* [PATCH 0/4] Some final package Updates for 1.7
@ 2014-09-05 20:06 Saul Wold
2014-09-05 20:06 ` [PATCH 1/4] vala: Update to 0.24.0 Saul Wold
` (3 more replies)
0 siblings, 4 replies; 6+ messages in thread
From: Saul Wold @ 2014-09-05 20:06 UTC (permalink / raw)
To: openembedded-core
Richard,
Here are some of the package updates that I had pending as we discussed.
There is one more pending (nspr), which has an autotools issue I am working.
Thanks
Sau!
The following changes since commit e72aac2ae9e5fce1715fa04b7e94034fd06892d9:
alsa-lib: libasound should runtime depends on alsa-conf (2014-09-03 11:30:11 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib sgw/updates
http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=sgw/updates
Saul Wold (4):
vala: Update to 0.24.0
findutils: Upgrade to 4.5.14
libcap: Upgrade to 2.24
nss: Upgrade to 3.17
meta/recipes-devtools/vala/vala.inc | 3 +-
...-gen-don-t-append-dirty-if-we-re-not-in-g.patch | 0
meta/recipes-devtools/vala/vala_0.16.0.bb | 8 -
meta/recipes-devtools/vala/vala_0.24.0.bb | 6 +
.../findutils/findutils-4.4.2/01-27017.patch | 781 ------------------
.../findutils/findutils-4.4.2/02-28824.patch | 294 -------
.../findutils/findutils-4.4.2/03-28872.patch | 58 --
.../findutils-4.4.2/findutils_fix_doc.patch | 84 --
.../findutils_fix_for_automake-1.12.patch | 22 -
.../findutils-4.4.2/findutils_fix_for_x32.patch | 40 -
meta/recipes-extended/findutils/findutils.inc | 2 +-
.../{findutils_4.4.2.bb => findutils_4.5.14.bb} | 16 +-
meta/recipes-support/libcap/libcap.inc | 10 +-
.../libcap/libcap/fix-CAP_LAST_CAP.patch | 39 -
meta/recipes-support/libcap/libcap_2.22.bb | 6 -
meta/recipes-support/libcap/libcap_2.24.bb | 4 +
.../nss/files/nss-3.15.1-fix-CVE-2013-1739.patch | 81 --
.../nss/files/nss-3.15.1-fix-CVE-2013-1741.patch | 92 ---
.../nss/files/nss-3.15.1-fix-CVE-2013-5605.patch | 18 -
.../nss/files/nss-CVE-2013-1740.patch | 916 ---------------------
.../nss/files/nss-CVE-2013-5606.patch | 48 --
.../nss/files/nss-CVE-2014-1492.patch | 68 --
.../nss/files/nss-CVE-2014-1544.patch | 41 -
meta/recipes-support/nss/nss.inc | 9 +-
.../nss-fix-incorrect-shebang-of-perl.patch | 0
.../nss-fix-support-cross-compiling.patch | 0
.../nss-no-rpath-for-cross-compiling.patch | 0
meta/recipes-support/nss/{files => nss}/nss.pc.in | 0
.../recipes-support/nss/{files => nss}/signlibs.sh | 0
meta/recipes-support/nss/nss_3.15.1.bb | 9 -
meta/recipes-support/nss/nss_3.17.bb | 8 +
31 files changed, 28 insertions(+), 2635 deletions(-)
rename meta/recipes-devtools/vala/{vala-0.16.0 => vala}/0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch (100%)
delete mode 100644 meta/recipes-devtools/vala/vala_0.16.0.bb
create mode 100644 meta/recipes-devtools/vala/vala_0.24.0.bb
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/01-27017.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/02-28824.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/03-28872.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_doc.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_automake-1.12.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_x32.patch
rename meta/recipes-extended/findutils/{findutils_4.4.2.bb => findutils_4.5.14.bb} (48%)
delete mode 100644 meta/recipes-support/libcap/libcap/fix-CAP_LAST_CAP.patch
delete mode 100644 meta/recipes-support/libcap/libcap_2.22.bb
create mode 100644 meta/recipes-support/libcap/libcap_2.24.bb
delete mode 100644 meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1739.patch
delete mode 100644 meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1741.patch
delete mode 100644 meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2013-1740.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2013-5606.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2014-1492.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2014-1544.patch
rename meta/recipes-support/nss/{files => nss}/nss-fix-incorrect-shebang-of-perl.patch (100%)
rename meta/recipes-support/nss/{files => nss}/nss-fix-support-cross-compiling.patch (100%)
rename meta/recipes-support/nss/{files => nss}/nss-no-rpath-for-cross-compiling.patch (100%)
rename meta/recipes-support/nss/{files => nss}/nss.pc.in (100%)
rename meta/recipes-support/nss/{files => nss}/signlibs.sh (100%)
delete mode 100644 meta/recipes-support/nss/nss_3.15.1.bb
create mode 100644 meta/recipes-support/nss/nss_3.17.bb
--
1.8.3.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 1/4] vala: Update to 0.24.0
2014-09-05 20:06 [PATCH 0/4] Some final package Updates for 1.7 Saul Wold
@ 2014-09-05 20:06 ` Saul Wold
2014-09-05 20:06 ` [PATCH 2/4] findutils: Upgrade to 4.5.14 Saul Wold
` (2 subsequent siblings)
3 siblings, 0 replies; 6+ messages in thread
From: Saul Wold @ 2014-09-05 20:06 UTC (permalink / raw)
To: openembedded-core
Remove un-needed PR and INC_PR
Rename vala-0.16 to more geneic vala
Now correctly supports seperate build/source directorys so drop -sepbuild tag
Signed-off-by: Saul Wold <sgw@linux.intel.com>
---
meta/recipes-devtools/vala/vala.inc | 3 +--
...001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch | 0
meta/recipes-devtools/vala/vala_0.16.0.bb | 8 --------
meta/recipes-devtools/vala/vala_0.24.0.bb | 6 ++++++
4 files changed, 7 insertions(+), 10 deletions(-)
rename meta/recipes-devtools/vala/{vala-0.16.0 => vala}/0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch (100%)
delete mode 100644 meta/recipes-devtools/vala/vala_0.16.0.bb
create mode 100644 meta/recipes-devtools/vala/vala_0.24.0.bb
diff --git a/meta/recipes-devtools/vala/vala.inc b/meta/recipes-devtools/vala/vala.inc
index 64e7daf..cac8728 100644
--- a/meta/recipes-devtools/vala/vala.inc
+++ b/meta/recipes-devtools/vala/vala.inc
@@ -7,12 +7,11 @@ BBCLASSEXTEND = "native"
HOMEPAGE = "http://vala-project.org"
LICENSE = "LGPLv2.1"
LIC_FILES_CHKSUM = "file://COPYING;md5=fbc093901857fcd118f065f900982c24"
-INC_PR = "r1"
SHRT_VER = "${@d.getVar('PV',1).split('.')[0]}.${@d.getVar('PV',1).split('.')[1]}"
SRC_URI = "http://ftp.gnome.org/pub/GNOME/sources/${BPN}/${SHRT_VER}/${BP}.tar.xz"
-inherit autotools-brokensep pkgconfig
+inherit autotools pkgconfig
EXTRA_OECONF = "--disable-vapigen"
diff --git a/meta/recipes-devtools/vala/vala-0.16.0/0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch b/meta/recipes-devtools/vala/vala/0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch
similarity index 100%
rename from meta/recipes-devtools/vala/vala-0.16.0/0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch
rename to meta/recipes-devtools/vala/vala/0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch
diff --git a/meta/recipes-devtools/vala/vala_0.16.0.bb b/meta/recipes-devtools/vala/vala_0.16.0.bb
deleted file mode 100644
index 92120b4..0000000
--- a/meta/recipes-devtools/vala/vala_0.16.0.bb
+++ /dev/null
@@ -1,8 +0,0 @@
-require ${BPN}.inc
-
-PR = "${INC_PR}.1"
-
-SRC_URI += " file://0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch"
-
-SRC_URI[md5sum] = "84b742e9cca4c90fde3026c3793c03c1"
-SRC_URI[sha256sum] = "3adb37aa2b35e2e2daed47552e85dbcbf752c0f7768b269d856993620073a657"
diff --git a/meta/recipes-devtools/vala/vala_0.24.0.bb b/meta/recipes-devtools/vala/vala_0.24.0.bb
new file mode 100644
index 0000000..342a875
--- /dev/null
+++ b/meta/recipes-devtools/vala/vala_0.24.0.bb
@@ -0,0 +1,6 @@
+require ${BPN}.inc
+
+SRC_URI += " file://0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch"
+
+SRC_URI[md5sum] = "beddeff9c06d3c278988b237da0e7401"
+SRC_URI[sha256sum] = "22a37c977512c19cd29c373eaaef96cb2c994795d491106f32387f3f9d1e899c"
--
1.8.3.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 2/4] findutils: Upgrade to 4.5.14
2014-09-05 20:06 [PATCH 0/4] Some final package Updates for 1.7 Saul Wold
2014-09-05 20:06 ` [PATCH 1/4] vala: Update to 0.24.0 Saul Wold
@ 2014-09-05 20:06 ` Saul Wold
2014-09-05 20:06 ` [PATCH 3/4] libcap: Upgrade to 2.24 Saul Wold
2014-09-05 20:06 ` [PATCH 4/4] nss: Upgrade to 3.17 Saul Wold
3 siblings, 0 replies; 6+ messages in thread
From: Saul Wold @ 2014-09-05 20:06 UTC (permalink / raw)
To: openembedded-core
Move findutils-4.4.2 directory to more generic findutils
Removed backported patches
Signed-off-by: Saul Wold <sgw@linux.intel.com>
---
.../findutils/findutils-4.4.2/01-27017.patch | 781 ---------------------
.../findutils/findutils-4.4.2/02-28824.patch | 294 --------
.../findutils/findutils-4.4.2/03-28872.patch | 58 --
.../findutils-4.4.2/findutils_fix_doc.patch | 84 ---
.../findutils_fix_for_automake-1.12.patch | 22 -
.../findutils-4.4.2/findutils_fix_for_x32.patch | 40 --
meta/recipes-extended/findutils/findutils.inc | 2 +-
.../{findutils_4.4.2.bb => findutils_4.5.14.bb} | 16 +-
8 files changed, 4 insertions(+), 1293 deletions(-)
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/01-27017.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/02-28824.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/03-28872.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_doc.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_automake-1.12.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_x32.patch
rename meta/recipes-extended/findutils/{findutils_4.4.2.bb => findutils_4.5.14.bb} (48%)
diff --git a/meta/recipes-extended/findutils/findutils-4.4.2/01-27017.patch b/meta/recipes-extended/findutils/findutils-4.4.2/01-27017.patch
deleted file mode 100644
index 69c1486..0000000
--- a/meta/recipes-extended/findutils/findutils-4.4.2/01-27017.patch
+++ /dev/null
@@ -1,781 +0,0 @@
-Upstream-Status: Backport
-
-commit af974034b68bf59337c7a384e488a518a77dfecd
-Author: James Youngman <jay@gnu.org>
-Date: Sat Jul 11 19:55:27 2009 +0100
-
- Fix Savannah bug #27017: find -D opt / -fstype ext3 -print , -quit coredump.
-
- Fix Savannah bug #27017: find -D opt / -fstype ext3 -print , -quit
- coredumps.
- * find/tree.c (set_new_parent): Initialise struct
- predicate->arg_text to NULL (instead of leaving it uninitialised).
- (get_new_pred_noarg): Likewise.
- (get_new_pred): Initialise predicate->arg_text to
- "ThisShouldBeSetToSomethingElse" to make it easier to notice
- bugs.
- (get_new_pred_chk_op): Use get_new_pred_noarg.
- (print_predicate): Use an if statement instead of
- two ternary operators.
- * find/util.c (insert_primary_withpred): Accept new argument, arg,
- being the argument (if any) of this predicate. Pass it to
- get_new_pred_chk_op.
- (insert_primary): Likewise (pass arg to insert_primary_withpred).
- (insert_primary_noarg): New function; calls insert_primary with
- arg=NULL.
- * find/parser.c (collect_arg_stat_info): Add an output parameter;
- the filename from which we collected the stat information.
- (parse_closeparen, parse_delete, parse_and, parse_or,
- parse_comma): Use get_new_pred_noarg.
- (parse_cnewer, parse_newer, parse_anewer): Use new
- collect_arg_stat_info and insert_primary interface.
- (parse_print, parse_prune, parse_nouser, parse_empty): Use
- insert_primary_noarg.
- (parse_accesscheck, parse_false): Use insert_primary_noarg.
- (parse_used, parse_iname, parse_fprint, insert_fprint,
- parse_fstype, parse_ilname): Use new collect_arg and
- insert_primary interfaces.
- (parse_ipath, parse_lname, do_parse_xmin, parse_name, parse_path,
- parse_perm, parse_size, parse_user, parse_time): Use new
- collect_arg and insert_primary_withpred interface.
- (parse_negate, parse_openparen): Use new get_new_pred_chk_op interface.
- (parse_newerXY, parse_nogroup): Use new insert_primary interface.
- (insert_regex, parse_samefile): Use new insert_primary_withpred
- interface.
- (insert_type, insert_fprintf, new_insert_exec_ok, insert_num): Use
- new insert_primary_withpred interface.
- * find/defs.h (struct predicate.arg_text): make const.
- Add declarations for new function get_new_pred_noarg and
- insert_primary_noarg. Add 'arg' parameter to get_new_pred_chk_op
- and insert_primary_withpred.
-
-diff --git a/ChangeLog b/ChangeLog
-index 6e346b8..e8ba0f8 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,0 +1,45 @@
-+2009-07-11 James Youngman <jay@gnu.org>
-+
-+ Fix Savannah bug #27017: find -D opt / -fstype ext3 -print , -quit
-+ coredumps.
-+ * find/tree.c (set_new_parent): Initialise struct
-+ predicate->arg_text to NULL (instead of leaving it uninitialised).
-+ (get_new_pred_noarg): Likewise.
-+ (get_new_pred): Initialise predicate->arg_text to
-+ "ThisShouldBeSetToSomethingElse" to make it easier to notice
-+ bugs.
-+ (get_new_pred_chk_op): Use get_new_pred_noarg.
-+ (print_predicate): Use an if statement instead of
-+ two ternary operators.
-+ * find/util.c (insert_primary_withpred): Accept new argument, arg,
-+ being the argument (if any) of this predicate. Pass it to
-+ get_new_pred_chk_op.
-+ (insert_primary): Likewise (pass arg to insert_primary_withpred).
-+ (insert_primary_noarg): New function; calls insert_primary with
-+ arg=NULL.
-+ * find/parser.c (collect_arg_stat_info): Add an output parameter;
-+ the filename from which we collected the stat information.
-+ (parse_closeparen, parse_delete, parse_and, parse_or,
-+ parse_comma): Use get_new_pred_noarg.
-+ (parse_cnewer, parse_newer, parse_anewer): Use new
-+ collect_arg_stat_info and insert_primary interface.
-+ (parse_print, parse_prune, parse_nouser, parse_empty): Use
-+ insert_primary_noarg.
-+ (parse_accesscheck, parse_false): Use insert_primary_noarg.
-+ (parse_used, parse_iname, parse_fprint, insert_fprint,
-+ parse_fstype, parse_ilname): Use new collect_arg and
-+ insert_primary interfaces.
-+ (parse_ipath, parse_lname, do_parse_xmin, parse_name, parse_path,
-+ parse_perm, parse_size, parse_user, parse_time): Use new
-+ collect_arg and insert_primary_withpred interface.
-+ (parse_negate, parse_openparen): Use new get_new_pred_chk_op interface.
-+ (parse_newerXY, parse_nogroup): Use new insert_primary interface.
-+ (insert_regex, parse_samefile): Use new insert_primary_withpred
-+ interface.
-+ (insert_type, insert_fprintf, new_insert_exec_ok, insert_num): Use
-+ new insert_primary_withpred interface.
-+ * find/defs.h (struct predicate.arg_text): make const.
-+ Add declarations for new function get_new_pred_noarg and
-+ insert_primary_noarg. Add 'arg' parameter to get_new_pred_chk_op
-+ and insert_primary_withpred.
-+
-diff --git a/find/defs.h b/find/defs.h
-index 1708d83..4539fd9 100644
---- a/find/defs.h
-+++ b/find/defs.h
-@@ -297,7 +297,7 @@ struct predicate
- boolean artificial;
-
- /* The raw text of the argument of this predicate. */
-- char *arg_text;
-+ const char *arg_text;
-
- /* Information needed by the predicate processor.
