[PATCH 1/6] libjpeg-turbo: upgrade to 1.5.2

[PATCH 1/6] libjpeg-turbo: upgrade to 1.5.2

[Maxin B. John]

1.5.1 -> 1.5.2

Remove this backported patch:
        1. fix-mips.patch

Signed-off-by: Maxin B. John <maxin.john@intel.com>
---
 .../jpeg/libjpeg-turbo/fix-mips.patch              | 45 ----------------------
 ...bjpeg-turbo_1.5.1.bb => libjpeg-turbo_1.5.2.bb} |  8 ++--
 2 files changed, 4 insertions(+), 49 deletions(-)
 delete mode 100644 meta/recipes-graphics/jpeg/libjpeg-turbo/fix-mips.patch
 rename meta/recipes-graphics/jpeg/{libjpeg-turbo_1.5.1.bb => libjpeg-turbo_1.5.2.bb} (90%)

diff --git a/meta/recipes-graphics/jpeg/libjpeg-turbo/fix-mips.patch b/meta/recipes-graphics/jpeg/libjpeg-turbo/fix-mips.patch
deleted file mode 100644
index 4d41237..0000000
--- a/meta/recipes-graphics/jpeg/libjpeg-turbo/fix-mips.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-Fix a regression that causes the MIPS code from building.
-
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-From 7bfb22af123ac10798a9a4c9ec7b23e5065db35e Mon Sep 17 00:00:00 2001
-From: DRC <information@libjpeg-turbo.org>
-Date: Mon, 26 Sep 2016 17:59:14 -0500
-Subject: [PATCH] Fix broken MIPS build
-
-Regression introduced by 9055fb408dcb585ce9392d395e16630d51002152
-
-Fixes #104
----
- ChangeLog.md      | 3 +++
- simd/jsimd_mips.c | 2 ++
- 2 files changed, 5 insertions(+)
-
-diff --git a/ChangeLog.md b/ChangeLog.md
-index e2b9df3..71ddcaa 100644
---- a/ChangeLog.md
-+++ b/ChangeLog.md
-@@ -6,6 +6,9 @@
- 1. Fixed a regression introduced by 1.5.1[7] that prevented libjpeg-turbo from
- building with Android NDK platforms prior to android-21 (5.0).
- 
-+2. Fixed a regression introduced by 1.5.1[1] that prevented the MIPS DSPR2 SIMD
-+code in libjpeg-turbo from building.
-+
- 
- 1.5.1
- =====
-diff --git a/simd/jsimd_mips.c b/simd/jsimd_mips.c
-index 63b8115..02e90cd 100644
---- a/simd/jsimd_mips.c
-+++ b/simd/jsimd_mips.c
-@@ -63,6 +63,8 @@ parse_proc_cpuinfo(const char* search_string)
- LOCAL(void)
- init_simd (void)
- {
-+  char *env = NULL;
-+
-   if (simd_support != ~0U)
-     return;
- 
diff --git a/meta/recipes-graphics/jpeg/libjpeg-turbo_1.5.1.bb b/meta/recipes-graphics/jpeg/libjpeg-turbo_1.5.2.bb
similarity index 90%
rename from meta/recipes-graphics/jpeg/libjpeg-turbo_1.5.1.bb
rename to meta/recipes-graphics/jpeg/libjpeg-turbo_1.5.2.bb
index de2eeaf..58646d3 100644
--- a/meta/recipes-graphics/jpeg/libjpeg-turbo_1.5.1.bb
+++ b/meta/recipes-graphics/jpeg/libjpeg-turbo_1.5.2.bb
@@ -10,10 +10,10 @@ LIC_FILES_CHKSUM = "file://cdjpeg.h;endline=13;md5=05bab7c7ad899d85bfba60da1a127
 DEPENDS_append_x86-64_class-target = " nasm-native"
 DEPENDS_append_x86_class-target    = " nasm-native"
 
-SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.gz \
-           file://fix-mips.patch"
-SRC_URI[md5sum] = "55deb139b0cac3c8200b75d485fc13f3"
-SRC_URI[sha256sum] = "41429d3d253017433f66e3d472b8c7d998491d2f41caa7306b8d9a6f2a2c666c"
+SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BPN}-${PV}.tar.gz"
+
+SRC_URI[md5sum] = "6b4923e297a7eaa255f08511017a8818"
+SRC_URI[sha256sum] = "9098943b270388727ae61de82adec73cf9f0dbb240b3bc8b172595ebf405b528"
 UPSTREAM_CHECK_URI = "http://sourceforge.net/projects/libjpeg-turbo/files/"
 UPSTREAM_CHECK_REGEX = "/libjpeg-turbo/files/(?P<pver>(\d+[\.\-_]*)+)/"
 
-- 
2.4.0

[PATCH 2/6] libsolv: upgrade to 0.6.28

[Maxin B. John]

0.6.27 -> 0.6.28

Signed-off-by: Maxin B. John <maxin.john@intel.com>
---
 meta/recipes-extended/libsolv/{libsolv_0.6.27.bb => libsolv_0.6.28.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-extended/libsolv/{libsolv_0.6.27.bb => libsolv_0.6.28.bb} (95%)

diff --git a/meta/recipes-extended/libsolv/libsolv_0.6.27.bb b/meta/recipes-extended/libsolv/libsolv_0.6.28.bb
similarity index 95%
rename from meta/recipes-extended/libsolv/libsolv_0.6.27.bb
rename to meta/recipes-extended/libsolv/libsolv_0.6.28.bb
index 7ddd533..3a48f22 100644
--- a/meta/recipes-extended/libsolv/libsolv_0.6.27.bb
+++ b/meta/recipes-extended/libsolv/libsolv_0.6.28.bb
@@ -13,7 +13,7 @@ SRC_URI_append_libc-musl = " file://0001-Add-fallback-fopencookie-implementation
                              file://0002-Fixes-to-internal-fopencookie-implementation.patch \
                            "
 
-SRCREV = "9fa1535e2fc60609c29633925e692603782b477b"
+SRCREV = "b8a9ddd88eb4e0ab351eb55a53186b5dc5ac0825"
 UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+(\.\d+)+)"
 
 S = "${WORKDIR}/git"
-- 
2.4.0

[PATCH 3/6] orc: upgrade to 0.4.27

[Maxin B. John]

0.4.26 -> 0.4.27

Signed-off-by: Maxin B. John <maxin.john@intel.com>
---
 meta/recipes-devtools/orc/{orc_0.4.26.bb => orc_0.4.27.bb} | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-devtools/orc/{orc_0.4.26.bb => orc_0.4.27.bb} (84%)

diff --git a/meta/recipes-devtools/orc/orc_0.4.26.bb b/meta/recipes-devtools/orc/orc_0.4.27.bb
similarity index 84%
rename from meta/recipes-devtools/orc/orc_0.4.26.bb
rename to meta/recipes-devtools/orc/orc_0.4.27.bb
index e47342f..303f991 100644
--- a/meta/recipes-devtools/orc/orc_0.4.26.bb
+++ b/meta/recipes-devtools/orc/orc_0.4.27.bb
@@ -5,8 +5,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=1400bd9d09e8af56b9ec982b3d85797e"
 
 SRC_URI = "http://gstreamer.freedesktop.org/src/orc/orc-${PV}.tar.xz"
 
-SRC_URI[md5sum] = "8e9bef677bae289d3324d81c337a4507"
-SRC_URI[sha256sum] = "7d52fa80ef84988359c3434e1eea302d077a08987abdde6905678ebcad4fa649"
+SRC_URI[md5sum] = "5837dc20dacb5b668935bbded10cbb61"
+SRC_URI[sha256sum] = "51e53e58fc8158e5986a1f1a49a6d970c5b16493841cf7b9de2c2bde7ce36b93"
 
 inherit autotools pkgconfig gtk-doc
 
-- 
2.4.0

[PATCH 4/6] bluez5: upgrade to 5.46

[Maxin B. John]

