From 4684aae3f5b74736dfa3b7ad8007f94e9f4064af Mon Sep 17 00:00:00 2001 From: zhang-wenyu1 Date: Mon, 6 Jan 2025 13:59:21 +0800 Subject: [PATCH 1/8] keyutils: add recipe for keyutils and modify manifest.yaml 1. add recipe for keyutils 2. modify manifest.yaml Signed-off-by: zhang_wenyu --- .oebuild/manifest.yaml | 3 + .../files/fix_library_install_path.patch | 28 ++++++++++ ...ror-report-by-adding-default-message.patch | 42 ++++++++++++++ .../keyutils-test-fix-output-format.patch | 41 ++++++++++++++ .../recipes-security/keyutils/files/run-ptest | 3 + .../keyutils/keyutils_%.bbappend | 7 +++ .../keyutils/keyutils_1.6.1.bb | 56 +++++++++++++++++++ 7 files changed, 180 insertions(+) create mode 100644 meta-openeuler/recipes-security/keyutils/files/fix_library_install_path.patch create mode 100644 meta-openeuler/recipes-security/keyutils/files/keyutils-fix-error-report-by-adding-default-message.patch create mode 100644 meta-openeuler/recipes-security/keyutils/files/keyutils-test-fix-output-format.patch create mode 100755 meta-openeuler/recipes-security/keyutils/files/run-ptest create mode 100644 meta-openeuler/recipes-security/keyutils/keyutils_%.bbappend create mode 100644 meta-openeuler/recipes-security/keyutils/keyutils_1.6.1.bb diff --git a/.oebuild/manifest.yaml b/.oebuild/manifest.yaml index 8b6589b68ac..070656866df 100644 --- a/.oebuild/manifest.yaml +++ b/.oebuild/manifest.yaml @@ -2217,3 +2217,6 @@ manifest_list: linux-firmware: remote_url: https://gitee.com/src-openeuler/linux-firmware.git version: d81b61811a2d8d15c33df4f895e5377a008ebd92 + keyutils: + remote_url: https://gitee.com/src-openeuler/keyutils.git + version: bc9471d9a94151d4c2d277e5fcf192a401195e08 diff --git a/meta-openeuler/recipes-security/keyutils/files/fix_library_install_path.patch b/meta-openeuler/recipes-security/keyutils/files/fix_library_install_path.patch new file mode 100644 index 00000000000..938fe2eb57a --- /dev/null +++ b/meta-openeuler/recipes-security/keyutils/files/fix_library_install_path.patch @@ -0,0 +1,28 @@ +From b0355cc205543ffd33752874295139d57c4fbc3e Mon Sep 17 00:00:00 2001 +From: Wenzong Fan +Date: Tue, 26 Sep 2017 07:59:51 +0000 +Subject: [PATCH] Subject: [PATCH] keyutils: use relative path for link + +The absolute path of the symlink will be invalid +when populated in sysroot, so use relative path instead. + +Upstream-Status: Pending + +Signed-off-by: Jackie Huang +Signed-off-by: Wenzong Fan +{rebased for 1.6] +Signed-off-by: Armin Kuster + +Index: keyutils-1.6/Makefile +=================================================================== +--- keyutils-1.6.orig/Makefile ++++ keyutils-1.6/Makefile +@@ -184,7 +184,7 @@ ifeq ($(NO_SOLIB),0) + $(INSTALL) -D $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME) + $(LNS) $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SONAME) + mkdir -p $(DESTDIR)$(USRLIBDIR) +- $(LNS) $(LIBDIR)/$(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB) ++ $(LNS) $(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB) + sed \ + -e 's,@VERSION\@,$(VERSION),g' \ + -e 's,@prefix\@,$(PREFIX),g' \ diff --git a/meta-openeuler/recipes-security/keyutils/files/keyutils-fix-error-report-by-adding-default-message.patch b/meta-openeuler/recipes-security/keyutils/files/keyutils-fix-error-report-by-adding-default-message.patch new file mode 100644 index 00000000000..acd91c01c48 --- /dev/null +++ b/meta-openeuler/recipes-security/keyutils/files/keyutils-fix-error-report-by-adding-default-message.patch @@ -0,0 +1,42 @@ +fix keyutils test error report + +Upstream-Status: Pending + +"Permission denied" may be the reason of EKEYEXPIRED and EKEYREVOKED. +"Required key not available" may be the reason of EKEYREVOKED. +EXPIRED and REVOKED are 2 status of kernel security keys features. +But the userspace keyutils lib will output the error message, which may +have several reasons. + +Signed-off-by: Han Chao + +diff --git a/tests/toolbox.inc.sh b/tests/toolbox.inc.sh +index bbca00a..739e9d0 100644 +--- a/tests/toolbox.inc.sh ++++ b/tests/toolbox.inc.sh +@@ -227,11 +227,12 @@ function expect_error () + ;; + EKEYEXPIRED) + my_err="Key has expired" +- alt_err="Unknown error 127" ++ alt_err="Permission denied" + ;; + EKEYREVOKED) + my_err="Key has been revoked" +- alt_err="Unknown error 128" ++ alt_err="Permission denied" ++ alt2_err="Required key not available" + ;; + EKEYREJECTED) + my_err="Key has been rejected" +@@ -249,6 +250,9 @@ function expect_error () + elif [ "x$alt_err" != "x" ] && expr "$my_errmsg" : ".*: $alt_err" >&/dev/null + then + : ++ elif [ "x$alt2_err" != "x" ] && expr "$my_errmsg" : ".*: $alt2_err" >&/dev/null ++ then ++ : + elif [ "x$old_err" != "x" ] && expr "$my_errmsg" : ".*: $old_err" >&/dev/null + then + : + diff --git a/meta-openeuler/recipes-security/keyutils/files/keyutils-test-fix-output-format.patch b/meta-openeuler/recipes-security/keyutils/files/keyutils-test-fix-output-format.patch new file mode 100644 index 00000000000..a4ffd50ce54 --- /dev/null +++ b/meta-openeuler/recipes-security/keyutils/files/keyutils-test-fix-output-format.patch @@ -0,0 +1,41 @@ +From 49b6321368e4bd3cd233d045cd09004ddd7968b2 Mon Sep 17 00:00:00 2001 +From: Jackie Huang +Date: Mon, 15 May 2017 14:52:00 +0800 +Subject: [PATCH] keyutils: fix output format + +keyutils ptest output format is incorrect, according to yocto +Development Manual +(http://www.yoctoproject.org/docs/latest/dev-manual/dev-manual.html#testing-packages-with-ptest) +5.10.6. Testing Packages With ptestThe test generates output in the format used by Automake: +: +where the result can be PASS, FAIL, or SKIP, and the testname can be any +identifying string. +So we should change the test result format to match yocto ptest rules. + +Upstream-Status: Inappropriate [OE ptest specific] + +Signed-off-by: Li Wang +Signed-off-by: Jackie Huang +--- + tests/runtest.sh | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/tests/runtest.sh b/tests/runtest.sh +index b6eaa7c..84263fb 100644 +--- a/tests/runtest.sh ++++ b/tests/runtest.sh +@@ -21,6 +21,11 @@ for i in ${TESTS}; do + echo "### RUNNING TEST $i" + if [[ $AUTOMATED != 0 ]] ; then + bash ./runtest.sh ++ if [ $? != 0 ]; then ++ echo "FAIL: $i" ++ else ++ echo "PASS: $i" ++ fi + else + bash ./runtest.sh || exit 1 + fi +-- +2.11.0 + diff --git a/meta-openeuler/recipes-security/keyutils/files/run-ptest b/meta-openeuler/recipes-security/keyutils/files/run-ptest new file mode 100755 index 00000000000..305707f65d7 --- /dev/null +++ b/meta-openeuler/recipes-security/keyutils/files/run-ptest @@ -0,0 +1,3 @@ +#!