- Next to each member are listed the predicates that use it. */
-@@ -480,13 +480,16 @@ void show_success_rates(const struct predicate *node);
- /* tree.c */
- struct predicate * build_expression_tree PARAMS((int argc, char *argv[], int end_of_leading_options));
- struct predicate * get_eval_tree PARAMS((void));
-+struct predicate *get_new_pred_noarg (const struct parser_table *entry);
- struct predicate *get_new_pred PARAMS((const struct parser_table *entry));
--struct predicate *get_new_pred_chk_op PARAMS((const struct parser_table *entry));
-+struct predicate *get_new_pred_chk_op PARAMS((const struct parser_table *entry,
-+ const char *arg));
- float calculate_derived_rates PARAMS((struct predicate *p));
-
- /* util.c */
--struct predicate *insert_primary PARAMS((const struct parser_table *entry));
--struct predicate *insert_primary_withpred PARAMS((const struct parser_table *entry, PRED_FUNC fptr));
-+struct predicate *insert_primary PARAMS((const struct parser_table *entry, const char *arg));
-+struct predicate *insert_primary_noarg PARAMS((const struct parser_table *entry));
-+struct predicate *insert_primary_withpred PARAMS((const struct parser_table *entry, PRED_FUNC fptr, const char *arg));
- void usage PARAMS((FILE *fp, int status, char *msg));
- extern boolean check_nofollow(void);
- void complete_pending_execs(struct predicate *p);
-diff --git a/find/parser.c b/find/parser.c
-index 534b670..2e6b989 100644
---- a/find/parser.c
-+++ b/find/parser.c
-@@ -640,11 +640,13 @@ collect_arg(char **argv, int *arg_ptr, const char **collected_arg)
- }
-
- static boolean
--collect_arg_stat_info(char **argv, int *arg_ptr, struct stat *p)
-+collect_arg_stat_info(char **argv, int *arg_ptr, struct stat *p,
-+ const char **argument)
- {
- const char *filename;
- if (collect_arg(argv, arg_ptr, &filename))
- {
-+ *argument = filename;
- if (0 == (options.xstat)(filename, p))
- {
- return true;
-@@ -656,6 +658,7 @@ collect_arg_stat_info(char **argv, int *arg_ptr, struct stat *p)
- }
- else
- {
-+ *argument = NULL;
- return false;
- }
- }
-@@ -679,7 +682,7 @@ parse_and (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = get_new_pred (entry);
-+ our_pred = get_new_pred_noarg (entry);
- our_pred->pred_func = pred_and;
- our_pred->p_type = BI_OP;
- our_pred->p_prec = AND_PREC;
-@@ -691,11 +694,12 @@ static boolean
- parse_anewer (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- struct stat stat_newer;
-+ const char *arg;
-
- set_stat_placeholders(&stat_newer);
-- if (collect_arg_stat_info(argv, arg_ptr, &stat_newer))
-+ if (collect_arg_stat_info(argv, arg_ptr, &stat_newer, &arg))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, arg);
- our_pred->args.reftime.xval = XVAL_ATIME;
- our_pred->args.reftime.ts = get_stat_mtime(&stat_newer);
- our_pred->args.reftime.kind = COMP_GT;
-@@ -713,7 +717,7 @@ parse_closeparen (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = get_new_pred (entry);
-+ our_pred = get_new_pred_noarg (entry);
- our_pred->pred_func = pred_closeparen;
- our_pred->p_type = CLOSE_PAREN;
- our_pred->p_prec = NO_PREC;
-@@ -725,11 +729,12 @@ static boolean
- parse_cnewer (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- struct stat stat_newer;
-+ const char *arg;
-
- set_stat_placeholders(&stat_newer);
-- if (collect_arg_stat_info(argv, arg_ptr, &stat_newer))
-+ if (collect_arg_stat_info(argv, arg_ptr, &stat_newer, &arg))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, arg);
- our_pred->args.reftime.xval = XVAL_CTIME; /* like -newercm */
- our_pred->args.reftime.ts = get_stat_mtime(&stat_newer);
- our_pred->args.reftime.kind = COMP_GT;
-@@ -747,7 +752,7 @@ parse_comma (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = get_new_pred (entry);
-+ our_pred = get_new_pred_noarg (entry);
- our_pred->pred_func = pred_comma;
- our_pred->p_type = BI_OP;
- our_pred->p_prec = COMMA_PREC;
-@@ -786,7 +791,7 @@ parse_delete (const struct parser_table* entry, char *argv[], int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- our_pred->side_effects = our_pred->no_default_print = true;
- /* -delete implies -depth */
- options.do_dir_first = false;
-@@ -831,7 +836,7 @@ parse_empty (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- our_pred->est_success_rate = 0.01f; /* assume 1% of files are empty. */
- return true;
- }
-@@ -856,7 +861,7 @@ parse_false (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- our_pred->need_stat = our_pred->need_type = false;
- our_pred->side_effects = our_pred->no_default_print = false;
- our_pred->est_success_rate = 0.0f;
-@@ -866,7 +871,7 @@ parse_false (const struct parser_table* entry, char **argv, int *arg_ptr)
- static boolean
- insert_fls (const struct parser_table* entry, const char *filename)
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary_noarg (entry);
- if (filename)
- open_output_file (filename, &our_pred->args.printf_vec);
- else
-@@ -899,7 +904,7 @@ parse_fprint (const struct parser_table* entry, char **argv, int *arg_ptr)
- const char *filename;
- if (collect_arg(argv, arg_ptr, &filename))
- {
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, filename);
- open_output_file (filename, &our_pred->args.printf_vec);
- our_pred->side_effects = our_pred->no_default_print = true;
- our_pred->need_stat = our_pred->need_type = false;
-@@ -915,7 +920,7 @@ parse_fprint (const struct parser_table* entry, char **argv, int *arg_ptr)
- static boolean
- insert_fprint(const struct parser_table* entry, const char *filename)
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, filename);
- if (filename)
- open_output_file (filename, &our_pred->args.printf_vec);
- else
-@@ -960,7 +965,7 @@ parse_fstype (const struct parser_table* entry, char **argv, int *arg_ptr)
- const char *typename;
- if (collect_arg(argv, arg_ptr, &typename))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, typename);
- our_pred->args.str = typename;
-
- /* This is an expensive operation, so although there are
-@@ -1090,7 +1095,7 @@ parse_group (const struct parser_table* entry, char **argv, int *arg_ptr)
- return false;
- }
- }
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, groupname);
- our_pred->args.gid = gid;
- our_pred->est_success_rate = (our_pred->args.numinfo.l_val < 100) ? 0.99 : 0.2;
- return true;
-@@ -1160,7 +1165,7 @@ parse_ilname (const struct parser_table* entry, char **argv, int *arg_ptr)
- const char *name;
- if (collect_arg(argv, arg_ptr, &name))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, name);
- our_pred->args.str = name;
- /* Use the generic glob pattern estimator to figure out how many
- * links will match, but bear in mind that most files won't be links.
-@@ -1227,7 +1232,7 @@ parse_iname (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- if (check_name_arg("-iname", name))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, name);
- our_pred->need_stat = our_pred->need_type = false;
- our_pred->args.str = name;
- our_pred->est_success_rate = estimate_pattern_match_rate(name, 0);
-@@ -1268,7 +1273,7 @@ parse_ipath (const struct parser_table* entry, char **argv, int *arg_ptr)
- fnmatch_sanitycheck ();
- if (collect_arg (argv, arg_ptr, &name))
- {
-- struct predicate *our_pred = insert_primary_withpred (entry, pred_ipath);
-+ struct predicate *our_pred = insert_primary_withpred (entry, pred_ipath, name);
- our_pred->need_stat = our_pred->need_type = false;
- our_pred->args.str = name;
- our_pred->est_success_rate = estimate_pattern_match_rate (name, 0);
-@@ -1316,7 +1321,7 @@ parse_lname (const struct parser_table* entry, char **argv, int *arg_ptr)
- fnmatch_sanitycheck();
- if (collect_arg(argv, arg_ptr, &name))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, name);
- our_pred->args.str = name;
- our_pred->est_success_rate = 0.1 * estimate_pattern_match_rate(name, 0);
- return true;
-@@ -1391,7 +1396,7 @@ do_parse_xmin (const struct parser_table* entry,
- "arithmetic overflow while converting %s "
- "minutes to a number of seconds"))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, minutes);
- our_pred->args.reftime = tval;
- our_pred->est_success_rate = estimate_timestamp_success_rate(tval.ts.tv_sec);
- return true;
-@@ -1427,7 +1432,7 @@ parse_name (const struct parser_table* entry, char **argv, int *arg_ptr)
- fnmatch_sanitycheck();
- if (check_name_arg("-name", name))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, name);
- our_pred->need_stat = our_pred->need_type = false;
- our_pred->args.str = name;
- our_pred->est_success_rate = estimate_pattern_match_rate(name, 0);
-@@ -1445,7 +1450,7 @@ parse_negate (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) &argv;
- (void) &arg_ptr;
-
-- our_pred = get_new_pred_chk_op (entry);
-+ our_pred = get_new_pred_chk_op (entry, NULL);
- our_pred->pred_func = pred_negate;
- our_pred->p_type = UNI_OP;
- our_pred->p_prec = NEGATE_PREC;
-@@ -1458,11 +1463,12 @@ parse_newer (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- struct predicate *our_pred;
- struct stat stat_newer;
-+ const char *arg;
-
- set_stat_placeholders(&stat_newer);
-- if (collect_arg_stat_info(argv, arg_ptr, &stat_newer))
-+ if (collect_arg_stat_info(argv, arg_ptr, &stat_newer, &arg))
- {
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, arg);
- our_pred->args.reftime.ts = get_stat_mtime(&stat_newer);
- our_pred->args.reftime.xval = XVAL_MTIME;
- our_pred->args.reftime.kind = COMP_GT;
-@@ -1530,7 +1536,7 @@ parse_newerXY (const struct parser_table* entry, char **argv, int *arg_ptr)
- (*arg_ptr)++;
- }
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, argv[*arg_ptr]);
-
-
- switch (x)
-@@ -1623,7 +1629,7 @@ parse_nogroup (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) &argv;
- (void) &arg_ptr;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, NULL);
- our_pred->est_success_rate = 1e-4;
- #ifdef CACHE_IDS
- if (gid_unused == NULL)
-@@ -1660,7 +1666,7 @@ parse_nouser (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) arg_ptr;
-
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- our_pred->est_success_rate = 1e-3;
- #ifdef CACHE_IDS
- if (uid_unused == NULL)
-@@ -1716,7 +1722,7 @@ parse_openparen (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = get_new_pred_chk_op (entry);
-+ our_pred = get_new_pred_chk_op (entry, NULL);
- our_pred->pred_func = pred_openparen;
- our_pred->p_type = OPEN_PAREN;
- our_pred->p_prec = NO_PREC;
-@@ -1732,7 +1738,7 @@ parse_or (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = get_new_pred (entry);
-+ our_pred = get_new_pred_noarg (entry);
- our_pred->pred_func = pred_or;
- our_pred->p_type = BI_OP;
- our_pred->p_prec = OR_PREC;
-@@ -1756,7 +1762,7 @@ parse_path (const struct parser_table* entry, char **argv, int *arg_ptr)
- const char *name;
- if (collect_arg(argv, arg_ptr, &name))
- {
-- struct predicate *our_pred = insert_primary_withpred (entry, pred_path);
-+ struct predicate *our_pred = insert_primary_withpred (entry, pred_path, name);
- our_pred->need_stat = our_pred->need_type = false;
- our_pred->args.str = name;
- our_pred->est_success_rate = estimate_pattern_match_rate (name, 0);
-@@ -1894,7 +1900,7 @@ parse_perm (const struct parser_table* entry, char **argv, int *arg_ptr)
- rate = 0.9986; /* probably matches anything but a broken symlink */
- }
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, perm_expr);
- our_pred->est_success_rate = rate;
- if (havekind)
- {
-@@ -1928,7 +1934,7 @@ parse_print (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- /* -print has the side effect of printing. This prevents us
- from doing undesired multiple printing when the user has
- already specified -print. */
-@@ -1981,7 +1987,7 @@ parse_prune (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- if (options.do_dir_first == false)
- our_pred->need_stat = our_pred->need_type = false;
- /* -prune has a side effect that it does not descend into
-@@ -1994,7 +2000,7 @@ parse_prune (const struct parser_table* entry, char **argv, int *arg_ptr)
- static boolean
- parse_quit (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary_noarg (entry);
- (void) argv;
- (void) arg_ptr;
- our_pred->need_stat = our_pred->need_type = false;
-@@ -2036,7 +2042,7 @@ insert_regex (char **argv,
- {
- struct re_pattern_buffer *re;
- const char *error_message;
-- struct predicate *our_pred = insert_primary_withpred (entry, pred_regex);
-+ struct predicate *our_pred = insert_primary_withpred (entry, pred_regex, rx);
- our_pred->need_stat = our_pred->need_type = false;
- re = xmalloc (sizeof (struct re_pattern_buffer));
- our_pred->args.regex = re;
-@@ -2061,6 +2067,7 @@ static boolean
- parse_size (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- struct predicate *our_pred;
-+ char *arg;
- uintmax_t num;
- char suffix;
- enum comparison_type c_type;
-@@ -2073,42 +2080,43 @@ parse_size (const struct parser_table* entry, char **argv, int *arg_ptr)
- */
- if ((argv == NULL) || (argv[*arg_ptr] == NULL))
- return false;
-+ arg = argv[*arg_ptr];
-
-- len = strlen (argv[*arg_ptr]);
-+ len = strlen (arg);
- if (len == 0)
- error (1, 0, _("invalid null argument to -size"));
-
-- suffix = argv[*arg_ptr][len - 1];
-+ suffix = arg[len - 1];
- switch (suffix)
- {
- case 'b':
- blksize = 512;
-- argv[*arg_ptr][len - 1] = '\0';
-+ arg[len - 1] = '\0';
- break;
-
- case 'c':
- blksize = 1;
-- argv[*arg_ptr][len - 1] = '\0';
-+ arg[len - 1] = '\0';
- break;
-
- case 'k':
- blksize = 1024;
-- argv[*arg_ptr][len - 1] = '\0';
-+ arg[len - 1] = '\0';
- break;
-
- case 'M': /* Megabytes */
- blksize = 1024*1024;
-- argv[*arg_ptr][len - 1] = '\0';
-+ arg[len - 1] = '\0';
- break;
-
- case 'G': /* Gigabytes */
- blksize = 1024*1024*1024;
-- argv[*arg_ptr][len - 1] = '\0';
-+ arg[len - 1] = '\0';
- break;
-
- case 'w':
- blksize = 2;
-- argv[*arg_ptr][len - 1] = '\0';
-+ arg[len - 1] = '\0';
- break;
-
- case '0':
-@@ -2127,14 +2135,14 @@ parse_size (const struct parser_table* entry, char **argv, int *arg_ptr)
- error (1, 0, _("invalid -size type `%c'"), argv[*arg_ptr][len - 1]);
- }
- /* TODO: accept fractional megabytes etc. ? */
-- if (!get_num (argv[*arg_ptr], &num, &c_type))
-+ if (!get_num (arg, &num, &c_type))
- {
- error(1, 0,
- _("Invalid argument `%s%c' to -size"),
-- argv[*arg_ptr], (int)suffix);
-+ arg, (int)suffix);
- return false;
- }
-- our_pred = insert_primary (entry);
-+our_pred = insert_primary (entry, arg);
- our_pred->args.size.kind = c_type;
- our_pred->args.size.blocksize = blksize;
- our_pred->args.size.size = num;
-@@ -2162,9 +2170,10 @@ parse_samefile (const struct parser_table* entry, char **argv, int *arg_ptr)
- struct predicate *our_pred;
- struct stat st, fst;
- int fd, openflags;
-+ const char *filename;
-
- set_stat_placeholders(&st);
-- if (!collect_arg_stat_info(argv, arg_ptr, &st))
-+ if (!collect_arg_stat_info(argv, arg_ptr, &st, &filename))
- return false;
-
- set_stat_placeholders(&fst);
-@@ -2289,7 +2298,7 @@ parse_samefile (const struct parser_table* entry, char **argv, int *arg_ptr)
- }
- }
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, filename);
- our_pred->args.samefileid.ino = st.st_ino;
- our_pred->args.samefileid.dev = st.st_dev;
- our_pred->args.samefileid.fd = fd;
-@@ -2350,7 +2359,7 @@ parse_true (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- our_pred->need_stat = our_pred->need_type = false;
- our_pred->est_success_rate = 1.0f;
- return true;
-@@ -2369,7 +2378,7 @@ parse_accesscheck (const struct parser_table* entry, char **argv, int *arg_ptr)
- struct predicate *our_pred;
- (void) argv;
- (void) arg_ptr;
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- our_pred->need_stat = our_pred->need_type = false;
- our_pred->side_effects = our_pred->no_default_print = false;
- if (pred_is(our_pred, pred_executable))
-@@ -2414,7 +2423,7 @@ parse_used (const struct parser_table* entry, char **argv, int *arg_ptr)
- struct timespec zero = {0,0};
- if (get_relative_timestamp(offset_str, &tval, zero, DAYSECS, errmsg))
- {
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, offset_str);
- our_pred->args.reftime = tval;
- our_pred->est_success_rate = estimate_file_age_success_rate(tval.ts.tv_sec / DAYSECS);
- return true;
-@@ -2472,7 +2481,7 @@ parse_user (const struct parser_table* entry, char **argv, int *arg_ptr)
- return false;
- }
- }
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, username);
- our_pred->args.uid = uid;
- our_pred->est_success_rate = (our_pred->args.uid < 100) ? 0.99 : 0.2;
- return true;
-@@ -2650,7 +2659,7 @@ insert_type (char **argv, int *arg_ptr,
- error(1, 0, _("Unknown argument to -type: %c"), (*typeletter));
- return false;
- }
-- our_pred = insert_primary_withpred (entry, which_pred);
-+ our_pred = insert_primary_withpred (entry, which_pred, typeletter);
- our_pred->est_success_rate = rate;
-
- /* Figure out if we will need to stat the file, because if we don't
-@@ -2706,7 +2715,7 @@ insert_fprintf (struct format_val *vec,
- struct segment **segmentp; /* Address of current segment. */
- struct predicate *our_pred;
-
-- our_pred = insert_primary_withpred (entry, func);
-+ our_pred = insert_primary_withpred (entry, func, format_const);
- our_pred->side_effects = our_pred->no_default_print = true;
- our_pred->args.printf_vec = *vec;
- our_pred->need_type = false;
-@@ -3045,7 +3054,7 @@ new_insert_exec_ok (const char *action,
- if ((argv == NULL) || (argv[*arg_ptr] == NULL))
- return false;
-
-- our_pred = insert_primary_withpred (entry, func);
-+ our_pred = insert_primary_withpred (entry, func, "(some -exec* arguments)");
- our_pred->side_effects = our_pred->no_default_print = true;
- our_pred->need_type = our_pred->need_stat = false;
-
-@@ -3374,7 +3383,7 @@ parse_time (const struct parser_table* entry, char *argv[], int *arg_ptr)
- if (!get_relative_timestamp(timearg, &tval, origin, DAYSECS, errmsg))
- return false;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, orig_timearg);
- our_pred->args.reftime = tval;
- our_pred->est_success_rate = estimate_timestamp_success_rate(tval.ts.tv_sec);
-
-@@ -3487,7 +3496,7 @@ insert_num (char **argv, int *arg_ptr, const struct parser_table *entry)
-
- if (get_num (numstr, &num, &c_type))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, numstr);
- our_pred->args.numinfo.kind = c_type;
- our_pred->args.numinfo.l_val = num;
-
-diff --git a/find/tree.c b/find/tree.c
-index 7420c60..60a0601 100644
---- a/find/tree.c
-+++ b/find/tree.c
-@@ -269,10 +269,14 @@ predicate_is_cost_free(const struct predicate *p)
- /* Prints a predicate */
- void print_predicate(FILE *fp, const struct predicate *p)
- {
-- fprintf (fp, "%s%s%s",
-- p->p_name,
-- p->arg_text ? " " : "",
-- p->arg_text ? p->arg_text : "");
-+ if (p->arg_text)
-+ {
-+ fprintf (fp, "%s %s", p->p_name, p->arg_text);
-+ }
-+ else
-+ {
-+ fprintf (fp, "%s", p->p_name);
-+ }
- }
-
- \f
-@@ -832,7 +836,8 @@ set_new_parent (struct predicate *curr, enum predicate_precedence high_prec, str
- new_parent->need_stat = false;
- new_parent->need_type = false;
- new_parent->p_cost = NeedsNothing;
--
-+ new_parent->arg_text = NULL;
-+
- switch (high_prec)
- {
- case COMMA_PREC:
-@@ -1393,6 +1398,18 @@ init_pred_perf(struct predicate *pred)
- p->visits = p->successes = 0;
- }
-
-+
-+struct predicate *
-+get_new_pred_noarg (const struct parser_table *entry)
-+{
-+ struct predicate *p = get_new_pred(entry);
-+ if (p)
-+ {
-+ p->arg_text = NULL;
-+ }
-+ return p;
-+}
-+
- \f
- /* Return a pointer to a new predicate structure, which has been
- linked in as the last one in the predicates list.
