* [PATCH 0/4] Some final package Updates for 1.7
@ 2014-09-05 20:06 Saul Wold
2014-09-05 20:06 ` [PATCH 1/4] vala: Update to 0.24.0 Saul Wold
` (3 more replies)
0 siblings, 4 replies; 6+ messages in thread
From: Saul Wold @ 2014-09-05 20:06 UTC (permalink / raw)
To: openembedded-core
Richard,
Here are some of the package updates that I had pending as we discussed.
There is one more pending (nspr), which has an autotools issue I am working.
Thanks
Sau!
The following changes since commit e72aac2ae9e5fce1715fa04b7e94034fd06892d9:
alsa-lib: libasound should runtime depends on alsa-conf (2014-09-03 11:30:11 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib sgw/updates
http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=sgw/updates
Saul Wold (4):
vala: Update to 0.24.0
findutils: Upgrade to 4.5.14
libcap: Upgrade to 2.24
nss: Upgrade to 3.17
meta/recipes-devtools/vala/vala.inc | 3 +-
...-gen-don-t-append-dirty-if-we-re-not-in-g.patch | 0
meta/recipes-devtools/vala/vala_0.16.0.bb | 8 -
meta/recipes-devtools/vala/vala_0.24.0.bb | 6 +
.../findutils/findutils-4.4.2/01-27017.patch | 781 ------------------
.../findutils/findutils-4.4.2/02-28824.patch | 294 -------
.../findutils/findutils-4.4.2/03-28872.patch | 58 --
.../findutils-4.4.2/findutils_fix_doc.patch | 84 --
.../findutils_fix_for_automake-1.12.patch | 22 -
.../findutils-4.4.2/findutils_fix_for_x32.patch | 40 -
meta/recipes-extended/findutils/findutils.inc | 2 +-
.../{findutils_4.4.2.bb => findutils_4.5.14.bb} | 16 +-
meta/recipes-support/libcap/libcap.inc | 10 +-
.../libcap/libcap/fix-CAP_LAST_CAP.patch | 39 -
meta/recipes-support/libcap/libcap_2.22.bb | 6 -
meta/recipes-support/libcap/libcap_2.24.bb | 4 +
.../nss/files/nss-3.15.1-fix-CVE-2013-1739.patch | 81 --
.../nss/files/nss-3.15.1-fix-CVE-2013-1741.patch | 92 ---
.../nss/files/nss-3.15.1-fix-CVE-2013-5605.patch | 18 -
.../nss/files/nss-CVE-2013-1740.patch | 916 ---------------------
.../nss/files/nss-CVE-2013-5606.patch | 48 --
.../nss/files/nss-CVE-2014-1492.patch | 68 --
.../nss/files/nss-CVE-2014-1544.patch | 41 -
meta/recipes-support/nss/nss.inc | 9 +-
.../nss-fix-incorrect-shebang-of-perl.patch | 0
.../nss-fix-support-cross-compiling.patch | 0
.../nss-no-rpath-for-cross-compiling.patch | 0
meta/recipes-support/nss/{files => nss}/nss.pc.in | 0
.../recipes-support/nss/{files => nss}/signlibs.sh | 0
meta/recipes-support/nss/nss_3.15.1.bb | 9 -
meta/recipes-support/nss/nss_3.17.bb | 8 +
31 files changed, 28 insertions(+), 2635 deletions(-)
rename meta/recipes-devtools/vala/{vala-0.16.0 => vala}/0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch (100%)
delete mode 100644 meta/recipes-devtools/vala/vala_0.16.0.bb
create mode 100644 meta/recipes-devtools/vala/vala_0.24.0.bb
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/01-27017.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/02-28824.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/03-28872.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_doc.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_automake-1.12.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_x32.patch
rename meta/recipes-extended/findutils/{findutils_4.4.2.bb => findutils_4.5.14.bb} (48%)
delete mode 100644 meta/recipes-support/libcap/libcap/fix-CAP_LAST_CAP.patch
delete mode 100644 meta/recipes-support/libcap/libcap_2.22.bb
create mode 100644 meta/recipes-support/libcap/libcap_2.24.bb
delete mode 100644 meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1739.patch
delete mode 100644 meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1741.patch
delete mode 100644 meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2013-1740.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2013-5606.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2014-1492.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2014-1544.patch
rename meta/recipes-support/nss/{files => nss}/nss-fix-incorrect-shebang-of-perl.patch (100%)
rename meta/recipes-support/nss/{files => nss}/nss-fix-support-cross-compiling.patch (100%)
rename meta/recipes-support/nss/{files => nss}/nss-no-rpath-for-cross-compiling.patch (100%)
rename meta/recipes-support/nss/{files => nss}/nss.pc.in (100%)
rename meta/recipes-support/nss/{files => nss}/signlibs.sh (100%)
delete mode 100644 meta/recipes-support/nss/nss_3.15.1.bb
create mode 100644 meta/recipes-support/nss/nss_3.17.bb
--
1.8.3.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 1/4] vala: Update to 0.24.0
2014-09-05 20:06 [PATCH 0/4] Some final package Updates for 1.7 Saul Wold
@ 2014-09-05 20:06 ` Saul Wold
2014-09-05 20:06 ` [PATCH 2/4] findutils: Upgrade to 4.5.14 Saul Wold
` (2 subsequent siblings)
3 siblings, 0 replies; 6+ messages in thread
From: Saul Wold @ 2014-09-05 20:06 UTC (permalink / raw)
To: openembedded-core
Remove un-needed PR and INC_PR
Rename vala-0.16 to more geneic vala
Now correctly supports seperate build/source directorys so drop -sepbuild tag
Signed-off-by: Saul Wold <sgw@linux.intel.com>
---
meta/recipes-devtools/vala/vala.inc | 3 +--
...001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch | 0
meta/recipes-devtools/vala/vala_0.16.0.bb | 8 --------
meta/recipes-devtools/vala/vala_0.24.0.bb | 6 ++++++
4 files changed, 7 insertions(+), 10 deletions(-)
rename meta/recipes-devtools/vala/{vala-0.16.0 => vala}/0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch (100%)
delete mode 100644 meta/recipes-devtools/vala/vala_0.16.0.bb
create mode 100644 meta/recipes-devtools/vala/vala_0.24.0.bb
diff --git a/meta/recipes-devtools/vala/vala.inc b/meta/recipes-devtools/vala/vala.inc
index 64e7daf..cac8728 100644
--- a/meta/recipes-devtools/vala/vala.inc
+++ b/meta/recipes-devtools/vala/vala.inc
@@ -7,12 +7,11 @@ BBCLASSEXTEND = "native"
HOMEPAGE = "http://vala-project.org"
LICENSE = "LGPLv2.1"
LIC_FILES_CHKSUM = "file://COPYING;md5=fbc093901857fcd118f065f900982c24"
-INC_PR = "r1"
SHRT_VER = "${@d.getVar('PV',1).split('.')[0]}.${@d.getVar('PV',1).split('.')[1]}"
SRC_URI = "http://ftp.gnome.org/pub/GNOME/sources/${BPN}/${SHRT_VER}/${BP}.tar.xz"
-inherit autotools-brokensep pkgconfig
+inherit autotools pkgconfig
EXTRA_OECONF = "--disable-vapigen"
diff --git a/meta/recipes-devtools/vala/vala-0.16.0/0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch b/meta/recipes-devtools/vala/vala/0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch
similarity index 100%
rename from meta/recipes-devtools/vala/vala-0.16.0/0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch
rename to meta/recipes-devtools/vala/vala/0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch
diff --git a/meta/recipes-devtools/vala/vala_0.16.0.bb b/meta/recipes-devtools/vala/vala_0.16.0.bb
deleted file mode 100644
index 92120b4..0000000
--- a/meta/recipes-devtools/vala/vala_0.16.0.bb
+++ /dev/null
@@ -1,8 +0,0 @@
-require ${BPN}.inc
-
-PR = "${INC_PR}.1"
-
-SRC_URI += " file://0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch"
-
-SRC_URI[md5sum] = "84b742e9cca4c90fde3026c3793c03c1"
-SRC_URI[sha256sum] = "3adb37aa2b35e2e2daed47552e85dbcbf752c0f7768b269d856993620073a657"
diff --git a/meta/recipes-devtools/vala/vala_0.24.0.bb b/meta/recipes-devtools/vala/vala_0.24.0.bb
new file mode 100644
index 0000000..342a875
--- /dev/null
+++ b/meta/recipes-devtools/vala/vala_0.24.0.bb
@@ -0,0 +1,6 @@
+require ${BPN}.inc
+
+SRC_URI += " file://0001-git-version-gen-don-t-append-dirty-if-we-re-not-in-g.patch"
+
+SRC_URI[md5sum] = "beddeff9c06d3c278988b237da0e7401"
+SRC_URI[sha256sum] = "22a37c977512c19cd29c373eaaef96cb2c994795d491106f32387f3f9d1e899c"
--
1.8.3.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 2/4] findutils: Upgrade to 4.5.14
2014-09-05 20:06 [PATCH 0/4] Some final package Updates for 1.7 Saul Wold
2014-09-05 20:06 ` [PATCH 1/4] vala: Update to 0.24.0 Saul Wold
@ 2014-09-05 20:06 ` Saul Wold
2014-09-05 20:06 ` [PATCH 3/4] libcap: Upgrade to 2.24 Saul Wold
2014-09-05 20:06 ` [PATCH 4/4] nss: Upgrade to 3.17 Saul Wold
3 siblings, 0 replies; 6+ messages in thread
From: Saul Wold @ 2014-09-05 20:06 UTC (permalink / raw)
To: openembedded-core
Move findutils-4.4.2 directory to more generic findutils
Removed backported patches
Signed-off-by: Saul Wold <sgw@linux.intel.com>
---
.../findutils/findutils-4.4.2/01-27017.patch | 781 ---------------------
.../findutils/findutils-4.4.2/02-28824.patch | 294 --------
.../findutils/findutils-4.4.2/03-28872.patch | 58 --
.../findutils-4.4.2/findutils_fix_doc.patch | 84 ---
.../findutils_fix_for_automake-1.12.patch | 22 -
.../findutils-4.4.2/findutils_fix_for_x32.patch | 40 --
meta/recipes-extended/findutils/findutils.inc | 2 +-
.../{findutils_4.4.2.bb => findutils_4.5.14.bb} | 16 +-
8 files changed, 4 insertions(+), 1293 deletions(-)
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/01-27017.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/02-28824.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/03-28872.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_doc.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_automake-1.12.patch
delete mode 100644 meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_x32.patch
rename meta/recipes-extended/findutils/{findutils_4.4.2.bb => findutils_4.5.14.bb} (48%)
diff --git a/meta/recipes-extended/findutils/findutils-4.4.2/01-27017.patch b/meta/recipes-extended/findutils/findutils-4.4.2/01-27017.patch
deleted file mode 100644
index 69c1486..0000000
--- a/meta/recipes-extended/findutils/findutils-4.4.2/01-27017.patch
+++ /dev/null
@@ -1,781 +0,0 @@
-Upstream-Status: Backport
-
-commit af974034b68bf59337c7a384e488a518a77dfecd
-Author: James Youngman <jay@gnu.org>
-Date: Sat Jul 11 19:55:27 2009 +0100
-
- Fix Savannah bug #27017: find -D opt / -fstype ext3 -print , -quit coredump.
-
- Fix Savannah bug #27017: find -D opt / -fstype ext3 -print , -quit
- coredumps.
- * find/tree.c (set_new_parent): Initialise struct
- predicate->arg_text to NULL (instead of leaving it uninitialised).
- (get_new_pred_noarg): Likewise.
- (get_new_pred): Initialise predicate->arg_text to
- "ThisShouldBeSetToSomethingElse" to make it easier to notice
- bugs.
- (get_new_pred_chk_op): Use get_new_pred_noarg.
- (print_predicate): Use an if statement instead of
- two ternary operators.
- * find/util.c (insert_primary_withpred): Accept new argument, arg,
- being the argument (if any) of this predicate. Pass it to
- get_new_pred_chk_op.
- (insert_primary): Likewise (pass arg to insert_primary_withpred).
- (insert_primary_noarg): New function; calls insert_primary with
- arg=NULL.
- * find/parser.c (collect_arg_stat_info): Add an output parameter;
- the filename from which we collected the stat information.
- (parse_closeparen, parse_delete, parse_and, parse_or,
- parse_comma): Use get_new_pred_noarg.
- (parse_cnewer, parse_newer, parse_anewer): Use new
- collect_arg_stat_info and insert_primary interface.
- (parse_print, parse_prune, parse_nouser, parse_empty): Use
- insert_primary_noarg.
- (parse_accesscheck, parse_false): Use insert_primary_noarg.
- (parse_used, parse_iname, parse_fprint, insert_fprint,
- parse_fstype, parse_ilname): Use new collect_arg and
- insert_primary interfaces.
- (parse_ipath, parse_lname, do_parse_xmin, parse_name, parse_path,
- parse_perm, parse_size, parse_user, parse_time): Use new
- collect_arg and insert_primary_withpred interface.
- (parse_negate, parse_openparen): Use new get_new_pred_chk_op interface.
- (parse_newerXY, parse_nogroup): Use new insert_primary interface.
- (insert_regex, parse_samefile): Use new insert_primary_withpred
- interface.
- (insert_type, insert_fprintf, new_insert_exec_ok, insert_num): Use
- new insert_primary_withpred interface.
- * find/defs.h (struct predicate.arg_text): make const.
- Add declarations for new function get_new_pred_noarg and
- insert_primary_noarg. Add 'arg' parameter to get_new_pred_chk_op
- and insert_primary_withpred.
-
-diff --git a/ChangeLog b/ChangeLog
-index 6e346b8..e8ba0f8 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,0 +1,45 @@
-+2009-07-11 James Youngman <jay@gnu.org>
-+
-+ Fix Savannah bug #27017: find -D opt / -fstype ext3 -print , -quit
-+ coredumps.
-+ * find/tree.c (set_new_parent): Initialise struct
-+ predicate->arg_text to NULL (instead of leaving it uninitialised).
-+ (get_new_pred_noarg): Likewise.
-+ (get_new_pred): Initialise predicate->arg_text to
-+ "ThisShouldBeSetToSomethingElse" to make it easier to notice
-+ bugs.
-+ (get_new_pred_chk_op): Use get_new_pred_noarg.
-+ (print_predicate): Use an if statement instead of
-+ two ternary operators.
-+ * find/util.c (insert_primary_withpred): Accept new argument, arg,
-+ being the argument (if any) of this predicate. Pass it to
-+ get_new_pred_chk_op.
-+ (insert_primary): Likewise (pass arg to insert_primary_withpred).
-+ (insert_primary_noarg): New function; calls insert_primary with
-+ arg=NULL.
-+ * find/parser.c (collect_arg_stat_info): Add an output parameter;
-+ the filename from which we collected the stat information.
-+ (parse_closeparen, parse_delete, parse_and, parse_or,
-+ parse_comma): Use get_new_pred_noarg.
-+ (parse_cnewer, parse_newer, parse_anewer): Use new
-+ collect_arg_stat_info and insert_primary interface.
-+ (parse_print, parse_prune, parse_nouser, parse_empty): Use
-+ insert_primary_noarg.
-+ (parse_accesscheck, parse_false): Use insert_primary_noarg.
-+ (parse_used, parse_iname, parse_fprint, insert_fprint,
-+ parse_fstype, parse_ilname): Use new collect_arg and
-+ insert_primary interfaces.
-+ (parse_ipath, parse_lname, do_parse_xmin, parse_name, parse_path,
-+ parse_perm, parse_size, parse_user, parse_time): Use new
-+ collect_arg and insert_primary_withpred interface.
-+ (parse_negate, parse_openparen): Use new get_new_pred_chk_op interface.
-+ (parse_newerXY, parse_nogroup): Use new insert_primary interface.
-+ (insert_regex, parse_samefile): Use new insert_primary_withpred
-+ interface.
-+ (insert_type, insert_fprintf, new_insert_exec_ok, insert_num): Use
-+ new insert_primary_withpred interface.
-+ * find/defs.h (struct predicate.arg_text): make const.
-+ Add declarations for new function get_new_pred_noarg and
-+ insert_primary_noarg. Add 'arg' parameter to get_new_pred_chk_op
-+ and insert_primary_withpred.
-+
-diff --git a/find/defs.h b/find/defs.h
-index 1708d83..4539fd9 100644
---- a/find/defs.h
-+++ b/find/defs.h
-@@ -297,7 +297,7 @@ struct predicate
- boolean artificial;
-
- /* The raw text of the argument of this predicate. */
-- char *arg_text;
-+ const char *arg_text;
-
- /* Information needed by the predicate processor.
