/buildroot/package/busybox/0008-httpd-fix-handling-of-range-requests.patch → bsp/buildroot/package/busybox/0005-httpd-fix-handling-of-range-requests.patch
View File

@@ -1,4 +1,4 @@
From 4316dff48aacb29307e1b52cb761fef603759b9d Mon Sep 17 00:00:00 2001
From 2b400d9b2b7309d6e479102fc3ce646e893058a5 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Mon, 18 Sep 2017 13:09:11 +0200
Subject: [PATCH] httpd: fix handling of range requests
@@ -10,7 +10,7 @@ Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/networking/httpd.c b/networking/httpd.c
index d301d598d..84d819723 100644
index e072f23c7..5e32fc936 100644
--- a/networking/httpd.c
+++ b/networking/httpd.c
@@ -2337,7 +2337,7 @@ static void handle_incoming_and_exit(const len_and_sockaddr *fromAddr)

27
bsp/buildroot/package/busybox/0005-typo-fix-in-config-help-text.patch
View File

@@ -1,27 +0,0 @@
From f8692dc6a0035788a83821fa18b987d8748f97a7 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Thu, 5 Jan 2017 11:47:28 +0100
Subject: [PATCH] typo fix in config help text
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
archival/unzip.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/archival/unzip.c b/archival/unzip.c
index edef22f75..f1726439d 100644
--- a/archival/unzip.c
+++ b/archival/unzip.c
@@ -31,7 +31,7 @@
//config: depends on UNZIP
//config: help
//config: If you know that you only need to deal with simple
-//config: ZIP files without deleted/updated files, SFX archves etc,
+//config: ZIP files without deleted/updated files, SFX archives etc,
//config: you can reduce code size by unselecting this option.
//config: To support less trivial ZIPs, say Y.
--
2.11.0

101
bsp/buildroot/package/busybox/0006-bunzip2-fix-runCnt-overflow-from-bug-10431.patch Normal file
View File

@@ -0,0 +1,101 @@
From 0402cb32df015d9372578e3db27db47b33d5c7b0 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Sun, 22 Oct 2017 18:23:23 +0200
Subject: [PATCH] bunzip2: fix runCnt overflow from bug 10431
This particular corrupted file can be dealth with by using "unsigned".
If there will be cases where it genuinely overflows, there is a disabled
code to deal with that too.
function old new delta
get_next_block 1678 1667 -11
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Patch status: upstream commit 0402cb32df0
archival/libarchive/decompress_bunzip2.c | 30 +++++++++++++++++++-----------
1 file changed, 19 insertions(+), 11 deletions(-)
diff --git a/archival/libarchive/decompress_bunzip2.c b/archival/libarchive/decompress_bunzip2.c
index 7cd18f5ed4cf..bec89edd3a4d 100644
--- a/archival/libarchive/decompress_bunzip2.c
+++ b/archival/libarchive/decompress_bunzip2.c
@@ -156,15 +156,15 @@ static unsigned get_bits(bunzip_data *bd, int bits_wanted)
static int get_next_block(bunzip_data *bd)
{
struct group_data *hufGroup;
- int dbufCount, dbufSize, groupCount, *base, *limit, selector,
- i, j, runPos, symCount, symTotal, nSelectors, byteCount[256];
- int runCnt = runCnt; /* for compiler */
+ int groupCount, *base, *limit, selector,
+ i, j, symCount, symTotal, nSelectors, byteCount[256];
uint8_t uc, symToByte[256], mtfSymbol[256], *selectors;
uint32_t *dbuf;
unsigned origPtr, t;
+ unsigned dbufCount, runPos;
+ unsigned runCnt = runCnt; /* for compiler */
dbuf = bd->dbuf;
- dbufSize = bd->dbufSize;
selectors = bd->selectors;
/* In bbox, we are ok with aborting through setjmp which is set up in start_bunzip */
@@ -187,7 +187,7 @@ static int get_next_block(bunzip_data *bd)
it didn't actually work. */
if (get_bits(bd, 1)) return RETVAL_OBSOLETE_INPUT;
origPtr = get_bits(bd, 24);
- if ((int)origPtr > dbufSize) return RETVAL_DATA_ERROR;
+ if (origPtr > bd->dbufSize) return RETVAL_DATA_ERROR;
/* mapping table: if some byte values are never used (encoding things
like ascii text), the compression code removes the gaps to have fewer
@@ -435,7 +435,14 @@ static int get_next_block(bunzip_data *bd)
symbols, but a run of length 0 doesn't mean anything in this
context). Thus space is saved. */
runCnt += (runPos << nextSym); /* +runPos if RUNA; +2*runPos if RUNB */
- if (runPos < dbufSize) runPos <<= 1;
+//The 32-bit overflow of runCnt wasn't yet seen, but probably can happen.
+//This would be the fix (catches too large count way before it can overflow):
+// if (runCnt > bd->dbufSize) {
+// dbg("runCnt:%u > dbufSize:%u RETVAL_DATA_ERROR",
+// runCnt, bd->dbufSize);
+// return RETVAL_DATA_ERROR;
+// }
+ if (runPos < bd->dbufSize) runPos <<= 1;
goto end_of_huffman_loop;
}
@@ -445,14 +452,15 @@ static int get_next_block(bunzip_data *bd)
literal used is the one at the head of the mtfSymbol array.) */
if (runPos != 0) {
uint8_t tmp_byte;
- if (dbufCount + runCnt > dbufSize) {
- dbg("dbufCount:%d+runCnt:%d %d > dbufSize:%d RETVAL_DATA_ERROR",
- dbufCount, runCnt, dbufCount + runCnt, dbufSize);
+ if (dbufCount + runCnt > bd->dbufSize) {
+ dbg("dbufCount:%u+runCnt:%u %u > dbufSize:%u RETVAL_DATA_ERROR",
+ dbufCount, runCnt, dbufCount + runCnt, bd->dbufSize);
return RETVAL_DATA_ERROR;
}
tmp_byte = symToByte[mtfSymbol[0]];
byteCount[tmp_byte] += runCnt;
- while (--runCnt >= 0) dbuf[dbufCount++] = (uint32_t)tmp_byte;
+ while ((int)--runCnt >= 0)
+ dbuf[dbufCount++] = (uint32_t)tmp_byte;
runPos = 0;
}
@@ -466,7 +474,7 @@ static int get_next_block(bunzip_data *bd)
first symbol in the mtf array, position 0, would have been handled
as part of a run above. Therefore 1 unused mtf position minus
2 non-literal nextSym values equals -1.) */
- if (dbufCount >= dbufSize) return RETVAL_DATA_ERROR;
+ if (dbufCount >= bd->dbufSize) return RETVAL_DATA_ERROR;
i = nextSym - 1;
uc = mtfSymbol[i];
--
2.15.1

50
bsp/buildroot/package/busybox/0006-unzip-remove-now-pointless-lseek-which-returns-curre.patch
View File

@@ -1,50 +0,0 @@
From 50504d3a3badb8ab80bd33797abcbb3b7427c267 Mon Sep 17 00:00:00 2001
From: Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn@axis.com>
Date: Thu, 5 Jan 2017 19:07:54 +0100
Subject: [PATCH] unzip: remove now-pointless lseek which returns current
position
archival/unzip.c: In function 'read_next_cdf':
archival/unzip.c:271:8: warning: variable 'org' set but
not used [-Wunused-but-set-variable]
off_t org;
^~~
Signed-off-by: Cristian Ionescu-Idbohrn <cristian.ionescu-idbohrn@axis.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
archival/unzip.c | 5 -----
1 file changed, 5 deletions(-)
diff --git a/archival/unzip.c b/archival/unzip.c
index f1726439d..98a71c09d 100644
--- a/archival/unzip.c
+++ b/archival/unzip.c
@@ -268,13 +268,11 @@ static uint32_t find_cdf_offset(void)
static uint32_t read_next_cdf(uint32_t cdf_offset, cdf_header_t *cdf_ptr)
{
- off_t org;
uint32_t magic;
if (cdf_offset == BAD_CDF_OFFSET)
return cdf_offset;
- org = xlseek(zip_fd, 0, SEEK_CUR);
dbg("Reading CDF at 0x%x", (unsigned)cdf_offset);
xlseek(zip_fd, cdf_offset, SEEK_SET);
xread(zip_fd, &magic, 4);
@@ -284,9 +282,6 @@ static uint32_t read_next_cdf(uint32_t cdf_offset, cdf_header_t *cdf_ptr)
return 0; /* EOF */
}
xread(zip_fd, cdf_ptr->raw, CDF_HEADER_LEN);
- /* Caller doesn't need this: */
- /* dbg("Returning file position to 0x%"OFF_FMT"x", org); */
- /* xlseek(zip_fd, org, SEEK_SET); */
FIX_ENDIANNESS_CDF(*cdf_ptr);
dbg(" file_name_length:%u extra_field_length:%u file_comment_length:%u",
--
2.11.0

34
bsp/buildroot/package/busybox/0007-unlzma-fix-SEGV-closes-10436.patch Normal file
View File

@@ -0,0 +1,34 @@
From 9ac42c500586fa5f10a1f6d22c3f797df11b1f6b Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Fri, 27 Oct 2017 15:37:03 +0200
Subject: [PATCH] unlzma: fix SEGV, closes 10436
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Patch status: upstream commit 9ac42c500586f
archival/libarchive/decompress_unlzma.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/archival/libarchive/decompress_unlzma.c b/archival/libarchive/decompress_unlzma.c
index a9040877efa0..be4342414435 100644
--- a/archival/libarchive/decompress_unlzma.c
+++ b/archival/libarchive/decompress_unlzma.c
@@ -450,8 +450,12 @@ unpack_lzma_stream(transformer_state_t *xstate)
IF_NOT_FEATURE_LZMA_FAST(string:)
do {
uint32_t pos = buffer_pos - rep0;
- if ((int32_t)pos < 0)
+ if ((int32_t)pos < 0) {
pos += header.dict_size;
+ /* bug 10436 has an example file where this triggers: */
+ if ((int32_t)pos < 0)
+ goto bad;
+ }
previous_byte = buffer[pos];
IF_NOT_FEATURE_LZMA_FAST(one_byte2:)
buffer[buffer_pos++] = previous_byte;
--
2.15.1

509
bsp/buildroot/package/busybox/0007-unzip-do-not-use-CDF.extra_len-read-local-file-heade.patch
View File

@@ -1,509 +0,0 @@
From ee72302ac5e3b0b2217f616ab316d3c89e5a1f4c Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Sun, 8 Jan 2017 14:14:19 +0100
Subject: [PATCH] unzip: do not use CDF.extra_len, read local file header.
Closes 9536
While at it, shorten many field and variable names.
function old new delta
unzip_main 2334 2376 +42
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
archival/unzip.c | 236 ++++++++++++++++++++++++++------------------------
testsuite/unzip.tests | 4 +-
2 files changed, 125 insertions(+), 115 deletions(-)
diff --git a/archival/unzip.c b/archival/unzip.c
index 98a71c09d..921493591 100644
--- a/archival/unzip.c
+++ b/archival/unzip.c
@@ -62,8 +62,8 @@
enum {
#if BB_BIG_ENDIAN
ZIP_FILEHEADER_MAGIC = 0x504b0304,
- ZIP_CDF_MAGIC = 0x504b0102, /* central directory's file header */
- ZIP_CDE_MAGIC = 0x504b0506, /* "end of central directory" record */
+ ZIP_CDF_MAGIC = 0x504b0102, /* CDF item */
+ ZIP_CDE_MAGIC = 0x504b0506, /* End of CDF */
ZIP_DD_MAGIC = 0x504b0708,
#else
ZIP_FILEHEADER_MAGIC = 0x04034b50,
@@ -91,16 +91,16 @@ typedef union {
/* filename follows (not NUL terminated) */
/* extra field follows */
/* data follows */
- } formatted PACKED;
+ } fmt PACKED;
} zip_header_t; /* PACKED - gcc 4.2.1 doesn't like it (spews warning) */
-#define FIX_ENDIANNESS_ZIP(zip_header) \
+#define FIX_ENDIANNESS_ZIP(zip) \
do { if (BB_BIG_ENDIAN) { \
- (zip_header).formatted.crc32 = SWAP_LE32((zip_header).formatted.crc32 ); \
- (zip_header).formatted.cmpsize = SWAP_LE32((zip_header).formatted.cmpsize ); \
- (zip_header).formatted.ucmpsize = SWAP_LE32((zip_header).formatted.ucmpsize ); \
- (zip_header).formatted.filename_len = SWAP_LE16((zip_header).formatted.filename_len); \
- (zip_header).formatted.extra_len = SWAP_LE16((zip_header).formatted.extra_len ); \
+ (zip).fmt.crc32 = SWAP_LE32((zip).fmt.crc32 ); \
+ (zip).fmt.cmpsize = SWAP_LE32((zip).fmt.cmpsize ); \
+ (zip).fmt.ucmpsize = SWAP_LE32((zip).fmt.ucmpsize ); \
+ (zip).fmt.filename_len = SWAP_LE16((zip).fmt.filename_len); \
+ (zip).fmt.extra_len = SWAP_LE16((zip).fmt.extra_len ); \
}} while (0)
#define CDF_HEADER_LEN 42
@@ -118,39 +118,39 @@ typedef union {
uint32_t crc32; /* 12-15 */
uint32_t cmpsize; /* 16-19 */
uint32_t ucmpsize; /* 20-23 */
- uint16_t file_name_length; /* 24-25 */
- uint16_t extra_field_length; /* 26-27 */
+ uint16_t filename_len; /* 24-25 */
+ uint16_t extra_len; /* 26-27 */
uint16_t file_comment_length; /* 28-29 */
uint16_t disk_number_start; /* 30-31 */
- uint16_t internal_file_attributes; /* 32-33 */
- uint32_t external_file_attributes PACKED; /* 34-37 */
+ uint16_t internal_attributes; /* 32-33 */
+ uint32_t external_attributes PACKED; /* 34-37 */
uint32_t relative_offset_of_local_header PACKED; /* 38-41 */
/* filename follows (not NUL terminated) */
/* extra field follows */
- /* comment follows */
- } formatted PACKED;
+ /* file comment follows */
+ } fmt PACKED;
} cdf_header_t;
-#define FIX_ENDIANNESS_CDF(cdf_header) \
+#define FIX_ENDIANNESS_CDF(cdf) \
do { if (BB_BIG_ENDIAN) { \
- (cdf_header).formatted.version_made_by = SWAP_LE16((cdf_header).formatted.version_made_by); \
- (cdf_header).formatted.version_needed = SWAP_LE16((cdf_header).formatted.version_needed); \
- (cdf_header).formatted.method = SWAP_LE16((cdf_header).formatted.method ); \
- (cdf_header).formatted.modtime = SWAP_LE16((cdf_header).formatted.modtime ); \
- (cdf_header).formatted.moddate = SWAP_LE16((cdf_header).formatted.moddate ); \
- (cdf_header).formatted.crc32 = SWAP_LE32((cdf_header).formatted.crc32 ); \
- (cdf_header).formatted.cmpsize = SWAP_LE32((cdf_header).formatted.cmpsize ); \
- (cdf_header).formatted.ucmpsize = SWAP_LE32((cdf_header).formatted.ucmpsize ); \
- (cdf_header).formatted.file_name_length = SWAP_LE16((cdf_header).formatted.file_name_length); \
- (cdf_header).formatted.extra_field_length = SWAP_LE16((cdf_header).formatted.extra_field_length); \
- (cdf_header).formatted.file_comment_length = SWAP_LE16((cdf_header).formatted.file_comment_length); \
- (cdf_header).formatted.external_file_attributes = SWAP_LE32((cdf_header).formatted.external_file_attributes); \
+ (cdf).fmt.version_made_by = SWAP_LE16((cdf).fmt.version_made_by); \
+ (cdf).fmt.version_needed = SWAP_LE16((cdf).fmt.version_needed); \
+ (cdf).fmt.method = SWAP_LE16((cdf).fmt.method ); \
+ (cdf).fmt.modtime = SWAP_LE16((cdf).fmt.modtime ); \
+ (cdf).fmt.moddate = SWAP_LE16((cdf).fmt.moddate ); \
+ (cdf).fmt.crc32 = SWAP_LE32((cdf).fmt.crc32 ); \
+ (cdf).fmt.cmpsize = SWAP_LE32((cdf).fmt.cmpsize ); \
+ (cdf).fmt.ucmpsize = SWAP_LE32((cdf).fmt.ucmpsize ); \
+ (cdf).fmt.filename_len = SWAP_LE16((cdf).fmt.filename_len); \
+ (cdf).fmt.extra_len = SWAP_LE16((cdf).fmt.extra_len ); \
+ (cdf).fmt.file_comment_length = SWAP_LE16((cdf).fmt.file_comment_length); \
+ (cdf).fmt.external_attributes = SWAP_LE32((cdf).fmt.external_attributes); \