5.45 -> 5.46

Signed-off-by: Maxin B. John <maxin.john@intel.com>
---
 meta/recipes-connectivity/bluez5/{bluez5_5.45.bb => bluez5_5.46.bb} | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-connectivity/bluez5/{bluez5_5.45.bb => bluez5_5.46.bb} (91%)

diff --git a/meta/recipes-connectivity/bluez5/bluez5_5.45.bb b/meta/recipes-connectivity/bluez5/bluez5_5.46.bb
similarity index 91%
rename from meta/recipes-connectivity/bluez5/bluez5_5.45.bb
rename to meta/recipes-connectivity/bluez5/bluez5_5.46.bb
index d5f516c..93f4be3 100644
--- a/meta/recipes-connectivity/bluez5/bluez5_5.45.bb
+++ b/meta/recipes-connectivity/bluez5/bluez5_5.46.bb
@@ -2,8 +2,8 @@ require bluez5.inc
 
 REQUIRED_DISTRO_FEATURES = "bluez5"
 
-SRC_URI[md5sum] = "20d936917afc7e1ffa091f5213081c55"
-SRC_URI[sha256sum] = "4cacb00703a6bc149cb09502257d321597d43952374a16f3558766ffa85364e9"
+SRC_URI[md5sum] = "913f35d6fa4ca5772c53adb936bf1947"
+SRC_URI[sha256sum] = "ddab3d3837c1afb8ae228a94ba17709a4650bd4db24211b6771ab735c8908e28"
 
 # noinst programs in Makefile.tools that are conditional on READLINE
 # support
-- 
2.4.0

[PATCH 5/6] sqlite3: upgrade to 3.19.3

[Maxin B. John]

3.19.2 -> 3.19.3

Fixes a bug associated with auto_vacuum that can lead to database
corruption.

Signed-off-by: Maxin B. John <maxin.john@intel.com>
---
 meta/recipes-support/sqlite/{sqlite3_3.19.2.bb => sqlite3_3.19.3.bb} | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-support/sqlite/{sqlite3_3.19.2.bb => sqlite3_3.19.3.bb} (59%)

diff --git a/meta/recipes-support/sqlite/sqlite3_3.19.2.bb b/meta/recipes-support/sqlite/sqlite3_3.19.3.bb
similarity index 59%
rename from meta/recipes-support/sqlite/sqlite3_3.19.2.bb
rename to meta/recipes-support/sqlite/sqlite3_3.19.3.bb
index cf87073..89d4395 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.19.2.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.19.3.bb
@@ -6,5 +6,5 @@ LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=65f0a57ca6928710b418c094b357
 SRC_URI = "\
   http://www.sqlite.org/2017/sqlite-autoconf-${SQLITE_PV}.tar.gz \
   "
-SRC_URI[md5sum] = "9f006b16de2cd81f6bae9b40e91daabf"
-SRC_URI[sha256sum] = "ca5361fb01cc3ad63d6fd4eb2cb0b6398e629595896d3558f7e121d37dac2ffc"
+SRC_URI[md5sum] = "c93070d5bf136ce271db23d2dfbc2435"
+SRC_URI[sha256sum] = "06129c03dced9f87733a8cba408871bd60673b8f93b920ba8d815efab0a06301"
-- 
2.4.0

[PATCH 6/6] libtirpc: upgrade to 1.0.2

[Maxin B. John]

1.0.1 -> 1.0.2

Remove these Backported and upstreamed patches:
        1. 0001-Fix-for-CVE-2017-8779.patch
        2. libtirpc-0.2.1-fortify.patch
        3. libtirpc-1.0.2-rc3.patc

Signed-off-by: Maxin B. John <maxin.john@intel.com>
---
 .../libtirpc/0001-Fix-for-CVE-2017-8779.patch      | 276 --------
 .../libtirpc/libtirpc/libtirpc-0.2.1-fortify.patch |  26 -
 .../libtirpc/libtirpc/libtirpc-1.0.2-rc3.patch     | 743 ---------------------
 .../{libtirpc_1.0.1.bb => libtirpc_1.0.2.bb}       |   7 +-
 4 files changed, 2 insertions(+), 1050 deletions(-)
 delete mode 100644 meta/recipes-extended/libtirpc/libtirpc/0001-Fix-for-CVE-2017-8779.patch
 delete mode 100644 meta/recipes-extended/libtirpc/libtirpc/libtirpc-0.2.1-fortify.patch
 delete mode 100644 meta/recipes-extended/libtirpc/libtirpc/libtirpc-1.0.2-rc3.patch
 rename meta/recipes-extended/libtirpc/{libtirpc_1.0.1.bb => libtirpc_1.0.2.bb} (81%)

