| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
| |
The configure scripts matches Linux with -fPIC, which is not exactly what
is desired. Since we are already passing $(FPIC), added a CONFIGURE_VAR to
avoid passing -fPIC.
Removed PKG_BUILD_DIR as it is already the default value.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit e2ecf39e8e49e43b4d358853f9da51e3897d042c)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While the -nopad option prevents mksquashfs from padding the
image to an arbitrary 4k. It does not take into consideration
that squashfs is programmed to have this 4k padding when it's
being used on on a block device... which is its main "use-case".
Now, after a week long discussion on the ML that included a
back-and-forth between some of the possible options.
But this is likely the best KISS patch to deal with the issue
right away given the limited resources.
From squashfs code point of view, be warned. The 4k padding is
not enough when dealing with devices that have a PAGE_SIZE
bigger than 4k.
if it turns out to be affecting you, then please look-up either:
"FS#2460 - kernel panic reading squashfs from ubi volume" bug
Or the discussion on the OpenWrt-Devel ML in
"amp821xx: use newly added pad-squashfs for Meraki MR24" and
"Squashfs breakage lottery with UBI..."
before making an educated guess.
Note: This will not affect the "tiny"/small flash devices as
much as it seems at first. This is because the the rootfs_data
partition that follows uses jffs2. And it requires to be aligned
to the flash block-size in order to work at all.
So either the involved FSes will meet in the middle as before,
or not at all. But in that latter case the image was already
hoping for the "undefined behaviour" gamble to turn out in its
favour and this is probably why this was unnoticed for so long.
Fixes: FS#2460
Reported-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 1c0290c5cc6258c48b8ba46b4f9c85a21de4f875)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
So far firmware validation result was binary limited: it was either
successful or not. That meant various limitations, e.g.:
1) Lack of proper feedback on validation problems
2) No way of marking firmware as totally broken (impossible to install)
This change introduces JSON for storing detailed validation info. It
provides a list of performed validation tests and their results. It
allows marking firmware as non-forceable (broken image that can't be
even forced to install).
Example:
{
"tests": {
"fwtool_signature": true,
"fwtool_device_match": true
},
"valid": true,
"forceable": true
}
Implementation is based on *internal* check_image bash script that:
1) Uses existing validation functions
2) Provides helpers for setting extra validation info
This allows e.g. platform_check_image() to call notify_check_broken()
when needed & prevent user from bricking a device.
Right now the new JSON info is used by /sbin/sysupgrade only. It still
doesn't make use of "forceable" as that is planned for later
development.
Further plans for this feature are:
1) Expose firmware validation using some new ubus method
2) Move validation step from /sbin/sysupgrade into "sysupgrade" ubus
method so:
a) It's possible to safely sysupgrade using ubus only
b) /sbin/sysupgrade can be more like just a CLI
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit f522047958f99ab7b506ec550f796c0460af1a85)
|
|
|
|
|
|
|
|
|
|
| |
this allows adding "--" prefixed parameters inside feeds.conf between the
target and name. The first parameter is --force which has the same effect
as using -f when installing any of the packages. This allows creating
feeds that will override base packages by default.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 775b70f8d5dfe9830aaf3b79fc8fb38c8148ee1f)
|
|
|
|
|
|
|
| |
0430252 sysupgrade: add missing _GNU_SOURCE define (FS#2469)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 6e45ba4699eb8424951648cfeddc0a8633f8891e)
|
|
|
|
|
| |
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 5ef3fe614c1e8c350ca0083f61577a89c002bc53)
|
|
|
|
|
|
|
|
| |
This explicitly lets stage2 know if partitions should be preserved. No