}} while (0)
-#define CDE_HEADER_LEN 16
+#define CDE_LEN 16
typedef union {
- uint8_t raw[CDE_HEADER_LEN];
+ uint8_t raw[CDE_LEN];
struct {
/* uint32_t signature; 50 4b 05 06 */
uint16_t this_disk_no;
@@ -159,14 +159,14 @@ typedef union {
uint16_t cdf_entries_total;
uint32_t cdf_size;
uint32_t cdf_offset;
- /* uint16_t file_comment_length; */
- /* .ZIP file comment (variable size) */
- } formatted PACKED;
-} cde_header_t;
+ /* uint16_t archive_comment_length; */
+ /* archive comment follows */
+ } fmt PACKED;
+} cde_t;
-#define FIX_ENDIANNESS_CDE(cde_header) \
+#define FIX_ENDIANNESS_CDE(cde) \
do { if (BB_BIG_ENDIAN) { \
- (cde_header).formatted.cdf_offset = SWAP_LE32((cde_header).formatted.cdf_offset); \
+ (cde).fmt.cdf_offset = SWAP_LE32((cde).fmt.cdf_offset); \
}} while (0)
struct BUG {
@@ -175,13 +175,13 @@ struct BUG {
* even though the elements are all in the right place.
*/
char BUG_zip_header_must_be_26_bytes[
- offsetof(zip_header_t, formatted.extra_len) + 2
+ offsetof(zip_header_t, fmt.extra_len) + 2
== ZIP_HEADER_LEN ? 1 : -1];
char BUG_cdf_header_must_be_42_bytes[
- offsetof(cdf_header_t, formatted.relative_offset_of_local_header) + 4
+ offsetof(cdf_header_t, fmt.relative_offset_of_local_header) + 4
== CDF_HEADER_LEN ? 1 : -1];
- char BUG_cde_header_must_be_16_bytes[
- sizeof(cde_header_t) == CDE_HEADER_LEN ? 1 : -1];
+ char BUG_cde_must_be_16_bytes[
+ sizeof(cde_t) == CDE_LEN ? 1 : -1];
};
@@ -207,7 +207,7 @@ enum { zip_fd = 3 };
/* NB: does not preserve file position! */
static uint32_t find_cdf_offset(void)
{
- cde_header_t cde_header;
+ cde_t cde;
unsigned char *buf;
unsigned char *p;
off_t end;
@@ -228,7 +228,7 @@ static uint32_t find_cdf_offset(void)
found = BAD_CDF_OFFSET;
p = buf;
- while (p <= buf + PEEK_FROM_END - CDE_HEADER_LEN - 4) {
+ while (p <= buf + PEEK_FROM_END - CDE_LEN - 4) {
if (*p != 'P') {
p++;
continue;
@@ -240,19 +240,19 @@ static uint32_t find_cdf_offset(void)
if (*++p != 6)
continue;
/* we found CDE! */
- memcpy(cde_header.raw, p + 1, CDE_HEADER_LEN);
- FIX_ENDIANNESS_CDE(cde_header);
+ memcpy(cde.raw, p + 1, CDE_LEN);
+ FIX_ENDIANNESS_CDE(cde);
/*
* I've seen .ZIP files with seemingly valid CDEs
* where cdf_offset points past EOF - ??
* This check ignores such CDEs:
*/
- if (cde_header.formatted.cdf_offset < end + (p - buf)) {
- found = cde_header.formatted.cdf_offset;
+ if (cde.fmt.cdf_offset < end + (p - buf)) {
+ found = cde.fmt.cdf_offset;
dbg("Possible cdf_offset:0x%x at 0x%"OFF_FMT"x",
(unsigned)found, end + (p-3 - buf));
dbg(" cdf_offset+cdf_size:0x%x",
- (unsigned)(found + SWAP_LE32(cde_header.formatted.cdf_size)));
+ (unsigned)(found + SWAP_LE32(cde.fmt.cdf_size)));
/*
* We do not "break" here because only the last CDE is valid.
* I've seen a .zip archive which contained a .zip file,
@@ -266,7 +266,7 @@ static uint32_t find_cdf_offset(void)
return found;
};
-static uint32_t read_next_cdf(uint32_t cdf_offset, cdf_header_t *cdf_ptr)
+static uint32_t read_next_cdf(uint32_t cdf_offset, cdf_header_t *cdf)
{
uint32_t magic;
@@ -276,23 +276,25 @@ static uint32_t read_next_cdf(uint32_t cdf_offset, cdf_header_t *cdf_ptr)
dbg("Reading CDF at 0x%x", (unsigned)cdf_offset);
xlseek(zip_fd, cdf_offset, SEEK_SET);
xread(zip_fd, &magic, 4);
- /* Central Directory End? */
+ /* Central Directory End? Assume CDF has ended.
+ * (more correct method is to use cde.cdf_entries_total counter)
+ */
if (magic == ZIP_CDE_MAGIC) {
dbg("got ZIP_CDE_MAGIC");
return 0; /* EOF */
}
- xread(zip_fd, cdf_ptr->raw, CDF_HEADER_LEN);
+ xread(zip_fd, cdf->raw, CDF_HEADER_LEN);
- FIX_ENDIANNESS_CDF(*cdf_ptr);
- dbg(" file_name_length:%u extra_field_length:%u file_comment_length:%u",
- (unsigned)cdf_ptr->formatted.file_name_length,
- (unsigned)cdf_ptr->formatted.extra_field_length,
- (unsigned)cdf_ptr->formatted.file_comment_length
+ FIX_ENDIANNESS_CDF(*cdf);
+ dbg(" filename_len:%u extra_len:%u file_comment_length:%u",
+ (unsigned)cdf->fmt.filename_len,
+ (unsigned)cdf->fmt.extra_len,
+ (unsigned)cdf->fmt.file_comment_length
);
cdf_offset += 4 + CDF_HEADER_LEN
- + cdf_ptr->formatted.file_name_length
- + cdf_ptr->formatted.extra_field_length
- + cdf_ptr->formatted.file_comment_length;
+ + cdf->fmt.filename_len
+ + cdf->fmt.extra_len
+ + cdf->fmt.file_comment_length;
return cdf_offset;
};
@@ -315,28 +317,28 @@ static void unzip_create_leading_dirs(const char *fn)
free(name);
}
-static void unzip_extract(zip_header_t *zip_header, int dst_fd)
+static void unzip_extract(zip_header_t *zip, int dst_fd)
{
- if (zip_header->formatted.method == 0) {
+ if (zip->fmt.method == 0) {
/* Method 0 - stored (not compressed) */
- off_t size = zip_header->formatted.ucmpsize;
+ off_t size = zip->fmt.ucmpsize;
if (size)
bb_copyfd_exact_size(zip_fd, dst_fd, size);
} else {
/* Method 8 - inflate */
transformer_state_t xstate;
init_transformer_state(&xstate);
- xstate.bytes_in = zip_header->formatted.cmpsize;
+ xstate.bytes_in = zip->fmt.cmpsize;
xstate.src_fd = zip_fd;
xstate.dst_fd = dst_fd;
if (inflate_unzip(&xstate) < 0)
bb_error_msg_and_die("inflate error");
/* Validate decompression - crc */
- if (zip_header->formatted.crc32 != (xstate.crc32 ^ 0xffffffffL)) {
+ if (zip->fmt.crc32 != (xstate.crc32 ^ 0xffffffffL)) {
bb_error_msg_and_die("crc error");
}
/* Validate decompression - size */
- if (zip_header->formatted.ucmpsize != xstate.bytes_out) {
+ if (zip->fmt.ucmpsize != xstate.bytes_out) {
/* Don't die. Who knows, maybe len calculation
* was botched somewhere. After all, crc matched! */
bb_error_msg("bad length");
@@ -563,7 +565,7 @@ int unzip_main(int argc, char **argv)
total_entries = 0;
cdf_offset = find_cdf_offset(); /* try to seek to the end, find CDE and CDF start */
while (1) {
- zip_header_t zip_header;
+ zip_header_t zip;
mode_t dir_mode = 0777;
#if ENABLE_FEATURE_UNZIP_CDF
mode_t file_mode = 0666;
@@ -589,7 +591,7 @@ int unzip_main(int argc, char **argv)
/* Check magic number */
xread(zip_fd, &magic, 4);
- /* Central directory? It's at the end, so exit */
+ /* CDF item? Assume there are no more files, exit */
if (magic == ZIP_CDF_MAGIC) {
dbg("got ZIP_CDF_MAGIC");
break;
@@ -605,71 +607,74 @@ int unzip_main(int argc, char **argv)
bb_error_msg_and_die("invalid zip magic %08X", (int)magic);
dbg("got ZIP_FILEHEADER_MAGIC");
- xread(zip_fd, zip_header.raw, ZIP_HEADER_LEN);
- FIX_ENDIANNESS_ZIP(zip_header);
- if ((zip_header.formatted.method != 0)
- && (zip_header.formatted.method != 8)
+ xread(zip_fd, zip.raw, ZIP_HEADER_LEN);
+ FIX_ENDIANNESS_ZIP(zip);
+ if ((zip.fmt.method != 0)
+ && (zip.fmt.method != 8)
) {
/* TODO? method 12: bzip2, method 14: LZMA */
- bb_error_msg_and_die("unsupported method %d", zip_header.formatted.method);
+ bb_error_msg_and_die("unsupported method %d", zip.fmt.method);
}
- if (zip_header.formatted.zip_flags & SWAP_LE16(0x0009)) {
+ if (zip.fmt.zip_flags & SWAP_LE16(0x0009)) {
bb_error_msg_and_die("zip flags 1 and 8 are not supported");
}
}
#if ENABLE_FEATURE_UNZIP_CDF
else {
/* cdf_offset is valid (and we know the file is seekable) */
- cdf_header_t cdf_header;
- cdf_offset = read_next_cdf(cdf_offset, &cdf_header);
+ cdf_header_t cdf;
+ cdf_offset = read_next_cdf(cdf_offset, &cdf);
if (cdf_offset == 0) /* EOF? */
break;
-# if 0
+# if 1
xlseek(zip_fd,
- SWAP_LE32(cdf_header.formatted.relative_offset_of_local_header) + 4,
+ SWAP_LE32(cdf.fmt.relative_offset_of_local_header) + 4,
SEEK_SET);
- xread(zip_fd, zip_header.raw, ZIP_HEADER_LEN);
- FIX_ENDIANNESS_ZIP(zip_header);
- if (zip_header.formatted.zip_flags & SWAP_LE16(0x0008)) {
+ xread(zip_fd, zip.raw, ZIP_HEADER_LEN);
+ FIX_ENDIANNESS_ZIP(zip);
+ if (zip.fmt.zip_flags & SWAP_LE16(0x0008)) {
/* 0x0008 - streaming. [u]cmpsize can be reliably gotten
* only from Central Directory.
*/
- zip_header.formatted.crc32 = cdf_header.formatted.crc32;
- zip_header.formatted.cmpsize = cdf_header.formatted.cmpsize;
- zip_header.formatted.ucmpsize = cdf_header.formatted.ucmpsize;
+ zip.fmt.crc32 = cdf.fmt.crc32;
+ zip.fmt.cmpsize = cdf.fmt.cmpsize;
+ zip.fmt.ucmpsize = cdf.fmt.ucmpsize;
}
# else
- /* CDF has the same data as local header, no need to read the latter */
- memcpy(&zip_header.formatted.version,
- &cdf_header.formatted.version_needed, ZIP_HEADER_LEN);
+ /* CDF has the same data as local header, no need to read the latter...
+ * ...not really. An archive was seen with cdf.extra_len == 6 but
+ * zip.extra_len == 0.
+ */
+ memcpy(&zip.fmt.version,
+ &cdf.fmt.version_needed, ZIP_HEADER_LEN);
xlseek(zip_fd,
- SWAP_LE32(cdf_header.formatted.relative_offset_of_local_header) + 4 + ZIP_HEADER_LEN,
+ SWAP_LE32(cdf.fmt.relative_offset_of_local_header) + 4 + ZIP_HEADER_LEN,
SEEK_SET);
# endif
- if ((cdf_header.formatted.version_made_by >> 8) == 3) {
+ if ((cdf.fmt.version_made_by >> 8) == 3) {
/* This archive is created on Unix */
- dir_mode = file_mode = (cdf_header.formatted.external_file_attributes >> 16);
+ dir_mode = file_mode = (cdf.fmt.external_attributes >> 16);
}
}
#endif
- if (zip_header.formatted.zip_flags & SWAP_LE16(0x0001)) {
+ if (zip.fmt.zip_flags & SWAP_LE16(0x0001)) {
/* 0x0001 - encrypted */
bb_error_msg_and_die("zip flag 1 (encryption) is not supported");
}
dbg("File cmpsize:0x%x extra_len:0x%x ucmpsize:0x%x",
- (unsigned)zip_header.formatted.cmpsize,
- (unsigned)zip_header.formatted.extra_len,
- (unsigned)zip_header.formatted.ucmpsize
+ (unsigned)zip.fmt.cmpsize,
+ (unsigned)zip.fmt.extra_len,
+ (unsigned)zip.fmt.ucmpsize
);
/* Read filename */
free(dst_fn);
- dst_fn = xzalloc(zip_header.formatted.filename_len + 1);
- xread(zip_fd, dst_fn, zip_header.formatted.filename_len);
+ dst_fn = xzalloc(zip.fmt.filename_len + 1);
+ xread(zip_fd, dst_fn, zip.fmt.filename_len);
/* Skip extra header bytes */
- unzip_skip(zip_header.formatted.extra_len);
+ unzip_skip(zip.fmt.extra_len);
/* Guard against "/abspath", "/../" and similar attacks */
overlapping_strcpy(dst_fn, strip_unsafe_prefix(dst_fn));
@@ -684,32 +689,32 @@ int unzip_main(int argc, char **argv)
/* List entry */
char dtbuf[sizeof("mm-dd-yyyy hh:mm")];
sprintf(dtbuf, "%02u-%02u-%04u %02u:%02u",
- (zip_header.formatted.moddate >> 5) & 0xf, // mm: 0x01e0
- (zip_header.formatted.moddate) & 0x1f, // dd: 0x001f
- (zip_header.formatted.moddate >> 9) + 1980, // yy: 0xfe00
- (zip_header.formatted.modtime >> 11), // hh: 0xf800
- (zip_header.formatted.modtime >> 5) & 0x3f // mm: 0x07e0
- // seconds/2 are not shown, encoded in ----------- 0x001f
+ (zip.fmt.moddate >> 5) & 0xf, // mm: 0x01e0
+ (zip.fmt.moddate) & 0x1f, // dd: 0x001f
+ (zip.fmt.moddate >> 9) + 1980, // yy: 0xfe00
+ (zip.fmt.modtime >> 11), // hh: 0xf800
+ (zip.fmt.modtime >> 5) & 0x3f // mm: 0x07e0
+ // seconds/2 not shown, encoded in -- 0x001f
);
if (!verbose) {
// " Length Date Time Name\n"
// "--------- ---------- ----- ----"
printf( "%9u " "%s " "%s\n",
- (unsigned)zip_header.formatted.ucmpsize,
+ (unsigned)zip.fmt.ucmpsize,
dtbuf,
dst_fn);
} else {
- unsigned long percents = zip_header.formatted.ucmpsize - zip_header.formatted.cmpsize;
+ unsigned long percents = zip.fmt.ucmpsize - zip.fmt.cmpsize;
if ((int32_t)percents < 0)
percents = 0; /* happens if ucmpsize < cmpsize */
percents = percents * 100;
- if (zip_header.formatted.ucmpsize)
- percents /= zip_header.formatted.ucmpsize;
+ if (zip.fmt.ucmpsize)
+ percents /= zip.fmt.ucmpsize;
// " Length Method Size Cmpr Date Time CRC-32 Name\n"
// "-------- ------ ------- ---- ---------- ----- -------- ----"
printf( "%8u %s" "%9u%4u%% " "%s " "%08x " "%s\n",
- (unsigned)zip_header.formatted.ucmpsize,
- zip_header.formatted.method == 0 ? "Stored" : "Defl:N", /* Defl is method 8 */
+ (unsigned)zip.fmt.ucmpsize,
+ zip.fmt.method == 0 ? "Stored" : "Defl:N", /* Defl is method 8 */
/* TODO: show other methods?
* 1 - Shrunk
* 2 - Reduced with compression factor 1
@@ -722,15 +727,16 @@ int unzip_main(int argc, char **argv)
* 10 - PKWARE Data Compression Library Imploding
* 11 - Reserved by PKWARE
* 12 - BZIP2
+ * 14 - LZMA
*/
- (unsigned)zip_header.formatted.cmpsize,
+ (unsigned)zip.fmt.cmpsize,
(unsigned)percents,
dtbuf,
- zip_header.formatted.crc32,
+ zip.fmt.crc32,
dst_fn);
- total_size += zip_header.formatted.cmpsize;
+ total_size += zip.fmt.cmpsize;
}
- total_usize += zip_header.formatted.ucmpsize;
+ total_usize += zip.fmt.ucmpsize;
i = 'n';
} else if (dst_fd == STDOUT_FILENO) {
/* Extracting to STDOUT */
@@ -798,9 +804,11 @@ int unzip_main(int argc, char **argv)
#endif
case -1: /* Unzip */
if (!quiet) {
- printf(" inflating: %s\n", dst_fn);
+ printf(/* zip.fmt.method == 0
+ ? " extracting: %s\n"
+ : */ " inflating: %s\n", dst_fn);
}
- unzip_extract(&zip_header, dst_fd);
+ unzip_extract(&zip, dst_fd);
if (dst_fd != STDOUT_FILENO) {
/* closing STDOUT is potentially bad for future business */
close(dst_fd);
@@ -811,7 +819,7 @@ int unzip_main(int argc, char **argv)
overwrite = O_NEVER;
case 'n':
/* Skip entry data */
- unzip_skip(zip_header.formatted.cmpsize);
+ unzip_skip(zip.fmt.cmpsize);
break;
case 'r':
diff --git a/testsuite/unzip.tests b/testsuite/unzip.tests
index d9c45242c..2e4becdb8 100755
--- a/testsuite/unzip.tests
+++ b/testsuite/unzip.tests
@@ -34,7 +34,9 @@ rm foo.zip
optional FEATURE_UNZIP_CDF
testing "unzip (bad archive)" "uudecode; unzip bad.zip 2>&1; echo \$?" \
"Archive: bad.zip
-unzip: short read
+ inflating: ]3j½r«IK-%Ix
+unzip: corrupted data
+unzip: inflate error
1
" \
"" "\
--
2.11.0