diff --git a/meta/recipes-extended/libtirpc/libtirpc/0001-Fix-for-CVE-2017-8779.patch b/meta/recipes-extended/libtirpc/libtirpc/0001-Fix-for-CVE-2017-8779.patch
deleted file mode 100644
index b3bae67..0000000
--- a/meta/recipes-extended/libtirpc/libtirpc/0001-Fix-for-CVE-2017-8779.patch
+++ /dev/null
@@ -1,276 +0,0 @@
-From dd9c7cf4f8f375c6d641b760d124650c418c2ce3 Mon Sep 17 00:00:00 2001
-From: Guido Vranken <guidovranken@gmail.com>
-Date: Mon, 15 May 2017 11:12:21 -0400
-Subject: [PATCH] Fix for CVE-2017-8779
-
-Signed-off-by: Steve Dickson <steved@redhat.com>
----
- src/rpc_generic.c |  8 ++++++++
- src/rpcb_prot.c   | 22 ++++++++++++++--------
- src/rpcb_st_xdr.c |  9 +++++----
- src/xdr.c         | 30 +++++++++++++++++++++++++-----
- 4 files changed, 52 insertions(+), 17 deletions(-)
-
-CVE: CVE-2017-8779
-Upstream-Status: Backport
-
-Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
-
-diff --git a/src/rpc_generic.c b/src/rpc_generic.c
-index 2f09a8f..589cbd5 100644
---- a/src/rpc_generic.c
-+++ b/src/rpc_generic.c
-@@ -615,6 +615,9 @@ __rpc_taddr2uaddr_af(int af, const struct netbuf *nbuf)
- 
- 	switch (af) {
- 	case AF_INET:
-+		if (nbuf->len < sizeof(*sin)) {
-+			return NULL;
-+		}
- 		sin = nbuf->buf;
- 		if (inet_ntop(af, &sin->sin_addr, namebuf, sizeof namebuf)
- 		    == NULL)
-@@ -626,6 +629,9 @@ __rpc_taddr2uaddr_af(int af, const struct netbuf *nbuf)
- 		break;
- #ifdef INET6
- 	case AF_INET6:
-+		if (nbuf->len < sizeof(*sin6)) {
-+			return NULL;
-+		}
- 		sin6 = nbuf->buf;
- 		if (inet_ntop(af, &sin6->sin6_addr, namebuf6, sizeof namebuf6)
- 		    == NULL)
-@@ -667,6 +673,8 @@ __rpc_uaddr2taddr_af(int af, const char *uaddr)
- 
- 	port = 0;
- 	sin = NULL;
-+	if (uaddr == NULL)
-+		return NULL;
- 	addrstr = strdup(uaddr);
- 	if (addrstr == NULL)
- 		return NULL;
-diff --git a/src/rpcb_prot.c b/src/rpcb_prot.c
-index 43fd385..a923c8e 100644
---- a/src/rpcb_prot.c
-+++ b/src/rpcb_prot.c
-@@ -41,6 +41,7 @@
- #include <rpc/types.h>
- #include <rpc/xdr.h>
- #include <rpc/rpcb_prot.h>
-+#include "rpc_com.h"
- 
- bool_t
- xdr_rpcb(xdrs, objp)
-@@ -53,13 +54,13 @@ xdr_rpcb(xdrs, objp)
- 	if (!xdr_u_int32_t(xdrs, &objp->r_vers)) {
- 		return (FALSE);
- 	}
--	if (!xdr_string(xdrs, &objp->r_netid, (u_int)~0)) {
-+	if (!xdr_string(xdrs, &objp->r_netid, RPC_MAXDATASIZE)) {
- 		return (FALSE);
- 	}
--	if (!xdr_string(xdrs, &objp->r_addr, (u_int)~0)) {
-+	if (!xdr_string(xdrs, &objp->r_addr, RPC_MAXDATASIZE)) {
- 		return (FALSE);
- 	}
--	if (!xdr_string(xdrs, &objp->r_owner, (u_int)~0)) {
-+	if (!xdr_string(xdrs, &objp->r_owner, RPC_MAXDATASIZE)) {
- 		return (FALSE);
- 	}
- 	return (TRUE);
-@@ -159,19 +160,19 @@ xdr_rpcb_entry(xdrs, objp)
- 	XDR *xdrs;
- 	rpcb_entry *objp;
- {
--	if (!xdr_string(xdrs, &objp->r_maddr, (u_int)~0)) {
-+	if (!xdr_string(xdrs, &objp->r_maddr, RPC_MAXDATASIZE)) {
- 		return (FALSE);
- 	}
--	if (!xdr_string(xdrs, &objp->r_nc_netid, (u_int)~0)) {
-+	if (!xdr_string(xdrs, &objp->r_nc_netid, RPC_MAXDATASIZE)) {
- 		return (FALSE);
- 	}
- 	if (!xdr_u_int32_t(xdrs, &objp->r_nc_semantics)) {
- 		return (FALSE);
- 	}
--	if (!xdr_string(xdrs, &objp->r_nc_protofmly, (u_int)~0)) {
-+	if (!xdr_string(xdrs, &objp->r_nc_protofmly, RPC_MAXDATASIZE)) {
- 		return (FALSE);
- 	}
--	if (!xdr_string(xdrs, &objp->r_nc_proto, (u_int)~0)) {
-+	if (!xdr_string(xdrs, &objp->r_nc_proto, RPC_MAXDATASIZE)) {
- 		return (FALSE);
- 	}
- 	return (TRUE);
-@@ -292,7 +293,7 @@ xdr_rpcb_rmtcallres(xdrs, p)
- 	bool_t dummy;
- 	struct r_rpcb_rmtcallres *objp = (struct r_rpcb_rmtcallres *)(void *)p;
- 
--	if (!xdr_string(xdrs, &objp->addr, (u_int)~0)) {
-+	if (!xdr_string(xdrs, &objp->addr, RPC_MAXDATASIZE)) {
- 		return (FALSE);
- 	}
- 	if (!xdr_u_int(xdrs, &objp->results.results_len)) {
-@@ -312,6 +313,11 @@ xdr_netbuf(xdrs, objp)
- 	if (!xdr_u_int32_t(xdrs, (u_int32_t *) &objp->maxlen)) {
- 		return (FALSE);
- 	}
-+
-+	if (objp->maxlen > RPC_MAXDATASIZE) {
-+		return (FALSE);
-+	}
-+
- 	dummy = xdr_bytes(xdrs, (char **)&(objp->buf),
- 			(u_int *)&(objp->len), objp->maxlen);
- 	return (dummy);
-diff --git a/src/rpcb_st_xdr.c b/src/rpcb_st_xdr.c
-index 08db745..28e6a48 100644
---- a/src/rpcb_st_xdr.c
-+++ b/src/rpcb_st_xdr.c
-@@ -37,6 +37,7 @@
- 
- 
- #include <rpc/rpc.h>
-+#include "rpc_com.h"
- 
- /* Link list of all the stats about getport and getaddr */
- 
-@@ -58,7 +59,7 @@ xdr_rpcbs_addrlist(xdrs, objp)
- 	    if (!xdr_int(xdrs, &objp->failure)) {
- 		return (FALSE);
- 	    }
--	    if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) {
-+	    if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) {
- 		return (FALSE);
- 	    }
- 
-@@ -109,7 +110,7 @@ xdr_rpcbs_rmtcalllist(xdrs, objp)
- 		IXDR_PUT_INT32(buf, objp->failure);
- 		IXDR_PUT_INT32(buf, objp->indirect);
- 	}
--	if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) {
-+	if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) {
- 		return (FALSE);
- 	}
- 	if (!xdr_pointer(xdrs, (char **)&objp->next,
-@@ -147,7 +148,7 @@ xdr_rpcbs_rmtcalllist(xdrs, objp)
- 		objp->failure = (int)IXDR_GET_INT32(buf);
- 		objp->indirect = (int)IXDR_GET_INT32(buf);
- 	}
--	if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) {
-+	if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) {
- 		return (FALSE);
- 	}
- 	if (!xdr_pointer(xdrs, (char **)&objp->next,
-@@ -175,7 +176,7 @@ xdr_rpcbs_rmtcalllist(xdrs, objp)
- 	if (!xdr_int(xdrs, &objp->indirect)) {
- 		return (FALSE);
- 	}
--	if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) {
-+	if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) {
- 		return (FALSE);
- 	}
- 	if (!xdr_pointer(xdrs, (char **)&objp->next,
-diff --git a/src/xdr.c b/src/xdr.c
-index f3fb9ad..b9a1558 100644
---- a/src/xdr.c
-+++ b/src/xdr.c
-@@ -42,8 +42,10 @@
- #include <stdlib.h>
- #include <string.h>
- 
-+#include <rpc/rpc.h>
- #include <rpc/types.h>
- #include <rpc/xdr.h>
-+#include <rpc/rpc_com.h>
- 
- typedef quad_t          longlong_t;     /* ANSI long long type */
- typedef u_quad_t        u_longlong_t;   /* ANSI unsigned long long type */
-@@ -53,7 +55,6 @@ typedef u_quad_t        u_longlong_t;   /* ANSI unsigned long long type */
-  */
- #define XDR_FALSE	((long) 0)
- #define XDR_TRUE	((long) 1)
--#define LASTUNSIGNED	((u_int) 0-1)
- 
- /*
-  * for unit alignment
-@@ -629,6 +630,7 @@ xdr_bytes(xdrs, cpp, sizep, maxsize)
- {
- 	char *sp = *cpp;  /* sp is the actual string pointer */
- 	u_int nodesize;
-+	bool_t ret, allocated = FALSE;
- 
- 	/*
- 	 * first deal with the length since xdr bytes are counted
-@@ -652,6 +654,7 @@ xdr_bytes(xdrs, cpp, sizep, maxsize)
- 		}
- 		if (sp == NULL) {
- 			*cpp = sp = mem_alloc(nodesize);
-+			allocated = TRUE;
- 		}
- 		if (sp == NULL) {
- 			warnx("xdr_bytes: out of memory");
-@@ -660,7 +663,14 @@ xdr_bytes(xdrs, cpp, sizep, maxsize)
- 		/* FALLTHROUGH */
- 
- 	case XDR_ENCODE:
--		return (xdr_opaque(xdrs, sp, nodesize));
-+		ret = xdr_opaque(xdrs, sp, nodesize);
-+		if ((xdrs->x_op == XDR_DECODE) && (ret == FALSE)) {
-+			if (allocated == TRUE) {
-+				free(sp);
-+				*cpp = NULL;
-+			}
-+		}
-+		return (ret);
- 
- 	case XDR_FREE:
- 		if (sp != NULL) {
-@@ -754,6 +764,7 @@ xdr_string(xdrs, cpp, maxsize)
- 	char *sp = *cpp;  /* sp is the actual string pointer */
- 	u_int size;
- 	u_int nodesize;
-+	bool_t ret, allocated = FALSE;
- 
- 	/*
- 	 * first deal with the length since xdr strings are counted-strings
-@@ -793,8 +804,10 @@ xdr_string(xdrs, cpp, maxsize)
- 	switch (xdrs->x_op) {
- 
- 	case XDR_DECODE:
--		if (sp == NULL)
-+		if (sp == NULL) {
- 			*cpp = sp = mem_alloc(nodesize);
-+			allocated = TRUE;
-+		}
- 		if (sp == NULL) {
- 			warnx("xdr_string: out of memory");
- 			return (FALSE);
-@@ -803,7 +816,14 @@ xdr_string(xdrs, cpp, maxsize)
- 		/* FALLTHROUGH */
- 
- 	case XDR_ENCODE:
--		return (xdr_opaque(xdrs, sp, size));
-+		ret = xdr_opaque(xdrs, sp, size);
-+		if ((xdrs->x_op == XDR_DECODE) && (ret == FALSE)) {
-+			if (allocated == TRUE) {
-+				free(sp);
-+				*cpp = NULL;
-+			}
-+		}
-+		return (ret);
- 
- 	case XDR_FREE:
- 		mem_free(sp, nodesize);
-@@ -823,7 +843,7 @@ xdr_wrapstring(xdrs, cpp)
- 	XDR *xdrs;
- 	char **cpp;
- {
--	return xdr_string(xdrs, cpp, LASTUNSIGNED);
-+	return xdr_string(xdrs, cpp, RPC_MAXDATASIZE);
- }
- 
- /*
--- 
-1.9.1
-
diff --git a/meta/recipes-extended/libtirpc/libtirpc/libtirpc-0.2.1-fortify.patch b/meta/recipes-extended/libtirpc/libtirpc/libtirpc-0.2.1-fortify.patch
deleted file mode 100644
index 4a785d3..0000000
--- a/meta/recipes-extended/libtirpc/libtirpc/libtirpc-0.2.1-fortify.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-Fix a possible overflow (reported by _FORTIFY_SOURCE=2)
-
-Ported from Gentoo
-
-Upstream-Status: Pending
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
-Index: libtirpc-0.2.1/src/getrpcport.c
-===================================================================
---- libtirpc-0.2.1.orig/src/getrpcport.c
-+++ libtirpc-0.2.1/src/getrpcport.c
-@@ -54,11 +54,11 @@ getrpcport(host, prognum, versnum, proto
- 
- 	if ((hp = gethostbyname(host)) == NULL)
- 		return (0);
-+	if (hp->h_length != sizeof(addr.sin_addr.s_addr))
-+		return (0);
- 	memset(&addr, 0, sizeof(addr));
- 	addr.sin_family = AF_INET;
- 	addr.sin_port =  0;
--	if (hp->h_length > sizeof(addr))
--	  hp->h_length = sizeof(addr);
- 	memcpy(&addr.sin_addr.s_addr, hp->h_addr, (size_t)hp->h_length);
- 	/* Inconsistent interfaces need casts! :-( */
- 	return (pmap_getport(&addr, (u_long)prognum, (u_long)versnum, 
diff --git a/meta/recipes-extended/libtirpc/libtirpc/libtirpc-1.0.2-rc3.patch b/meta/recipes-extended/libtirpc/libtirpc/libtirpc-1.0.2-rc3.patch
deleted file mode 100644
index 113dabe..0000000
--- a/meta/recipes-extended/libtirpc/libtirpc/libtirpc-1.0.2-rc3.patch
+++ /dev/null
@@ -1,743 +0,0 @@
-Backport the 1.0.2 RC3 changes, this fixes issues with gcc7
-
-Upstream-Status: Backport
-
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
-
-diff --git a/src/Makefile.am b/src/Makefile.am
-index e4ed8aa..fba2aa4 100644
---- a/src/Makefile.am
-+++ b/src/Makefile.am
-@@ -24,7 +24,7 @@ libtirpc_la_SOURCES = auth_none.c auth_unix.c authunix_prot.c bindresvport.c cln
-         rpcb_st_xdr.c svc.c svc_auth.c svc_dg.c svc_auth_unix.c svc_auth_none.c \
- 	svc_auth_des.c \
-         svc_generic.c svc_raw.c svc_run.c svc_simple.c svc_vc.c getpeereid.c \
--        auth_time.c auth_des.c authdes_prot.c debug.c
-+        auth_time.c auth_des.c authdes_prot.c debug.c des_crypt.c des_impl.c
- 
- ## XDR
- libtirpc_la_SOURCES += xdr.c xdr_rec.c xdr_array.c xdr_float.c xdr_mem.c xdr_reference.c xdr_stdio.c xdr_sizeof.c
-diff --git a/src/auth_des.c b/src/auth_des.c
-index 4d3639e..af2f61f 100644
---- a/src/auth_des.c
-+++ b/src/auth_des.c
-@@ -46,8 +46,8 @@
- #include <rpc/clnt.h>
- #include <rpc/xdr.h>
- #include <sys/socket.h>
--#undef NIS
--#include <rpcsvc/nis.h>
-+
-+#include "nis.h"
- 
- #if defined(LIBC_SCCS) && !defined(lint)
- #endif
-diff --git a/src/auth_gss.c b/src/auth_gss.c
-index 9b88c38..5959893 100644
---- a/src/auth_gss.c
-+++ b/src/auth_gss.c
-@@ -526,6 +526,14 @@ _rpc_gss_refresh(AUTH *auth, rpc_gss_options_ret_t *options_ret)
- 			     gr.gr_major != GSS_S_CONTINUE_NEEDED)) {
- 				options_ret->major_status = gr.gr_major;
- 				options_ret->minor_status = gr.gr_minor;
-+				if (call_stat != RPC_SUCCESS) {
-+					struct rpc_err err;
-+					clnt_geterr(gd->clnt, &err);
-+					LIBTIRPC_DEBUG(1, ("authgss_refresh: %s errno: %s",
-+						clnt_sperrno(call_stat), strerror(err.re_errno)));
-+				} else
-+					gss_log_status("authgss_refresh:", 
-+						gr.gr_major, gr.gr_minor);
- 				return FALSE;
- 			}
- 
-diff --git a/src/auth_time.c b/src/auth_time.c
-index 10e58eb..7f83ab4 100644
---- a/src/auth_time.c
-+++ b/src/auth_time.c
-@@ -44,8 +44,8 @@
- #include <rpc/rpcb_prot.h>
- //#include <clnt_soc.h>
- #include <sys/select.h>
--#undef NIS
--#include <rpcsvc/nis.h>
-+
-+#include "nis.h"
- 
- 
- #ifdef TESTING
-diff --git a/src/des_impl.c b/src/des_impl.c
-index c5b7ed6..9dbccaf 100644
---- a/src/des_impl.c
-+++ b/src/des_impl.c
-@@ -6,7 +6,8 @@
- /* see <http://www.gnu.org/licenses/> to obtain a copy.  */
- #include <string.h>
- #include <stdint.h>
--#include <rpc/rpc_des.h>
-+#include <sys/types.h>
-+#include <rpc/des.h>
- 
- 
- static const uint32_t des_SPtrans[8][64] =
-diff --git a/src/getpublickey.c b/src/getpublickey.c
-index 764a5f9..8cf4dc2 100644
---- a/src/getpublickey.c
-+++ b/src/getpublickey.c
-@@ -38,8 +38,10 @@
- #include <pwd.h>
- #include <rpc/rpc.h>
- #include <rpc/key_prot.h>
-+#ifdef YP
- #include <rpcsvc/yp_prot.h>
- #include <rpcsvc/ypclnt.h>
-+#endif
- #include <string.h>
- #include <stdlib.h>
- 
-diff --git a/src/nis.h b/src/nis.h
-new file mode 100644
-index 0000000..588c041
---- /dev/null
-+++ b/src/nis.h
-@@ -0,0 +1,70 @@
-+/*
-+ * Copyright (c) 2010, Oracle America, Inc.
-+ *
-+ * Redistribution and use in source and binary forms, with or without
-+ * modification, are permitted provided that the following conditions are
-+ * met:
-+ *
-+ *     * Redistributions of source code must retain the above copyright
-+ *       notice, this list of conditions and the following disclaimer.
-+ *     * Redistributions in binary form must reproduce the above
-+ *       copyright notice, this list of conditions and the following
-+ *       disclaimer in the documentation and/or other materials
-+ *       provided with the distribution.
-+ *     * Neither the name of the "Oracle America, Inc." nor the names of its
-+ *       contributors may be used to endorse or promote products derived
-+ *       from this software without specific prior written permission.
-+ *
-+ *   THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-+ *   "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-+ *   LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-+ *   FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-+ *   COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
-+ *   INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-+ *   DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
-+ *   GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-+ *   INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-+ *   WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-+ *   NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-+ *   OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-+ */
-+
-+#ifndef _INTERNAL_NIS_H
-+#define _INTERNAL_NIS_H 1
-+
-+/*  This file only contains the definition of nis_server, to be
-+    able to compile libtirpc without the need to have a glibc
-+    with sunrpc or a libnsl already installed. */
-+
-+#define NIS_PK_NONE 0
-+
-+struct nis_attr {
-+	char *zattr_ndx;
-+	struct {
-+		u_int zattr_val_len;
-+		char *zattr_val_val;
-+	} zattr_val;
-+};
-+typedef struct nis_attr nis_attr;
-+
-+typedef char *nis_name;
-+
-+struct endpoint {
-+	char *uaddr;
-+	char *family;
-+	char *proto;
-+};
-+typedef struct endpoint endpoint;
-+
-+struct nis_server {
-+	nis_name name;
-+	struct {
-+		u_int ep_len;
-+		endpoint *ep_val;
-+	} ep;
-+	uint32_t key_type;
-+	netobj pkey;
-+};
-+typedef struct nis_server nis_server;
-+
-+#endif /* ! _INTERNAL_NIS_H */
-diff --git a/src/rpc_dtablesize.c b/src/rpc_dtablesize.c
-index 13d320c..3fe503a 100644
---- a/src/rpc_dtablesize.c
-+++ b/src/rpc_dtablesize.c
-@@ -27,22 +27,14 @@
-  */
- 
- #include <unistd.h>
--
- #include <sys/select.h>
--
--int _rpc_dtablesize(void);	/* XXX */
-+#include <rpc/clnt.h>
-+#include <rpc/rpc_com.h>
- 
- /*
-  * Cache the result of getdtablesize(), so we don't have to do an
-  * expensive system call every time.
-  */
--/*
-- * XXX In FreeBSD 2.x, you can have the maximum number of open file
-- * descriptors be greater than FD_SETSIZE (which us 256 by default).
-- *
-- * Since old programs tend to use this call to determine the first arg
-- * for _select(), having this return > FD_SETSIZE is a Bad Idea(TM)!
-- */
- int
- _rpc_dtablesize(void)
- {
-diff --git a/src/rpc_soc.c b/src/rpc_soc.c
-index 1ec7b3f..ed0892a 100644
---- a/src/rpc_soc.c
-+++ b/src/rpc_soc.c
-@@ -61,8 +61,8 @@