more "touch /tmp/sysupgrade.always.overwrite.bootdisk.partmap" hack.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b6f4cd57e19a8cfcd9ff52582b65164ce6213c3d)
|
|
|
|
|
|
|
| |
This explicitly lets stage2 know if config should be preserved.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b534ba96110012d2697d19d71b7dcd60bd4cd375)
|
|
|
|
|
|
|
| |
9558031 system: support passing "options" to the "sysupgrade" ubus method
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 2b1a6d263cc84ac6189447fe971b52d8b34cea51)
|
|
|
|
|
|
|
| |
bf29c1e firewall3: ipset: Handle reload_set properly
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit bd01346bb463d371627739fad539310ef5bd4146)
|
|
|
|
|
|
|
| |
200-uclibc-ng-compat.patch is upstream now.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit 0851ce4ff97260a0fab2a507ee8370e60f78370d)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update iftop to commit 77901c8c53e01359d83b8090aacfe62214658183
git log --pretty=oneline --abbrev-commit 949ed0f7..77901c8c
77901c8 Support scales beyond 1Gbps
Created with the help of the make-package-update-commit.sh script.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit cfd0748497c5c27c6d0f80b0ad3698ffe4428352)
|
|
|
|
|
|
|
|
|
|
| |
957abacf Bump up version number to 1.39.2, LT revision to 32:0:18
83d362c6 Don't read too greedily
a76d0723 Add nghttp2_option_set_max_outbound_ack
db2f612a nghttpx: Fix request stall
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 58f929077f8687adbf75338504f319d054a96153)
|
|
|
|
|
| |
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit f0f5cb26cb7ced03c70063d08c90d211f80b7a31)
|
|
|
|
|
| |
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 26615ededcdc7c6d30c72d77c3a890be1f777b32)
|
|
|
|
|
|
|
|
|
| |
https://sources.lede-openwrt.org now redirects to there
https://downloads.openwrt.org/sources returns 404, so remove it here
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 0f3667864d5391c2d9ace63ccfc83ab270405cc9)
|
|
|
|
|
|
|
|
|
|
| |
The LEDE URL is automatically redirected to the OpenWRT one,
returning an HTTP 301 code (Moved Permanently).
Also, use https, as indicated by the redirect.
Signed-off-by: Luis Araneda <luaraneda@gmail.com>
(cherry picked from commit b39ded4ab7e02cedd50810a206dadd71e1ea7fb7)
|
|
|
|
|
|
|
|
| |
e8f9c22 Revise supported ciphersuites
7e9e269 wolfssl, openssl: use TLS 1.3, set ciphersuites
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit ced2b7bb988426aaece07a78c17d5a7c268e54c4)
|
|
|
|
|
|
|
|
|
|
| |
Update e2fsprogs to 1.45.3
Remove OpenBSD patch
Remove Darwin patch, neither macports or brew patches these files
Add patch to avoid crond detection on host OS
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit 234f7a9e5dccfaa449d75a120ef90080d0715436)
|
|
|
|
|
|
|
| |
Convert leading spaces to tab to match rest of the file.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 7e5a0da6426b3b14bde8798524826b64e16cf219)
|
|
|
|
|
|
|
|
|
|
| |
This commit will activate CONFIG_IEEE80211W for all, but the mini
variant when at least one driver supports it. This will add ieee80211w
support for the mesh variant for example.
Fixes: FS#2397
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 1d4df52c215874a5238ddef7bccf0139f7758c24)
|
|
|
|
|
|
|
| |
The driver was removed from OpenWrt a long time ago.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit f34e8258340f5994a2506bd087fc6e6d4a3d5d5e)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bump to latest git HEAD
509e673 firewall3: Improve ipset support
The enabled option did not work properly for ipsets, as it was not
checked on create/destroy of a set. After this commit, sets are only
created/destroyed if enabled is set to true.
Add support for reloading, or recreating, ipsets on firewall reload. By
setting "reload_set" to true, the set will be destroyed and then
re-created when the firewall is reloaded.
Add support for the counters and comment extensions. By setting
"counters" or "comment" to true, then counters or comments are added to
the set.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 51ffce069424f86e894369cee5cd327dd503db5f)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow overriding the default selection state for Devices, similar to
setting a default for packages.