/bin/sh +export AUTOMATED=1 +make -C tests run diff --git a/meta-openeuler/recipes-security/keyutils/keyutils_%.bbappend b/meta-openeuler/recipes-security/keyutils/keyutils_%.bbappend new file mode 100644 index 00000000000..da0d70a6335 --- /dev/null +++ b/meta-openeuler/recipes-security/keyutils/keyutils_%.bbappend @@ -0,0 +1,7 @@ +# source bb: yocto-meta-openeuler/meta-openeuler/recipes-security/keyutils/keyutils_1.6.1.bb + +PV = "1.6.3" + +SRC_URI:prepend = " \ + file://keyutils-${PV}.tar.gz \ +" diff --git a/meta-openeuler/recipes-security/keyutils/keyutils_1.6.1.bb b/meta-openeuler/recipes-security/keyutils/keyutils_1.6.1.bb new file mode 100644 index 00000000000..8a95a15f6f4 --- /dev/null +++ b/meta-openeuler/recipes-security/keyutils/keyutils_1.6.1.bb @@ -0,0 +1,56 @@ +SUMMARY = "Linux Key Management Utilities" +DESCRIPTION = "\ + Utilities to control the kernel key management facility and to provide \ + a mechanism by which the kernel call back to userspace to get a key \ + instantiated. \ + " +HOMEPAGE = "http://people.redhat.com/dhowells/keyutils" +SECTION = "base" + +LICENSE = "LGPL-2.1-or-later & GPL-2.0-or-later" + +LIC_FILES_CHKSUM = "file://LICENCE.GPL;md5=5f6e72824f5da505c1f4a7197f004b45 \ + file://LICENCE.LGPL;md5=7d1cacaa3ea752b72ea5e525df54a21f" + +inherit siteinfo autotools-brokensep ptest + +SRC_URI = "http://people.redhat.com/dhowells/keyutils/${BP}.tar.bz2 \ + file://keyutils-test-fix-output-format.patch \ + file://keyutils-fix-error-report-by-adding-default-message.patch \ + file://run-ptest \ + file://fix_library_install_path.patch \ + " + +SRC_URI[md5sum] = "919af7f33576816b423d537f8a8692e8" +SRC_URI[sha256sum] = "c8b15722ae51d95b9ad76cc6d49a4c2cc19b0c60f72f61fb9bf43eea7cbd64ce" + +EXTRA_OEMAKE = "'CFLAGS=${CFLAGS} -Wall' \ + NO_ARLIB=1 \ + BINDIR=${base_bindir} \ + SBINDIR=${base_sbindir} \ + LIBDIR=${libdir} \ + USRLIBDIR=${libdir} \ + INCLUDEDIR=${includedir} \ + ETCDIR=${sysconfdir} \ + SHAREDIR=${datadir}/keyutils \ + MANDIR=${datadir}/man \ + BUILDFOR=${SITEINFO_BITS}-bit \ + NO_GLIBC_KEYERR=1 \ + " + +do_install () { + install -d ${D}/${libdir}/pkgconfig + oe_runmake DESTDIR=${D} install +} + +do_install_ptest () { + cp -r ${S}/tests ${D}${PTEST_PATH}/ + sed -i -e 's/OSDIST=Unknown/OSDIST=${DISTRO}/' ${D}${PTEST_PATH}/tests/prepare.inc.sh +} + + +RDEPENDS:${PN}-ptest += "lsb-release" +RDEPENDS:${PN}-ptest:append:libc-glibc = " glibc-utils" +RDEPENDS:${PN}-ptest:append:libc-musl = " musl-utils" + +BBCLASSEXTEND = "native nativesdk" -- Gitee From 84b1d21d2df9c3ec3138cc61d88134ad51871342 Mon Sep 17 00:00:00 2001 From: zhang-wenyu1 Date: Mon, 6 Jan 2025 17:10:24 +0800 Subject: [PATCH 2/8] libdatrie: add recipe for libdatrie and modify manifest.yaml 1. add recipe for libdatrie 2. modify manifest.yaml Signed-off-by: zhang_wenyu --- .oebuild/manifest.yaml | 3 +++ .../libdatrie/libdatrie_%.bbappend | 5 +++++ .../libdatrie/libdatrie_0.2.13.bb | 16 ++++++++++++++++ 3 files changed, 24 insertions(+) create mode 100644 meta-openeuler/recipes-devtools/libdatrie/libdatrie_%.bbappend create mode 100644 meta-openeuler/recipes-devtools/libdatrie/libdatrie_0.2.13.bb diff --git a/.oebuild/manifest.yaml b/.oebuild/manifest.yaml index 070656866df..18446f6aa15 100644 --- a/.oebuild/manifest.yaml +++ b/.oebuild/manifest.yaml @@ -2220,3 +2220,6 @@ manifest_list: keyutils: remote_url: https://gitee.com/src-openeuler/keyutils.git version: bc9471d9a94151d4c2d277e5fcf192a401195e08 + libdatrie: + remote_url: https://gitee.com/src-openeuler/libdatrie.git + version: 23c3ebfd17809c1486fc3bf253a05abf2c462175 diff --git a/meta-openeuler/recipes-devtools/libdatrie/libdatrie_%.bbappend b/meta-openeuler/recipes-devtools/libdatrie/libdatrie_%.bbappend new file mode 100644 index 00000000000..fe78523e427 --- /dev/null +++ b/meta-openeuler/recipes-devtools/libdatrie/libdatrie_%.bbappend @@ -0,0 +1,5 @@ +# source bb: yocto-meta-openeuler/meta-openeuler/recipes-devtools/libdatrie/libdatrie_0.2.13.bb + +SRC_URI:prepend = " \ + file://libdatrie-${PV}.tar.xz \ +" diff --git a/meta-openeuler/recipes-devtools/libdatrie/libdatrie_0.2.13.bb b/meta-openeuler/recipes-devtools/libdatrie/libdatrie_0.2.13.bb new file mode 100644 index 00000000000..bbcb0273c06 --- /dev/null +++ b/meta-openeuler/recipes-devtools/libdatrie/libdatrie_0.2.13.bb @@ -0,0 +1,16 @@ +SUMMARY = "a library of double-array structure for representing trie." +DESCRIPTION = "Trie is an efficient indexing method. It is usually much faster than B-tree or any comparison-based indexing method in general cases. Its time complexity is comparable with hashing techniques." +HOMEPAGE = "https://linux.thai.net/~thep/datrie" +SECTION = "libs" +LICENSE = "LGPLv2+" +LIC_FILES_CHKSUM = "file://COPYING;md5=2d5025d4aa3495befef8f17206a5b0a1 \ + " + +SRC_URI = "https://linux.thai.net/pub/ThaiLinux/software/libthai/libdatrie-0.2.13.tar.xz" +SRC_URI[sha256sum] = "12231bb2be2581a7f0fb9904092d24b0ed2a271a16835071ed97bed65267f4be" + +DEPENDS += "automake libtool doxygen autoconf-archive pkgconfig xz" + +inherit autotools lib_package + +BBCLASSEXTEND = "native nativesdk" -- Gitee From bcde4e04917b70364c9732d0ccd212a6d662d678 Mon Sep 17 00:00:00 2001 From: zhang-wenyu1 Date: Mon, 6 Jan 2025 17:13:44 +0800 Subject: [PATCH 3/8] libidn: add recipe for libidn and modify manifest.yaml 1. add recipe for libidn 2. modify manifest.yaml Signed-off-by: zhang_wenyu --- .oebuild/manifest.yaml | 3 + .../0001-idn-format-security-warnings.patch | 180 ++++++++++++++++++ .../libidn/dont-depend-on-help2man.patch | 23 +++ .../recipes-extended/libidn/libidn_%.bbappend | 9 + .../recipes-extended/libidn/libidn_1.36.bb | 40 ++++ 5 files changed, 255 insertions(+) create mode 100644 