Commit Graph

16 Commits

Author SHA1 Message Date
Martin Jansa dfcbe97b55 mdns: use git fetcher
* https://opensource.apple.com/tarballs/mDNSResponder/mDNSResponder-${PV}.tar.gz
  is just redirect to unsafe github archives which are regenerated from time to
  time.

* We do have src-uri-bad QA check which prevents to use github archives in SRC_URI
  since 2019:
  https://github.com/openembedded/openembedded-core/commit/21f84fcdd659544437fe393285c407e1e9432043
  but this cannot catch such redirects, see:

$ wget https://opensource.apple.com/tarballs/mDNSResponder/mDNSResponder-878.30.4.tar.gz
--2023-01-31 10:06:02--  https://opensource.apple.com/tarballs/mDNSResponder/mDNSResponder-878.30.4.tar.gz
Resolving opensource.apple.com (opensource.apple.com)... 17.253.73.203, 17.253.73.206, 2a01:b740:a26:f000::5, ...
Connecting to opensource.apple.com (opensource.apple.com)|17.253.73.203|:443... connected.
HTTP request sent, awaiting response... 302 Redirect
Location: https://github.com/apple-oss-distributions/mDNSResponder/archive/refs/tags/mDNSResponder-878.30.4.tar.gz [following]
--2023-01-31 10:06:02--  https://github.com/apple-oss-distributions/mDNSResponder/archive/refs/tags/mDNSResponder-878.30.4.tar.gz
Resolving github.com (github.com)... 140.82.121.3
Connecting to github.com (github.com)|140.82.121.3|:443... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://codeload.github.com/apple-oss-distributions/mDNSResponder/tar.gz/refs/tags/mDNSResponder-878.30.4 [following]
--2023-01-31 10:06:02--  https://codeload.github.com/apple-oss-distributions/mDNSResponder/tar.gz/refs/tags/mDNSResponder-878.30.4
Resolving codeload.github.com (codeload.github.com)... 140.82.121.10
Connecting to codeload.github.com (codeload.github.com)|140.82.121.10|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [application/x-gzip]
Saving to: ?mDNSResponder-878.30.4.tar.gz?

* The tarball was regenerated recently as discussed in:
  https://github.com/orgs/community/discussions/45830

* Use top-level directory in S to fix DEBUG_PREFIX_MAP usage
  like the version in master does, the only exception here is that
  there still was top-level Makefile (which fails to set VER with:
  Makefile:26: *** missing separator.  Stop.
  so use the simple one like newer version in master)
* it's already included in master as part of version upgrade in:
  https://github.com/openembedded/meta-openembedded/commit/ec96eb577bd518b89e2e7834bd569ba269df458f

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2023-03-05 07:44:28 -05:00
Khem Raj f2df270179 recipes: Use new CVE_CHECK_IGNORE variable
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2022-02-21 18:12:04 -08:00
Khem Raj d04f3c9bfe mdns: Upgrade to 1310.140.1
Fix build with musl while here

Signed-off-by: Khem Raj <raj.khem@gmail.com>
2021-11-04 07:43:14 -07:00
Martin Jansa c61dc077bb Convert to new override syntax
This is the result of automated script (0.9.1) conversion:

oe-core/scripts/contrib/convert-overrides.py .

converting the metadata to use ":" as the override character instead of "_".

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
2021-08-03 10:21:25 -07:00
Sana Kazi f37e5423da mdns: Whitelisted CVE-2007-0613 for mdns
CVE-2007-0613 is not applicable as it only affects Apple products
i.e. ichat,mdnsresponder, instant message framework and MacOS.
Also, https://www.exploit-db.com/exploits/3230 shows the part of code
affected by CVE-2007-0613 which is not preset in upstream source code.
Hence, CVE-2007-0613 does not affect other Yocto implementations and
is not reported for other distros can be marked whitelisted.
Links:
https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-0613
https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2007-0613
https://security-tracker.debian.org/tracker/CVE-2007-0613
https://ubuntu.com/security/CVE-2007-0613
https://vulmon.com/vulnerabilitydetails?qid=CVE-2007-0613

Signed-off-by: Sana Kazi <Sana.Kazi@kpit.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2021-03-08 22:44:45 -08:00
Zheng Ruoqin c184746be9 mdns: upgrade 1096.40.7 -> 1310.40.42
Refresh the following patch:
0001-mdns-include-stddef.h-for-NULL.patch

Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2021-01-12 00:54:53 -08:00
Mikko Rapeli d12ea80ef5 mdns: add BSD-3-Clause to LICENSE
The LICENSE file in source tree says:

The majority of the source code in the mDNSResponder project is licensed
under the terms of the Apache License, Version 2.0, available from:
   <http://www.apache.org/licenses/LICENSE-2.0>

To accommodate license compatibility with the widest possible range
of client code licenses, the shared library code, which is linked
at runtime into the same address space as the client using it, is
licensed under the terms of the "Three-Clause BSD License".

The Linux Name Service Switch code, contributed by National ICT
Australia Ltd (NICTA) is licensed under the terms of the NICTA Public
Software Licence (which is substantially similar to the "Three-Clause
BSD License", with some additional language pertaining to Australian law).

Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2020-09-08 11:53:53 -07:00
Mikko Rapeli 6c14299d09 mdns: set CVE_PRODUCT to "apple:mdnsresponder"
This is used in CVEs like
https://nvd.nist.gov/vuln/detail/CVE-2015-7987

Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2020-09-08 11:53:53 -07:00
Mikko Rapeli 21afab4609 mdns: update to version 1096.40.7
Refresh Makefile patch (build.patch) to properly cross compile
mdns. Then try refresh patches which still apply. Following patches
don't apply anymore due to refactoring done on mdns side so thus
dropping patches:

 * 0005-Handle-noisy-netlink-sockets.patch
 * 0007-Indicate-loopback-interface-to-mDNS-core.patch

Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2020-09-08 11:53:53 -07:00
Wang Mingyu 49371d0e48 mdns: upgrade 878.260.1 -> 878.270.2
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2020-04-08 08:15:03 -07:00
Matt Hoosier a44430fe91 mdns: improve numerous aspects of Posix backend
Apple's default implementation of the Posix backend for mDNSResponder
has a number of weaknesses. Address several of them, most notably:

* Improve interface tracking, preventing confusion to mdns's state
  machine. Prevents spurious removal/republication cycles whenever
  network interfaces are added or removed.

* Support network interfaces whose indeces are great than 31. Indices
  grow past that range surprisingly quickly, especially with multi-
  homed, mobile, wifi, Bluetooth, VPN, VLANs, or other interfaces
  present.

* Correctly handle edge cases during removal of a network interface.

The fixes are kept as a patch series for clarity.

Signed-off-by: Matt Hoosier <matt.hoosier@garmin.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2020-02-06 07:20:03 -08:00
Zheng Ruoqin 82888970bf mdns: upgrade 878.200.35 -> 878.260.1
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-11-04 12:14:08 -08:00
Adrian Bunk b317539ef1 mdns: Mark as incompatible with musl
musl does not support mDNS or NSS plugins.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-11-01 17:22:52 -07:00
Oleksandr Kravchuk 4a7b942dc1 mdns: update to 878.200.35
Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
2019-05-23 08:26:14 -07:00
Khem Raj f6225a9f7e mdns: Do not include nss.h with musl
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2018-04-04 13:32:28 -04:00
Paul Eggleton b5281a99c7 mdns: move from meta-intel-iot-middleware
The following improvements have been made over the recipe that was in
meta-intel-iot-middleware (a layer which is no longer actively
maintained):

* Upgrade to latest upstream version (765.50.9)
* Fix compilation failures by passing CC and LD
* Fix "no GNU hash in the ELF binary" issue
* Point S at the correct source subdirectory so that "make clean" works
* Fix lack of soname on libdns_sd.so leading to missing RDEPENDS QA error
* Add SUMMARY

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
2017-10-11 16:22:50 -04:00