- Next to each member are listed the predicates that use it. */
-@@ -480,13 +480,16 @@ void show_success_rates(const struct predicate *node);
- /* tree.c */
- struct predicate * build_expression_tree PARAMS((int argc, char *argv[], int end_of_leading_options));
- struct predicate * get_eval_tree PARAMS((void));
-+struct predicate *get_new_pred_noarg (const struct parser_table *entry);
- struct predicate *get_new_pred PARAMS((const struct parser_table *entry));
--struct predicate *get_new_pred_chk_op PARAMS((const struct parser_table *entry));
-+struct predicate *get_new_pred_chk_op PARAMS((const struct parser_table *entry,
-+ const char *arg));
- float calculate_derived_rates PARAMS((struct predicate *p));
-
- /* util.c */
--struct predicate *insert_primary PARAMS((const struct parser_table *entry));
--struct predicate *insert_primary_withpred PARAMS((const struct parser_table *entry, PRED_FUNC fptr));
-+struct predicate *insert_primary PARAMS((const struct parser_table *entry, const char *arg));
-+struct predicate *insert_primary_noarg PARAMS((const struct parser_table *entry));
-+struct predicate *insert_primary_withpred PARAMS((const struct parser_table *entry, PRED_FUNC fptr, const char *arg));
- void usage PARAMS((FILE *fp, int status, char *msg));
- extern boolean check_nofollow(void);
- void complete_pending_execs(struct predicate *p);
-diff --git a/find/parser.c b/find/parser.c
-index 534b670..2e6b989 100644
---- a/find/parser.c
-+++ b/find/parser.c
-@@ -640,11 +640,13 @@ collect_arg(char **argv, int *arg_ptr, const char **collected_arg)
- }
-
- static boolean
--collect_arg_stat_info(char **argv, int *arg_ptr, struct stat *p)
-+collect_arg_stat_info(char **argv, int *arg_ptr, struct stat *p,
-+ const char **argument)
- {
- const char *filename;
- if (collect_arg(argv, arg_ptr, &filename))
- {
-+ *argument = filename;
- if (0 == (options.xstat)(filename, p))
- {
- return true;
-@@ -656,6 +658,7 @@ collect_arg_stat_info(char **argv, int *arg_ptr, struct stat *p)
- }
- else
- {
-+ *argument = NULL;
- return false;
- }
- }
-@@ -679,7 +682,7 @@ parse_and (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = get_new_pred (entry);
-+ our_pred = get_new_pred_noarg (entry);
- our_pred->pred_func = pred_and;
- our_pred->p_type = BI_OP;
- our_pred->p_prec = AND_PREC;
-@@ -691,11 +694,12 @@ static boolean
- parse_anewer (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- struct stat stat_newer;
-+ const char *arg;
-
- set_stat_placeholders(&stat_newer);
-- if (collect_arg_stat_info(argv, arg_ptr, &stat_newer))
-+ if (collect_arg_stat_info(argv, arg_ptr, &stat_newer, &arg))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, arg);
- our_pred->args.reftime.xval = XVAL_ATIME;
- our_pred->args.reftime.ts = get_stat_mtime(&stat_newer);
- our_pred->args.reftime.kind = COMP_GT;
-@@ -713,7 +717,7 @@ parse_closeparen (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = get_new_pred (entry);
-+ our_pred = get_new_pred_noarg (entry);
- our_pred->pred_func = pred_closeparen;
- our_pred->p_type = CLOSE_PAREN;
- our_pred->p_prec = NO_PREC;
-@@ -725,11 +729,12 @@ static boolean
- parse_cnewer (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- struct stat stat_newer;
-+ const char *arg;
-
- set_stat_placeholders(&stat_newer);
-- if (collect_arg_stat_info(argv, arg_ptr, &stat_newer))
-+ if (collect_arg_stat_info(argv, arg_ptr, &stat_newer, &arg))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, arg);
- our_pred->args.reftime.xval = XVAL_CTIME; /* like -newercm */
- our_pred->args.reftime.ts = get_stat_mtime(&stat_newer);
- our_pred->args.reftime.kind = COMP_GT;
-@@ -747,7 +752,7 @@ parse_comma (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = get_new_pred (entry);
-+ our_pred = get_new_pred_noarg (entry);
- our_pred->pred_func = pred_comma;
- our_pred->p_type = BI_OP;
- our_pred->p_prec = COMMA_PREC;
-@@ -786,7 +791,7 @@ parse_delete (const struct parser_table* entry, char *argv[], int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- our_pred->side_effects = our_pred->no_default_print = true;
- /* -delete implies -depth */
- options.do_dir_first = false;
-@@ -831,7 +836,7 @@ parse_empty (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- our_pred->est_success_rate = 0.01f; /* assume 1% of files are empty. */
- return true;
- }
-@@ -856,7 +861,7 @@ parse_false (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- our_pred->need_stat = our_pred->need_type = false;
- our_pred->side_effects = our_pred->no_default_print = false;
- our_pred->est_success_rate = 0.0f;
-@@ -866,7 +871,7 @@ parse_false (const struct parser_table* entry, char **argv, int *arg_ptr)
- static boolean
- insert_fls (const struct parser_table* entry, const char *filename)
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary_noarg (entry);
- if (filename)
- open_output_file (filename, &our_pred->args.printf_vec);
- else
-@@ -899,7 +904,7 @@ parse_fprint (const struct parser_table* entry, char **argv, int *arg_ptr)
- const char *filename;
- if (collect_arg(argv, arg_ptr, &filename))
- {
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, filename);
- open_output_file (filename, &our_pred->args.printf_vec);
- our_pred->side_effects = our_pred->no_default_print = true;
- our_pred->need_stat = our_pred->need_type = false;
-@@ -915,7 +920,7 @@ parse_fprint (const struct parser_table* entry, char **argv, int *arg_ptr)
- static boolean
- insert_fprint(const struct parser_table* entry, const char *filename)
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, filename);
- if (filename)
- open_output_file (filename, &our_pred->args.printf_vec);
- else
-@@ -960,7 +965,7 @@ parse_fstype (const struct parser_table* entry, char **argv, int *arg_ptr)
- const char *typename;
- if (collect_arg(argv, arg_ptr, &typename))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, typename);
- our_pred->args.str = typename;
-
- /* This is an expensive operation, so although there are
-@@ -1090,7 +1095,7 @@ parse_group (const struct parser_table* entry, char **argv, int *arg_ptr)
- return false;
- }
- }
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, groupname);
- our_pred->args.gid = gid;
- our_pred->est_success_rate = (our_pred->args.numinfo.l_val < 100) ? 0.99 : 0.2;
- return true;
-@@ -1160,7 +1165,7 @@ parse_ilname (const struct parser_table* entry, char **argv, int *arg_ptr)
- const char *name;
- if (collect_arg(argv, arg_ptr, &name))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, name);
- our_pred->args.str = name;
- /* Use the generic glob pattern estimator to figure out how many
- * links will match, but bear in mind that most files won't be links.
-@@ -1227,7 +1232,7 @@ parse_iname (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- if (check_name_arg("-iname", name))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, name);
- our_pred->need_stat = our_pred->need_type = false;
- our_pred->args.str = name;
- our_pred->est_success_rate = estimate_pattern_match_rate(name, 0);
-@@ -1268,7 +1273,7 @@ parse_ipath (const struct parser_table* entry, char **argv, int *arg_ptr)
- fnmatch_sanitycheck ();
- if (collect_arg (argv, arg_ptr, &name))
- {
-- struct predicate *our_pred = insert_primary_withpred (entry, pred_ipath);
-+ struct predicate *our_pred = insert_primary_withpred (entry, pred_ipath, name);
- our_pred->need_stat = our_pred->need_type = false;
- our_pred->args.str = name;
- our_pred->est_success_rate = estimate_pattern_match_rate (name, 0);
-@@ -1316,7 +1321,7 @@ parse_lname (const struct parser_table* entry, char **argv, int *arg_ptr)
- fnmatch_sanitycheck();
- if (collect_arg(argv, arg_ptr, &name))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, name);
- our_pred->args.str = name;
- our_pred->est_success_rate = 0.1 * estimate_pattern_match_rate(name, 0);
- return true;
-@@ -1391,7 +1396,7 @@ do_parse_xmin (const struct parser_table* entry,
- "arithmetic overflow while converting %s "
- "minutes to a number of seconds"))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, minutes);
- our_pred->args.reftime = tval;
- our_pred->est_success_rate = estimate_timestamp_success_rate(tval.ts.tv_sec);
- return true;
-@@ -1427,7 +1432,7 @@ parse_name (const struct parser_table* entry, char **argv, int *arg_ptr)
- fnmatch_sanitycheck();
- if (check_name_arg("-name", name))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, name);
- our_pred->need_stat = our_pred->need_type = false;
- our_pred->args.str = name;
- our_pred->est_success_rate = estimate_pattern_match_rate(name, 0);
-@@ -1445,7 +1450,7 @@ parse_negate (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) &argv;
- (void) &arg_ptr;
-
-- our_pred = get_new_pred_chk_op (entry);
-+ our_pred = get_new_pred_chk_op (entry, NULL);
- our_pred->pred_func = pred_negate;
- our_pred->p_type = UNI_OP;
- our_pred->p_prec = NEGATE_PREC;
-@@ -1458,11 +1463,12 @@ parse_newer (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- struct predicate *our_pred;
- struct stat stat_newer;
-+ const char *arg;
-
- set_stat_placeholders(&stat_newer);
-- if (collect_arg_stat_info(argv, arg_ptr, &stat_newer))
-+ if (collect_arg_stat_info(argv, arg_ptr, &stat_newer, &arg))
- {
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, arg);
- our_pred->args.reftime.ts = get_stat_mtime(&stat_newer);
- our_pred->args.reftime.xval = XVAL_MTIME;
- our_pred->args.reftime.kind = COMP_GT;
-@@ -1530,7 +1536,7 @@ parse_newerXY (const struct parser_table* entry, char **argv, int *arg_ptr)
- (*arg_ptr)++;
- }
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, argv[*arg_ptr]);
-
-
- switch (x)
-@@ -1623,7 +1629,7 @@ parse_nogroup (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) &argv;
- (void) &arg_ptr;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, NULL);
- our_pred->est_success_rate = 1e-4;
- #ifdef CACHE_IDS
- if (gid_unused == NULL)
-@@ -1660,7 +1666,7 @@ parse_nouser (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) arg_ptr;
-
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- our_pred->est_success_rate = 1e-3;
- #ifdef CACHE_IDS
- if (uid_unused == NULL)
-@@ -1716,7 +1722,7 @@ parse_openparen (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = get_new_pred_chk_op (entry);
-+ our_pred = get_new_pred_chk_op (entry, NULL);
- our_pred->pred_func = pred_openparen;
- our_pred->p_type = OPEN_PAREN;
- our_pred->p_prec = NO_PREC;
-@@ -1732,7 +1738,7 @@ parse_or (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = get_new_pred (entry);
-+ our_pred = get_new_pred_noarg (entry);
- our_pred->pred_func = pred_or;
- our_pred->p_type = BI_OP;
- our_pred->p_prec = OR_PREC;
-@@ -1756,7 +1762,7 @@ parse_path (const struct parser_table* entry, char **argv, int *arg_ptr)
- const char *name;
- if (collect_arg(argv, arg_ptr, &name))
- {
-- struct predicate *our_pred = insert_primary_withpred (entry, pred_path);
-+ struct predicate *our_pred = insert_primary_withpred (entry, pred_path, name);
- our_pred->need_stat = our_pred->need_type = false;
- our_pred->args.str = name;
- our_pred->est_success_rate = estimate_pattern_match_rate (name, 0);
-@@ -1894,7 +1900,7 @@ parse_perm (const struct parser_table* entry, char **argv, int *arg_ptr)
- rate = 0.9986; /* probably matches anything but a broken symlink */
- }
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, perm_expr);
- our_pred->est_success_rate = rate;
- if (havekind)
- {
-@@ -1928,7 +1934,7 @@ parse_print (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- /* -print has the side effect of printing. This prevents us
- from doing undesired multiple printing when the user has
- already specified -print. */
-@@ -1981,7 +1987,7 @@ parse_prune (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- if (options.do_dir_first == false)
- our_pred->need_stat = our_pred->need_type = false;
- /* -prune has a side effect that it does not descend into
-@@ -1994,7 +2000,7 @@ parse_prune (const struct parser_table* entry, char **argv, int *arg_ptr)
- static boolean
- parse_quit (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary_noarg (entry);
- (void) argv;
- (void) arg_ptr;
- our_pred->need_stat = our_pred->need_type = false;
-@@ -2036,7 +2042,7 @@ insert_regex (char **argv,
- {
- struct re_pattern_buffer *re;
- const char *error_message;
-- struct predicate *our_pred = insert_primary_withpred (entry, pred_regex);
-+ struct predicate *our_pred = insert_primary_withpred (entry, pred_regex, rx);
- our_pred->need_stat = our_pred->need_type = false;
- re = xmalloc (sizeof (struct re_pattern_buffer));
- our_pred->args.regex = re;
-@@ -2061,6 +2067,7 @@ static boolean
- parse_size (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- struct predicate *our_pred;
-+ char *arg;
- uintmax_t num;
- char suffix;
- enum comparison_type c_type;
-@@ -2073,42 +2080,43 @@ parse_size (const struct parser_table* entry, char **argv, int *arg_ptr)
- */
- if ((argv == NULL) || (argv[*arg_ptr] == NULL))
- return false;
-+ arg = argv[*arg_ptr];
-
-- len = strlen (argv[*arg_ptr]);
-+ len = strlen (arg);
- if (len == 0)
- error (1, 0, _("invalid null argument to -size"));
-
-- suffix = argv[*arg_ptr][len - 1];
-+ suffix = arg[len - 1];
- switch (suffix)
- {
- case 'b':
- blksize = 512;
-- argv[*arg_ptr][len - 1] = '\0';
-+ arg[len - 1] = '\0';
- break;
-
- case 'c':
- blksize = 1;
-- argv[*arg_ptr][len - 1] = '\0';
-+ arg[len - 1] = '\0';
- break;
-
- case 'k':
- blksize = 1024;
-- argv[*arg_ptr][len - 1] = '\0';
-+ arg[len - 1] = '\0';
- break;
-
- case 'M': /* Megabytes */
- blksize = 1024*1024;
-- argv[*arg_ptr][len - 1] = '\0';
-+ arg[len - 1] = '\0';
- break;
-
- case 'G': /* Gigabytes */
- blksize = 1024*1024*1024;
-- argv[*arg_ptr][len - 1] = '\0';
-+ arg[len - 1] = '\0';
- break;
-
- case 'w':
- blksize = 2;
-- argv[*arg_ptr][len - 1] = '\0';
-+ arg[len - 1] = '\0';
- break;
-
- case '0':
-@@ -2127,14 +2135,14 @@ parse_size (const struct parser_table* entry, char **argv, int *arg_ptr)
- error (1, 0, _("invalid -size type `%c'"), argv[*arg_ptr][len - 1]);
- }
- /* TODO: accept fractional megabytes etc. ? */
-- if (!get_num (argv[*arg_ptr], &num, &c_type))
-+ if (!get_num (arg, &num, &c_type))
- {
- error(1, 0,
- _("Invalid argument `%s%c' to -size"),
-- argv[*arg_ptr], (int)suffix);
-+ arg, (int)suffix);
- return false;
- }
-- our_pred = insert_primary (entry);
-+our_pred = insert_primary (entry, arg);
- our_pred->args.size.kind = c_type;
- our_pred->args.size.blocksize = blksize;
- our_pred->args.size.size = num;
-@@ -2162,9 +2170,10 @@ parse_samefile (const struct parser_table* entry, char **argv, int *arg_ptr)
- struct predicate *our_pred;
- struct stat st, fst;
- int fd, openflags;
-+ const char *filename;
-
- set_stat_placeholders(&st);
-- if (!collect_arg_stat_info(argv, arg_ptr, &st))
-+ if (!collect_arg_stat_info(argv, arg_ptr, &st, &filename))
- return false;
-
- set_stat_placeholders(&fst);
-@@ -2289,7 +2298,7 @@ parse_samefile (const struct parser_table* entry, char **argv, int *arg_ptr)
- }
- }
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, filename);
- our_pred->args.samefileid.ino = st.st_ino;
- our_pred->args.samefileid.dev = st.st_dev;
- our_pred->args.samefileid.fd = fd;
-@@ -2350,7 +2359,7 @@ parse_true (const struct parser_table* entry, char **argv, int *arg_ptr)
- (void) argv;
- (void) arg_ptr;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- our_pred->need_stat = our_pred->need_type = false;
- our_pred->est_success_rate = 1.0f;
- return true;
-@@ -2369,7 +2378,7 @@ parse_accesscheck (const struct parser_table* entry, char **argv, int *arg_ptr)
- struct predicate *our_pred;
- (void) argv;
- (void) arg_ptr;
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary_noarg (entry);
- our_pred->need_stat = our_pred->need_type = false;
- our_pred->side_effects = our_pred->no_default_print = false;
- if (pred_is(our_pred, pred_executable))
-@@ -2414,7 +2423,7 @@ parse_used (const struct parser_table* entry, char **argv, int *arg_ptr)
- struct timespec zero = {0,0};
- if (get_relative_timestamp(offset_str, &tval, zero, DAYSECS, errmsg))
- {
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, offset_str);
- our_pred->args.reftime = tval;
- our_pred->est_success_rate = estimate_file_age_success_rate(tval.ts.tv_sec / DAYSECS);
- return true;
-@@ -2472,7 +2481,7 @@ parse_user (const struct parser_table* entry, char **argv, int *arg_ptr)
- return false;
- }
- }
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, username);
- our_pred->args.uid = uid;
- our_pred->est_success_rate = (our_pred->args.uid < 100) ? 0.99 : 0.2;
- return true;
-@@ -2650,7 +2659,7 @@ insert_type (char **argv, int *arg_ptr,
- error(1, 0, _("Unknown argument to -type: %c"), (*typeletter));
- return false;
- }
-- our_pred = insert_primary_withpred (entry, which_pred);
-+ our_pred = insert_primary_withpred (entry, which_pred, typeletter);
- our_pred->est_success_rate = rate;
-
- /* Figure out if we will need to stat the file, because if we don't
-@@ -2706,7 +2715,7 @@ insert_fprintf (struct format_val *vec,
- struct segment **segmentp; /* Address of current segment. */
- struct predicate *our_pred;
-
-- our_pred = insert_primary_withpred (entry, func);
-+ our_pred = insert_primary_withpred (entry, func, format_const);
- our_pred->side_effects = our_pred->no_default_print = true;
- our_pred->args.printf_vec = *vec;
- our_pred->need_type = false;
-@@ -3045,7 +3054,7 @@ new_insert_exec_ok (const char *action,
- if ((argv == NULL) || (argv[*arg_ptr] == NULL))
- return false;
-
-- our_pred = insert_primary_withpred (entry, func);
-+ our_pred = insert_primary_withpred (entry, func, "(some -exec* arguments)");
- our_pred->side_effects = our_pred->no_default_print = true;
- our_pred->need_type = our_pred->need_stat = false;
-
-@@ -3374,7 +3383,7 @@ parse_time (const struct parser_table* entry, char *argv[], int *arg_ptr)
- if (!get_relative_timestamp(timearg, &tval, origin, DAYSECS, errmsg))
- return false;
-
-- our_pred = insert_primary (entry);
-+ our_pred = insert_primary (entry, orig_timearg);
- our_pred->args.reftime = tval;
- our_pred->est_success_rate = estimate_timestamp_success_rate(tval.ts.tv_sec);
-
-@@ -3487,7 +3496,7 @@ insert_num (char **argv, int *arg_ptr, const struct parser_table *entry)
-
- if (get_num (numstr, &num, &c_type))
- {
-- struct predicate *our_pred = insert_primary (entry);
-+ struct predicate *our_pred = insert_primary (entry, numstr);
- our_pred->args.numinfo.kind = c_type;
- our_pred->args.numinfo.l_val = num;
-
-diff --git a/find/tree.c b/find/tree.c
-index 7420c60..60a0601 100644
---- a/find/tree.c
-+++ b/find/tree.c
-@@ -269,10 +269,14 @@ predicate_is_cost_free(const struct predicate *p)
- /* Prints a predicate */
- void print_predicate(FILE *fp, const struct predicate *p)
- {
-- fprintf (fp, "%s%s%s",
-- p->p_name,
-- p->arg_text ? " " : "",
-- p->arg_text ? p->arg_text : "");
-+ if (p->arg_text)
-+ {
-+ fprintf (fp, "%s %s", p->p_name, p->arg_text);
-+ }
-+ else
-+ {
-+ fprintf (fp, "%s", p->p_name);
-+ }
- }
-
- \f
-@@ -832,7 +836,8 @@ set_new_parent (struct predicate *curr, enum predicate_precedence high_prec, str
- new_parent->need_stat = false;
- new_parent->need_type = false;
- new_parent->p_cost = NeedsNothing;
--
-+ new_parent->arg_text = NULL;
-+
- switch (high_prec)
- {
- case COMMA_PREC:
-@@ -1393,6 +1398,18 @@ init_pred_perf(struct predicate *pred)
- p->visits = p->successes = 0;
- }
-
-+
-+struct predicate *
-+get_new_pred_noarg (const struct parser_table *entry)
-+{
-+ struct predicate *p = get_new_pred(entry);
-+ if (p)
-+ {
-+ p->arg_text = NULL;
-+ }
-+ return p;
-+}
-+
- \f
- /* Return a pointer to a new predicate structure, which has been
- linked in as the last one in the predicates list.