178
bsp/buildroot/package/busybox/busybox-minimal.config
View File

@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
# Busybox version: 1.26.0
# Thu Dec 29 21:13:55 2016
# Busybox version: 1.27.1
# Sun Jul 30 15:42:11 2017
#
CONFIG_HAVE_DOT_CONFIG=y
@@ -12,7 +12,6 @@ CONFIG_HAVE_DOT_CONFIG=y
# CONFIG_EXTRA_COMPAT is not set
CONFIG_INCLUDE_SUSv2=y
# CONFIG_USE_PORTABLE_CODE is not set
CONFIG_PLATFORM_LINUX=y
# CONFIG_SHOW_USAGE is not set
# CONFIG_FEATURE_VERBOSE_USAGE is not set
# CONFIG_FEATURE_COMPRESS_USAGE is not set
@@ -35,13 +34,14 @@ CONFIG_FEATURE_SUID=y
CONFIG_BUSYBOX_EXEC_PATH="/proc/self/exe"
CONFIG_FEATURE_SYSLOG=y
# CONFIG_FEATURE_HAVE_RPC is not set
CONFIG_PLATFORM_LINUX=y
#
# Build Options
#
CONFIG_STATIC=y
# CONFIG_PIE is not set
CONFIG_NOMMU=y
# CONFIG_NOMMU is not set
# CONFIG_BUILD_LIBBUSYBOX is not set
# CONFIG_FEATURE_INDIVIDUAL is not set
# CONFIG_FEATURE_SHARED_BUSYBOX is not set
@@ -89,7 +89,6 @@ CONFIG_MD5_SMALL=1
CONFIG_SHA3_SMALL=1
# CONFIG_FEATURE_FAST_TOP is not set
# CONFIG_FEATURE_ETC_NETWORKS is not set
CONFIG_FEATURE_USE_TERMIOS=y
CONFIG_FEATURE_EDITING=y
CONFIG_FEATURE_EDITING_MAX_LEN=1024
CONFIG_FEATURE_EDITING_VI=y
@@ -150,6 +149,7 @@ CONFIG_LZCAT=y
CONFIG_XZCAT=y
# CONFIG_XZ is not set
# CONFIG_BZIP2 is not set
CONFIG_FEATURE_BZIP2_DECOMPRESS=y
# CONFIG_CPIO is not set
# CONFIG_FEATURE_CPIO_O is not set
# CONFIG_FEATURE_CPIO_P is not set
@@ -159,6 +159,7 @@ CONFIG_XZCAT=y
# CONFIG_FEATURE_GZIP_LONG_OPTIONS is not set
CONFIG_GZIP_FAST=0
# CONFIG_FEATURE_GZIP_LEVELS is not set
CONFIG_FEATURE_GZIP_DECOMPRESS=y
# CONFIG_LZOP is not set
CONFIG_UNLZOP=y
CONFIG_LZOPCAT=y
@@ -166,26 +167,29 @@ CONFIG_LZOPCAT=y
# CONFIG_RPM2CPIO is not set
# CONFIG_RPM is not set
# CONFIG_TAR is not set
# CONFIG_FEATURE_TAR_LONG_OPTIONS is not set
# CONFIG_FEATURE_TAR_CREATE is not set
# CONFIG_FEATURE_TAR_AUTODETECT is not set
# CONFIG_FEATURE_TAR_FROM is not set
# CONFIG_FEATURE_TAR_OLDGNU_COMPATIBILITY is not set
# CONFIG_FEATURE_TAR_OLDSUN_COMPATIBILITY is not set
# CONFIG_FEATURE_TAR_GNU_EXTENSIONS is not set
# CONFIG_FEATURE_TAR_LONG_OPTIONS is not set
# CONFIG_FEATURE_TAR_TO_COMMAND is not set
# CONFIG_FEATURE_TAR_UNAME_GNAME is not set
# CONFIG_FEATURE_TAR_NOPRESERVE_TIME is not set
# CONFIG_FEATURE_TAR_SELINUX is not set
# CONFIG_UNZIP is not set
# CONFIG_FEATURE_UNZIP_CDF is not set
# CONFIG_FEATURE_UNZIP_BZIP2 is not set
# CONFIG_FEATURE_UNZIP_LZMA is not set
# CONFIG_FEATURE_UNZIP_XZ is not set
#
# Coreutils
#
CONFIG_BASENAME=y
# CONFIG_CAL is not set
CONFIG_CAT=y
CONFIG_CATV=y
CONFIG_FEATURE_CATV=y
CONFIG_CHGRP=y
CONFIG_CHMOD=y
CONFIG_CHOWN=y
@@ -222,6 +226,7 @@ CONFIG_ENV=y
# CONFIG_FEATURE_UNEXPAND_LONG_OPTIONS is not set
CONFIG_EXPR=y
CONFIG_EXPR_MATH_SUPPORT_64=y
CONFIG_FACTOR=y
CONFIG_FALSE=y
CONFIG_FOLD=y
# CONFIG_FSYNC is not set
@@ -232,12 +237,14 @@ CONFIG_ID=y
# CONFIG_GROUPS is not set
CONFIG_INSTALL=y
CONFIG_FEATURE_INSTALL_LONG_OPTIONS=y
CONFIG_LINK=y
CONFIG_LN=y
CONFIG_LOGNAME=y
CONFIG_LS=y
CONFIG_FEATURE_LS_FILETYPES=y
CONFIG_FEATURE_LS_FOLLOWLINKS=y
CONFIG_FEATURE_LS_RECURSIVE=y
CONFIG_FEATURE_LS_WIDTH=y
CONFIG_FEATURE_LS_SORTFILES=y
CONFIG_FEATURE_LS_TIMESTAMPS=y
CONFIG_FEATURE_LS_USERNAME=y
@@ -257,11 +264,15 @@ CONFIG_MKDIR=y
CONFIG_FEATURE_MKDIR_LONG_OPTIONS=y
CONFIG_MKFIFO=y
CONFIG_MKNOD=y
# CONFIG_MKTEMP is not set
CONFIG_MV=y
CONFIG_FEATURE_MV_LONG_OPTIONS=y
CONFIG_NICE=y
CONFIG_NL=y
CONFIG_NOHUP=y
CONFIG_NPROC=y
CONFIG_OD=y
CONFIG_PASTE=y
CONFIG_PRINTENV=y
CONFIG_PRINTF=y
CONFIG_PWD=y
@@ -272,6 +283,7 @@ CONFIG_RM=y
CONFIG_RMDIR=y
# CONFIG_FEATURE_RMDIR_LONG_OPTIONS is not set
CONFIG_SEQ=y
CONFIG_SHRED=y
# CONFIG_SHUF is not set
CONFIG_SLEEP=y
CONFIG_FEATURE_FANCY_SLEEP=y
@@ -296,6 +308,7 @@ CONFIG_TEST=y
CONFIG_TEST1=y
CONFIG_TEST2=y
CONFIG_FEATURE_TEST_64=y
# CONFIG_TIMEOUT is not set
CONFIG_TOUCH=y
# CONFIG_FEATURE_TOUCH_NODEREF is not set
CONFIG_FEATURE_TOUCH_SUSV3=y
@@ -317,6 +330,7 @@ CONFIG_WC=y
# CONFIG_FEATURE_WC_LARGE is not set
CONFIG_WHOAMI=y
CONFIG_WHO=y
CONFIG_W=y
# CONFIG_USERS is not set
CONFIG_YES=y
@@ -330,11 +344,6 @@ CONFIG_FEATURE_VERBOSE=y
#
CONFIG_FEATURE_PRESERVE_HARDLINKS=y
#
# Common options for ls, more and telnet
#
CONFIG_FEATURE_AUTOWIDTH=y
#
# Common options for df, du, ls
#
@@ -369,14 +378,13 @@ CONFIG_DEFAULT_SETFONT_DIR=""
#
# Debian Utilities
#
# CONFIG_MKTEMP is not set
# CONFIG_PIPE_PROGRESS is not set
CONFIG_RUN_PARTS=y
CONFIG_FEATURE_RUN_PARTS_LONG_OPTIONS=y
CONFIG_FEATURE_RUN_PARTS_FANCY=y
CONFIG_START_STOP_DAEMON=y
CONFIG_FEATURE_START_STOP_DAEMON_FANCY=y
CONFIG_FEATURE_START_STOP_DAEMON_LONG_OPTIONS=y
CONFIG_FEATURE_START_STOP_DAEMON_FANCY=y
CONFIG_WHICH=y
#
@@ -467,12 +475,10 @@ CONFIG_FEATURE_KILL_REMOVED=y
CONFIG_FEATURE_KILL_DELAY=0
CONFIG_FEATURE_INIT_SCTTY=y
CONFIG_FEATURE_INIT_SYSLOG=y
CONFIG_FEATURE_EXTRA_QUIET=y
CONFIG_FEATURE_INIT_QUIET=y
# CONFIG_FEATURE_INIT_COREDUMPS is not set
CONFIG_INIT_TERMINAL_TYPE="linux"
CONFIG_FEATURE_INIT_MODIFY_CMDLINE=y
CONFIG_MESG=y
CONFIG_FEATURE_MESG_ENABLE_ONLY_GROUP=y
#
# Login/Password Management Utilities
@@ -511,6 +517,7 @@ CONFIG_FEATURE_PASSWD_WEAK_CHECK=y
# CONFIG_SU is not set
# CONFIG_FEATURE_SU_SYSLOG is not set
# CONFIG_FEATURE_SU_CHECKS_SHELLS is not set
# CONFIG_FEATURE_SU_BLANK_PW_NEEDS_SECURE_TTY is not set
# CONFIG_SULOGIN is not set
# CONFIG_VLOCK is not set
@@ -525,6 +532,7 @@ CONFIG_FEATURE_PASSWD_WEAK_CHECK=y
#
# Linux Module Utilities
#
# CONFIG_MODPROBE_SMALL is not set
# CONFIG_DEPMOD is not set
# CONFIG_INSMOD is not set
# CONFIG_LSMOD is not set
@@ -532,22 +540,21 @@ CONFIG_FEATURE_PASSWD_WEAK_CHECK=y
# CONFIG_MODINFO is not set
# CONFIG_MODPROBE is not set
# CONFIG_FEATURE_MODPROBE_BLACKLIST is not set
# CONFIG_MODPROBE_SMALL is not set
# CONFIG_FEATURE_MODPROBE_SMALL_OPTIONS_ON_CMDLINE is not set
# CONFIG_FEATURE_MODPROBE_SMALL_CHECK_ALREADY_LOADED is not set
# CONFIG_RMMOD is not set
#
# Options common to multiple modutils
#
# CONFIG_FEATURE_CMDLINE_MODULE_OPTIONS is not set
# CONFIG_FEATURE_MODPROBE_SMALL_CHECK_ALREADY_LOADED is not set
# CONFIG_FEATURE_2_4_MODULES is not set
# CONFIG_FEATURE_INSMOD_TRY_MMAP is not set
# CONFIG_FEATURE_INSMOD_VERSION_CHECKING is not set
# CONFIG_FEATURE_INSMOD_KSYMOOPS_SYMBOLS is not set
# CONFIG_FEATURE_INSMOD_LOADINKMEM is not set
# CONFIG_FEATURE_INSMOD_LOAD_MAP is not set
# CONFIG_FEATURE_INSMOD_LOAD_MAP_FULL is not set
# CONFIG_FEATURE_CHECK_TAINTED_MODULE is not set
# CONFIG_FEATURE_INSMOD_TRY_MMAP is not set
# CONFIG_FEATURE_MODUTILS_ALIAS is not set
# CONFIG_FEATURE_MODUTILS_SYMBOLS is not set
CONFIG_DEFAULT_MODULES_DIR=""
@@ -562,8 +569,13 @@ CONFIG_DEFAULT_DEPMOD_FILE=""
# CONFIG_BLKID is not set
# CONFIG_FEATURE_BLKID_TYPE is not set
# CONFIG_BLOCKDEV is not set
# CONFIG_CAL is not set
# CONFIG_CHRT is not set
CONFIG_DMESG=y
CONFIG_FEATURE_DMESG_PRETTY=y
# CONFIG_EJECT is not set
# CONFIG_FEATURE_EJECT_SCSI is not set
CONFIG_FALLOCATE=y
# CONFIG_FATATTR is not set
# CONFIG_FBSET is not set
# CONFIG_FEATURE_FBSET_FANCY is not set
@@ -583,17 +595,22 @@ CONFIG_FEATURE_DMESG_PRETTY=y
# CONFIG_FDFLUSH is not set
CONFIG_FREERAMDISK=y
# CONFIG_FSCK_MINIX is not set
CONFIG_FSFREEZE=y
# CONFIG_FSTRIM is not set
CONFIG_GETOPT=y
CONFIG_FEATURE_GETOPT_LONG=y
# CONFIG_HEXDUMP is not set
# CONFIG_FEATURE_HEXDUMP_REVERSE is not set
# CONFIG_HD is not set
CONFIG_XXD=y
# CONFIG_HWCLOCK is not set
# CONFIG_FEATURE_HWCLOCK_LONG_OPTIONS is not set
# CONFIG_FEATURE_HWCLOCK_ADJTIME_FHS is not set
# CONFIG_IONICE is not set
# CONFIG_IPCRM is not set
# CONFIG_IPCS is not set
# CONFIG_LAST is not set
# CONFIG_FEATURE_LAST_FANCY is not set
# CONFIG_LOSETUP is not set
# CONFIG_LSPCI is not set
# CONFIG_LSUSB is not set
@@ -603,6 +620,8 @@ CONFIG_FEATURE_GETOPT_LONG=y
# CONFIG_FEATURE_MDEV_RENAME_REGEXP is not set
# CONFIG_FEATURE_MDEV_EXEC is not set
# CONFIG_FEATURE_MDEV_LOAD_FIRMWARE is not set
CONFIG_MESG=y
CONFIG_FEATURE_MESG_ENABLE_ONLY_GROUP=y
CONFIG_MKE2FS=y
# CONFIG_MKFS_EXT2 is not set
# CONFIG_MKFS_MINIX is not set
@@ -623,12 +642,14 @@ CONFIG_FEATURE_MOUNT_CIFS=y
CONFIG_FEATURE_MOUNT_FLAGS=y
CONFIG_FEATURE_MOUNT_FSTAB=y
CONFIG_FEATURE_MOUNT_OTHERTAB=y
# CONFIG_MOUNTPOINT is not set
# CONFIG_NSENTER is not set
# CONFIG_FEATURE_NSENTER_LONG_OPTS is not set
# CONFIG_PIVOT_ROOT is not set
# CONFIG_RDATE is not set
# CONFIG_RDEV is not set
# CONFIG_READPROFILE is not set
# CONFIG_RENICE is not set
# CONFIG_REV is not set
# CONFIG_RTCWAKE is not set
# CONFIG_SCRIPT is not set
@@ -636,15 +657,20 @@ CONFIG_FEATURE_MOUNT_OTHERTAB=y
# CONFIG_SETARCH is not set
CONFIG_LINUX32=y
CONFIG_LINUX64=y
CONFIG_SETPRIV=y
# CONFIG_SETSID is not set
CONFIG_SWAPON=y
# CONFIG_FEATURE_SWAPON_DISCARD is not set
# CONFIG_FEATURE_SWAPON_PRI is not set
CONFIG_SWAPOFF=y
# CONFIG_SWITCH_ROOT is not set
# CONFIG_TASKSET is not set
# CONFIG_FEATURE_TASKSET_FANCY is not set
# CONFIG_UEVENT is not set
CONFIG_UMOUNT=y
CONFIG_FEATURE_UMOUNT_ALL=y
# CONFIG_UNSHARE is not set
# CONFIG_WALL is not set
#
# Common options for mount/umount
@@ -694,7 +720,6 @@ CONFIG_FEATURE_BEEP_LENGTH_MS=0
# CONFIG_FEATURE_CHAT_SEND_ESCAPES is not set
# CONFIG_FEATURE_CHAT_VAR_ABORT_LEN is not set
# CONFIG_FEATURE_CHAT_CLR_ABORT is not set
# CONFIG_CHRT is not set
# CONFIG_CONSPY is not set
# CONFIG_CROND is not set
# CONFIG_FEATURE_CROND_D is not set
@@ -709,8 +734,6 @@ CONFIG_FEATURE_CROND_DIR=""
# CONFIG_DEVFSD_VERBOSE is not set
# CONFIG_FEATURE_DEVFS is not set
# CONFIG_DEVMEM is not set
# CONFIG_EJECT is not set
# CONFIG_FEATURE_EJECT_SCSI is not set
# CONFIG_FBSPLASH is not set
# CONFIG_FLASHCP is not set
# CONFIG_FLASH_ERASEALL is not set
@@ -728,9 +751,6 @@ CONFIG_FEATURE_CROND_DIR=""
# CONFIG_I2CDUMP is not set
# CONFIG_I2CDETECT is not set
# CONFIG_INOTIFYD is not set
# CONFIG_IONICE is not set
# CONFIG_LAST is not set
# CONFIG_FEATURE_LAST_FANCY is not set
# CONFIG_LESS is not set
CONFIG_FEATURE_LESS_MAXLINES=0
# CONFIG_FEATURE_LESS_BRACKETS is not set
@@ -742,27 +762,24 @@ CONFIG_FEATURE_LESS_MAXLINES=0
# CONFIG_FEATURE_LESS_ASK_TERMINAL is not set
# CONFIG_FEATURE_LESS_DASHCMD is not set
# CONFIG_FEATURE_LESS_LINENUMS is not set
CONFIG_LSSCSI=y
# CONFIG_MAKEDEVS is not set
# CONFIG_FEATURE_MAKEDEVS_LEAF is not set
# CONFIG_FEATURE_MAKEDEVS_TABLE is not set
# CONFIG_MAN is not set
# CONFIG_MICROCOM is not set
# CONFIG_MOUNTPOINT is not set
# CONFIG_MT is not set
# CONFIG_NANDWRITE is not set
# CONFIG_NANDDUMP is not set
CONFIG_PARTPROBE=y
# CONFIG_RAIDAUTORUN is not set
# CONFIG_READAHEAD is not set
# CONFIG_RFKILL is not set
# CONFIG_RUNLEVEL is not set
# CONFIG_RX is not set
CONFIG_SETSERIAL=y
# CONFIG_SETSID is not set
# CONFIG_STRINGS is not set
# CONFIG_TASKSET is not set
# CONFIG_FEATURE_TASKSET_FANCY is not set
# CONFIG_TIME is not set
# CONFIG_TIMEOUT is not set
# CONFIG_TTYSIZE is not set
# CONFIG_UBIRENAME is not set
# CONFIG_UBIATTACH is not set
@@ -772,7 +789,6 @@ CONFIG_SETSERIAL=y
# CONFIG_UBIRSVOL is not set
# CONFIG_UBIUPDATEVOL is not set
# CONFIG_VOLNAME is not set
# CONFIG_WALL is not set
# CONFIG_WATCHDOG is not set
#
@@ -822,8 +838,6 @@ CONFIG_IFUP=y
CONFIG_IFDOWN=y
CONFIG_IFUPDOWN_IFSTATE_PATH="/var/run/ifstate"
CONFIG_FEATURE_IFUPDOWN_IP=y
CONFIG_FEATURE_IFUPDOWN_IP_BUILTIN=y
# CONFIG_FEATURE_IFUPDOWN_IFCONFIG_BUILTIN is not set
CONFIG_FEATURE_IFUPDOWN_IPV4=y
# CONFIG_FEATURE_IFUPDOWN_IPV6 is not set
# CONFIG_FEATURE_IFUPDOWN_MAPPING is not set
@@ -836,6 +850,12 @@ CONFIG_FEATURE_IFUPDOWN_EXTERNAL_DHCP=y
# CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN is not set
# CONFIG_FEATURE_INETD_RPC is not set
CONFIG_IP=y
CONFIG_IPADDR=y
CONFIG_IPLINK=y
CONFIG_IPROUTE=y
# CONFIG_IPTUNNEL is not set
# CONFIG_IPRULE is not set
# CONFIG_IPNEIGH is not set
CONFIG_FEATURE_IP_ADDRESS=y
CONFIG_FEATURE_IP_LINK=y
CONFIG_FEATURE_IP_ROUTE=y
@@ -843,17 +863,10 @@ CONFIG_FEATURE_IP_ROUTE_DIR="/etc/iproute2"
# CONFIG_FEATURE_IP_TUNNEL is not set
# CONFIG_FEATURE_IP_RULE is not set
# CONFIG_FEATURE_IP_NEIGH is not set
CONFIG_FEATURE_IP_SHORT_FORMS=y
# CONFIG_FEATURE_IP_RARE_PROTOCOLS is not set
CONFIG_IPADDR=y
CONFIG_IPLINK=y
CONFIG_IPROUTE=y
# CONFIG_IPTUNNEL is not set
# CONFIG_IPRULE is not set
# CONFIG_IPNEIGH is not set
# CONFIG_IPCALC is not set
# CONFIG_FEATURE_IPCALC_FANCY is not set
# CONFIG_FEATURE_IPCALC_LONG_OPTIONS is not set
# CONFIG_FEATURE_IPCALC_FANCY is not set
# CONFIG_FAKEIDENTD is not set
# CONFIG_NAMEIF is not set
# CONFIG_FEATURE_NAMEIF_EXTENDED is not set
@@ -875,11 +888,13 @@ CONFIG_PING=y
# CONFIG_PSCAN is not set
CONFIG_ROUTE=y
# CONFIG_SLATTACH is not set
# CONFIG_SSL_CLIENT is not set
# CONFIG_TCPSVD is not set
# CONFIG_UDPSVD is not set
CONFIG_TELNET=y
CONFIG_FEATURE_TELNET_TTYPE=y
CONFIG_FEATURE_TELNET_AUTOLOGIN=y
CONFIG_FEATURE_TELNET_WIDTH=y
# CONFIG_TELNETD is not set
# CONFIG_FEATURE_TELNETD_STANDALONE is not set
# CONFIG_FEATURE_TELNETD_INETD_WAIT is not set
@@ -890,6 +905,7 @@ CONFIG_FEATURE_TELNET_AUTOLOGIN=y
# CONFIG_FEATURE_TFTP_BLOCKSIZE is not set
# CONFIG_FEATURE_TFTP_PROGRESS_BAR is not set
# CONFIG_TFTP_DEBUG is not set
# CONFIG_TLS is not set
# CONFIG_TRACEROUTE is not set
# CONFIG_TRACEROUTE6 is not set
# CONFIG_FEATURE_TRACEROUTE_VERBOSE is not set
@@ -898,29 +914,32 @@ CONFIG_FEATURE_TELNET_AUTOLOGIN=y
# CONFIG_FEATURE_TUNCTL_UG is not set
# CONFIG_VCONFIG is not set
CONFIG_WGET=y
# CONFIG_FEATURE_WGET_LONG_OPTIONS is not set
# CONFIG_FEATURE_WGET_STATUSBAR is not set
# CONFIG_FEATURE_WGET_AUTHENTICATION is not set
# CONFIG_FEATURE_WGET_LONG_OPTIONS is not set
# CONFIG_FEATURE_WGET_TIMEOUT is not set
# CONFIG_FEATURE_WGET_HTTPS is not set
# CONFIG_FEATURE_WGET_OPENSSL is not set
# CONFIG_FEATURE_WGET_SSL_HELPER is not set
# CONFIG_WHOIS is not set
# CONFIG_ZCIP is not set
# CONFIG_UDHCPC6 is not set
# CONFIG_FEATURE_UDHCPC6_RFC3646 is not set
# CONFIG_FEATURE_UDHCPC6_RFC4704 is not set
# CONFIG_FEATURE_UDHCPC6_RFC4833 is not set
# CONFIG_UDHCPD is not set
# CONFIG_DHCPRELAY is not set
# CONFIG_DUMPLEASES is not set
# CONFIG_FEATURE_UDHCPD_WRITE_LEASES_EARLY is not set
# CONFIG_FEATURE_UDHCPD_BASE_IP_ON_MAC is not set
CONFIG_DHCPD_LEASES_FILE=""
# CONFIG_DUMPLEASES is not set
# CONFIG_DHCPRELAY is not set
CONFIG_UDHCPC=y
# CONFIG_FEATURE_UDHCPC_ARPING is not set
CONFIG_FEATURE_UDHCPC_SANITIZEOPT=y
CONFIG_UDHCPC_DEFAULT_SCRIPT="/usr/share/udhcpc/default.script"
# CONFIG_FEATURE_UDHCP_PORT is not set
CONFIG_UDHCP_DEBUG=9
# CONFIG_FEATURE_UDHCP_RFC3397 is not set
# CONFIG_FEATURE_UDHCP_8021Q is not set
CONFIG_UDHCPC_DEFAULT_SCRIPT="/usr/share/udhcpc/default.script"
CONFIG_UDHCPC_SLACK_FOR_BUGGY_SERVERS=80
CONFIG_IFUPDOWN_UDHCPC_CMD_OPTIONS="-R -n"
@@ -961,18 +980,19 @@ CONFIG_KILLALL5=y
# CONFIG_FEATURE_PIDOF_OMIT is not set
# CONFIG_PMAP is not set
# CONFIG_POWERTOP is not set
# CONFIG_FEATURE_POWERTOP_INTERACTIVE is not set
CONFIG_PS=y
CONFIG_FEATURE_PS_WIDE=y
CONFIG_FEATURE_PS_LONG=y
# CONFIG_FEATURE_PS_TIME is not set
# CONFIG_FEATURE_PS_ADDITIONAL_COLUMNS is not set
# CONFIG_FEATURE_PS_UNUSUAL_SYSTEMS is not set
# CONFIG_FEATURE_PS_ADDITIONAL_COLUMNS is not set
# CONFIG_PSTREE is not set
# CONFIG_PWDX is not set
# CONFIG_RENICE is not set
# CONFIG_SMEMCAP is not set
# CONFIG_BB_SYSCTL is not set
# CONFIG_TOP is not set
# CONFIG_FEATURE_TOP_INTERACTIVE is not set
# CONFIG_FEATURE_TOP_CPU_USAGE_PERCENTAGE is not set
# CONFIG_FEATURE_TOP_CPU_GLOBAL_PERCENTS is not set
# CONFIG_FEATURE_TOP_SMP_CPU is not set
@@ -1018,27 +1038,32 @@ CONFIG_SVC=y
#
# Shells
#
# CONFIG_SH_IS_ASH is not set
CONFIG_SH_IS_HUSH=y
# CONFIG_SH_IS_NONE is not set
# CONFIG_BASH_IS_ASH is not set
# CONFIG_BASH_IS_HUSH is not set
CONFIG_BASH_IS_NONE=y
# CONFIG_ASH is not set
# CONFIG_ASH_OPTIMIZE_FOR_SIZE is not set
# CONFIG_ASH_INTERNAL_GLOB is not set
# CONFIG_ASH_RANDOM_SUPPORT is not set
# CONFIG_ASH_EXPAND_PRMT is not set
# CONFIG_ASH_BASH_COMPAT is not set
# CONFIG_ASH_IDLE_TIMEOUT is not set
# CONFIG_ASH_JOB_CONTROL is not set
# CONFIG_ASH_ALIAS is not set
# CONFIG_ASH_GETOPTS is not set
# CONFIG_ASH_BUILTIN_ECHO is not set
# CONFIG_ASH_BUILTIN_PRINTF is not set
# CONFIG_ASH_BUILTIN_TEST is not set
# CONFIG_ASH_HELP is not set
# CONFIG_ASH_CMDCMD is not set
# CONFIG_ASH_RANDOM_SUPPORT is not set
# CONFIG_ASH_EXPAND_PRMT is not set
# CONFIG_ASH_IDLE_TIMEOUT is not set
# CONFIG_ASH_MAIL is not set
# CONFIG_ASH_ECHO is not set
# CONFIG_ASH_PRINTF is not set
# CONFIG_ASH_TEST is not set
# CONFIG_ASH_HELP is not set
# CONFIG_ASH_GETOPTS is not set
# CONFIG_ASH_CMDCMD is not set
# CONFIG_CTTYHACK is not set
CONFIG_HUSH=y
CONFIG_HUSH_BASH_COMPAT=y
CONFIG_HUSH_BRACE_EXPANSION=y
CONFIG_HUSH_HELP=y
CONFIG_HUSH_INTERACTIVE=y
CONFIG_HUSH_SAVEHISTORY=y
CONFIG_HUSH_JOB=y
@@ -1049,17 +1074,30 @@ CONFIG_HUSH_CASE=y
CONFIG_HUSH_FUNCTIONS=y
CONFIG_HUSH_LOCAL=y
CONFIG_HUSH_RANDOM_SUPPORT=y
CONFIG_HUSH_EXPORT_N=y
CONFIG_HUSH_MODE_X=y
CONFIG_HUSH_ECHO=y
CONFIG_HUSH_PRINTF=y
CONFIG_HUSH_TEST=y
CONFIG_HUSH_HELP=y
CONFIG_HUSH_EXPORT=y
CONFIG_HUSH_EXPORT_N=y
CONFIG_HUSH_KILL=y
CONFIG_HUSH_WAIT=y
CONFIG_HUSH_TRAP=y
CONFIG_HUSH_TYPE=y
CONFIG_HUSH_READ=y
CONFIG_HUSH_SET=y
CONFIG_HUSH_UNSET=y
CONFIG_HUSH_ULIMIT=y
CONFIG_HUSH_UMASK=y
# CONFIG_HUSH_MEMLEAK is not set
# CONFIG_MSH is not set
# CONFIG_FEATURE_SH_IS_ASH is not set
CONFIG_FEATURE_SH_IS_HUSH=y
# CONFIG_FEATURE_SH_IS_NONE is not set
# CONFIG_FEATURE_BASH_IS_ASH is not set
# CONFIG_FEATURE_BASH_IS_HUSH is not set
CONFIG_FEATURE_BASH_IS_NONE=y
CONFIG_SH_MATH_SUPPORT=y
# CONFIG_SH_MATH_SUPPORT_64 is not set
#
# Options common to all shells
#
CONFIG_FEATURE_SH_MATH=y
CONFIG_FEATURE_SH_MATH_64=y
CONFIG_FEATURE_SH_EXTRA_QUIET=y
# CONFIG_FEATURE_SH_STANDALONE is not set
# CONFIG_FEATURE_SH_NOFORK is not set