E.g. by setting DEFAULT to n, they won't be selected by default anymore
when enabling all device in the multi device profile.
This allows preventing images being built by the default config for
known broken devices, devices without enough RAM/flash, or devices not
working with a certain kernel versions.
This does not prevent the devices from being manually selected or images
being built by the ImageBuilder. These devices often still have worth
with a reduced package-set, or as a device for regression testing, when
no better device is available.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
(cherry picked from commit 7546be60074e452751ba2a48eddbc13910bec708)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
generate feeds.buildinfo and version.buildinfo in build dir after
containing the feed revisions (via ./scripts/feeds list -sf) as well as
the current revision of buildroot (via ./scripts/getver.sh).
With this information it should be possible to reproduce any build,
especially the release builds.
Usage would be to move feeds.buildinfo to feeds.conf and git checkout the
revision hash of version.buildinfo.
Content of feeds.buildinfo would look similar to this:
src-git routing https://git.openwrt.org/feed/routing.git^bf475d6
src-git telephony https://git.openwrt.org/feed/telephony.git^470eb8e
...
Content of version.buildinfo would look similar to this:
r10203+1-c12bd3a21b
Without the exact feed revision it is not possible to determine
installed package versions.
Also rename config.seed to config.buildinfo to follow the recommended
style of https://reproducible-builds.org/docs/recording/
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 454021581f630d5d04afeb8ff6581c1bda295c87)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Force prereq again in SDK in order to fix GCC and Python dangling
symlinks:
staging_dir/host/bin/g++ -> /builder/ath79_generic/ccache_cxx.sh
staging_dir/host/bin/gcc -> /builder/ath79_generic/ccache_cc.sh
staging_dir/host/bin/python -> /usr/bin/python3.5
staging_dir/host/bin/python3 -> /usr/bin/python3.5
Ref: FS#2424
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 200f2666fb1c8d9d128824dc5586e0e66386971f)
|
|
|
|
|
|
|
| |
Fixes compile issues with nettle 3.5.1
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 63ced140484e072dddbba39bb729adc98d94d522)
|
|
|
|
|
|
|
|
| |
Update (lib)nettle to 3.5.1
Bump ABI_VERSION
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit 9e489b41b596a768b04b796a9b375d7d005b6ec7)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the commit 623716dd4318 ("comgt-ncm: Fix NCM protocol")
the dependencies to vendor NCM drivers were removed, because:
> comgt-ncm should not depend on the USB-serial-related kernel modules,
> as the cdc-wdm control device works without them. There is also no need
> to depend on kmod-huawei-cdc-ncm, since other manufacturers (like
> Ericsson and Samsung) which use other kernel modules should also be
> supported.
From a user-perspective this does not make sense, as installing comgt-ncm
(or luci-proto-ncm) should install all needed dependencies for using such
a device.
Furthermore depending on kmod-huawei-cdc-ncm does not mean that Ericsson
and Samsung devices can't be supported. By the way it seems that Ericsson
and Samsung devices never used NCM, but act as serial modems.
Thus this commit adds the dependencies again.
Signed-off-by: Vincent Wiemann <vincent.wiemann@ironai.com>
[fixed title capitalization, formatted commit message,
renamed Sony-Ericsson to Ericsson]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit ccb4b96b8a4990178512c7a785f998a5e6f74cc3)
|
|
|
|
|
|
|
| |
This is used by PISEN WMB001N.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit 11182349e1f31f873ebddd69d6b87dec638eaabf)
|
|
|
|
|
|
|
| |
8323690 state: fix shutdown when running in a container (FS#2425)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit d9364c1cbc6a13f1dc2ea8432c98962ed157991f)
|
|
|
|
|
|
|
| |
5e02f94 system-linux: fix resource leak
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit d70a35c365ae607671f8698fee10f29fd9023161)
|
|
|
|
|
|
|
| |
Update (lib)expat to 2.2.7
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit 7270fdb62ff86f7b85c6dfbc0ea4ff0ba5ff9b9e)
|
|
|
|
|
|
|
| |
This fixes compilation with -Werror=implicit-function-declaration.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 1b1c47577bac99bdd8ab9ecde928ab0398f78799)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GCC needs the kernel headers to compile.