-@@ -1433,6 +1450,8 @@ get_new_pred (const struct parser_table *entry)
- last_pred->no_default_print = false;
- last_pred->need_stat = true;
- last_pred->need_type = true;
-+ last_pred->p_cost = NeedsUnknown;
-+ last_pred->arg_text = "ThisShouldBeSetToSomethingElse";
- last_pred->args.str = NULL;
- last_pred->pred_next = NULL;
- last_pred->pred_left = NULL;
-@@ -1449,7 +1468,8 @@ get_new_pred (const struct parser_table *entry)
- predicate is an operator. If it isn't, the AND operator is inserted. */
-
- struct predicate *
--get_new_pred_chk_op (const struct parser_table *entry)
-+get_new_pred_chk_op (const struct parser_table *entry,
-+ const char *arg)
- {
- struct predicate *new_pred;
- static const struct parser_table *entry_and = NULL;
-@@ -1471,13 +1491,14 @@ get_new_pred_chk_op (const struct parser_table *entry)
- case PRIMARY_TYPE:
- case CLOSE_PAREN:
- /* We need to interpose the and operator. */
-- new_pred = get_new_pred (entry_and);
-+ new_pred = get_new_pred_noarg (entry_and);
- new_pred->pred_func = pred_and;
- new_pred->p_name = "-a";
- new_pred->p_type = BI_OP;
- new_pred->p_prec = AND_PREC;
- new_pred->need_stat = false;
- new_pred->need_type = false;
-+ new_pred->arg_text = NULL;
- new_pred->args.str = NULL;
- new_pred->side_effects = false;
- new_pred->no_default_print = false;
-@@ -1488,6 +1509,7 @@ get_new_pred_chk_op (const struct parser_table *entry)
- }
-
- new_pred = get_new_pred (entry);
-+ new_pred->arg_text = arg;
- new_pred->parser_entry = entry;
- return new_pred;
- }
-diff --git a/find/util.c b/find/util.c
-index a06eada..cc9a3eb 100644
---- a/find/util.c
-+++ b/find/util.c
-@@ -89,11 +89,13 @@ static struct debug_option_assoc debugassoc[] =
- operator. */
-
- struct predicate *
--insert_primary_withpred (const struct parser_table *entry, PRED_FUNC pred_func)
-+insert_primary_withpred (const struct parser_table *entry,
-+ PRED_FUNC pred_func,
-+ const char *arg)
- {
- struct predicate *new_pred;
-
-- new_pred = get_new_pred_chk_op (entry);
-+ new_pred = get_new_pred_chk_op (entry, arg);
- new_pred->pred_func = pred_func;
- new_pred->p_name = entry->parser_name;
- new_pred->args.str = NULL;
-@@ -118,10 +120,16 @@ insert_primary_withpred (const struct parser_table *entry, PRED_FUNC pred_func)
- either not there at all (we are the very first node) or is an
- operator. */
- struct predicate *
--insert_primary (const struct parser_table *entry)
-+insert_primary (const struct parser_table *entry, const char *arg)
- {
- assert (entry->pred_func != NULL);
-- return insert_primary_withpred(entry, entry->pred_func);
-+ return insert_primary_withpred(entry, entry->pred_func, arg);
-+}
-+
-+struct predicate *
-+insert_primary_noarg (const struct parser_table *entry)
-+{
-+ return insert_primary(entry, NULL);
- }
-
-
diff --git a/meta/recipes-extended/findutils/findutils-4.4.2/02-28824.patch b/meta/recipes-extended/findutils/findutils-4.4.2/02-28824.patch
deleted file mode 100644
index c0ff3ff..0000000
--- a/meta/recipes-extended/findutils/findutils-4.4.2/02-28824.patch
+++ /dev/null
@@ -1,294 +0,0 @@
-Upstream-Status: Backport
-
-commit 76ed377d6d3e4a83a00cabd401f751b37ecd1e7b
-Author: James Youngman <jay@gnu.org>
-Date: Sat Feb 20 13:11:45 2010 +0000
-
- Fix Savannah bug# 28824: "-ctime x" yields "missing argument to `-ctime'".
-
- * find/parser.c (parse_fls): If the argument is invalid, reverse
- the change that collect_arg() made to *arg_ptr (that is, don't
- consume the argument).
- (parse_fprint0): Likewise.
- (parse_gid): Likewise.
- (parse_group): Likewise.
- (parse_inum): Likewise.
- (parse_links): Likewise.
- (do_parse_xmin): Likewise.
- (parse_name): Likewise.
- (parse_printf): Likewise.
- (parse_uid): Likewise.
- (parse_used): Likewise.
- (parse_time): Likewise.
-
- Signed-off-by: James Youngman <jay@gnu.org>
-
-diff --git a/ChangeLog b/ChangeLog
-index d0ce1fe..13539a4 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,0 +1,19 @@
-+2010-02-20 James Youngman <jay@gnu.org>
-+
-+ Fix Savannah bug# 28824: "-ctime x" yields "missing argument to
-+ `-ctime'".
-+ * find/parser.c (parse_fls): If the argument is invalid, reverse
-+ the change that collect_arg() made to *arg_ptr (that is, don't
-+ consume the argument).
-+ (parse_fprint0): Likewise.
-+ (parse_gid): Likewise.
-+ (parse_group): Likewise.
-+ (parse_inum): Likewise.
-+ (parse_links): Likewise.
-+ (do_parse_xmin): Likewise.
-+ (parse_name): Likewise.
-+ (parse_printf): Likewise.
-+ (parse_uid): Likewise.
-+ (parse_used): Likewise.
-+ (parse_time): Likewise.
-+
-diff --git a/NEWS b/NEWS
-index 5394311..4e910df 100644
---- a/NEWS
-+++ b/NEWS
-@@ -4,5 +4,8 @@ GNU findutils NEWS - User visible changes. -*- outline -*- (allout)
-
- ** Bug Fixes
-
-+#28824: Corrected error message for "-ctime x".
-+ Likewise for -gid, -inum, -links, -mmin, -cmin, -amin,
-+ -uid, -used, -atime, -mtime, -ctime.
- #26537: find -prune now makes sure it has valid stat() information.
-
-diff --git a/find/parser.c b/find/parser.c
-index 2e6b989..08758ee 100644
---- a/find/parser.c
-+++ b/find/parser.c
-@@ -886,8 +886,14 @@ static boolean
- parse_fls (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- const char *filename;
-- return collect_arg(argv, arg_ptr, &filename)
-- && insert_fls(entry, filename);
-+ if (collect_arg(argv, arg_ptr, &filename))
-+ {
-+ if (insert_fls(entry, filename))
-+ return true;
-+ else
-+ --*arg_ptr; /* don't consume the invalid arg. */
-+ }
-+ return false;
- }
-
- static boolean
-@@ -937,9 +943,13 @@ parse_fprint0 (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- const char *filename;
- if (collect_arg(argv, arg_ptr, &filename))
-- return insert_fprint(entry, filename);
-- else
-- return false;
-+ {
-+ if (insert_fprint(entry, filename))
-+ return true;
-+ else
-+ --*arg_ptr; /* don't consume the bad arg. */
-+ }
-+ return false;
- }
-
- static float estimate_fstype_success_rate(const char *fsname)
-@@ -993,6 +1003,7 @@ parse_gid (const struct parser_table* entry, char **argv, int *arg_ptr)
- }
- else
- {
-+ --*arg_ptr; /* don't consume the invalid argument. */
- return false;
- }
- }
-@@ -1049,6 +1060,7 @@ static boolean
- parse_group (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- const char *groupname;
-+ const int saved_argc = *arg_ptr;
-
- if (collect_arg(argv, arg_ptr, &groupname))
- {
-@@ -1077,6 +1089,7 @@ parse_group (const struct parser_table* entry, char **argv, int *arg_ptr)
- "because it has the unexpected suffix %s"),
- quotearg_n_style(0, options.err_quoting_style, groupname),
- quotearg_n_style(1, options.err_quoting_style, groupname+gid_len));
-+ *arg_ptr = saved_argc; /* don't consume the invalid argument. */
- return false;
- }
- }
-@@ -1092,6 +1105,7 @@ parse_group (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- error(1, 0, _("argument to -group is empty, but should be a group name"));
- }
-+ *arg_ptr = saved_argc; /* don't consume the invalid argument. */
- return false;
- }
- }
-@@ -1256,6 +1270,7 @@ parse_inum (const struct parser_table* entry, char **argv, int *arg_ptr)
- }
- else
- {
-+ --*arg_ptr; /* don't consume the invalid argument. */
- return false;
- }
- }
-@@ -1310,6 +1325,7 @@ parse_links (const struct parser_table* entry, char **argv, int *arg_ptr)
- }
- else
- {
-+ --*arg_ptr; /* don't consume the invalid argument. */
- return false;
- }
- }
-@@ -1358,6 +1374,7 @@ insert_depthspec(const struct parser_table* entry, char **argv, int *arg_ptr,
- error(1, 0, _("Expected a positive decimal integer argument to %s, but got %s"),
- predicate,
- quotearg_n_style(0, options.err_quoting_style, depthstr));
-+ /* NOTREACHED */
- return false;
- }
- /* missing argument */
-@@ -1385,6 +1402,7 @@ do_parse_xmin (const struct parser_table* entry,
- enum xval xv)
- {
- const char *minutes;
-+ const int saved_argc = *arg_ptr;
-
- if (collect_arg(argv, arg_ptr, &minutes))
- {
-@@ -1401,6 +1419,11 @@ do_parse_xmin (const struct parser_table* entry,
- our_pred->est_success_rate = estimate_timestamp_success_rate(tval.ts.tv_sec);
- return true;
- }
-+ else
-+ {
-+ /* Don't consume the invalid argument. */
-+ *arg_ptr = saved_argc;
-+ }
- }
- return false;
- }
-@@ -1427,6 +1450,8 @@ static boolean
- parse_name (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- const char *name;
-+ const int saved_argc = *arg_ptr;
-+
- if (collect_arg(argv, arg_ptr, &name))
- {
- fnmatch_sanitycheck();
-@@ -1438,6 +1463,10 @@ parse_name (const struct parser_table* entry, char **argv, int *arg_ptr)
- our_pred->est_success_rate = estimate_pattern_match_rate(name, 0);
- return true;
- }
-+ else
-+ {
-+ *arg_ptr = saved_argc; /* don't consume the invalid argument. */
-+ }
- }
- return false;
- }
-@@ -1954,11 +1983,21 @@ static boolean
- parse_printf (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- const char *format;
-+ const int saved_argc = *arg_ptr;
-+
- if (collect_arg(argv, arg_ptr, &format))
- {
- struct format_val fmt;
- open_stdout(&fmt);
-- return insert_fprintf (&fmt, entry, pred_fprintf, format);
-+ if (insert_fprintf (&fmt, entry, pred_fprintf, format))
-+ {
-+ return true;
-+ }
-+ else
-+ {
-+ *arg_ptr = saved_argc; /* don't consume the invalid argument. */
-+ return false;
-+ }
- }
- return false;
- }
-@@ -1967,15 +2006,21 @@ static boolean
- parse_fprintf (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- const char *format, *filename;
-+ int saved_argc = *arg_ptr;
-+
- if (collect_arg(argv, arg_ptr, &filename))
- {
- if (collect_arg(argv, arg_ptr, &format))
- {
- struct format_val fmt;
- open_output_file (filename, &fmt);
-- return insert_fprintf (&fmt, entry, pred_fprintf, format);
-+ saved_argc = *arg_ptr;
-+
-+ if (insert_fprintf (&fmt, entry, pred_fprintf, format))
-+ return true;
- }
- }
-+ *arg_ptr = saved_argc; /* don't consume the invalid argument. */
- return false;
- }
-
-@@ -2405,6 +2450,7 @@ parse_uid (const struct parser_table* entry, char **argv, int *arg_ptr)
- }
- else
- {
-+ --*arg_ptr; /* don't consume the invalid argument. */
- return false;
- }
- }
-@@ -2431,6 +2477,7 @@ parse_used (const struct parser_table* entry, char **argv, int *arg_ptr)
- else
- {
- error(1, 0, _("Invalid argument %s to -used"), offset_str);
-+ /*NOTREACHED*/
- return false;
- }
- }
-@@ -2610,6 +2657,7 @@ insert_type (char **argv, int *arg_ptr,
- if (strlen(typeletter) != 1u)
- {
- error(1, 0, _("Arguments to -type should contain only one letter"));
-+ /*NOTREACHED*/
- return false;
- }
-
-@@ -2657,6 +2705,7 @@ insert_type (char **argv, int *arg_ptr,
- #endif
- default: /* None of the above ... nuke 'em. */
- error(1, 0, _("Unknown argument to -type: %c"), (*typeletter));
-+ /*NOTREACHED*/
- return false;
- }
- our_pred = insert_primary_withpred (entry, which_pred, typeletter);
-@@ -3349,6 +3398,7 @@ parse_time (const struct parser_table* entry, char *argv[], int *arg_ptr)
- const char *errmsg = "arithmetic overflow while converting %s "
- "days to a number of seconds";
- struct timespec origin;
-+ const int saved_argc = *arg_ptr;
-
- if (!collect_arg(argv, arg_ptr, &timearg))
- return false;
-@@ -3381,7 +3431,10 @@ parse_time (const struct parser_table* entry, char *argv[], int *arg_ptr)
- timearg = orig_timearg;
-
- if (!get_relative_timestamp(timearg, &tval, origin, DAYSECS, errmsg))
-- return false;
-+ {
-+ *arg_ptr = saved_argc; /* don't consume the invalid argument */
-+ return false;
-+ }
-
- our_pred = insert_primary (entry, orig_timearg);
- our_pred->args.reftime = tval;
diff --git a/meta/recipes-extended/findutils/findutils-4.4.2/03-28872.patch b/meta/recipes-extended/findutils/findutils-4.4.2/03-28872.patch
deleted file mode 100644
index 940aaf6..0000000
--- a/meta/recipes-extended/findutils/findutils-4.4.2/03-28872.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-Upstream-Status: Backport
-
-commit 5f5eb921765794e8fc58c4bdffa2daa2ae34800f
-Author: James Youngman <jay@gnu.org>
-Date: Sat Feb 20 19:53:13 2010 +0000
-
- Fix Savannah bug#28872, Mistake in "Problems with -exec and filenames"
-
- * doc/find.texi (Problems with -exec and filenames): Add missing
- $0 argument in example for sh -c 'something "$@" sh ...