176
bsp/buildroot/package/busybox/busybox.config
View File

@@ -1,7 +1,7 @@
#
# Automatically generated make config: don't edit
# Busybox version: 1.26.0
# Thu Dec 29 21:01:56 2016
# Busybox version: 1.27.1
# Sun Jul 30 15:27:03 2017
#
CONFIG_HAVE_DOT_CONFIG=y
@@ -12,7 +12,6 @@ CONFIG_DESKTOP=y
# CONFIG_EXTRA_COMPAT is not set
CONFIG_INCLUDE_SUSv2=y
# CONFIG_USE_PORTABLE_CODE is not set
CONFIG_PLATFORM_LINUX=y
CONFIG_SHOW_USAGE=y
CONFIG_FEATURE_VERBOSE_USAGE=y
# CONFIG_FEATURE_COMPRESS_USAGE is not set
@@ -35,6 +34,7 @@ CONFIG_FEATURE_SUID=y
CONFIG_BUSYBOX_EXEC_PATH="/proc/self/exe"
CONFIG_FEATURE_SYSLOG=y
# CONFIG_FEATURE_HAVE_RPC is not set
CONFIG_PLATFORM_LINUX=y
#
# Build Options
@@ -89,7 +89,6 @@ CONFIG_MD5_SMALL=1
CONFIG_SHA3_SMALL=1
# CONFIG_FEATURE_FAST_TOP is not set
# CONFIG_FEATURE_ETC_NETWORKS is not set
CONFIG_FEATURE_USE_TERMIOS=y
CONFIG_FEATURE_EDITING=y
CONFIG_FEATURE_EDITING_MAX_LEN=1024
CONFIG_FEATURE_EDITING_VI=y
@@ -150,6 +149,7 @@ CONFIG_UNXZ=y
CONFIG_XZCAT=y
CONFIG_XZ=y
# CONFIG_BZIP2 is not set
CONFIG_FEATURE_BZIP2_DECOMPRESS=y
CONFIG_CPIO=y
# CONFIG_FEATURE_CPIO_O is not set
# CONFIG_FEATURE_CPIO_P is not set
@@ -159,6 +159,7 @@ CONFIG_GZIP=y
# CONFIG_FEATURE_GZIP_LONG_OPTIONS is not set
CONFIG_GZIP_FAST=0
# CONFIG_FEATURE_GZIP_LEVELS is not set
CONFIG_FEATURE_GZIP_DECOMPRESS=y
# CONFIG_LZOP is not set
CONFIG_UNLZOP=y
CONFIG_LZOPCAT=y
@@ -166,26 +167,29 @@ CONFIG_LZOPCAT=y
# CONFIG_RPM2CPIO is not set
# CONFIG_RPM is not set
CONFIG_TAR=y
CONFIG_FEATURE_TAR_LONG_OPTIONS=y
CONFIG_FEATURE_TAR_CREATE=y
# CONFIG_FEATURE_TAR_AUTODETECT is not set
CONFIG_FEATURE_TAR_FROM=y
# CONFIG_FEATURE_TAR_OLDGNU_COMPATIBILITY is not set
# CONFIG_FEATURE_TAR_OLDSUN_COMPATIBILITY is not set
CONFIG_FEATURE_TAR_GNU_EXTENSIONS=y
CONFIG_FEATURE_TAR_LONG_OPTIONS=y
CONFIG_FEATURE_TAR_TO_COMMAND=y
# CONFIG_FEATURE_TAR_UNAME_GNAME is not set
# CONFIG_FEATURE_TAR_NOPRESERVE_TIME is not set
# CONFIG_FEATURE_TAR_SELINUX is not set
CONFIG_UNZIP=y
CONFIG_FEATURE_UNZIP_CDF=y
CONFIG_FEATURE_UNZIP_BZIP2=y
CONFIG_FEATURE_UNZIP_LZMA=y
CONFIG_FEATURE_UNZIP_XZ=y
#
# Coreutils
#
CONFIG_BASENAME=y
# CONFIG_CAL is not set
CONFIG_CAT=y
CONFIG_CATV=y
CONFIG_FEATURE_CATV=y
CONFIG_CHGRP=y
CONFIG_CHMOD=y
CONFIG_CHOWN=y
@@ -222,6 +226,7 @@ CONFIG_ENV=y
# CONFIG_FEATURE_UNEXPAND_LONG_OPTIONS is not set
CONFIG_EXPR=y
CONFIG_EXPR_MATH_SUPPORT_64=y
CONFIG_FACTOR=y
CONFIG_FALSE=y
CONFIG_FOLD=y
# CONFIG_FSYNC is not set
@@ -232,12 +237,14 @@ CONFIG_ID=y
# CONFIG_GROUPS is not set
CONFIG_INSTALL=y
CONFIG_FEATURE_INSTALL_LONG_OPTIONS=y
CONFIG_LINK=y
CONFIG_LN=y
CONFIG_LOGNAME=y
CONFIG_LS=y
CONFIG_FEATURE_LS_FILETYPES=y
CONFIG_FEATURE_LS_FOLLOWLINKS=y
CONFIG_FEATURE_LS_RECURSIVE=y
CONFIG_FEATURE_LS_WIDTH=y
CONFIG_FEATURE_LS_SORTFILES=y
CONFIG_FEATURE_LS_TIMESTAMPS=y
CONFIG_FEATURE_LS_USERNAME=y
@@ -257,11 +264,15 @@ CONFIG_MKDIR=y
CONFIG_FEATURE_MKDIR_LONG_OPTIONS=y
CONFIG_MKFIFO=y
CONFIG_MKNOD=y
CONFIG_MKTEMP=y
CONFIG_MV=y
CONFIG_FEATURE_MV_LONG_OPTIONS=y
CONFIG_NICE=y
CONFIG_NL=y
CONFIG_NOHUP=y
CONFIG_NPROC=y
CONFIG_OD=y
CONFIG_PASTE=y
CONFIG_PRINTENV=y
CONFIG_PRINTF=y
CONFIG_PWD=y
@@ -272,6 +283,7 @@ CONFIG_RM=y
CONFIG_RMDIR=y
# CONFIG_FEATURE_RMDIR_LONG_OPTIONS is not set
CONFIG_SEQ=y
CONFIG_SHRED=y
# CONFIG_SHUF is not set
CONFIG_SLEEP=y
CONFIG_FEATURE_FANCY_SLEEP=y
@@ -296,6 +308,7 @@ CONFIG_TEST=y
CONFIG_TEST1=y
CONFIG_TEST2=y
CONFIG_FEATURE_TEST_64=y
# CONFIG_TIMEOUT is not set
CONFIG_TOUCH=y
# CONFIG_FEATURE_TOUCH_NODEREF is not set
CONFIG_FEATURE_TOUCH_SUSV3=y
@@ -317,6 +330,7 @@ CONFIG_WC=y
# CONFIG_FEATURE_WC_LARGE is not set
CONFIG_WHOAMI=y
CONFIG_WHO=y
CONFIG_W=y
# CONFIG_USERS is not set
CONFIG_YES=y
@@ -330,11 +344,6 @@ CONFIG_FEATURE_VERBOSE=y
#
CONFIG_FEATURE_PRESERVE_HARDLINKS=y
#
# Common options for ls, more and telnet
#
CONFIG_FEATURE_AUTOWIDTH=y
#
# Common options for df, du, ls
#
@@ -373,14 +382,13 @@ CONFIG_SETLOGCONS=y
#
# Debian Utilities
#
CONFIG_MKTEMP=y
CONFIG_PIPE_PROGRESS=y
CONFIG_RUN_PARTS=y
CONFIG_FEATURE_RUN_PARTS_LONG_OPTIONS=y
# CONFIG_FEATURE_RUN_PARTS_FANCY is not set
CONFIG_START_STOP_DAEMON=y
CONFIG_FEATURE_START_STOP_DAEMON_FANCY=y
CONFIG_FEATURE_START_STOP_DAEMON_LONG_OPTIONS=y
CONFIG_FEATURE_START_STOP_DAEMON_FANCY=y
CONFIG_WHICH=y
#
@@ -471,12 +479,10 @@ CONFIG_FEATURE_KILL_REMOVED=y
CONFIG_FEATURE_KILL_DELAY=0
CONFIG_FEATURE_INIT_SCTTY=y
CONFIG_FEATURE_INIT_SYSLOG=y
CONFIG_FEATURE_EXTRA_QUIET=y
CONFIG_FEATURE_INIT_QUIET=y
# CONFIG_FEATURE_INIT_COREDUMPS is not set
CONFIG_INIT_TERMINAL_TYPE="linux"
CONFIG_FEATURE_INIT_MODIFY_CMDLINE=y
CONFIG_MESG=y
CONFIG_FEATURE_MESG_ENABLE_ONLY_GROUP=y
#
# Login/Password Management Utilities
@@ -515,6 +521,7 @@ CONFIG_FEATURE_PASSWD_WEAK_CHECK=y
CONFIG_SU=y
CONFIG_FEATURE_SU_SYSLOG=y
CONFIG_FEATURE_SU_CHECKS_SHELLS=y
# CONFIG_FEATURE_SU_BLANK_PW_NEEDS_SECURE_TTY is not set
CONFIG_SULOGIN=y
CONFIG_VLOCK=y
@@ -529,6 +536,7 @@ CONFIG_LSATTR=y
#
# Linux Module Utilities
#
# CONFIG_MODPROBE_SMALL is not set
# CONFIG_DEPMOD is not set
CONFIG_INSMOD=y
CONFIG_LSMOD=y
@@ -536,22 +544,21 @@ CONFIG_FEATURE_LSMOD_PRETTY_2_6_OUTPUT=y
# CONFIG_MODINFO is not set
CONFIG_MODPROBE=y
# CONFIG_FEATURE_MODPROBE_BLACKLIST is not set
# CONFIG_MODPROBE_SMALL is not set
# CONFIG_FEATURE_MODPROBE_SMALL_OPTIONS_ON_CMDLINE is not set
# CONFIG_FEATURE_MODPROBE_SMALL_CHECK_ALREADY_LOADED is not set
CONFIG_RMMOD=y
#
# Options common to multiple modutils
#
CONFIG_FEATURE_CMDLINE_MODULE_OPTIONS=y
# CONFIG_FEATURE_MODPROBE_SMALL_CHECK_ALREADY_LOADED is not set
# CONFIG_FEATURE_2_4_MODULES is not set
# CONFIG_FEATURE_INSMOD_TRY_MMAP is not set
# CONFIG_FEATURE_INSMOD_VERSION_CHECKING is not set
# CONFIG_FEATURE_INSMOD_KSYMOOPS_SYMBOLS is not set
# CONFIG_FEATURE_INSMOD_LOADINKMEM is not set
# CONFIG_FEATURE_INSMOD_LOAD_MAP is not set
# CONFIG_FEATURE_INSMOD_LOAD_MAP_FULL is not set
CONFIG_FEATURE_CHECK_TAINTED_MODULE=y
# CONFIG_FEATURE_INSMOD_TRY_MMAP is not set
CONFIG_FEATURE_MODUTILS_ALIAS=y
CONFIG_FEATURE_MODUTILS_SYMBOLS=y
CONFIG_DEFAULT_MODULES_DIR="/lib/modules"
@@ -566,8 +573,13 @@ CONFIG_DEFAULT_DEPMOD_FILE="modules.dep"
CONFIG_BLKID=y
# CONFIG_FEATURE_BLKID_TYPE is not set
# CONFIG_BLOCKDEV is not set
# CONFIG_CAL is not set
CONFIG_CHRT=y
CONFIG_DMESG=y
CONFIG_FEATURE_DMESG_PRETTY=y
CONFIG_EJECT=y
# CONFIG_FEATURE_EJECT_SCSI is not set
CONFIG_FALLOCATE=y
# CONFIG_FATATTR is not set
CONFIG_FBSET=y
CONFIG_FEATURE_FBSET_FANCY=y
@@ -587,17 +599,22 @@ CONFIG_FLOCK=y
CONFIG_FDFLUSH=y
CONFIG_FREERAMDISK=y
# CONFIG_FSCK_MINIX is not set
CONFIG_FSFREEZE=y
CONFIG_FSTRIM=y
CONFIG_GETOPT=y
CONFIG_FEATURE_GETOPT_LONG=y
CONFIG_HEXDUMP=y
# CONFIG_FEATURE_HEXDUMP_REVERSE is not set
# CONFIG_HD is not set
CONFIG_XXD=y
CONFIG_HWCLOCK=y
CONFIG_FEATURE_HWCLOCK_LONG_OPTIONS=y
CONFIG_FEATURE_HWCLOCK_ADJTIME_FHS=y
# CONFIG_IONICE is not set
CONFIG_IPCRM=y
CONFIG_IPCS=y
CONFIG_LAST=y
# CONFIG_FEATURE_LAST_FANCY is not set
CONFIG_LOSETUP=y
CONFIG_LSPCI=y
CONFIG_LSUSB=y
@@ -607,6 +624,8 @@ CONFIG_FEATURE_MDEV_RENAME=y
# CONFIG_FEATURE_MDEV_RENAME_REGEXP is not set
CONFIG_FEATURE_MDEV_EXEC=y
# CONFIG_FEATURE_MDEV_LOAD_FIRMWARE is not set
CONFIG_MESG=y
CONFIG_FEATURE_MESG_ENABLE_ONLY_GROUP=y
CONFIG_MKE2FS=y
# CONFIG_MKFS_EXT2 is not set
# CONFIG_MKFS_MINIX is not set
@@ -627,12 +646,14 @@ CONFIG_FEATURE_MOUNT_CIFS=y
CONFIG_FEATURE_MOUNT_FLAGS=y
CONFIG_FEATURE_MOUNT_FSTAB=y
CONFIG_FEATURE_MOUNT_OTHERTAB=y
CONFIG_MOUNTPOINT=y
# CONFIG_NSENTER is not set
# CONFIG_FEATURE_NSENTER_LONG_OPTS is not set
CONFIG_PIVOT_ROOT=y
CONFIG_RDATE=y
# CONFIG_RDEV is not set
CONFIG_READPROFILE=y
CONFIG_RENICE=y
# CONFIG_REV is not set
# CONFIG_RTCWAKE is not set
# CONFIG_SCRIPT is not set
@@ -640,15 +661,20 @@ CONFIG_READPROFILE=y
CONFIG_SETARCH=y
CONFIG_LINUX32=y
CONFIG_LINUX64=y
CONFIG_SETPRIV=y
CONFIG_SETSID=y
CONFIG_SWAPON=y
# CONFIG_FEATURE_SWAPON_DISCARD is not set
# CONFIG_FEATURE_SWAPON_PRI is not set
CONFIG_SWAPOFF=y
CONFIG_SWITCH_ROOT=y
# CONFIG_TASKSET is not set
# CONFIG_FEATURE_TASKSET_FANCY is not set
CONFIG_UEVENT=y
CONFIG_UMOUNT=y
CONFIG_FEATURE_UMOUNT_ALL=y
# CONFIG_UNSHARE is not set
# CONFIG_WALL is not set
#
# Common options for mount/umount
@@ -702,7 +728,6 @@ CONFIG_FEATURE_BEEP_LENGTH_MS=0
# CONFIG_FEATURE_CHAT_SEND_ESCAPES is not set
# CONFIG_FEATURE_CHAT_VAR_ABORT_LEN is not set
# CONFIG_FEATURE_CHAT_CLR_ABORT is not set
CONFIG_CHRT=y
# CONFIG_CONSPY is not set
CONFIG_CROND=y
# CONFIG_FEATURE_CROND_D is not set
@@ -717,8 +742,6 @@ CONFIG_DC=y
# CONFIG_DEVFSD_VERBOSE is not set
# CONFIG_FEATURE_DEVFS is not set
CONFIG_DEVMEM=y
CONFIG_EJECT=y
# CONFIG_FEATURE_EJECT_SCSI is not set
# CONFIG_FBSPLASH is not set
# CONFIG_FLASHCP is not set
# CONFIG_FLASH_ERASEALL is not set
@@ -736,9 +759,6 @@ CONFIG_I2CSET=y
CONFIG_I2CDUMP=y
CONFIG_I2CDETECT=y
# CONFIG_INOTIFYD is not set
# CONFIG_IONICE is not set
CONFIG_LAST=y
# CONFIG_FEATURE_LAST_FANCY is not set
CONFIG_LESS=y
CONFIG_FEATURE_LESS_MAXLINES=9999999
CONFIG_FEATURE_LESS_BRACKETS=y
@@ -750,27 +770,24 @@ CONFIG_FEATURE_LESS_REGEXP=y
# CONFIG_FEATURE_LESS_ASK_TERMINAL is not set
# CONFIG_FEATURE_LESS_DASHCMD is not set
# CONFIG_FEATURE_LESS_LINENUMS is not set
CONFIG_LSSCSI=y
CONFIG_MAKEDEVS=y
# CONFIG_FEATURE_MAKEDEVS_LEAF is not set
CONFIG_FEATURE_MAKEDEVS_TABLE=y
# CONFIG_MAN is not set
CONFIG_MICROCOM=y
CONFIG_MOUNTPOINT=y
CONFIG_MT=y
# CONFIG_NANDWRITE is not set
# CONFIG_NANDDUMP is not set
CONFIG_PARTPROBE=y
# CONFIG_RAIDAUTORUN is not set
# CONFIG_READAHEAD is not set
# CONFIG_RFKILL is not set
CONFIG_RUNLEVEL=y
# CONFIG_RX is not set
CONFIG_SETSERIAL=y
CONFIG_SETSID=y
CONFIG_STRINGS=y
# CONFIG_TASKSET is not set
# CONFIG_FEATURE_TASKSET_FANCY is not set
CONFIG_TIME=y
# CONFIG_TIMEOUT is not set
# CONFIG_TTYSIZE is not set
CONFIG_UBIRENAME=y
# CONFIG_UBIATTACH is not set
@@ -780,7 +797,6 @@ CONFIG_UBIRENAME=y
# CONFIG_UBIRSVOL is not set
# CONFIG_UBIUPDATEVOL is not set
# CONFIG_VOLNAME is not set
# CONFIG_WALL is not set
CONFIG_WATCHDOG=y
#
@@ -830,8 +846,6 @@ CONFIG_IFUP=y
CONFIG_IFDOWN=y
CONFIG_IFUPDOWN_IFSTATE_PATH="/var/run/ifstate"
CONFIG_FEATURE_IFUPDOWN_IP=y
# CONFIG_FEATURE_IFUPDOWN_IP_BUILTIN is not set
# CONFIG_FEATURE_IFUPDOWN_IFCONFIG_BUILTIN is not set
CONFIG_FEATURE_IFUPDOWN_IPV4=y
CONFIG_FEATURE_IFUPDOWN_IPV6=y
CONFIG_FEATURE_IFUPDOWN_MAPPING=y
@@ -844,6 +858,12 @@ CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_DAYTIME=y
CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN=y
# CONFIG_FEATURE_INETD_RPC is not set
CONFIG_IP=y
CONFIG_IPADDR=y
CONFIG_IPLINK=y
CONFIG_IPROUTE=y
CONFIG_IPTUNNEL=y
CONFIG_IPRULE=y
CONFIG_IPNEIGH=y
CONFIG_FEATURE_IP_ADDRESS=y
CONFIG_FEATURE_IP_LINK=y
CONFIG_FEATURE_IP_ROUTE=y
@@ -851,17 +871,10 @@ CONFIG_FEATURE_IP_ROUTE_DIR="/etc/iproute2"
CONFIG_FEATURE_IP_TUNNEL=y
CONFIG_FEATURE_IP_RULE=y
CONFIG_FEATURE_IP_NEIGH=y
CONFIG_FEATURE_IP_SHORT_FORMS=y
# CONFIG_FEATURE_IP_RARE_PROTOCOLS is not set
CONFIG_IPADDR=y
CONFIG_IPLINK=y
CONFIG_IPROUTE=y
CONFIG_IPTUNNEL=y
CONFIG_IPRULE=y
CONFIG_IPNEIGH=y
# CONFIG_IPCALC is not set
# CONFIG_FEATURE_IPCALC_FANCY is not set
# CONFIG_FEATURE_IPCALC_LONG_OPTIONS is not set
# CONFIG_FEATURE_IPCALC_FANCY is not set
# CONFIG_FAKEIDENTD is not set
CONFIG_NAMEIF=y
# CONFIG_FEATURE_NAMEIF_EXTENDED is not set
@@ -883,11 +896,13 @@ CONFIG_FEATURE_FANCY_PING=y
# CONFIG_PSCAN is not set
CONFIG_ROUTE=y
# CONFIG_SLATTACH is not set
# CONFIG_SSL_CLIENT is not set
# CONFIG_TCPSVD is not set
# CONFIG_UDPSVD is not set
CONFIG_TELNET=y
CONFIG_FEATURE_TELNET_TTYPE=y
CONFIG_FEATURE_TELNET_AUTOLOGIN=y
CONFIG_FEATURE_TELNET_WIDTH=y
# CONFIG_TELNETD is not set
# CONFIG_FEATURE_TELNETD_STANDALONE is not set
# CONFIG_FEATURE_TELNETD_INETD_WAIT is not set
@@ -902,6 +917,7 @@ CONFIG_FEATURE_TFTP_PUT=y
CONFIG_FEATURE_TFTP_BLOCKSIZE=y
# CONFIG_FEATURE_TFTP_PROGRESS_BAR is not set
# CONFIG_TFTP_DEBUG is not set
# CONFIG_TLS is not set
CONFIG_TRACEROUTE=y
# CONFIG_TRACEROUTE6 is not set
# CONFIG_FEATURE_TRACEROUTE_VERBOSE is not set
@@ -910,29 +926,32 @@ CONFIG_TRACEROUTE=y
# CONFIG_FEATURE_TUNCTL_UG is not set
CONFIG_VCONFIG=y
CONFIG_WGET=y
CONFIG_FEATURE_WGET_LONG_OPTIONS=y
CONFIG_FEATURE_WGET_STATUSBAR=y
CONFIG_FEATURE_WGET_AUTHENTICATION=y
CONFIG_FEATURE_WGET_LONG_OPTIONS=y
CONFIG_FEATURE_WGET_TIMEOUT=y
# CONFIG_FEATURE_WGET_HTTPS is not set
# CONFIG_FEATURE_WGET_OPENSSL is not set
# CONFIG_FEATURE_WGET_SSL_HELPER is not set
# CONFIG_WHOIS is not set
# CONFIG_ZCIP is not set
# CONFIG_UDHCPC6 is not set
# CONFIG_FEATURE_UDHCPC6_RFC3646 is not set
# CONFIG_FEATURE_UDHCPC6_RFC4704 is not set
# CONFIG_FEATURE_UDHCPC6_RFC4833 is not set
# CONFIG_UDHCPD is not set
# CONFIG_DHCPRELAY is not set
# CONFIG_DUMPLEASES is not set
# CONFIG_FEATURE_UDHCPD_WRITE_LEASES_EARLY is not set
# CONFIG_FEATURE_UDHCPD_BASE_IP_ON_MAC is not set
CONFIG_DHCPD_LEASES_FILE=""
# CONFIG_DUMPLEASES is not set
# CONFIG_DHCPRELAY is not set
CONFIG_UDHCPC=y
CONFIG_FEATURE_UDHCPC_ARPING=y
CONFIG_FEATURE_UDHCPC_SANITIZEOPT=y
CONFIG_UDHCPC_DEFAULT_SCRIPT="/usr/share/udhcpc/default.script"
# CONFIG_FEATURE_UDHCP_PORT is not set
CONFIG_UDHCP_DEBUG=0
# CONFIG_FEATURE_UDHCP_RFC3397 is not set
CONFIG_FEATURE_UDHCP_8021Q=y
CONFIG_UDHCPC_DEFAULT_SCRIPT="/usr/share/udhcpc/default.script"
CONFIG_UDHCPC_SLACK_FOR_BUGGY_SERVERS=80
CONFIG_IFUPDOWN_UDHCPC_CMD_OPTIONS="-R -n"
@@ -973,18 +992,19 @@ CONFIG_FEATURE_PIDOF_SINGLE=y
CONFIG_FEATURE_PIDOF_OMIT=y
# CONFIG_PMAP is not set
# CONFIG_POWERTOP is not set
# CONFIG_FEATURE_POWERTOP_INTERACTIVE is not set
CONFIG_PS=y
# CONFIG_FEATURE_PS_WIDE is not set
# CONFIG_FEATURE_PS_LONG is not set
# CONFIG_FEATURE_PS_TIME is not set
# CONFIG_FEATURE_PS_ADDITIONAL_COLUMNS is not set
# CONFIG_FEATURE_PS_UNUSUAL_SYSTEMS is not set
# CONFIG_FEATURE_PS_ADDITIONAL_COLUMNS is not set
# CONFIG_PSTREE is not set
# CONFIG_PWDX is not set
CONFIG_RENICE=y
# CONFIG_SMEMCAP is not set
CONFIG_BB_SYSCTL=y
CONFIG_TOP=y
CONFIG_FEATURE_TOP_INTERACTIVE=y
CONFIG_FEATURE_TOP_CPU_USAGE_PERCENTAGE=y
CONFIG_FEATURE_TOP_CPU_GLOBAL_PERCENTS=y
# CONFIG_FEATURE_TOP_SMP_CPU is not set
@@ -1030,27 +1050,32 @@ CONFIG_SVC=y
#
# Shells
#
CONFIG_SH_IS_ASH=y
# CONFIG_SH_IS_HUSH is not set
# CONFIG_SH_IS_NONE is not set
# CONFIG_BASH_IS_ASH is not set
# CONFIG_BASH_IS_HUSH is not set
CONFIG_BASH_IS_NONE=y
CONFIG_ASH=y
CONFIG_ASH_OPTIMIZE_FOR_SIZE=y
CONFIG_ASH_INTERNAL_GLOB=y
CONFIG_ASH_RANDOM_SUPPORT=y
CONFIG_ASH_EXPAND_PRMT=y
CONFIG_ASH_BASH_COMPAT=y
CONFIG_ASH_IDLE_TIMEOUT=y
CONFIG_ASH_JOB_CONTROL=y
CONFIG_ASH_ALIAS=y
CONFIG_ASH_GETOPTS=y
CONFIG_ASH_BUILTIN_ECHO=y
CONFIG_ASH_BUILTIN_PRINTF=y
CONFIG_ASH_BUILTIN_TEST=y
CONFIG_ASH_HELP=y
CONFIG_ASH_CMDCMD=y
CONFIG_ASH_RANDOM_SUPPORT=y
CONFIG_ASH_EXPAND_PRMT=y
CONFIG_ASH_IDLE_TIMEOUT=y
# CONFIG_ASH_MAIL is not set
CONFIG_ASH_ECHO=y
CONFIG_ASH_PRINTF=y
CONFIG_ASH_TEST=y
CONFIG_ASH_HELP=y
CONFIG_ASH_GETOPTS=y
CONFIG_ASH_CMDCMD=y
# CONFIG_CTTYHACK is not set
# CONFIG_HUSH is not set
# CONFIG_HUSH_BASH_COMPAT is not set
# CONFIG_HUSH_BRACE_EXPANSION is not set
# CONFIG_HUSH_HELP is not set
# CONFIG_HUSH_INTERACTIVE is not set
# CONFIG_HUSH_SAVEHISTORY is not set
# CONFIG_HUSH_JOB is not set
@@ -1061,17 +1086,30 @@ CONFIG_ASH_CMDCMD=y
# CONFIG_HUSH_FUNCTIONS is not set
# CONFIG_HUSH_LOCAL is not set
# CONFIG_HUSH_RANDOM_SUPPORT is not set
# CONFIG_HUSH_EXPORT_N is not set
# CONFIG_HUSH_MODE_X is not set
# CONFIG_HUSH_ECHO is not set
# CONFIG_HUSH_PRINTF is not set
# CONFIG_HUSH_TEST is not set
# CONFIG_HUSH_HELP is not set
# CONFIG_HUSH_EXPORT is not set
# CONFIG_HUSH_EXPORT_N is not set
# CONFIG_HUSH_KILL is not set
# CONFIG_HUSH_WAIT is not set
# CONFIG_HUSH_TRAP is not set
# CONFIG_HUSH_TYPE is not set
# CONFIG_HUSH_READ is not set
# CONFIG_HUSH_SET is not set
# CONFIG_HUSH_UNSET is not set
# CONFIG_HUSH_ULIMIT is not set
# CONFIG_HUSH_UMASK is not set
# CONFIG_HUSH_MEMLEAK is not set
# CONFIG_MSH is not set
CONFIG_FEATURE_SH_IS_ASH=y
# CONFIG_FEATURE_SH_IS_HUSH is not set
# CONFIG_FEATURE_SH_IS_NONE is not set
# CONFIG_FEATURE_BASH_IS_ASH is not set
# CONFIG_FEATURE_BASH_IS_HUSH is not set
CONFIG_FEATURE_BASH_IS_NONE=y
CONFIG_SH_MATH_SUPPORT=y
# CONFIG_SH_MATH_SUPPORT_64 is not set
#
# Options common to all shells
#
CONFIG_FEATURE_SH_MATH=y
CONFIG_FEATURE_SH_MATH_64=y
CONFIG_FEATURE_SH_EXTRA_QUIET=y
# CONFIG_FEATURE_SH_STANDALONE is not set
# CONFIG_FEATURE_SH_NOFORK is not set