Some GCC file includes asm/unistd.h which is provided by the kernel headers.
Normally the kernel headers build is very fast and ready before the gcc uses
it, but if it clones the kernel from a slow git repository it takes longer
and then it could be that the gcc already wants to use the kernel headers
before they are available. This patch fixes this problem by adding the
missing dependency.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
(cherry picked from commit b20156ba704ed8e03d030b2f294d8d19bebd2f71)
|
|
|
|
|
|
|
|
|
|
|
|
| |
This changes the default PKG_BUILD_DIR to take BUILD_VARIANT into
account (if set), so that packages do not need to manually override
PKG_BUILD_DIR just to handle variants.
This also updates most base packages with variants to use the updated
default PKG_BUILD_DIR.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit e545fac8d968864a965edb9e50c6f90940b0a6c9)
|
|
|
|
|
|
|
|
|
|
| |
379c096 Release version 5.2.
2bce6d9 ethtool: Add 100BaseT1 and 1000BaseT1 link modes
67ffbf5 ethtool: sync ethtool-copy.h with linux-next from 30/05/2019
687152b ethtool.spec: Use standard file location macros
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 018395392c2608698201042bbaa180b82eb7120f)
|
|
|
|
|
|
|
| |
de94097 utils: coverity resource leak warning
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit efb7b7a12af55758458cdb945a0833af411289f7)
|
|
|
|
|
| |
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit edd9b39fab46a7231b8662697ba8c10de42d5a66)
|
|
|
|
|
|
|
|
|
| |
When CONFIG_ARM64_MODULE_PLTS=y, arch/arm64/kernel/module.lds is
required to build cryptodev-linux. This updates the sdk to include this
file.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 6e300f6a0c94812d0f4d8f67df6604c763f7552f)
|
|
|
|
|
|
|
|
|
|
| |
Update ccache to 3.7.2
Release notes:
https://ccache.dev/releasenotes.html#_ccache_3_7_2
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 2caf747116337645420653ec003799a8eef69229)
|
|
|
|
|
|
|
| |
Update fortify-headers to 1.1
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit cbe08e6b563438054c1efcb0daa0b965ec902052)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I'm trying to create a package for libgpiod, which uses
AC_CONFIG_AUX_DIR macro, which is probably leading to the following
configure error:
autoreconf: running: /openwrt.git/staging_dir/host/bin/libtoolize --force
OpenWrt-libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, `autostuff'.
OpenWrt-libtoolize: linking file `autostuff/ltmain.sh'
OpenWrt-libtoolize: putting macros in `m4'.
...
configure: error: cannot find install-sh, install.sh, or shtool in autostuff "."/autostuff
>From the build output it's clear, that libtoolize isn't installing
install-sh symlink, because libtoolize would install install-sh only if
it's being run with --install parameter. Corresponding part in
libtoolize:
if $opt_install; then
func_config_update config.guess \
"$pkgdatadir/config" "$auxdir" pkgconfig_header
func_config_update config.sub \
"$pkgdatadir/config" "$auxdir" pkgconfig_header
func_install_update install-sh \
"$pkgdatadir/config" "$auxdir" pkgconfig_header
fi
func_ltmain_update ltmain.sh \
"$pkgdatadir/config" "$auxdir" pkgconfig_header
Adding --install parameter to libtoolize fixes this build issue:
autoreconf: running: /openwrt.git/staging_dir/host/bin/libtoolize --install --force
OpenWrt-libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, `autostuff'.