- * NEWS: Mention this change.
-
- Signed-off-by: James Youngman <jay@gnu.org>
-
-diff --git a/ChangeLog b/ChangeLog
-index 13539a4..e94ba96 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,5 +1,10 @@
- 2010-02-20 James Youngman <jay@gnu.org>
-
-+ Fix Savannah bug#28872, Mistake in "Problems with -exec and filenames"
-+ * doc/find.texi (Problems with -exec and filenames): Add missing
-+ $0 argument in example for sh -c 'something "$@" sh ...
-+ * NEWS: Mention this change.
-+
- Fix Savannah bug# 28824: "-ctime x" yields "missing argument to
- `-ctime'".
- * find/parser.c (parse_fls): If the argument is invalid, reverse
-diff --git a/NEWS b/NEWS
-index 4e910df..4c97be9 100644
---- a/NEWS
-+++ b/NEWS
-@@ -4,6 +4,9 @@ GNU findutils NEWS - User visible changes. -*- outline -*- (allout)
-
- ** Bug Fixes
-
-+#28872: Mistake in "#safer" example in "Problems with -exec and
-+ filenames" section of the Texinfo manual.
-+
- #28824: Corrected error message for "-ctime x".
- Likewise for -gid, -inum, -links, -mmin, -cmin, -amin,
- -uid, -used, -atime, -mtime, -ctime.
-diff --git a/doc/find.texi b/doc/find.texi
-index 2e5958d..391ffa0 100644
---- a/doc/find.texi
-+++ b/doc/find.texi
-@@ -4830,8 +4830,8 @@ problem:
-
- @example
- # safer
--find -exec sh -c 'something "$@@"' @{@} \;
--find -execdir sh -c 'something "$@@"' @{@}\;
-+find -exec sh -c 'something "$@@"' sh @{@} \;
-+find -execdir sh -c 'something "$@@"' sh @{@}\;
- @end example
-
- This approach is not guaranteed to avoid every problem, but it is much
diff --git a/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_doc.patch b/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_doc.patch
deleted file mode 100644
index a48cdc2..0000000
--- a/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_doc.patch
+++ /dev/null
@@ -1,84 +0,0 @@
-Fix documentation build errors
-
-This fixes the following errors building the findutils documentation:
-find-maint.texi:45: misplaced {
-find-maint.texi:45: misplaced }
-find-maint.texi:236: warning: node next `Make the Compiler Find the Bugs' in menu `The File System Is Being Modified' and in sectioning `Factor Out Repeated Code' differ
-find-maint.texi:335: warning: node `Debugging is For Users Too' is next for `Factor Out Repeated Code' in sectioning but not in menu
-find-maint.texi:335: warning: node prev `Factor Out Repeated Code' in menu `Debugging is For Users Too' and in sectioning `Make the Compiler Find the Bugs' differ
-find-maint.texi:378: warning: node next `Debugging is For Users Too' in menu `Factor Out Repeated Code' and in sectioning `Don't Trust the File System Contents' differ
-find-maint.texi:378: warning: node prev `Debugging is For Users Too' in menu `Don't Trust the File System Contents' and in sectioning `Factor Out Repeated Code' differ
-find-maint.texi:392: warning: node next `Don't Trust the File System Contents' in menu `Debugging is For Users Too' and in sectioning `The File System Is Being Modified' differ
-find-maint.texi:392: warning: node prev `Don't Trust the File System Contents' in menu `The File System Is Being Modified' and in sectioning `Debugging is For Users Too' differ
-find-maint.texi:417: warning: node `Don't Trust the File System Contents' is next for `The File System Is Being Modified' in menu but not in sectioning
-find-maint.texi:417: warning: node prev `The File System Is Being Modified' in menu `Make the Compiler Find the Bugs' and in sectioning `Don't Trust the File System Contents' differ
-find.texi:53: misplaced {
-find.texi:53: misplaced }
-find.texi:1862: warning: node `Formatting Flags' is next for `Time Directives' in menu but not in sectioning
-find.texi:1975: warning: node `Formatting Flags' is next for `Combined Time Formats' in sectioning but not in menu
-find.texi:2004: warning: node prev `Formatting Flags' in menu `Time Directives' and in sectioning `Combined Time Formats' differ
-find.texi:2004: warning: node up `Formatting Flags' in menu `Format Directives' and in sectioning `Time Formats' differ
-find.texi:1893: node `Time Formats' lacks menu item for `Formatting Flags' despite being its Up target
-
-Upstream-Status: Backport
-Signed-off-by: Jonathan Liu <net147@gmail.com>
-
---- a/doc/find-maint.texi
-+++ b/doc/find-maint.texi
-@@ -42,7 +42,7 @@ Free Documentation License''.
-
- @page
- @vskip 0pt plus 1filll
--@insertcopying{}
-+@insertcopying
- @end titlepage
-
- @contents
-@@ -227,10 +227,10 @@ circumstances.
-
- @menu
- * Make the Compiler Find the Bugs::
-+* Factor Out Repeated Code::
- * The File System Is Being Modified::
- * Don't Trust the File System Contents::
- * Debugging is For Users Too::
--* Factor Out Repeated Code::
- @end menu
-
- @node Make the Compiler Find the Bugs
---- a/doc/find.texi
-+++ b/doc/find.texi
-@@ -50,7 +50,7 @@ Texts. A copy of the license is included in the section entitled
-
- @page
- @vskip 0pt plus 1filll
--@insertcopying{}
-+@insertcopying
- @end titlepage
-
- @contents
-@@ -1665,6 +1665,7 @@ no output is ever sent to it.
- * Escapes::
- * Format Directives::
- * Time Formats::
-+* Formatting Flags::
- @end menu
-
- @node Escapes
-@@ -1733,7 +1734,6 @@ from the novel you are reading.
- * Size Directives::
- * Location Directives::
- * Time Directives::
--* Formatting Flags::
- @end menu
-
- @node Name Directives
-@@ -2002,7 +2002,7 @@ seconds field includes a fractional part.
- @end table
-
- @node Formatting Flags
--@subsubsection Formatting Flags
-+@subsection Formatting Flags
-
- The @samp{%m} and @samp{%d} directives support the @samp{#}, @samp{0}
- and @samp{+} flags, but the other directives do not, even if they
diff --git a/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_automake-1.12.patch b/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_automake-1.12.patch
deleted file mode 100644
index d4a7e95..0000000
--- a/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_automake-1.12.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-Upstream-Status: Pending
-
-This patch fixes following issue with automake 1.12
-
-| configure.ac:80: error: automatic de-ANSI-fication support has been removed
-
-Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com>
-2012/05/03
-
-Index: findutils-4.4.2/configure.ac
-===================================================================
---- findutils-4.4.2.orig/configure.ac
-+++ findutils-4.4.2/configure.ac
-@@ -77,8 +77,6 @@ AC_PROG_CPP
- dnl for gnulib
- gl_EARLY
-
--AM_C_PROTOTYPES
--
- AC_PROG_INSTALL
- AC_PROG_RANLIB
- dnl AC_PROG_LIBTOOL
diff --git a/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_x32.patch b/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_x32.patch
deleted file mode 100644
index b78cc75..0000000
--- a/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_x32.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-Upstream-Status: Pending
-
-Author: H.J. Lu <hjl.tools@gmail.com>
-
-Work around gnulib time_t assumption in findutils for x32
-
-time_t is 64bit and long int is 32bit on x32. But gnulib used in
-findutils assumes time_t values fit into long int. Such assumption is
-invalid for x32 and should be removed.
-
-This patch is a workaround to compile gnulib for x32.
-
-Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/12/05
-
-
-Index: findutils-4.4.2/gnulib/lib/getdate.y
-===================================================================
---- findutils-4.4.2.orig/gnulib/lib/getdate.y
-+++ findutils-4.4.2/gnulib/lib/getdate.y
-@@ -114,7 +114,6 @@
- wraps around, but there's no portable way to check for that at
- compile-time. */
- verify (TYPE_IS_INTEGER (time_t));
--verify (LONG_MIN <= TYPE_MINIMUM (time_t) && TYPE_MAXIMUM (time_t) <= LONG_MAX);
-
- /* An integer value, and the number of digits in its textual
- representation. */
-Index: findutils-4.4.2/gnulib/lib/mktime.c
-===================================================================
---- findutils-4.4.2.orig/gnulib/lib/mktime.c
-+++ findutils-4.4.2/gnulib/lib/mktime.c
-@@ -166,7 +166,7 @@ ydhms_diff (long int year1, long int yda
- {
- verify (C99_integer_division, -1 / 2 == 0);
- verify (long_int_year_and_yday_are_wide_enough,
-- INT_MAX <= LONG_MAX / 2 || TIME_T_MAX <= UINT_MAX);
-+ INT_MAX <= TIME_T_MAX / 2 || TIME_T_MAX <= UINT_MAX);
-
- /* Compute intervening leap days correctly even if year is negative.
- Take care to avoid integer overflow here. */
diff --git a/meta/recipes-extended/findutils/findutils.inc b/meta/recipes-extended/findutils/findutils.inc
index 4f4068a..37c84cc 100644
--- a/meta/recipes-extended/findutils/findutils.inc
+++ b/meta/recipes-extended/findutils/findutils.inc
@@ -7,7 +7,7 @@ BUGTRACKER = "http://savannah.gnu.org/bugs/?group=findutils"
SECTION = "console/utils"
-SRC_URI = "${GNU_MIRROR}/findutils/findutils-${PV}.tar.gz"
+SRC_URI = "ftp://alpha.gnu.org/gnu/${BPN}/${BP}.tar.gz"
inherit autotools gettext texinfo update-alternatives
diff --git a/meta/recipes-extended/findutils/findutils_4.4.2.bb b/meta/recipes-extended/findutils/findutils_4.5.14.bb
similarity index 48%
rename from meta/recipes-extended/findutils/findutils_4.4.2.bb
rename to meta/recipes-extended/findutils/findutils_4.5.14.bb
index faf2ebe..9253637 100644
--- a/meta/recipes-extended/findutils/findutils_4.4.2.bb
+++ b/meta/recipes-extended/findutils/findutils_4.5.14.bb
@@ -4,21 +4,11 @@ require findutils.inc
LICENSE = "GPLv3+"
LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949"
-PR = "r6"
-
-SRC_URI += "file://01-27017.patch \
- file://02-28824.patch \
- file://03-28872.patch \
- file://findutils_fix_for_x32.patch \
- file://findutils_fix_for_automake-1.12.patch \
- file://findutils_fix_doc.patch \
- "
-
-SRC_URI[md5sum] = "351cc4adb07d54877fa15f75fb77d39f"
-SRC_URI[sha256sum] = "434f32d171cbc0a5e72cfc5372c6fc4cb0e681f8dce566a0de5b6fccd702b62a"
-
DEPENDS = "bison-native"
+SRC_URI[md5sum] = "a8a8176282fd28e8d1234c84d847fa66"
+SRC_URI[sha256sum] = "0de3cf625a5c9f154eee3171e072515ffdde405244dd00502af617ac57b73ae2"
+
# http://savannah.gnu.org/bugs/?27299
CACHED_CONFIGUREVARS += "${@bb.utils.contains('DISTRO_FEATURES', 'libc-posix-clang-wchar', 'gl_cv_func_wcwidth_works=yes', '', d)}"
--
1.8.3.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 3/4] libcap: Upgrade to 2.24
2014-09-05 20:06 [PATCH 0/4] Some final package Updates for 1.7 Saul Wold
2014-09-05 20:06 ` [PATCH 1/4] vala: Update to 0.24.0 Saul Wold
2014-09-05 20:06 ` [PATCH 2/4] findutils: Upgrade to 4.5.14 Saul Wold
@ 2014-09-05 20:06 ` Saul Wold
2014-11-04 15:18 ` Burton, Ross
2014-09-05 20:06 ` [PATCH 4/4] nss: Upgrade to 3.17 Saul Wold
3 siblings, 1 reply; 6+ messages in thread
From: Saul Wold @ 2014-09-05 20:06 UTC (permalink / raw)
To: openembedded-core
${S} added because top dir renamed
libcap now provides pkgconfig files do don't move everything and delete libdir
Signed-off-by: Saul Wold <sgw@linux.intel.com>
---
meta/recipes-support/libcap/libcap.inc | 10 +++---
.../libcap/libcap/fix-CAP_LAST_CAP.patch | 39 ----------------------
meta/recipes-support/libcap/libcap_2.22.bb | 6 ----
meta/recipes-support/libcap/libcap_2.24.bb | 4 +++
4 files changed, 8 insertions(+), 51 deletions(-)
delete mode 100644 meta/recipes-support/libcap/libcap/fix-CAP_LAST_CAP.patch
delete mode 100644 meta/recipes-support/libcap/libcap_2.22.bb
create mode 100644 meta/recipes-support/libcap/libcap_2.24.bb
diff --git a/meta/recipes-support/libcap/libcap.inc b/meta/recipes-support/libcap/libcap.inc
index 0e28ea0..660394e 100644
--- a/meta/recipes-support/libcap/libcap.inc
+++ b/meta/recipes-support/libcap/libcap.inc
@@ -7,11 +7,9 @@ LIC_FILES_CHKSUM = "file://License;md5=3f84fd6f29d453a56514cb7e4ead25f1"
DEPENDS = "perl-native-runtime"
-SRC_URI = "${DEBIAN_MIRROR}/main/libc/libcap2/${BPN}2_${PV}.orig.tar.gz \
- file://fix-CAP_LAST_CAP.patch"
-
-PR = "r1"
+SRC_URI = "${DEBIAN_MIRROR}/main/libc/libcap2/${BPN}2_${PV}.orig.tar.xz"
+S = "${WORKDIR}/${BPN}2-${PV}"
inherit lib_package
# do NOT pass target cflags to host compilations
@@ -56,8 +54,8 @@ do_install_append() {
# Move the library to base_libdir
install -d ${D}${base_libdir}
if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then
- mv ${D}${libdir}/* ${D}${base_libdir}
- rmdir ${D}${libdir}
+ mv ${D}${libdir}/libcap* ${D}${base_libdir}
+ mv ${D}${libdir}/security ${D}${base_libdir}
fi
}
diff --git a/meta/recipes-support/libcap/libcap/fix-CAP_LAST_CAP.patch b/meta/recipes-support/libcap/libcap/fix-CAP_LAST_CAP.patch
deleted file mode 100644
index a557188..0000000
--- a/meta/recipes-support/libcap/libcap/fix-CAP_LAST_CAP.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-fix CAP_LAST_CAP
-
-Upstream-Status: pending
-
-Two new capability CAP_BLOCK_SUSPEND and CAP_WAKE_ALARM have been added into
-kernel, but libcap did not update them.
-Once libcap uses its capability.h (the default value of KERNEL_HEADERS), and
-application always use capability.h from kernel, that will make cap_get_flag
-return wrong value.