6
bsp/buildroot/package/busybox/busybox.hash
View File

@@ -1,3 +1,3 @@
# From https://busybox.net/downloads/busybox-1.26.2.tar.bz2.sign
md5 bb59d25ee2643db20f212eec539429f1 busybox-1.26.2.tar.bz2
sha1 0b3e3cd49d6d9e30f66e364bf842663348b23dc9 busybox-1.26.2.tar.bz2
# From https://busybox.net/downloads/busybox-1.27.2.tar.bz2.sign
md5 476186f4bab81781dab2369bfd42734e busybox-1.27.2.tar.bz2
sha1 11669e223cc38de646ce26080e91ca29b8d42ad9 busybox-1.27.2.tar.bz2

2
bsp/buildroot/package/busybox/busybox.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
BUSYBOX_VERSION = 1.26.2
BUSYBOX_VERSION = 1.27.2
BUSYBOX_SITE = http://www.busybox.net/downloads
BUSYBOX_SOURCE = busybox-$(BUSYBOX_VERSION).tar.bz2
BUSYBOX_LICENSE = GPLv2

2
bsp/buildroot/package/clamav/clamav.hash
View File

@@ -1,5 +1,5 @@
# Locally calculated
sha256 00fa5292a6e00a3a4035b826267748965d5d2c4943d8ff417d740238263e8e84 clamav-0.99.3.tar.gz
sha256 d72ac3273bde8d2e5e28ec9978373ee3ab4529fd868bc3fc4d2d2671228f2461 clamav-0.99.4.tar.gz
sha256 0c4fd2fa9733fc9122503797648710851e4ee6d9e4969dd33fcbd8c63cd2f584 COPYING
sha256 d72a145c90918184a05ef65a04c9e6f7466faa59bc1b82c8f6a8ddc7ddcb9bed COPYING.bzip2
sha256 dfb818a0d41411c6fb1c193c68b73018ceadd1994bda41ad541cbff292894bc6 COPYING.file

2
bsp/buildroot/package/clamav/clamav.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
CLAMAV_VERSION = 0.99.3
CLAMAV_VERSION = 0.99.4
CLAMAV_SITE = https://www.clamav.net/downloads/production
CLAMAV_LICENSE = GPLv2
CLAMAV_LICENSE_FILES = COPYING COPYING.bzip2 COPYING.file COPYING.getopt \

59
bsp/buildroot/package/dhcp/0003-Correct-buffer-overrun-in-pretty_print_option.patch Normal file
View File

@@ -0,0 +1,59 @@
From b8c29336bd5401a5f962bc6ddfa4ebb6f0274f3c Mon Sep 17 00:00:00 2001
From: Thomas Markwalder <tmark@isc.org>
Date: Sat, 10 Feb 2018 12:15:27 -0500
Subject: [PATCH 1/2] Correct buffer overrun in pretty_print_option
Merges in rt47139.
[baruch: drop RELNOTES and test; address CVE-2018-5732]
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Upstream status: backported from commit c5931725b48
---
common/options.c | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/common/options.c b/common/options.c
index 5547287fb6e5..2ed6b16c6412 100644
--- a/common/options.c
+++ b/common/options.c
@@ -1758,7 +1758,8 @@ format_min_length(format, oc)
/* Format the specified option so that a human can easily read it. */
-
+/* Maximum pretty printed size */
+#define MAX_OUTPUT_SIZE 32*1024
const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
struct option *option;
const unsigned char *data;
@@ -1766,8 +1767,9 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
int emit_commas;
int emit_quotes;
{
- static char optbuf [32768]; /* XXX */
- static char *endbuf = &optbuf[sizeof(optbuf)];
+ /* We add 128 byte pad so we don't have to add checks everywhere. */
+ static char optbuf [MAX_OUTPUT_SIZE + 128]; /* XXX */
+ static char *endbuf = optbuf + MAX_OUTPUT_SIZE;
int hunksize = 0;
int opthunk = 0;
int hunkinc = 0;
@@ -2193,7 +2195,14 @@ const char *pretty_print_option (option, data, len, emit_commas, emit_quotes)
log_error ("Unexpected format code %c",
fmtbuf [j]);
}
+
op += strlen (op);
+ if (op >= endbuf) {
+ log_error ("Option data exceeds"
+ " maximum size %d", MAX_OUTPUT_SIZE);
+ return ("<error>");
+ }
+
if (dp == data + len)
break;
if (j + 1 < numelem && comma != ':')
--
2.16.1

40
bsp/buildroot/package/dhcp/0004-Corrected-refcnt-loss-in-option-parsing.patch Normal file
View File

@@ -0,0 +1,40 @@
From 93b5b67dd31b9efcbfaabc2df1e1d9d164a5e04a Mon Sep 17 00:00:00 2001
From: Thomas Markwalder <tmark@isc.org>
Date: Fri, 9 Feb 2018 14:46:08 -0500
Subject: [PATCH 2/2] Corrected refcnt loss in option parsing
Merges in 47140.
[baruch: drop RELNOTES and tests; address CVE-2018-5733]
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Upstream status: backported from commit 197b26f25309
---
common/options.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/common/options.c b/common/options.c
index 2ed6b16c6412..25b29a6be7bb 100644
--- a/common/options.c
+++ b/common/options.c
@@ -3,7 +3,7 @@
DHCP options parsing and reassembly. */
/*
- * Copyright (c) 2004-2017 by Internet Systems Consortium, Inc. ("ISC")
+ * Copyright (c) 2004-2018 by Internet Systems Consortium, Inc. ("ISC")
* Copyright (c) 1995-2003 by Internet Software Consortium
*
* Permission to use, copy, modify, and distribute this software for any
@@ -177,6 +177,8 @@ int parse_option_buffer (options, buffer, length, universe)
/* If the length is outrageous, the options are bad. */
if (offset + len > length) {
+ /* Avoid reference count overflow */
+ option_dereference(&option, MDL);
reason = "option length exceeds option buffer length";
bogus:
log_error("parse_option_buffer: malformed option "
--
2.16.1

4
bsp/buildroot/package/dhcp/dhcp.mk
View File

@@ -11,7 +11,9 @@ DHCP_LICENSE = ISC
DHCP_LICENSE_FILES = LICENSE
DHCP_CONF_ENV = \
CPPFLAGS='-D_PATH_DHCPD_CONF=\"/etc/dhcp/dhcpd.conf\" \
-D_PATH_DHCLIENT_CONF=\"/etc/dhcp/dhclient.conf\"'
-D_PATH_DHCLIENT_CONF=\"/etc/dhcp/dhclient.conf\"' \
CFLAGS='$(TARGET_CFLAGS) -DISC_CHECK_NONE=1'
DHCP_CONF_OPTS = \
--with-randomdev=/dev/random \
--with-srv-lease-file=/var/lib/dhcp/dhcpd.leases \

212
bsp/buildroot/package/dnsmasq/0001-DNSSEC-fix-for-wildcard-NSEC-records.-CVE-2017-15107.patch Normal file
View File

@@ -0,0 +1,212 @@
From 4fe6744a220eddd3f1749b40cac3dfc510787de6 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Fri, 19 Jan 2018 12:26:08 +0000
Subject: [PATCH] DNSSEC fix for wildcard NSEC records. CVE-2017-15107 applies.
It's OK for NSEC records to be expanded from wildcards,
but in that case, the proof of non-existence is only valid
starting at the wildcard name, *.<domain> NOT the name expanded
from the wildcard. Without this check it's possible for an
attacker to craft an NSEC which wrongly proves non-existence
in a domain which includes a wildcard for NSEC.
[baruch: drop the CHANGELOG hunk]
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Upstream status: upstream commit 4fe6744a220e
CHANGELOG | 12 +++++-
src/dnssec.c | 117 ++++++++++++++++++++++++++++++++++++++++++++++++++++-------
2 files changed, 114 insertions(+), 15 deletions(-)
diff --git a/src/dnssec.c b/src/dnssec.c
index eb6c11cbe00f..a54a0b4f14cf 100644
--- a/src/dnssec.c
+++ b/src/dnssec.c
@@ -103,15 +103,17 @@ static void from_wire(char *name)
static int count_labels(char *name)
{
int i;
-
+ char *p;
+
if (*name == 0)
return 0;
- for (i = 0; *name; name++)
- if (*name == '.')
+ for (p = name, i = 0; *p; p++)
+ if (*p == '.')
i++;
- return i+1;
+ /* Don't count empty first label. */
+ return *name == '.' ? i : i+1;
}
/* Implement RFC1982 wrapped compare for 32-bit numbers */
@@ -1094,8 +1096,8 @@ static int hostname_cmp(const char *a, const char *b)
}
}
-static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsigned char **nsecs, int nsec_count,
- char *workspace1, char *workspace2, char *name, int type, int *nons)
+static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsigned char **nsecs, unsigned char **labels, int nsec_count,
+ char *workspace1_in, char *workspace2, char *name, int type, int *nons)
{
int i, rc, rdlen;
unsigned char *p, *psave;
@@ -1108,6 +1110,9 @@ static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsi
/* Find NSEC record that proves name doesn't exist */
for (i = 0; i < nsec_count; i++)
{
+ char *workspace1 = workspace1_in;
+ int sig_labels, name_labels;
+
p = nsecs[i];
if (!extract_name(header, plen, &p, workspace1, 1, 10))
return 0;
@@ -1116,7 +1121,27 @@ static int prove_non_existence_nsec(struct dns_header *header, size_t plen, unsi
psave = p;
if (!extract_name(header, plen, &p, workspace2, 1, 10))
return 0;
-
+
+ /* If NSEC comes from wildcard expansion, use original wildcard
+ as name for computation. */
+ sig_labels = *labels[i];
+ name_labels = count_labels(workspace1);
+
+ if (sig_labels < name_labels)
+ {
+ int k;
+ for (k = name_labels - sig_labels; k != 0; k--)
+ {
+ while (*workspace1 != '.' && *workspace1 != 0)
+ workspace1++;
+ if (k != 1 && *workspace1 == '.')
+ workspace1++;
+ }
+
+ workspace1--;
+ *workspace1 = '*';
+ }
+
rc = hostname_cmp(workspace1, name);
if (rc == 0)
@@ -1514,24 +1539,26 @@ static int prove_non_existence_nsec3(struct dns_header *header, size_t plen, uns
static int prove_non_existence(struct dns_header *header, size_t plen, char *keyname, char *name, int qtype, int qclass, char *wildname, int *nons)
{
- static unsigned char **nsecset = NULL;
- static int nsecset_sz = 0;
+ static unsigned char **nsecset = NULL, **rrsig_labels = NULL;
+ static int nsecset_sz = 0, rrsig_labels_sz = 0;
int type_found = 0;
- unsigned char *p = skip_questions(header, plen);
+ unsigned char *auth_start, *p = skip_questions(header, plen);
int type, class, rdlen, i, nsecs_found;
/* Move to NS section */
if (!p || !(p = skip_section(p, ntohs(header->ancount), header, plen)))
return 0;
+
+ auth_start = p;
for (nsecs_found = 0, i = ntohs(header->nscount); i != 0; i--)
{
unsigned char *pstart = p;
- if (!(p = skip_name(p, header, plen, 10)))
+ if (!extract_name(header, plen, &p, daemon->workspacename, 1, 10))
return 0;
-
+
GETSHORT(type, p);
GETSHORT(class, p);
p += 4; /* TTL */
@@ -1548,7 +1575,69 @@ static int prove_non_existence(struct dns_header *header, size_t plen, char *key
if (!expand_workspace(&nsecset, &nsecset_sz, nsecs_found))
return 0;
- nsecset[nsecs_found++] = pstart;
+ if (type == T_NSEC)
+ {
+ /* If we're looking for NSECs, find the corresponding SIGs, to
+ extract the labels value, which we need in case the NSECs
+ are the result of wildcard expansion.
+ Note that the NSEC may not have been validated yet
+ so if there are multiple SIGs, make sure the label value
+ is the same in all, to avoid be duped by a rogue one.
+ If there are no SIGs, that's an error */
+ unsigned char *p1 = auth_start;
+ int res, j, rdlen1, type1, class1;
+
+ if (!expand_workspace(&rrsig_labels, &rrsig_labels_sz, nsecs_found))
+ return 0;
+
+ rrsig_labels[nsecs_found] = NULL;
+
+ for (j = ntohs(header->nscount); j != 0; j--)
+ {
+ if (!(res = extract_name(header, plen, &p1, daemon->workspacename, 0, 10)))
+ return 0;
+
+ GETSHORT(type1, p1);
+ GETSHORT(class1, p1);
+ p1 += 4; /* TTL */
+ GETSHORT(rdlen1, p1);
+
+ if (!CHECK_LEN(header, p1, plen, rdlen1))
+ return 0;
+
+ if (res == 1 && class1 == qclass && type1 == T_RRSIG)
+ {
+ int type_covered;
+ unsigned char *psav = p1;
+
+ if (rdlen < 18)
+ return 0; /* bad packet */
+
+ GETSHORT(type_covered, p1);
+
+ if (type_covered == T_NSEC)
+ {
+ p1++; /* algo */
+
+ /* labels field must be the same in every SIG we find. */
+ if (!rrsig_labels[nsecs_found])
+ rrsig_labels[nsecs_found] = p1;
+ else if (*rrsig_labels[nsecs_found] != *p1) /* algo */
+ return 0;
+ }
+ p1 = psav;
+ }
+
+ if (!ADD_RDLEN(header, p1, plen, rdlen1))
+ return 0;
+ }
+
+ /* Must have found at least one sig. */
+ if (!rrsig_labels[nsecs_found])
+ return 0;
+ }
+
+ nsecset[nsecs_found++] = pstart;
}
if (!ADD_RDLEN(header, p, plen, rdlen))
@@ -1556,7 +1645,7 @@ static int prove_non_existence(struct dns_header *header, size_t plen, char *key
}
if (type_found == T_NSEC)
- return prove_non_existence_nsec(header, plen, nsecset, nsecs_found, daemon->workspacename, keyname, name, qtype, nons);
+ return prove_non_existence_nsec(header, plen, nsecset, rrsig_labels, nsecs_found, daemon->workspacename, keyname, name, qtype, nons);
else if (type_found == T_NSEC3)
return prove_non_existence_nsec3(header, plen, nsecset, nsecs_found, daemon->workspacename, keyname, name, qtype, wildname, nons);
else
--
2.15.1

29
bsp/buildroot/package/dnsmasq/0002-Fix-DNSSEC-validation-errors-introduced-in-4fe6744a2.patch Normal file
View File

@@ -0,0 +1,29 @@
From cd7df612b14ec1bf831a966ccaf076be0dae7404 Mon Sep 17 00:00:00 2001
From: Simon Kelley <simon@thekelleys.org.uk>
Date: Sat, 20 Jan 2018 00:10:55 +0000
Subject: [PATCH] Fix DNSSEC validation errors introduced in
4fe6744a220eddd3f1749b40cac3dfc510787de6
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Upstream status: upstream commit cd7df612b14ec
src/dnssec.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/dnssec.c b/src/dnssec.c
index a54a0b4f14cf..c47e33569f96 100644
--- a/src/dnssec.c
+++ b/src/dnssec.c
@@ -1610,7 +1610,7 @@ static int prove_non_existence(struct dns_header *header, size_t plen, char *key
int type_covered;
unsigned char *psav = p1;
- if (rdlen < 18)
+ if (rdlen1 < 18)
return 0; /* bad packet */
GETSHORT(type_covered, p1);
--
2.15.1

2
bsp/buildroot/package/dnsmasq/Config.in
View File

@@ -4,7 +4,7 @@ config BR2_PACKAGE_DNSMASQ
A lightweight DNS and DHCP server. It is intended to provide
coupled DNS and DHCP service to a LAN.
http://www.thekelleys.org.uk/dnsmasq/
http://www.thekelleys.org.uk/dnsmasq/doc.html
if BR2_PACKAGE_DNSMASQ

42
bsp/buildroot/package/dnsmasq/dnsmasq.mk
View File

@@ -40,32 +40,31 @@ endif
ifeq ($(BR2_PACKAGE_DNSMASQ_CONNTRACK),y)
DNSMASQ_DEPENDENCIES += libnetfilter_conntrack
endif
ifeq ($(BR2_PACKAGE_DNSMASQ_CONNTRACK),y)
define DNSMASQ_ENABLE_CONNTRACK
$(SED) 's^.*#define HAVE_CONNTRACK.*^#define HAVE_CONNTRACK^' \
$(DNSMASQ_DIR)/src/config.h
endef
DNSMASQ_COPTS += -DHAVE_CONNTRACK
endif
ifeq ($(BR2_PACKAGE_DNSMASQ_LUA),y)
DNSMASQ_DEPENDENCIES += lua
DNSMASQ_COPTS += -DHAVE_LUASCRIPT
# liblua uses dlopen when dynamically linked
ifneq ($(BR2_STATIC_LIBS),y)
DNSMASQ_MAKE_OPTS += LIBS+="-ldl"
endif
define DNSMASQ_ENABLE_LUA
define DNSMASQ_TWEAK_LIBLUA
$(SED) 's/lua5.2/lua/g' $(DNSMASQ_DIR)/Makefile
$(SED) 's^.*#define HAVE_LUASCRIPT.*^#define HAVE_LUASCRIPT^' \
$(DNSMASQ_DIR)/src/config.h
endef
endif
ifeq ($(BR2_PACKAGE_DBUS),y)
DNSMASQ_DEPENDENCIES += dbus
DNSMASQ_COPTS += -DHAVE_DBUS
define DNSMASQ_INSTALL_DBUS
$(INSTALL) -m 0644 -D $(@D)/dbus/dnsmasq.conf \
$(TARGET_DIR)/etc/dbus-1/system.d/dnsmasq.conf
endef
endif
define DNSMASQ_FIX_PKGCONFIG
@@ -73,33 +72,12 @@ define DNSMASQ_FIX_PKGCONFIG
$(DNSMASQ_DIR)/Makefile
endef
ifeq ($(BR2_PACKAGE_DBUS),y)
define DNSMASQ_ENABLE_DBUS
$(SED) 's^.*#define HAVE_DBUS.*^#define HAVE_DBUS^' \
$(DNSMASQ_DIR)/src/config.h
endef
else
define DNSMASQ_ENABLE_DBUS
$(SED) 's^.*#define HAVE_DBUS.*^/* #define HAVE_DBUS */^' \
$(DNSMASQ_DIR)/src/config.h
endef
endif
define DNSMASQ_BUILD_CMDS
$(DNSMASQ_FIX_PKGCONFIG)
$(DNSMASQ_ENABLE_DBUS)
$(DNSMASQ_ENABLE_LUA)
$(DNSMASQ_ENABLE_CONNTRACK)
$(DNSMASQ_TWEAK_LIBLUA)
$(DNSMASQ_MAKE_ENV) $(MAKE) -C $(@D) $(DNSMASQ_MAKE_OPTS) all$(DNSMASQ_I18N)
endef
ifeq ($(BR2_PACKAGE_DBUS),y)
define DNSMASQ_INSTALL_DBUS
$(INSTALL) -m 0644 -D $(@D)/dbus/dnsmasq.conf \
$(TARGET_DIR)/etc/dbus-1/system.d/dnsmasq.conf
endef
endif
define DNSMASQ_INSTALL_TARGET_CMDS
$(DNSMASQ_MAKE_ENV) $(MAKE) -C $(@D) $(DNSMASQ_MAKE_OPTS) install$(DNSMASQ_I18N)
mkdir -p $(TARGET_DIR)/var/lib/misc/

