[OE-core] [PATCH] dhcp: update 4.4.1

akuster808 akuster808 at gmail.com
Fri Jun 29 20:40:24 UTC 2018 


On 06/29/2018 08:13 AM, Christopher Larson wrote:
>
>
> On Sun, Jun 24, 2018 at 11:43 AM Armin Kuster <akuster808 at gmail.com
> <mailto:akuster808 at gmail.com>> wrote:
>
>     include several CVE fixes.
>     CVE: CVE-2018-5733
>     CVE: CVE-2018-5732
>
>     LIC_CHKSUM_FILE updated to SPFX format
>
>     https://kb.isc.org/article/AA-01571
>
>     remove several patches now included in update.
>     Shared libarary support is now enabled in configure+lt, use it
>     and revert to autotools-brokensep
>     Refresh patches
>
>     alings support with bind 9.11.x
>
>     add libxml2 support to configure.ac <http://configure.ac>+lt
>
>     Signed-off-by: Armin Kuster <akuster808 at gmail.com
>     <mailto:akuster808 at gmail.com>>
>     ---
>      meta/recipes-connectivity/dhcp/dhcp.inc            |  19 +-
>      ...o-_PATH_DHCPD_CONF-and-_PATH_DHCLIENT_CON.patch |  13 +-
>      .../dhcp/dhcp/0003-link-with-lcrypto.patch         |  13 +-
>      .../dhcp/dhcp/0004-Fix-out-of-tree-builds.patch    | 109 +++++------
>      .../dhcp/0006-site.h-enable-gentle-shutdown.patch  |  13 +-
>      ...re-argument-to-make-the-libxml2-dependenc.patch |  40 +++-
>      .../dhcp/dhcp/0010-build-shared-libs.patch         | 208
>     ---------------------
>      ...all-to-isc_app_ctxstart-to-not-get-signal.patch |  81 --------
>      ...correct-the-intention-for-xml2-lib-search.patch |  13 +-
>      .../dhcp/dhcp/CVE-2017-3144.patch                  |  74 --------
>      .../dhcp/{dhcp_4.3.6.bb <http://dhcp_4.3.6.bb> => dhcp_4.4.1.bb
>     <http://dhcp_4.4.1.bb>}          |  12 +-
>      11 files changed, 120 insertions(+), 475 deletions(-)
>      delete mode 100644
>     meta/recipes-connectivity/dhcp/dhcp/0010-build-shared-libs.patch
>      delete mode 100644
>     meta/recipes-connectivity/dhcp/dhcp/0011-Moved-the-call-to-isc_app_ctxstart-to-not-get-signal.patch
>      delete mode 100644
>     meta/recipes-connectivity/dhcp/dhcp/CVE-2017-3144.patch
>      rename meta/recipes-connectivity/dhcp/{dhcp_4.3.6.bb
>     <http://dhcp_4.3.6.bb> => dhcp_4.4.1.bb <http://dhcp_4.4.1.bb>} (65%)
>
>     diff --git a/meta/recipes-connectivity/dhcp/dhcp.inc
>     b/meta/recipes-connectivity/dhcp/dhcp.inc
>     index e943707..2eb3513 100644
>     --- a/meta/recipes-connectivity/dhcp/dhcp.inc
>     +++ b/meta/recipes-connectivity/dhcp/dhcp.inc
>     @@ -8,7 +8,7 @@ easier to administer devices."
>      HOMEPAGE = "http://www.isc.org/"
>
>      LICENSE = "ISC"
>     -LIC_FILES_CHKSUM =
>     "file://LICENSE;beginline=4;md5=c5c64d696107f84b56fe337d14da1753"
>     +LIC_FILES_CHKSUM =
>     "file://LICENSE;beginline=4;md5=004a4db50a1e20972e924a8618747c01"
>
>      DEPENDS = "openssl bind"
>
>     @@ -24,7 +24,7 @@ SRC_URI =
>     "http://ftp.isc.org/isc/dhcp/${PV}/dhcp-${PV}.tar.gz
>     <http://ftp.isc.org/isc/dhcp/$%7BPV%7D/dhcp-$%7BPV%7D.tar.gz> \
>      UPSTREAM_CHECK_URI = "ftp://ftp.isc.org/isc/dhcp/"
>      UPSTREAM_CHECK_REGEX = "(?P<pver>\d+\.\d+\.(\d+?))/"
>
>     -inherit autotools systemd useradd update-rc.d
>     +inherit autotools-brokensep systemd useradd update-rc.d
>
>      USERADD_PACKAGES = "${PN}-server"
>      USERADD_PARAM_${PN}-server = "--system --no-create-home
>     --home-dir /var/run/${BPN} --shell /bin/false --user-group ${BPN}"
>     @@ -48,11 +48,21 @@ EXTRA_OECONF =
>     "--with-srv-lease-file=${localstatedir}/lib/dhcp/dhcpd.leases \
>                    
>      --with-srv6-lease-file=${localstatedir}/lib/dhcp/dhcpd6.leases \
>                    
>      --with-cli-lease-file=${localstatedir}/lib/dhcp/dhclient.leases \
>                    
>      --with-cli6-lease-file=${localstatedir}/lib/dhcp/dhclient6.leases \
>     -                --with-libbind=${STAGING_LIBDIR}/ \
>                      --enable-paranoia --disable-static \
>                      --with-randomdev=/dev/random \
>     +                --with-libbind=${STAGING_DIR_HOST}/usr \
>     +               --enable-libtool \
>                     "
>
>     +#Enable shared libs per dhcp README
>     +do_configure () {
>     +       cd ${S}
>     +       cp configure.ac <http://configure.ac>+lt configure.ac
>     <http://configure.ac>
>     +        autoreconf -i
>     +       ./configure  ${CONFIGUREOPTS} ${EXTRA_OECONF}   
>     +       automake
>
>
> 1. Why run automake when autoreconf already runs automake?
it caused errors when I did not included.

> 2. Why override do_configure and reproduce what's already in
> autotools-brokensep rather than doing the cp in a do_configure_prepend?
I did that first and it did not work. The README regarding *+lt says it
needs "autoreconf -i". I am only doing this as the current version of
dhcp has a patch to create shared libs. The isc dhcp solution to this is
their configure.ac+lt.  I would rather no do this but someone needed
shared libs.

- armin


> -- 
> Christopher Larson
> kergoth at gmail dot com
> Founder - BitBake, OpenEmbedded, OpenZaurus
> Senior Software Engineer, Mentor Graphics

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20180629/03fd888d/attachment-0002.html>

More information about the Openembedded-core mailing list