meta-openeuler/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch create mode 100644 meta-openeuler/recipes-extended/libidn/libidn/dont-depend-on-help2man.patch create mode 100644 meta-openeuler/recipes-extended/libidn/libidn_%.bbappend create mode 100644 meta-openeuler/recipes-extended/libidn/libidn_1.36.bb diff --git a/.oebuild/manifest.yaml b/.oebuild/manifest.yaml index 18446f6aa15..f1d3f2a5f17 100644 --- a/.oebuild/manifest.yaml +++ b/.oebuild/manifest.yaml @@ -2223,3 +2223,6 @@ manifest_list: libdatrie: remote_url: https://gitee.com/src-openeuler/libdatrie.git version: 23c3ebfd17809c1486fc3bf253a05abf2c462175 + libidn: + remote_url: https://gitee.com/src-openeuler/libidn.git + version: 887370b54d8723c772a39bccb9ba621e4da605a7 diff --git a/meta-openeuler/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch b/meta-openeuler/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch new file mode 100644 index 00000000000..d5fb8e7c821 --- /dev/null +++ b/meta-openeuler/recipes-extended/libidn/libidn/0001-idn-format-security-warnings.patch @@ -0,0 +1,180 @@ +Subject: [PATCH] idn: fix printf() format security warnings +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +| ../../libidn-1.32/src/idn.c: In function 'main': +| ../../libidn-1.32/src/idn.c:172:7: error: format not a string literal and no format arguments [-Werror=format-security] +| error (0, 0, _("only one of -s, -e, -d, -a, -u or -n can be specified")); +| ^~~~~ +| ../../libidn-1.32/src/idn.c:187:5: error: format not a string literal and no format arguments [-Werror=format-security] +| fprintf (stderr, _("Type each input string on a line by itself, " +| ^~~~~~~ +| ../../libidn-1.32/src/idn.c:202:4: error: format not a string literal and no format arguments [-Werror=format-security] +| error (EXIT_FAILURE, errno, _("input error")); +| ^~~~~ +| ../../libidn-1.32/src/idn.c:220:8: error: format not a string literal and no format arguments [-Werror=format-security] +| _("could not convert from UTF-8 to UCS-4")); +| ^ +| ../../libidn-1.32/src/idn.c:245:8: error: format not a string literal and no format arguments [-Werror=format-security] +| _("could not convert from UTF-8 to UCS-4")); +| ^ +| ../../libidn-1.32/src/idn.c:281:6: error: format not a string literal and no format arguments [-Werror=format-security] +| _("could not convert from UTF-8 to UCS-4")); +| ^ +| ../../libidn-1.32/src/idn.c:340:6: error: format not a string literal and no format arguments [-Werror=format-security] +| _("could not convert from UCS-4 to UTF-8")); +| ^ +| ../../libidn-1.32/src/idn.c:364:6: error: format not a string literal and no format arguments [-Werror=format-security] +| _("could not convert from UCS-4 to UTF-8")); +| ^ +| ../../libidn-1.32/src/idn.c:442:8: error: format not a string literal and no format arguments [-Werror=format-security] +| _("could not convert from UCS-4 to UTF-8")); +| ^ +| ../../libidn-1.32/src/idn.c:498:6: error: format not a string literal and no format arguments [-Werror=format-security] +| _("could not convert from UTF-8 to UCS-4")); +| ^ +| ../../libidn-1.32/src/idn.c:527:5: error: format not a string literal and no format arguments [-Werror=format-security] +| _("could not convert from UTF-8 to UCS-4")); +| ^ +| ../../libidn-1.32/src/idn.c:540:6: error: format not a string literal and no format arguments [-Werror=format-security] +| error (EXIT_FAILURE, 0, _("could not do NFKC normalization")); +| ^~~~~ +| ../../libidn-1.32/src/idn.c:551:5: error: format not a string literal and no format arguments [-Werror=format-security] +| _("could not convert from UTF-8 to UCS-4")); +| ^ + +Signed-off-by: André Draszik +Signed-off-by: Zang Ruochen + +Upstream-Status: Pending + +--- + src/idn.c | 27 ++++++++++++++------------- + 1 file changed, 14 insertions(+), 13 deletions(-) + +diff --git a/src/idn.c b/src/idn.c +index f2fee11..c6e5caa 100644 +--- a/src/idn.c ++++ b/src/idn.c +@@ -169,7 +169,7 @@ main (int argc, char *argv[]) + (args_info.idna_to_unicode_given ? 1 : 0) + + (args_info.nfkc_given ? 1 : 0) != 1) + { +- error (0, 0, ++ error (0, 0, "%s", + _("only one of -s, -e, -d, -a, -u or -n can be specified")); + usage (EXIT_FAILURE); + } +@@ -183,7 +183,7 @@ main (int argc, char *argv[]) + + if (!args_info.quiet_given + && args_info.inputs_num == 0 && isatty (fileno (stdin))) +- fprintf (stderr, _("Type each input string on a line by itself, " ++ fprintf (stderr, "%s", _("Type each input string on a line by itself, " + "terminated by a newline character.\n")); + + do +@@ -195,7 +195,7 @@ main (int argc, char *argv[]) + if (feof (stdin)) + break; + +- error (EXIT_FAILURE, errno, _("input error")); ++ error (EXIT_FAILURE, errno, "%s", _("input error")); + } + + if (strlen (line) > 0) +@@ -213,7 +213,7 @@ main (int argc, char *argv[]) + if (!q) + { + free (p); +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UTF-8 to UCS-4")); + } + +@@ -238,7 +238,7 @@ main (int argc, char *argv[]) + if (!q) + { + free (r); +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UTF-8 to UCS-4")); + } + +@@ -275,7 +275,7 @@ main (int argc, char *argv[]) + q = stringprep_utf8_to_ucs4 (p, -1, &len); + free (p); + if (!q) +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UTF-8 to UCS-4")); + + if (args_info.debug_given) +@@ -334,7 +334,7 @@ main (int argc, char *argv[]) + r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL); + free (q); + if (!r) +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UCS-4 to UTF-8")); + + p = stringprep_utf8_to_locale (r); +@@ -358,7 +358,7 @@ main (int argc, char *argv[]) + q = stringprep_utf8_to_ucs4 (p, -1, NULL); + free (p); + if (!q) +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UCS-4 to UTF-8")); + + if (args_info.debug_given) +@@ -436,7 +436,7 @@ main (int argc, char *argv[]) + if (!q) + { + free (p); +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UCS-4 to UTF-8")); + } + +@@ -492,7 +492,7 @@ main (int argc, char *argv[]) + r = stringprep_ucs4_to_utf8 (q, -1, NULL, NULL); + free (q); + if (!r) +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UTF-8 to UCS-4")); + + p = stringprep_utf8_to_locale (r); +@@ -521,7 +521,7 @@ main (int argc, char *argv[]) + if (!q) + { + free (p); +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UTF-8 to UCS-4")); + } + +@@ -535,7 +535,8 @@ main (int argc, char *argv[]) + r = stringprep_utf8_nfkc_normalize (p, -1); + free (p); + if (!r) +- error (EXIT_FAILURE, 0, _("could not do NFKC normalization")); ++ error (EXIT_FAILURE, 0, "%s", ++ _("could not do NFKC normalization")); + + if (args_info.debug_given) + { +@@ -545,7 +546,7 @@ main (int argc, char *argv[]) + if (!q) + { + free (r); +- error (EXIT_FAILURE, 0, ++ error (EXIT_FAILURE, 0, "%s", + _("could not convert from UTF-8 to UCS-4")); + } + +-- +2.25.1 + diff --git a/meta-openeuler/recipes-extended/libidn/libidn/dont-depend-on-help2man.patch b/meta-openeuler/recipes-extended/libidn/libidn/dont-depend-on-help2man.patch new file mode 100644 index 00000000000..0863530f29d --- /dev/null +++ b/meta-openeuler/recipes-extended/libidn/libidn/dont-depend-on-help2man.patch @@ -0,0 +1,23 @@ +Upstream-Status: Inappropriate [disable feature] + +Signed-off-by: Marko Lindqvist +diff -Nurdd libidn-1.26/doc/Makefile.am libidn-1.26/doc/Makefile.am +--- libidn-1.26/doc/Makefile.am 2012-09-18 11:25:45.000000000 +0300 ++++ libidn-1.26/doc/Makefile.am 2013-02-08 07:41:24.591431462 +0200 +@@ -49,15 +49,9 @@ + + # Man pages. + +-dist_man_MANS = idn.1 $(gdoc_MANS) ++dist_man_MANS = $(gdoc_MANS) + MAINTAINERCLEANFILES = $(dist_man_MANS) + +-idn.1: $(top_srcdir)/src/idn.c $(top_srcdir)/src/idn.ggo \ +- $(top_srcdir)/configure.ac +- $(HELP2MAN) \ +- --name="Internationalized Domain Names command line tool" \ +- --output=$@ $(top_builddir)/src/idn$(EXEEXT) +- + # GDOC + + GDOC_BIN = $(srcdir)/gdoc diff --git a/meta-openeuler/recipes-extended/libidn/libidn_%.bbappend b/meta-openeuler/recipes-extended/libidn/libidn_%.bbappend new file mode 100644 index 00000000000..51156a2337f --- /dev/null +++ b/meta-openeuler/recipes-extended/libidn/libidn_%.bbappend @@ -0,0 +1,9 @@ +# source bb: yocto-meta-openeuler/meta-openeuler/recipes-extended/libidn/libidn_1.36.bb + +SRC_URI:remove = " \ + ${GNU_MIRROR}/libidn/${BPN}-${PV}.tar.gz \ +" + +SRC_URI:prepend = " \ + file://libidn-${PV}.tar.gz \ +" diff --git a/meta-openeuler/recipes-extended/libidn/libidn_1.36.bb b/meta-openeuler/recipes-extended/libidn/libidn_1.36.bb new file mode 100644 index 00000000000..0dea4aff5ca --- /dev/null +++ b/meta-openeuler/recipes-extended/libidn/libidn_1.36.bb @@ -0,0 +1,40 @@ +SUMMARY = "Internationalized Domain Name support library" +DESCRIPTION = "Implementation of the Stringprep, Punycode and IDNA specifications defined by the IETF Internationalized Domain Names (IDN) working group." +HOMEPAGE = "http://www.gnu.org/software/libidn/" +SECTION = "libs" +LICENSE = "(LGPL-2.1-or-later | LGPL-3.0-only) & GPL-3.0-or-later" +LIC_FILES_CHKSUM = "file://COPYING;md5=df4be47940a91ee69556f5f71eed4aec \ + file://COPYING.LESSERv2;md5=4fbd65380cdd255951079008b364516c \ + file://COPYING.LESSERv3;md5=e6a600fd5e1d9cbde2d983680233ad02 \ + file://COPYINGv2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://COPYINGv3;md5=d32239bcb673463ab874e80d47fae504 \ + file://lib/idna.h;endline=21;md5=c381d797e2d7fbdace7c147b1285d076 \ + file://src/idn.c;endline=20;md5=7d88aa87b0494d690bdf7748fe08d536" +DEPENDS = "virtual/libiconv autoconf-archive" + +inherit pkgconfig autotools gettext texinfo gtk-doc + +SRC_URI = "${GNU_MIRROR}/libidn/${BPN}-${PV}.tar.gz \ + file://dont-depend-on-help2man.patch \ + file://0001-idn-format-security-warnings.patch \ + " + +SRC_URI[md5sum] = "813c7b268d1051ca02c3610986126f38" +SRC_URI[sha256sum] = "14b67108344d81ba844631640df77c9071d9fb0659b080326ff5424e86b14038" + +# command tool is under GPLv3+, while libidn itself is under LGPLv2.1+ or LGPLv3 +# so package command into a separate package +PACKAGES =+ "idn" +FILES:idn = "${bindir}/*" + +LICENSE:${PN} = "LGPL-2.1-or-later | LGPL-3.0-only" +LICENSE:idn = "GPL-3.0-or-later" + +EXTRA_OECONF = "--disable-csharp" + +do_install:append() { + rm -rf ${D}${datadir}/emacs +} + +BBCLASSEXTEND = "native nativesdk" + -- Gitee From 9fe6e25db838d84b24c5a70d7b24763e660bd4b6 Mon Sep 17 00:00:00 2001 From: zhang-wenyu1 Date: Mon, 6 Jan 2025 17:16:44 +0800 Subject: [PATCH 4/8] cyrus-sasl: add recipe for cyrus-sasl and modify manifest.yaml 1. add recipe for cyrus-sasl 2. modify manifest.yaml Signed-off-by: zhang_wenyu --- .oebuild/manifest.yaml | 3 + ...mple-Rename-dprintf-to-cyrus_dprintf.patch | 91 +++++++++++++++++ .../cyrus-sasl/CVE-2019-19906.patch | 35 +++++++ .../cyrus-sasl/CVE-2022-24407.patch | 27 +++++ .../cyrus-sasl/Fix-hardcoded-libdir.patch | 26 +++++ .../cyrus-sasl/avoid-to-call-AC_TRY_RUN.patch | 50 ++++++++++ ...bian_patches_0014_avoid_pic_overwrite.diff | 28 ++++++ .../cyrus-sasl/cyrus-sasl/saslauthd.conf | 11 +++ .../cyrus-sasl/cyrus-sasl/saslauthd.service | 12 +++ .../cyrus-sasl/cyrus-sasl_%.bbappend | 11 +++ .../cyrus-sasl/cyrus-sasl_2.1.28.bb | 99 +++++++++++++++++++ 11 files changed, 393 insertions(+) create mode 100644 meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/0001-sample-Rename-dprintf-to-cyrus_dprintf.patch create mode 100644 meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2019-19906.patch create mode 100644 meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch create mode 100644 meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/Fix-hardcoded-libdir.patch create mode 100644 meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/avoid-to-call-AC_TRY_RUN.patch create mode 100644 meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/debian_patches_0014_avoid_pic_overwrite.diff create mode 100644 meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/saslauthd.conf create mode 100644 meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/saslauthd.service create mode 100644 meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl_%.bbappend create mode 100644 meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb diff --git a/.oebuild/manifest.yaml b/.oebuild/manifest.yaml index f1d3f2a5f17..a08238cf7bc 100644 --- a/.oebuild/manifest.yaml +++ b/.oebuild/manifest.yaml @@ -2226,3 +2226,6 @@ manifest_list: libidn: remote_url: https://gitee.com/src-openeuler/libidn.git version: 887370b54d8723c772a39bccb9ba621e4da605a7 + cyrus-sasl: + remote_url: https://gitee.com/src-openeuler/cyrus-sasl.git + version: 63eb17a1231d47fd5f115d1edb58d2ad6c77c5f3 diff --git a/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/0001-sample-Rename-dprintf-to-cyrus_dprintf.patch b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/0001-sample-Rename-dprintf-to-cyrus_dprintf.patch new file mode 100644 index 00000000000..4c6d61dfc76 --- /dev/null +++ b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/0001-sample-Rename-dprintf-to-cyrus_dprintf.patch @@ -0,0 +1,91 @@ +From ade70f39c4aa5a8830462d9ccf3b8f8dd968c0d8 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Mon, 28 Feb 2022 11:10:26 -0800 +Subject: [PATCH] sample: Rename dprintf to cyrus_dprintf + +This avoids shadowing the dprintf implementations in glibc + +Upstream-Status: Pending +Signed-off-by: Khem Raj +--- + sample/client.c | 12 ++++++------ + sample/common.c | 2 +- + sample/common.h | 2 +- + 3 files changed, 8 insertions(+), 8 deletions(-) + +diff --git a/sample/client.c b/sample/client.c +index e723c6b7..6a04f428 100644 +--- a/sample/client.c ++++ b/sample/client.c +@@ -241,9 +241,9 @@ int mysasl_negotiate(FILE *in, FILE *out, sasl_conn_t *conn) + int r, c; + + /* get the capability list */ +- dprintf(0, "receiving capability list... "); ++ cyrus_dprintf(0, "receiving capability list... "); + len = recv_string(in, buf, sizeof buf); +- dprintf(0, "%s\n", buf); ++ cyrus_dprintf(0, "%s\n", buf); + + if (mech) { + /* make sure that 'mech' appears in 'buf' */ +@@ -262,7 +262,7 @@ int mysasl_negotiate(FILE *in, FILE *out, sasl_conn_t *conn) + return -1; + } + +- dprintf(1, "using mechanism %s\n", chosenmech); ++ cyrus_dprintf(1, "using mechanism %s\n", chosenmech); + + /* we send up to 3 strings; + the mechanism chosen, the presence of initial response, +@@ -276,7 +276,7 @@ int mysasl_negotiate(FILE *in, FILE *out, sasl_conn_t *conn) + } + + for (;;) { +- dprintf(2, "waiting for server reply...\n"); ++ cyrus_dprintf(2, "waiting for server reply...\n"); + + c = fgetc(in); + switch (c) { +@@ -303,10 +303,10 @@ int mysasl_negotiate(FILE *in, FILE *out, sasl_conn_t *conn) + } + + if (data) { +- dprintf(2, "sending response length %d...\n", len); ++ cyrus_dprintf(2, "sending response length %d...\n", len); + send_string(out, data, len); + } else { +- dprintf(2, "sending null response...\n"); ++ cyrus_dprintf(2, "sending null response...\n"); + send_string(out, "", 0); + } + } +diff --git a/sample/common.c b/sample/common.c +index 712549fd..d138e450 100644 +--- a/sample/common.c ++++ b/sample/common.c +@@ -127,7 +127,7 @@ int recv_string(FILE *f, char *buf, int buflen) + + int debuglevel = 0; + +-int dprintf(int lvl, const char *fmt, ...) ++int cyrus_dprintf(int lvl, const char *fmt, ...) + { + va_list ap; + int ret = 0; +diff --git a/sample/common.h b/sample/common.h +index 819d0101..cd56907a 100644 +--- a/sample/common.h ++++ b/sample/common.h +@@ -43,7 +43,7 @@ extern int send_string(FILE *f, const char *s, int l); + extern int recv_string(FILE *f, char *buf, int buflen); + + extern int debuglevel; +-extern int dprintf(int lvl, const char *fmt, ...); ++extern int cyrus_dprintf(int lvl, const char *fmt, ...); + + extern void saslerr(int why, const char *what); + extern void saslfail(int why, const char *what); +-- +2.35.1 + diff --git a/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2019-19906.patch b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2019-19906.patch new file mode 100644 index 00000000000..33a9e3f6e6b --- /dev/null +++ b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2019-19906.patch @@ -0,0 +1,35 @@ +From 94fe6eb9ea2691f4a7c32fbf2d0c7c454995b666 Mon Sep 17 00:00:00 2001 +From: Changqing Li +Date: Thu, 27 Feb 2020 11:08:57 +0800 +Subject: [PATCH] Fix #587 + +Off by one error in common.c, CVE-2019-19906. + +Thanks to Stephan Zeisberg for reporting + +CVE: CVE-2019-19906 + +Upstream-Stauts: Backport [https://github.com/cyrusimap/cyrus-sasl +/commit/dcc9f51cbd4ed622cfb0f9b1c141eb2ffe3b12f1] + +Signed-off-by: Changqing Li +--- + lib/common.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/common.c b/lib/common.c +index d9104c8..fef82db 100644 +--- a/lib/common.c ++++ b/lib/common.c +@@ -190,7 +190,7 @@ int _sasl_add_string(char **out, size_t *alloclen, + + if (add==NULL) add = "(null)"; + +- addlen=strlen(add); /* only compute once */ ++ addlen=strlen(add)+1; /* only compute once */ + if (_buf_alloc(out, alloclen, (*outlen)+addlen+1)!=SASL_OK) + return SASL_NOMEM; + +-- +2.25.1 + diff --git a/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch new file mode 100644 index 00000000000..3d67f474146 --- /dev/null +++ b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch @@ -0,0 +1,27 @@ +From 078f98ea154475d953ce5b7cd851732f4dc270a7 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati +Date: Tue, 5 Jul 2022 09:31:07 +0530 +Subject: [PATCH] CVE-2022-24407 + +Upstream-Status: Backport [https://github.com/cyrusimap/cyrus-sasl/commit/9eff746c9daecbcc0041b09a5a51ba30738cdcbc] +CVE: CVE-2022-24407 +Signed-off-by: Hitendra Prajapati +--- + plugins/sql.