33
bsp/buildroot/package/dovecot/0002-lib-auth-Fix-memory-leak-in-auth_client_request_abor.patch
View File

@@ -1,33 +0,0 @@
From 1a29ed2f96da1be22fa5a4d96c7583aa81b8b060 Mon Sep 17 00:00:00 2001
From: Timo Sirainen <timo.sirainen@dovecot.fi>
Date: Mon, 18 Dec 2017 16:50:51 +0200
Subject: [PATCH] lib-auth: Fix memory leak in auth_client_request_abort()
This caused memory leaks when authentication was aborted. For example
with IMAP:
a AUTHENTICATE PLAIN
*
Broken by 9137c55411aa39d41c1e705ddc34d5bd26c65021
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
src/lib-auth/auth-client-request.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/lib-auth/auth-client-request.c b/src/lib-auth/auth-client-request.c
index 480fb42b3..046f7c307 100644
--- a/src/lib-auth/auth-client-request.c
+++ b/src/lib-auth/auth-client-request.c
@@ -186,6 +186,7 @@ void auth_client_request_abort(struct auth_client_request **_request)
auth_client_send_cancel(request->conn->client, request->id);
call_callback(request, AUTH_REQUEST_STATUS_ABORT, NULL, NULL);
+ pool_unref(&request->pool);
}
unsigned int auth_client_request_get_id(struct auth_client_request *request)
--
2.11.0

2
bsp/buildroot/package/dovecot/dovecot.hash
View File

@@ -1,5 +1,5 @@
# Locally computed after checking signature
sha256 fe1e3b78609a56ee22fc209077e4b75348fa1bbd54c46f52bde2472a4c4cee84 dovecot-2.2.33.2.tar.gz
sha256 5e92a4325409e66b343f6aaa67174b8921ce83d0df792c6eeb0b7b7e2c808353 dovecot-2.2.34.tar.gz
sha256 a363b132e494f662d98c820d1481297e6ae72f194c2c91b6c39e1518b86240a8 COPYING
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LGPL
sha256 52b8c95fabb19575281874b661ef7968ea47e8f5d74ba0dd40ce512e52b3fc97 COPYING.MIT

2
bsp/buildroot/package/dovecot/dovecot.mk
View File

@@ -5,7 +5,7 @@
################################################################################
DOVECOT_VERSION_MAJOR = 2.2
DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).33.2
DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).34
DOVECOT_SITE = http://www.dovecot.org/releases/$(DOVECOT_VERSION_MAJOR)
DOVECOT_INSTALL_STAGING = YES
DOVECOT_LICENSE = LGPLv2.1

37
bsp/buildroot/package/exim/0005-Fix-base64d-buffer-size-CVE-2018-6789.patch Normal file
View File

@@ -0,0 +1,37 @@
From 062990cc1b2f9e5d82a413b53c8f0569075de700 Mon Sep 17 00:00:00 2001
From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
Date: Mon, 5 Feb 2018 22:23:32 +0100
Subject: [PATCH] Fix base64d() buffer size (CVE-2018-6789)
Credits for discovering this bug: Meh Chang <meh@devco.re>
[Peter: Drop ChangeLog change, fix path]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
src/base64.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/src/base64.c b/src/base64.c
index f6f187f0..e58ca6c7 100644
--- a/src/base64.c
+++ b/src/base64.c
@@ -152,10 +152,14 @@ static uschar dec64table[] = {
int
b64decode(const uschar *code, uschar **ptr)
{
+
int x, y;
-uschar *result = store_get(3*(Ustrlen(code)/4) + 1);
+uschar *result;
-*ptr = result;
+{
+ int l = Ustrlen(code);
+ *ptr = result = store_get(1 + l/4 * 3 + l%4);
+}
/* Each cycle of the loop handles a quantum of 4 input bytes. For the last
quantum this may decode to 1, 2, or 3 output bytes. */
--
2.11.0

3
bsp/buildroot/package/imagemagick/imagemagick.hash
View File

@@ -1,2 +1,3 @@
# Locally computed
sha256 924d1161ed2399bcb72f98419072b3130a466e07d9a6fce43d27458ffa907ffa 7.0.7-10.tar.gz
sha256 723a28f9cbc5c6130f496065fc01c839083e97bf3e4930f940a03c0155046170 7.0.7-27.tar.gz
sha256 2318cc05bbd2c25c1b2d13af1aadccc45b9cf6f94757421ae59a3c8ea9064f1c LICENSE

2
bsp/buildroot/package/imagemagick/imagemagick.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
IMAGEMAGICK_VERSION = 7.0.7-10
IMAGEMAGICK_VERSION = 7.0.7-27
IMAGEMAGICK_SOURCE = $(IMAGEMAGICK_VERSION).tar.gz
IMAGEMAGICK_SITE = https://github.com/ImageMagick/ImageMagick/archive
IMAGEMAGICK_LICENSE = Apache-2.0

2
bsp/buildroot/package/irssi/irssi.hash
View File

@@ -1,4 +1,4 @@
# Locally calculated after checking pgp signature
sha256 029e884f3ebf337f7266d8ed4e1a035ca56d9f85015d74c868b488f279de8585 irssi-1.0.6.tar.xz
sha256 1b386ca026aa1875c380fd00ef1d24b71fb87cdae39ef5349ecca16c4567feac irssi-1.0.7.tar.xz
# Locally calculated
sha256 a1a27cb2ecee8d5378fbb3562f577104a445d6d66fee89286e16758305e63e2b COPYING

2
bsp/buildroot/package/irssi/irssi.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
IRSSI_VERSION = 1.0.6
IRSSI_VERSION = 1.0.7
IRSSI_SOURCE = irssi-$(IRSSI_VERSION).tar.xz
# Do not use the github helper here. The generated tarball is *NOT* the
# same as the one uploaded by upstream for the release.

6
bsp/buildroot/package/jq/jq.mk
View File

@@ -10,8 +10,10 @@ JQ_LICENSE = MIT (code), CC-BY-3.0 (documentation)
JQ_LICENSE_FILES = COPYING
# uses c99 specific features
JQ_CONF_ENV += CFLAGS="$(TARGET_CFLAGS) -std=c99"
HOST_JQ_CONF_ENV += CFLAGS="$(HOST_CFLAGS) -std=c99"
# _GNU_SOURCE added to fix gcc6+ host compilation
# (https://github.com/stedolan/jq/issues/1598)
JQ_CONF_ENV += CFLAGS="$(TARGET_CFLAGS) -std=c99 -D_GNU_SOURCE"
HOST_JQ_CONF_ENV += CFLAGS="$(HOST_CFLAGS) -std=c99 -D_GNU_SOURCE"
# jq explicitly enables maintainer mode, which we don't need/want
JQ_CONF_OPTS += --disable-maintainer-mode

4
bsp/buildroot/package/libcurl/libcurl.hash
View File

@@ -1,4 +1,4 @@
# Locally calculated after checking pgp signature
# https://curl.haxx.se/download/curl-7.58.0.tar.xz.asc
sha256 6a813875243609eb75f37fa72044e4ad618b55ec15a4eafdac2df6a7e800e3e3 curl-7.58.0.tar.xz
# https://curl.haxx.se/download/curl-7.59.0.tar.xz.asc
sha256 e44eaabdf916407585bf5c7939ff1161e6242b6b015d3f2f5b758b2a330461fc curl-7.59.0.tar.xz
sha256 5f3849ec38ddb927e79f514bf948890c41b8d1407286a49609b8fb1585931095 COPYING

2
bsp/buildroot/package/libcurl/libcurl.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
LIBCURL_VERSION = 7.58.0
LIBCURL_VERSION = 7.59.0
LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.xz
LIBCURL_SITE = https://curl.haxx.se/download
LIBCURL_DEPENDENCIES = host-pkgconf \

6
bsp/buildroot/package/libpjsip/libpjsip.hash
View File

@@ -1,6 +1,6 @@
# From http://www.pjsip.org/release/2.7.1/MD5SUM.TXT
md5 99a64110fa5c2debff40e0e8d4676380 pjproject-2.7.1.tar.bz2
# From http://www.pjsip.org/release/2.7.2/MD5SUM.TXT
md5 fa3f0bc098c4bff48ddd92db1c016a7a pjproject-2.7.2.tar.bz2
# Locally computed
sha256 59fabc62a02b2b80857297cfb10e2c68c473f4a0acc6e848cfefe8421f2c3126 pjproject-2.7.1.tar.bz2
sha256 9c2c828abab7626edf18e04b041ef274bfaa86f99adf2c25ff56f1509e813772 pjproject-2.7.2.tar.bz2
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING

2
bsp/buildroot/package/libpjsip/libpjsip.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
LIBPJSIP_VERSION = 2.7.1
LIBPJSIP_VERSION = 2.7.2
LIBPJSIP_SOURCE = pjproject-$(LIBPJSIP_VERSION).tar.bz2
LIBPJSIP_SITE = http://www.pjsip.org/release/$(LIBPJSIP_VERSION)
LIBPJSIP_DEPENDENCIES = libsrtp

4
bsp/buildroot/package/librsvg/librsvg.hash
View File

@@ -1,2 +1,2 @@
# From http://ftp.gnome.org/pub/gnome/sources/librsvg/2.40/librsvg-2.40.18.sha256sum
sha256 bfc8c488c89c1e7212c478beb95c41b44701636125a3e6dab41187f1485b564c librsvg-2.40.18.tar.xz
# From http://ftp.gnome.org/pub/gnome/sources/librsvg/2.40/librsvg-2.40.20.sha256sum
sha256 cff4dd3c3b78bfe99d8fcfad3b8ba1eee3289a0823c0e118d78106be6b84c92b librsvg-2.40.20.tar.xz

2
bsp/buildroot/package/librsvg/librsvg.mk
View File

@@ -5,7 +5,7 @@
################################################################################
LIBRSVG_VERSION_MAJOR = 2.40
LIBRSVG_VERSION = $(LIBRSVG_VERSION_MAJOR).18
LIBRSVG_VERSION = $(LIBRSVG_VERSION_MAJOR).20
LIBRSVG_SITE = http://ftp.gnome.org/pub/gnome/sources/librsvg/$(LIBRSVG_VERSION_MAJOR)
LIBRSVG_SOURCE = librsvg-$(LIBRSVG_VERSION).tar.xz
LIBRSVG_INSTALL_STAGING = YES

6
bsp/buildroot/package/libtasn1/libtasn1.hash
View File

@@ -1,2 +1,6 @@
# Locally calculated after checking pgp signature
sha256 6753da2e621257f33f5b051cc114d417e5206a0818fe0b1ecfd6153f70934753 libtasn1-4.12.tar.gz
# https://ftp.gnu.org/gnu/libtasn1/libtasn1-4.13.tar.gz.sig
sha256 7e528e8c317ddd156230c4e31d082cd13e7ddeb7a54824be82632209550c8cca libtasn1-4.13.tar.gz
# Locally calculated
sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LIB

2
bsp/buildroot/package/libtasn1/libtasn1.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
LIBTASN1_VERSION = 4.12
LIBTASN1_VERSION = 4.13
LIBTASN1_SITE = $(BR2_GNU_MIRROR)/libtasn1
LIBTASN1_DEPENDENCIES = host-bison
LIBTASN1_LICENSE = GPLv3+ (tests, tools), LGPLv2.1+ (library)

4
bsp/buildroot/package/libvorbis/libvorbis.hash
View File

@@ -1,2 +1,4 @@
# From http://www.xiph.org/downloads/
sha256 54f94a9527ff0a88477be0a71c0bab09a4c3febe0ed878b24824906cd4b0e1d1 libvorbis-1.3.5.tar.xz
sha256 af00bb5a784e7c9e69f56823de4637c350643deedaf333d0fa86ecdba6fcb415 libvorbis-1.3.6.tar.xz
# License files, locally calculated
sha256 29e9914e6173b7061b7d48c25e6159fc1438326738bc047cc7248abc01b271f6 COPYING

2
bsp/buildroot/package/libvorbis/libvorbis.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
LIBVORBIS_VERSION = 1.3.5
LIBVORBIS_VERSION = 1.3.6
LIBVORBIS_SOURCE = libvorbis-$(LIBVORBIS_VERSION).tar.xz
LIBVORBIS_SITE = http://downloads.xiph.org/releases/vorbis
LIBVORBIS_INSTALL_STAGING = YES

33
bsp/buildroot/package/libxml2/0001-CVE-2017-8872.patch Normal file
View File

@@ -0,0 +1,33 @@
From 8b329effb610f4138e4e680f6a6867570f6d6179 Mon Sep 17 00:00:00 2001
From: Baruch Siach <baruch@tkos.co.il>
Date: Fri, 9 Feb 2018 10:58:11 +0200
Subject: [PATCH] CVE-2017-8872
Taken from attachment to upstream bug report comment #9.
https://bugzilla.gnome.org/show_bug.cgi?id=775200#c9
https://bugzilla.gnome.org/attachment.cgi?id=366193&action=diff
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
parser.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/parser.c b/parser.c
index 1c5e036ea265..025111067ae8 100644
--- a/parser.c
+++ b/parser.c
@@ -12467,6 +12467,10 @@ xmlHaltParser(xmlParserCtxtPtr ctxt) {
ctxt->input->cur = BAD_CAST"";
ctxt->input->base = ctxt->input->cur;
ctxt->input->end = ctxt->input->cur;
+ if (ctxt->input->buf)
+ xmlBufEmpty (ctxt->input->buf->buffer);
+ else
+ ctxt->input->length = 0;
}
}
--
2.15.1

4
bsp/buildroot/package/libxml2/libxml2.hash
View File

@@ -1,2 +1,4 @@
# Locally calculated after checking pgp signature
sha256 4031c1ecee9ce7ba4f313e91ef6284164885cdb69937a123f6a83bb6a72dcd38 libxml2-2.9.5.tar.gz
sha256 f63c5e7d30362ed28b38bfa1ac6313f9a80230720b7fb6c80575eeab3ff5900c libxml2-2.9.7.tar.gz
# License files, locally calculated
sha256 c5c63674f8a83c4d2e385d96d1c670a03cb871ba2927755467017317878574bd COPYING

2
bsp/buildroot/package/libxml2/libxml2.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
LIBXML2_VERSION = 2.9.5
LIBXML2_VERSION = 2.9.7
LIBXML2_SITE = ftp://xmlsoft.org/libxml2
LIBXML2_INSTALL_STAGING = YES
LIBXML2_LICENSE = MIT

8
bsp/buildroot/package/linux-headers/Config.in.host
View File

@@ -214,15 +214,15 @@ endchoice
config BR2_DEFAULT_KERNEL_HEADERS
string
default "3.2.98" if BR2_KERNEL_HEADERS_3_2
default "3.2.101" if BR2_KERNEL_HEADERS_3_2
default "3.4.113" if BR2_KERNEL_HEADERS_3_4
default "3.10.108" if BR2_KERNEL_HEADERS_3_10
default "3.12.74" if BR2_KERNEL_HEADERS_3_12
default "3.18.72" if BR2_KERNEL_HEADERS_3_18
default "3.19.8" if BR2_KERNEL_HEADERS_3_19
default "4.0.9" if BR2_KERNEL_HEADERS_4_0
default "4.1.49" if BR2_KERNEL_HEADERS_4_1
default "4.4.114" if BR2_KERNEL_HEADERS_4_4
default "4.1.51" if BR2_KERNEL_HEADERS_4_1
default "4.4.127" if BR2_KERNEL_HEADERS_4_4
default "4.8.17" if BR2_KERNEL_HEADERS_4_8
default "4.9.79" if BR2_KERNEL_HEADERS_4_9
default "4.9.93" if BR2_KERNEL_HEADERS_4_9
default BR2_DEFAULT_KERNEL_VERSION if BR2_KERNEL_HEADERS_VERSION

2
bsp/buildroot/package/lz4/lz4.hash
View File

@@ -1,2 +1,2 @@
# sha256 locally computed
sha256 9d4d00614d6b9dec3114b33d1224b6262b99ace24434c53487a0c8fd0b18cfed lz4-r131.tar.gz
sha256 0190cacd63022ccb86f44fa5041dc6c3804407ad61550ca21c382827319e7e7e lz4-v1.7.5.tar.gz

4
bsp/buildroot/package/lz4/lz4.mk
View File

@@ -4,8 +4,8 @@
#
################################################################################
LZ4_VERSION = r131
LZ4_SITE = $(call github,Cyan4973,lz4,$(LZ4_VERSION))
LZ4_VERSION = v1.7.5
LZ4_SITE = $(call github,lz4,lz4,$(LZ4_VERSION))
LZ4_INSTALL_STAGING = YES
LZ4_LICENSE = BSD-2c (library), GPLv2+ (programs)
LZ4_LICENSE_FILES = lib/LICENSE programs/COPYING

4
bsp/buildroot/package/mariadb/mariadb.hash
View File

@@ -1,5 +1,5 @@
# From https://downloads.mariadb.org/mariadb/10.1.30/
sha256 173a5e5a24819e0a469c3bd09b5c98491676c37c6095882a2ea34c5af0996c88 mariadb-10.1.30.tar.gz
# From https://downloads.mariadb.org/mariadb/10.1.31/
sha256 ab7641c2fe4e5289da6141766a9c3350e013def56fafd6f1377080bc8048b2e6 mariadb-10.1.31.tar.gz
# Hash for license files
sha256 69ce89a0cadbe35a858398c258be93c388715e84fc0ca04e5a1fd1aa9770dd3a README

2
bsp/buildroot/package/mariadb/mariadb.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
MARIADB_VERSION = 10.1.30
MARIADB_VERSION = 10.1.31
MARIADB_SITE = https://downloads.mariadb.org/interstitial/mariadb-$(MARIADB_VERSION)/source
MARIADB_LICENSE = GPLv2 (server), GPLv2 with FLOSS exception (GPL client library), LGPLv2 (LGPL client library)
# Tarball no longer contains LGPL license text

33
bsp/buildroot/package/mbedtls/0001-dhm-Fix-typo-in-RFC-5114-constants.patch Normal file
View File

@@ -0,0 +1,33 @@
From 129f50838bf14f4e1319f06f41c827fae9cc4b73 Mon Sep 17 00:00:00 2001
From: Jaeden Amero <jaeden.amero@arm.com>
Date: Thu, 8 Feb 2018 14:25:36 +0000
Subject: [PATCH] dhm: Fix typo in RFC 5114 constants
We accidentally named the constant MBEDTLS_DHM_RFC5114_MODP_P instead of
MBEDTLS_DHM_RFC5114_MODP_2048_P.
Fixes #1358
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Patch status: upstream commit 129f50838bf
include/mbedtls/dhm.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h
index da2e66b111b6..00fafd8d16f4 100644
--- a/include/mbedtls/dhm.h
+++ b/include/mbedtls/dhm.h
@@ -372,7 +372,7 @@ MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_constant_t;
* in <em>RFC-5114: Additional Diffie-Hellman Groups for Use with
* IETF Standards</em>.
*/
-#define MBEDTLS_DHM_RFC5114_MODP_P \
+#define MBEDTLS_DHM_RFC5114_MODP_2048_P \
MBEDTLS_DEPRECATED_STRING_CONSTANT( \
"AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1" \
"B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" \
--
2.16.1

6
bsp/buildroot/package/mbedtls/mbedtls.hash
View File

@@ -1,5 +1,5 @@
# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.6.0-2.1.9-and-1.3.21-released
sha1 e914288da50977f541773f9d36e26f14926594a5 mbedtls-2.6.0-apache.tgz
sha256 99bc9d4212d3d885eeb96273bcde8ecc649a481404b8d7ea7bb26397c9909687 mbedtls-2.6.0-apache.tgz
# From https://tls.mbed.org/tech-updates/releases/mbedtls-2.7.0-2.1.10-and-1.3.22-released
sha1 01ffebf679c8696cc941c41224fa73d8944d2c85 mbedtls-2.7.0-apache.tgz
sha256 aeb66d6cd43aa1c79c145d15845c655627a7fc30d624148aaafbb6c36d7f55ef mbedtls-2.7.0-apache.tgz
# Locally calculated
sha256 cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30 apache-2.0.txt

2
bsp/buildroot/package/mbedtls/mbedtls.mk
View File

@@ -5,7 +5,7 @@
################################################################################
MBEDTLS_SITE = https://tls.mbed.org/code/releases
MBEDTLS_VERSION = 2.6.0
MBEDTLS_VERSION = 2.7.0
MBEDTLS_SOURCE = mbedtls-$(MBEDTLS_VERSION)-apache.tgz
MBEDTLS_CONF_OPTS = \
-DENABLE_PROGRAMS=$(if $(BR2_PACKAGE_MBEDTLS_PROGRAMS),ON,OFF) \

49
bsp/buildroot/package/mosquitto/0001-websockets.c-unbreak-build-without-TLS.patch Normal file
View File

@@ -0,0 +1,49 @@
From 4822aa97da80a86033ec6e4a8b2f4ad0911235cf Mon Sep 17 00:00:00 2001
From: Peter Korsgaard <peter@korsgaard.com>
Date: Sat, 3 Mar 2018 11:04:47 +0100
Subject: [PATCH] websockets.c: unbreak build without TLS
Commit 7943072b1f3b (Fix use_identity_as_username not working on websockets
clients) added code which unconditionally accesses mosq-ssl, breaking the
build when TLS support is disabled.
Fix it by guarding this logic inside #ifdef WITH_TLS.
[Upstream: https://dev.eclipse.org/mhonarc/lists/mosquitto-dev/msg01813.html]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
src/websockets.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/websockets.c b/src/websockets.c
index d4d7961..a796f0a 100644
--- a/src/websockets.c
+++ b/src/websockets.c
@@ -201,12 +201,14 @@ static int callback_mqtt(struct libwebsocket_context *context,
mosq->ws_context = context;
#endif
mosq->wsi = wsi;
+#ifdef WITH_TLS
if(in){
mosq->ssl = (SSL *)in;
if(!mosq->listener->ssl_ctx){
mosq->listener->ssl_ctx = SSL_get_SSL_CTX(mosq->ssl);
}
}
+#endif
u->mosq = mosq;
}else{
return -1;
@@ -240,7 +242,9 @@ static int callback_mqtt(struct libwebsocket_context *context,
mosq->pollfd_index = -1;
}
mosq->wsi = NULL;
+#ifdef WITH_TLS
mosq->ssl = NULL;
+#endif
do_disconnect(db, mosq);
}
break;
--
2.11.0