-@@ -1433,6 +1450,8 @@ get_new_pred (const struct parser_table *entry)
- last_pred->no_default_print = false;
- last_pred->need_stat = true;
- last_pred->need_type = true;
-+ last_pred->p_cost = NeedsUnknown;
-+ last_pred->arg_text = "ThisShouldBeSetToSomethingElse";
- last_pred->args.str = NULL;
- last_pred->pred_next = NULL;
- last_pred->pred_left = NULL;
-@@ -1449,7 +1468,8 @@ get_new_pred (const struct parser_table *entry)
- predicate is an operator. If it isn't, the AND operator is inserted. */
-
- struct predicate *
--get_new_pred_chk_op (const struct parser_table *entry)
-+get_new_pred_chk_op (const struct parser_table *entry,
-+ const char *arg)
- {
- struct predicate *new_pred;
- static const struct parser_table *entry_and = NULL;
-@@ -1471,13 +1491,14 @@ get_new_pred_chk_op (const struct parser_table *entry)
- case PRIMARY_TYPE:
- case CLOSE_PAREN:
- /* We need to interpose the and operator. */
-- new_pred = get_new_pred (entry_and);
-+ new_pred = get_new_pred_noarg (entry_and);
- new_pred->pred_func = pred_and;
- new_pred->p_name = "-a";
- new_pred->p_type = BI_OP;
- new_pred->p_prec = AND_PREC;
- new_pred->need_stat = false;
- new_pred->need_type = false;
-+ new_pred->arg_text = NULL;
- new_pred->args.str = NULL;
- new_pred->side_effects = false;
- new_pred->no_default_print = false;
-@@ -1488,6 +1509,7 @@ get_new_pred_chk_op (const struct parser_table *entry)
- }
-
- new_pred = get_new_pred (entry);
-+ new_pred->arg_text = arg;
- new_pred->parser_entry = entry;
- return new_pred;
- }
-diff --git a/find/util.c b/find/util.c
-index a06eada..cc9a3eb 100644
---- a/find/util.c
-+++ b/find/util.c
-@@ -89,11 +89,13 @@ static struct debug_option_assoc debugassoc[] =
- operator. */
-
- struct predicate *
--insert_primary_withpred (const struct parser_table *entry, PRED_FUNC pred_func)
-+insert_primary_withpred (const struct parser_table *entry,
-+ PRED_FUNC pred_func,
-+ const char *arg)
- {
- struct predicate *new_pred;
-
-- new_pred = get_new_pred_chk_op (entry);
-+ new_pred = get_new_pred_chk_op (entry, arg);
- new_pred->pred_func = pred_func;
- new_pred->p_name = entry->parser_name;
- new_pred->args.str = NULL;
-@@ -118,10 +120,16 @@ insert_primary_withpred (const struct parser_table *entry, PRED_FUNC pred_func)
- either not there at all (we are the very first node) or is an
- operator. */
- struct predicate *
--insert_primary (const struct parser_table *entry)
-+insert_primary (const struct parser_table *entry, const char *arg)
- {
- assert (entry->pred_func != NULL);
-- return insert_primary_withpred(entry, entry->pred_func);
-+ return insert_primary_withpred(entry, entry->pred_func, arg);
-+}
-+
-+struct predicate *
-+insert_primary_noarg (const struct parser_table *entry)
-+{
-+ return insert_primary(entry, NULL);
- }
-
-
diff --git a/meta/recipes-extended/findutils/findutils-4.4.2/02-28824.patch b/meta/recipes-extended/findutils/findutils-4.4.2/02-28824.patch
deleted file mode 100644
index c0ff3ff..0000000
--- a/meta/recipes-extended/findutils/findutils-4.4.2/02-28824.patch
+++ /dev/null
@@ -1,294 +0,0 @@
-Upstream-Status: Backport
-
-commit 76ed377d6d3e4a83a00cabd401f751b37ecd1e7b
-Author: James Youngman <jay@gnu.org>
-Date: Sat Feb 20 13:11:45 2010 +0000
-
- Fix Savannah bug# 28824: "-ctime x" yields "missing argument to `-ctime'".
-
- * find/parser.c (parse_fls): If the argument is invalid, reverse
- the change that collect_arg() made to *arg_ptr (that is, don't
- consume the argument).
- (parse_fprint0): Likewise.
- (parse_gid): Likewise.
- (parse_group): Likewise.
- (parse_inum): Likewise.
- (parse_links): Likewise.
- (do_parse_xmin): Likewise.
- (parse_name): Likewise.
- (parse_printf): Likewise.
- (parse_uid): Likewise.
- (parse_used): Likewise.
- (parse_time): Likewise.
-
- Signed-off-by: James Youngman <jay@gnu.org>
-
-diff --git a/ChangeLog b/ChangeLog
-index d0ce1fe..13539a4 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,0 +1,19 @@
-+2010-02-20 James Youngman <jay@gnu.org>
-+
-+ Fix Savannah bug# 28824: "-ctime x" yields "missing argument to
-+ `-ctime'".
-+ * find/parser.c (parse_fls): If the argument is invalid, reverse
-+ the change that collect_arg() made to *arg_ptr (that is, don't
-+ consume the argument).
-+ (parse_fprint0): Likewise.
-+ (parse_gid): Likewise.
-+ (parse_group): Likewise.
-+ (parse_inum): Likewise.
-+ (parse_links): Likewise.
-+ (do_parse_xmin): Likewise.
-+ (parse_name): Likewise.
-+ (parse_printf): Likewise.
-+ (parse_uid): Likewise.
-+ (parse_used): Likewise.
-+ (parse_time): Likewise.
-+
-diff --git a/NEWS b/NEWS
-index 5394311..4e910df 100644
---- a/NEWS
-+++ b/NEWS
-@@ -4,5 +4,8 @@ GNU findutils NEWS - User visible changes. -*- outline -*- (allout)
-
- ** Bug Fixes
-
-+#28824: Corrected error message for "-ctime x".
-+ Likewise for -gid, -inum, -links, -mmin, -cmin, -amin,
-+ -uid, -used, -atime, -mtime, -ctime.
- #26537: find -prune now makes sure it has valid stat() information.
-
-diff --git a/find/parser.c b/find/parser.c
-index 2e6b989..08758ee 100644
---- a/find/parser.c
-+++ b/find/parser.c
-@@ -886,8 +886,14 @@ static boolean
- parse_fls (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- const char *filename;
-- return collect_arg(argv, arg_ptr, &filename)
-- && insert_fls(entry, filename);
-+ if (collect_arg(argv, arg_ptr, &filename))
-+ {
-+ if (insert_fls(entry, filename))
-+ return true;
-+ else
-+ --*arg_ptr; /* don't consume the invalid arg. */
-+ }
-+ return false;
- }
-
- static boolean
-@@ -937,9 +943,13 @@ parse_fprint0 (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- const char *filename;
- if (collect_arg(argv, arg_ptr, &filename))
-- return insert_fprint(entry, filename);
-- else
-- return false;
-+ {
-+ if (insert_fprint(entry, filename))
-+ return true;
-+ else
-+ --*arg_ptr; /* don't consume the bad arg. */
-+ }
-+ return false;
- }
-
- static float estimate_fstype_success_rate(const char *fsname)
-@@ -993,6 +1003,7 @@ parse_gid (const struct parser_table* entry, char **argv, int *arg_ptr)
- }
- else
- {
-+ --*arg_ptr; /* don't consume the invalid argument. */
- return false;
- }
- }
-@@ -1049,6 +1060,7 @@ static boolean
- parse_group (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- const char *groupname;
-+ const int saved_argc = *arg_ptr;
-
- if (collect_arg(argv, arg_ptr, &groupname))
- {
-@@ -1077,6 +1089,7 @@ parse_group (const struct parser_table* entry, char **argv, int *arg_ptr)
- "because it has the unexpected suffix %s"),
- quotearg_n_style(0, options.err_quoting_style, groupname),
- quotearg_n_style(1, options.err_quoting_style, groupname+gid_len));
-+ *arg_ptr = saved_argc; /* don't consume the invalid argument. */
- return false;
- }
- }
-@@ -1092,6 +1105,7 @@ parse_group (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- error(1, 0, _("argument to -group is empty, but should be a group name"));
- }
-+ *arg_ptr = saved_argc; /* don't consume the invalid argument. */
- return false;
- }
- }
-@@ -1256,6 +1270,7 @@ parse_inum (const struct parser_table* entry, char **argv, int *arg_ptr)
- }
- else
- {
-+ --*arg_ptr; /* don't consume the invalid argument. */
- return false;
- }
- }
-@@ -1310,6 +1325,7 @@ parse_links (const struct parser_table* entry, char **argv, int *arg_ptr)
- }
- else
- {
-+ --*arg_ptr; /* don't consume the invalid argument. */
- return false;
- }
- }
-@@ -1358,6 +1374,7 @@ insert_depthspec(const struct parser_table* entry, char **argv, int *arg_ptr,
- error(1, 0, _("Expected a positive decimal integer argument to %s, but got %s"),
- predicate,
- quotearg_n_style(0, options.err_quoting_style, depthstr));
-+ /* NOTREACHED */
- return false;
- }
- /* missing argument */
-@@ -1385,6 +1402,7 @@ do_parse_xmin (const struct parser_table* entry,
- enum xval xv)
- {
- const char *minutes;
-+ const int saved_argc = *arg_ptr;
-
- if (collect_arg(argv, arg_ptr, &minutes))
- {
-@@ -1401,6 +1419,11 @@ do_parse_xmin (const struct parser_table* entry,
- our_pred->est_success_rate = estimate_timestamp_success_rate(tval.ts.tv_sec);
- return true;
- }
-+ else
-+ {
-+ /* Don't consume the invalid argument. */
-+ *arg_ptr = saved_argc;
-+ }
- }
- return false;
- }
-@@ -1427,6 +1450,8 @@ static boolean
- parse_name (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- const char *name;
-+ const int saved_argc = *arg_ptr;
-+
- if (collect_arg(argv, arg_ptr, &name))
- {
- fnmatch_sanitycheck();
-@@ -1438,6 +1463,10 @@ parse_name (const struct parser_table* entry, char **argv, int *arg_ptr)
- our_pred->est_success_rate = estimate_pattern_match_rate(name, 0);
- return true;
- }
-+ else
-+ {
-+ *arg_ptr = saved_argc; /* don't consume the invalid argument. */
-+ }
- }
- return false;
- }
-@@ -1954,11 +1983,21 @@ static boolean
- parse_printf (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- const char *format;
-+ const int saved_argc = *arg_ptr;
-+
- if (collect_arg(argv, arg_ptr, &format))
- {
- struct format_val fmt;
- open_stdout(&fmt);
-- return insert_fprintf (&fmt, entry, pred_fprintf, format);
-+ if (insert_fprintf (&fmt, entry, pred_fprintf, format))
-+ {
-+ return true;
-+ }
-+ else
-+ {
-+ *arg_ptr = saved_argc; /* don't consume the invalid argument. */
-+ return false;
-+ }
- }
- return false;
- }
-@@ -1967,15 +2006,21 @@ static boolean
- parse_fprintf (const struct parser_table* entry, char **argv, int *arg_ptr)
- {
- const char *format, *filename;
-+ int saved_argc = *arg_ptr;
-+
- if (collect_arg(argv, arg_ptr, &filename))
- {
- if (collect_arg(argv, arg_ptr, &format))
- {
- struct format_val fmt;
- open_output_file (filename, &fmt);
-- return insert_fprintf (&fmt, entry, pred_fprintf, format);
-+ saved_argc = *arg_ptr;
-+
-+ if (insert_fprintf (&fmt, entry, pred_fprintf, format))
-+ return true;
- }
- }
-+ *arg_ptr = saved_argc; /* don't consume the invalid argument. */
- return false;
- }
-
-@@ -2405,6 +2450,7 @@ parse_uid (const struct parser_table* entry, char **argv, int *arg_ptr)
- }
- else
- {
-+ --*arg_ptr; /* don't consume the invalid argument. */
- return false;
- }
- }
-@@ -2431,6 +2477,7 @@ parse_used (const struct parser_table* entry, char **argv, int *arg_ptr)
- else
- {
- error(1, 0, _("Invalid argument %s to -used"), offset_str);
-+ /*NOTREACHED*/
- return false;
- }
- }
-@@ -2610,6 +2657,7 @@ insert_type (char **argv, int *arg_ptr,
- if (strlen(typeletter) != 1u)
- {
- error(1, 0, _("Arguments to -type should contain only one letter"));
-+ /*NOTREACHED*/
- return false;
- }
-
-@@ -2657,6 +2705,7 @@ insert_type (char **argv, int *arg_ptr,
- #endif
- default: /* None of the above ... nuke 'em. */
- error(1, 0, _("Unknown argument to -type: %c"), (*typeletter));
-+ /*NOTREACHED*/
- return false;
- }
- our_pred = insert_primary_withpred (entry, which_pred, typeletter);
-@@ -3349,6 +3398,7 @@ parse_time (const struct parser_table* entry, char *argv[], int *arg_ptr)
- const char *errmsg = "arithmetic overflow while converting %s "
- "days to a number of seconds";
- struct timespec origin;
-+ const int saved_argc = *arg_ptr;
-
- if (!collect_arg(argv, arg_ptr, &timearg))
- return false;
-@@ -3381,7 +3431,10 @@ parse_time (const struct parser_table* entry, char *argv[], int *arg_ptr)
- timearg = orig_timearg;
-
- if (!get_relative_timestamp(timearg, &tval, origin, DAYSECS, errmsg))
-- return false;
-+ {
-+ *arg_ptr = saved_argc; /* don't consume the invalid argument */
-+ return false;
-+ }
-
- our_pred = insert_primary (entry, orig_timearg);
- our_pred->args.reftime = tval;
diff --git a/meta/recipes-extended/findutils/findutils-4.4.2/03-28872.patch b/meta/recipes-extended/findutils/findutils-4.4.2/03-28872.patch
deleted file mode 100644
index 940aaf6..0000000
--- a/meta/recipes-extended/findutils/findutils-4.4.2/03-28872.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-Upstream-Status: Backport
-
-commit 5f5eb921765794e8fc58c4bdffa2daa2ae34800f
-Author: James Youngman <jay@gnu.org>
-Date: Sat Feb 20 19:53:13 2010 +0000
-
- Fix Savannah bug#28872, Mistake in "Problems with -exec and filenames"
-
- * doc/find.texi (Problems with -exec and filenames): Add missing
- $0 argument in example for sh -c 'something "$@" sh ...
