Without this patch, systemd complains on startup with messages similar
to:
systemd-tmpfiles[128]: /etc/tmpfiles.d/connman_resolvconf.conf:1: Line references path below legacy directory /var/run/, updating /var/run/connman → /run/connman; please update the tmpfiles.d/ drop-in file accordingly.
systemd-tmpfiles[172]: /etc/tmpfiles.d/connman_resolvconf.conf:1: Line references path below legacy directory /var/run/, updating /var/run/connman → /run/connman; please update the tmpfiles.d/ drop-in file accordingly.
By default, connman will use "/var/run/connman" for runstatedir
instead of the now recommended "/run/connman".
(From OE-Core rev: 52268f077af4fd21ac93623017160cb474bbef00)
Signed-off-by: Marc Ferland <ferlandm@amotus.ca>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8d17776765a99a4ae327797206ef2a8a735ce87b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
An automated conversion using scripts/contrib/convert-spdx-licenses.py to
convert to use the standard SPDX license identifiers. Two recipes in meta-selftest
were not converted as they're that way specifically for testing. A change in
linux-firmware was also skipped and may need a more manual tweak.
(From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
qemu kernel itself is nowdays perfectly capable of setting up
what was passed in via ip=:
[ 1.676847] IP-Config: Complete:
[ 1.677768] device=eth0, hwaddr=52:54:00:12:34:02, ipaddr=192.168.7.2, mask=255.255.255.0, gw=192.168.7.1
[ 1.679933] host=192.168.7.2, domain=, nis-domain=(none)
[ 1.681201] bootserver=255.255.255.255, rootserver=255.255.255.255, rootpath=
[ 1.681203] nameserver0=8.8.8.8
connman-conf only does the same thing again by (badly and incompletely)
parsing those parameters with sed.
(From OE-Core rev: 3c25b89720417a7b1963f0a32c870208a5803950)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There is uncertainty about the default branch name in git going forward.
To try and cover the different possible outcomes, add branch names to all
git:// and gitsm:// SRC_URI entries.
This update was made with the script added to contrib in this patch which
aims to help others convert other layers.
(From OE-Core rev: b51c405faf6f8c0365f7533bfaf470d79152a463)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upstream database uses both "connman" and "connection_manager" to report CVEs
(From OE-Core rev: eadf7bb17289731be9747822e3d4084ab69cf109)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Repo-wide replacement to use newer variable to represent systemd
system unitdir directory.
(From OE-Core rev: 5ace3ada5c54500c71becc8e0c6eddeb8bc053e3)
Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
(From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The licenses were renamed to match their SPDX names, fix the
references in LIC_FILES_CHKSUM in OE-Core.
(From OE-Core rev: 9af48917cfe583d2db9e1e088c7e396fcf638949)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bug fix only and includes two security fixes:
CVE-2021-26675
CVE-2021-26676
Changelog:
- Fix issue with scanning state synchronization and iwd.
- Fix issue with invalid key with 4-way handshake offloading.
- Fix issue with DNS proxy length checks to prevent buffer overflow.
- Fix issue with DHCP leaking stack data via uninitialized variable.
[Yocto #14231]
(From OE-Core rev: eb20fd47d738f469f7bbeb4b8d85040f9163722b)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Without further examples of how this is failing revert as using both
together is a valid use case, for example connman handling Wifi/AP
and systemd-networkd handling more complex routing such as for
containers and ethernet switches.
This reverts commit 5303420ead25817f5caec276b79eec7ee797271a.
(From OE-Core rev: 99d55bd094fe3d12724d77af3f15e2494cad4e0d)
Signed-off-by: Jack Mitchell <ml@embed.me.uk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Do not run systemd-networkd and connman simultaneously. These two
network managers may conflict with each other.
(From OE-Core rev: 5303420ead25817f5caec276b79eec7ee797271a)
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A directory can be specified in SRC_URI, there is no need to use
globbing. This means that the files are checksummed correctly and
the recipe rebuilds when the files change as globbing breaks that.