10
bsp/buildroot/package/mosquitto/mosquitto.hash
View File

@@ -1,3 +1,7 @@
# Locally computed:
sha512 75e6105498869ab13265df7a0bea6052c014d59d0c0efb61162d8257d34c0153fce32130e84c28e99fd494f374949aac5e01c19f7439c2eea575b52ef1179c3c mosquitto-1.4.12.tar.gz
sha256 06abd1206e548ac2378dd96f5434cb3e40ed77cecb6a9c37fbabab0b0f1360e5 mosquitto-1.4.x_cve-2017-9868.patch
# Locally calculated after checking gpg signature
sha256 7d3b3e245a3b4ec94b05678c8199c806359737949f4cfe0bf936184f6ca89a83 mosquitto-1.4.15.tar.gz
# License files
sha256 cc77e25bafd40637b7084f04086d606f0a200051b61806f97c93405926670bc1 LICENSE.txt
sha256 3b9be6b894d0769de796e653571ff6cef494913c0ce78c35a97db939e7d9087c epl-v10
sha256 e8cf7d54ea46c19aba793983889b7f7425e1ebfcaaccec764a7db091646e203c edl-v10

6
bsp/buildroot/package/mosquitto/mosquitto.mk
View File

@@ -4,13 +4,11 @@
#
################################################################################
MOSQUITTO_VERSION = 1.4.12
MOSQUITTO_SITE = http://mosquitto.org/files/source
MOSQUITTO_VERSION = 1.4.15
MOSQUITTO_SITE = https://mosquitto.org/files/source
MOSQUITTO_LICENSE = EPLv1.0 or EDLv1.0
MOSQUITTO_LICENSE_FILES = LICENSE.txt epl-v10 edl-v10
MOSQUITTO_INSTALL_STAGING = YES
MOSQUITTO_PATCH = \
https://mosquitto.org/files/cve/2017-9868/mosquitto-1.4.x_cve-2017-9868.patch
MOSQUITTO_MAKE_OPTS = \
UNAME=Linux \

23
bsp/buildroot/package/ntp/0003-ntpq-fpic.patch
View File

@@ -1,23 +0,0 @@
ntpq/Makefile.am: add NTP_HARD_CFLAGS
Pass NTP_HARD_CFLAGS when building ntpq, like in all other ntp
modules, to make sure -fPIC is passed.
Originally taken from
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=494143c3b4921a5c8b8596d58f2c8b98296bf688.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Index: b/ntpq/Makefile.am
===================================================================
--- a/ntpq/Makefile.am
+++ b/ntpq/Makefile.am
@@ -23,7 +23,7 @@
ntpq_LDADD += $(LDADD_NTP)
noinst_HEADERS= ntpq.h
noinst_LIBRARIES= libntpq.a
-libntpq_a_CFLAGS= -DNO_MAIN_ALLOWED -DBUILD_AS_LIB
+libntpq_a_CFLAGS= $(NTP_HARD_CFLAGS) -DNO_MAIN_ALLOWED -DBUILD_AS_LIB
CLEANFILES=
DISTCLEANFILES= .version version.c config.log $(man_MANS)
ETAGS_ARGS= Makefile.am

1
bsp/buildroot/package/ntp/Config.in
View File

@@ -1,7 +1,6 @@
config BR2_PACKAGE_NTP
bool "ntp"
select BR2_PACKAGE_LIBEVENT
select BR2_PACKAGE_OPENSSL
help
Network Time Protocol suite/programs.
Provides things like ntpd, ntpdate, ntpq, etc...

7
bsp/buildroot/package/ntp/ntp.hash
View File

@@ -1,4 +1,5 @@
# From https://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.8p10.tar.gz.md5
md5 745384ed0dedb3f66b33fe84d66466f9 ntp-4.2.8p10.tar.gz
# From https://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.8p11.tar.gz.md5
md5 00950ca2855579541896513e78295361 ntp-4.2.8p11.tar.gz
# Calculated based on the hash above
sha256 ddd2366e64219b9efa0f7438e06800d0db394ac5c88e13c17b70d0dcdf99b99f ntp-4.2.8p10.tar.gz
sha256 f14a39f753688252d683ff907035ffff106ba8d3db21309b742e09b5c3cd278e ntp-4.2.8p11.tar.gz
sha256 62c87b269365b38b55359b16dfde7ec28c683c722ef489db90afd0f2e478e4a1 COPYRIGHT

19
bsp/buildroot/package/ntp/ntp.mk
View File

@@ -5,9 +5,9 @@
################################################################################
NTP_VERSION_MAJOR = 4.2
NTP_VERSION = $(NTP_VERSION_MAJOR).8p10
NTP_VERSION = $(NTP_VERSION_MAJOR).8p11
NTP_SITE = https://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-$(NTP_VERSION_MAJOR)
NTP_DEPENDENCIES = host-pkgconf libevent openssl $(if $(BR2_PACKAGE_BUSYBOX),busybox)
NTP_DEPENDENCIES = host-pkgconf libevent $(if $(BR2_PACKAGE_BUSYBOX),busybox)
NTP_LICENSE = ntp license
NTP_LICENSE_FILES = COPYRIGHT
NTP_CONF_ENV = ac_cv_lib_md5_MD5Init=no
@@ -18,16 +18,21 @@ NTP_CONF_OPTS = \
--disable-debugging \
--with-yielding-select=yes \
--disable-local-libevent \
--with-crypto
# 0002-ntp-syscalls-fallback.patch
# 0003-ntpq-fpic.patch
NTP_AUTORECONF = YES
ifeq ($(BR2_TOOLCHAIN_HAS_SSP),y)
NTP_CONF_OPTS += --with-locfile=linux
ifeq ($(BR2_PACKAGE_OPENSSL),y)
NTP_CONF_OPTS += --with-crypto --enable-openssl-random
NTP_DEPENDENCIES += openssl
else
NTP_CONF_OPTS += --with-locfile=default
NTP_CONF_OPTS += --without-crypto --disable-openssl-random
endif
ifeq ($(BR2_TOOLCHAIN_HAS_SSP),y)
NTP_CONF_OPTS += --with-hardenfile=linux
else
NTP_CONF_OPTS += --with-hardenfile=default
endif
ifeq ($(BR2_PACKAGE_LIBCAP),y)

4
bsp/buildroot/package/openblas/Config.in
View File

@@ -3,7 +3,7 @@ config BR2_PACKAGE_OPENBLAS_DEFAULT_TARGET
default "P2" if BR2_x86_pentium2
default "KATMAI" if BR2_x86_pentium3
default "NORTHWOOD" if BR2_x86_pentium4
default "PRESCOTT" if BR2_x86_prescott
default "PRESCOTT" if BR2_x86_prescott || BR2_x86_nocona
default "BANIAS" if BR2_x86_pentium_m
default "CORE2" if BR2_x86_core2
default "NEHALEM" if BR2_x86_corei7
@@ -14,9 +14,9 @@ config BR2_PACKAGE_OPENBLAS_DEFAULT_TARGET
default "OPTERON" if BR2_x86_opteron
default "OPTERON_SSE3" if BR2_x86_opteron_sse3
default "BARCELONA" if BR2_x86_barcelona
default "JAGUAR" if BR2_x86_jaguar
default "STEAMROLLER" if BR2_x86_steamroller
default "VIAC3" if BR2_x86_c3 || BR2_x86_c32
default "SSE_GENERIC" if BR2_X86_CPU_HAS_SSE
default "POWER4" if BR2_powerpc_power4
default "POWER5" if BR2_powerpc_power5
default "POWER6" if BR2_powerpc_power6

1
bsp/buildroot/package/opencv3/opencv3.mk
View File

@@ -340,6 +340,7 @@ OPENCV3_CONF_OPTS += \
-DPYTHON3_NUMPY_VERSION=$(PYTHON_NUMPY_VERSION)
OPENCV3_DEPENDENCIES += python3
endif
OPENCV3_CONF_ENV += $(PKG_PYTHON_DISTUTILS_ENV)
OPENCV3_DEPENDENCIES += python-numpy
else
OPENCV3_CONF_OPTS += \

6
bsp/buildroot/package/openssl/openssl.hash
View File

@@ -1,8 +1,8 @@
# From https://www.openssl.org/source/openssl-1.0.2n.tar.gz.sha256
sha256 370babb75f278c39e0c50e8c4e7493bc0f18db6867478341a832a982fd15a8fe openssl-1.0.2n.tar.gz
# From https://www.openssl.org/source/openssl-1.0.2o.tar.gz.sha256
sha256 ec3f5c9714ba0fd45cb4e087301eb1336c317e0d20b575a125050470e8089e4d openssl-1.0.2o.tar.gz
# Locally computed
sha256 eddd8a5123748052c598214487ac178e4bfa4e31ba2ec520c70d59c8c5bfa2e9 openssl-1.0.2a-parallel-install-dirs.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d
sha256 147c3eeaad614c044749ea527cb433eae5e2d5cad34a78c6ba61cd967bfbe01f openssl-1.0.2a-parallel-obj-headers.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d
sha256 30cb49489de5041841a74da9155cd4fabfbce33237262ba7cd23974314ae2956 openssl-1.0.2a-parallel-symlinking.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d
sha256 deaf6f3af41874ecc6d63841ea14b8e6c71cea81d4a511a754bc90c9a993147f openssl-1.0.2d-parallel-build.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d
sha256 9ee37d72966bb4a841343f0606ce44d41b3eae4df4285200c5a8ddc2b935992a LICENSE
sha256 c8f60f4842bbad0353f5d81620e72b168b5638ca3a0a999f5da113b22491612e LICENSE

2
bsp/buildroot/package/openssl/openssl.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
OPENSSL_VERSION = 1.0.2n
OPENSSL_VERSION = 1.0.2o
OPENSSL_SITE = http://www.openssl.org/source
OPENSSL_LICENSE = OpenSSL or SSLeay
OPENSSL_LICENSE_FILES = LICENSE

33
bsp/buildroot/package/patch/0001-Fix-segfault-with-mangled-rename-patch.patch Normal file
View File

@@ -0,0 +1,33 @@
From f290f48a621867084884bfff87f8093c15195e6a Mon Sep 17 00:00:00 2001
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Mon, 12 Feb 2018 16:48:24 +0100
Subject: [PATCH] Fix segfault with mangled rename patch
http://savannah.gnu.org/bugs/?53132
* src/pch.c (intuit_diff_type): Ensure that two filenames are specified
for renames and copies (fix the existing check).
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Patch status: upstream commit f290f48a6218
src/pch.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/pch.c b/src/pch.c
index ff9ed2cebb8a..bc6278c4032c 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode_t *p_file_type)
if ((pch_rename () || pch_copy ())
&& ! inname
&& ! ((i == OLD || i == NEW) &&
- p_name[! reverse] &&
+ p_name[reverse] && p_name[! reverse] &&
+ name_is_valid (p_name[reverse]) &&
name_is_valid (p_name[! reverse])))
{
say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy");
--
2.16.1

37
bsp/buildroot/package/patch/0002-Allow-input-files-to-be-missing-for-ed-style-patches.patch Normal file
View File

@@ -0,0 +1,37 @@
From b5a91a01e5d0897facdd0f49d64b76b0f02b43e1 Mon Sep 17 00:00:00 2001
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri, 6 Apr 2018 11:34:51 +0200
Subject: [PATCH] Allow input files to be missing for ed-style patches
* src/pch.c (do_ed_script): Allow input files to be missing so that new
files will be created as with non-ed-style patches.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Upstream status: commit b5a91a01e5d0
src/pch.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/pch.c b/src/pch.c
index bc6278c4032c..0c5cc2623079 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -2394,9 +2394,11 @@ do_ed_script (char const *inname, char const *outname,
if (! dry_run && ! skip_rest_of_patch) {
int exclusive = *outname_needs_removal ? 0 : O_EXCL;
- assert (! inerrno);
- *outname_needs_removal = true;
- copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ if (inerrno != ENOENT)
+ {
+ *outname_needs_removal = true;
+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ }
sprintf (buf, "%s %s%s", editor_program,
verbosity == VERBOSE ? "" : "- ",
outname);
--
2.16.3

157
bsp/buildroot/package/patch/0003-Fix-arbitrary-command-execution-in-ed-style-patches-.patch Normal file
View File

@@ -0,0 +1,157 @@
From 123eaff0d5d1aebe128295959435b9ca5909c26d Mon Sep 17 00:00:00 2001
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri, 6 Apr 2018 12:14:49 +0200
Subject: [PATCH] Fix arbitrary command execution in ed-style patches
(CVE-2018-1000156)
* src/pch.c (do_ed_script): Write ed script to a temporary file instead
of piping it to ed: this will cause ed to abort on invalid commands
instead of rejecting them and carrying on.
* tests/ed-style: New test case.
* tests/Makefile.am (TESTS): Add test case.
[baruch: drop test hunks to avoid autoreconf]
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Upstream status: commit 123eaff0d5d1
src/pch.c | 91 ++++++++++++++++++++++++++++++++++++++++---------------
tests/Makefile.am | 1 +
tests/ed-style | 41 +++++++++++++++++++++++++
3 files changed, 108 insertions(+), 25 deletions(-)
create mode 100644 tests/ed-style
diff --git a/src/pch.c b/src/pch.c
index 0c5cc2623079..4fd5a05a6f5c 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -33,6 +33,7 @@
# include <io.h>
#endif
#include <safe.h>
+#include <sys/wait.h>
#define INITHUNKMAX 125 /* initial dynamic allocation size */
@@ -2389,24 +2390,28 @@ do_ed_script (char const *inname, char const *outname,
static char const editor_program[] = EDITOR_PROGRAM;
file_offset beginning_of_this_line;
- FILE *pipefp = 0;
size_t chars_read;
+ FILE *tmpfp = 0;
+ char const *tmpname;
+ int tmpfd;
+ pid_t pid;
+
+ if (! dry_run && ! skip_rest_of_patch)
+ {
+ /* Write ed script to a temporary file. This causes ed to abort on
+ invalid commands such as when line numbers or ranges exceed the
+ number of available lines. When ed reads from a pipe, it rejects
+ invalid commands and treats the next line as a new command, which
+ can lead to arbitrary command execution. */
+
+ tmpfd = make_tempfile (&tmpname, 'e', NULL, O_RDWR | O_BINARY, 0);
+ if (tmpfd == -1)
+ pfatal ("Can't create temporary file %s", quotearg (tmpname));
+ tmpfp = fdopen (tmpfd, "w+b");
+ if (! tmpfp)
+ pfatal ("Can't open stream for file %s", quotearg (tmpname));
+ }
- if (! dry_run && ! skip_rest_of_patch) {
- int exclusive = *outname_needs_removal ? 0 : O_EXCL;
- if (inerrno != ENOENT)
- {
- *outname_needs_removal = true;
- copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
- }
- sprintf (buf, "%s %s%s", editor_program,
- verbosity == VERBOSE ? "" : "- ",
- outname);
- fflush (stdout);
- pipefp = popen(buf, binary_transput ? "wb" : "w");
- if (!pipefp)
- pfatal ("Can't open pipe to %s", quotearg (buf));
- }
for (;;) {
char ed_command_letter;
beginning_of_this_line = file_tell (pfp);
@@ -2417,14 +2422,14 @@ do_ed_script (char const *inname, char const *outname,
}
ed_command_letter = get_ed_command_letter (buf);
if (ed_command_letter) {
- if (pipefp)
- if (! fwrite (buf, sizeof *buf, chars_read, pipefp))
+ if (tmpfp)
+ if (! fwrite (buf, sizeof *buf, chars_read, tmpfp))
write_fatal ();
if (ed_command_letter != 'd' && ed_command_letter != 's') {
p_pass_comments_through = true;
while ((chars_read = get_line ()) != 0) {
- if (pipefp)
- if (! fwrite (buf, sizeof *buf, chars_read, pipefp))
+ if (tmpfp)
+ if (! fwrite (buf, sizeof *buf, chars_read, tmpfp))
write_fatal ();
if (chars_read == 2 && strEQ (buf, ".\n"))
break;
@@ -2437,13 +2442,49 @@ do_ed_script (char const *inname, char const *outname,
break;
}
}
- if (!pipefp)
+ if (!tmpfp)
return;
- if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, pipefp) == 0
- || fflush (pipefp) != 0)
+ if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, tmpfp) == 0
+ || fflush (tmpfp) != 0)
write_fatal ();
- if (pclose (pipefp) != 0)
- fatal ("%s FAILED", editor_program);
+
+ if (lseek (tmpfd, 0, SEEK_SET) == -1)
+ pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname));
+
+ if (! dry_run && ! skip_rest_of_patch) {
+ int exclusive = *outname_needs_removal ? 0 : O_EXCL;
+ *outname_needs_removal = true;
+ if (inerrno != ENOENT)
+ {
+ *outname_needs_removal = true;
+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ }
+ sprintf (buf, "%s %s%s", editor_program,
+ verbosity == VERBOSE ? "" : "- ",
+ outname);
+ fflush (stdout);
+
+ pid = fork();
+ if (pid == -1)
+ pfatal ("Can't fork");
+ else if (pid == 0)
+ {
+ dup2 (tmpfd, 0);
+ execl ("/bin/sh", "sh", "-c", buf, (char *) 0);
+ _exit (2);
+ }
+ else
+ {
+ int wstatus;
+ if (waitpid (pid, &wstatus, 0) == -1
+ || ! WIFEXITED (wstatus)
+ || WEXITSTATUS (wstatus) != 0)
+ fatal ("%s FAILED", editor_program);
+ }
+ }
+
+ fclose (tmpfp);
+ safe_unlink (tmpname);
if (ofp)
{
--
2.16.3

2
bsp/buildroot/package/patch/Config.in
View File

@@ -1,5 +1,6 @@
config BR2_PACKAGE_PATCH
bool "patch"
depends on BR2_USE_MMU # fork()
depends on BR2_USE_WCHAR
depends on BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
help
@@ -10,4 +11,5 @@ config BR2_PACKAGE_PATCH
comment "patch needs a toolchain w/ wchar"
depends on !BR2_USE_WCHAR
depends on BR2_USE_MMU
depends on BR2_PACKAGE_BUSYBOX_SHOW_OTHERS

4
bsp/buildroot/package/patch/patch.hash
View File

@@ -1,2 +1,4 @@
# Locally calculated after checking pgp signature
sha256 fd95153655d6b95567e623843a0e77b81612d502ecf78a489a4aed7867caa299 patch-2.7.5.tar.xz
sha256 ac610bda97abe0d9f6b7c963255a11dcb196c25e337c61f94e4778d632f1d8fd patch-2.7.6.tar.xz
# Locally calculated
sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING

2
bsp/buildroot/package/patch/patch.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
PATCH_VERSION = 2.7.5
PATCH_VERSION = 2.7.6
PATCH_SOURCE = patch-$(PATCH_VERSION).tar.xz
PATCH_SITE = $(BR2_GNU_MIRROR)/patch
PATCH_LICENSE = GPLv3+

6
bsp/buildroot/package/postgresql/postgresql.hash
View File

@@ -1,4 +1,4 @@
# From https://ftp.postgresql.org/pub/source/v9.6.6/postgresql-9.6.6.tar.bz2.sha256
sha256 399cdffcb872f785ba67e25d275463d74521566318cfef8fe219050d063c8154 postgresql-9.6.6.tar.bz2
# From https://ftp.postgresql.org/pub/source/v9.6.8/postgresql-9.6.8.tar.bz2.sha256
sha256 eafdb3b912e9ec34bdd28b651d00226a6253ba65036cb9a41cad2d9e82e3eb70 postgresql-9.6.8.tar.bz2
# License file, Locally calculated
sha256 7dc8de32741ad1b03e21710771b55a1b9d460671d47f28a8840f917e38c66676 COPYRIGHT
sha256 24cfc70cf16b3a23242c49ffce39510683bdd48cbedb8a46fe03976ee5f5c21e COPYRIGHT

2
bsp/buildroot/package/postgresql/postgresql.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
POSTGRESQL_VERSION = 9.6.6
POSTGRESQL_VERSION = 9.6.8
POSTGRESQL_SOURCE = postgresql-$(POSTGRESQL_VERSION).tar.bz2
POSTGRESQL_SITE = http://ftp.postgresql.org/pub/source/v$(POSTGRESQL_VERSION)
POSTGRESQL_LICENSE = PostgreSQL

1
bsp/buildroot/package/python-webpy/Config.in
View File

@@ -1,6 +1,7 @@
config BR2_PACKAGE_PYTHON_WEBPY
bool "python-webpy"
depends on BR2_PACKAGE_PYTHON
select BR2_PACKAGE_PYTHON_HASHLIB
help
web.py is a web framework for Python that is as simple as it is
powerful.