OpenWrt-libtoolize: linking file `autostuff/config.guess'
OpenWrt-libtoolize: linking file `autostuff/config.sub'
OpenWrt-libtoolize: linking file `autostuff/install-sh'
OpenWrt-libtoolize: linking file `autostuff/ltmain.sh'
OpenWrt-libtoolize: putting macros in `m4'.
Cc: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 5cf897779eacf63cdbcdebd1af68c109096665c6)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes compilaton issue for non glibc clibs :
libtool: compile: gcc -DPACKAGE_NAME=\"libressl\" -DPACKAGE_TARNAME=\"libressl\" -DPACKAGE_VERSION=\"2.9.2\" "-DPACKAGE_STRING=\"libressl 2.9.2\"" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE_URL=\"\" -DPACKAGE=\"libressl\" -DVERSION=\"2.9.2\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 -DLT_OBJDIR=\".libs/\" -DHAVE_SYMLINK=1 -DHAVE_ERR_H=1 -DHAVE_ASPRINTF=1 -DHAVE_MEMMEM=1 -DHAVE_STRLCAT=1 -DHAVE_STRLCPY=1 -DHAVE_STRNDUP=1 -DHAVE_STRNLEN=1 -DHAVE_STRSEP=1 -DHAVE_TIMEGM=1 -DHAVE_SYSLOG=1 -DHAVE_ACCEPT4=1 -DHAVE_PIPE2=1 -DHAVE_POLL=1 -DHAVE_SOCKETPAIR=1 -DHAVE_EXPLICIT_BZERO=1 -DHAVE_GETAUXVAL=1 -DHAVE_GETAUXVAL=1 -DHAVE_DL_ITERATE_PHDR=1 -DHAVE_CLOCK_GETTIME=1 -DHAVE_VA_COPY=1 -DHAS_GNU_WARNING_LONG=1 -DSIZEOF_TIME_T=8 -I. -I../include -I../include/compat -DLIBRESSL_INTERNAL -D__BEGIN_HIDDEN_DECLS= -D__END_HIDDEN_DECLS= -I../crypto/asn1 -I../crypto/bn -I../crypto/ec -I../crypto/ecdsa -I../crypto/evp -I../crypto/modes -I../crypto -I/builds/pantacor/pv-platforms/openwrt-base/openwrt/staging_dir/host/include -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE -D__STRICT_ALIGNMENT -O2 -I/builds/pantacor/pv-platforms/openwrt-base/openwrt/staging_dir/host/include -fpic -Wall -std=gnu99 -fno-strict-aliasing -fno-strict-overflow -D_FORTIFY_SOURCE=2 -fstack-protector-strong -DHAVE_GNU_STACK -Wno-pointer-sign -MT compat/getprogname_linux.lo -MD -MP -MF compat/.deps/getprogname_linux.Tpo -c compat/getprogname_linux.c -o compat/getprogname_linux.o
compat/getprogname_linux.c: In function 'getprogname':
compat/getprogname_linux.c:32:2: error: #error "Cannot emulate getprogname"
#error "Cannot emulate getprogname"
^~~~~
Reported-by: Anibal Portero <anibal.portero@pantacor.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 1282a630272c59dfd105262772a2ca136084db03)
|
|
|
|
|
|
|
| |
899f168 system-linux: Coverity fixes
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 11617bcb3be6778d5427723a09922aae50956a8c)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Making all in tests
depbase=`echo handshake_table.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