-
-Signed-off-by: Roy Li <rongqing.li@windriver.com>
----
- libcap/include/linux/capability.h | 10 +++++++++-
- 1 file changed, 9 insertions(+), 1 deletion(-)
-
-diff --git a/libcap/include/linux/capability.h b/libcap/include/linux/capability.h
-index 4924f2a..57026be 100644
---- a/libcap/include/linux/capability.h
-+++ b/libcap/include/linux/capability.h
-@@ -360,7 +360,15 @@ struct cpu_vfs_cap_data {
- CAP_SYS_ADMIN is not acceptable anymore. */
- #define CAP_SYSLOG 34
-
--#define CAP_LAST_CAP CAP_SYSLOG
-+/* Allow triggering something that will wake the system */
-+
-+#define CAP_WAKE_ALARM 35
-+
-+/* Allow preventing system suspends */
-+
-+#define CAP_BLOCK_SUSPEND 36
-+
-+#define CAP_LAST_CAP CAP_BLOCK_SUSPEND
-
- #define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP)
-
---
-1.7.10.4
-
diff --git a/meta/recipes-support/libcap/libcap_2.22.bb b/meta/recipes-support/libcap/libcap_2.22.bb
deleted file mode 100644
index a989bb6..0000000
--- a/meta/recipes-support/libcap/libcap_2.22.bb
+++ /dev/null
@@ -1,6 +0,0 @@
-require libcap.inc
-
-PR = "r6"
-
-SRC_URI[md5sum] = "b4896816b626bea445f0b3849bdd4077"
-SRC_URI[sha256sum] = "e1cae65d8febf2579be37c255d2e058715785ead481a4e6a4357a06aff84721f"
diff --git a/meta/recipes-support/libcap/libcap_2.24.bb b/meta/recipes-support/libcap/libcap_2.24.bb
new file mode 100644
index 0000000..4d0df37
--- /dev/null
+++ b/meta/recipes-support/libcap/libcap_2.24.bb
@@ -0,0 +1,4 @@
+require libcap.inc
+
+SRC_URI[md5sum] = "1f8934af240ff1e9fb2ef1a2a75d308e"
+SRC_URI[sha256sum] = "51cd1c568a2baf1e687573bd6117a94b07f33b46a05acaa50ee208792a830b79"
--
1.8.3.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 4/4] nss: Upgrade to 3.17
2014-09-05 20:06 [PATCH 0/4] Some final package Updates for 1.7 Saul Wold
` (2 preceding siblings ...)
2014-09-05 20:06 ` [PATCH 3/4] libcap: Upgrade to 2.24 Saul Wold
@ 2014-09-05 20:06 ` Saul Wold
3 siblings, 0 replies; 6+ messages in thread
From: Saul Wold @ 2014-09-05 20:06 UTC (permalink / raw)
To: openembedded-core
CVE patches removed since they have been implemented upstream
Rename patch dir (files) to generic PN name
Signed-off-by: Saul Wold <sgw@linux.intel.com>
---
.../nss/files/nss-3.15.1-fix-CVE-2013-1739.patch | 81 --
.../nss/files/nss-3.15.1-fix-CVE-2013-1741.patch | 92 ---
.../nss/files/nss-3.15.1-fix-CVE-2013-5605.patch | 18 -
.../nss/files/nss-CVE-2013-1740.patch | 916 ---------------------
.../nss/files/nss-CVE-2013-5606.patch | 48 --
.../nss/files/nss-CVE-2014-1492.patch | 68 --
.../nss/files/nss-CVE-2014-1544.patch | 41 -
meta/recipes-support/nss/nss.inc | 9 +-
.../nss-fix-incorrect-shebang-of-perl.patch | 0
.../nss-fix-support-cross-compiling.patch | 0
.../nss-no-rpath-for-cross-compiling.patch | 0
meta/recipes-support/nss/{files => nss}/nss.pc.in | 0
.../recipes-support/nss/{files => nss}/signlibs.sh | 0
meta/recipes-support/nss/nss_3.15.1.bb | 9 -
meta/recipes-support/nss/nss_3.17.bb | 8 +
15 files changed, 9 insertions(+), 1281 deletions(-)
delete mode 100644 meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1739.patch
delete mode 100644 meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1741.patch
delete mode 100644 meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2013-1740.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2013-5606.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2014-1492.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2014-1544.patch
rename meta/recipes-support/nss/{files => nss}/nss-fix-incorrect-shebang-of-perl.patch (100%)
rename meta/recipes-support/nss/{files => nss}/nss-fix-support-cross-compiling.patch (100%)
rename meta/recipes-support/nss/{files => nss}/nss-no-rpath-for-cross-compiling.patch (100%)
rename meta/recipes-support/nss/{files => nss}/nss.pc.in (100%)
rename meta/recipes-support/nss/{files => nss}/signlibs.sh (100%)
delete mode 100644 meta/recipes-support/nss/nss_3.15.1.bb
create mode 100644 meta/recipes-support/nss/nss_3.17.bb
diff --git a/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1739.patch b/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1739.patch
deleted file mode 100644
index 1a159c3..0000000
--- a/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1739.patch
+++ /dev/null
@@ -1,81 +0,0 @@
-Upstream-Status: Backport
-Signed-off-by: yzhu1 <yanjun.zhu@windriver.com>
-
---- a/nss/lib/ssl/ssl3con.c
-+++ b/nss/lib/ssl/ssl3con.c
-@@ -10509,7 +10509,7 @@ ssl_RemoveSSLv3CBCPadding(sslBuffer *pla
- /* SSLv3 padding bytes are random and cannot be checked. */
- t = plaintext->len;
- t -= paddingLength+overhead;
-- /* If len >= padding_length+overhead then the MSB of t is zero. */
-+ /* If len >= paddingLength+overhead then the MSB of t is zero. */
- good = DUPLICATE_MSB_TO_ALL(~t);
- /* SSLv3 requires that the padding is minimal. */
- t = blockSize - (paddingLength+1);
-@@ -10742,7 +10742,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Cip
- }
- }
-
-- good = (unsigned)-1;
-+ good = ~0U;
- minLength = crSpec->mac_size;
- if (cipher_def->type == type_block) {
- /* CBC records have a padding length byte at the end. */
-@@ -10756,14 +10756,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Cip
- /* We can perform this test in variable time because the record's total
- * length and the ciphersuite are both public knowledge. */
- if (cText->buf->len < minLength) {
-- SSL_DBG(("%d: SSL3[%d]: HandleRecord, record too small.",
-- SSL_GETPID(), ss->fd));
-- /* must not hold spec lock when calling SSL3_SendAlert. */
-- ssl_ReleaseSpecReadLock(ss);
-- SSL3_SendAlert(ss, alert_fatal, bad_record_mac);
-- /* always log mac error, in case attacker can read server logs. */
-- PORT_SetError(SSL_ERROR_BAD_MAC_READ);
-- return SECFailure;
-+ goto decrypt_loser;
- }
-
- if (cipher_def->type == type_block &&
-@@ -10831,11 +10824,18 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Cip
- return SECFailure;
- }
-
-+ if (cipher_def->type == type_block &&
-+ ((cText->buf->len - ivLen) % cipher_def->block_size) != 0) {
-+ goto decrypt_loser;
-+ }
-+
- /* decrypt from cText buf to plaintext. */
- rv = crSpec->decode(
- crSpec->decodeContext, plaintext->buf, (int *)&plaintext->len,
- plaintext->space, cText->buf->buf + ivLen, cText->buf->len - ivLen);
-- good &= SECStatusToMask(rv);
-+ if (rv != SECSuccess) {
-+ goto decrypt_loser;
-+ }
-
- PRINT_BUF(80, (ss, "cleartext:", plaintext->buf, plaintext->len));
-
-@@ -10843,7 +10843,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Cip
-
- /* If it's a block cipher, check and strip the padding. */
- if (cipher_def->type == type_block) {
-- const unsigned int blockSize = cipher_def->iv_size;
-+ const unsigned int blockSize = cipher_def->block_size;
- const unsigned int macSize = crSpec->mac_size;
-
- if (crSpec->version <= SSL_LIBRARY_VERSION_3_0) {
-@@ -10899,10 +10899,11 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Cip
- }
-
- if (good == 0) {
-+decrypt_loser:
- /* must not hold spec lock when calling SSL3_SendAlert. */
- ssl_ReleaseSpecReadLock(ss);
-
-- SSL_DBG(("%d: SSL3[%d]: mac check failed", SSL_GETPID(), ss->fd));
-+ SSL_DBG(("%d: SSL3[%d]: decryption failed", SSL_GETPID(), ss->fd));
-
- if (!IS_DTLS(ss)) {
- SSL3_SendAlert(ss, alert_fatal, bad_record_mac);
diff --git a/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1741.patch b/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1741.patch
deleted file mode 100644
index 21da0c0..0000000
--- a/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1741.patch
+++ /dev/null
@@ -1,92 +0,0 @@
-Upstream-Status: backport
-yanjun.zhu <yanjun.zhu@windriver.com>
---- a/nss/lib/util/secport.c
-+++ b/nss/lib/util/secport.c
-@@ -69,13 +69,22 @@ PORTCharConversionFunc ucs4Utf8ConvertFu
- PORTCharConversionFunc ucs2Utf8ConvertFunc;
- PORTCharConversionWSwapFunc ucs2AsciiConvertFunc;
-
-+/* NSPR memory allocation functions (PR_Malloc, PR_Calloc, and PR_Realloc)
-+ * use the PRUint32 type for the size parameter. Before we pass a size_t or
-+ * unsigned long size to these functions, we need to ensure it is <= half of
-+ * the maximum PRUint32 value to avoid truncation and catch a negative size.
-+ */
-+#define MAX_SIZE (PR_UINT32_MAX >> 1)
-+
- void *
- PORT_Alloc(size_t bytes)
- {
-- void *rv;
-+ void *rv = NULL;
-
-- /* Always allocate a non-zero amount of bytes */
-- rv = (void *)PR_Malloc(bytes ? bytes : 1);
-+ if (bytes <= MAX_SIZE) {
-+ /* Always allocate a non-zero amount of bytes */
-+ rv = PR_Malloc(bytes ? bytes : 1);
-+ }
- if (!rv) {
- ++port_allocFailures;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
-@@ -86,9 +95,11 @@ PORT_Alloc(size_t bytes)
- void *
- PORT_Realloc(void *oldptr, size_t bytes)
- {
-- void *rv;
-+ void *rv = NULL;
-
-- rv = (void *)PR_Realloc(oldptr, bytes);
-+ if (bytes <= MAX_SIZE) {
-+ rv = PR_Realloc(oldptr, bytes);
-+ }
- if (!rv) {
- ++port_allocFailures;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
-@@ -99,10 +110,12 @@ PORT_Realloc(void *oldptr, size_t bytes)
- void *
- PORT_ZAlloc(size_t bytes)
- {
-- void *rv;
-+ void *rv = NULL;
-
-- /* Always allocate a non-zero amount of bytes */
-- rv = (void *)PR_Calloc(1, bytes ? bytes : 1);
-+ if (bytes <= MAX_SIZE) {
-+ /* Always allocate a non-zero amount of bytes */
-+ rv = PR_Calloc(1, bytes ? bytes : 1);
-+ }
- if (!rv) {
- ++port_allocFailures;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
-@@ -209,6 +222,10 @@ PORT_NewArena(unsigned long chunksize)
- {
- PORTArenaPool *pool;
-
-+ if (chunksize > MAX_SIZE) {
-+ PORT_SetError(SEC_ERROR_NO_MEMORY);
-+ return NULL;
-+ }
- pool = PORT_ZNew(PORTArenaPool);
- if (!pool) {
- return NULL;
-@@ -224,8 +241,6 @@ PORT_NewArena(unsigned long chunksize)
- return(&pool->arena);
- }
-
--#define MAX_SIZE 0x7fffffffUL
--
- void *
- PORT_ArenaAlloc(PLArenaPool *arena, size_t size)
- {
-@@ -330,6 +345,11 @@ PORT_ArenaGrow(PLArenaPool *arena, void
- PORTArenaPool *pool = (PORTArenaPool *)arena;
- PORT_Assert(newsize >= oldsize);
-
-+ if (newsize > MAX_SIZE) {
-+ PORT_SetError(SEC_ERROR_NO_MEMORY);
-+ return NULL;
-+ }
-+
- if (ARENAPOOL_MAGIC == pool->magic ) {
- PZ_Lock(pool->lock);
- /* Do we do a THREADMARK check here? */
diff --git a/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch b/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch
deleted file mode 100644
index 7203d02..0000000
--- a/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-signed-off-by: Ryan Sleevi <ryan.sleevi@gmail.com>
-Upstream-Status: Backport
-reference:https://hg.mozilla.org/projects/nss/rev/e79a09364b5e
-
---- a/nss/lib/ssl/ssl3con.c
-+++ b/nss/lib/ssl/ssl3con.c
-@@ -781,6 +781,11 @@ static SECStatus
- Null_Cipher(void *ctx, unsigned char *output, int *outputLen, int maxOutputLen,
- const unsigned char *input, int inputLen)
- {
-+ if (inputLen > maxOutputLen) {
-+ *outputLen = 0; /* Match PK11_CipherOp in setting outputLen */
-+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
-+ return SECFailure;
-+ }
- *outputLen = inputLen;
- if (input != output)
- PORT_Memcpy(output, input, inputLen);
diff --git a/meta/recipes-support/nss/files/nss-CVE-2013-1740.patch b/meta/recipes-support/nss/files/nss-CVE-2013-1740.patch
deleted file mode 100644
index db3d6f9..0000000
--- a/meta/recipes-support/nss/files/nss-CVE-2013-1740.patch
+++ /dev/null
@@ -1,916 +0,0 @@
-nss: CVE-2013-1740
-
-Upstream-Status: Backport
-
-the patch comes from:
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1740
-https://bugzilla.mozilla.org/show_bug.cgi?id=919877
-https://bugzilla.mozilla.org/show_bug.cgi?id=713933
-
-changeset: 10946:f28426e944ae
-user: Wan-Teh Chang <wtc@google.com>
-date: Tue Nov 26 16:44:39 2013 -0800
-summary: Bug 713933: Handle the return value of both ssl3_HandleRecord calls
-
-changeset: 10945:774c7dec7565
-user: Wan-Teh Chang <wtc@google.com>
-date: Mon Nov 25 19:16:23 2013 -0800
-summary: Bug 713933: Declare the |falseStart| local variable in the smallest
-
-changeset: 10848:141fae8fb2e8
-user: Wan-Teh Chang <wtc@google.com>
-date: Mon Sep 23 11:25:41 2013 -0700
-summary: Bug 681839: Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished, r=brian@briansmith.org
-
-changeset: 10898:1b9c43d28713
-user: Brian Smith <brian@briansmith.org>
-date: Thu Oct 31 15:40:42 2013 -0700
-summary: Bug 713933: Make SSL False Start work with asynchronous certificate validation, r=wtc
-
-Signed-off-by: Li Wang <li.wang@windriver.com>
----
- nss/lib/ssl/ssl.def | 7 ++
- nss/lib/ssl/ssl.h | 54 +++++++++++---
- nss/lib/ssl/ssl3con.c | 188 +++++++++++++++++++++++++++++++++++------------
- nss/lib/ssl/ssl3gthr.c | 63 ++++++++++++----
- nss/lib/ssl/sslauth.c | 10 +--
- nss/lib/ssl/sslimpl.h | 22 +++++-
- nss/lib/ssl/sslinfo.c | 10 +--
- nss/lib/ssl/sslreveal.c | 9 +--
- nss/lib/ssl/sslsecur.c | 139 ++++++++++++++++++++++++++++-------
- nss/lib/ssl/sslsock.c | 12 ++-
- 10 files changed, 386 insertions(+), 128 deletions(-)
-
-diff --git a/nss/lib/ssl/ssl.def b/nss/lib/ssl/ssl.def
-index fbf7fc5..e937bd4 100644
---- a/nss/lib/ssl/ssl.def
-+++ b/nss/lib/ssl/ssl.def
-@@ -163,3 +163,10 @@ SSL_SetStapledOCSPResponses;
- ;+ local:
- ;+*;
- ;+};
-+;+NSS_3.15.3 { # NSS 3.15.3 release
-+;+ global:
-+SSL_RecommendedCanFalseStart;
-+SSL_SetCanFalseStartCallback;
-+;+ local:
-+;+*;
-+;+};
-diff --git a/nss/lib/ssl/ssl.h b/nss/lib/ssl/ssl.h
-index 6db0e34..ddeaaef 100644
---- a/nss/lib/ssl/ssl.h
-+++ b/nss/lib/ssl/ssl.h
-@@ -121,14 +121,17 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd);
- #define SSL_ENABLE_FALSE_START 22 /* Enable SSL false start (off by */
- /* default, applies only to */
- /* clients). False start is a */
--/* mode where an SSL client will start sending application data before */
--/* verifying the server's Finished message. This means that we could end up */
--/* sending data to an imposter. However, the data will be encrypted and */
--/* only the true server can derive the session key. Thus, so long as the */
--/* cipher isn't broken this is safe. Because of this, False Start will only */
--/* occur on RSA or DH ciphersuites where the cipher's key length is >= 80 */
--/* bits. The advantage of False Start is that it saves a round trip for */
--/* client-speaks-first protocols when performing a full handshake. */
-+/* mode where an SSL client will start sending application data before
-+ * verifying the server's Finished message. This means that we could end up
-+ * sending data to an imposter. However, the data will be encrypted and
-+ * only the true server can derive the session key. Thus, so long as the
-+ * cipher isn't broken this is safe. The advantage of false start is that
-+ * it saves a round trip for client-speaks-first protocols when performing a
-+ * full handshake.