We're about to remove the use of globbing in SRC_URI so improve these.
(From OE-Core rev: 007c7d7ebe6b6b7b18c84f4f57b09ffee5522807)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When vpnc support is included through PACKAGECONFIG, there
is now an extra vpn-script coming after the atest upgrade,
include that script into FILES so it gets packaged.
(From OE-Core rev: 2873d4afac0845955e0811281203a39f4074b2c3)
Signed-off-by: Alejandro Hernandez Samaniego <alejandro@enedino.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Most of these were unused, remaining in the inc files long after the
PR values were removed from the recipes.
The only two which did anything wre in xorg-font and for those,
bump PR by hand and remove the INC_PR to clean up all references.
This kind of change is much better handled by PRServ now.
(From OE-Core rev: 3fdd772b419bbecb1fac1efae874a8f160f2112d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The client depends on readline which is GPLv3. Add a PACKAGECONFIG so users who
don't need the client and are against GPLv3 can disable it.
Also remove the explicit installation of the client in do_install_append, as the
Makefile installs it now.
(From OE-Core rev: 84b082be0a879153d9af8e093b6823d49c2621b8)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
nf_tables_inet.ko and nf_tables_ipv4.ko and nf_tables_ipv6.o
(and nf_tables_arp.ko and nf_tables_netdev.ko) were merged into
the core nf_tables.ko before v4.17 in kernel commit
02c7b25e5f54 netfilter: nf_tables: build-in filter chain type
nf_meta.ko was merged to be a builtin of nf_tables.ko before
v4.18 in kernel commit
8a22543c8e70 netfilter: nf_tables: make meta expression builtin
(From OE-Core rev: 98715c9dc8dd925cffce9bd5d57172206d1e2a7b)
Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Besides checking DISTRO_FEATURES for required or conflicting features,
being able to check MACHINE_FEATURES and/or COMBINED_FEATURES may also
be useful at times.
Temporarily support the old class name with a warning about future
deprecation.
(From OE-Core rev: 5f4875b950ce199e91f99c8e945a0c709166dc14)
Signed-off-by: Denys Dmytriyenko <denys@ti.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The connman-wait-online package currently isn't marked as
systemd-enabled package. This means it is impossible to
auto-enable the service during image creation or package
installation, as no preset files and no pkg_postinst()
snippet is being created.
This change should have been done as part of the
upgrade to v1.31
Note:
connman-wait-online is needed when connman is in use
in more complex network/interface setups for systemd's
network-online.target to report success.
systemd-networkd's systemd-networkd-wait-online.service
alone doesn't work in such scenarios and simply times
out, as it know nothing about the expected network/
interface configuration, meaning the target doesn't
boot successfully (systemctl list-units --failed),
and long delays are seen, caused by waiting for the
systemd-networkd-wait-online.service timeout.
(From OE-Core rev: 1a8d18eeee6dc188d8becc778bfa933031490781)
Signed-off-by: André Draszik <git@andred.net>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
bluez4 was removed from meta-oe 2 years ago.
Simplfy the setup of the two level bluetooth and bluez4/bluez5
distro features by removing the bluez4/bluez5 distro features.
This also removes the no longer required bluetooth class.
(From OE-Core rev: dcf889e93401f7c4de0055d53271eacc3882eccc)
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
musl > v1.1.21 changed the implementation of the freeaddrinfo() function
not allowing anymore to pass null pointers to it.
This was causing a segmentation fault in connman.
(From OE-Core rev: a9bf875af4a5133e4f0e3039a76b1dfc6d5d1f63)
Signed-off-by: Nicola Lunghi <nick83ola@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* import 2 fixes from LuneOS
* with l2tp PACKAGECONFIG enabled connman depends on MACHINE_ARCH xl2tpd:
=== Comparing signatures for task do_package_write_ipk.sigdata between hammerhead and mako ===
ERROR: connman different signature for task do_package_write_ipk.sigdata between hammerhead and mako
NOTE: Starting bitbake server...