- #include <string.h>
- #include <unistd.h>
- #include <fcntl.h>
--#include <rpcsvc/nis.h>
- 
-+#include "nis.h"
- #include "rpc_com.h"
- 
- extern mutex_t	rpcsoc_lock;
-diff --git a/src/rtime.c b/src/rtime.c
-index c34e0af..b642840 100644
---- a/src/rtime.c
-+++ b/src/rtime.c
-@@ -46,6 +46,7 @@
- #include <unistd.h>
- #include <errno.h>
- #include <sys/types.h>
-+#include <sys/poll.h>
- #include <sys/socket.h>
- #include <sys/time.h>
- #include <netinet/in.h>
-@@ -67,7 +68,8 @@ rtime(addrp, timep, timeout)
- 	struct timeval *timeout;
- {
- 	int s;
--	fd_set readfds;
-+	struct pollfd fd;
-+	int milliseconds;
- 	int res;
- 	unsigned long thetime;
- 	struct sockaddr_in from;
-@@ -94,31 +96,32 @@ rtime(addrp, timep, timeout)
- 	addrp->sin_port = serv->s_port;
- 
- 	if (type == SOCK_DGRAM) {
--		res = sendto(s, (char *)&thetime, sizeof(thetime), 0, 
-+		res = sendto(s, (char *)&thetime, sizeof(thetime), 0,
- 			     (struct sockaddr *)addrp, sizeof(*addrp));
- 		if (res < 0) {
- 			do_close(s);
--			return(-1);	
-+			return(-1);
- 		}
--		do {
--			FD_ZERO(&readfds);
--			FD_SET(s, &readfds);
--			res = select(_rpc_dtablesize(), &readfds,
--				     (fd_set *)NULL, (fd_set *)NULL, timeout);
--		} while (res < 0 && errno == EINTR);
-+
-+		milliseconds = (timeout->tv_sec * 1000) + (timeout->tv_usec / 1000);
-+		fd.fd = s;
-+		fd.events = POLLIN;
-+		do
-+		  res = poll (&fd, 1, milliseconds);
-+		while (res < 0 && errno == EINTR);
- 		if (res <= 0) {
- 			if (res == 0) {
- 				errno = ETIMEDOUT;
- 			}
- 			do_close(s);
--			return(-1);	
-+			return(-1);
- 		}
- 		fromlen = sizeof(from);
--		res = recvfrom(s, (char *)&thetime, sizeof(thetime), 0, 
-+		res = recvfrom(s, (char *)&thetime, sizeof(thetime), 0,
- 			       (struct sockaddr *)&from, &fromlen);
- 		do_close(s);
- 		if (res < 0) {
--			return(-1);	
-+			return(-1);
- 		}
- 	} else {
- 		if (connect(s, (struct sockaddr *)addrp, sizeof(*addrp)) < 0) {
-diff --git a/src/svc.c b/src/svc.c
-index 9c41445..b59467b 100644
---- a/src/svc.c
-+++ b/src/svc.c
-@@ -99,7 +99,7 @@ xprt_register (xprt)
-     {
-       __svc_xports = (SVCXPRT **) calloc (_rpc_dtablesize(), sizeof (SVCXPRT *));
-       if (__svc_xports == NULL)
--	return;
-+            goto unlock;
-     }
-   if (sock < _rpc_dtablesize())
-     {
-@@ -120,14 +120,14 @@ xprt_register (xprt)
-             svc_pollfd[i].fd = sock;
-             svc_pollfd[i].events = (POLLIN | POLLPRI |
-                                     POLLRDNORM | POLLRDBAND);
--            return;
-+            goto unlock;
-           }
- 
-       new_svc_pollfd = (struct pollfd *) realloc (svc_pollfd,
-                                                   sizeof (struct pollfd)
-                                                   * (svc_max_pollfd + 1));
-       if (new_svc_pollfd == NULL) /* Out of memory */
--        return;
-+        goto unlock;
-       svc_pollfd = new_svc_pollfd;
-       ++svc_max_pollfd;
- 
-@@ -135,6 +135,7 @@ xprt_register (xprt)
-       svc_pollfd[svc_max_pollfd - 1].events = (POLLIN | POLLPRI |
-                                                POLLRDNORM | POLLRDBAND);
-     }
-+unlock:
-   rwlock_unlock (&svc_fd_lock);
- }
- 
-diff --git a/src/svc_auth_des.c b/src/svc_auth_des.c
-index 5bc264c..2e90146 100644
---- a/src/svc_auth_des.c
-+++ b/src/svc_auth_des.c
-@@ -86,13 +86,13 @@ static struct cache_entry *authdes_cache/* [AUTHDES_CACHESZ] */;
- static short *authdes_lru/* [AUTHDES_CACHESZ] */;
- 
- static void cache_init();	/* initialize the cache */
--static short cache_spot();	/* find an entry in the cache */
--static void cache_ref(/*short sid*/);	/* note that sid was ref'd */
-+static short cache_spot(des_block *key, char *name, struct timeval *timestamp);  /* find an entry in the cache */
-+static void cache_ref(short sid);	/* note that sid was ref'd */
- 
--static void invalidate();	/* invalidate entry in cache */
-+static void invalidate(char *cred);	/* invalidate entry in cache */
- 
- /*
-- * cache statistics 
-+ * cache statistics
-  */
- static struct {
- 	u_long ncachehits;	/* times cache hit, and is not replay */
-diff --git a/src/svc_auth_gss.c b/src/svc_auth_gss.c
-index b6aa407..bece46a 100644
---- a/src/svc_auth_gss.c
-+++ b/src/svc_auth_gss.c
-@@ -129,6 +129,8 @@ struct svc_rpc_gss_data {
- 	((struct svc_rpc_gss_data *)(auth)->svc_ah_private)
- 
- /* Global server credentials. */
-+static u_int		_svcauth_req_time = 0;
-+static gss_OID_set_desc	_svcauth_oid_set = {1, GSS_C_NULL_OID };
- static gss_cred_id_t	_svcauth_gss_creds;
- static gss_name_t	_svcauth_gss_name = GSS_C_NO_NAME;
- static char *		_svcauth_svc_name = NULL;
-@@ -167,6 +169,7 @@ svcauth_gss_import_name(char *service)
- 	gss_name_t	name;
- 	gss_buffer_desc	namebuf;
- 	OM_uint32	maj_stat, min_stat;
-+	bool_t		result;
- 
- 	gss_log_debug("in svcauth_gss_import_name()");
- 
-@@ -181,22 +184,21 @@ svcauth_gss_import_name(char *service)
- 			maj_stat, min_stat);
- 		return (FALSE);
- 	}
--	if (svcauth_gss_set_svc_name(name) != TRUE) {
--		gss_release_name(&min_stat, &name);
--		return (FALSE);
--	}
--	return (TRUE);
-+	result = svcauth_gss_set_svc_name(name);
-+	gss_release_name(&min_stat, &name);
-+	return result;
- }
- 
- static bool_t
--svcauth_gss_acquire_cred(u_int req_time, gss_OID_set_desc *oid_set)
-+svcauth_gss_acquire_cred(void)
- {
- 	OM_uint32	maj_stat, min_stat;
- 
- 	gss_log_debug("in svcauth_gss_acquire_cred()");
- 
--	maj_stat = gss_acquire_cred(&min_stat, _svcauth_gss_name, req_time,
--				    oid_set, GSS_C_ACCEPT,
-+	maj_stat = gss_acquire_cred(&min_stat, _svcauth_gss_name,
-+				    _svcauth_req_time, &_svcauth_oid_set,
-+				    GSS_C_ACCEPT,
- 				    &_svcauth_gss_creds, NULL, NULL);
- 
- 	if (maj_stat != GSS_S_COMPLETE) {
-@@ -300,6 +302,8 @@ svcauth_gss_accept_sec_context(struct svc_req *rqst,
- 					      NULL,
- 					      &gd->deleg);
- 
-+	xdr_free((xdrproc_t)xdr_rpc_gss_init_args, (caddr_t)&recv_tok);
-+
- 	if (gr->gr_major != GSS_S_COMPLETE &&
- 	    gr->gr_major != GSS_S_CONTINUE_NEEDED) {
- 		gss_log_status("svcauth_gss_accept_sec_context: accept_sec_context",
-@@ -352,8 +356,11 @@ svcauth_gss_accept_sec_context(struct svc_req *rqst,
- 			return (FALSE);
- 
- 		rqst->rq_xprt->xp_verf.oa_flavor = RPCSEC_GSS;
--		rqst->rq_xprt->xp_verf.oa_base = checksum.value;
-+		memcpy(rqst->rq_xprt->xp_verf.oa_base, checksum.value,
-+			checksum.length);
- 		rqst->rq_xprt->xp_verf.oa_length = checksum.length;
-+
-+		gss_release_buffer(&min_stat, &checksum);
- 	}
- 	return (TRUE);
- }
-@@ -435,10 +442,13 @@ svcauth_gss_nextverf(struct svc_req *rqst, u_int num)
- 			maj_stat, min_stat);
- 		return (FALSE);
- 	}
-+
- 	rqst->rq_xprt->xp_verf.oa_flavor = RPCSEC_GSS;
--	rqst->rq_xprt->xp_verf.oa_base = (caddr_t)checksum.value;
-+	memcpy(rqst->rq_xprt->xp_verf.oa_base, checksum.value, checksum.length);
- 	rqst->rq_xprt->xp_verf.oa_length = (u_int)checksum.length;
- 
-+	gss_release_buffer(&min_stat, &checksum);
-+
- 	return (TRUE);
- }
- 
-@@ -568,6 +578,8 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch)
- 	gss_qop_t		 qop;
- 	struct svcauth_gss_cache_entry **ce;
- 	time_t			 now;
-+	enum auth_stat		 result = AUTH_OK;
-+	OM_uint32		 min_stat;
- 
- 	gss_log_debug("in svcauth_gss()");
- 
-@@ -621,19 +633,25 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch)
- 	XDR_DESTROY(&xdrs);
- 
- 	/* Check version. */
--	if (gc->gc_v != RPCSEC_GSS_VERSION)
--		return (AUTH_BADCRED);
-+	if (gc->gc_v != RPCSEC_GSS_VERSION) {
-+		result = AUTH_BADCRED;
-+		goto out;
-+	}
- 
- 	/* Check RPCSEC_GSS service. */
- 	if (gc->gc_svc != RPCSEC_GSS_SVC_NONE &&
- 	    gc->gc_svc != RPCSEC_GSS_SVC_INTEGRITY &&
--	    gc->gc_svc != RPCSEC_GSS_SVC_PRIVACY)
--		return (AUTH_BADCRED);
-+	    gc->gc_svc != RPCSEC_GSS_SVC_PRIVACY) {
-+		result = AUTH_BADCRED;
-+		goto out;
-+	}
- 
- 	/* Check sequence number. */
- 	if (gd->established) {
--		if (gc->gc_seq > MAXSEQ)
--			return (RPCSEC_GSS_CTXPROBLEM);
-+		if (gc->gc_seq > MAXSEQ) {
-+			result = RPCSEC_GSS_CTXPROBLEM;
-+			goto out;
-+		}
- 
- 		if ((offset = gd->seqlast - gc->gc_seq) < 0) {