4
bsp/buildroot/package/python-webpy/python-webpy.hash
View File

@@ -1,2 +1,4 @@
# Locally computed
sha256 c3cb8930739294103b1ad109e5fd1d0efae67c06d5b6d59fce5b5a2ee6b21624 python-webpy-webpy-0.37.tar.gz
sha256 f074241a0b839408a0b9840ade1198e16fbd6aa6393a48a0e84f73b545baab9a python-webpy-webpy-0.39.tar.gz
sha256 3826fd531a9b904841f5e3560fcda7e93f2ab8d11ef124ec65e10625efa26c34 LICENSE.txt
sha256 7347fd17bfd33c4093c31dc77076733e1e0150ce8c13296c56dc042bbecede84 web/wsgiserver/LICENSE.txt

4
bsp/buildroot/package/python-webpy/python-webpy.mk
View File

@@ -4,9 +4,9 @@
#
################################################################################
PYTHON_WEBPY_VERSION = webpy-0.37
PYTHON_WEBPY_VERSION = webpy-0.39
PYTHON_WEBPY_SITE = $(call github,webpy,webpy,$(PYTHON_WEBPY_VERSION))
PYTHON_WEBPY_SETUP_TYPE = distutils
PYTHON_WEBPY_SETUP_TYPE = setuptools
PYTHON_WEBPY_LICENSE = Public Domain, CherryPy License
PYTHON_WEBPY_LICENSE_FILES = LICENSE.txt web/wsgiserver/LICENSE.txt

2
bsp/buildroot/package/qt5/qt53d/qt53d.mk
View File

@@ -6,7 +6,7 @@
QT53D_VERSION = $(QT5_VERSION)
QT53D_SITE = $(QT5_SITE)
QT53D_SOURCE = qt3d-opensource-src-$(QT5SVG_VERSION).tar.xz
QT53D_SOURCE = qt3d-opensource-src-$(QT53D_VERSION).tar.xz
QT53D_DEPENDENCIES = qt5base qt5declarative
QT53D_INSTALL_STAGING = YES

2
bsp/buildroot/package/qt5/qt5tools/qt5tools.mk
View File

@@ -6,7 +6,7 @@
QT5TOOLS_VERSION = $(QT5_VERSION)
QT5TOOLS_SITE = $(QT5_SITE)
QT5TOOLS_SOURCE = qttools-opensource-src-$(QT5BASE_VERSION).tar.xz
QT5TOOLS_SOURCE = qttools-opensource-src-$(QT5TOOLS_VERSION).tar.xz
QT5TOOLS_DEPENDENCIES = qt5base
QT5TOOLS_INSTALL_STAGING = YES

69
bsp/buildroot/package/quagga/0005-bgpd-security-invalid-attr-length-sends-NOTIFY-with-.patch Normal file
View File

@@ -0,0 +1,69 @@
From cc2e6770697e343f4af534114ab7e633d5beabec Mon Sep 17 00:00:00 2001
From: Paul Jakma <paul@jakma.org>
Date: Wed, 3 Jan 2018 23:57:33 +0000
Subject: [PATCH] bgpd/security: invalid attr length sends NOTIFY with data
overrun
Security issue: Quagga-2018-0543
See: https://www.quagga.net/security/Quagga-2018-0543.txt
* bgpd/bgp_attr.c: (bgp_attr_parse) An invalid attribute length is correctly
checked, and a NOTIFY prepared. The NOTIFY can include the incorrect
received data with the NOTIFY, for debug purposes. Commit
c69698704806a9ac5 modified the code to do that just, and also send the
malformed attr with the NOTIFY. However, the invalid attribute length was
used as the length of the data to send back.
The result is a read past the end of data, which is then written to the
NOTIFY message and sent to the peer.
A configured BGP peer can use this bug to read up to 64 KiB of memory from
the bgpd process, or crash the process if the invalid read is caught by
some means (unmapped page and SEGV, or other mechanism) resulting in a DoS.
This bug _ought_ /not/ be exploitable by anything other than the connected
BGP peer, assuming the underlying TCP transport is secure. For no BGP
peer should send on an UPDATE with this attribute. Quagga will not, as
Quagga always validates the attr header length, regardless of type.
However, it is possible that there are BGP implementations that do not
check lengths on some attributes (e.g. optional/transitive ones of a type
they do not recognise), and might pass such malformed attrs on. If such
implementations exists and are common, then this bug might be triggerable
by BGP speakers further hops away. Those peers will not receive the
NOTIFY (unless they sit on a shared medium), however they might then be
able to trigger a DoS.
Fix: use the valid bound to calculate the length.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
bgpd/bgp_attr.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
index ef58beb1..9564637e 100644
--- a/bgpd/bgp_attr.c
+++ b/bgpd/bgp_attr.c
@@ -2147,6 +2147,8 @@ bgp_attr_parse (struct peer *peer, struct attr *attr, bgp_size_t size,
memset (seen, 0, BGP_ATTR_BITMAP_SIZE);
/* End pointer of BGP attribute. */
+ assert (size <= stream_get_size (BGP_INPUT (peer)));
+ assert (size <= stream_get_endp (BGP_INPUT (peer)));
endp = BGP_INPUT_PNT (peer) + size;
/* Get attributes to the end of attribute length. */
@@ -2228,7 +2230,7 @@ bgp_attr_parse (struct peer *peer, struct attr *attr, bgp_size_t size,
bgp_notify_send_with_data (peer,
BGP_NOTIFY_UPDATE_ERR,
BGP_NOTIFY_UPDATE_ATTR_LENG_ERR,
- startp, attr_endp - startp);
+ startp, endp - startp);
return BGP_ATTR_PARSE_ERROR;
}
--
2.11.0

112
bsp/buildroot/package/quagga/0006-bgpd-security-Fix-double-free-of-unknown-attribute.patch Normal file
View File

@@ -0,0 +1,112 @@
From e69b535f92eafb599329bf725d9b4c6fd5d7fded Mon Sep 17 00:00:00 2001
From: Paul Jakma <paul@jakma.org>
Date: Sat, 6 Jan 2018 19:52:10 +0000
Subject: [PATCH] bgpd/security: Fix double free of unknown attribute
Security issue: Quagga-2018-1114
See: https://www.quagga.net/security/Quagga-2018-1114.txt
It is possible for bgpd to double-free an unknown attribute. This can happen
via bgp_update_receive receiving an UPDATE with an invalid unknown attribute.
bgp_update_receive then will call bgp_attr_unintern_sub and bgp_attr_flush,
and the latter may try free an already freed unknown attr.
* bgpd/bgp_attr.c: (transit_unintern) Take a pointer to the caller's storage
for the (struct transit *), so that transit_unintern can NULL out the
caller's reference if the (struct transit) is freed.
(cluster_unintern) By inspection, appears to have a similar issue.
(bgp_attr_unintern_sub) adjust for above.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
bgpd/bgp_attr.c | 33 +++++++++++++++++++--------------
bgpd/bgp_attr.h | 4 ++--
2 files changed, 21 insertions(+), 16 deletions(-)
diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
index 9564637e..0c2806b5 100644
--- a/bgpd/bgp_attr.c
+++ b/bgpd/bgp_attr.c
@@ -199,15 +199,17 @@ cluster_intern (struct cluster_list *cluster)
}
void
-cluster_unintern (struct cluster_list *cluster)
+cluster_unintern (struct cluster_list **cluster)
{
- if (cluster->refcnt)
- cluster->refcnt--;
+ struct cluster_list *c = *cluster;
+ if (c->refcnt)
+ c->refcnt--;
- if (cluster->refcnt == 0)
+ if (c->refcnt == 0)
{
- hash_release (cluster_hash, cluster);
- cluster_free (cluster);
+ hash_release (cluster_hash, c);
+ cluster_free (c);
+ *cluster = NULL;
}
}
@@ -357,15 +359,18 @@ transit_intern (struct transit *transit)
}
void
-transit_unintern (struct transit *transit)
+transit_unintern (struct transit **transit)
{
- if (transit->refcnt)
- transit->refcnt--;
+ struct transit *t = *transit;
+
+ if (t->refcnt)
+ t->refcnt--;
- if (transit->refcnt == 0)
+ if (t->refcnt == 0)
{
- hash_release (transit_hash, transit);
- transit_free (transit);
+ hash_release (transit_hash, t);
+ transit_free (t);
+ *transit = NULL;
}
}
@@ -820,11 +825,11 @@ bgp_attr_unintern_sub (struct attr *attr)
UNSET_FLAG(attr->flag, ATTR_FLAG_BIT (BGP_ATTR_LARGE_COMMUNITIES));
if (attr->extra->cluster)
- cluster_unintern (attr->extra->cluster);
+ cluster_unintern (&attr->extra->cluster);
UNSET_FLAG(attr->flag, ATTR_FLAG_BIT (BGP_ATTR_CLUSTER_LIST));
if (attr->extra->transit)
- transit_unintern (attr->extra->transit);
+ transit_unintern (&attr->extra->transit);
}
}
diff --git a/bgpd/bgp_attr.h b/bgpd/bgp_attr.h
index 9ff074b2..052acc7d 100644
--- a/bgpd/bgp_attr.h
+++ b/bgpd/bgp_attr.h
@@ -187,10 +187,10 @@ extern unsigned long int attr_unknown_count (void);
/* Cluster list prototypes. */
extern int cluster_loop_check (struct cluster_list *, struct in_addr);
-extern void cluster_unintern (struct cluster_list *);
+extern void cluster_unintern (struct cluster_list **);
/* Transit attribute prototypes. */
-void transit_unintern (struct transit *);
+void transit_unintern (struct transit **);
/* Below exported for unit-test purposes only */
struct bgp_attr_parser_args {
--
2.11.0

114
bsp/buildroot/package/quagga/0007-bgpd-security-debug-print-of-received-NOTIFY-data-ca.patch Normal file
View File

@@ -0,0 +1,114 @@
From 9e5251151894aefdf8e9392a2371615222119ad8 Mon Sep 17 00:00:00 2001
From: Paul Jakma <paul@jakma.org>
Date: Sat, 6 Jan 2018 22:31:52 +0000
Subject: [PATCH] bgpd/security: debug print of received NOTIFY data can
over-read msg array
Security issue: Quagga-2018-1550
See: https://www.quagga.net/security/Quagga-2018-1550.txt
* bgpd/bgp_debug.c: (struct message) Nearly every one of the NOTIFY
code/subcode message arrays has their corresponding size variables off
by one, as most have 1 as first index.
This means (bgp_notify_print) can cause mes_lookup to overread the (struct
message) by 1 pointer value if given an unknown index.
Fix the bgp_notify_..._msg_max variables to use the compiler to calculate
the correct sizes.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
bgpd/bgp_debug.c | 21 ++++++++++++---------
1 file changed, 12 insertions(+), 9 deletions(-)
diff --git a/bgpd/bgp_debug.c b/bgpd/bgp_debug.c
index ba797228..43faee7c 100644
--- a/bgpd/bgp_debug.c
+++ b/bgpd/bgp_debug.c
@@ -29,6 +29,7 @@ Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
#include "log.h"
#include "sockunion.h"
#include "filter.h"
+#include "memory.h"
#include "bgpd/bgpd.h"
#include "bgpd/bgp_aspath.h"
@@ -73,7 +74,8 @@ const struct message bgp_status_msg[] =
{ Clearing, "Clearing" },
{ Deleted, "Deleted" },
};
-const int bgp_status_msg_max = BGP_STATUS_MAX;
+#define BGP_DEBUG_MSG_MAX(msg) const int msg ## _max = array_size (msg)
+BGP_DEBUG_MSG_MAX (bgp_status_msg);
/* BGP message type string. */
const char *bgp_type_str[] =
@@ -84,7 +86,8 @@ const char *bgp_type_str[] =
"NOTIFICATION",
"KEEPALIVE",
"ROUTE-REFRESH",
- "CAPABILITY"
+ "CAPABILITY",
+ NULL,
};
/* message for BGP-4 Notify */
@@ -98,15 +101,15 @@ static const struct message bgp_notify_msg[] =
{ BGP_NOTIFY_CEASE, "Cease"},
{ BGP_NOTIFY_CAPABILITY_ERR, "CAPABILITY Message Error"},
};
-static const int bgp_notify_msg_max = BGP_NOTIFY_MAX;
+BGP_DEBUG_MSG_MAX (bgp_notify_msg);
static const struct message bgp_notify_head_msg[] =
{
{ BGP_NOTIFY_HEADER_NOT_SYNC, "/Connection Not Synchronized"},
{ BGP_NOTIFY_HEADER_BAD_MESLEN, "/Bad Message Length"},
- { BGP_NOTIFY_HEADER_BAD_MESTYPE, "/Bad Message Type"}
+ { BGP_NOTIFY_HEADER_BAD_MESTYPE, "/Bad Message Type"},
};
-static const int bgp_notify_head_msg_max = BGP_NOTIFY_HEADER_MAX;
+BGP_DEBUG_MSG_MAX (bgp_notify_head_msg);
static const struct message bgp_notify_open_msg[] =
{
@@ -119,7 +122,7 @@ static const struct message bgp_notify_open_msg[] =
{ BGP_NOTIFY_OPEN_UNACEP_HOLDTIME, "/Unacceptable Hold Time"},
{ BGP_NOTIFY_OPEN_UNSUP_CAPBL, "/Unsupported Capability"},
};
-static const int bgp_notify_open_msg_max = BGP_NOTIFY_OPEN_MAX;
+BGP_DEBUG_MSG_MAX (bgp_notify_open_msg);
static const struct message bgp_notify_update_msg[] =
{
@@ -136,7 +139,7 @@ static const struct message bgp_notify_update_msg[] =
{ BGP_NOTIFY_UPDATE_INVAL_NETWORK, "/Invalid Network Field"},
{ BGP_NOTIFY_UPDATE_MAL_AS_PATH, "/Malformed AS_PATH"},
};
-static const int bgp_notify_update_msg_max = BGP_NOTIFY_UPDATE_MAX;
+BGP_DEBUG_MSG_MAX (bgp_notify_update_msg);
static const struct message bgp_notify_cease_msg[] =
{
@@ -150,7 +153,7 @@ static const struct message bgp_notify_cease_msg[] =
{ BGP_NOTIFY_CEASE_COLLISION_RESOLUTION, "/Connection collision resolution"},
{ BGP_NOTIFY_CEASE_OUT_OF_RESOURCE, "/Out of Resource"},
};
-static const int bgp_notify_cease_msg_max = BGP_NOTIFY_CEASE_MAX;
+BGP_DEBUG_MSG_MAX (bgp_notify_cease_msg);
static const struct message bgp_notify_capability_msg[] =
{
@@ -159,7 +162,7 @@ static const struct message bgp_notify_capability_msg[] =
{ BGP_NOTIFY_CAPABILITY_INVALID_LENGTH, "/Invalid Capability Length"},
{ BGP_NOTIFY_CAPABILITY_MALFORMED_CODE, "/Malformed Capability Value"},
};
-static const int bgp_notify_capability_msg_max = BGP_NOTIFY_CAPABILITY_MAX;
+BGP_DEBUG_MSG_MAX (bgp_notify_capability_msg);
/* Origin strings. */
const char *bgp_origin_str[] = {"i","e","?"};
--
2.11.0

43
bsp/buildroot/package/quagga/0008-bgpd-security-fix-infinite-loop-on-certain-invalid-O.patch Normal file
View File

@@ -0,0 +1,43 @@
From ce07207c50a3d1f05d6dd49b5294282e59749787 Mon Sep 17 00:00:00 2001
From: Paul Jakma <paul@jakma.org>
Date: Sat, 6 Jan 2018 21:20:51 +0000
Subject: [PATCH] bgpd/security: fix infinite loop on certain invalid OPEN
messages
Security issue: Quagga-2018-1975
See: https://www.quagga.net/security/Quagga-2018-1975.txt
* bgpd/bgp_packet.c: (bgp_capability_msg_parse) capability parser can infinite
loop due to checks that issue 'continue' without bumping the input
pointer.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
bgpd/bgp_packet.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c
index b3d601fc..f9338d8d 100644
--- a/bgpd/bgp_packet.c
+++ b/bgpd/bgp_packet.c
@@ -2328,7 +2328,8 @@ bgp_capability_msg_parse (struct peer *peer, u_char *pnt, bgp_size_t length)
end = pnt + length;
- while (pnt < end)
+ /* XXX: Streamify this */
+ for (; pnt < end; pnt += hdr->length + 3)
{
/* We need at least action, capability code and capability length. */
if (pnt + 3 > end)
@@ -2416,7 +2417,6 @@ bgp_capability_msg_parse (struct peer *peer, u_char *pnt, bgp_size_t length)
zlog_warn ("%s unrecognized capability code: %d - ignored",
peer->host, hdr->code);
}
- pnt += hdr->length + 3;
}
return 0;
}
--
2.11.0

45
bsp/buildroot/package/rsync/0001-Check-fname-in-recv_files-sooner.patch
View File

@@ -1,45 +0,0 @@
From 3e06d40029cfdce9d0f73d87cfd4edaf54be9c51 Mon Sep 17 00:00:00 2001
From: Jeriko One <jeriko.one@gmx.us>
Date: Thu, 2 Nov 2017 23:44:19 -0700
Subject: [PATCH] Check fname in recv_files sooner.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Patch status: upstream commit 3e06d40029c
receiver.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/receiver.c b/receiver.c
index baae3a919cdd..9fdafa152cb3 100644
--- a/receiver.c
+++ b/receiver.c
@@ -574,6 +574,12 @@ int recv_files(int f_in, int f_out, char *local_name)
file = dir_flist->files[cur_flist->parent_ndx];
fname = local_name ? local_name : f_name(file, fbuf);
+ if (daemon_filter_list.head
+ && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) {
+ rprintf(FERROR, "attempt to hack rsync failed.\n");
+ exit_cleanup(RERR_PROTOCOL);
+ }
+
if (DEBUG_GTE(RECV, 1))
rprintf(FINFO, "recv_files(%s)\n", fname);
@@ -645,12 +651,6 @@ int recv_files(int f_in, int f_out, char *local_name)
cleanup_got_literal = 0;
- if (daemon_filter_list.head
- && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) {
- rprintf(FERROR, "attempt to hack rsync failed.\n");
- exit_cleanup(RERR_PROTOCOL);
- }
-
if (read_batch) {
int wanted = redoing
? we_want_redo(ndx)
--
2.15.0

39
bsp/buildroot/package/rsync/0002-Sanitize-xname-in-read_ndx_and_attrs.patch
View File

@@ -1,39 +0,0 @@
From 70aeb5fddd1b2f8e143276f8d5a085db16c593b9 Mon Sep 17 00:00:00 2001
From: Jeriko One <jeriko.one@gmx.us>
Date: Thu, 16 Nov 2017 17:05:42 -0800
Subject: [PATCH] Sanitize xname in read_ndx_and_attrs.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Patch status: upstream commit 70aeb5fddd
rsync.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/rsync.c b/rsync.c
index b82e59881018..a0945ba4e7f5 100644
--- a/rsync.c
+++ b/rsync.c
@@ -49,6 +49,7 @@ extern int flist_eof;
extern int file_old_total;
extern int keep_dirlinks;
extern int make_backups;
+extern int sanitize_paths;
extern struct file_list *cur_flist, *first_flist, *dir_flist;
extern struct chmod_mode_struct *daemon_chmod_modes;
#ifdef ICONV_OPTION
@@ -396,6 +397,11 @@ int read_ndx_and_attrs(int f_in, int f_out, int *iflag_ptr, uchar *type_ptr,
if (iflags & ITEM_XNAME_FOLLOWS) {
if ((len = read_vstring(f_in, buf, MAXPATHLEN)) < 0)
exit_cleanup(RERR_PROTOCOL);
+
+ if (sanitize_paths) {
+ sanitize_path(buf, buf, "", 0, SP_DEFAULT);
+ len = strlen(buf);
+ }
} else {
*buf = '\0';
len = -1;
--
2.15.0

28
bsp/buildroot/package/rsync/0003-Check-daemon-filter-against-fnamecmp-in-recv_files.patch
View File

@@ -1,28 +0,0 @@
From 5509597decdbd7b91994210f700329d8a35e70a1 Mon Sep 17 00:00:00 2001
From: Jeriko One <jeriko.one@gmx.us>
Date: Thu, 16 Nov 2017 17:26:03 -0800
Subject: [PATCH] Check daemon filter against fnamecmp in recv_files().
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Patch status: upstream commit 5509597dec
receiver.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/receiver.c b/receiver.c
index 9fdafa152cb3..9c46242e013c 100644
--- a/receiver.c
+++ b/receiver.c
@@ -722,7 +722,7 @@ int recv_files(int f_in, int f_out, char *local_name)
break;
}
if (!fnamecmp || (daemon_filter_list.head
- && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0)) {
+ && check_filter(&daemon_filter_list, FLOG, fnamecmp, 0) < 0)) {
fnamecmp = fname;
fnamecmp_type = FNAMECMP_FNAME;
}
--
2.15.0

33
bsp/buildroot/package/rsync/0004-Enforce-trailing-0-when-receiving-xattr-name-values.patch
View File

@@ -1,33 +0,0 @@
From 47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1 Mon Sep 17 00:00:00 2001
From: Wayne Davison <wayned@samba.org>
Date: Sun, 5 Nov 2017 11:33:15 -0800
Subject: [PATCH] Enforce trailing \0 when receiving xattr name values. Fixes
bug 13112.
Fixes CVE-2017-16548
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
Patch status: upstream commit 47a63d90e7
xattrs.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/xattrs.c b/xattrs.c
index 68305d75..4867e6f5 100644
--- a/xattrs.c
+++ b/xattrs.c
@@ -824,6 +824,10 @@ void receive_xattr(int f, struct file_struct *file)
out_of_memory("receive_xattr");
name = ptr + dget_len + extra_len;
read_buf(f, name, name_len);
+ if (name_len < 1 || name[name_len-1] != '\0') {
+ rprintf(FERROR, "Invalid xattr name received (missing trailing \\0).\n");
+ exit_cleanup(RERR_FILEIO);
+ }
if (dget_len == datum_len)
read_buf(f, ptr, dget_len);
else {
--
2.11.0

5
bsp/buildroot/package/rsync/rsync.hash
View File

@@ -1,2 +1,5 @@
# Locally calculated after checking pgp signature
sha256 ecfa62a7fa3c4c18b9eccd8c16eaddee4bd308a76ea50b5c02a5840f09c0a1c2 rsync-3.1.2.tar.gz
# https://download.samba.org/pub/rsync/src/rsync-3.1.3.tar.gz.asc
sha256 55cc554efec5fdaad70de921cd5a5eeb6c29a95524c715f3bbf849235b0800c0 rsync-3.1.3.tar.gz
# Locally calculated
sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING

2
bsp/buildroot/package/rsync/rsync.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
RSYNC_VERSION = 3.1.2
RSYNC_VERSION = 3.1.3
RSYNC_SITE = http://rsync.samba.org/ftp/rsync/src
RSYNC_LICENSE = GPLv3+
RSYNC_LICENSE_FILES = COPYING

2
bsp/buildroot/package/samba4/samba4.hash
View File

@@ -1,2 +1,2 @@
# Locally calculated
sha256 811bf727892a1e1e3d170eb72eb39c43d06ed8ff557e5e036a41aabc19008e94 samba-4.5.15.tar.gz
sha256 3a3356faab1694680e2ccd7fdf051ab1bbd3b0d058fc1f671e135dd2d1eae1aa samba-4.5.16.tar.gz

2
bsp/buildroot/package/samba4/samba4.mk
View File

@@ -4,7 +4,7 @@
#
################################################################################
SAMBA4_VERSION = 4.5.15
SAMBA4_VERSION = 4.5.16
SAMBA4_SITE = https://download.samba.org/pub/samba/stable
SAMBA4_SOURCE = samba-$(SAMBA4_VERSION).tar.gz
SAMBA4_INSTALL_STAGING = YES

3
bsp/buildroot/package/sngrep/sngrep.mk
View File

@@ -23,7 +23,8 @@ SNGREP_DEPENDENCIES += openssl
SNGREP_CONF_OPTS += --with-openssl --without-gnutls
# gnutls support also requires libgcrypt
else ifeq ($(BR2_PACKAGE_GNUTLS)$(BR2_PACKAGE_LIBGCRYPT),yy)
SNGREP_DEPENDENCIES += gnutls
SNGREP_CONF_ENV += LIBGCRYPT_CONFIG=$(STAGING_DIR)/usr/bin/libgcrypt-config
SNGREP_DEPENDENCIES += gnutls libgcrypt
SNGREP_CONF_OPTS += --with-gnutls --without-openssl
else
SNGREP_CONF_OPTS += --without-gnutls --without-openssl

Some files were not shown because too many files have changed in this diff Show More