Hash for dependent task xl2tpd/xl2tpd_git.bb.do_packagedata changed from 6312d5711b5c2c1a85ee235d09bf37a8ec00f7ad9e7248c087bb83ef1d5bd078 to c0d3ef52b37bda945d8b2a015980ddb8fe7b4b3dca3d82d71a84176cc5125142
Unable to find matching sigdata for /OE/build/luneos-master/webos-ports/meta-openembedded/meta-networking/recipes-protocols/xl2tpd/xl2tpd_git.bb.do_packagedata with hashes 6312d5711b5c2c1a85ee235d09bf37a8ec00f7ad9e7248c087bb83ef1d5bd078 or c0d3ef52b37bda945d8b2a015980ddb8fe7b4b3dca3d82d71a84176cc5125142
(From OE-Core rev: ba89fea0e443e1492000b7114f32edf15819a151)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Removed patch has been upstreamed.
Changelog:
- Fix issue with handling invalid gateway addresses.
- Fix issue with handling updates of default gateway.
- Fix issue with DHCP servers that require broadcast flag.
- Add support for option to use gateways as time servers.
- Add support for option to select default technology.
- Add support for Address Conflict Detection (ACD).
- Add support for IPv6 iptables management.
(From OE-Core rev: f3c5958268a6fb8146300e4c33512b9f9d3b3c1c)
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Commit 85b76e52d206 "connman: update to 1.36" dropped
0001-inet-Add-prefixlen-to-iproute_default_function.patch
from recipe, but left the patch itself in source tree.
Remove this patch since nobody uses it.
Cc: Oleksandr Kravchuk <dev@sashko.rv.ua>
(From OE-Core rev: 484411dda6e0c56fffc5db8a4daaeee5c79ab17c)
Signed-off-by: Ruslan Bilovol <ruslan.bilovol@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix handling of escape characters in regexs and hence fix python
Deprecation warnings which will be problematic in python 3.8.
Note that some show up as:
"""
meta/classes/package.bbclass:1293: DeprecationWarning: invalid escape sequence \.
"""
where the problem isn't on 1293 in package.bbclass but in some _prepend to a
package.bbclass function in a different file like mesa.inc, often from
do_package_split() calls.
(From OE-Core rev: 4b1c0c7d5525fc4cea9e0f02ec54e92a6fbc6199)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- updated connman to v1.36
- removed mainstreamed patches
- includes.patch has been rabased and transformed into git format
(From OE-Core rev: 85b76e52d2060e197435606eb6316c8833b46361)
Signed-off-by: Oleksandr Kravchuk <dev@sashko.rv.ua>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These patches are all upstream now, so mark as Backport.
(From OE-Core rev: 9a84114a279000329c2878a35f197a09217cd1fc)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The upstreamable include-tweaking patches contained fragments that should be in
the not-upstreamable musl-specific res_ninit replacement, so move them to the
right patch.
(From OE-Core rev: 18fd5bc97e6b061eec4be0738f20fcbace6bdafe)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Implement subnet route creation/deletion in session, e.g.
default via 192.168.100.1 dev eth0
192.168.100.0/24 dev eth0
(From OE-Core rev: d6ac8a53d05124cbe34bc6673cb46091b50c7643)
Signed-off-by: Jian Liang <jianliang@tycoint.com>
Signed-off-by: André Draszik <andre.draszik@jci.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is happened when doing wispr against a HTTPS URL
rather than the default one, i.e.