- 			gd->seqlast = gc->gc_seq;
-@@ -643,7 +661,8 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch)
- 		}
- 		else if (offset >= gd->win || (gd->seqmask & (1 << offset))) {
- 			*no_dispatch = 1;
--			return (RPCSEC_GSS_CTXPROBLEM);
-+			result = RPCSEC_GSS_CTXPROBLEM;
-+			goto out;
- 		}
- 		gd->seq = gc->gc_seq;
- 		gd->seqmask |= (1 << offset);
-@@ -654,35 +673,52 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch)
- 		rqst->rq_svcname = (char *)gd->ctx;
- 	}
- 
-+	rqst->rq_xprt->xp_verf.oa_base = msg->rm_call.cb_verf.oa_base;
-+
- 	/* Handle RPCSEC_GSS control procedure. */
- 	switch (gc->gc_proc) {
- 
- 	case RPCSEC_GSS_INIT:
- 	case RPCSEC_GSS_CONTINUE_INIT:
--		if (rqst->rq_proc != NULLPROC)
--			return (AUTH_FAILED);		/* XXX ? */
-+		if (rqst->rq_proc != NULLPROC) {
-+			result = AUTH_FAILED;		/* XXX ? */
-+			break;
-+		}
- 
- 		if (_svcauth_gss_name == GSS_C_NO_NAME) {
--			if (!svcauth_gss_import_name("nfs"))
--				return (AUTH_FAILED);
-+			if (!svcauth_gss_import_name("nfs")) {
-+				result = AUTH_FAILED;
-+				break;
-+			}
- 		}
- 
--		if (!svcauth_gss_acquire_cred(0, GSS_C_NULL_OID_SET))
--			return (AUTH_FAILED);
-+		if (!svcauth_gss_acquire_cred()) {
-+			result = AUTH_FAILED;
-+			break;
-+		}
- 
--		if (!svcauth_gss_accept_sec_context(rqst, &gr))
--			return (AUTH_REJECTEDCRED);
-+		if (!svcauth_gss_accept_sec_context(rqst, &gr)) {
-+			result = AUTH_REJECTEDCRED;
-+			break;
-+		}
- 
--		if (!svcauth_gss_nextverf(rqst, htonl(gr.gr_win)))
--			return (AUTH_FAILED);
-+		if (!svcauth_gss_nextverf(rqst, htonl(gr.gr_win))) {
-+			result = AUTH_FAILED;
-+			break;
-+		}
- 
- 		*no_dispatch = TRUE;
- 
- 		call_stat = svc_sendreply(rqst->rq_xprt, 
- 			(xdrproc_t)xdr_rpc_gss_init_res, (caddr_t)&gr);
- 
--		if (!call_stat)
--			return (AUTH_FAILED);
-+		gss_release_buffer(&min_stat, &gr.gr_token);
-+		free(gr.gr_ctx.value);
-+
-+		if (!call_stat) {
-+			result = AUTH_FAILED;
-+			break;
-+		}
- 
- 		if (gr.gr_major == GSS_S_COMPLETE)
- 			gd->established = TRUE;
-@@ -690,27 +726,37 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch)
- 		break;
- 
- 	case RPCSEC_GSS_DATA:
--		if (!svcauth_gss_validate(gd, msg, &qop))
--			return (RPCSEC_GSS_CREDPROBLEM);
-+		if (!svcauth_gss_validate(gd, msg, &qop)) {
-+			result = RPCSEC_GSS_CREDPROBLEM;
-+			break;
-+		}
- 
--		if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq)))
--			return (AUTH_FAILED);
-+		if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq))) {
-+			result = AUTH_FAILED;
-+			break;
-+		}
- 
- 		if (!gd->callback_done) {
- 			gd->callback_done = TRUE;
- 			gd->sec.qop = qop;
- 			(void)rpc_gss_num_to_qop(gd->rcred.mechanism,
- 						gd->sec.qop, &gd->rcred.qop);
--			if (!svcauth_gss_callback(rqst, gd))
--				return (AUTH_REJECTEDCRED);
-+			if (!svcauth_gss_callback(rqst, gd)) {
-+				result = AUTH_REJECTEDCRED;
-+				break;
-+			}
- 		}
- 
- 		if (gd->locked) {
- 			if (gd->rcred.service !=
--					_rpc_gss_svc_to_service(gc->gc_svc))
--				return (AUTH_FAILED);
--			if (gd->sec.qop != qop)
--				return (AUTH_BADVERF);
-+					_rpc_gss_svc_to_service(gc->gc_svc)) {
-+				result = AUTH_FAILED;
-+				break;
-+			}
-+			if (gd->sec.qop != qop) {
-+				result = AUTH_BADVERF;
-+				break;
-+			}
- 		}
- 
- 		if (gd->sec.qop != qop) {
-@@ -724,17 +770,25 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch)
- 		break;
- 
- 	case RPCSEC_GSS_DESTROY:
--		if (rqst->rq_proc != NULLPROC)
--			return (AUTH_FAILED);		/* XXX ? */
-+		if (rqst->rq_proc != NULLPROC) {
-+			result = AUTH_FAILED;		/* XXX ? */
-+			break;
-+		}
- 
--		if (!svcauth_gss_validate(gd, msg, &qop))
--			return (RPCSEC_GSS_CREDPROBLEM);
-+		if (!svcauth_gss_validate(gd, msg, &qop)) {
-+			result = RPCSEC_GSS_CREDPROBLEM;
-+			break;
-+		}
- 
--		if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq)))
--			return (AUTH_FAILED);
-+		if (!svcauth_gss_nextverf(rqst, htonl(gc->gc_seq))) {
-+			result = AUTH_FAILED;
-+			break;
-+		}
- 
--		if (!svcauth_gss_release_cred())
--			return (AUTH_FAILED);
-+		if (!svcauth_gss_release_cred()) {
-+			result = AUTH_FAILED;
-+			break;
-+		}
- 
- 		SVCAUTH_DESTROY(&SVC_XP_AUTH(rqst->rq_xprt));
- 		SVC_XP_AUTH(rqst->rq_xprt).svc_ah_ops = svc_auth_none.svc_ah_ops;
-@@ -743,10 +797,12 @@ _svcauth_gss(struct svc_req *rqst, struct rpc_msg *msg, bool_t *no_dispatch)
- 		break;
- 
- 	default:
--		return (AUTH_REJECTEDCRED);
-+		result = AUTH_REJECTEDCRED;
- 		break;
- 	}
--	return (AUTH_OK);
-+out:
-+	xdr_free((xdrproc_t)xdr_rpc_gss_cred, (caddr_t)gc);
-+	return result;
- }
- 
- static bool_t
-@@ -890,7 +946,6 @@ bool_t
- rpc_gss_set_svc_name(char *principal, char *mechanism, u_int req_time,
- 		u_int UNUSED(program), u_int UNUSED(version))
- {
--	gss_OID_set_desc oid_set;
- 	rpc_gss_OID oid;
- 	char *save;
- 
-@@ -902,14 +957,13 @@ rpc_gss_set_svc_name(char *principal, char *mechanism, u_int req_time,
- 
- 	if (!rpc_gss_mech_to_oid(mechanism, &oid))
- 		goto out_err;
--	oid_set.count = 1;
--	oid_set.elements = (gss_OID)oid;
- 
- 	if (!svcauth_gss_import_name(principal))
- 		goto out_err;
--	if (!svcauth_gss_acquire_cred(req_time, &oid_set))
--		goto out_err;
- 
-+	_svcauth_req_time = req_time;
-+	_svcauth_oid_set.count = 1;
-+	_svcauth_oid_set.elements = (gss_OID)oid;
- 	free(_svcauth_svc_name);
- 	_svcauth_svc_name = save;
- 	return TRUE;
-diff --git a/src/svc_vc.c b/src/svc_vc.c
-index 6ae613d..97a76a3 100644
---- a/src/svc_vc.c
-+++ b/src/svc_vc.c
-@@ -270,14 +270,8 @@ makefd_xprt(fd, sendsize, recvsize)
- 	struct cf_conn *cd;
- 	const char *netid;
- 	struct __rpc_sockinfo si;
-- 
--	assert(fd != -1);
- 
--        if (fd >= FD_SETSIZE) {
--                warnx("svc_vc: makefd_xprt: fd too high\n");
--                xprt = NULL;
--                goto done;
--        }
-+	assert(fd != -1);
- 
- 	xprt = mem_alloc(sizeof(SVCXPRT));
- 	if (xprt == NULL) {
-@@ -338,22 +332,10 @@ rendezvous_request(xprt, msg)
- 	r = (struct cf_rendezvous *)xprt->xp_p1;
- again:
- 	len = sizeof addr;
--	if ((sock = accept(xprt->xp_fd, (struct sockaddr *)(void *)&addr,
--	    &len)) < 0) {
-+	sock = accept(xprt->xp_fd, (struct sockaddr *)(void *)&addr, &len);
-+	if (sock < 0) {
- 		if (errno == EINTR)
- 			goto again;
--
--		if (errno == EMFILE || errno == ENFILE) {
--		  /* If there are no file descriptors available, then accept will fail.
--		     We want to delay here so the connection request can be dequeued;
--		     otherwise we can bounce between polling and accepting, never
--		     giving the request a chance to dequeue and eating an enormous
--		     amount of cpu time in svc_run if we're polling on many file
--		     descriptors.  */
--		        struct timespec ts = { .tv_sec = 0, .tv_nsec = 50000000 };
--                        nanosleep (&ts, NULL);
--			goto again;
--		}
- 		return (FALSE);
- 	}
- 	/*
-diff --git a/tirpc/rpc/des.h b/tirpc/rpc/des.h
-index d2881ad..018aa48 100644
---- a/tirpc/rpc/des.h
-+++ b/tirpc/rpc/des.h
-@@ -82,6 +82,6 @@ struct desparams {
- /*
-  * Software DES.
-  */
--extern int _des_crypt( char *, int, struct desparams * );
-+extern int _des_crypt( char *, unsigned, struct desparams * );
- 
- #endif
-diff --git a/tirpc/rpc/rpcent.h b/tirpc/rpc/rpcent.h
-index 147f909..e07503c 100644
---- a/tirpc/rpc/rpcent.h
-+++ b/tirpc/rpc/rpcent.h
-@@ -60,10 +60,11 @@ struct rpcent {
- extern struct rpcent *getrpcbyname(const char *);
- extern struct rpcent *getrpcbynumber(int);
- extern struct rpcent *getrpcent(void);
--#endif
- 
- extern void setrpcent(int);
- extern void endrpcent(void);
-+#endif
-+
- #ifdef __cplusplus
- }
- #endif
diff --git a/meta/recipes-extended/libtirpc/libtirpc_1.0.1.bb b/meta/recipes-extended/libtirpc/libtirpc_1.0.2.bb
similarity index 81%
rename from meta/recipes-extended/libtirpc/libtirpc_1.0.1.bb
rename to meta/recipes-extended/libtirpc/libtirpc_1.0.2.bb
index 7be8e10..f9718c5 100644
--- a/meta/recipes-extended/libtirpc/libtirpc_1.0.1.bb
+++ b/meta/recipes-extended/libtirpc/libtirpc_1.0.2.bb
@@ -11,20 +11,17 @@ PROVIDES = "virtual/librpc"
 
 SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BP}.tar.bz2;name=libtirpc \
            ${GENTOO_MIRROR}/${BPN}-glibc-nfs.tar.xz;name=glibc-nfs \
-           file://libtirpc-1.0.2-rc3.patch \
-           file://libtirpc-0.2.1-fortify.patch \
            file://export_key_secretkey_is_set.patch \
            file://0001-replace-__bzero-with-memset-API.patch \
            file://0001-include-stdint.h-for-uintptr_t.patch \
-           file://0001-Fix-for-CVE-2017-8779.patch \
            "
 
 SRC_URI_append_libc-musl = " \
                              file://Use-netbsd-queue.h.patch \
                            "
 
-SRC_URI[libtirpc.md5sum] = "36ce1c0ff80863bb0839d54aa0b94014"
-SRC_URI[libtirpc.sha256sum] = "5156974f31be7ccbc8ab1de37c4739af6d9d42c87b1d5caf4835dda75fcbb89e"
+SRC_URI[libtirpc.md5sum] = "d5a37f1dccec484f9cabe2b97e54e9a6"
+SRC_URI[libtirpc.sha256sum] = "723c5ce92706cbb601a8db09110df1b4b69391643158f20ff587e20e7c5f90f5"
 SRC_URI[glibc-nfs.md5sum] = "5ae500b9d0b6b72cb875bc04944b9445"
 SRC_URI[glibc-nfs.sha256sum] = "2677cfedf626f3f5a8f6e507aed5bb8f79a7453b589d684dbbc086e755170d83"
 