-+ *
-+ * In addition to enabling this option, the application must register a
-+ * callback using the SSL_SetCanFalseStartCallback function.
-+ */
-
- /* For SSL 3.0 and TLS 1.0, by default we prevent chosen plaintext attacks
- * on SSL CBC mode cipher suites (see RFC 4346 Section F.3) by splitting
-@@ -653,14 +656,45 @@ SSL_IMPORT SECStatus SSL_SetMaxServerCacheLocks(PRUint32 maxLocks);
- SSL_IMPORT SECStatus SSL_InheritMPServerSIDCache(const char * envString);
-
- /*
--** Set the callback on a particular socket that gets called when we finish
--** performing a handshake.
-+** Set the callback that gets called when a TLS handshake is complete. The
-+** handshake callback is called after verifying the peer's Finished message and
-+** before processing incoming application data.
-+**
-+** For the initial handshake: If the handshake false started (see
-+** SSL_ENABLE_FALSE_START), then application data may already have been sent
-+** before the handshake callback is called. If we did not false start then the
-+** callback will get called before any application data is sent.
- */
- typedef void (PR_CALLBACK *SSLHandshakeCallback)(PRFileDesc *fd,
- void *client_data);
- SSL_IMPORT SECStatus SSL_HandshakeCallback(PRFileDesc *fd,
- SSLHandshakeCallback cb, void *client_data);
-
-+/* Applications that wish to enable TLS false start must set this callback
-+** function. NSS will invoke the functon to determine if a particular
-+** connection should use false start or not. SECSuccess indicates that the
-+** callback completed successfully, and if so *canFalseStart indicates if false
-+** start can be used. If the callback does not return SECSuccess then the
-+** handshake will be canceled. NSS's recommended criteria can be evaluated by
-+** calling SSL_RecommendedCanFalseStart.
-+**
-+** If no false start callback is registered then false start will never be
-+** done, even if the SSL_ENABLE_FALSE_START option is enabled.
-+**/
-+typedef SECStatus (PR_CALLBACK *SSLCanFalseStartCallback)(
-+ PRFileDesc *fd, void *arg, PRBool *canFalseStart);
-+
-+SSL_IMPORT SECStatus SSL_SetCanFalseStartCallback(
-+ PRFileDesc *fd, SSLCanFalseStartCallback callback, void *arg);
-+
-+/* This function sets *canFalseStart according to the recommended criteria for
-+** false start. These criteria may change from release to release and may depend
-+** on which handshake features have been negotiated and/or properties of the
-+** certifciates/keys used on the connection.
-+*/
-+SSL_IMPORT SECStatus SSL_RecommendedCanFalseStart(PRFileDesc *fd,
-+ PRBool *canFalseStart);
-+
- /*
- ** For the server, request a new handshake. For the client, begin a new
- ** handshake. If flushCache is non-zero, the SSL3 cache entry will be
-diff --git a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
-index 61d24d9..f39ba09 100644
---- a/nss/lib/ssl/ssl3con.c
-+++ b/nss/lib/ssl/ssl3con.c
-@@ -2535,7 +2535,7 @@ ssl3_SendRecord( sslSocket * ss,
- SSL_TRC(3, ("%d: SSL3[%d] SendRecord type: %s nIn=%d",
- SSL_GETPID(), ss->fd, ssl3_DecodeContentType(type),
- nIn));
-- PRINT_BUF(3, (ss, "Send record (plain text)", pIn, nIn));
-+ PRINT_BUF(50, (ss, "Send record (plain text)", pIn, nIn));
-
- PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) );
-
-@@ -6674,36 +6674,73 @@ done:
- return rv;
- }
-
-+static SECStatus
-+ssl3_CheckFalseStart(sslSocket *ss)
-+{
-+ PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
-+ PORT_Assert( !ss->ssl3.hs.authCertificatePending );
-+ PORT_Assert( !ss->ssl3.hs.canFalseStart );
-+
-+ if (!ss->canFalseStartCallback) {
-+ SSL_TRC(3, ("%d: SSL[%d]: no false start callback so no false start",
-+ SSL_GETPID(), ss->fd));
-+ } else {
-+ PRBool maybeFalseStart;
-+ SECStatus rv;
-+
-+ /* An attacker can control the selected ciphersuite so we only wish to
-+ * do False Start in the case that the selected ciphersuite is
-+ * sufficiently strong that the attack can gain no advantage.
-+ * Therefore we always require an 80-bit cipher. */
-+ ssl_GetSpecReadLock(ss);
-+ maybeFalseStart = ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10;
-+ ssl_ReleaseSpecReadLock(ss);
-+
-+ if (!maybeFalseStart) {
-+ SSL_TRC(3, ("%d: SSL[%d]: no false start due to weak cipher",
-+ SSL_GETPID(), ss->fd));
-+ } else {
-+ rv = (ss->canFalseStartCallback)(ss->fd,
-+ ss->canFalseStartCallbackData,
-+ &ss->ssl3.hs.canFalseStart);
-+ if (rv == SECSuccess) {
-+ SSL_TRC(3, ("%d: SSL[%d]: false start callback returned %s",
-+ SSL_GETPID(), ss->fd,
-+ ss->ssl3.hs.canFalseStart ? "TRUE" : "FALSE"));
-+ } else {
-+ SSL_TRC(3, ("%d: SSL[%d]: false start callback failed (%s)",
-+ SSL_GETPID(), ss->fd,
-+ PR_ErrorToName(PR_GetError())));
-+ }
-+ return rv;
-+ }
-+ }
-+
-+ ss->ssl3.hs.canFalseStart = PR_FALSE;
-+ return SECSuccess;
-+}
-+
- PRBool
--ssl3_CanFalseStart(sslSocket *ss) {
-- PRBool rv;
-+ssl3_WaitingForStartOfServerSecondRound(sslSocket *ss)
-+{
-+ PRBool result = PR_FALSE;
-
- PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
-
-- /* XXX: does not take into account whether we are waiting for
-- * SSL_AuthCertificateComplete or SSL_RestartHandshakeAfterCertReq. If/when
-- * that is done, this function could return different results each time it
-- * would be called.
-- */
-+ switch (ss->ssl3.hs.ws) {
-+ case wait_new_session_ticket:
-+ result = PR_TRUE;
-+ break;
-+ case wait_change_cipher:
-+ result = !ssl3_ExtensionNegotiated(ss, ssl_session_ticket_xtn);
-+ break;
-+ case wait_finished:
-+ break;
-+ default:
-+ PR_NOT_REACHED("ssl3_WaitingForStartOfServerSecondRound");
-+ }
-
-- ssl_GetSpecReadLock(ss);
-- rv = ss->opt.enableFalseStart &&
-- !ss->sec.isServer &&
-- !ss->ssl3.hs.isResuming &&
-- ss->ssl3.cwSpec &&
--
-- /* An attacker can control the selected ciphersuite so we only wish to
-- * do False Start in the case that the selected ciphersuite is
-- * sufficiently strong that the attack can gain no advantage.
-- * Therefore we require an 80-bit cipher and a forward-secret key
-- * exchange. */
-- ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10 &&
-- (ss->ssl3.hs.kea_def->kea == kea_dhe_dss ||
-- ss->ssl3.hs.kea_def->kea == kea_dhe_rsa ||
-- ss->ssl3.hs.kea_def->kea == kea_ecdhe_ecdsa ||
-- ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa);
-- ssl_ReleaseSpecReadLock(ss);
-- return rv;
-+ return result;
- }
-
- static SECStatus ssl3_SendClientSecondRound(sslSocket *ss);
-@@ -6785,6 +6822,9 @@ ssl3_SendClientSecondRound(sslSocket *ss)
- }
- if (ss->ssl3.hs.authCertificatePending &&
- (sendClientCert || ss->ssl3.sendEmptyCert || ss->firstHsDone)) {
-+ SSL_TRC(3, ("%d: SSL3[%p]: deferring ssl3_SendClientSecondRound because"
-+ " certificate authentication is still pending.",
-+ SSL_GETPID(), ss->fd));
- ss->ssl3.hs.restartTarget = ssl3_SendClientSecondRound;
- return SECWouldBlock;
- }
-@@ -6822,14 +6862,50 @@ ssl3_SendClientSecondRound(sslSocket *ss)
- goto loser; /* err code was set. */
- }
-
-- /* XXX: If the server's certificate hasn't been authenticated by this
-- * point, then we may be leaking this NPN message to an attacker.
-+ /* This must be done after we've set ss->ssl3.cwSpec in
-+ * ssl3_SendChangeCipherSpecs because SSL_GetChannelInfo uses information
-+ * from cwSpec. This must be done before we call ssl3_CheckFalseStart
-+ * because the false start callback (if any) may need the information from
-+ * the functions that depend on this being set.
- */
-+ ss->enoughFirstHsDone = PR_TRUE;
-+
- if (!ss->firstHsDone) {
-+ /* XXX: If the server's certificate hasn't been authenticated by this
-+ * point, then we may be leaking this NPN message to an attacker.
-+ */
- rv = ssl3_SendNextProto(ss);
- if (rv != SECSuccess) {
- goto loser; /* err code was set. */
- }
-+
-+ if (ss->opt.enableFalseStart) {
-+ if (!ss->ssl3.hs.authCertificatePending) {
-+ /* When we fix bug 589047, we will need to know whether we are
-+ * false starting before we try to flush the client second
-+ * round to the network. With that in mind, we purposefully
-+ * call ssl3_CheckFalseStart before calling ssl3_SendFinished,
-+ * which includes a call to ssl3_FlushHandshake, so that
-+ * no application develops a reliance on such flushing being
-+ * done before its false start callback is called.
-+ */
-+ ssl_ReleaseXmitBufLock(ss);
-+ rv = ssl3_CheckFalseStart(ss);
-+ ssl_GetXmitBufLock(ss);
-+ if (rv != SECSuccess) {
-+ goto loser;
-+ }
-+ } else {
-+ /* The certificate authentication and the server's Finished
-+ * message are racing each other. If the certificate
-+ * authentication wins, then we will try to false start in
-+ * ssl3_AuthCertificateComplete.
-+ */
-+ SSL_TRC(3, ("%d: SSL3[%p]: deferring false start check because"
-+ " certificate authentication is still pending.",
-+ SSL_GETPID(), ss->fd));
-+ }
-+ }
- }
-
- rv = ssl3_SendFinished(ss, 0);
-@@ -6844,10 +6920,7 @@ ssl3_SendClientSecondRound(sslSocket *ss)
- else
- ss->ssl3.hs.ws = wait_change_cipher;
-
-- /* Do the handshake callback for sslv3 here, if we can false start. */
-- if (ss->handshakeCallback != NULL && ssl3_CanFalseStart(ss)) {
-- (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
-- }
-+ PORT_Assert(ssl3_WaitingForStartOfServerSecondRound(ss));
-
- return SECSuccess;
-
-@@ -9421,13 +9494,6 @@ ssl3_AuthCertificate(sslSocket *ss)
-
- ss->ssl3.hs.authCertificatePending = PR_TRUE;
- rv = SECSuccess;
--
-- /* XXX: Async cert validation and False Start don't work together
-- * safely yet; if we leave False Start enabled, we may end up false
-- * starting (sending application data) before we
-- * SSL_AuthCertificateComplete has been called.
-- */
-- ss->opt.enableFalseStart = PR_FALSE;
- }
-
- if (rv != SECSuccess) {
-@@ -9551,6 +9617,12 @@ ssl3_AuthCertificateComplete(sslSocket *ss, PRErrorCode error)
- } else if (ss->ssl3.hs.restartTarget != NULL) {
- sslRestartTarget target = ss->ssl3.hs.restartTarget;
- ss->ssl3.hs.restartTarget = NULL;
-+
-+ if (target == ssl3_FinishHandshake) {
-+ SSL_TRC(3,("%d: SSL3[%p]: certificate authentication lost the race"
-+ " with peer's finished message", SSL_GETPID(), ss->fd));
-+ }
-+
- rv = target(ss);
- /* Even if we blocked here, we have accomplished enough to claim
- * success. Any remaining work will be taken care of by subsequent
-@@ -9560,7 +9632,29 @@ ssl3_AuthCertificateComplete(sslSocket *ss, PRErrorCode error)
- rv = SECSuccess;
- }
- } else {
-- rv = SECSuccess;
-+ SSL_TRC(3, ("%d: SSL3[%p]: certificate authentication won the race with"
-+ " peer's finished message", SSL_GETPID(), ss->fd));
-+
-+ PORT_Assert(!ss->firstHsDone);
-+ PORT_Assert(!ss->sec.isServer);
-+ PORT_Assert(!ss->ssl3.hs.isResuming);
-+ PORT_Assert(ss->ssl3.hs.ws == wait_new_session_ticket ||
-+ ss->ssl3.hs.ws == wait_change_cipher ||
-+ ss->ssl3.hs.ws == wait_finished);
-+
-+ /* ssl3_SendClientSecondRound deferred the false start check because
-+ * certificate authentication was pending, so we do it now if we still
-+ * haven't received any of the server's second round yet.
-+ */
-+ if (ss->opt.enableFalseStart &&
-+ !ss->firstHsDone &&
-+ !ss->sec.isServer &&
-+ !ss->ssl3.hs.isResuming &&
-+ ssl3_WaitingForStartOfServerSecondRound(ss)) {
-+ rv = ssl3_CheckFalseStart(ss);
-+ } else {
-+ rv = SECSuccess;
-+ }
- }
-
- done:
-@@ -10023,9 +10117,6 @@ xmit_loser:
- return rv;
- }
-
-- ss->gs.writeOffset = 0;
-- ss->gs.readOffset = 0;
--
- if (ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa) {
- effectiveExchKeyType = kt_rsa;
- } else {
-@@ -10090,6 +10181,9 @@ xmit_loser:
- return rv;
- }
-
-+/* The return type is SECStatus instead of void because this function needs
-+ * to have type sslRestartTarget.
-+ */
- SECStatus
- ssl3_FinishHandshake(sslSocket * ss)
- {
-@@ -10099,19 +10193,16 @@ ssl3_FinishHandshake(sslSocket * ss)
-
- /* The first handshake is now completed. */
- ss->handshake = NULL;
-- ss->firstHsDone = PR_TRUE;
-
- if (ss->ssl3.hs.cacheSID) {
- (*ss->sec.cache)(ss->sec.ci.sid);
- ss->ssl3.hs.cacheSID = PR_FALSE;
- }
-
-+ ss->ssl3.hs.canFalseStart = PR_FALSE; /* False Start phase is complete */
- ss->ssl3.hs.ws = idle_handshake;
-
-- /* Do the handshake callback for sslv3 here, if we cannot false start. */
-- if (ss->handshakeCallback != NULL && !ssl3_CanFalseStart(ss)) {
-- (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
-- }
-+ ssl_FinishHandshake(ss);
-
- return SECSuccess;
- }
-@@ -11045,7 +11136,6 @@ process_it:
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- return rv;
--
- }
-
- /*
-diff --git a/nss/lib/ssl/ssl3gthr.c b/nss/lib/ssl/ssl3gthr.c
-index 6d62515..03e369d 100644
---- a/nss/lib/ssl/ssl3gthr.c
-+++ b/nss/lib/ssl/ssl3gthr.c
-@@ -275,11 +275,17 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
- {
- SSL3Ciphertext cText;
- int rv;
-- PRBool canFalseStart = PR_FALSE;
-+ PRBool keepGoing = PR_TRUE;
-
- SSL_TRC(30, ("ssl3_GatherCompleteHandshake"));
-
-+ /* ssl3_HandleRecord may end up eventually calling ssl_FinishHandshake,
-+ * which requires the 1stHandshakeLock, which must be acquired before the
-+ * RecvBufLock.
-+ */
-+ PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) );
- PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
-+
- do {
- PRBool handleRecordNow = PR_FALSE;
-
-@@ -368,20 +374,48 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
- if (rv < 0) {
- return ss->recvdCloseNotify ? 0 : rv;
- }
-+ if (rv == (int) SECSuccess && ss->gs.buf.len > 0) {
-+ /* We have application data to return to the application. This
-+ * prioritizes returning application data to the application over
-+ * completing any renegotiation handshake we may be doing.