- * NEWS: Mention this change.
-
- Signed-off-by: James Youngman <jay@gnu.org>
-
-diff --git a/ChangeLog b/ChangeLog
-index 13539a4..e94ba96 100644
---- a/ChangeLog
-+++ b/ChangeLog
-@@ -1,5 +1,10 @@
- 2010-02-20 James Youngman <jay@gnu.org>
-
-+ Fix Savannah bug#28872, Mistake in "Problems with -exec and filenames"
-+ * doc/find.texi (Problems with -exec and filenames): Add missing
-+ $0 argument in example for sh -c 'something "$@" sh ...
-+ * NEWS: Mention this change.
-+
- Fix Savannah bug# 28824: "-ctime x" yields "missing argument to
- `-ctime'".
- * find/parser.c (parse_fls): If the argument is invalid, reverse
-diff --git a/NEWS b/NEWS
-index 4e910df..4c97be9 100644
---- a/NEWS
-+++ b/NEWS
-@@ -4,6 +4,9 @@ GNU findutils NEWS - User visible changes. -*- outline -*- (allout)
-
- ** Bug Fixes
-
-+#28872: Mistake in "#safer" example in "Problems with -exec and
-+ filenames" section of the Texinfo manual.
-+
- #28824: Corrected error message for "-ctime x".
- Likewise for -gid, -inum, -links, -mmin, -cmin, -amin,
- -uid, -used, -atime, -mtime, -ctime.
-diff --git a/doc/find.texi b/doc/find.texi
-index 2e5958d..391ffa0 100644
---- a/doc/find.texi
-+++ b/doc/find.texi
-@@ -4830,8 +4830,8 @@ problem:
-
- @example
- # safer
--find -exec sh -c 'something "$@@"' @{@} \;
--find -execdir sh -c 'something "$@@"' @{@}\;
-+find -exec sh -c 'something "$@@"' sh @{@} \;
-+find -execdir sh -c 'something "$@@"' sh @{@}\;
- @end example
-
- This approach is not guaranteed to avoid every problem, but it is much
diff --git a/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_doc.patch b/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_doc.patch
deleted file mode 100644
index a48cdc2..0000000
--- a/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_doc.patch
+++ /dev/null
@@ -1,84 +0,0 @@
-Fix documentation build errors
-
-This fixes the following errors building the findutils documentation:
-find-maint.texi:45: misplaced {
-find-maint.texi:45: misplaced }
-find-maint.texi:236: warning: node next `Make the Compiler Find the Bugs' in menu `The File System Is Being Modified' and in sectioning `Factor Out Repeated Code' differ
-find-maint.texi:335: warning: node `Debugging is For Users Too' is next for `Factor Out Repeated Code' in sectioning but not in menu
-find-maint.texi:335: warning: node prev `Factor Out Repeated Code' in menu `Debugging is For Users Too' and in sectioning `Make the Compiler Find the Bugs' differ
-find-maint.texi:378: warning: node next `Debugging is For Users Too' in menu `Factor Out Repeated Code' and in sectioning `Don't Trust the File System Contents' differ
-find-maint.texi:378: warning: node prev `Debugging is For Users Too' in menu `Don't Trust the File System Contents' and in sectioning `Factor Out Repeated Code' differ
-find-maint.texi:392: warning: node next `Don't Trust the File System Contents' in menu `Debugging is For Users Too' and in sectioning `The File System Is Being Modified' differ
-find-maint.texi:392: warning: node prev `Don't Trust the File System Contents' in menu `The File System Is Being Modified' and in sectioning `Debugging is For Users Too' differ
-find-maint.texi:417: warning: node `Don't Trust the File System Contents' is next for `The File System Is Being Modified' in menu but not in sectioning
-find-maint.texi:417: warning: node prev `The File System Is Being Modified' in menu `Make the Compiler Find the Bugs' and in sectioning `Don't Trust the File System Contents' differ
-find.texi:53: misplaced {
-find.texi:53: misplaced }
-find.texi:1862: warning: node `Formatting Flags' is next for `Time Directives' in menu but not in sectioning
-find.texi:1975: warning: node `Formatting Flags' is next for `Combined Time Formats' in sectioning but not in menu
-find.texi:2004: warning: node prev `Formatting Flags' in menu `Time Directives' and in sectioning `Combined Time Formats' differ
-find.texi:2004: warning: node up `Formatting Flags' in menu `Format Directives' and in sectioning `Time Formats' differ
-find.texi:1893: node `Time Formats' lacks menu item for `Formatting Flags' despite being its Up target
-
-Upstream-Status: Backport
-Signed-off-by: Jonathan Liu <net147@gmail.com>
-
---- a/doc/find-maint.texi
-+++ b/doc/find-maint.texi
-@@ -42,7 +42,7 @@ Free Documentation License''.
-
- @page
- @vskip 0pt plus 1filll
--@insertcopying{}
-+@insertcopying
- @end titlepage
-
- @contents
-@@ -227,10 +227,10 @@ circumstances.
-
- @menu
- * Make the Compiler Find the Bugs::
-+* Factor Out Repeated Code::
- * The File System Is Being Modified::
- * Don't Trust the File System Contents::
- * Debugging is For Users Too::
--* Factor Out Repeated Code::
- @end menu
-
- @node Make the Compiler Find the Bugs
---- a/doc/find.texi
-+++ b/doc/find.texi
-@@ -50,7 +50,7 @@ Texts. A copy of the license is included in the section entitled
-
- @page
- @vskip 0pt plus 1filll
--@insertcopying{}
-+@insertcopying
- @end titlepage
-
- @contents
-@@ -1665,6 +1665,7 @@ no output is ever sent to it.
- * Escapes::
- * Format Directives::
- * Time Formats::
-+* Formatting Flags::
- @end menu
-
- @node Escapes
-@@ -1733,7 +1734,6 @@ from the novel you are reading.
- * Size Directives::
- * Location Directives::
- * Time Directives::
--* Formatting Flags::
- @end menu
-
- @node Name Directives
-@@ -2002,7 +2002,7 @@ seconds field includes a fractional part.
- @end table
-
- @node Formatting Flags
--@subsubsection Formatting Flags
-+@subsection Formatting Flags
-
- The @samp{%m} and @samp{%d} directives support the @samp{#}, @samp{0}
- and @samp{+} flags, but the other directives do not, even if they
diff --git a/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_automake-1.12.patch b/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_automake-1.12.patch
deleted file mode 100644
index d4a7e95..0000000
--- a/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_automake-1.12.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-Upstream-Status: Pending
-
-This patch fixes following issue with automake 1.12
-
-| configure.ac:80: error: automatic de-ANSI-fication support has been removed
-
-Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com>
-2012/05/03
-
-Index: findutils-4.4.2/configure.ac
-===================================================================
---- findutils-4.4.2.orig/configure.ac
-+++ findutils-4.4.2/configure.ac
-@@ -77,8 +77,6 @@ AC_PROG_CPP
- dnl for gnulib
- gl_EARLY
-
--AM_C_PROTOTYPES
--
- AC_PROG_INSTALL
- AC_PROG_RANLIB
- dnl AC_PROG_LIBTOOL
diff --git a/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_x32.patch b/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_x32.patch
deleted file mode 100644
index b78cc75..0000000
--- a/meta/recipes-extended/findutils/findutils-4.4.2/findutils_fix_for_x32.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-Upstream-Status: Pending
-
-Author: H.J. Lu <hjl.tools@gmail.com>
-
-Work around gnulib time_t assumption in findutils for x32
-
-time_t is 64bit and long int is 32bit on x32. But gnulib used in
-findutils assumes time_t values fit into long int. Such assumption is
-invalid for x32 and should be removed.
-
-This patch is a workaround to compile gnulib for x32.
-
-Signed-Off-By: Nitin A Kamble <nitin.a.kamble@intel.com> 2011/12/05
-
-
-Index: findutils-4.4.2/gnulib/lib/getdate.y
-===================================================================
---- findutils-4.4.2.orig/gnulib/lib/getdate.y
-+++ findutils-4.4.2/gnulib/lib/getdate.y
-@@ -114,7 +114,6 @@
- wraps around, but there's no portable way to check for that at
- compile-time. */
- verify (TYPE_IS_INTEGER (time_t));
--verify (LONG_MIN <= TYPE_MINIMUM (time_t) && TYPE_MAXIMUM (time_t) <= LONG_MAX);
-
- /* An integer value, and the number of digits in its textual
- representation. */
-Index: findutils-4.4.2/gnulib/lib/mktime.c
-===================================================================
---- findutils-4.4.2.orig/gnulib/lib/mktime.c
-+++ findutils-4.4.2/gnulib/lib/mktime.c
-@@ -166,7 +166,7 @@ ydhms_diff (long int year1, long int yda
- {
- verify (C99_integer_division, -1 / 2 == 0);
- verify (long_int_year_and_yday_are_wide_enough,
-- INT_MAX <= LONG_MAX / 2 || TIME_T_MAX <= UINT_MAX);
-+ INT_MAX <= TIME_T_MAX / 2 || TIME_T_MAX <= UINT_MAX);
-
- /* Compute intervening leap days correctly even if year is negative.
- Take care to avoid integer overflow here. */
diff --git a/meta/recipes-extended/findutils/findutils.inc b/meta/recipes-extended/findutils/findutils.inc
index 4f4068a..37c84cc 100644
--- a/meta/recipes-extended/findutils/findutils.inc
+++ b/meta/recipes-extended/findutils/findutils.inc
@@ -7,7 +7,7 @@ BUGTRACKER = "http://savannah.gnu.org/bugs/?group=findutils"
SECTION = "console/utils"
-SRC_URI = "${GNU_MIRROR}/findutils/findutils-${PV}.tar.gz"
+SRC_URI = "ftp://alpha.gnu.org/gnu/${BPN}/${BP}.tar.gz"
inherit autotools gettext texinfo update-alternatives
diff --git a/meta/recipes-extended/findutils/findutils_4.4.2.bb b/meta/recipes-extended/findutils/findutils_4.5.14.bb
similarity index 48%
rename from meta/recipes-extended/findutils/findutils_4.4.2.bb
rename to meta/recipes-extended/findutils/findutils_4.5.14.bb
index faf2ebe..9253637 100644
--- a/meta/recipes-extended/findutils/findutils_4.4.2.bb
+++ b/meta/recipes-extended/findutils/findutils_4.5.14.bb
@@ -4,21 +4,11 @@ require findutils.inc
LICENSE = "GPLv3+"
LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949"
-PR = "r6"
-
-SRC_URI += "file://01-27017.patch \
- file://02-28824.patch \
- file://03-28872.patch \
- file://findutils_fix_for_x32.patch \
- file://findutils_fix_for_automake-1.12.patch \
- file://findutils_fix_doc.patch \
- "
-
-SRC_URI[md5sum] = "351cc4adb07d54877fa15f75fb77d39f"
-SRC_URI[sha256sum] = "434f32d171cbc0a5e72cfc5372c6fc4cb0e681f8dce566a0de5b6fccd702b62a"
-
DEPENDS = "bison-native"
+SRC_URI[md5sum] = "a8a8176282fd28e8d1234c84d847fa66"
+SRC_URI[sha256sum] = "0de3cf625a5c9f154eee3171e072515ffdde405244dd00502af617ac57b73ae2"
+
# http://savannah.gnu.org/bugs/?27299
CACHED_CONFIGUREVARS += "${@bb.utils.contains('DISTRO_FEATURES', 'libc-posix-clang-wchar', 'gl_cv_func_wcwidth_works=yes', '', d)}"
--
1.8.3.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 3/4] libcap: Upgrade to 2.24
2014-09-05 20:06 [PATCH 0/4] Some final package Updates for 1.7 Saul Wold
2014-09-05 20:06 ` [PATCH 1/4] vala: Update to 0.24.0 Saul Wold
2014-09-05 20:06 ` [PATCH 2/4] findutils: Upgrade to 4.5.14 Saul Wold
@ 2014-09-05 20:06 ` Saul Wold
2014-11-04 15:18 ` Burton, Ross
2014-09-05 20:06 ` [PATCH 4/4] nss: Upgrade to 3.17 Saul Wold
3 siblings, 1 reply; 6+ messages in thread
From: Saul Wold @ 2014-09-05 20:06 UTC (permalink / raw)
To: openembedded-core
${S} added because top dir renamed
libcap now provides pkgconfig files do don't move everything and delete libdir
Signed-off-by: Saul Wold <sgw@linux.intel.com>
---
meta/recipes-support/libcap/libcap.inc | 10 +++---
.../libcap/libcap/fix-CAP_LAST_CAP.patch | 39 ----------------------
meta/recipes-support/libcap/libcap_2.22.bb | 6 ----
meta/recipes-support/libcap/libcap_2.24.bb | 4 +++
4 files changed, 8 insertions(+), 51 deletions(-)
delete mode 100644 meta/recipes-support/libcap/libcap/fix-CAP_LAST_CAP.patch
delete mode 100644 meta/recipes-support/libcap/libcap_2.22.bb
create mode 100644 meta/recipes-support/libcap/libcap_2.24.bb
diff --git a/meta/recipes-support/libcap/libcap.inc b/meta/recipes-support/libcap/libcap.inc
index 0e28ea0..660394e 100644
--- a/meta/recipes-support/libcap/libcap.inc
+++ b/meta/recipes-support/libcap/libcap.inc
@@ -7,11 +7,9 @@ LIC_FILES_CHKSUM = "file://License;md5=3f84fd6f29d453a56514cb7e4ead25f1"
DEPENDS = "perl-native-runtime"
-SRC_URI = "${DEBIAN_MIRROR}/main/libc/libcap2/${BPN}2_${PV}.orig.tar.gz \
- file://fix-CAP_LAST_CAP.patch"
-
-PR = "r1"
+SRC_URI = "${DEBIAN_MIRROR}/main/libc/libcap2/${BPN}2_${PV}.orig.tar.xz"
+S = "${WORKDIR}/${BPN}2-${PV}"
inherit lib_package
# do NOT pass target cflags to host compilations
@@ -56,8 +54,8 @@ do_install_append() {
# Move the library to base_libdir
install -d ${D}${base_libdir}
if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then
- mv ${D}${libdir}/* ${D}${base_libdir}
- rmdir ${D}${libdir}
+ mv ${D}${libdir}/libcap* ${D}${base_libdir}
+ mv ${D}${libdir}/security ${D}${base_libdir}
fi
}
diff --git a/meta/recipes-support/libcap/libcap/fix-CAP_LAST_CAP.patch b/meta/recipes-support/libcap/libcap/fix-CAP_LAST_CAP.patch
deleted file mode 100644
index a557188..0000000
--- a/meta/recipes-support/libcap/libcap/fix-CAP_LAST_CAP.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-fix CAP_LAST_CAP
-
-Upstream-Status: pending
-
-Two new capability CAP_BLOCK_SUSPEND and CAP_WAKE_ALARM have been added into
-kernel, but libcap did not update them.
-Once libcap uses its capability.h (the default value of KERNEL_HEADERS), and
-application always use capability.h from kernel, that will make cap_get_flag
-return wrong value.