http://ipv4.connman.net/online/status.html
When gnutls_channel is instantiated, the gnutls_channel->established
has to be initiated as FALSE. Otherwise, check_handshake function
won't work. A random initial value 1 of gnutls_channel->established
will make check_handshake return G_IO_STATUS_NORMAL, when the channel
is actually not ready to be used. The observed behaviours are,
- wispr is getting random errors in wispr_portal_web_result
- ConnMan crashes on exit after those random errors
- when wispr is luckly working, ConnMan doesn't crash on exit
(From OE-Core rev: 2ea983d4a187ac62e703e85dce622f70e309be05)
Signed-off-by: Jian Liang <jianliang@tycoint.com>
Signed-off-by: André Draszik <andre.draszik@jci.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When more than one session are created with the same
"AllowedInterface", connman failed to update nat-
postrouting rules when new IP address was got
(From OE-Core rev: 918754c8e855dea07a49e30b6ff1d3e3dd7530c7)
Signed-off-by: Jian Liang <jianliang@tycoint.com>
Signed-off-by: André Draszik <andre.draszik@jci.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Recipes can't rely on IMAGE_FEATURES to determine whether the
resulting packages will be used in an image with read/write or
read-only rootfs because IMAGE_FEATURES is a per-image recipe
variable.
The connman.inc code checked IMAGE_FEATURES to determine whether
/var/run/connman needs to be created via tmpfiles.d when booting a
read-only rootfs. In my tests that is not necessary (anymore?),
something (connman itself?) creates the missing directory.
(From OE-Core rev: 577585375efac8f86223d7549ce39cd70877cbd9)
Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
dnsproxy: Fix crash on malformed DNS response
If the response query string is malformed, we might access memory
pass the end of "name" variable in parse_response().
[YOCTO #11959]
(From OE-Core rev: fb3e30e45eea2042fdb0b667cbc2c79ae3f5a1a9)
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
libc headers now have a backported patch that fixes this.
(From OE-Core rev: 5dc1700ec6ff15aefb8ca540e5b7d3e89a14945b)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When building with nftables support, connman doesn't ever
depend on the nftables command line tool.
connman will depend on libmnl and libnftnl at build and
run time. In addition, the nftables rules it creates
depend on various kernel modules being present.
Update the PACKAGECONFIG to reflect this. We use the
just introduced RRECOMMENDS field so as to make the
build still succeed if those kernel modules have been
linked statically into the kernel, i.e. when the
packages haven't actually been created.
(From OE-Core rev: ed6c92d62be1c98ec9dbf92317d850499d127631)
Signed-off-by: André Draszik <adraszik@tycoint.com>
Acked-by: Sylvain Lemieux <slemieux@tycoint.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Due to recent modifications related to systemd, sysvinit builds began
to show this warning:
WARNING: connman-1.34-r0 do_package: connman: NOT adding alternative
provide /etc/resolv.conf: /etc/resolv-conf.connman does not exist
Fix this warning by making those updates specific to systemd.
(From OE-Core rev: 2a0afa9682d6119f403626ca31cd8c9854637312)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
connman fails to start in systemd based read-only images while creating links:
Jun 08 12:53:56 qemux86-64 systemd[1]: Starting Create Volatile Files
and Directories...
Jun 08 12:53:56 qemux86-64 systemd-tmpfiles[366]:
[[0;1;31msymlink(/var/run/connman/resolv.conf, /etc/resolv.conf) failed:
Read-only file system[[0m
Fix this failure and make connman co-exist with systemd-resolved.
(From OE-Core rev: 732e1f74bb9f5ecc98b29197f6bcab117710adab)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
1.33 -> 1.34
1. Refreshed 0001-Fix-compile-on-musl-with-kernel-4.9-headers.patch
2. Removed upstreamed patch:
0003-stats-Fix-bad-file-descriptor-initialisation.patch
3. Provided PACKAGECONFIGs for nftables and iptables support
4. Add new patch to fix build with nftables:
0001-firewall-nftables-fix-build-with-libnftnl-1.0.7.patch
(From OE-Core rev: dfe40b7abbea36605e4ea8f74ec8e477505148a6)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Kernel headers break when musl defines IFF_LOWER_UP. While
waiting for more proper fix in musl, add a workaround to connman.
(From OE-Core rev: e6178138968717e1bdb7af7b5aed42fc74d956ab)
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