-+ */
-+ PORT_Assert(ss->firstHsDone);
-+ PORT_Assert(cText.type == content_application_data);
-+ break;
-+ }
-
-- /* If we kicked off a false start in ssl3_HandleServerHelloDone, break
-- * out of this loop early without finishing the handshake.
-- */
-- if (ss->opt.enableFalseStart) {
-- ssl_GetSSL3HandshakeLock(ss);
-- canFalseStart = (ss->ssl3.hs.ws == wait_change_cipher ||
-- ss->ssl3.hs.ws == wait_new_session_ticket) &&
-- ssl3_CanFalseStart(ss);
-- ssl_ReleaseSSL3HandshakeLock(ss);
-+ PORT_Assert(keepGoing);
-+ ssl_GetSSL3HandshakeLock(ss);
-+ if (ss->ssl3.hs.ws == idle_handshake) {
-+ /* We are done with the current handshake so stop trying to
-+ * handshake. Note that it would be safe to test ss->firstHsDone
-+ * instead of ss->ssl3.hs.ws. By testing ss->ssl3.hs.ws instead,
-+ * we prioritize completing a renegotiation handshake over sending
-+ * application data.
-+ */
-+ PORT_Assert(ss->firstHsDone);
-+ PORT_Assert(!ss->ssl3.hs.canFalseStart);
-+ keepGoing = PR_FALSE;
-+ } else if (ss->ssl3.hs.canFalseStart) {
-+ /* Prioritize sending application data over trying to complete
-+ * the handshake if we're false starting.
-+ *
-+ * If we were to do this check at the beginning of the loop instead
-+ * of here, then this function would become be a no-op after
-+ * receiving the ServerHelloDone in the false start case, and we
-+ * would never complete the handshake.
-+ */
-+ PORT_Assert(!ss->firstHsDone);
-+
-+ if (ssl3_WaitingForStartOfServerSecondRound(ss)) {
-+ keepGoing = PR_FALSE;
-+ } else {
-+ ss->ssl3.hs.canFalseStart = PR_FALSE;
-+ }
- }
-- } while (ss->ssl3.hs.ws != idle_handshake &&
-- !canFalseStart &&
-- ss->gs.buf.len == 0);
-+ ssl_ReleaseSSL3HandshakeLock(ss);
-+ } while (keepGoing);
-+
-
- ss->gs.readOffset = 0;
- ss->gs.writeOffset = ss->gs.buf.len;
-@@ -404,7 +438,10 @@ ssl3_GatherAppDataRecord(sslSocket *ss, int flags)
- {
- int rv;
-
-+ /* ssl3_GatherCompleteHandshake requires both of these locks. */
-+ PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) );
- PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
-+
- do {
- rv = ssl3_GatherCompleteHandshake(ss, flags);
- } while (rv > 0 && ss->gs.buf.len == 0);
-diff --git a/nss/lib/ssl/sslauth.c b/nss/lib/ssl/sslauth.c
-index d2f57bf..cb956d4 100644
---- a/nss/lib/ssl/sslauth.c
-+++ b/nss/lib/ssl/sslauth.c
-@@ -60,7 +60,6 @@ SSL_SecurityStatus(PRFileDesc *fd, int *op, char **cp, int *kp0, int *kp1,
- sslSocket *ss;
- const char *cipherName;
- PRBool isDes = PR_FALSE;
-- PRBool enoughFirstHsDone = PR_FALSE;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
-@@ -78,14 +77,7 @@ SSL_SecurityStatus(PRFileDesc *fd, int *op, char **cp, int *kp0, int *kp1,
- *op = SSL_SECURITY_STATUS_OFF;
- }
-
-- if (ss->firstHsDone) {
-- enoughFirstHsDone = PR_TRUE;
-- } else if (ss->version >= SSL_LIBRARY_VERSION_3_0 &&
-- ssl3_CanFalseStart(ss)) {
-- enoughFirstHsDone = PR_TRUE;
-- }
--
-- if (ss->opt.useSecurity && enoughFirstHsDone) {
-+ if (ss->opt.useSecurity && ss->enoughFirstHsDone) {
- if (ss->version < SSL_LIBRARY_VERSION_3_0) {
- cipherName = ssl_cipherName[ss->sec.cipherType];
- } else {
-diff --git a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h
-index 90e9567..bf0d67f 100644
---- a/nss/lib/ssl/sslimpl.h
-+++ b/nss/lib/ssl/sslimpl.h
-@@ -842,6 +842,8 @@ const ssl3CipherSuiteDef *suite_def;
- /* Shared state between ssl3_HandleFinished and ssl3_FinishHandshake */
- PRBool cacheSID;
-
-+ PRBool canFalseStart; /* Can/did we False Start */
-+
- /* clientSigAndHash contains the contents of the signature_algorithms
- * extension (if any) from the client. This is only valid for TLS 1.2
- * or later. */
-@@ -1116,6 +1118,10 @@ struct sslSocketStr {
- unsigned long clientAuthRequested;
- unsigned long delayDisabled; /* Nagle delay disabled */
- unsigned long firstHsDone; /* first handshake is complete. */
-+ unsigned long enoughFirstHsDone; /* enough of the first handshake is
-+ * done for callbacks to be able to
-+ * retrieve channel security
-+ * parameters from the SSL socket. */
- unsigned long handshakeBegun;
- unsigned long lastWriteBlocked;
- unsigned long recvdCloseNotify; /* received SSL EOF. */
-@@ -1156,6 +1162,8 @@ const unsigned char * preferredCipher;
- void *badCertArg;
- SSLHandshakeCallback handshakeCallback;
- void *handshakeCallbackData;
-+ SSLCanFalseStartCallback canFalseStartCallback;
-+ void *canFalseStartCallbackData;
- void *pkcs11PinArg;
- SSLNextProtoCallback nextProtoCallback;
- void *nextProtoArg;
-@@ -1358,7 +1366,19 @@ extern void ssl3_SetAlwaysBlock(sslSocket *ss);
-
- extern SECStatus ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled);
-
--extern PRBool ssl3_CanFalseStart(sslSocket *ss);
-+extern void ssl_FinishHandshake(sslSocket *ss);
-+
-+/* Returns PR_TRUE if we are still waiting for the server to respond to our
-+ * client second round. Once we've received any part of the server's second
-+ * round then we don't bother trying to false start since it is almost always
-+ * the case that the NewSessionTicket, ChangeCipherSoec, and Finished messages
-+ * were sent in the same packet and we want to process them all at the same
-+ * time. If we were to try to false start in the middle of the server's second
-+ * round, then we would increase the number of I/O operations
-+ * (SSL_ForceHandshake/PR_Recv/PR_Send/etc.) needed to finish the handshake.
-+ */
-+extern PRBool ssl3_WaitingForStartOfServerSecondRound(sslSocket *ss);
-+
- extern SECStatus
- ssl3_CompressMACEncryptRecord(ssl3CipherSpec * cwSpec,
- PRBool isServer,
-diff --git a/nss/lib/ssl/sslinfo.c b/nss/lib/ssl/sslinfo.c
-index 9f2597e..d0c23b7 100644
---- a/nss/lib/ssl/sslinfo.c
-+++ b/nss/lib/ssl/sslinfo.c
-@@ -26,7 +26,6 @@ SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len)
- sslSocket * ss;
- SSLChannelInfo inf;
- sslSessionID * sid;
-- PRBool enoughFirstHsDone = PR_FALSE;
-
- if (!info || len < sizeof inf.length) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
-@@ -43,14 +42,7 @@ SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len)
- memset(&inf, 0, sizeof inf);
- inf.length = PR_MIN(sizeof inf, len);
-
-- if (ss->firstHsDone) {
-- enoughFirstHsDone = PR_TRUE;
-- } else if (ss->version >= SSL_LIBRARY_VERSION_3_0 &&
-- ssl3_CanFalseStart(ss)) {
-- enoughFirstHsDone = PR_TRUE;
-- }
--
-- if (ss->opt.useSecurity && enoughFirstHsDone) {
-+ if (ss->opt.useSecurity && ss->enoughFirstHsDone) {
- sid = ss->sec.ci.sid;
- inf.protocolVersion = ss->version;
- inf.authKeyBits = ss->sec.authKeyBits;
-diff --git a/nss/lib/ssl/sslreveal.c b/nss/lib/ssl/sslreveal.c
-index dc14794..d972998 100644
---- a/nss/lib/ssl/sslreveal.c
-+++ b/nss/lib/ssl/sslreveal.c
-@@ -77,7 +77,6 @@ SSL_HandshakeNegotiatedExtension(PRFileDesc * socket,
- {
- /* some decisions derived from SSL_GetChannelInfo */
- sslSocket * sslsocket = NULL;
-- PRBool enoughFirstHsDone = PR_FALSE;
-
- if (!pYes) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
-@@ -93,14 +92,8 @@ SSL_HandshakeNegotiatedExtension(PRFileDesc * socket,
-
- *pYes = PR_FALSE;
-
-- if (sslsocket->firstHsDone) {
-- enoughFirstHsDone = PR_TRUE;
-- } else if (sslsocket->ssl3.initialized && ssl3_CanFalseStart(sslsocket)) {
-- enoughFirstHsDone = PR_TRUE;
-- }
--
- /* according to public API SSL_GetChannelInfo, this doesn't need a lock */
-- if (sslsocket->opt.useSecurity && enoughFirstHsDone) {
-+ if (sslsocket->opt.useSecurity) {
- if (sslsocket->ssl3.initialized) { /* SSL3 and TLS */
- /* now we know this socket went through ssl3_InitState() and
- * ss->xtnData got initialized, which is the only member accessed by
-diff --git a/nss/lib/ssl/sslsecur.c b/nss/lib/ssl/sslsecur.c
-index 49bb42b..d0df442 100644
---- a/nss/lib/ssl/sslsecur.c
-+++ b/nss/lib/ssl/sslsecur.c
-@@ -97,23 +97,13 @@ ssl_Do1stHandshake(sslSocket *ss)
- ss->securityHandshake = 0;
- }
- if (ss->handshake == 0) {
-- ssl_GetRecvBufLock(ss);
-- ss->gs.recordLen = 0;
-- ssl_ReleaseRecvBufLock(ss);
--
-- SSL_TRC(3, ("%d: SSL[%d]: handshake is completed",
-- SSL_GETPID(), ss->fd));
-- /* call handshake callback for ssl v2 */
-- /* for v3 this is done in ssl3_HandleFinished() */
-- if ((ss->handshakeCallback != NULL) && /* has callback */
-- (!ss->firstHsDone) && /* only first time */
-- (ss->version < SSL_LIBRARY_VERSION_3_0)) { /* not ssl3 */
-- ss->firstHsDone = PR_TRUE;
-- (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
-+ /* for v3 this is done in ssl3_FinishHandshake */
-+ if (!ss->firstHsDone && ss->version < SSL_LIBRARY_VERSION_3_0) {
-+ ssl_GetRecvBufLock(ss);
-+ ss->gs.recordLen = 0;
-+ ssl_FinishHandshake(ss);
-+ ssl_ReleaseRecvBufLock(ss);
- }
-- ss->firstHsDone = PR_TRUE;
-- ss->gs.writeOffset = 0;
-- ss->gs.readOffset = 0;
- break;
- }
- rv = (*ss->handshake)(ss);
-@@ -134,6 +124,24 @@ ssl_Do1stHandshake(sslSocket *ss)
- return rv;
- }
-
-+void
-+ssl_FinishHandshake(sslSocket *ss)
-+{
-+ PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) );
-+ PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
-+
-+ SSL_TRC(3, ("%d: SSL[%d]: handshake is completed", SSL_GETPID(), ss->fd));
-+
-+ ss->firstHsDone = PR_TRUE;
-+ ss->enoughFirstHsDone = PR_TRUE;
-+ ss->gs.writeOffset = 0;
-+ ss->gs.readOffset = 0;
-+
-+ if (ss->handshakeCallback) {
-+ (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
-+ }
-+}
-+
- /*
- * Handshake function that blocks. Used to force a
- * retry on a connection on the next read/write.
-@@ -206,6 +214,7 @@ SSL_ResetHandshake(PRFileDesc *s, PRBool asServer)
- ssl_Get1stHandshakeLock(ss);
-
- ss->firstHsDone = PR_FALSE;
-+ ss->enoughFirstHsDone = PR_FALSE;
- if ( asServer ) {
- ss->handshake = ssl2_BeginServerHandshake;
- ss->handshaking = sslHandshakingAsServer;
-@@ -221,6 +230,8 @@ SSL_ResetHandshake(PRFileDesc *s, PRBool asServer)
- ssl_ReleaseRecvBufLock(ss);
-
- ssl_GetSSL3HandshakeLock(ss);
-+ ss->ssl3.hs.canFalseStart = PR_FALSE;
-+ ss->ssl3.hs.restartTarget = NULL;
-
- /*
- ** Blow away old security state and get a fresh setup.
-@@ -331,6 +342,71 @@ SSL_HandshakeCallback(PRFileDesc *fd, SSLHandshakeCallback cb,
- return SECSuccess;
- }
-
-+/* Register an application callback to be called when false start may happen.
-+** Acquires and releases HandshakeLock.
-+*/
-+SECStatus
-+SSL_SetCanFalseStartCallback(PRFileDesc *fd, SSLCanFalseStartCallback cb,
-+ void *arg)
-+{
-+ sslSocket *ss;
-+
-+ ss = ssl_FindSocket(fd);
-+ if (!ss) {
-+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetCanFalseStartCallback",
-+ SSL_GETPID(), fd));
-+ return SECFailure;
-+ }
-+
-+ if (!ss->opt.useSecurity) {
-+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
-+ return SECFailure;
-+ }
-+
-+ ssl_Get1stHandshakeLock(ss);
-+ ssl_GetSSL3HandshakeLock(ss);
-+
-+ ss->canFalseStartCallback = cb;
-+ ss->canFalseStartCallbackData = arg;
-+
-+ ssl_ReleaseSSL3HandshakeLock(ss);
-+ ssl_Release1stHandshakeLock(ss);
-+
-+ return SECSuccess;
-+}
-+
-+SECStatus
-+SSL_RecommendedCanFalseStart(PRFileDesc *fd, PRBool *canFalseStart)
-+{
-+ sslSocket *ss;
-+
-+ *canFalseStart = PR_FALSE;
-+ ss = ssl_FindSocket(fd);
-+ if (!ss) {
-+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_RecommendedCanFalseStart",
-+ SSL_GETPID(), fd));
-+ return SECFailure;
-+ }
-+
-+ if (!ss->ssl3.initialized) {
-+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
-+ return SECFailure;
-+ }
-+
-+ if (ss->version < SSL_LIBRARY_VERSION_3_0) {
-+ PORT_SetError(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2);
-+ return SECFailure;
-+ }
-+
-+ /* Require a forward-secret key exchange. */
-+ *canFalseStart = ss->ssl3.hs.kea_def->kea == kea_dhe_dss ||
-+ ss->ssl3.hs.kea_def->kea == kea_dhe_rsa ||
-+ ss->ssl3.hs.kea_def->kea == kea_ecdhe_ecdsa ||
-+ ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa;
-+
-+ return SECSuccess;
-+}
-+
- /* Try to make progress on an SSL handshake by attempting to read the
- ** next handshake from the peer, and sending any responses.