-
-Signed-off-by: Roy Li <rongqing.li@windriver.com>
----
- libcap/include/linux/capability.h | 10 +++++++++-
- 1 file changed, 9 insertions(+), 1 deletion(-)
-
-diff --git a/libcap/include/linux/capability.h b/libcap/include/linux/capability.h
-index 4924f2a..57026be 100644
---- a/libcap/include/linux/capability.h
-+++ b/libcap/include/linux/capability.h
-@@ -360,7 +360,15 @@ struct cpu_vfs_cap_data {
- CAP_SYS_ADMIN is not acceptable anymore. */
- #define CAP_SYSLOG 34
-
--#define CAP_LAST_CAP CAP_SYSLOG
-+/* Allow triggering something that will wake the system */
-+
-+#define CAP_WAKE_ALARM 35
-+
-+/* Allow preventing system suspends */
-+
-+#define CAP_BLOCK_SUSPEND 36
-+
-+#define CAP_LAST_CAP CAP_BLOCK_SUSPEND
-
- #define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP)
-
---
-1.7.10.4
-
diff --git a/meta/recipes-support/libcap/libcap_2.22.bb b/meta/recipes-support/libcap/libcap_2.22.bb
deleted file mode 100644
index a989bb6..0000000
--- a/meta/recipes-support/libcap/libcap_2.22.bb
+++ /dev/null
@@ -1,6 +0,0 @@
-require libcap.inc
-
-PR = "r6"
-
-SRC_URI[md5sum] = "b4896816b626bea445f0b3849bdd4077"
-SRC_URI[sha256sum] = "e1cae65d8febf2579be37c255d2e058715785ead481a4e6a4357a06aff84721f"
diff --git a/meta/recipes-support/libcap/libcap_2.24.bb b/meta/recipes-support/libcap/libcap_2.24.bb
new file mode 100644
index 0000000..4d0df37
--- /dev/null
+++ b/meta/recipes-support/libcap/libcap_2.24.bb
@@ -0,0 +1,4 @@
+require libcap.inc
+
+SRC_URI[md5sum] = "1f8934af240ff1e9fb2ef1a2a75d308e"
+SRC_URI[sha256sum] = "51cd1c568a2baf1e687573bd6117a94b07f33b46a05acaa50ee208792a830b79"
--
1.8.3.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 4/4] nss: Upgrade to 3.17
2014-09-05 20:06 [PATCH 0/4] Some final package Updates for 1.7 Saul Wold
` (2 preceding siblings ...)
2014-09-05 20:06 ` [PATCH 3/4] libcap: Upgrade to 2.24 Saul Wold
@ 2014-09-05 20:06 ` Saul Wold
3 siblings, 0 replies; 6+ messages in thread
From: Saul Wold @ 2014-09-05 20:06 UTC (permalink / raw)
To: openembedded-core
CVE patches removed since they have been implemented upstream
Rename patch dir (files) to generic PN name
Signed-off-by: Saul Wold <sgw@linux.intel.com>
---
.../nss/files/nss-3.15.1-fix-CVE-2013-1739.patch | 81 --
.../nss/files/nss-3.15.1-fix-CVE-2013-1741.patch | 92 ---
.../nss/files/nss-3.15.1-fix-CVE-2013-5605.patch | 18 -
.../nss/files/nss-CVE-2013-1740.patch | 916 ---------------------
.../nss/files/nss-CVE-2013-5606.patch | 48 --
.../nss/files/nss-CVE-2014-1492.patch | 68 --
.../nss/files/nss-CVE-2014-1544.patch | 41 -
meta/recipes-support/nss/nss.inc | 9 +-
.../nss-fix-incorrect-shebang-of-perl.patch | 0
.../nss-fix-support-cross-compiling.patch | 0
.../nss-no-rpath-for-cross-compiling.patch | 0
meta/recipes-support/nss/{files => nss}/nss.pc.in | 0
.../recipes-support/nss/{files => nss}/signlibs.sh | 0
meta/recipes-support/nss/nss_3.15.1.bb | 9 -
meta/recipes-support/nss/nss_3.17.bb | 8 +
15 files changed, 9 insertions(+), 1281 deletions(-)
delete mode 100644 meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1739.patch
delete mode 100644 meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1741.patch
delete mode 100644 meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2013-1740.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2013-5606.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2014-1492.patch
delete mode 100644 meta/recipes-support/nss/files/nss-CVE-2014-1544.patch
rename meta/recipes-support/nss/{files => nss}/nss-fix-incorrect-shebang-of-perl.patch (100%)
rename meta/recipes-support/nss/{files => nss}/nss-fix-support-cross-compiling.patch (100%)
rename meta/recipes-support/nss/{files => nss}/nss-no-rpath-for-cross-compiling.patch (100%)
rename meta/recipes-support/nss/{files => nss}/nss.pc.in (100%)
rename meta/recipes-support/nss/{files => nss}/signlibs.sh (100%)
delete mode 100644 meta/recipes-support/nss/nss_3.15.1.bb
create mode 100644 meta/recipes-support/nss/nss_3.17.bb
diff --git a/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1739.patch b/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1739.patch
deleted file mode 100644
index 1a159c3..0000000
--- a/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1739.patch
+++ /dev/null
@@ -1,81 +0,0 @@
-Upstream-Status: Backport
-Signed-off-by: yzhu1 <yanjun.zhu@windriver.com>
-
---- a/nss/lib/ssl/ssl3con.c
-+++ b/nss/lib/ssl/ssl3con.c
-@@ -10509,7 +10509,7 @@ ssl_RemoveSSLv3CBCPadding(sslBuffer *pla
- /* SSLv3 padding bytes are random and cannot be checked. */
- t = plaintext->len;
- t -= paddingLength+overhead;
-- /* If len >= padding_length+overhead then the MSB of t is zero. */
-+ /* If len >= paddingLength+overhead then the MSB of t is zero. */
- good = DUPLICATE_MSB_TO_ALL(~t);
- /* SSLv3 requires that the padding is minimal. */
- t = blockSize - (paddingLength+1);
-@@ -10742,7 +10742,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Cip
- }
- }
-
-- good = (unsigned)-1;
-+ good = ~0U;
- minLength = crSpec->mac_size;
- if (cipher_def->type == type_block) {
- /* CBC records have a padding length byte at the end. */
-@@ -10756,14 +10756,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Cip
- /* We can perform this test in variable time because the record's total
- * length and the ciphersuite are both public knowledge. */
- if (cText->buf->len < minLength) {
-- SSL_DBG(("%d: SSL3[%d]: HandleRecord, record too small.",
-- SSL_GETPID(), ss->fd));
-- /* must not hold spec lock when calling SSL3_SendAlert. */
-- ssl_ReleaseSpecReadLock(ss);
-- SSL3_SendAlert(ss, alert_fatal, bad_record_mac);
-- /* always log mac error, in case attacker can read server logs. */
-- PORT_SetError(SSL_ERROR_BAD_MAC_READ);
-- return SECFailure;
-+ goto decrypt_loser;
- }
-
- if (cipher_def->type == type_block &&
-@@ -10831,11 +10824,18 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Cip
- return SECFailure;
- }
-
-+ if (cipher_def->type == type_block &&
-+ ((cText->buf->len - ivLen) % cipher_def->block_size) != 0) {
-+ goto decrypt_loser;
-+ }
-+
- /* decrypt from cText buf to plaintext. */
- rv = crSpec->decode(
- crSpec->decodeContext, plaintext->buf, (int *)&plaintext->len,
- plaintext->space, cText->buf->buf + ivLen, cText->buf->len - ivLen);
-- good &= SECStatusToMask(rv);
-+ if (rv != SECSuccess) {
-+ goto decrypt_loser;
-+ }
-
- PRINT_BUF(80, (ss, "cleartext:", plaintext->buf, plaintext->len));
-
-@@ -10843,7 +10843,7 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Cip
-
- /* If it's a block cipher, check and strip the padding. */
- if (cipher_def->type == type_block) {
-- const unsigned int blockSize = cipher_def->iv_size;
-+ const unsigned int blockSize = cipher_def->block_size;
- const unsigned int macSize = crSpec->mac_size;
-
- if (crSpec->version <= SSL_LIBRARY_VERSION_3_0) {
-@@ -10899,10 +10899,11 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Cip
- }
-
- if (good == 0) {
-+decrypt_loser:
- /* must not hold spec lock when calling SSL3_SendAlert. */
- ssl_ReleaseSpecReadLock(ss);
-
-- SSL_DBG(("%d: SSL3[%d]: mac check failed", SSL_GETPID(), ss->fd));
-+ SSL_DBG(("%d: SSL3[%d]: decryption failed", SSL_GETPID(), ss->fd));
-
- if (!IS_DTLS(ss)) {
- SSL3_SendAlert(ss, alert_fatal, bad_record_mac);
diff --git a/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1741.patch b/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1741.patch
deleted file mode 100644
index 21da0c0..0000000
--- a/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-1741.patch
+++ /dev/null
@@ -1,92 +0,0 @@
-Upstream-Status: backport
-yanjun.zhu <yanjun.zhu@windriver.com>
---- a/nss/lib/util/secport.c
-+++ b/nss/lib/util/secport.c
-@@ -69,13 +69,22 @@ PORTCharConversionFunc ucs4Utf8ConvertFu
- PORTCharConversionFunc ucs2Utf8ConvertFunc;
- PORTCharConversionWSwapFunc ucs2AsciiConvertFunc;
-
-+/* NSPR memory allocation functions (PR_Malloc, PR_Calloc, and PR_Realloc)
-+ * use the PRUint32 type for the size parameter. Before we pass a size_t or
-+ * unsigned long size to these functions, we need to ensure it is <= half of
-+ * the maximum PRUint32 value to avoid truncation and catch a negative size.
-+ */
-+#define MAX_SIZE (PR_UINT32_MAX >> 1)
-+
- void *
- PORT_Alloc(size_t bytes)
- {
-- void *rv;
-+ void *rv = NULL;
-
-- /* Always allocate a non-zero amount of bytes */
-- rv = (void *)PR_Malloc(bytes ? bytes : 1);
-+ if (bytes <= MAX_SIZE) {
-+ /* Always allocate a non-zero amount of bytes */
-+ rv = PR_Malloc(bytes ? bytes : 1);
-+ }
- if (!rv) {
- ++port_allocFailures;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
-@@ -86,9 +95,11 @@ PORT_Alloc(size_t bytes)
- void *
- PORT_Realloc(void *oldptr, size_t bytes)
- {
-- void *rv;
-+ void *rv = NULL;
-
-- rv = (void *)PR_Realloc(oldptr, bytes);
-+ if (bytes <= MAX_SIZE) {
-+ rv = PR_Realloc(oldptr, bytes);
-+ }
- if (!rv) {
- ++port_allocFailures;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
-@@ -99,10 +110,12 @@ PORT_Realloc(void *oldptr, size_t bytes)
- void *
- PORT_ZAlloc(size_t bytes)
- {
-- void *rv;
-+ void *rv = NULL;
-
-- /* Always allocate a non-zero amount of bytes */
-- rv = (void *)PR_Calloc(1, bytes ? bytes : 1);
-+ if (bytes <= MAX_SIZE) {
-+ /* Always allocate a non-zero amount of bytes */
-+ rv = PR_Calloc(1, bytes ? bytes : 1);
-+ }
- if (!rv) {
- ++port_allocFailures;
- PORT_SetError(SEC_ERROR_NO_MEMORY);
-@@ -209,6 +222,10 @@ PORT_NewArena(unsigned long chunksize)
- {
- PORTArenaPool *pool;
-
-+ if (chunksize > MAX_SIZE) {
-+ PORT_SetError(SEC_ERROR_NO_MEMORY);
-+ return NULL;
-+ }
- pool = PORT_ZNew(PORTArenaPool);
- if (!pool) {
- return NULL;
-@@ -224,8 +241,6 @@ PORT_NewArena(unsigned long chunksize)
- return(&pool->arena);
- }
-
--#define MAX_SIZE 0x7fffffffUL
--
- void *
- PORT_ArenaAlloc(PLArenaPool *arena, size_t size)
- {
-@@ -330,6 +345,11 @@ PORT_ArenaGrow(PLArenaPool *arena, void
- PORTArenaPool *pool = (PORTArenaPool *)arena;
- PORT_Assert(newsize >= oldsize);
-
-+ if (newsize > MAX_SIZE) {
-+ PORT_SetError(SEC_ERROR_NO_MEMORY);
-+ return NULL;
-+ }
-+
- if (ARENAPOOL_MAGIC == pool->magic ) {
- PZ_Lock(pool->lock);
- /* Do we do a THREADMARK check here? */
diff --git a/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch b/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch
deleted file mode 100644
index 7203d02..0000000
--- a/meta/recipes-support/nss/files/nss-3.15.1-fix-CVE-2013-5605.patch
+++ /dev/null
@@ -1,18 +0,0 @@
-signed-off-by: Ryan Sleevi <ryan.sleevi@gmail.com>
-Upstream-Status: Backport
-reference:https://hg.mozilla.org/projects/nss/rev/e79a09364b5e
-
---- a/nss/lib/ssl/ssl3con.c
-+++ b/nss/lib/ssl/ssl3con.c
-@@ -781,6 +781,11 @@ static SECStatus
- Null_Cipher(void *ctx, unsigned char *output, int *outputLen, int maxOutputLen,
- const unsigned char *input, int inputLen)
- {
-+ if (inputLen > maxOutputLen) {
-+ *outputLen = 0; /* Match PK11_CipherOp in setting outputLen */
-+ PORT_SetError(SEC_ERROR_OUTPUT_LEN);
-+ return SECFailure;
-+ }
- *outputLen = inputLen;
- if (input != output)
- PORT_Memcpy(output, input, inputLen);
diff --git a/meta/recipes-support/nss/files/nss-CVE-2013-1740.patch b/meta/recipes-support/nss/files/nss-CVE-2013-1740.patch
deleted file mode 100644
index db3d6f9..0000000
--- a/meta/recipes-support/nss/files/nss-CVE-2013-1740.patch
+++ /dev/null
@@ -1,916 +0,0 @@
-nss: CVE-2013-1740
-
-Upstream-Status: Backport
-
-the patch comes from:
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1740
-https://bugzilla.mozilla.org/show_bug.cgi?id=919877
-https://bugzilla.mozilla.org/show_bug.cgi?id=713933
-
-changeset: 10946:f28426e944ae
-user: Wan-Teh Chang <wtc@google.com>
-date: Tue Nov 26 16:44:39 2013 -0800
-summary: Bug 713933: Handle the return value of both ssl3_HandleRecord calls
-
-changeset: 10945:774c7dec7565
-user: Wan-Teh Chang <wtc@google.com>
-date: Mon Nov 25 19:16:23 2013 -0800
-summary: Bug 713933: Declare the |falseStart| local variable in the smallest
-
-changeset: 10848:141fae8fb2e8
-user: Wan-Teh Chang <wtc@google.com>
-date: Mon Sep 23 11:25:41 2013 -0700
-summary: Bug 681839: Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished, r=brian@briansmith.org
-
-changeset: 10898:1b9c43d28713
-user: Brian Smith <brian@briansmith.org>
-date: Thu Oct 31 15:40:42 2013 -0700
-summary: Bug 713933: Make SSL False Start work with asynchronous certificate validation, r=wtc
-
-Signed-off-by: Li Wang <li.wang@windriver.com>
----
- nss/lib/ssl/ssl.def | 7 ++
- nss/lib/ssl/ssl.h | 54 +++++++++++---
- nss/lib/ssl/ssl3con.c | 188 +++++++++++++++++++++++++++++++++++------------
- nss/lib/ssl/ssl3gthr.c | 63 ++++++++++++----
- nss/lib/ssl/sslauth.c | 10 +--
- nss/lib/ssl/sslimpl.h | 22 +++++-
- nss/lib/ssl/sslinfo.c | 10 +--
- nss/lib/ssl/sslreveal.c | 9 +--
- nss/lib/ssl/sslsecur.c | 139 ++++++++++++++++++++++++++++-------
- nss/lib/ssl/sslsock.c | 12 ++-
- 10 files changed, 386 insertions(+), 128 deletions(-)
-
-diff --git a/nss/lib/ssl/ssl.def b/nss/lib/ssl/ssl.def
-index fbf7fc5..e937bd4 100644
---- a/nss/lib/ssl/ssl.def
-+++ b/nss/lib/ssl/ssl.def
-@@ -163,3 +163,10 @@ SSL_SetStapledOCSPResponses;
- ;+ local:
- ;+*;
- ;+};
-+;+NSS_3.15.3 { # NSS 3.15.3 release
-+;+ global:
-+SSL_RecommendedCanFalseStart;
-+SSL_SetCanFalseStartCallback;
-+;+ local:
-+;+*;
-+;+};
-diff --git a/nss/lib/ssl/ssl.h b/nss/lib/ssl/ssl.h
-index 6db0e34..ddeaaef 100644
---- a/nss/lib/ssl/ssl.h
-+++ b/nss/lib/ssl/ssl.h
-@@ -121,14 +121,17 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd);
- #define SSL_ENABLE_FALSE_START 22 /* Enable SSL false start (off by */
- /* default, applies only to */
- /* clients). False start is a */
--/* mode where an SSL client will start sending application data before */
--/* verifying the server's Finished message. This means that we could end up */
--/* sending data to an imposter. However, the data will be encrypted and */
--/* only the true server can derive the session key. Thus, so long as the */
--/* cipher isn't broken this is safe. Because of this, False Start will only */
--/* occur on RSA or DH ciphersuites where the cipher's key length is >= 80 */
--/* bits. The advantage of False Start is that it saves a round trip for */
--/* client-speaks-first protocols when performing a full handshake. */
-+/* mode where an SSL client will start sending application data before
-+ * verifying the server's Finished message. This means that we could end up
-+ * sending data to an imposter. However, the data will be encrypted and
-+ * only the true server can derive the session key. Thus, so long as the
-+ * cipher isn't broken this is safe. The advantage of false start is that
-+ * it saves a round trip for client-speaks-first protocols when performing a
-+ * full handshake.
