From patchwork Sat Aug 29 13:06:10 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Titouan Christophe <titouan.christophe@railnova.eu>
X-Patchwork-Id: 1353689
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net
 (client-ip=140.211.166.133; helo=hemlock.osuosl.org;
 envelope-from=buildroot-bounces@busybox.net; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
 dmarc=fail (p=none dis=none) header.from=railnova.eu
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=railnova-eu.20150623.gappssmtp.com
 header.i=@railnova-eu.20150623.gappssmtp.com header.a=rsa-sha256
 header.s=20150623 header.b=j4KLp7EU;
	dkim-atps=neutral
Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 4BdxYb69F8z9sTQ
	for <incoming-buildroot@patchwork.ozlabs.org>;
 Sat, 29 Aug 2020 23:06:27 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by hemlock.osuosl.org (Postfix) with ESMTP id 4A6D986EB1;
	Sat, 29 Aug 2020 13:06:23 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from hemlock.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id cho7cENfZpGo; Sat, 29 Aug 2020 13:06:20 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by hemlock.osuosl.org (Postfix) with ESMTP id 4156387155;
	Sat, 29 Aug 2020 13:06:20 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137])
 by ash.osuosl.org (Postfix) with ESMTP id 2B9D41BF3F9
 for <buildroot@lists.busybox.net>; Sat, 29 Aug 2020 13:06:19 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by fraxinus.osuosl.org (Postfix) with ESMTP id 2754685FA3
 for <buildroot@lists.busybox.net>; Sat, 29 Aug 2020 13:06:19 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from fraxinus.osuosl.org ([127.0.0.1])
 by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id WKFA_Em6VLf0 for <buildroot@lists.busybox.net>;
 Sat, 29 Aug 2020 13:06:17 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from mail-ej1-f66.google.com (mail-ej1-f66.google.com
 [209.85.218.66])
 by fraxinus.osuosl.org (Postfix) with ESMTPS id E950785F87
 for <buildroot@buildroot.org>; Sat, 29 Aug 2020 13:06:16 +0000 (UTC)
Received: by mail-ej1-f66.google.com with SMTP id nw23so1280162ejb.4
 for <buildroot@buildroot.org>; Sat, 29 Aug 2020 06:06:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=railnova-eu.20150623.gappssmtp.com; s=20150623;
 h=from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=psftOcSipa4EokSccgmgCRLXMi+T4Bq8+4AyLS0O5uE=;
 b=j4KLp7EU1FOHSAy4z8JfdOiphmIkZcCSgrR83IzaUEX/uWlnfPFeMB6usvZEmOXhHe
 Xvp4bNcX7Mv7W1v8oQcrYaH6ftYFQc6B7pNRCLPZxjX5b+7IqqxISCGeU3XKCqM0o9Tu
 hxGYVeK/MPFDSTQ40lf5LfD6yMvLBMOku6Vr8hHpER1wQkp5zWSjZKZEWqjTW6+ZfvQN
 7RxH7WN0AzX/qzcNEzx64PHM2X8CFin+KyK8AXvKZQuNI43DCt6+B7KqyGs3hLq0UXBM
 yQBN9vyMixi/ZbFqrRXI1ibKpW++RfzaowLCz6AZC5EC8HA1Q6VuVikCOGXZouUjcbGd
 NN8A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=psftOcSipa4EokSccgmgCRLXMi+T4Bq8+4AyLS0O5uE=;
 b=VHsnwVgqN8H7MymL11n5RMwbBAdYXROjFsozbi6Lci8Z2mEy9UjcnChyDsjt1EsESK
 ceLOt8ORC0917S+dU6xsBA453vc5C9ST+I5AGYqr1cCjTD/OyWah3acDuFZtXpEu88Hd
 PGQnmtScBzymbMs1a9Xi5gaRLNtoaUqFERE8ZBrveH+94O/vkQz39Fj8tgX20nGH09rm
 468N+I15HrfygFFL+6MX85cBpSvyE6ynKkOEFeJux0nvDwLXF3hOsm5IviTETXqCD5+x
 3Muz7bCuoCcvJ/O4N74kaQt/a2+ZawB6uosBH+2He2DwpQsxxgca8WRs/rWxhLAVLbjy
 +QaA==
X-Gm-Message-State: AOAM533Tutxb+6h9vCvn+tyyqPu+XBuu5HZz8Qem9NV8vYeYoRWEISAB
 saKH9W+4oMVBS5ee+LecqIepTd6WmwA5VQ==
X-Google-Smtp-Source: 
 ABdhPJzP6s7NxBShLLbBy42Em2x2koKRfSqQHOxrycqHtZN6xxzYUHSahC3B+Tyk0aWkqUwdDTJUXA==
X-Received: by 2002:a17:906:7204:: with SMTP id
 m4mr3425895ejk.342.1598706374954;
 Sat, 29 Aug 2020 06:06:14 -0700 (PDT)
Received: from localhost.localdomain
 ([2a02:a03f:63d3:7700:5fb9:2a66:a7a8:378f])
 by smtp.gmail.com with ESMTPSA id cf24sm2185654ejb.61.2020.08.29.06.06.13
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 29 Aug 2020 06:06:14 -0700 (PDT)
From: Titouan Christophe <titouan.christophe@railnova.eu>
To: buildroot@buildroot.org
Date: Sat, 29 Aug 2020 15:06:10 +0200
Message-Id: <20200829130610.169904-1-titouan.christophe@railnova.eu>
X-Mailer: git-send-email 2.25.3
MIME-Version: 1.0
Subject: [Buildroot] [PATCH v3 1/1] package/mosquitto: security bump to
 v1.6.12
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
 <mailto:buildroot-request@busybox.net?subject=subscribe>
Cc: Fabrice Fontaine <fabrice.fontaine@orange.com>,
 Peter Korsgaard <peter@korsgaard.com>,
 Titouan Christophe <titouan.christophe@railnova.eu>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Mosquitto 1.6.11 is a bugfix release, read the whole announcement on
http://mosquitto.org/blog/2020/08/version-1-6-11-released/

Mosquitto 1.6.12 is a security and bugfix release, read
http://mosquitto.org/blog/2020/08/version-1-6-12-released/

From the 1.6.11 changelog of the client library:
mosquitto_loop_start() now sets a thread name on Linux, FreeBSD, NetBSD,
and OpenBSD. Closes #1777.
This is done with pthread_setname_np; so mosquitto now requires
BR2_TOOLCHAIN_HAS_THREADS_NPTL when built with threading support.

2 reverse dependencies use the threaded API, but they already
depend on BR2_TOOLCHAIN_HAS_THREADS_NPTL:
* domoticz [1] (we add a comment for mosquitto)
* shairport-sync [2]

[1] https://github.com/domoticz/domoticz/blob/2020.1/main/mosquitto_helper.cpp#L344
[2] https://github.com/mikebrady/shairport-sync/blob/3.3.6/mqtt.c#L227-L229

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
---
Changes v1->v2:
* Conditionally depend on BR2_TOOLCHAIN_HAS_THREADS_NPTL
* Add patch to support building on platforms without pthread

Changes v2->v3:
* Bump to newer version 1.6.12
* Drop patch that was released upstream
* Don't add custom option BR2_PACKAGE_MOSQUITTO_WITH_THREADING
---
 package/domoticz/Config.in       | 2 +-
 package/mosquitto/mosquitto.hash | 4 ++--
 package/mosquitto/mosquitto.mk   | 5 +++--
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/package/domoticz/Config.in b/package/domoticz/Config.in
index a2ad9f1b07..c6b2834d9d 100644
--- a/package/domoticz/Config.in
+++ b/package/domoticz/Config.in
@@ -2,7 +2,7 @@ config BR2_PACKAGE_DOMOTICZ
 	bool "domoticz"
 	depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # sleep_for
 	# pthread_condattr_setclock
-	depends on BR2_TOOLCHAIN_HAS_THREADS_NPTL
+	depends on BR2_TOOLCHAIN_HAS_THREADS_NPTL # mosquitto
 	depends on BR2_INSTALL_LIBSTDCPP
 	depends on BR2_USE_WCHAR
 	depends on BR2_PACKAGE_LUA_5_3
diff --git a/package/mosquitto/mosquitto.hash b/package/mosquitto/mosquitto.hash
index 482962490e..13f0c8de23 100644
--- a/package/mosquitto/mosquitto.hash
+++ b/package/mosquitto/mosquitto.hash
@@ -1,6 +1,6 @@
 # Locally calculated after checking gpg signature
-# from https://mosquitto.org/files/source/mosquitto-1.6.10.tar.gz.asc
-sha256  92d1807717f0f6d57d1ac1207ffdb952e8377e916c7b0bb4718f745239774232  mosquitto-1.6.10.tar.gz
+# from https://mosquitto.org/files/source/mosquitto-1.6.12.tar.gz.asc
+sha256  548d73d19fb787dd0530334e398fd256ef3a581181678488a741a995c4f007fb  mosquitto-1.6.12.tar.gz
 
 # License files
 sha256  cc77e25bafd40637b7084f04086d606f0a200051b61806f97c93405926670bc1  LICENSE.txt
diff --git a/package/mosquitto/mosquitto.mk b/package/mosquitto/mosquitto.mk
index cdd515e1a4..5734dd45c5 100644
--- a/package/mosquitto/mosquitto.mk
+++ b/package/mosquitto/mosquitto.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-MOSQUITTO_VERSION = 1.6.10
+MOSQUITTO_VERSION = 1.6.12
 MOSQUITTO_SITE = https://mosquitto.org/files/source
 MOSQUITTO_LICENSE = EPL-1.0 or EDLv1.0
 MOSQUITTO_LICENSE_FILES = LICENSE.txt epl-v10 edl-v10
@@ -41,7 +41,8 @@ else
 MOSQUITTO_MAKE_OPTS += WITH_ADNS=no
 endif
 
-ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
+# threaded API uses pthread_setname_np
+ifeq ($(BR2_TOOLCHAIN_HAS_THREADS_NPTL),y)
 MOSQUITTO_MAKE_OPTS += WITH_THREADING=yes
 else
 MOSQUITTO_MAKE_OPTS += WITH_THREADING=no