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/plugins/sql.c b/plugins/sql.c +index 6ac81c2f..d90dbac9 100644 +--- a/plugins/sql.c ++++ b/plugins/sql.c +@@ -1127,6 +1127,7 @@ static int sql_auxprop_lookup(void *glob_context, + done: + if (escap_userid) sparams->utils->free(escap_userid); + if (escap_realm) sparams->utils->free(escap_realm); ++ if (escap_passwd) sparams->utils->free(escap_passwd); + if (conn) settings->sql_engine->sql_close(conn); + if (userid) sparams->utils->free(userid); + if (realm) sparams->utils->free(realm); +-- +2.25.1 + diff --git a/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/Fix-hardcoded-libdir.patch b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/Fix-hardcoded-libdir.patch new file mode 100644 index 00000000000..f172362f4e1 --- /dev/null +++ b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/Fix-hardcoded-libdir.patch @@ -0,0 +1,26 @@ +From 188ad4497947259811ad32faeee95c20f9a44046 Mon Sep 17 00:00:00 2001 +From: "Roy.Li" +Date: Fri, 19 Jul 2013 14:29:31 +0800 +Subject: [PATCH] Fix hardcoded libdir. + +Upstream-Status: Pending + +Signed-off-by: Roy.Li + +--- + plugins/Makefile.am | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/plugins/Makefile.am b/plugins/Makefile.am +index 2b02a52..929f6a4 100644 +--- a/plugins/Makefile.am ++++ b/plugins/Makefile.am +@@ -65,7 +65,7 @@ LIB_MYSQL = @LIB_MYSQL@ + + plugindir = @plugindir@ + +-sasldir = $(prefix)/lib/sasl2 ++sasldir = $(libdir)/sasl2 + sasl_LTLIBRARIES = @SASL_MECHS@ + EXTRA_LTLIBRARIES = libplain.la libanonymous.la libkerberos4.la libcrammd5.la \ + libgs2.la libgssapiv2.la libdigestmd5.la liblogin.la libsrp.la libotp.la \ diff --git a/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/avoid-to-call-AC_TRY_RUN.patch b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/avoid-to-call-AC_TRY_RUN.patch new file mode 100644 index 00000000000..1e6f99603cb --- /dev/null +++ b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/avoid-to-call-AC_TRY_RUN.patch @@ -0,0 +1,50 @@ +From 288430d3c2d3f36a4c9d40c4fffa85288f44549a Mon Sep 17 00:00:00 2001 +From: "Roy.Li" +Date: Tue, 25 Jun 2013 09:22:59 +0800 +Subject: [PATCH] Avoid to call AC_TRY_RUN + +Upstream-Status: Inappropriate [configuration] + +Avoid to call AC_TRY_RUN to check if GSSAPI libraries support SPNEGO +on cross-compile environment by definition AC_ARG_ENABLE enable-spnego + +Signed-off-by: Roy.Li +--- + m4/sasl2.m4 | 14 +++++++++++++- + 1 file changed, 13 insertions(+), 1 deletion(-) + +diff --git a/m4/sasl2.m4 b/m4/sasl2.m4 +index 80371ef..ff70083 100644 +--- a/m4/sasl2.m4 ++++ b/m4/sasl2.m4 +@@ -316,6 +316,18 @@ if test "$gssapi" != no; then + AC_CACHE_CHECK([for SPNEGO support in GSSAPI libraries],[ac_cv_gssapi_supports_spnego],[ + cmu_save_LIBS="$LIBS" + LIBS="$LIBS $GSSAPIBASE_LIBS" ++ AC_ARG_ENABLE([spnego], ++ [AC_HELP_STRING([--enable-spnego=], ++ [enable SPNEGO support in GSSAPI libraries [no]])], ++ [spnego=$enableval], ++ [spnego=no]) ++ ++ if test "$spnego" = no; then ++ echo "no" ++ elif test "$spnego" = yes; then ++ AC_DEFINE(HAVE_GSS_SPNEGO,,[Define if your GSSAPI implementation supports SPNEGO]) ++ else ++ AC_MSG_CHECKING([for SPNEGO support in GSSAPI libraries]) + AC_TRY_RUN([ + #ifdef HAVE_GSSAPI_H + #include +@@ -343,7 +355,7 @@ int main(void) + AS_IF([test "$ac_cv_gssapi_supports_spnego" = yes],[ + AC_DEFINE(HAVE_GSS_SPNEGO,,[Define if your GSSAPI implementation supports SPNEGO]) + ]) +- ++ fi + else + AC_MSG_RESULT([disabled]) + fi +-- +2.25.1 + diff --git a/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/debian_patches_0014_avoid_pic_overwrite.diff b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/debian_patches_0014_avoid_pic_overwrite.diff new file mode 100644 index 00000000000..0479acfb097 --- /dev/null +++ b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/debian_patches_0014_avoid_pic_overwrite.diff @@ -0,0 +1,28 @@ +From 1a5f3004e9081eab6263a29cd5be792f06441e36 Mon Sep 17 00:00:00 2001 +From: Fabian Fagerholm +Date: Wed, 24 Jul 2013 11:38:25 -0400 +Subject: [PATCH] cyrus-sasl: Add patches from Debian to fix linking + +Description: This patch makes sure the non-PIC version of libsasldb.a, which +is created out of non-PIC objects, is not going to overwrite the PIC version, +which is created out of PIC objects. The PIC version is placed in .libs, and +the non-PIC version in the current directory. This ensures that both non-PIC +and PIC versions are available in the correct locations. + +--- + lib/Makefile.am | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/Makefile.am b/lib/Makefile.am +index a158ca3..3137e19 100644 +--- a/lib/Makefile.am ++++ b/lib/Makefile.am +@@ -99,7 +99,7 @@ endif + + libsasl2.a: libsasl2.la $(SASL_STATIC_OBJS) + @echo adding static plugins and dependencies +- $(AR) cru .libs/$@ $(SASL_STATIC_OBJS) ++ $(AR) cru $@ $(SASL_STATIC_OBJS) + @for i in ./libsasl2.la ../common/libplugin_common.la ../sasldb/libsasldb.la ../plugins/lib*.la; do \ + if test ! -f $$i; then continue; fi; . $$i; \ + for j in $$dependency_libs foo; do \ diff --git a/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/saslauthd.conf b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/saslauthd.conf new file mode 100644 index 00000000000..a91a9d33402 --- /dev/null +++ b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/saslauthd.conf @@ -0,0 +1,11 @@ +# Directory in which to place saslauthd's listening socket, pid file, and so +# on. This directory must already exist. +SOCKETDIR=@LOCALSTATEDIR@/run/saslauthd + +# Mechanism to use when checking passwords. Run "saslauthd -v" to get a list +# of which mechanism your installation was compiled with the ablity to use. +MECH=pam + +# Additional flags to pass to saslauthd on the command line. See saslauthd(8) +# for the list of accepted flags. +FLAGS= diff --git a/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/saslauthd.service b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/saslauthd.service new file mode 100644 index 00000000000..e63592af6c5 --- /dev/null +++ b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl/saslauthd.service @@ -0,0 +1,12 @@ +[Unit] +Description=SASL authentication daemon. +After=syslog.target + +[Service] +Type=forking +PIDFile=/run/saslauthd/saslauthd.pid +EnvironmentFile=@SYSCONFDIR@/default/saslauthd +ExecStart=@SBINDIR@/saslauthd -m $SOCKETDIR -a $MECH $FLAGS + +[Install] +WantedBy=multi-user.target diff --git a/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl_%.bbappend b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl_%.bbappend new file mode 100644 index 00000000000..a46fed0e75c --- /dev/null +++ b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl_%.bbappend @@ -0,0 +1,11 @@ +# source bb: yocto-meta-openeuler/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb + +SRC_URI:remove = " \ + git://github.com/cyrusimap/cyrus-sasl;protocol=https;branch=cyrus-sasl-2.1 \ +" + +SRC_URI:prepend = " \ + file://cyrus-sasl-${PV}.tar.gz \ +" + +S = "${WORKDIR}/cyrus-sasl-${PV}" diff --git a/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb new file mode 100644 index 00000000000..e344733ef4c --- /dev/null +++ b/meta-openeuler/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb @@ -0,0 +1,99 @@ +SUMMARY = "Generic client/server library for SASL authentication" +SECTION = "libs" +HOMEPAGE = "http://asg.web.cmu.edu/sasl/" +DEPENDS = "openssl db groff-native" +LICENSE = "BSD-4-Clause" +LIC_FILES_CHKSUM = "file://COPYING;md5=3f55e0974e3d6db00ca6f57f2d206396" + +SRCREV = "7a6b45b177070198fed0682bea5fa87c18abb084" + +SRC_URI = "git://github.com/cyrusimap/cyrus-sasl;protocol=https;branch=cyrus-sasl-2.1 \ + file://avoid-to-call-AC_TRY_RUN.patch \ + file://debian_patches_0014_avoid_pic_overwrite.diff \ + file://0001-sample-Rename-dprintf-to-cyrus_dprintf.patch \ + file://saslauthd.service \ + file://saslauthd.conf \ + file://CVE-2019-19906.patch \ + file://CVE-2022-24407.patch \ + " + +UPSTREAM_CHECK_URI = "https://github.com/cyrusimap/cyrus-sasl/archives" + +S = "${WORKDIR}/git" + +inherit autotools pkgconfig useradd systemd + +EXTRA_OECONF += "--with-dblib=berkeley \ + --with-plugindir='${libdir}/sasl2' \ + andrew_cv_runpath_switch=none" + +PACKAGECONFIG ??= "\ + ${@bb.utils.filter('DISTRO_FEATURES', 'ldap pam', d)} \ +" +PACKAGECONFIG[gssapi] = "--enable-gssapi=yes,--enable-gssapi=no,krb5," +PACKAGECONFIG[pam] = "--with-pam,--without-pam,libpam," +PACKAGECONFIG[opie] = "--with-opie,--without-opie,opie," +PACKAGECONFIG[des] = "--with-des,--without-des,," +PACKAGECONFIG[ldap] = "--with-ldap=${STAGING_LIBDIR} --enable-ldapdb,--without-ldap --disable-ldapdb,openldap," +PACKAGECONFIG[ntlm] = "--enable-ntlm=yes,--enable-ntlm=no,," + +CFLAGS += "-fPIC" + +do_configure:prepend () { + # make it be able to work with db 5.0 version + local sed_files="sasldb/db_berkeley.c utils/dbconverter-2.c" + for sed_file in $sed_files; do + sed -i 's#DB_VERSION_MAJOR == 4.*#(&) || DB_VERSION_MAJOR == 5#' ${S}/$sed_file + done +} + +do_compile:prepend () { + cd include + ${BUILD_CC} ${BUILD_CFLAGS} ${BUILD_LDFLAGS} ${S}/include/makemd5.c -o makemd5 + touch makemd5.o makemd5.lo makemd5 + cd .. +} + +do_install:append() { + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + install -d ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/saslauthd.service ${D}${systemd_unitdir}/system + + sed -i -e 's#@SBINDIR@#${sbindir}#g' ${D}${systemd_unitdir}/system/saslauthd.service + sed -i -e 's#@LOCALSTATEDIR@#${localstatedir}#g' ${D}${systemd_unitdir}/system/saslauthd.service + sed -i -e 's#@SYSCONFDIR@#${sysconfdir}#g' ${D}${systemd_unitdir}/system/saslauthd.service + + install -d ${D}${sysconfdir}/tmpfiles.d + echo "d /run/saslauthd/ - - - -" > ${D}${sysconfdir}/tmpfiles.d/saslauthd.conf + + install -d ${D}${sysconfdir}/default/ + install -m 0644 ${WORKDIR}/saslauthd.conf ${D}${sysconfdir}/default/saslauthd + sed -i -e 's#@LOCALSTATEDIR@#${localstatedir}#g' ${D}${sysconfdir}/default/saslauthd + fi +} + +USERADD_PACKAGES = "${PN}-bin" +USERADD_PARAM:${PN}-bin = "--system --home=/var/spool/mail -g mail cyrus" + +SYSTEMD_PACKAGES = "${PN}-bin" +SYSTEMD_SERVICE:${PN}-bin = "saslauthd.service" +SYSTEMD_AUTO_ENABLE = "disable" + +SRC_URI[md5sum] = "a7f4e5e559a0e37b3ffc438c9456e425" +SRC_URI[sha256sum] = "8fbc5136512b59bb793657f36fadda6359cae3b08f01fd16b3d406f1345b7bc3" + +PACKAGES =+ "${PN}-bin" + +FILES:${PN} += "${libdir}/sasl2/*.so*" +FILES:${PN}-bin += "${bindir} \ + ${sysconfdir}/default/saslauthd \ + ${systemd_unitdir}/system/saslauthd.service \ + ${sysconfdir}/tmpfiles.d/saslauthd.conf" +FILES:${PN}-dev += "${libdir}/sasl2/*.la" +FILES:${PN}-dbg += "${libdir}/sasl2/.debug" +FILES:${PN}-staticdev += "${libdir}/sasl2/*.a" + +INSANE_SKIP:${PN} += "dev-so" + +# CVE-2020-8032 affects only openSUSE +CVE_CHECK_IGNORE += "CVE-2020-8032" -- Gitee From d85376057a0b5d383584653c5aaed0dcdffcbb0c Mon Sep 17 00:00:00 2001 From: zhang-wenyu1 Date: Mon, 6 Jan 2025 17:19:01 +0800 Subject: [PATCH 5/8] libthai: add recipe for libthai and modify manifest.yaml 1. add recipe for libthai 2. modify manifest.yaml Signed-off-by: zhang_wenyu --- .oebuild/manifest.yaml | 3 +++ .../libthai/libthai_%.bbappend | 5 +++++ .../libthai/libthai_0.1.29.bb | 20 +++++++++++++++++++ 3 files changed, 28 insertions(+) create mode 100644 meta-openeuler/recipes-devtools/libthai/libthai_%.bbappend create mode 100644 meta-openeuler/recipes-devtools/libthai/libthai_0.1.29.bb diff --git a/.oebuild/manifest.yaml b/.oebuild/manifest.yaml index a08238cf7bc..d7d83f40d6d 100644 --- a/.oebuild/manifest.yaml +++ b/.oebuild/manifest.yaml @@ -2229,3 +2229,6 @@ manifest_list: cyrus-sasl: remote_url: https://gitee.com/src-openeuler/cyrus-sasl.git version: 63eb17a1231d47fd5f115d1edb58d2ad6c77c5f3 + libthai: + remote_url: https://gitee.com/src-openeuler/libthai.git + version: b849bd91d1eea212f4daa95a6574e00411792afa diff --git a/meta-openeuler/recipes-devtools/libthai/libthai_%.bbappend b/meta-openeuler/recipes-devtools/libthai/libthai_%.bbappend new file mode 100644 index 00000000000..0ea03b39de6 --- /dev/null +++ b/meta-openeuler/recipes-devtools/libthai/libthai_%.bbappend @@ -0,0 +1,5 @@ +# source bb: yocto-meta-openeuler/meta-openeuler/recipes-devtools/libthai/libthai_0.1.29.bb + +SRC_URI:prepend = " \ + file://libthai-${PV}.tar.xz \ +" diff --git a/meta-openeuler/recipes-devtools/libthai/libthai_0.1.29.bb b/meta-openeuler/recipes-devtools/libthai/libthai_0.1.29.bb new file mode 100644 index 00000000000..3faa28da5bc --- /dev/null +++ b/meta-openeuler/recipes-devtools/libthai/libthai_0.1.29.bb @@ -0,0 +1,20 @@ +SUMMARY = "Libaray for Thai language" +DESCRIPTION = "LibThai is a C library for developers who need Thai language support in their programs. It includes Thai character set support, Thai character properties, Thai string manipulators, Thai string collation, Thai word breaking, Thai input method and Thai output method." +HOMEPAGE = "http://linux.thai.net" +SECTION = "libs" +LICENSE = "LGPLv2+" +LIC_FILES_CHKSUM = "file://COPYING;md5=2d5025d4aa3495befef8f17206a5b0a1 \ + " + +SRC_URI = "https://linux.thai.net/pub/thailinux/software/libthai/libthai-${PV}.tar.xz" +SRC_URI[sha256sum] = "fc80cc7dcb50e11302b417cebd24f2d30a8b987292e77e003267b9100d0f4bcd" + +DEPENDS += "libdatrie doxygen pkgconfig " + +inherit autotools + +BBCLASSEXTEND = "native nativesdk" + +EXTRA_OECONF += " \ + --disable-dict \ +" -- Gitee From 3ecc95b1f2615805c3ade84c13d7b1c4c67afe21 Mon Sep 17 00:00:00 2001 From: zhang-wenyu1 Date: Mon, 6 Jan 2025 17:21:36 +0800 Subject: [PATCH 6/8] libxinerama: add recipe for libxinerama and modify manifest.yaml 1. add recipe for libxinerama 2. modify manifest.yaml Signed-off-by: zhang_wenyu --- .oebuild/manifest.yaml | 3 +++ .../recipes-graphics/xorg-lib/libxinerama_%.bbappend | 5 +++++ 2 files changed, 8 insertions(+) create mode 100644 meta-openeuler/recipes-graphics/xorg-lib/libxinerama_%.bbappend diff --git a/.oebuild/manifest.yaml b/.oebuild/manifest.yaml index d7d83f40d6d..92ed0ff3d75 100644 --- a/.oebuild/manifest.yaml +++ b/.oebuild/manifest.yaml @@ -2232,3 +2232,6 @@ manifest_list: libthai: remote_url: https://gitee.com/src-openeuler/libthai.git version: b849bd91d1eea212f4daa95a6574e00411792afa + libXinerama: + remote_url: https://gitee.com/src-openeuler/libXinerama.git + version: e085802c15b8fbc35c5ff66930e004fee8df0e3d diff --git a/meta-openeuler/recipes-graphics/xorg-lib/libxinerama_%.bbappend b/meta-openeuler/recipes-graphics/xorg-lib/libxinerama_%.bbappend new file mode 100644 index 00000000000..fd0a632a8f7 --- /dev/null +++ b/meta-openeuler/recipes-graphics/xorg-lib/libxinerama_%.bbappend @@ -0,0 +1,5 @@ +# source bb: yocto-poky/meta/recipes-graphics/xorg-lib/libxinerama_1.1.4.bb + +require openeuler-xorg-lib-common.inc + +PV = "1.1.5" -- Gitee From 91ba9a8033fb95bbfa4cac14a2ca746b9c957232 Mon Sep 17 00:00:00 2001 From: zhang-wenyu1 Date: Mon, 6 Jan 2025 17:23:24 +0800 Subject: [PATCH 7/8] libxres: add recipe for libxres and modify manifest.yaml 1. add recipe for libxres 2. modify manifest.yaml Signed-off-by: zhang_wenyu --- .oebuild/manifest.yaml | 3 +++ meta-openeuler/recipes-graphics/xorg-lib/libxres_%.bbappend | 5 +++++ 2 files changed, 8 insertions(+) create mode 100644 meta-openeuler/recipes-graphics/xorg-lib/libxres_%.bbappend diff --git a/.oebuild/manifest.yaml b/.oebuild/manifest.yaml index 92ed0ff3d75..3e8aaa80f87 100644 --- a/.oebuild/manifest.yaml +++ b/.oebuild/manifest.yaml @@ -2235,3 +2235,6 @@ manifest_list: libXinerama: remote_url: https://gitee.com/src-openeuler/libXinerama.git version: e085802c15b8fbc35c5ff66930e004fee8df0e3d + libXres: + remote_url: https://gitee.com/src-openeuler/libXres.git + version: 0730fca99a4cbda210567400bf3ba10f1d3d6a55 diff --git a/meta-openeuler/recipes-graphics/xorg-lib/libxres_%.bbappend b/meta-openeuler/recipes-graphics/xorg-lib/libxres_%.bbappend new file mode 100644 index 00000000000..19fb07f59a6 --- /dev/null +++ b/meta-openeuler/recipes-graphics/xorg-lib/libxres_%.bbappend @@ -0,0 +1,5 @@ +# source bb: yocto-poky/meta/recipes-graphics/xorg-lib/libxres_1.2.1.bb + +require openeuler-xorg-lib-common.inc + +PV = "1.2.2" -- Gitee From e7bed74f78e1d46cadd70537b7bc3ed17823c03a Mon Sep 17 00:00:00 2001 From: zhang-wenyu1 Date: Mon, 6 Jan 2025 17:25:39 +0800 Subject: [PATCH 8/8] libglvnd: add recipe for libglvnd and modify manifest.yaml 1. add recipe for libglvnd 2. modify manifest.yaml Signed-off-by: zhang_wenyu --- .oebuild/manifest.yaml | 3 ++ .../libglvnd/libglvnd_%.bbappend | 11 +++++++ .../libglvnd/libglvnd_1.7.0.bb | 30 +++++++++++++++++++ 3 files changed, 44 insertions(+) create mode 100644 meta-openeuler/recipes-graphics/libglvnd/libglvnd_%.bbappend create mode 100644 meta-openeuler/recipes-graphics/libglvnd/libglvnd_1.7.0.bb diff --git a/.oebuild/manifest.yaml b/.oebuild/manifest.yaml index 3e8aaa80f87..142201ba5f4 100644 --- a/.oebuild/manifest.yaml +++ b/.oebuild/manifest.yaml @@ -2238,3 +2238,6 @@ manifest_list: libXres: remote_url: https://gitee.com/src-openeuler/libXres.git version: 0730fca99a4cbda210567400bf3ba10f1d3d6a55 + libglvnd: + remote_url: https://gitee.com/src-openeuler/libglvnd.git + version: 623d3b7ed820057af6106673056041867b35ab7c diff --git a/meta-openeuler/recipes-graphics/libglvnd/libglvnd_%.bbappend b/meta-openeuler/recipes-graphics/libglvnd/libglvnd_%.bbappend new file mode 100644 index 00000000000..a2b05e8d2ba --- /dev/null +++ b/meta-openeuler/recipes-graphics/libglvnd/libglvnd_%.bbappend @@ -0,0 +1,11 @@ +# source bb: yocto-meta-openeuler/meta-openeuler/recipes-graphics/libglvnd/libglvnd_1.7.0.bb + +SRC_URI:remove = " \ + git://git@gitlab.freedesktop.org/glvnd/libglvnd.git;protocol=https;branch=master \ +" + +SRC_URI:prepend = " \ + file://v${PV}.tar.gz \ +" + +S = "${WORKDIR}/libglvnd-${PV}" diff --git a/meta-openeuler/recipes-graphics/libglvnd/libglvnd_1.7.0.bb b/meta-openeuler/recipes-graphics/libglvnd/libglvnd_1.7.0.bb new file mode 100644 index 00000000000..4094aa4fc61 --- /dev/null +++ b/meta-openeuler/recipes-graphics/libglvnd/libglvnd_1.7.0.bb @@ -0,0 +1,30 @@ +DESCRIPTION = "libglvnd is a vendor-neutral dispatch layer for arbitrating \ +OpenGL API calls between multiple vendors." +HOMEPAGE = "https://gitlab.freedesktop.org/glvnd/libglvnd" +LICENSE = "MIT & BSD-1-Clause & BSD-3-Clause & GPL-3.0-with-autoconf-exception" +LIC_FILES_CHKSUM = "file://README.md;beginline=323;md5=7ac5f0111f648b92fe5427efeb08e8c4" + +SRC_URI = "git://git@gitlab.freedesktop.org/glvnd/libglvnd.git;protocol=https;branch=master" + +# v1.5.0 tag +SRCREV = "faa23f21fc677af5792825dc30cb1ccef4bf33a6" + +REQUIRED_DISTRO_FEATURES = "opengl" + +inherit meson pkgconfig features_check + +S = "${WORKDIR}/git" + +PACKAGECONFIG ?= "\ + ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', 'egl gles1 gles2', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'opengl x11', 'glx', '', d)} \ + " + +PACKAGECONFIG[x11] = "-Dx11=enabled,-Dx11=disabled,libx11 libxext xorgproto" +PACKAGECONFIG[glx] = "-Dglx=enabled,-Dglx=disabled,libx11 libxext xorgproto" +PACKAGECONFIG[egl] = "-Degl=true,-Degl=false," +PACKAGECONFIG[gles1] = "-Dgles1=true,-Dgles1=false," +PACKAGECONFIG[gles2] = "-Dgles2=true,-Dgles2=false," + +BBCLASSEXTEND = "native nativesdk" -- Gitee