-+ *
-+ * In addition to enabling this option, the application must register a
-+ * callback using the SSL_SetCanFalseStartCallback function.
-+ */
-
- /* For SSL 3.0 and TLS 1.0, by default we prevent chosen plaintext attacks
- * on SSL CBC mode cipher suites (see RFC 4346 Section F.3) by splitting
-@@ -653,14 +656,45 @@ SSL_IMPORT SECStatus SSL_SetMaxServerCacheLocks(PRUint32 maxLocks);
- SSL_IMPORT SECStatus SSL_InheritMPServerSIDCache(const char * envString);
-
- /*
--** Set the callback on a particular socket that gets called when we finish
--** performing a handshake.
-+** Set the callback that gets called when a TLS handshake is complete. The
-+** handshake callback is called after verifying the peer's Finished message and
-+** before processing incoming application data.
-+**
-+** For the initial handshake: If the handshake false started (see
-+** SSL_ENABLE_FALSE_START), then application data may already have been sent
-+** before the handshake callback is called. If we did not false start then the
-+** callback will get called before any application data is sent.
- */
- typedef void (PR_CALLBACK *SSLHandshakeCallback)(PRFileDesc *fd,
- void *client_data);
- SSL_IMPORT SECStatus SSL_HandshakeCallback(PRFileDesc *fd,
- SSLHandshakeCallback cb, void *client_data);
-
-+/* Applications that wish to enable TLS false start must set this callback
-+** function. NSS will invoke the functon to determine if a particular
-+** connection should use false start or not. SECSuccess indicates that the
-+** callback completed successfully, and if so *canFalseStart indicates if false
-+** start can be used. If the callback does not return SECSuccess then the
-+** handshake will be canceled. NSS's recommended criteria can be evaluated by
-+** calling SSL_RecommendedCanFalseStart.
-+**
-+** If no false start callback is registered then false start will never be
-+** done, even if the SSL_ENABLE_FALSE_START option is enabled.
-+**/
-+typedef SECStatus (PR_CALLBACK *SSLCanFalseStartCallback)(
-+ PRFileDesc *fd, void *arg, PRBool *canFalseStart);
-+
-+SSL_IMPORT SECStatus SSL_SetCanFalseStartCallback(
-+ PRFileDesc *fd, SSLCanFalseStartCallback callback, void *arg);
-+
-+/* This function sets *canFalseStart according to the recommended criteria for
-+** false start. These criteria may change from release to release and may depend
-+** on which handshake features have been negotiated and/or properties of the
-+** certifciates/keys used on the connection.
-+*/
-+SSL_IMPORT SECStatus SSL_RecommendedCanFalseStart(PRFileDesc *fd,
-+ PRBool *canFalseStart);
-+
- /*
- ** For the server, request a new handshake. For the client, begin a new
- ** handshake. If flushCache is non-zero, the SSL3 cache entry will be
-diff --git a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
-index 61d24d9..f39ba09 100644
---- a/nss/lib/ssl/ssl3con.c
-+++ b/nss/lib/ssl/ssl3con.c
-@@ -2535,7 +2535,7 @@ ssl3_SendRecord( sslSocket * ss,
- SSL_TRC(3, ("%d: SSL3[%d] SendRecord type: %s nIn=%d",
- SSL_GETPID(), ss->fd, ssl3_DecodeContentType(type),
- nIn));
-- PRINT_BUF(3, (ss, "Send record (plain text)", pIn, nIn));
-+ PRINT_BUF(50, (ss, "Send record (plain text)", pIn, nIn));
-
- PORT_Assert( ss->opt.noLocks || ssl_HaveXmitBufLock(ss) );
-
-@@ -6674,36 +6674,73 @@ done:
- return rv;
- }
-
-+static SECStatus
-+ssl3_CheckFalseStart(sslSocket *ss)
-+{
-+ PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
-+ PORT_Assert( !ss->ssl3.hs.authCertificatePending );
-+ PORT_Assert( !ss->ssl3.hs.canFalseStart );
-+
-+ if (!ss->canFalseStartCallback) {
-+ SSL_TRC(3, ("%d: SSL[%d]: no false start callback so no false start",
-+ SSL_GETPID(), ss->fd));
-+ } else {
-+ PRBool maybeFalseStart;
-+ SECStatus rv;
-+
-+ /* An attacker can control the selected ciphersuite so we only wish to
-+ * do False Start in the case that the selected ciphersuite is
-+ * sufficiently strong that the attack can gain no advantage.
-+ * Therefore we always require an 80-bit cipher. */
-+ ssl_GetSpecReadLock(ss);
-+ maybeFalseStart = ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10;
-+ ssl_ReleaseSpecReadLock(ss);
-+
-+ if (!maybeFalseStart) {
-+ SSL_TRC(3, ("%d: SSL[%d]: no false start due to weak cipher",
-+ SSL_GETPID(), ss->fd));
-+ } else {
-+ rv = (ss->canFalseStartCallback)(ss->fd,
-+ ss->canFalseStartCallbackData,
-+ &ss->ssl3.hs.canFalseStart);
-+ if (rv == SECSuccess) {
-+ SSL_TRC(3, ("%d: SSL[%d]: false start callback returned %s",
-+ SSL_GETPID(), ss->fd,
-+ ss->ssl3.hs.canFalseStart ? "TRUE" : "FALSE"));
-+ } else {
-+ SSL_TRC(3, ("%d: SSL[%d]: false start callback failed (%s)",
-+ SSL_GETPID(), ss->fd,
-+ PR_ErrorToName(PR_GetError())));
-+ }
-+ return rv;
-+ }
-+ }
-+
-+ ss->ssl3.hs.canFalseStart = PR_FALSE;
-+ return SECSuccess;
-+}
-+
- PRBool
--ssl3_CanFalseStart(sslSocket *ss) {
-- PRBool rv;
-+ssl3_WaitingForStartOfServerSecondRound(sslSocket *ss)
-+{
-+ PRBool result = PR_FALSE;
-
- PORT_Assert( ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss) );
-
-- /* XXX: does not take into account whether we are waiting for
-- * SSL_AuthCertificateComplete or SSL_RestartHandshakeAfterCertReq. If/when
-- * that is done, this function could return different results each time it
-- * would be called.
-- */
-+ switch (ss->ssl3.hs.ws) {
-+ case wait_new_session_ticket:
-+ result = PR_TRUE;
-+ break;
-+ case wait_change_cipher:
-+ result = !ssl3_ExtensionNegotiated(ss, ssl_session_ticket_xtn);
-+ break;
-+ case wait_finished:
-+ break;
-+ default:
-+ PR_NOT_REACHED("ssl3_WaitingForStartOfServerSecondRound");
-+ }
-
-- ssl_GetSpecReadLock(ss);
-- rv = ss->opt.enableFalseStart &&
-- !ss->sec.isServer &&
-- !ss->ssl3.hs.isResuming &&
-- ss->ssl3.cwSpec &&
--
-- /* An attacker can control the selected ciphersuite so we only wish to
-- * do False Start in the case that the selected ciphersuite is
-- * sufficiently strong that the attack can gain no advantage.
-- * Therefore we require an 80-bit cipher and a forward-secret key
-- * exchange. */
-- ss->ssl3.cwSpec->cipher_def->secret_key_size >= 10 &&
-- (ss->ssl3.hs.kea_def->kea == kea_dhe_dss ||
-- ss->ssl3.hs.kea_def->kea == kea_dhe_rsa ||
-- ss->ssl3.hs.kea_def->kea == kea_ecdhe_ecdsa ||
-- ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa);
-- ssl_ReleaseSpecReadLock(ss);
-- return rv;
-+ return result;
- }
-
- static SECStatus ssl3_SendClientSecondRound(sslSocket *ss);
-@@ -6785,6 +6822,9 @@ ssl3_SendClientSecondRound(sslSocket *ss)
- }
- if (ss->ssl3.hs.authCertificatePending &&
- (sendClientCert || ss->ssl3.sendEmptyCert || ss->firstHsDone)) {
-+ SSL_TRC(3, ("%d: SSL3[%p]: deferring ssl3_SendClientSecondRound because"
-+ " certificate authentication is still pending.",
-+ SSL_GETPID(), ss->fd));
- ss->ssl3.hs.restartTarget = ssl3_SendClientSecondRound;
- return SECWouldBlock;
- }
-@@ -6822,14 +6862,50 @@ ssl3_SendClientSecondRound(sslSocket *ss)
- goto loser; /* err code was set. */
- }
-
-- /* XXX: If the server's certificate hasn't been authenticated by this
-- * point, then we may be leaking this NPN message to an attacker.
-+ /* This must be done after we've set ss->ssl3.cwSpec in
-+ * ssl3_SendChangeCipherSpecs because SSL_GetChannelInfo uses information
-+ * from cwSpec. This must be done before we call ssl3_CheckFalseStart
-+ * because the false start callback (if any) may need the information from
-+ * the functions that depend on this being set.
- */
-+ ss->enoughFirstHsDone = PR_TRUE;
-+
- if (!ss->firstHsDone) {
-+ /* XXX: If the server's certificate hasn't been authenticated by this
-+ * point, then we may be leaking this NPN message to an attacker.
-+ */
- rv = ssl3_SendNextProto(ss);
- if (rv != SECSuccess) {
- goto loser; /* err code was set. */
- }
-+
-+ if (ss->opt.enableFalseStart) {
-+ if (!ss->ssl3.hs.authCertificatePending) {
-+ /* When we fix bug 589047, we will need to know whether we are
-+ * false starting before we try to flush the client second
-+ * round to the network. With that in mind, we purposefully
-+ * call ssl3_CheckFalseStart before calling ssl3_SendFinished,
-+ * which includes a call to ssl3_FlushHandshake, so that
-+ * no application develops a reliance on such flushing being
-+ * done before its false start callback is called.
-+ */
-+ ssl_ReleaseXmitBufLock(ss);
-+ rv = ssl3_CheckFalseStart(ss);
-+ ssl_GetXmitBufLock(ss);
-+ if (rv != SECSuccess) {
-+ goto loser;
-+ }
-+ } else {
-+ /* The certificate authentication and the server's Finished
-+ * message are racing each other. If the certificate
-+ * authentication wins, then we will try to false start in
-+ * ssl3_AuthCertificateComplete.
-+ */
-+ SSL_TRC(3, ("%d: SSL3[%p]: deferring false start check because"
-+ " certificate authentication is still pending.",
-+ SSL_GETPID(), ss->fd));
-+ }
-+ }
- }
-
- rv = ssl3_SendFinished(ss, 0);
-@@ -6844,10 +6920,7 @@ ssl3_SendClientSecondRound(sslSocket *ss)
- else
- ss->ssl3.hs.ws = wait_change_cipher;
-
-- /* Do the handshake callback for sslv3 here, if we can false start. */
-- if (ss->handshakeCallback != NULL && ssl3_CanFalseStart(ss)) {
-- (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
-- }
-+ PORT_Assert(ssl3_WaitingForStartOfServerSecondRound(ss));
-
- return SECSuccess;
-
-@@ -9421,13 +9494,6 @@ ssl3_AuthCertificate(sslSocket *ss)
-
- ss->ssl3.hs.authCertificatePending = PR_TRUE;
- rv = SECSuccess;
--
-- /* XXX: Async cert validation and False Start don't work together
-- * safely yet; if we leave False Start enabled, we may end up false
-- * starting (sending application data) before we
-- * SSL_AuthCertificateComplete has been called.
-- */
-- ss->opt.enableFalseStart = PR_FALSE;
- }
-
- if (rv != SECSuccess) {
-@@ -9551,6 +9617,12 @@ ssl3_AuthCertificateComplete(sslSocket *ss, PRErrorCode error)
- } else if (ss->ssl3.hs.restartTarget != NULL) {
- sslRestartTarget target = ss->ssl3.hs.restartTarget;
- ss->ssl3.hs.restartTarget = NULL;
-+
-+ if (target == ssl3_FinishHandshake) {
-+ SSL_TRC(3,("%d: SSL3[%p]: certificate authentication lost the race"
-+ " with peer's finished message", SSL_GETPID(), ss->fd));
-+ }
-+
- rv = target(ss);
- /* Even if we blocked here, we have accomplished enough to claim
- * success. Any remaining work will be taken care of by subsequent
-@@ -9560,7 +9632,29 @@ ssl3_AuthCertificateComplete(sslSocket *ss, PRErrorCode error)
- rv = SECSuccess;
- }
- } else {
-- rv = SECSuccess;
-+ SSL_TRC(3, ("%d: SSL3[%p]: certificate authentication won the race with"
-+ " peer's finished message", SSL_GETPID(), ss->fd));
-+
-+ PORT_Assert(!ss->firstHsDone);
-+ PORT_Assert(!ss->sec.isServer);
-+ PORT_Assert(!ss->ssl3.hs.isResuming);
-+ PORT_Assert(ss->ssl3.hs.ws == wait_new_session_ticket ||
-+ ss->ssl3.hs.ws == wait_change_cipher ||
-+ ss->ssl3.hs.ws == wait_finished);
-+
-+ /* ssl3_SendClientSecondRound deferred the false start check because
-+ * certificate authentication was pending, so we do it now if we still
-+ * haven't received any of the server's second round yet.
-+ */
-+ if (ss->opt.enableFalseStart &&
-+ !ss->firstHsDone &&
-+ !ss->sec.isServer &&
-+ !ss->ssl3.hs.isResuming &&
-+ ssl3_WaitingForStartOfServerSecondRound(ss)) {
-+ rv = ssl3_CheckFalseStart(ss);
-+ } else {
-+ rv = SECSuccess;
-+ }
- }
-
- done:
-@@ -10023,9 +10117,6 @@ xmit_loser:
- return rv;
- }
-
-- ss->gs.writeOffset = 0;
-- ss->gs.readOffset = 0;
--
- if (ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa) {
- effectiveExchKeyType = kt_rsa;
- } else {
-@@ -10090,6 +10181,9 @@ xmit_loser:
- return rv;
- }
-
-+/* The return type is SECStatus instead of void because this function needs
-+ * to have type sslRestartTarget.
-+ */
- SECStatus
- ssl3_FinishHandshake(sslSocket * ss)
- {
-@@ -10099,19 +10193,16 @@ ssl3_FinishHandshake(sslSocket * ss)
-
- /* The first handshake is now completed. */
- ss->handshake = NULL;
-- ss->firstHsDone = PR_TRUE;
-
- if (ss->ssl3.hs.cacheSID) {
- (*ss->sec.cache)(ss->sec.ci.sid);
- ss->ssl3.hs.cacheSID = PR_FALSE;
- }
-
-+ ss->ssl3.hs.canFalseStart = PR_FALSE; /* False Start phase is complete */
- ss->ssl3.hs.ws = idle_handshake;
-
-- /* Do the handshake callback for sslv3 here, if we cannot false start. */
-- if (ss->handshakeCallback != NULL && !ssl3_CanFalseStart(ss)) {
-- (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
-- }
-+ ssl_FinishHandshake(ss);
-
- return SECSuccess;
- }
-@@ -11045,7 +11136,6 @@ process_it:
-
- ssl_ReleaseSSL3HandshakeLock(ss);
- return rv;
--
- }
-
- /*
-diff --git a/nss/lib/ssl/ssl3gthr.c b/nss/lib/ssl/ssl3gthr.c
-index 6d62515..03e369d 100644
---- a/nss/lib/ssl/ssl3gthr.c
-+++ b/nss/lib/ssl/ssl3gthr.c
-@@ -275,11 +275,17 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
- {
- SSL3Ciphertext cText;
- int rv;
-- PRBool canFalseStart = PR_FALSE;
-+ PRBool keepGoing = PR_TRUE;
-
- SSL_TRC(30, ("ssl3_GatherCompleteHandshake"));
-
-+ /* ssl3_HandleRecord may end up eventually calling ssl_FinishHandshake,
-+ * which requires the 1stHandshakeLock, which must be acquired before the
-+ * RecvBufLock.
-+ */
-+ PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) );
- PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
-+
- do {
- PRBool handleRecordNow = PR_FALSE;
-
-@@ -368,20 +374,48 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags)
- if (rv < 0) {
- return ss->recvdCloseNotify ? 0 : rv;
- }
-+ if (rv == (int) SECSuccess && ss->gs.buf.len > 0) {
-+ /* We have application data to return to the application. This
-+ * prioritizes returning application data to the application over
-+ * completing any renegotiation handshake we may be doing.
-+ */
-+ PORT_Assert(ss->firstHsDone);
-+ PORT_Assert(cText.type == content_application_data);
-+ break;
-+ }
-
-- /* If we kicked off a false start in ssl3_HandleServerHelloDone, break
-- * out of this loop early without finishing the handshake.