- ** For non-blocking sockets, returns PR_ERROR_WOULD_BLOCK if it cannot
-@@ -524,6 +600,9 @@ DoRecv(sslSocket *ss, unsigned char *out, int len, int flags)
- int amount;
- int available;
-
-+ /* ssl3_GatherAppDataRecord may call ssl_FinishHandshake, which needs the
-+ * 1stHandshakeLock. */
-+ ssl_Get1stHandshakeLock(ss);
- ssl_GetRecvBufLock(ss);
-
- available = ss->gs.writeOffset - ss->gs.readOffset;
-@@ -590,6 +669,7 @@ DoRecv(sslSocket *ss, unsigned char *out, int len, int flags)
-
- done:
- ssl_ReleaseRecvBufLock(ss);
-+ ssl_Release1stHandshakeLock(ss);
- return rv;
- }
-
-@@ -1156,7 +1236,7 @@ ssl_SecureRead(sslSocket *ss, unsigned char *buf, int len)
- int
- ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
- {
-- int rv = 0;
-+ int rv = 0;
-
- SSL_TRC(2, ("%d: SSL[%d]: SecureSend: sending %d bytes",
- SSL_GETPID(), ss->fd, len));
-@@ -1191,19 +1271,15 @@ ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
- ss->writerThread = PR_GetCurrentThread();
- /* If any of these is non-zero, the initial handshake is not done. */
- if (!ss->firstHsDone) {
-- PRBool canFalseStart = PR_FALSE;
-+ PRBool falseStart = PR_FALSE;
- ssl_Get1stHandshakeLock(ss);
-- if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
-+ if (ss->opt.enableFalseStart &&
-+ ss->version >= SSL_LIBRARY_VERSION_3_0) {
- ssl_GetSSL3HandshakeLock(ss);
-- if ((ss->ssl3.hs.ws == wait_change_cipher ||
-- ss->ssl3.hs.ws == wait_finished ||
-- ss->ssl3.hs.ws == wait_new_session_ticket) &&
-- ssl3_CanFalseStart(ss)) {
-- canFalseStart = PR_TRUE;
-- }
-+ falseStart = ss->ssl3.hs.canFalseStart;
- ssl_ReleaseSSL3HandshakeLock(ss);
- }
-- if (!canFalseStart &&
-+ if (!falseStart &&
- (ss->handshake || ss->nextHandshake || ss->securityHandshake)) {
- rv = ssl_Do1stHandshake(ss);
- }
-@@ -1228,6 +1304,17 @@ ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
- goto done;
- }
-
-+ if (!ss->firstHsDone) {
-+ PORT_Assert(ss->version >= SSL_LIBRARY_VERSION_3_0);
-+#ifdef DEBUG
-+ ssl_GetSSL3HandshakeLock(ss);
-+ PORT_Assert(ss->ssl3.hs.canFalseStart);
-+ ssl_ReleaseSSL3HandshakeLock(ss);
-+#endif
-+ SSL_TRC(3, ("%d: SSL[%d]: SecureSend: sending data due to false start",
-+ SSL_GETPID(), ss->fd));
-+ }
-+
- /* Send out the data using one of these functions:
- * ssl2_SendClear, ssl2_SendStream, ssl2_SendBlock,
- * ssl3_SendApplicationData
-diff --git a/nss/lib/ssl/sslsock.c b/nss/lib/ssl/sslsock.c
-index cd4a7a7..73e069b 100644
---- a/nss/lib/ssl/sslsock.c
-+++ b/nss/lib/ssl/sslsock.c
-@@ -349,6 +349,8 @@ ssl_DupSocket(sslSocket *os)
- ss->badCertArg = os->badCertArg;
- ss->handshakeCallback = os->handshakeCallback;
- ss->handshakeCallbackData = os->handshakeCallbackData;
-+ ss->canFalseStartCallback = os->canFalseStartCallback;
-+ ss->canFalseStartCallbackData = os->canFalseStartCallbackData;
- ss->pkcs11PinArg = os->pkcs11PinArg;
-
- /* Create security data */
-@@ -2341,10 +2343,14 @@ ssl_Poll(PRFileDesc *fd, PRInt16 how_flags, PRInt16 *p_out_flags)
- } else if (new_flags & PR_POLL_WRITE) {
- /* The caller is trying to write, but the handshake is
- ** blocked waiting for data to read, and the first
-- ** handshake has been sent. so do NOT to poll on write.
-+ ** handshake has been sent. So do NOT to poll on write
-+ ** unless we did false start.
- */
-- new_flags ^= PR_POLL_WRITE; /* don't select on write. */
-- new_flags |= PR_POLL_READ; /* do select on read. */
-+ if (!(ss->version >= SSL_LIBRARY_VERSION_3_0 &&
-+ ss->ssl3.hs.canFalseStart)) {
-+ new_flags ^= PR_POLL_WRITE; /* don't select on write. */
-+ }
-+ new_flags |= PR_POLL_READ; /* do select on read. */
- }
- }
- } else if ((new_flags & PR_POLL_READ) && (SSL_DataPending(fd) > 0)) {
---
-1.7.9.5
-
diff --git a/meta/recipes-support/nss/files/nss-CVE-2013-5606.patch b/meta/recipes-support/nss/files/nss-CVE-2013-5606.patch
deleted file mode 100644
index f30475b..0000000
--- a/meta/recipes-support/nss/files/nss-CVE-2013-5606.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-nss: CVE-2013-5606
-
-Upstream-Status: Backport
-
-the patch comes from:
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5606
-https://bugzilla.mozilla.org/show_bug.cgi?id=910438
-http://hg.mozilla.org/projects/nss/rev/d29898e0981c
-
-The CERT_VerifyCert function in lib/certhigh/certvfy.c in
-Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides
-an unexpected return value for an incompatible key-usage certificate
-when the CERTVerifyLog argument is valid, which might allow remote
-attackers to bypass intended access restrictions via a crafted certificate.
-
-Signed-off-by: Li Wang <li.wang@windriver.com>
----
- nss/lib/certhigh/certvfy.c | 7 +++++--
- 1 file changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/nss/lib/certhigh/certvfy.c b/nss/lib/certhigh/certvfy.c
-index f364ceb..f450205 100644
---- a/nss/lib/certhigh/certvfy.c
-+++ b/nss/lib/certhigh/certvfy.c
-@@ -1312,7 +1312,7 @@ CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
- PORT_SetError(SEC_ERROR_UNTRUSTED_CERT);
- LOG_ERROR_OR_EXIT(log,cert,0,flags);
- } else if (trusted) {
-- goto winner;
-+ goto done;
- }
-
-
-@@ -1340,7 +1340,10 @@ CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
- }
- }
-
--winner:
-+done:
-+ if (log && log->head) {
-+ return SECFailure;
-+ }
- return(SECSuccess);
-
- loser:
---
-1.7.9.5
-
diff --git a/meta/recipes-support/nss/files/nss-CVE-2014-1492.patch b/meta/recipes-support/nss/files/nss-CVE-2014-1492.patch
deleted file mode 100644
index 1be8a17..0000000
--- a/meta/recipes-support/nss/files/nss-CVE-2014-1492.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-nss: CVE-2014-1492
-
-Upstream-Status: Backport
-
-the patch comes from:
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1492
-https://bugzilla.mozilla.org/show_bug.cgi?id=903885
-
-changeset: 11063:709d4e597979
-user: Kai Engert <kaie@kuix.de>
-date: Wed Mar 05 18:38:55 2014 +0100
-summary: Bug 903885, address requests to clarify comments from wtc
-
-changeset: 11046:2ffa40a3ff55
-tag: tip
-user: Wan-Teh Chang <wtc@google.com>
-date: Tue Feb 25 18:17:08 2014 +0100
-summary: Bug 903885, fix IDNA wildcard handling v4, r=kaie
-
-changeset: 11045:15ea62260c21
-user: Christian Heimes <sites@cheimes.de>
-date: Mon Feb 24 17:50:25 2014 +0100
-summary: Bug 903885, fix IDNA wildcard handling, r=kaie
-
-Signed-off-by: Li Wang <li.wang@windriver.com>
----
- nss/lib/certdb/certdb.c | 15 +++++++++------
- 1 file changed, 9 insertions(+), 6 deletions(-)
-
-diff --git a/nss/lib/certdb/certdb.c b/nss/lib/certdb/certdb.c
-index b7d22bd..91877b7 100644
---- a/nss/lib/certdb/certdb.c
-+++ b/nss/lib/certdb/certdb.c
-@@ -1381,7 +1381,7 @@ cert_TestHostName(char * cn, const char * hn)
- return rv;
- }
- } else {
-- /* New approach conforms to RFC 2818. */
-+ /* New approach conforms to RFC 6125. */
- char *wildcard = PORT_Strchr(cn, '*');
- char *firstcndot = PORT_Strchr(cn, '.');
- char *secondcndot = firstcndot ? PORT_Strchr(firstcndot+1, '.') : NULL;
-@@ -1390,14 +1390,17 @@ cert_TestHostName(char * cn, const char * hn)
- /* For a cn pattern to be considered valid, the wildcard character...
- * - may occur only in a DNS name with at least 3 components, and
- * - may occur only as last character in the first component, and
-- * - may be preceded by additional characters
-+ * - may be preceded by additional characters, and
-+ * - must not be preceded by an IDNA ACE prefix (xn--)
- */
- if (wildcard && secondcndot && secondcndot[1] && firsthndot
-- && firstcndot - wildcard == 1
-- && secondcndot - firstcndot > 1
-- && PORT_Strrchr(cn, '*') == wildcard
-+ && firstcndot - wildcard == 1 /* wildcard is last char in first component */
-+ && secondcndot - firstcndot > 1 /* second component is non-empty */
-+ && PORT_Strrchr(cn, '*') == wildcard /* only one wildcard in cn */
- && !PORT_Strncasecmp(cn, hn, wildcard - cn)
-- && !PORT_Strcasecmp(firstcndot, firsthndot)) {
-+ && !PORT_Strcasecmp(firstcndot, firsthndot)
-+ /* If hn starts with xn--, then cn must start with wildcard */
-+ && (PORT_Strncasecmp(hn, "xn--", 4) || wildcard == cn)) {
- /* valid wildcard pattern match */
- return SECSuccess;
- }
---
-1.7.9.5
-
diff --git a/meta/recipes-support/nss/files/nss-CVE-2014-1544.patch b/meta/recipes-support/nss/files/nss-CVE-2014-1544.patch
deleted file mode 100644
index d6434df..0000000
--- a/meta/recipes-support/nss/files/nss-CVE-2014-1544.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-nss: CVE-2014-1544
-
-the patch comes from:
-https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-1544
-https://hg.mozilla.org/projects/nss/rev/204f22c527f8
-
-author Robert Relyea <rrelyea@redhat.com>
-https://bugzilla.mozilla.org/show_bug.cgi?id=963150
-Bug 963150: Add nssCertificate_AddRef and nssCertificate_Destroy calls
-to PK11_ImportCert to prevent nssTrustDomain_AddCertsToCache from
-freeing the CERTCertificate associated with the NSSCertificate. r=wtc.
-
-Upstream-Status: Pending
-Signed-off-by: Li Wang <li.wang@windriver.com>
----
- nss/lib/pk11wrap/pk11cert.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/nss/lib/pk11wrap/pk11cert.c b/nss/lib/pk11wrap/pk11cert.c
-index 39168b9..3f3edb1 100644
---- a/nss/lib/pk11wrap/pk11cert.c
-+++ b/nss/lib/pk11wrap/pk11cert.c
-@@ -981,8 +981,15 @@ PK11_ImportCert(PK11SlotInfo *slot, CERTCertificate *cert,
- * CERTCertificate, and finish
- */
- nssPKIObject_AddInstance(&c->object, certobj);
-+ /* nssTrustDomain_AddCertsToCache may release a reference to 'c' and
-+ * replace 'c' by a different value. So we add a reference to 'c' to
-+ * prevent 'c' from being destroyed. */
-+ nssCertificate_AddRef(c);
- nssTrustDomain_AddCertsToCache(STAN_GetDefaultTrustDomain(), &c, 1);
-+ /* XXX should we pass the original value of 'c' to
-+ * STAN_ForceCERTCertificateUpdate? */
- (void)STAN_ForceCERTCertificateUpdate(c);
-+ nssCertificate_Destroy(c);
- SECITEM_FreeItem(keyID,PR_TRUE);
- return SECSuccess;
- loser:
---
-1.7.9.5
-
diff --git a/meta/recipes-support/nss/nss.inc b/meta/recipes-support/nss/nss.inc
index d706c43..cf6110d 100644
--- a/meta/recipes-support/nss/nss.inc
+++ b/meta/recipes-support/nss/nss.inc
@@ -16,20 +16,13 @@ SRC_URI = "\
file://nss-fix-support-cross-compiling.patch \
file://nss-no-rpath-for-cross-compiling.patch \
file://nss-fix-incorrect-shebang-of-perl.patch \
- file://nss-3.15.1-fix-CVE-2013-1741.patch \
- file://nss-3.15.1-fix-CVE-2013-5605.patch \
- file://nss-CVE-2014-1492.patch \
- file://nss-CVE-2013-1740.patch \
- file://nss-3.15.1-fix-CVE-2013-1739.patch \
- file://nss-CVE-2013-5606.patch \
- file://nss-CVE-2014-1544.patch \
"
SRC_URI_append_class-target = "\
file://nss.pc.in \
file://signlibs.sh \
"
inherit siteinfo
-PR = "r0"
+
DEPENDS = "sqlite3 nspr zlib nss-native"
DEPENDS_class-native = "sqlite3-native nspr-native zlib-native"
RDEPENDS_${PN} = "perl"
diff --git a/meta/recipes-support/nss/files/nss-fix-incorrect-shebang-of-perl.patch b/meta/recipes-support/nss/nss/nss-fix-incorrect-shebang-of-perl.patch
similarity index 100%
rename from meta/recipes-support/nss/files/nss-fix-incorrect-shebang-of-perl.patch
rename to meta/recipes-support/nss/nss/nss-fix-incorrect-shebang-of-perl.patch
diff --git a/meta/recipes-support/nss/files/nss-fix-support-cross-compiling.patch b/meta/recipes-support/nss/nss/nss-fix-support-cross-compiling.patch
similarity index 100%
rename from meta/recipes-support/nss/files/nss-fix-support-cross-compiling.patch
rename to meta/recipes-support/nss/nss/nss-fix-support-cross-compiling.patch
diff --git a/meta/recipes-support/nss/files/nss-no-rpath-for-cross-compiling.patch b/meta/recipes-support/nss/nss/nss-no-rpath-for-cross-compiling.patch
similarity index 100%
rename from meta/recipes-support/nss/files/nss-no-rpath-for-cross-compiling.patch
rename to meta/recipes-support/nss/nss/nss-no-rpath-for-cross-compiling.patch
diff --git a/meta/recipes-support/nss/files/nss.pc.in b/meta/recipes-support/nss/nss/nss.pc.in
similarity index 100%
rename from meta/recipes-support/nss/files/nss.pc.in
rename to meta/recipes-support/nss/nss/nss.pc.in
diff --git a/meta/recipes-support/nss/files/signlibs.sh b/meta/recipes-support/nss/nss/signlibs.sh
similarity index 100%
rename from meta/recipes-support/nss/files/signlibs.sh
rename to meta/recipes-support/nss/nss/signlibs.sh
diff --git a/meta/recipes-support/nss/nss_3.15.1.bb b/meta/recipes-support/nss/nss_3.15.1.bb
deleted file mode 100644
index 7b06f00..0000000
--- a/meta/recipes-support/nss/nss_3.15.1.bb
+++ /dev/null
@@ -1,9 +0,0 @@
-require nss.inc
-
-SRC_URI += "\
- http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_15_1_RTM/src/${BPN}-${PV}.tar.gz \
-"
-
-SRC_URI[md5sum] = "fb68f4d210ac9397dd0d3c39c4f938eb"
-SRC_URI[sha256sum] = "f994106a33d1f3210f4151bbb3419a1c28fd1cb545caa7dc9afdebd6da626284"
-
diff --git a/meta/recipes-support/nss/nss_3.17.bb b/meta/recipes-support/nss/nss_3.17.bb
new file mode 100644
index 0000000..804783f
--- /dev/null
+++ b/meta/recipes-support/nss/nss_3.17.bb
@@ -0,0 +1,8 @@
+require nss.inc
+
+SRC_URI += "\
+ http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_17_RTM/src/${BPN}-${PV}.tar.gz \
+"
+
+SRC_URI[md5sum] = "081dd99afa12af589c09e2d7cb5f5c6d"
+SRC_URI[sha256sum] = "3b1abcd8f89211dda2cc739bfa76552d080f7ea80482ef2727b006548a7f0c81"
--
1.8.3.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH 3/4] libcap: Upgrade to 2.24
2014-09-05 20:06 ` [PATCH 3/4] libcap: Upgrade to 2.24 Saul Wold
@ 2014-11-04 15:18 ` Burton, Ross
0 siblings, 0 replies; 6+ messages in thread
From: Burton, Ross @ 2014-11-04 15:18 UTC (permalink / raw)
To: Saul Wold; +Cc: OE-core
[-- Attachment #1: Type: text/plain, Size: 682 bytes --]
On 5 September 2014 21:06, Saul Wold <sgw@linux.intel.com> wrote:
> + mv ${D}${libdir}/security ${D}${base_libdir}
>
If 'pam' isn't in DISTRO_FEATURES, this directory doesn't exist so the mv
fails. Clearly we both have set this locally as it built for me too, but
didn't work on every non-LSB autobuilder target.
I went to add a conditional but started ratholling on the libdir vs
base_libdir hackery which now there's a pkgconfig file means the library is
in /lib but libcap.pc claims its in /usr/lib... and SBINDIR in the makefile
doesn't do anything as it isn't inherited to the submakes, and and argh why
can't people just use autotools!
Ross
[-- Attachment #2: Type: text/html, Size: 1185 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2014-11-04 15:18 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-09-05 20:06 [PATCH 0/4] Some final package Updates for 1.7 Saul Wold
2014-09-05 20:06 ` [PATCH 1/4] vala: Update to 0.24.0 Saul Wold
2014-09-05 20:06 ` [PATCH 2/4] findutils: Upgrade to 4.5.14 Saul Wold
2014-09-05 20:06 ` [PATCH 3/4] libcap: Upgrade to 2.24 Saul Wold
2014-11-04 15:18 ` Burton, Ross
2014-09-05 20:06 ` [PATCH 4/4] nss: Upgrade to 3.17 Saul Wold
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.