gcc -DPACKAGE_NAME=\"libressl\" -DPACKAGE_TARNAME=\"libressl\" -DPACKAGE_VERSION=\"2.9.2\" -DPACKAGE_STRING=\"libressl\ 2.9.2\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE_URL=\"\" -DPACKAGE=\"libressl\" -DVERSION=\"2.9.2\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 -DLT_OBJDIR=\".libs/\" -DHAVE_SYMLINK=1 -DHAVE_ERR_H=1 -DHAVE_READPASSPHRASE_H=1 -DHAVE_ASPRINTF=1 -DHAVE_MEMMEM=1 -DHAVE_READPASSPHRASE=1 -DHAVE_STRLCAT=1 -DHAVE_STRLCPY=1 -DHAVE_STRNDUP=1 -DHAVE_STRNLEN=1 -DHAVE_STRSEP=1 -DHAVE_TIMEGM=1 -DHAVE_GETPROGNAME=1 -DHAVE_SYSLOG=1 -DHAVE_POLL=1 -DHAVE_SOCKETPAIR=1 -DHAVE_ARC4RANDOM=1 -DHAVE_ARC4RANDOM_BUF=1 -DHAVE_ARC4RANDOM_UNIFORM=1 -DHAVE_TIMINGSAFE_BCMP=1 -DHAVE_CLOCK_GETTIME=1 -DHAVE_VA_COPY=1 -DHAVE___VA_COPY=1 -DSIZEOF_TIME_T=8 -I. -I../include -I../include/compat -DLIBRESSL_INTERNAL -D__BEGIN_HIDDEN_DECLS= -D__END_HIDDEN_DECLS= -I ../crypto/modes -I ../crypto/asn1 -I ../ssl -I ../tls -I ../apps/openssl -I ../apps/openssl/compat -D_PATH_SSL_CA_FILE=\"../apps/openssl/cert.pem\" -I/Users/kevin/wrt/staging_dir/host/include -D__STRICT_ALIGNMENT -O2 -I/Users/kevin/wrt/staging_dir/host/include -fpic -Wall -std=gnu99 -fno-strict-aliasing -fno-strict-overflow -D_FORTIFY_SOURCE=2 -fstack-protector-strong -Qunused-arguments -Wno-pointer-sign -MT handshake_table.o -MD -MP -MF $depbase.Tpo -c -o handshake_table.o handshake_table.c &&\
mv -f $depbase.Tpo $depbase.Po
make[4]: *** No rule to make target `/Users/kevin/wrt/build_dir/host/libressl-2.9.2/crypto/.libs/libcrypto_la-cpuid-macosx-x86_64.o', needed by `handshake_table'. Stop.
make[3]: *** [all-recursive] Error 1
A similar error & clues from
https://gitlab.com/ymorin/buildroot/commit/e783d60473944f8b39f1def45d8d6b483a062158
"
LibreSSL 2.9.1 now has a test that requires libtls.a, however, when building a
shared library only build, the --disable-static flag is passed to libressl,
which prevents the building of libtls.a.
With libtls.a not being built, the following error occurs:
libressl-2.9.1/tls/.libs/libtls.a', needed by 'handshake_table'. Stop.
There are three options to fix this:
1) Stick with autotools, and provide a patch that removes building anything in
the tests folder.
2) Pass --enable-static to LIBRESSL_CONF_OPTS
3) Change the package type to cmake, as a cmake build does not have this issue."
It appears we cannot change to cmake because cmake has a dependency on
an ssl library.
Take option 1 and do not build the tests.
Also take the opportunity to remove man page building as well.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 8d6d227bb653b7cce7092a5a9d55180c3e022848)
|
|
|
|
|
|
|
| |
For changes in 7.65.3; see https://curl.haxx.se/changes.html#7_65_3
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit fc2df4f7050adae3ca6284a499fa914e07cba70b)
|
|
|
|
|
|
|
| |
To keep in sync with OpenSSL 1.1.x branch version options.
Signed-off-by: Roman Yeryomin <roman@advem.lv>
(cherry picked from commit 3f1e8c01316a5ea0162197cd8eb6dbbabe396176)
|
|
|
|
|
|
|
|
| |
To configure the list of allowable TLS 1.3 ciphersuites, the option
tls_ciphersuites is used instead of tls_ciphers.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
(cherry picked from commit 261df949faad6dda43454868628f79265e9cc5e7)
|
|
|
|
|
|
|
| |
Those are not used by any image check function anymore.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 3f4c785a6bbde87296e362c315f10b55c98843e3)
|