-- */
-- if (ss->opt.enableFalseStart) {
-- ssl_GetSSL3HandshakeLock(ss);
-- canFalseStart = (ss->ssl3.hs.ws == wait_change_cipher ||
-- ss->ssl3.hs.ws == wait_new_session_ticket) &&
-- ssl3_CanFalseStart(ss);
-- ssl_ReleaseSSL3HandshakeLock(ss);
-+ PORT_Assert(keepGoing);
-+ ssl_GetSSL3HandshakeLock(ss);
-+ if (ss->ssl3.hs.ws == idle_handshake) {
-+ /* We are done with the current handshake so stop trying to
-+ * handshake. Note that it would be safe to test ss->firstHsDone
-+ * instead of ss->ssl3.hs.ws. By testing ss->ssl3.hs.ws instead,
-+ * we prioritize completing a renegotiation handshake over sending
-+ * application data.
-+ */
-+ PORT_Assert(ss->firstHsDone);
-+ PORT_Assert(!ss->ssl3.hs.canFalseStart);
-+ keepGoing = PR_FALSE;
-+ } else if (ss->ssl3.hs.canFalseStart) {
-+ /* Prioritize sending application data over trying to complete
-+ * the handshake if we're false starting.
-+ *
-+ * If we were to do this check at the beginning of the loop instead
-+ * of here, then this function would become be a no-op after
-+ * receiving the ServerHelloDone in the false start case, and we
-+ * would never complete the handshake.
-+ */
-+ PORT_Assert(!ss->firstHsDone);
-+
-+ if (ssl3_WaitingForStartOfServerSecondRound(ss)) {
-+ keepGoing = PR_FALSE;
-+ } else {
-+ ss->ssl3.hs.canFalseStart = PR_FALSE;
-+ }
- }
-- } while (ss->ssl3.hs.ws != idle_handshake &&
-- !canFalseStart &&
-- ss->gs.buf.len == 0);
-+ ssl_ReleaseSSL3HandshakeLock(ss);
-+ } while (keepGoing);
-+
-
- ss->gs.readOffset = 0;
- ss->gs.writeOffset = ss->gs.buf.len;
-@@ -404,7 +438,10 @@ ssl3_GatherAppDataRecord(sslSocket *ss, int flags)
- {
- int rv;
-
-+ /* ssl3_GatherCompleteHandshake requires both of these locks. */
-+ PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) );
- PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
-+
- do {
- rv = ssl3_GatherCompleteHandshake(ss, flags);
- } while (rv > 0 && ss->gs.buf.len == 0);
-diff --git a/nss/lib/ssl/sslauth.c b/nss/lib/ssl/sslauth.c
-index d2f57bf..cb956d4 100644
---- a/nss/lib/ssl/sslauth.c
-+++ b/nss/lib/ssl/sslauth.c
-@@ -60,7 +60,6 @@ SSL_SecurityStatus(PRFileDesc *fd, int *op, char **cp, int *kp0, int *kp1,
- sslSocket *ss;
- const char *cipherName;
- PRBool isDes = PR_FALSE;
-- PRBool enoughFirstHsDone = PR_FALSE;
-
- ss = ssl_FindSocket(fd);
- if (!ss) {
-@@ -78,14 +77,7 @@ SSL_SecurityStatus(PRFileDesc *fd, int *op, char **cp, int *kp0, int *kp1,
- *op = SSL_SECURITY_STATUS_OFF;
- }
-
-- if (ss->firstHsDone) {
-- enoughFirstHsDone = PR_TRUE;
-- } else if (ss->version >= SSL_LIBRARY_VERSION_3_0 &&
-- ssl3_CanFalseStart(ss)) {
-- enoughFirstHsDone = PR_TRUE;
-- }
--
-- if (ss->opt.useSecurity && enoughFirstHsDone) {
-+ if (ss->opt.useSecurity && ss->enoughFirstHsDone) {
- if (ss->version < SSL_LIBRARY_VERSION_3_0) {
- cipherName = ssl_cipherName[ss->sec.cipherType];
- } else {
-diff --git a/nss/lib/ssl/sslimpl.h b/nss/lib/ssl/sslimpl.h
-index 90e9567..bf0d67f 100644
---- a/nss/lib/ssl/sslimpl.h
-+++ b/nss/lib/ssl/sslimpl.h
-@@ -842,6 +842,8 @@ const ssl3CipherSuiteDef *suite_def;
- /* Shared state between ssl3_HandleFinished and ssl3_FinishHandshake */
- PRBool cacheSID;
-
-+ PRBool canFalseStart; /* Can/did we False Start */
-+
- /* clientSigAndHash contains the contents of the signature_algorithms
- * extension (if any) from the client. This is only valid for TLS 1.2
- * or later. */
-@@ -1116,6 +1118,10 @@ struct sslSocketStr {
- unsigned long clientAuthRequested;
- unsigned long delayDisabled; /* Nagle delay disabled */
- unsigned long firstHsDone; /* first handshake is complete. */
-+ unsigned long enoughFirstHsDone; /* enough of the first handshake is
-+ * done for callbacks to be able to
-+ * retrieve channel security
-+ * parameters from the SSL socket. */
- unsigned long handshakeBegun;
- unsigned long lastWriteBlocked;
- unsigned long recvdCloseNotify; /* received SSL EOF. */
-@@ -1156,6 +1162,8 @@ const unsigned char * preferredCipher;
- void *badCertArg;
- SSLHandshakeCallback handshakeCallback;
- void *handshakeCallbackData;
-+ SSLCanFalseStartCallback canFalseStartCallback;
-+ void *canFalseStartCallbackData;
- void *pkcs11PinArg;
- SSLNextProtoCallback nextProtoCallback;
- void *nextProtoArg;
-@@ -1358,7 +1366,19 @@ extern void ssl3_SetAlwaysBlock(sslSocket *ss);
-
- extern SECStatus ssl_EnableNagleDelay(sslSocket *ss, PRBool enabled);
-
--extern PRBool ssl3_CanFalseStart(sslSocket *ss);
-+extern void ssl_FinishHandshake(sslSocket *ss);
-+
-+/* Returns PR_TRUE if we are still waiting for the server to respond to our
-+ * client second round. Once we've received any part of the server's second
-+ * round then we don't bother trying to false start since it is almost always
-+ * the case that the NewSessionTicket, ChangeCipherSoec, and Finished messages
-+ * were sent in the same packet and we want to process them all at the same
-+ * time. If we were to try to false start in the middle of the server's second
-+ * round, then we would increase the number of I/O operations
-+ * (SSL_ForceHandshake/PR_Recv/PR_Send/etc.) needed to finish the handshake.
-+ */
-+extern PRBool ssl3_WaitingForStartOfServerSecondRound(sslSocket *ss);
-+
- extern SECStatus
- ssl3_CompressMACEncryptRecord(ssl3CipherSpec * cwSpec,
- PRBool isServer,
-diff --git a/nss/lib/ssl/sslinfo.c b/nss/lib/ssl/sslinfo.c
-index 9f2597e..d0c23b7 100644
---- a/nss/lib/ssl/sslinfo.c
-+++ b/nss/lib/ssl/sslinfo.c
-@@ -26,7 +26,6 @@ SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len)
- sslSocket * ss;
- SSLChannelInfo inf;
- sslSessionID * sid;
-- PRBool enoughFirstHsDone = PR_FALSE;
-
- if (!info || len < sizeof inf.length) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
-@@ -43,14 +42,7 @@ SSL_GetChannelInfo(PRFileDesc *fd, SSLChannelInfo *info, PRUintn len)
- memset(&inf, 0, sizeof inf);
- inf.length = PR_MIN(sizeof inf, len);
-
-- if (ss->firstHsDone) {
-- enoughFirstHsDone = PR_TRUE;
-- } else if (ss->version >= SSL_LIBRARY_VERSION_3_0 &&
-- ssl3_CanFalseStart(ss)) {
-- enoughFirstHsDone = PR_TRUE;
-- }
--
-- if (ss->opt.useSecurity && enoughFirstHsDone) {
-+ if (ss->opt.useSecurity && ss->enoughFirstHsDone) {
- sid = ss->sec.ci.sid;
- inf.protocolVersion = ss->version;
- inf.authKeyBits = ss->sec.authKeyBits;
-diff --git a/nss/lib/ssl/sslreveal.c b/nss/lib/ssl/sslreveal.c
-index dc14794..d972998 100644
---- a/nss/lib/ssl/sslreveal.c
-+++ b/nss/lib/ssl/sslreveal.c
-@@ -77,7 +77,6 @@ SSL_HandshakeNegotiatedExtension(PRFileDesc * socket,
- {
- /* some decisions derived from SSL_GetChannelInfo */
- sslSocket * sslsocket = NULL;
-- PRBool enoughFirstHsDone = PR_FALSE;
-
- if (!pYes) {
- PORT_SetError(SEC_ERROR_INVALID_ARGS);
-@@ -93,14 +92,8 @@ SSL_HandshakeNegotiatedExtension(PRFileDesc * socket,
-
- *pYes = PR_FALSE;
-
-- if (sslsocket->firstHsDone) {
-- enoughFirstHsDone = PR_TRUE;
-- } else if (sslsocket->ssl3.initialized && ssl3_CanFalseStart(sslsocket)) {
-- enoughFirstHsDone = PR_TRUE;
-- }
--
- /* according to public API SSL_GetChannelInfo, this doesn't need a lock */
-- if (sslsocket->opt.useSecurity && enoughFirstHsDone) {
-+ if (sslsocket->opt.useSecurity) {
- if (sslsocket->ssl3.initialized) { /* SSL3 and TLS */
- /* now we know this socket went through ssl3_InitState() and
- * ss->xtnData got initialized, which is the only member accessed by
-diff --git a/nss/lib/ssl/sslsecur.c b/nss/lib/ssl/sslsecur.c
-index 49bb42b..d0df442 100644
---- a/nss/lib/ssl/sslsecur.c
-+++ b/nss/lib/ssl/sslsecur.c
-@@ -97,23 +97,13 @@ ssl_Do1stHandshake(sslSocket *ss)
- ss->securityHandshake = 0;
- }
- if (ss->handshake == 0) {
-- ssl_GetRecvBufLock(ss);
-- ss->gs.recordLen = 0;
-- ssl_ReleaseRecvBufLock(ss);
--
-- SSL_TRC(3, ("%d: SSL[%d]: handshake is completed",
-- SSL_GETPID(), ss->fd));
-- /* call handshake callback for ssl v2 */
-- /* for v3 this is done in ssl3_HandleFinished() */
-- if ((ss->handshakeCallback != NULL) && /* has callback */
-- (!ss->firstHsDone) && /* only first time */
-- (ss->version < SSL_LIBRARY_VERSION_3_0)) { /* not ssl3 */
-- ss->firstHsDone = PR_TRUE;
-- (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
-+ /* for v3 this is done in ssl3_FinishHandshake */
-+ if (!ss->firstHsDone && ss->version < SSL_LIBRARY_VERSION_3_0) {
-+ ssl_GetRecvBufLock(ss);
-+ ss->gs.recordLen = 0;
-+ ssl_FinishHandshake(ss);
-+ ssl_ReleaseRecvBufLock(ss);
- }
-- ss->firstHsDone = PR_TRUE;
-- ss->gs.writeOffset = 0;
-- ss->gs.readOffset = 0;
- break;
- }
- rv = (*ss->handshake)(ss);
-@@ -134,6 +124,24 @@ ssl_Do1stHandshake(sslSocket *ss)
- return rv;
- }
-
-+void
-+ssl_FinishHandshake(sslSocket *ss)
-+{
-+ PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) );
-+ PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
-+
-+ SSL_TRC(3, ("%d: SSL[%d]: handshake is completed", SSL_GETPID(), ss->fd));
-+
-+ ss->firstHsDone = PR_TRUE;
-+ ss->enoughFirstHsDone = PR_TRUE;
-+ ss->gs.writeOffset = 0;
-+ ss->gs.readOffset = 0;
-+
-+ if (ss->handshakeCallback) {
-+ (ss->handshakeCallback)(ss->fd, ss->handshakeCallbackData);
-+ }
-+}
-+
- /*
- * Handshake function that blocks. Used to force a
- * retry on a connection on the next read/write.
-@@ -206,6 +214,7 @@ SSL_ResetHandshake(PRFileDesc *s, PRBool asServer)
- ssl_Get1stHandshakeLock(ss);
-
- ss->firstHsDone = PR_FALSE;
-+ ss->enoughFirstHsDone = PR_FALSE;
- if ( asServer ) {
- ss->handshake = ssl2_BeginServerHandshake;
- ss->handshaking = sslHandshakingAsServer;
-@@ -221,6 +230,8 @@ SSL_ResetHandshake(PRFileDesc *s, PRBool asServer)
- ssl_ReleaseRecvBufLock(ss);
-
- ssl_GetSSL3HandshakeLock(ss);
-+ ss->ssl3.hs.canFalseStart = PR_FALSE;
-+ ss->ssl3.hs.restartTarget = NULL;
-
- /*
- ** Blow away old security state and get a fresh setup.
-@@ -331,6 +342,71 @@ SSL_HandshakeCallback(PRFileDesc *fd, SSLHandshakeCallback cb,
- return SECSuccess;
- }
-
-+/* Register an application callback to be called when false start may happen.
-+** Acquires and releases HandshakeLock.
-+*/
-+SECStatus
-+SSL_SetCanFalseStartCallback(PRFileDesc *fd, SSLCanFalseStartCallback cb,
-+ void *arg)
-+{
-+ sslSocket *ss;
-+
-+ ss = ssl_FindSocket(fd);
-+ if (!ss) {
-+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_SetCanFalseStartCallback",
-+ SSL_GETPID(), fd));
-+ return SECFailure;
-+ }
-+
-+ if (!ss->opt.useSecurity) {
-+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
-+ return SECFailure;
-+ }
-+
-+ ssl_Get1stHandshakeLock(ss);
-+ ssl_GetSSL3HandshakeLock(ss);
-+
-+ ss->canFalseStartCallback = cb;
-+ ss->canFalseStartCallbackData = arg;
-+
-+ ssl_ReleaseSSL3HandshakeLock(ss);
-+ ssl_Release1stHandshakeLock(ss);
-+
-+ return SECSuccess;
-+}
-+
-+SECStatus
-+SSL_RecommendedCanFalseStart(PRFileDesc *fd, PRBool *canFalseStart)
-+{
-+ sslSocket *ss;
-+
-+ *canFalseStart = PR_FALSE;
-+ ss = ssl_FindSocket(fd);
-+ if (!ss) {
-+ SSL_DBG(("%d: SSL[%d]: bad socket in SSL_RecommendedCanFalseStart",
-+ SSL_GETPID(), fd));
-+ return SECFailure;
-+ }
-+
-+ if (!ss->ssl3.initialized) {
-+ PORT_SetError(SEC_ERROR_INVALID_ARGS);
-+ return SECFailure;
-+ }
-+
-+ if (ss->version < SSL_LIBRARY_VERSION_3_0) {
-+ PORT_SetError(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2);
-+ return SECFailure;
-+ }
-+
-+ /* Require a forward-secret key exchange. */
-+ *canFalseStart = ss->ssl3.hs.kea_def->kea == kea_dhe_dss ||
-+ ss->ssl3.hs.kea_def->kea == kea_dhe_rsa ||
-+ ss->ssl3.hs.kea_def->kea == kea_ecdhe_ecdsa ||
-+ ss->ssl3.hs.kea_def->kea == kea_ecdhe_rsa;
-+
-+ return SECSuccess;
-+}
-+
- /* Try to make progress on an SSL handshake by attempting to read the
- ** next handshake from the peer, and sending any responses.