-- 
2.4.0

Re: [PATCH 4/6] bluez5: upgrade to 5.46

[Marc Ferland]

On Wed, Jul 19, 2017 at 11:01 AM, Maxin B. John <maxin.john@intel.com> wrote:
> 5.45 -> 5.46
>
> Signed-off-by: Maxin B. John <maxin.john@intel.com>
> ---
>  meta/recipes-connectivity/bluez5/{bluez5_5.45.bb => bluez5_5.46.bb} | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>  rename meta/recipes-connectivity/bluez5/{bluez5_5.45.bb => bluez5_5.46.bb} (91%)
>
> diff --git a/meta/recipes-connectivity/bluez5/bluez5_5.45.bb b/meta/recipes-connectivity/bluez5/bluez5_5.46.bb
> similarity index 91%
> rename from meta/recipes-connectivity/bluez5/bluez5_5.45.bb
> rename to meta/recipes-connectivity/bluez5/bluez5_5.46.bb
> index d5f516c..93f4be3 100644
> --- a/meta/recipes-connectivity/bluez5/bluez5_5.45.bb
> +++ b/meta/recipes-connectivity/bluez5/bluez5_5.46.bb
> @@ -2,8 +2,8 @@ require bluez5.inc
>
>  REQUIRED_DISTRO_FEATURES = "bluez5"
>
> -SRC_URI[md5sum] = "20d936917afc7e1ffa091f5213081c55"
> -SRC_URI[sha256sum] = "4cacb00703a6bc149cb09502257d321597d43952374a16f3558766ffa85364e9"
> +SRC_URI[md5sum] = "913f35d6fa4ca5772c53adb936bf1947"
> +SRC_URI[sha256sum] = "ddab3d3837c1afb8ae228a94ba17709a4650bd4db24211b6771ab735c8908e28"
>

A new testing utility, advtest, has been added and should be installed
along with the rest of the tools listed in NOINST_TOOLS_BT.

See: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=fedb7f6eaba7bc4ac879d1762ff267789c4db552

Marc

Re: [PATCH 4/6] bluez5: upgrade to 5.46

[Maxin B. John]

Hi Marc,

On Wed, Jul 19, 2017 at 11:13:16AM -0400, Marc Ferland wrote:
> On Wed, Jul 19, 2017 at 11:01 AM, Maxin B. John <maxin.john@intel.com> wrote:
> >
> > 5.45 -> 5.46
> >
> > Signed-off-by: Maxin B. John <maxin.john@intel.com>
> > ---
> >  meta/recipes-connectivity/bluez5/{bluez5_5.45.bb => bluez5_5.46.bb} | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> >  rename meta/recipes-connectivity/bluez5/{bluez5_5.45.bb => bluez5_5.46.bb} (91%)
> >
> > diff --git a/meta/recipes-connectivity/bluez5/bluez5_5.45.bb b/meta/recipes-connectivity/bluez5/bluez5_5.46.bb
> > similarity index 91%
> > rename from meta/recipes-connectivity/bluez5/bluez5_5.45.bb
> > rename to meta/recipes-connectivity/bluez5/bluez5_5.46.bb
> > index d5f516c..93f4be3 100644
> > --- a/meta/recipes-connectivity/bluez5/bluez5_5.45.bb
> > +++ b/meta/recipes-connectivity/bluez5/bluez5_5.46.bb
> > @@ -2,8 +2,8 @@ require bluez5.inc
> >
> >  REQUIRED_DISTRO_FEATURES = "bluez5"
> >
> > -SRC_URI[md5sum] = "20d936917afc7e1ffa091f5213081c55"
> > -SRC_URI[sha256sum] = "4cacb00703a6bc149cb09502257d321597d43952374a16f3558766ffa85364e9"
> > +SRC_URI[md5sum] = "913f35d6fa4ca5772c53adb936bf1947"
> > +SRC_URI[sha256sum] = "ddab3d3837c1afb8ae228a94ba17709a4650bd4db24211b6771ab735c8908e28"
> >
> 
> A new testing utility, advtest, has been added and should be installed
> along with the rest of the tools listed in NOINST_TOOLS_BT.
> 
> See: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=fedb7f6eaba7bc4ac879d1762ff267789c4db552

Thanks for sharing this info. Will add that.

> Marc

Best Regards,
Maxin