- ** For non-blocking sockets, returns PR_ERROR_WOULD_BLOCK if it cannot
-@@ -524,6 +600,9 @@ DoRecv(sslSocket *ss, unsigned char *out, int len, int flags)
- int amount;
- int available;
-
-+ /* ssl3_GatherAppDataRecord may call ssl_FinishHandshake, which needs the
-+ * 1stHandshakeLock. */
-+ ssl_Get1stHandshakeLock(ss);
- ssl_GetRecvBufLock(ss);
-
- available = ss->gs.writeOffset - ss->gs.readOffset;
-@@ -590,6 +669,7 @@ DoRecv(sslSocket *ss, unsigned char *out, int len, int flags)
-
- done:
- ssl_ReleaseRecvBufLock(ss);
-+ ssl_Release1stHandshakeLock(ss);
- return rv;
- }
-
-@@ -1156,7 +1236,7 @@ ssl_SecureRead(sslSocket *ss, unsigned char *buf, int len)
- int
- ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
- {
-- int rv = 0;
-+ int rv = 0;
-
- SSL_TRC(2, ("%d: SSL[%d]: SecureSend: sending %d bytes",
- SSL_GETPID(), ss->fd, len));
-@@ -1191,19 +1271,15 @@ ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
- ss->writerThread = PR_GetCurrentThread();
- /* If any of these is non-zero, the initial handshake is not done. */
- if (!ss->firstHsDone) {
-- PRBool canFalseStart = PR_FALSE;
-+ PRBool falseStart = PR_FALSE;
- ssl_Get1stHandshakeLock(ss);
-- if (ss->version >= SSL_LIBRARY_VERSION_3_0) {
-+ if (ss->opt.enableFalseStart &&
-+ ss->version >= SSL_LIBRARY_VERSION_3_0) {
- ssl_GetSSL3HandshakeLock(ss);
-- if ((ss->ssl3.hs.ws == wait_change_cipher ||
-- ss->ssl3.hs.ws == wait_finished ||
-- ss->ssl3.hs.ws == wait_new_session_ticket) &&
-- ssl3_CanFalseStart(ss)) {
-- canFalseStart = PR_TRUE;
-- }
-+ falseStart = ss->ssl3.hs.canFalseStart;
- ssl_ReleaseSSL3HandshakeLock(ss);
- }
-- if (!canFalseStart &&
-+ if (!falseStart &&
- (ss->handshake || ss->nextHandshake || ss->securityHandshake)) {
- rv = ssl_Do1stHandshake(ss);
- }
-@@ -1228,6 +1304,17 @@ ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags)
- goto done;
- }
-
-+ if (!ss->firstHsDone) {
-+ PORT_Assert(ss->version >= SSL_LIBRARY_VERSION_3_0);
-+#ifdef DEBUG
-+ ssl_GetSSL3HandshakeLock(ss);
-+ PORT_Assert(ss->ssl3.hs.canFalseStart);
-+ ssl_ReleaseSSL3HandshakeLock(ss);
-+#endif
-+ SSL_TRC(3, ("%d: SSL[%d]: SecureSend: sending data due to false start",
-+ SSL_GETPID(), ss->fd));
-+ }
-+
- /* Send out the data using one of these functions:
- * ssl2_SendClear, ssl2_SendStream, ssl2_SendBlock,
- * ssl3_SendApplicationData
-diff --git a/nss/lib/ssl/sslsock.c b/nss/lib/ssl/sslsock.c
-index cd4a7a7..73e069b 100644
---- a/nss/lib/ssl/sslsock.c
-+++ b/nss/lib/ssl/sslsock.c
-@@ -349,6 +349,8 @@ ssl_DupSocket(sslSocket *os)
- ss->badCertArg = os->badCertArg;
- ss->handshakeCallback = os->handshakeCallback;
- ss->handshakeCallbackData = os->handshakeCallbackData;
-+ ss->canFalseStartCallback = os->canFalseStartCallback;
-+ ss->canFalseStartCallbackData = os->canFalseStartCallbackData;
- ss->pkcs11PinArg = os->pkcs11PinArg;
-
- /* Create security data */
-@@ -2341,10 +2343,14 @@ ssl_Poll(PRFileDesc *fd, PRInt16 how_flags, PRInt16 *p_out_flags)
- } else if (new_flags & PR_POLL_WRITE) {
- /* The caller is trying to write, but the handshake is
- ** blocked waiting for data to read, and the first
-- ** handshake has been sent. so do NOT to poll on write.
-+ ** handshake has been sent. So do NOT to poll on write
-+ ** unless we did false start.
- */
-- new_flags ^= PR_POLL_WRITE; /* don't select on write. */
-- new_flags |= PR_POLL_READ; /* do select on read. */
-+ if (!(ss->version >= SSL_LIBRARY_VERSION_3_0 &&
-+ ss->ssl3.hs.canFalseStart)) {
-+ new_flags ^= PR_POLL_WRITE; /* don't select on write. */
-+ }
-+ new_flags |= PR_POLL_READ; /* do select on read. */
- }
- }
- } else if ((new_flags & PR_POLL_READ) && (SSL_DataPending(fd) > 0)) {
---
-1.7.9.5
-
diff --git a/meta/recipes-support/nss/files/nss-CVE-2013-5606.patch b/meta/recipes-support/nss/files/nss-CVE-2013-5606.patch
deleted file mode 100644
index f30475b..0000000
--- a/meta/recipes-support/nss/files/nss-CVE-2013-5606.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-nss: CVE-2013-5606
-
-Upstream-Status: Backport
-
-the patch comes from:
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5606
-https://bugzilla.mozilla.org/show_bug.cgi?id=910438
-http://hg.mozilla.org/projects/nss/rev/d29898e0981c
-
-The CERT_VerifyCert function in lib/certhigh/certvfy.c in
-Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides
-an unexpected return value for an incompatible key-usage certificate
-when the CERTVerifyLog argument is valid, which might allow remote
-attackers to bypass intended access restrictions via a crafted certificate.
-
-Signed-off-by: Li Wang <li.wang@windriver.com>
----
- nss/lib/certhigh/certvfy.c | 7 +++++--
- 1 file changed, 5 insertions(+), 2 deletions(-)
-
-diff --git a/nss/lib/certhigh/certvfy.c b/nss/lib/certhigh/certvfy.c
-index f364ceb..f450205 100644
---- a/nss/lib/certhigh/certvfy.c
-+++ b/nss/lib/certhigh/certvfy.c
-@@ -1312,7 +1312,7 @@ CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
- PORT_SetError(SEC_ERROR_UNTRUSTED_CERT);
- LOG_ERROR_OR_EXIT(log,cert,0,flags);
- } else if (trusted) {
-- goto winner;
-+ goto done;
- }
-
-
-@@ -1340,7 +1340,10 @@ CERT_VerifyCert(CERTCertDBHandle *handle, CERTCertificate *cert,
- }
- }
-
--winner:
-+done:
-+ if (log && log->head) {
-+ return SECFailure;
-+ }
- return(SECSuccess);
-
- loser:
---
-1.7.9.5
-
diff --git a/meta/recipes-support/nss/files/nss-CVE-2014-1492.patch b/meta/recipes-support/nss/files/nss-CVE-2014-1492.patch
deleted file mode 100644
index 1be8a17..0000000
--- a/meta/recipes-support/nss/files/nss-CVE-2014-1492.patch
+++ /dev/null
@@ -1,68 +0,0 @@
-nss: CVE-2014-1492
-
-Upstream-Status: Backport
-
-the patch comes from:
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1492
-https://bugzilla.mozilla.org/show_bug.cgi?id=903885
-
-changeset: 11063:709d4e597979
-user: Kai Engert <kaie@kuix.de>
-date: Wed Mar 05 18:38:55 2014 +0100
-summary: Bug 903885, address requests to clarify comments from wtc
-
-changeset: 11046:2ffa40a3ff55
-tag: tip
-user: Wan-Teh Chang <wtc@google.com>
-date: Tue Feb 25 18:17:08 2014 +0100
-summary: Bug 903885, fix IDNA wildcard handling v4, r=kaie
-
-changeset: 11045:15ea62260c21
-user: Christian Heimes <sites@cheimes.de>
-date: Mon Feb 24 17:50:25 2014 +0100
-summary: Bug 903885, fix IDNA wildcard handling, r=kaie
-
-Signed-off-by: Li Wang <li.wang@windriver.com>
----
- nss/lib/certdb/certdb.c | 15 +++++++++------
- 1 file changed, 9 insertions(+), 6 deletions(-)
-
-diff --git a/nss/lib/certdb/certdb.c b/nss/lib/certdb/certdb.c
-index b7d22bd..91877b7 100644
---- a/nss/lib/certdb/certdb.c
-+++ b/nss/lib/certdb/certdb.c
-@@ -1381,7 +1381,7 @@ cert_TestHostName(char * cn, const char * hn)
- return rv;
- }
- } else {
-- /* New approach conforms to RFC 2818. */
-+ /* New approach conforms to RFC 6125. */
- char *wildcard = PORT_Strchr(cn, '*');
- char *firstcndot = PORT_Strchr(cn, '.');
- char *secondcndot = firstcndot ? PORT_Strchr(firstcndot+1, '.') : NULL;
-@@ -1390,14 +1390,17 @@ cert_TestHostName(char * cn, const char * hn)
- /* For a cn pattern to be considered valid, the wildcard character...
- * - may occur only in a DNS name with at least 3 components, and
- * - may occur only as last character in the first component, and
-- * - may be preceded by additional characters
-+ * - may be preceded by additional characters, and
-+ * - must not be preceded by an IDNA ACE prefix (xn--)
- */
- if (wildcard && secondcndot && secondcndot[1] && firsthndot
-- && firstcndot - wildcard == 1
-- && secondcndot - firstcndot > 1
-- && PORT_Strrchr(cn, '*') == wildcard
-+ && firstcndot - wildcard == 1 /* wildcard is last char in first component */
-+ && secondcndot - firstcndot > 1 /* second component is non-empty */
-+ && PORT_Strrchr(cn, '*') == wildcard /* only one wildcard in cn */
- && !PORT_Strncasecmp(cn, hn, wildcard - cn)
-- && !PORT_Strcasecmp(firstcndot, firsthndot)) {
-+ && !PORT_Strcasecmp(firstcndot, firsthndot)
-+ /* If hn starts with xn--, then cn must start with wildcard */
-+ && (PORT_Strncasecmp(hn, "xn--", 4) || wildcard == cn)) {
- /* valid wildcard pattern match */
- return SECSuccess;
- }
---
-1.7.9.5
-
diff --git a/meta/recipes-support/nss/files/nss-CVE-2014-1544.patch b/meta/recipes-support/nss/files/nss-CVE-2014-1544.patch
deleted file mode 100644
index d6434df..0000000
--- a/meta/recipes-support/nss/files/nss-CVE-2014-1544.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-nss: CVE-2014-1544
-
-the patch comes from:
-https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-1544
-https://hg.mozilla.org/projects/nss/rev/204f22c527f8
-
-author Robert Relyea <rrelyea@redhat.com>
-https://bugzilla.mozilla.org/show_bug.cgi?id=963150
-Bug 963150: Add nssCertificate_AddRef and nssCertificate_Destroy calls
-to PK11_ImportCert to prevent nssTrustDomain_AddCertsToCache from
-freeing the CERTCertificate associated with the NSSCertificate. r=wtc.
-
-Upstream-Status: Pending
-Signed-off-by: Li Wang <li.wang@windriver.com>
----
- nss/lib/pk11wrap/pk11cert.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/nss/lib/pk11wrap/pk11cert.c b/nss/lib/pk11wrap/pk11cert.c
-index 39168b9..3f3edb1 100644
---- a/nss/lib/pk11wrap/pk11cert.c
-+++ b/nss/lib/pk11wrap/pk11cert.c
-@@ -981,8 +981,15 @@ PK11_ImportCert(PK11SlotInfo *slot, CERTCertificate *cert,
- * CERTCertificate, and finish
- */
- nssPKIObject_AddInstance(&c->object, certobj);
-+ /* nssTrustDomain_AddCertsToCache may release a reference to 'c' and
-+ * replace 'c' by a different value. So we add a reference to 'c' to
-+ * prevent 'c' from being destroyed. */
-+ nssCertificate_AddRef(c);
- nssTrustDomain_AddCertsToCache(STAN_GetDefaultTrustDomain(), &c, 1);
-+ /* XXX should we pass the original value of 'c' to
-+ * STAN_ForceCERTCertificateUpdate? */
- (void)STAN_ForceCERTCertificateUpdate(c);
-+ nssCertificate_Destroy(c);
- SECITEM_FreeItem(keyID,PR_TRUE);
- return SECSuccess;
- loser:
---
-1.7.9.5
-
diff --git a/meta/recipes-support/nss/nss.inc b/meta/recipes-support/nss/nss.inc
index d706c43..cf6110d 100644
--- a/meta/recipes-support/nss/nss.inc
+++ b/meta/recipes-support/nss/nss.inc
@@ -16,20 +16,13 @@ SRC_URI = "\
file://nss-fix-support-cross-compiling.patch \
file://nss-no-rpath-for-cross-compiling.patch \
file://nss-fix-incorrect-shebang-of-perl.patch \
- file://nss-3.15.1-fix-CVE-2013-1741.patch \
- file://nss-3.15.1-fix-CVE-2013-5605.patch \
- file://nss-CVE-2014-1492.patch \
- file://nss-CVE-2013-1740.patch \
- file://nss-3.15.1-fix-CVE-2013-1739.patch \
- file://nss-CVE-2013-5606.patch \
- file://nss-CVE-2014-1544.patch \
"
SRC_URI_append_class-target = "\
file://nss.pc.in \
file://signlibs.sh \
"
inherit siteinfo
-PR = "r0"
+
DEPENDS = "sqlite3 nspr zlib nss-native"
DEPENDS_class-native = "sqlite3-native nspr-native zlib-native"
RDEPENDS_${PN} = "perl"
diff --git a/meta/recipes-support/nss/files/nss-fix-incorrect-shebang-of-perl.patch b/meta/recipes-support/nss/nss/nss-fix-incorrect-shebang-of-perl.patch
similarity index 100%
rename from meta/recipes-support/nss/files/nss-fix-incorrect-shebang-of-perl.patch
rename to meta/recipes-support/nss/nss/nss-fix-incorrect-shebang-of-perl.patch
diff --git a/meta/recipes-support/nss/files/nss-fix-support-cross-compiling.patch b/meta/recipes-support/nss/nss/nss-fix-support-cross-compiling.patch
similarity index 100%
rename from meta/recipes-support/nss/files/nss-fix-support-cross-compiling.patch
rename to meta/recipes-support/nss/nss/nss-fix-support-cross-compiling.patch
diff --git a/meta/recipes-support/nss/files/nss-no-rpath-for-cross-compiling.patch b/meta/recipes-support/nss/nss/nss-no-rpath-for-cross-compiling.patch
similarity index 100%
rename from meta/recipes-support/nss/files/nss-no-rpath-for-cross-compiling.patch
rename to meta/recipes-support/nss/nss/nss-no-rpath-for-cross-compiling.patch
diff --git a/meta/recipes-support/nss/files/nss.pc.in b/meta/recipes-support/nss/nss/nss.pc.in
similarity index 100%
rename from meta/recipes-support/nss/files/nss.pc.in
rename to meta/recipes-support/nss/nss/nss.pc.in
diff --git a/meta/recipes-support/nss/files/signlibs.sh b/meta/recipes-support/nss/nss/signlibs.sh
similarity index 100%
rename from meta/recipes-support/nss/files/signlibs.sh
rename to meta/recipes-support/nss/nss/signlibs.sh
diff --git a/meta/recipes-support/nss/nss_3.15.1.bb b/meta/recipes-support/nss/nss_3.15.1.bb
deleted file mode 100644
index 7b06f00..0000000
--- a/meta/recipes-support/nss/nss_3.15.1.bb
+++ /dev/null
@@ -1,9 +0,0 @@
-require nss.inc
-
-SRC_URI += "\
- http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_15_1_RTM/src/${BPN}-${PV}.tar.gz \
-"
-
-SRC_URI[md5sum] = "fb68f4d210ac9397dd0d3c39c4f938eb"
-SRC_URI[sha256sum] = "f994106a33d1f3210f4151bbb3419a1c28fd1cb545caa7dc9afdebd6da626284"
-
diff --git a/meta/recipes-support/nss/nss_3.17.bb b/meta/recipes-support/nss/nss_3.17.bb
new file mode 100644
index 0000000..804783f
--- /dev/null
+++ b/meta/recipes-support/nss/nss_3.17.bb
@@ -0,0 +1,8 @@
+require nss.inc
+
+SRC_URI += "\
+ http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/NSS_3_17_RTM/src/${BPN}-${PV}.tar.gz \
+"
+
+SRC_URI[md5sum] = "081dd99afa12af589c09e2d7cb5f5c6d"
+SRC_URI[sha256sum] = "3b1abcd8f89211dda2cc739bfa76552d080f7ea80482ef2727b006548a7f0c81"
--
1.8.3.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH 3/4] libcap: Upgrade to 2.24
2014-09-05 20:06 ` [PATCH 3/4] libcap: Upgrade to 2.24 Saul Wold
@ 2014-11-04 15:18 ` Burton, Ross
0 siblings, 0 replies; 6+ messages in thread
From: Burton, Ross @ 2014-11-04 15:18 UTC (permalink / raw)
To: Saul Wold; +Cc: OE-core
[-- Attachment #1: Type: text/plain, Size: 682 bytes --]
On 5 September 2014 21:06, Saul Wold <sgw@linux.intel.com> wrote:
> + mv ${D}${libdir}/security ${D}${base_libdir}
>
If 'pam' isn't in DISTRO_FEATURES, this directory doesn't exist so the mv
fails. Clearly we both have set this locally as it built for me too, but
didn't work on every non-LSB autobuilder target.
I went to add a conditional but started ratholling on the libdir vs
base_libdir hackery which now there's a pkgconfig file means the library is
in /lib but libcap.pc claims its in /usr/lib... and SBINDIR in the makefile
doesn't do anything as it isn't inherited to the submakes, and and argh why
can't people just use autotools!
Ross
[-- Attachment #2: Type: text/html, Size: 1185 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2014-11-04 15:18 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-09-05 20:06 [PATCH 0/4] Some final package Updates for 1.7 Saul Wold
2014-09-05 20:06 ` [PATCH 1/4] vala: Update to 0.24.0 Saul Wold
2014-09-05 20:06 ` [PATCH 2/4] findutils: Upgrade to 4.5.14 Saul Wold
2014-09-05 20:06 ` [PATCH 3/4] libcap: Upgrade to 2.24 Saul Wold
2014-11-04 15:18 ` Burton, Ross
2014-09-05 20:06 ` [PATCH 4/4] nss: Upgrade to 3.17 Saul Wold
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox