From 2eaa3fd064097eb221b56d5df0e7136ba705a0cd Mon Sep 17 00:00:00 2001 From: Andrii Davydenko Date: Wed, 14 Dec 2022 12:08:42 +0200 Subject: CVE Packages Update Move libfastjson to the rsyslog directory rsyslog 8.2002.0 -> 8.2206.0 add ntp4.2.8 recipe with fixed CVEs update cryptsetup to 2.4.3 fix libxml2 CVE-2016-3709 curl 7.75.0 -> 7.86.0 strongswan 5.8.4 -> 5.9.8 libmodbus 3.1.6 -> 3.1.7 libesmtp 1.0.6 -> 1.1.0 cifs-utils 6.1 -> 7.0 update libtirpc to version 1.3.3 update rsync to version 3.2.5 Add zlib 1.2.13 upgrade gnutls to 3.7.8 upgrade openssh to 8.9p1 Add cmake 3.24.2 and cmake-native 3.24.2 to avoid loop dependecies building expat Add expat 2.5.0 to fix CVE-2022-40674 and CVE-2022-43680 openvpn 2.4.9 -> 2.4.12 hostapd 2.9 -> 2.10 [GP-1837] mPower R.6.3.X (Fall'22): CVE Upgrade (after 2022-12-28) Openssh 8.9p1 no longer needed, because all necessary CVE fixes, backports and whitelists are present for current Openssh 8.4p1. There are no new CVE's in report. [GP-1837] mPower R.6.3.X (Fall'22): CVE Upgrade (after 2022-12-28) Backported CVE patches for python3 component. Need to remove after upgrading Yocto to version more than 3.1.21. [GP-1837] mPower R.6.3.X (Fall'22): CVE Upgrade (after 2022-12-28) Backported CVE patch for sudo component. Added 2 CVE's to whitelist for OpenVPN component. --- recipes-connectivity/hostapd/files/hostapd.service | 11 + recipes-connectivity/hostapd/hostapd_2.10.bb | 51 ++ .../openssh/openssh/CVE-2021-28041.patch | 20 + .../openssh/openssh/CVE-2021-41617.patch | 52 ++ recipes-connectivity/openssh/openssh_8.4p1.bb | 27 + .../strongswan/strongswan_%.bbappend | 18 +- .../strongswan/strongswan_5.9.8.bb | 189 +++++ recipes-core/expat/expat_2.5.0.bb | 32 + recipes-core/expat/files/run-ptest | 9 + ...run-the-python-tests-if-python-is-enabled.patch | 98 +++ .../libxml2/0001-Port-gentest.py-to-Python-3.patch | 813 ++++++++++++++++++++ recipes-core/libxml/libxml2/CVE-2016-3709.patch | 89 +++ recipes-core/libxml/libxml2/CVE-2019-20388.patch | 37 + recipes-core/libxml/libxml2/CVE-2020-24977.patch | 41 + recipes-core/libxml/libxml2/CVE-2020-7595.patch | 36 + recipes-core/libxml/libxml2/CVE-2021-3517.patch | 53 ++ recipes-core/libxml/libxml2/CVE-2021-3518.patch | 112 +++ recipes-core/libxml/libxml2/CVE-2021-3537.patch | 50 ++ recipes-core/libxml/libxml2/CVE-2021-3541.patch | 73 ++ .../libxml2/CVE-2022-23308-fix-regression.patch | 98 +++ recipes-core/libxml/libxml2/CVE-2022-23308.patch | 204 +++++ .../libxml/libxml2/CVE-2022-29824-dependent.patch | 53 ++ recipes-core/libxml/libxml2/CVE-2022-29824.patch | 348 +++++++++ .../libxml/libxml2/fix-execution-of-ptests.patch | 33 + recipes-core/libxml/libxml2/libxml-64bit.patch | 28 + .../libxml/libxml2/libxml-m4-use-pkgconfig.patch | 216 ++++++ .../libxml/libxml2/python-sitepackages-dir.patch | 35 + recipes-core/libxml/libxml2/run-ptest | 4 + recipes-core/libxml/libxml2/runtest.patch | 847 +++++++++++++++++++++ recipes-core/libxml/libxml2_2.9.10.bb | 133 ++++ recipes-core/openvpn/openvpn/openvpn | 112 +++ recipes-core/openvpn/openvpn/openvpn-volatile.conf | 1 + recipes-core/openvpn/openvpn/openvpn@.service | 12 + recipes-core/openvpn/openvpn_2.4.12.bb | 76 ++ ...0001-configure-Pass-LDFLAGS-to-link-tests.patch | 80 ++ recipes-core/zlib/zlib/run-ptest | 7 + recipes-core/zlib/zlib_1.2.13.bb | 47 ++ recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb | 105 +++ recipes-devtools/cmake/cmake-native_3.24.2.bb | 65 ++ recipes-devtools/cmake/cmake.inc | 28 + ...ineSystem-use-oe-environment-vars-to-load.patch | 44 ++ ...-of-ext2fs-ext2_fs.h-by-cmake-s-internal-.patch | 39 + .../cmake/cmake/OEToolchainConfig.cmake | 20 + .../cmake/cmake/SDKToolchainConfig.cmake.template | 31 + recipes-devtools/cmake/cmake/cmake-setup.py | 33 + .../cmake/cmake/environment.d-cmake.sh | 2 + recipes-devtools/cmake/cmake_3.24.2.bb | 67 ++ .../python/python3/CVE-2022-37454.patch | 106 +++ .../python/python3/CVE-2022-45061.patch | 101 +++ recipes-devtools/python/python3_%.bbappend | 7 + ...ssing-prototypes-to-function-declarations.patch | 173 +++++ ...n-pedantic-errors-at-the-end-of-configure.patch | 68 ++ recipes-devtools/rsync/files/determism.patch | 34 + .../rsync/files/makefile-no-rebuild.patch | 80 ++ recipes-devtools/rsync/files/rsyncd.conf | 15 + recipes-devtools/rsync/rsync_3.2.5.bb | 71 ++ .../libfastjson/libfastjson/CVE-2020-12762.patch | 80 -- .../libfastjson/libfastjson_%.bbappend | 5 - recipes-extended/libtirpc/libtirpc_1.3.3.bb | 28 + .../rsyslog/libfastjson/CVE-2020-12762.patch | 80 ++ recipes-extended/rsyslog/libfastjson_%.bbappend | 5 + recipes-extended/rsyslog/libfastjson_0.99.9.bb | 15 + recipes-extended/rsyslog/librelp_1.10.0.bb | 18 + .../rsyslog/rsyslog/0001-Include-sys-time-h.patch | 32 + .../0001-tests-disable-the-check-for-inotify.patch | 46 ++ recipes-extended/rsyslog/rsyslog/initscript | 118 +++ recipes-extended/rsyslog/rsyslog/rsyslog.conf | 91 +++ recipes-extended/rsyslog/rsyslog/rsyslog.logrotate | 39 + recipes-extended/rsyslog/rsyslog/rsyslog.service | 21 + recipes-extended/rsyslog/rsyslog/run-ptest | 12 + .../rsyslog/use-pkgconfig-to-check-libgcrypt.patch | 43 ++ recipes-extended/rsyslog/rsyslog_8.2206.0.bb | 204 +++++ recipes-extended/sudo/files/CVE-2022-43995.patch | 59 ++ recipes-extended/sudo/sudo_1.9.5p2.bb | 1 + recipes-support/cifs/cifs-utils_7.0.bb | 44 ++ .../0001-replace-krb5-config-with-pkg-config.patch | 30 + recipes-support/curl/curl_7.86.0.bb | 92 +++ ...mac-file-should-be-excuted-in-target-envi.patch | 28 + recipes-support/gnutls/gnutls/arm_eabi.patch | 30 + recipes-support/gnutls/gnutls_3.7.8.bb | 90 +++ .../gnutls/libtasn1/dont-depend-on-help2man.patch | 26 + recipes-support/gnutls/libtasn1_4.19.0.bb | 23 + recipes-support/libesmtp/libesmtp_1.1.0.bb | 32 + recipes-support/libmodbus/libmodbus.inc | 16 + ...float-endianness-issue-on-big-endian-arch.patch | 314 ++++++++ .../libmodbus/libmodbus_send_raw_message_tid.patch | 37 + recipes-support/libmodbus/libmodbus_3.1.7.bb | 9 + recipes-support/libmodbus/libmodbus_3.1.7.bbappend | 5 + ...d-target-to-only-build-tests-not-run-them.patch | 45 ++ ...k-header-files-of-openssl-only-if-enable_.patch | 36 + recipes-support/nettle/nettle/dlopen-test.patch | 29 + recipes-support/nettle/nettle/run-ptest | 36 + recipes-support/nettle/nettle_3.8.1.bb | 57 ++ ...ntp-Do-not-use-PTHREAD_STACK_MIN-on-glibc.patch | 32 + ...ild-with-new-compiler-defaults-to-fno-com.patch | 66 ++ recipes-support/ntp/files/ntp-4.2.4_p6-nano.patch | 27 + recipes-support/ntp/files/ntp.conf | 21 + recipes-support/ntp/files/ntpd | 84 ++ recipes-support/ntp/files/ntpd.list | 1 + recipes-support/ntp/files/ntpd.service | 11 + recipes-support/ntp/files/ntpdate | 59 ++ recipes-support/ntp/files/ntpdate.default | 7 + recipes-support/ntp/files/ntpdate.service | 11 + ...reproducibility-fixed-path-to-posix-shell.patch | 15 + recipes-support/ntp/files/sntp | 1 + recipes-support/ntp/files/sntp.service | 11 + recipes-support/ntp/ntp_4.2.8p15.bb | 206 +++++ 107 files changed, 7576 insertions(+), 86 deletions(-) create mode 100644 recipes-connectivity/hostapd/files/hostapd.service create mode 100644 recipes-connectivity/hostapd/hostapd_2.10.bb create mode 100644 recipes-connectivity/openssh/openssh/CVE-2021-28041.patch create mode 100644 recipes-connectivity/openssh/openssh/CVE-2021-41617.patch create mode 100644 recipes-connectivity/strongswan/strongswan_5.9.8.bb create mode 100644 recipes-core/expat/expat_2.5.0.bb create mode 100644 recipes-core/expat/files/run-ptest create mode 100644 recipes-core/libxml/libxml2/0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch create mode 100644 recipes-core/libxml/libxml2/0001-Port-gentest.py-to-Python-3.patch create mode 100644 recipes-core/libxml/libxml2/CVE-2016-3709.patch create mode 100644 recipes-core/libxml/libxml2/CVE-2019-20388.patch create mode 100644 recipes-core/libxml/libxml2/CVE-2020-24977.patch create mode 100644 recipes-core/libxml/libxml2/CVE-2020-7595.patch create mode 100644 recipes-core/libxml/libxml2/CVE-2021-3517.patch create mode 100644 recipes-core/libxml/libxml2/CVE-2021-3518.patch create mode 100644 recipes-core/libxml/libxml2/CVE-2021-3537.patch create mode 100644 recipes-core/libxml/libxml2/CVE-2021-3541.patch create mode 100644 recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch create mode 100644 recipes-core/libxml/libxml2/CVE-2022-23308.patch create mode 100644 recipes-core/libxml/libxml2/CVE-2022-29824-dependent.patch create mode 100644 recipes-core/libxml/libxml2/CVE-2022-29824.patch create mode 100644 recipes-core/libxml/libxml2/fix-execution-of-ptests.patch create mode 100644 recipes-core/libxml/libxml2/libxml-64bit.patch create mode 100644 recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch create mode 100644 recipes-core/libxml/libxml2/python-sitepackages-dir.patch create mode 100644 recipes-core/libxml/libxml2/run-ptest create mode 100644 recipes-core/libxml/libxml2/runtest.patch create mode 100644 recipes-core/libxml/libxml2_2.9.10.bb create mode 100755 recipes-core/openvpn/openvpn/openvpn create mode 100644 recipes-core/openvpn/openvpn/openvpn-volatile.conf create mode 100644 recipes-core/openvpn/openvpn/openvpn@.service create mode 100644 recipes-core/openvpn/openvpn_2.4.12.bb create mode 100644 recipes-core/zlib/zlib/0001-configure-Pass-LDFLAGS-to-link-tests.patch create mode 100644 recipes-core/zlib/zlib/run-ptest create mode 100644 recipes-core/zlib/zlib_1.2.13.bb create mode 100644 recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb create mode 100644 recipes-devtools/cmake/cmake-native_3.24.2.bb create mode 100644 recipes-devtools/cmake/cmake.inc create mode 100644 recipes-devtools/cmake/cmake/0001-CMakeDetermineSystem-use-oe-environment-vars-to-load.patch create mode 100644 recipes-devtools/cmake/cmake/0005-Disable-use-of-ext2fs-ext2_fs.h-by-cmake-s-internal-.patch create mode 100644 recipes-devtools/cmake/cmake/OEToolchainConfig.cmake create mode 100644 recipes-devtools/cmake/cmake/SDKToolchainConfig.cmake.template create mode 100755 recipes-devtools/cmake/cmake/cmake-setup.py create mode 100644 recipes-devtools/cmake/cmake/environment.d-cmake.sh create mode 100644 recipes-devtools/cmake/cmake_3.24.2.bb create mode 100644 recipes-devtools/python/python3/CVE-2022-37454.patch create mode 100644 recipes-devtools/python/python3/CVE-2022-45061.patch create mode 100644 recipes-devtools/rsync/files/0001-Add-missing-prototypes-to-function-declarations.patch create mode 100644 recipes-devtools/rsync/files/0001-Turn-on-pedantic-errors-at-the-end-of-configure.patch create mode 100644 recipes-devtools/rsync/files/determism.patch create mode 100644 recipes-devtools/rsync/files/makefile-no-rebuild.patch create mode 100644 recipes-devtools/rsync/files/rsyncd.conf create mode 100644 recipes-devtools/rsync/rsync_3.2.5.bb delete mode 100644 recipes-extended/libfastjson/libfastjson/CVE-2020-12762.patch delete mode 100644 recipes-extended/libfastjson/libfastjson_%.bbappend create mode 100644 recipes-extended/libtirpc/libtirpc_1.3.3.bb create mode 100644 recipes-extended/rsyslog/libfastjson/CVE-2020-12762.patch create mode 100644 recipes-extended/rsyslog/libfastjson_%.bbappend create mode 100644 recipes-extended/rsyslog/libfastjson_0.99.9.bb create mode 100644 recipes-extended/rsyslog/librelp_1.10.0.bb create mode 100644 recipes-extended/rsyslog/rsyslog/0001-Include-sys-time-h.patch create mode 100644 recipes-extended/rsyslog/rsyslog/0001-tests-disable-the-check-for-inotify.patch create mode 100644 recipes-extended/rsyslog/rsyslog/initscript create mode 100644 recipes-extended/rsyslog/rsyslog/rsyslog.conf create mode 100644 recipes-extended/rsyslog/rsyslog/rsyslog.logrotate create mode 100644 recipes-extended/rsyslog/rsyslog/rsyslog.service create mode 100644 recipes-extended/rsyslog/rsyslog/run-ptest create mode 100644 recipes-extended/rsyslog/rsyslog/use-pkgconfig-to-check-libgcrypt.patch create mode 100644 recipes-extended/rsyslog/rsyslog_8.2206.0.bb create mode 100644 recipes-extended/sudo/files/CVE-2022-43995.patch create mode 100644 recipes-support/cifs/cifs-utils_7.0.bb create mode 100644 recipes-support/curl/curl/0001-replace-krb5-config-with-pkg-config.patch create mode 100644 recipes-support/curl/curl_7.86.0.bb create mode 100644 recipes-support/gnutls/gnutls/0001-Creating-.hmac-file-should-be-excuted-in-target-envi.patch create mode 100644 recipes-support/gnutls/gnutls/arm_eabi.patch create mode 100644 recipes-support/gnutls/gnutls_3.7.8.bb create mode 100644 recipes-support/gnutls/libtasn1/dont-depend-on-help2man.patch create mode 100644 recipes-support/gnutls/libtasn1_4.19.0.bb create mode 100644 recipes-support/libesmtp/libesmtp_1.1.0.bb create mode 100644 recipes-support/libmodbus/libmodbus.inc create mode 100644 recipes-support/libmodbus/libmodbus/Fix-float-endianness-issue-on-big-endian-arch.patch create mode 100644 recipes-support/libmodbus/libmodbus/libmodbus_send_raw_message_tid.patch create mode 100644 recipes-support/libmodbus/libmodbus_3.1.7.bb create mode 100644 recipes-support/libmodbus/libmodbus_3.1.7.bbappend create mode 100644 recipes-support/nettle/nettle/Add-target-to-only-build-tests-not-run-them.patch create mode 100644 recipes-support/nettle/nettle/check-header-files-of-openssl-only-if-enable_.patch create mode 100644 recipes-support/nettle/nettle/dlopen-test.patch create mode 100644 recipes-support/nettle/nettle/run-ptest create mode 100644 recipes-support/nettle/nettle_3.8.1.bb create mode 100644 recipes-support/ntp/files/0001-libntp-Do-not-use-PTHREAD_STACK_MIN-on-glibc.patch create mode 100644 recipes-support/ntp/files/0001-test-Fix-build-with-new-compiler-defaults-to-fno-com.patch create mode 100644 recipes-support/ntp/files/ntp-4.2.4_p6-nano.patch create mode 100644 recipes-support/ntp/files/ntp.conf create mode 100755 recipes-support/ntp/files/ntpd create mode 100644 recipes-support/ntp/files/ntpd.list create mode 100644 recipes-support/ntp/files/ntpd.service create mode 100755 recipes-support/ntp/files/ntpdate create mode 100644 recipes-support/ntp/files/ntpdate.default create mode 100644 recipes-support/ntp/files/ntpdate.service create mode 100644 recipes-support/ntp/files/reproducibility-fixed-path-to-posix-shell.patch create mode 100644 recipes-support/ntp/files/sntp create mode 100644 recipes-support/ntp/files/sntp.service create mode 100644 recipes-support/ntp/ntp_4.2.8p15.bb diff --git a/recipes-connectivity/hostapd/files/hostapd.service b/recipes-connectivity/hostapd/files/hostapd.service new file mode 100644 index 0000000..151c050 --- /dev/null +++ b/recipes-connectivity/hostapd/files/hostapd.service @@ -0,0 +1,11 @@ +[Unit] +Description=Hostapd IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator +After=network.target + +[Service] +Type=forking +PIDFile=/run/hostapd.pid +ExecStart=@SBINDIR@/hostapd @SYSCONFDIR@/hostapd.conf -P /run/hostapd.pid -B + +[Install] +WantedBy=multi-user.target diff --git a/recipes-connectivity/hostapd/hostapd_2.10.bb b/recipes-connectivity/hostapd/hostapd_2.10.bb new file mode 100644 index 0000000..04b70d9 --- /dev/null +++ b/recipes-connectivity/hostapd/hostapd_2.10.bb @@ -0,0 +1,51 @@ +SUMMARY = "User space daemon for extended IEEE 802.11 management" +HOMEPAGE = "http://w1.fi/hostapd/" +SECTION = "kernel/userland" +LICENSE = "BSD-3-Clause" +LIC_FILES_CHKSUM = "file://hostapd/README;md5=c905478466c90f1cefc0df987c40e172" + +DEPENDS = "libnl openssl" + +SRC_URI = " \ + http://w1.fi/releases/hostapd-${PV}.tar.gz \ + file://defconfig \ + file://init \ + file://hostapd.service \ +" + + +SRC_URI[sha256sum] = "206e7c799b678572c2e3d12030238784bc4a9f82323b0156b4c9466f1498915d" + +S = "${WORKDIR}/hostapd-${PV}" +B = "${WORKDIR}/hostapd-${PV}/hostapd" + +inherit update-rc.d systemd pkgconfig features_check + +CONFLICT_DISTRO_FEATURES = "openssl-no-weak-ciphers" + +INITSCRIPT_NAME = "hostapd" + +SYSTEMD_SERVICE_${PN} = "hostapd.service" +SYSTEMD_AUTO_ENABLE_${PN} = "disable" + +do_configure_append() { + install -m 0644 ${WORKDIR}/defconfig ${B}/.config +} + +do_compile() { + export CFLAGS="-MMD -O2 -Wall -g" + export EXTRA_CFLAGS="${CFLAGS}" + make V=1 +} + +do_install() { + install -d ${D}${sbindir} ${D}${sysconfdir}/init.d ${D}${systemd_unitdir}/system/ + install -m 0644 ${B}/hostapd.conf ${D}${sysconfdir} + install -m 0755 ${B}/hostapd ${D}${sbindir} + install -m 0755 ${B}/hostapd_cli ${D}${sbindir} + install -m 755 ${WORKDIR}/init ${D}${sysconfdir}/init.d/hostapd + install -m 0644 ${WORKDIR}/hostapd.service ${D}${systemd_unitdir}/system/ + sed -i -e 's,@SBINDIR@,${sbindir},g' -e 's,@SYSCONFDIR@,${sysconfdir},g' ${D}${systemd_unitdir}/system/hostapd.service +} + +CONFFILES_${PN} += "${sysconfdir}/hostapd.conf" diff --git a/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch b/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch new file mode 100644 index 0000000..9fd7e93 --- /dev/null +++ b/recipes-connectivity/openssh/openssh/CVE-2021-28041.patch @@ -0,0 +1,20 @@ +Description: fix double-free memory corruption in ssh-agent +Author: Marc Deslauriers +Origin: minimal fix for https://github.com/openssh/openssh-portable/commit/e04fd6dde16de1cdc5a4d9946397ff60d96568db + +Signed-off-by: Sana Kazi + +CVE: CVE-2021-28041 +Upstream-Status: Backport [http://archive.ubuntu.com/ubuntu/pool/main/o/openssh/openssh_8.2p1-4ubuntu0.3.debian.tar.xz] +Comment: No change in any hunk + +--- a/ssh-agent.c ++++ b/ssh-agent.c +@@ -496,6 +496,7 @@ process_add_identity(SocketEntry *e) + goto err; + } + free(ext_name); ++ ext_name = NULL; + break; + default: + error("%s: Unknown constraint %d", __func__, ctype); diff --git a/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch b/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch new file mode 100644 index 0000000..bda896f --- /dev/null +++ b/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch @@ -0,0 +1,52 @@ +From a6414400ec94a17871081f7df24f910a6ee01b8b Mon Sep 17 00:00:00 2001 +From: Ali Abdallah +Date: Wed, 24 Nov 2021 13:33:39 +0100 +Subject: [PATCH] CVE-2021-41617 fix + +backport of the following two upstream commits + +f3cbe43e28fe71427d41cfe3a17125b972710455 +bf944e3794eff5413f2df1ef37cddf96918c6bde + +CVE-2021-41617 failed to correctly initialise supplemental groups +when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand, +where a AuthorizedKeysCommandUser or AuthorizedPrincipalsCommandUser +directive has been set to run the command as a different user. Instead +these commands would inherit the groups that sshd(8) was started with. +--- + auth.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +CVE: CVE-2021-41617 +Upstream-Status: Backport [https://bugzilla.suse.com/attachment.cgi?id=854015] +Comment: No change in any hunk +Signed-off-by: Sana Kazi + +diff --git a/auth.c b/auth.c +index 163038f..a47b267 100644 +--- a/auth.c ++++ b/auth.c +@@ -52,6 +52,7 @@ + #include + #include + #include ++#include + + #include "xmalloc.h" + #include "match.h" +@@ -851,6 +852,13 @@ subprocess(const char *tag, struct passwd *pw, const char *command, + } + closefrom(STDERR_FILENO + 1); + ++ if (geteuid() == 0 && ++ initgroups(pw->pw_name, pw->pw_gid) == -1) { ++ error("%s: initgroups(%s, %u): %s", tag, ++ pw->pw_name, (u_int)pw->pw_gid, strerror(errno)); ++ _exit(1); ++ } ++ + /* Don't use permanently_set_uid() here to avoid fatal() */ + if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) { + error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, +-- +2.26.2 diff --git a/recipes-connectivity/openssh/openssh_8.4p1.bb b/recipes-connectivity/openssh/openssh_8.4p1.bb index 2fb4816..8e73ceb 100644 --- a/recipes-connectivity/openssh/openssh_8.4p1.bb +++ b/recipes-connectivity/openssh/openssh_8.4p1.bb @@ -25,13 +25,40 @@ SRC_URI = "https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.ta file://sshd_check_keys \ file://add-test-support-for-busybox.patch \ file://0f90440ca70abab947acbd77795e9f130967956c.patch \ + file://CVE-2021-28041.patch \ + file://CVE-2021-41617.patch \ " SRC_URI[sha256sum] = "5a01d22e407eb1c05ba8a8f7c654d388a13e9f226e4ed33bd38748dafa1d2b24" +# This CVE is specific to OpenSSH with the pam opie which we don't build/use here +CVE_CHECK_WHITELIST += "CVE-2007-2768" + # This CVE is specific to OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 # and when running in a Kerberos environment. As such it is not relevant to OpenEmbedded CVE_CHECK_WHITELIST += "CVE-2014-9278" +# CVE-2008-3844 was reported in OpenSSH on Red Hat Enterprise Linux and +# certain packages may have been compromised. This CVE is not applicable +# as our source is OpenBSD. https://securitytracker.com/id?1020730 +# https://www.securityfocus.com/bid/30794 +CVE_CHECK_WHITELIST += "CVE-2008-3844" + +# openssh-ssh1 is provided for compatibility with old devices that +# cannot be upgraded to modern protocols. Thus they may not provide security +# support for this package because doing so would prevent access to equipment. +# The upstream OpenSSH developers see this as an important +# security feature and do not intend to 'fix' it. +# https://security-tracker.debian.org/tracker/CVE-2016-20012 +# https://ubuntu.com/security/CVE-2016-20012 +CVE_CHECK_WHITELIST += "CVE-2016-20012" + +# As per debian, the issue is fixed by a feature called "agent restriction" in openssh 8.9 +# Urgency is unimportant as per debian, Hence this CVE is whitelisting. +# https://security-tracker.debian.org/tracker/CVE-2021-36368 +# https://bugzilla.mindrot.org/show_bug.cgi?id=3316#c2 +# https://docs.ssh-mitm.at/trivialauth.html +CVE_CHECK_WHITELIST += "CVE-2021-36368" + PAM_SRC_URI = "file://sshd" inherit manpages useradd update-rc.d update-alternatives systemd diff --git a/recipes-connectivity/strongswan/strongswan_%.bbappend b/recipes-connectivity/strongswan/strongswan_%.bbappend index c68b45e..3286caa 100644 --- a/recipes-connectivity/strongswan/strongswan_%.bbappend +++ b/recipes-connectivity/strongswan/strongswan_%.bbappend @@ -1,3 +1,19 @@ -FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:" +FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:${THISDIR}/files:" + +PR.=".mts2" PACKAGECONFIG_remove = "sqlite3" + +PACKAGECONFIG_append = "stroke" + +do_install_append() { + install -d ${D}${sysconfdir}/ ${D}${sysconfdir}/ipsec.d/ + ln -sf /var/run/ipsec/ipsec.conf ${D}${sysconfdir}/ipsec.conf + ln -sf /var/run/ipsec/ipsec.secrets ${D}${sysconfdir}/ipsec.secrets + rm -rf ${D}${sysconfdir}/ipsec.d/cacerts + ln -sf /var/run/ipsec/cacerts ${D}${sysconfdir}/ipsec.d/cacerts + rm -rf ${D}${sysconfdir}/ipsec.d/certs + ln -sf /var/run/ipsec/certs ${D}${sysconfdir}/ipsec.d/certs + rm -rf ${D}${sysconfdir}/ipsec.d/private + ln -sf /var/run/ipsec/private ${D}${sysconfdir}/ipsec.d/private +} diff --git a/recipes-connectivity/strongswan/strongswan_5.9.8.bb b/recipes-connectivity/strongswan/strongswan_5.9.8.bb new file mode 100644 index 0000000..9025f68 --- /dev/null +++ b/recipes-connectivity/strongswan/strongswan_5.9.8.bb @@ -0,0 +1,189 @@ +DESCRIPTION = "strongSwan is an OpenSource IPsec implementation for the \ +Linux operating system." +SUMMARY = "strongSwan is an OpenSource IPsec implementation" +HOMEPAGE = "http://www.strongswan.org" +SECTION = "net" +LICENSE = "GPL-2.0" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" +DEPENDS = "flex-native flex bison-native" +DEPENDS_append = "${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', ' tpm2-tss', '', d)}" + +SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2 \ + " + +SRC_URI[sha256sum] = "d3303a43c0bd7b75a12b64855e8edcb53696f06190364f26d1533bde1f2e453c" + +UPSTREAM_CHECK_REGEX = "strongswan-(?P\d+(\.\d+)+)\.tar" + +EXTRA_OECONF = " \ + --without-lib-prefix \ + --with-dev-headers=${includedir}/strongswan \ +" + +EXTRA_OECONF += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '--with-systemdsystemunitdir=${systemd_unitdir}/system/', '--without-systemdsystemunitdir', d)}" + +PACKAGECONFIG ?= "curl gmp openssl sqlite3 swanctl curve25519 \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd-charon', 'charon', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', 'tpm2', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'ima', 'tnc-imc imc-hcd imc-os imc-scanner imc-attestation', '', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'ima', 'tnc-imv imv-hcd imv-os imv-scanner imv-attestation', '', d)} \ +" + +PACKAGECONFIG[aesni] = "--enable-aesni,--disable-aesni,,${PN}-plugin-aesni" +PACKAGECONFIG[bfd] = "--enable-bfd-backtraces,--disable-bfd-backtraces,binutils" +PACKAGECONFIG[charon] = "--enable-charon,--disable-charon," +PACKAGECONFIG[curl] = "--enable-curl,--disable-curl,curl,${PN}-plugin-curl" +PACKAGECONFIG[eap-identity] = "--enable-eap-identity,--disable-eap-identity,,${PN}-plugin-eap-identity" +PACKAGECONFIG[eap-mschapv2] = "--enable-eap-mschapv2,--disable-eap-mschapv2,,${PN}-plugin-eap-mschapv2" +PACKAGECONFIG[gmp] = "--enable-gmp,--disable-gmp,gmp,${PN}-plugin-gmp" +PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap,openldap,${PN}-plugin-ldap" +PACKAGECONFIG[mysql] = "--enable-mysql,--disable-mysql,mysql5,${PN}-plugin-mysql" +PACKAGECONFIG[openssl] = "--enable-openssl,--disable-openssl,openssl,${PN}-plugin-openssl" +PACKAGECONFIG[soup] = "--enable-soup,--disable-soup,libsoup-2.4,${PN}-plugin-soup" +PACKAGECONFIG[sqlite3] = "--enable-sqlite,--disable-sqlite,sqlite3,${PN}-plugin-sqlite" +PACKAGECONFIG[stroke] = "--enable-stroke,--disable-stroke,,${PN}-plugin-stroke" +PACKAGECONFIG[swanctl] = "--enable-swanctl,--disable-swanctl,,libgcc" +PACKAGECONFIG[curve25519] = "--enable-curve25519,--disable-curve25519,, ${PN}-plugin-curve25519" + +# requires swanctl +PACKAGECONFIG[systemd-charon] = "--enable-systemd,--disable-systemd,systemd," + +# tpm needs meta-tpm layer +PACKAGECONFIG[tpm2] = "--enable-tpm,--disable-tpm,,${PN}-plugin-tpm" + + +# integraty configuration needs meta-integraty +#imc +PACKAGECONFIG[tnc-imc] = "--enable-tnc-imc,--disable-tnc-imc,, ${PN}-plugin-tnc-imc ${PN}-plugin-tnc-tnccs" +PACKAGECONFIG[imc-test] = "--enable-imc-test,--disable-imc-test,," +PACKAGECONFIG[imc-scanner] = "--enable-imc-scanner,--disable-imc-scanner,," +PACKAGECONFIG[imc-os] = "--enable-imc-os,--disable-imc-os,," +PACKAGECONFIG[imc-attestation] = "--enable-imc-attestation,--disable-imc-attestation,," +PACKAGECONFIG[imc-swima] = "--enable-imc-swima, --disable-imc-swima, json-c," +PACKAGECONFIG[imc-hcd] = "--enable-imc-hcd, --disable-imc-hcd,," + +#imv set +PACKAGECONFIG[tnc-imv] = "--enable-tnc-imv,--disable-tnc-imv,, ${PN}-plugin-tnc-imv ${PN}-plugin-tnc-tnccs" +PACKAGECONFIG[imv-test] = "--enable-imv-test,--disable-imv-test,," +PACKAGECONFIG[imv-scanner] = "--enable-imv-scanner,--disable-imv-scanner,," +PACKAGECONFIG[imv-os] = "--enable-imv-os,--disable-imv-os,," +PACKAGECONFIG[imv-attestation] = "--enable-imv-attestation,--disable-imv-attestation,," +PACKAGECONFIG[imv-swima] = "--enable-imv-swima, --disable-imv-swima, json-c," +PACKAGECONFIG[imv-hcd] = "--enable-imv-hcd, --disable-imv-hcd,," + +PACKAGECONFIG[tnc-ifmap] = "--enable-tnc-ifmap,--disable-tnc-ifmap, libxml2, ${PN}-plugin-tnc-ifmap" +PACKAGECONFIG[tnc-pdp] = "--enable-tnc-pdp,--disable-tnc-pdp,, ${PN}-plugin-tnc-pdp" + +PACKAGECONFIG[tnccs-11] = "--enable-tnccs-11,--disable-tnccs-11,libxml2, ${PN}-plugin-tnccs-11" +PACKAGECONFIG[tnccs-20] = "--enable-tnccs-20,--disable-tnccs-20,, ${PN}-plugin-tnccs-20" +PACKAGECONFIG[tnccs-dynamic] = "--enable-tnccs-dynamic,--disable-tnccs-dynamic,,${PN}-plugin-tnccs-dynamic" + +inherit autotools systemd pkgconfig + +RRECOMMENDS_${PN} = "kernel-module-ah4 \ + kernel-module-esp4 \ + kernel-module-xfrm-user \ + " + +FILES_${PN} += "${libdir}/ipsec/lib*${SOLIBS}" +FILES_${PN}-dbg += "${bindir}/.debug ${sbindir}/.debug ${libdir}/ipsec/.debug ${libexecdir}/ipsec/.debug" +FILES_${PN}-dev += "${libdir}/ipsec/lib*${SOLIBSDEV} ${libdir}/ipsec/*.la ${libdir}/ipsec/include/config.h" +FILES_${PN}-staticdev += "${libdir}/ipsec/*.a" + +CONFFILES_${PN} = "${sysconfdir}/*.conf ${sysconfdir}/ipsec.d/*.conf ${sysconfdir}/strongswan.d/*.conf" + +PACKAGES += "${PN}-plugins" +ALLOW_EMPTY_${PN}-plugins = "1" + +PACKAGE_BEFORE_PN = "${PN}-imcvs ${PN}-imcvs-dbg" +ALLOW_EMPTY_${PN}-imcvs = "1" + +FILES_${PN}-imcvs = "${libdir}/ipsec/imcvs/*.so" +FILES_${PN}-imcvs-dbg += "${libdir}/ipsec/imcvs/.debug" + +PACKAGES_DYNAMIC += "^${PN}-plugin-.*$" +NOAUTOPACKAGEDEBUG = "1" + +python split_strongswan_plugins () { + sysconfdir = d.expand('${sysconfdir}/strongswan.d/charon') + libdir = d.expand('${libdir}/ipsec/plugins') + dbglibdir = os.path.join(libdir, '.debug') + + def add_plugin_conf(f, pkg, file_regex, output_pattern, modulename): + dvar = d.getVar('PKGD') + oldfiles = d.getVar('CONFFILES_' + pkg) + newfile = '/' + os.path.relpath(f, dvar) + + if not oldfiles: + d.setVar('CONFFILES_' + pkg, newfile) + else: + d.setVar('CONFFILES_' + pkg, oldfiles + " " + newfile) + + split_packages = do_split_packages(d, libdir, r'libstrongswan-(.*)\.so', '${PN}-plugin-%s', 'strongSwan %s plugin', prepend=True) + do_split_packages(d, sysconfdir, r'(.*)\.conf', '${PN}-plugin-%s', 'strongSwan %s plugin', prepend=True, hook=add_plugin_conf) + + split_dbg_packages = do_split_packages(d, dbglibdir, r'libstrongswan-(.*)\.so', '${PN}-plugin-%s-dbg', 'strongSwan %s plugin - Debugging files', prepend=True, extra_depends='${PN}-dbg') + split_dev_packages = do_split_packages(d, libdir, r'libstrongswan-(.*)\.la', '${PN}-plugin-%s-dev', 'strongSwan %s plugin - Development files', prepend=True, extra_depends='${PN}-dev') + split_staticdev_packages = do_split_packages(d, libdir, r'libstrongswan-(.*)\.a', '${PN}-plugin-%s-staticdev', 'strongSwan %s plugin - Development files (Static Libraries)', prepend=True, extra_depends='${PN}-staticdev') + + if split_packages: + pn = d.getVar('PN') + d.setVar('RRECOMMENDS_' + pn + '-plugins', ' '.join(split_packages)) + d.appendVar('RRECOMMENDS_' + pn + '-dbg', ' ' + ' '.join(split_dbg_packages)) + d.appendVar('RRECOMMENDS_' + pn + '-dev', ' ' + ' '.join(split_dev_packages)) + d.appendVar('RRECOMMENDS_' + pn + '-staticdev', ' ' + ' '.join(split_staticdev_packages)) +} + +PACKAGESPLITFUNCS_prepend = "split_strongswan_plugins " + +# Install some default plugins based on default strongSwan ./configure options +# See https://wiki.strongswan.org/projects/strongswan/wiki/Pluginlist +RDEPENDS_${PN} += "\ + ${PN}-plugin-aes \ + ${PN}-plugin-attr \ + ${PN}-plugin-cmac \ + ${PN}-plugin-constraints \ + ${PN}-plugin-des \ + ${PN}-plugin-dnskey \ + ${PN}-plugin-drbg \ + ${PN}-plugin-fips-prf \ + ${PN}-plugin-gcm \ + ${PN}-plugin-hmac \ + ${PN}-plugin-kdf \ + ${PN}-plugin-kernel-netlink \ + ${PN}-plugin-md5 \ + ${PN}-plugin-mgf1 \ + ${PN}-plugin-nonce \ + ${PN}-plugin-pem \ + ${PN}-plugin-pgp \ + ${PN}-plugin-pkcs1 \ + ${PN}-plugin-pkcs7 \ + ${PN}-plugin-pkcs8 \ + ${PN}-plugin-pkcs12 \ + ${PN}-plugin-pubkey \ + ${PN}-plugin-random \ + ${PN}-plugin-rc2 \ + ${PN}-plugin-resolve \ + ${PN}-plugin-revocation \ + ${PN}-plugin-sha1 \ + ${PN}-plugin-sha2 \ + ${PN}-plugin-socket-default \ + ${PN}-plugin-sshkey \ + ${PN}-plugin-updown \ + ${PN}-plugin-vici \ + ${PN}-plugin-x509 \ + ${PN}-plugin-xauth-generic \ + ${PN}-plugin-xcbc \ + " + +RPROVIDES_${PN} += "${PN}-systemd" +RREPLACES_${PN} += "${PN}-systemd" +RCONFLICTS_${PN} += "${PN}-systemd" + +# The deprecated legacy 'strongswan-starter' service should only be used when charon and +# stroke are enabled. When swanctl is in use, 'strongswan.service' is needed. +# See: https://wiki.strongswan.org/projects/strongswan/wiki/Charon-systemd +SYSTEMD_SERVICE_${PN} = " \ + ${@bb.utils.contains('PACKAGECONFIG', 'swanctl', '${BPN}.service', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'charon', '${BPN}-starter.service', '', d)} \ +" diff --git a/recipes-core/expat/expat_2.5.0.bb b/recipes-core/expat/expat_2.5.0.bb new file mode 100644 index 0000000..47334ed --- /dev/null +++ b/recipes-core/expat/expat_2.5.0.bb @@ -0,0 +1,32 @@ +SUMMARY = "A stream-oriented XML parser library" +DESCRIPTION = "Expat is an XML parser library written in C. It is a stream-oriented parser in which an application registers handlers for things the parser might find in the XML document (like start tags)" +HOMEPAGE = "https://github.com/libexpat/libexpat" +SECTION = "libs" +LICENSE = "MIT" + +LIC_FILES_CHKSUM = "file://COPYING;md5=7b3b078238d0901d3b339289117cb7fb" + +VERSION_TAG = "${@d.getVar('PV').replace('.', '_')}" + +SRC_URI = "${GITHUB_BASE_URI}/download/R_${VERSION_TAG}/expat-${PV}.tar.bz2 \ + file://run-ptest \ + " + +GITHUB_BASE_URI = "https://github.com/libexpat/libexpat/releases/" +UPSTREAM_CHECK_REGEX = "releases/tag/R_(?P.+)" + +SRC_URI[sha256sum] = "6f0e6e01f7b30025fa05c85fdad1e5d0ec7fd35d9f61b22f34998de11969ff67" + +EXTRA_OECMAKE:class-native += "-DEXPAT_BUILD_DOCS=OFF" + +RDEPENDS:${PN}-ptest += "bash" + +inherit cmake lib_package ptest + +do_install_ptest:class-target() { + install -m 755 ${B}/tests/* ${D}${PTEST_PATH} +} + +BBCLASSEXTEND += "native nativesdk" + +CVE_PRODUCT = "expat libexpat" diff --git a/recipes-core/expat/files/run-ptest b/recipes-core/expat/files/run-ptest new file mode 100644 index 0000000..dbf602c --- /dev/null +++ b/recipes-core/expat/files/run-ptest @@ -0,0 +1,9 @@ +#!/bin/bash + +TIME=$(which time) + +echo "runtests" +${TIME} -f 'Execution time: %e s' bash -c "./runtests -v" +echo "runtestspp" +${TIME} -f 'Execution time: %e s' bash -c "./runtestspp -v" +echo diff --git a/recipes-core/libxml/libxml2/0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch b/recipes-core/libxml/libxml2/0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch new file mode 100644 index 0000000..5e9a0a5 --- /dev/null +++ b/recipes-core/libxml/libxml2/0001-Make-ptest-run-the-python-tests-if-python-is-enabled.patch @@ -0,0 +1,98 @@ +From 2b5fb416aa275fd2a17a0139a2f783998bcb42cc Mon Sep 17 00:00:00 2001 +From: Peter Kjellerstedt +Date: Fri, 9 Jun 2017 17:50:46 +0200 +Subject: [PATCH] Make ptest run the python tests if python is enabled + +One of the tests (tstLastError.py) needed a minor correction. It might +be due to the fact that the tests are forced to run with Python 3. + +Upstream-Status: Inappropriate [OE specific] +Signed-off-by: Peter Kjellerstedt + +--- + Makefile.am | 2 +- + python/Makefile.am | 9 +++++++++ + python/tests/Makefile.am | 10 ++++++++++ + python/tests/tstLastError.py | 2 +- + 4 files changed, 21 insertions(+), 2 deletions(-) + +diff --git a/Makefile.am b/Makefile.am +index ae62274..bd1e425 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -203,9 +203,9 @@ install-ptest: + install $(check_PROGRAMS) $(DESTDIR)) + cp -r $(srcdir)/test $(DESTDIR) + cp -r $(srcdir)/result $(DESTDIR) +- cp -r $(srcdir)/python $(DESTDIR) + cp Makefile $(DESTDIR) + sed -i -e 's|^Makefile:|_Makefile:|' $(DESTDIR)/Makefile ++ $(MAKE) -C python install-ptest + + runtests: runtest$(EXEEXT) testrecurse$(EXEEXT) testapi$(EXEEXT) \ + testchar$(EXEEXT) testdict$(EXEEXT) runxmlconf$(EXEEXT) +diff --git a/python/Makefile.am b/python/Makefile.am +index 34aed96..ba3ec6a 100644 +--- a/python/Makefile.am ++++ b/python/Makefile.am +@@ -48,7 +48,16 @@ GENERATED = libxml2class.py libxml2class.txt $(BUILT_SOURCES) + + $(GENERATED): $(srcdir)/generator.py $(API_DESC) + $(PYTHON) $(srcdir)/generator.py $(srcdir) ++ ++install-ptest: ++ cp -r $(srcdir) $(DESTDIR) ++ sed -e 's|^Makefile:|_Makefile:|' \ ++ -e 's|^\(tests test:\) all|\1|' Makefile >$(DESTDIR)/python/Makefile ++ $(MAKE) -C tests install-ptest ++else ++install-ptest: + endif + ++.PHONY: tests test + tests test: all + cd tests && $(MAKE) tests +diff --git a/python/tests/Makefile.am b/python/tests/Makefile.am +index 227e24d..021bb29 100644 +--- a/python/tests/Makefile.am ++++ b/python/tests/Makefile.am +@@ -59,6 +59,11 @@ XMLS= \ + CLEANFILES = core tmp.xml *.pyc + + if WITH_PYTHON ++install-ptest: ++ cp -r $(srcdir) $(DESTDIR)/python ++ sed -e 's|^Makefile:|_Makefile:|' \ ++ -e 's|^\(srcdir = \).*|\1.|' Makefile >$(DESTDIR)/python/tests/Makefile ++ + tests: $(PYTESTS) + @for f in $(XMLS) ; do test -f $$f || $(LN_S) $(srcdir)/$$f . ; done + @echo "## running Python regression tests" +@@ -70,9 +75,14 @@ tests: $(PYTESTS) + if [ "$$?" -ne 0 ] ; then \ + echo "-- $$test" ; \ + echo "$$log" ; \ ++ echo "FAIL: $$test"; \ + exit 1 ; \ ++ else \ ++ echo "PASS: $$test"; \ + fi ; \ + done) + else ++install-ptest: ++ + tests: + endif +diff --git a/python/tests/tstLastError.py b/python/tests/tstLastError.py +index 81d0acc..162c8db 100755 +--- a/python/tests/tstLastError.py ++++ b/python/tests/tstLastError.py +@@ -25,7 +25,7 @@ class TestCase(unittest.TestCase): + when the exception is raised, check the libxml2.lastError for + expected values.""" + # disable the default error handler +- libxml2.registerErrorHandler(None,None) ++ libxml2.registerErrorHandler(lambda ctx,str: None,None) + try: + f(*args) + except exc: diff --git a/recipes-core/libxml/libxml2/0001-Port-gentest.py-to-Python-3.patch b/recipes-core/libxml/libxml2/0001-Port-gentest.py-to-Python-3.patch new file mode 100644 index 0000000..b0d26d1 --- /dev/null +++ b/recipes-core/libxml/libxml2/0001-Port-gentest.py-to-Python-3.patch @@ -0,0 +1,813 @@ +From b5125000917810731bc28055c0445d571121f80e Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer +Date: Thu, 21 Apr 2022 00:45:58 +0200 +Subject: [PATCH] Port gentest.py to Python 3 + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libxml2/-/commit/343fc1421cdae097fa6c4cffeb1a065a40be6bbb] + +* fixes: + +make[1]: 'testReader' is up to date. + File "../libxml2-2.9.10/gentest.py", line 11 + print "libxml2 python bindings not available, skipping testapi.c generation" + ^ +SyntaxError: Missing parentheses in call to 'print'. Did you mean print("libxml2 python bindings not available, skipping testapi.c generation")? +make[1]: [Makefile:2078: testapi.c] Error 1 (ignored) + +... + +make[1]: 'testReader' is up to date. + File "../libxml2-2.9.10/gentest.py", line 271 + return 1 + ^ +TabError: inconsistent use of tabs and spaces in indentation +make[1]: [Makefile:2078: testapi.c] Error 1 (ignored) + +... + +aarch64-oe-linux-gcc: error: testapi.c: No such file or directory +aarch64-oe-linux-gcc: fatal error: no input files +compilation terminated. +make[1]: *** [Makefile:1275: testapi.o] Error 1 + +But there is still a bit mystery why it worked before, because check-am +calls gentest.py with $(PYTHON), so it ignores the shebang in the script +and libxml2 is using python3native (through python3targetconfig.bbclass) +so something like: + +libxml2/2.9.10-r0/recipe-sysroot-native/usr/bin/python3-native/python3 gentest.py + +But that still fails (now without SyntaxError) with: +libxml2 python bindings not available, skipping testapi.c generation + +because we don't have dependency on libxml2-native (to provide libxml2 +python bindings form python3native) and exported PYTHON_SITE_PACKAGES +might be useless (e.g. /usr/lib/python3.8/site-packages on Ubuntu-22.10 +which uses python 3.10 and there is no site-packages with libxml2) + +Signed-off-by: Martin Jansa +--- + gentest.py | 421 ++++++++++++++++++++++++++--------------------------- + 1 file changed, 209 insertions(+), 212 deletions(-) + +diff --git a/gentest.py b/gentest.py +index b763300..0756706 100755 +--- a/gentest.py ++++ b/gentest.py +@@ -8,7 +8,7 @@ import string + try: + import libxml2 + except: +- print "libxml2 python bindings not available, skipping testapi.c generation" ++ print("libxml2 python bindings not available, skipping testapi.c generation") + sys.exit(0) + + if len(sys.argv) > 1: +@@ -227,7 +227,7 @@ extra_post_call = { + if (old != NULL) { + xmlUnlinkNode(old); + xmlFreeNode(old) ; old = NULL ; } +- ret_val = NULL;""", ++\t ret_val = NULL;""", + "xmlTextMerge": + """if ((first != NULL) && (first->type != XML_TEXT_NODE)) { + xmlUnlinkNode(second); +@@ -236,7 +236,7 @@ extra_post_call = { + """if ((ret_val != NULL) && (ret_val != ncname) && + (ret_val != prefix) && (ret_val != memory)) + xmlFree(ret_val); +- ret_val = NULL;""", ++\t ret_val = NULL;""", + "xmlNewDocElementContent": + """xmlFreeDocElementContent(doc, ret_val); ret_val = NULL;""", + "xmlDictReference": "xmlDictFree(dict);", +@@ -268,29 +268,29 @@ modules = [] + def is_skipped_module(name): + for mod in skipped_modules: + if mod == name: +- return 1 ++ return 1 + return 0 + + def is_skipped_function(name): + for fun in skipped_functions: + if fun == name: +- return 1 ++ return 1 + # Do not test destructors +- if string.find(name, 'Free') != -1: ++ if name.find('Free') != -1: + return 1 + return 0 + + def is_skipped_memcheck(name): + for fun in skipped_memcheck: + if fun == name: +- return 1 ++ return 1 + return 0 + + missing_types = {} + def add_missing_type(name, func): + try: + list = missing_types[name] +- list.append(func) ++ list.append(func) + except: + missing_types[name] = [func] + +@@ -310,7 +310,7 @@ def add_missing_functions(name, module): + missing_functions_nr = missing_functions_nr + 1 + try: + list = missing_functions[module] +- list.append(name) ++ list.append(name) + except: + missing_functions[module] = [name] + +@@ -319,45 +319,45 @@ def add_missing_functions(name, module): + # + + def type_convert(str, name, info, module, function, pos): +-# res = string.replace(str, " ", " ") +-# res = string.replace(str, " ", " ") +-# res = string.replace(str, " ", " ") +- res = string.replace(str, " *", "_ptr") +-# res = string.replace(str, "*", "_ptr") +- res = string.replace(res, " ", "_") ++# res = str.replace(" ", " ") ++# res = str.replace(" ", " ") ++# res = str.replace(" ", " ") ++ res = str.replace(" *", "_ptr") ++# res = str.replace("*", "_ptr") ++ res = res.replace(" ", "_") + if res == 'const_char_ptr': +- if string.find(name, "file") != -1 or \ +- string.find(name, "uri") != -1 or \ +- string.find(name, "URI") != -1 or \ +- string.find(info, "filename") != -1 or \ +- string.find(info, "URI") != -1 or \ +- string.find(info, "URL") != -1: +- if string.find(function, "Save") != -1 or \ +- string.find(function, "Create") != -1 or \ +- string.find(function, "Write") != -1 or \ +- string.find(function, "Fetch") != -1: +- return('fileoutput') +- return('filepath') ++ if name.find("file") != -1 or \ ++ name.find("uri") != -1 or \ ++ name.find("URI") != -1 or \ ++ info.find("filename") != -1 or \ ++ info.find("URI") != -1 or \ ++ info.find("URL") != -1: ++ if function.find("Save") != -1 or \ ++ function.find("Create") != -1 or \ ++ function.find("Write") != -1 or \ ++ function.find("Fetch") != -1: ++ return('fileoutput') ++ return('filepath') + if res == 'void_ptr': + if module == 'nanoftp' and name == 'ctx': +- return('xmlNanoFTPCtxtPtr') ++ return('xmlNanoFTPCtxtPtr') + if function == 'xmlNanoFTPNewCtxt' or \ +- function == 'xmlNanoFTPConnectTo' or \ +- function == 'xmlNanoFTPOpen': +- return('xmlNanoFTPCtxtPtr') ++ function == 'xmlNanoFTPConnectTo' or \ ++ function == 'xmlNanoFTPOpen': ++ return('xmlNanoFTPCtxtPtr') + if module == 'nanohttp' and name == 'ctx': +- return('xmlNanoHTTPCtxtPtr') +- if function == 'xmlNanoHTTPMethod' or \ +- function == 'xmlNanoHTTPMethodRedir' or \ +- function == 'xmlNanoHTTPOpen' or \ +- function == 'xmlNanoHTTPOpenRedir': +- return('xmlNanoHTTPCtxtPtr'); ++ return('xmlNanoHTTPCtxtPtr') ++ if function == 'xmlNanoHTTPMethod' or \ ++ function == 'xmlNanoHTTPMethodRedir' or \ ++ function == 'xmlNanoHTTPOpen' or \ ++ function == 'xmlNanoHTTPOpenRedir': ++ return('xmlNanoHTTPCtxtPtr'); + if function == 'xmlIOHTTPOpen': +- return('xmlNanoHTTPCtxtPtr') +- if string.find(name, "data") != -1: +- return('userdata') +- if string.find(name, "user") != -1: +- return('userdata') ++ return('xmlNanoHTTPCtxtPtr') ++ if name.find("data") != -1: ++ return('userdata') ++ if name.find("user") != -1: ++ return('userdata') + if res == 'xmlDoc_ptr': + res = 'xmlDocPtr' + if res == 'xmlNode_ptr': +@@ -366,18 +366,18 @@ def type_convert(str, name, info, module, function, pos): + res = 'xmlDictPtr' + if res == 'xmlNodePtr' and pos != 0: + if (function == 'xmlAddChild' and pos == 2) or \ +- (function == 'xmlAddChildList' and pos == 2) or \ ++ (function == 'xmlAddChildList' and pos == 2) or \ + (function == 'xmlAddNextSibling' and pos == 2) or \ + (function == 'xmlAddSibling' and pos == 2) or \ + (function == 'xmlDocSetRootElement' and pos == 2) or \ + (function == 'xmlReplaceNode' and pos == 2) or \ + (function == 'xmlTextMerge') or \ +- (function == 'xmlAddPrevSibling' and pos == 2): +- return('xmlNodePtr_in'); ++ (function == 'xmlAddPrevSibling' and pos == 2): ++ return('xmlNodePtr_in'); + if res == 'const xmlBufferPtr': + res = 'xmlBufferPtr' + if res == 'xmlChar_ptr' and name == 'name' and \ +- string.find(function, "EatName") != -1: ++ function.find("EatName") != -1: + return('eaten_name') + if res == 'void_ptr*': + res = 'void_ptr_ptr' +@@ -393,7 +393,7 @@ def type_convert(str, name, info, module, function, pos): + res = 'debug_FILE_ptr'; + if res == 'int' and name == 'options': + if module == 'parser' or module == 'xmlreader': +- res = 'parseroptions' ++ res = 'parseroptions' + + return res + +@@ -402,28 +402,28 @@ known_param_types = [] + def is_known_param_type(name): + for type in known_param_types: + if type == name: +- return 1 ++ return 1 + return name[-3:] == 'Ptr' or name[-4:] == '_ptr' + + def generate_param_type(name, rtype): + global test + for type in known_param_types: + if type == name: +- return ++ return + for type in generated_param_types: + if type == name: +- return ++ return + + if name[-3:] == 'Ptr' or name[-4:] == '_ptr': + if rtype[0:6] == 'const ': +- crtype = rtype[6:] +- else: +- crtype = rtype ++ crtype = rtype[6:] ++ else: ++ crtype = rtype + + define = 0 +- if modules_defines.has_key(module): +- test.write("#ifdef %s\n" % (modules_defines[module])) +- define = 1 ++ if module in modules_defines: ++ test.write("#ifdef %s\n" % (modules_defines[module])) ++ define = 1 + test.write(""" + #define gen_nb_%s 1 + static %s gen_%s(int no ATTRIBUTE_UNUSED, int nr ATTRIBUTE_UNUSED) { +@@ -433,7 +433,7 @@ static void des_%s(int no ATTRIBUTE_UNUSED, %s val ATTRIBUTE_UNUSED, int nr ATTR + } + """ % (name, crtype, name, name, rtype)) + if define == 1: +- test.write("#endif\n\n") ++ test.write("#endif\n\n") + add_generated_param_type(name) + + # +@@ -445,7 +445,7 @@ known_return_types = [] + def is_known_return_type(name): + for type in known_return_types: + if type == name: +- return 1 ++ return 1 + return 0 + + # +@@ -471,7 +471,7 @@ def compare_and_save(): + try: + os.system("rm testapi.c; mv testapi.c.new testapi.c") + except: +- os.system("mv testapi.c.new testapi.c") ++ os.system("mv testapi.c.new testapi.c") + print("Updated testapi.c") + else: + print("Generated testapi.c is identical") +@@ -481,17 +481,17 @@ while line != "": + if line == "/* CUT HERE: everything below that line is generated */\n": + break; + if line[0:15] == "#define gen_nb_": +- type = string.split(line[15:])[0] +- known_param_types.append(type) ++ type = line[15:].split()[0] ++ known_param_types.append(type) + if line[0:19] == "static void desret_": +- type = string.split(line[19:], '(')[0] +- known_return_types.append(type) ++ type = line[19:].split('(')[0] ++ known_return_types.append(type) + test.write(line) + line = input.readline() + input.close() + + if line == "": +- print "Could not find the CUT marker in testapi.c skipping generation" ++ print("Could not find the CUT marker in testapi.c skipping generation") + test.close() + sys.exit(0) + +@@ -505,7 +505,7 @@ test.write("/* CUT HERE: everything below that line is generated */\n") + # + doc = libxml2.readFile(srcPref + 'doc/libxml2-api.xml', None, 0) + if doc == None: +- print "Failed to load doc/libxml2-api.xml" ++ print("Failed to load doc/libxml2-api.xml") + sys.exit(1) + ctxt = doc.xpathNewContext() + +@@ -519,9 +519,9 @@ for arg in args: + mod = arg.xpathEval('string(../@file)') + func = arg.xpathEval('string(../@name)') + if (mod not in skipped_modules) and (func not in skipped_functions): +- type = arg.xpathEval('string(@type)') +- if not argtypes.has_key(type): +- argtypes[type] = func ++ type = arg.xpathEval('string(@type)') ++ if type not in argtypes: ++ argtypes[type] = func + + # similarly for return types + rettypes = {} +@@ -531,8 +531,8 @@ for ret in rets: + func = ret.xpathEval('string(../@name)') + if (mod not in skipped_modules) and (func not in skipped_functions): + type = ret.xpathEval('string(@type)') +- if not rettypes.has_key(type): +- rettypes[type] = func ++ if type not in rettypes: ++ rettypes[type] = func + + # + # Generate constructors and return type handling for all enums +@@ -549,49 +549,49 @@ for enum in enums: + continue; + define = 0 + +- if argtypes.has_key(name) and is_known_param_type(name) == 0: +- values = ctxt.xpathEval("/api/symbols/enum[@type='%s']" % name) +- i = 0 +- vals = [] +- for value in values: +- vname = value.xpathEval('string(@name)') +- if vname == None: +- continue; +- i = i + 1 +- if i >= 5: +- break; +- vals.append(vname) +- if vals == []: +- print "Didn't find any value for enum %s" % (name) +- continue +- if modules_defines.has_key(module): +- test.write("#ifdef %s\n" % (modules_defines[module])) +- define = 1 +- test.write("#define gen_nb_%s %d\n" % (name, len(vals))) +- test.write("""static %s gen_%s(int no, int nr ATTRIBUTE_UNUSED) {\n""" % +- (name, name)) +- i = 1 +- for value in vals: +- test.write(" if (no == %d) return(%s);\n" % (i, value)) +- i = i + 1 +- test.write(""" return(0); ++ if (name in argtypes) and is_known_param_type(name) == 0: ++ values = ctxt.xpathEval("/api/symbols/enum[@type='%s']" % name) ++ i = 0 ++ vals = [] ++ for value in values: ++ vname = value.xpathEval('string(@name)') ++ if vname == None: ++ continue; ++ i = i + 1 ++ if i >= 5: ++ break; ++ vals.append(vname) ++ if vals == []: ++ print("Didn't find any value for enum %s" % (name)) ++ continue ++ if module in modules_defines: ++ test.write("#ifdef %s\n" % (modules_defines[module])) ++ define = 1 ++ test.write("#define gen_nb_%s %d\n" % (name, len(vals))) ++ test.write("""static %s gen_%s(int no, int nr ATTRIBUTE_UNUSED) {\n""" % ++ (name, name)) ++ i = 1 ++ for value in vals: ++ test.write(" if (no == %d) return(%s);\n" % (i, value)) ++ i = i + 1 ++ test.write(""" return(0); + } + + static void des_%s(int no ATTRIBUTE_UNUSED, %s val ATTRIBUTE_UNUSED, int nr ATTRIBUTE_UNUSED) { + } + + """ % (name, name)); +- known_param_types.append(name) ++ known_param_types.append(name) + + if (is_known_return_type(name) == 0) and (name in rettypes): +- if define == 0 and modules_defines.has_key(module): +- test.write("#ifdef %s\n" % (modules_defines[module])) +- define = 1 ++ if define == 0 and (module in modules_defines): ++ test.write("#ifdef %s\n" % (modules_defines[module])) ++ define = 1 + test.write("""static void desret_%s(%s val ATTRIBUTE_UNUSED) { + } + + """ % (name, name)) +- known_return_types.append(name) ++ known_return_types.append(name) + if define == 1: + test.write("#endif\n\n") + +@@ -615,9 +615,9 @@ for file in headers: + # do not test deprecated APIs + # + desc = file.xpathEval('string(description)') +- if string.find(desc, 'DEPRECATED') != -1: +- print "Skipping deprecated interface %s" % name +- continue; ++ if desc.find('DEPRECATED') != -1: ++ print("Skipping deprecated interface %s" % name) ++ continue; + + test.write("#include \n" % name) + modules.append(name) +@@ -679,7 +679,7 @@ def generate_test(module, node): + # and store the informations for the generation + # + try: +- args = node.xpathEval("arg") ++ args = node.xpathEval("arg") + except: + args = [] + t_args = [] +@@ -687,37 +687,37 @@ def generate_test(module, node): + for arg in args: + n = n + 1 + rtype = arg.xpathEval("string(@type)") +- if rtype == 'void': +- break; +- info = arg.xpathEval("string(@info)") +- nam = arg.xpathEval("string(@name)") ++ if rtype == 'void': ++ break; ++ info = arg.xpathEval("string(@info)") ++ nam = arg.xpathEval("string(@name)") + type = type_convert(rtype, nam, info, module, name, n) +- if is_known_param_type(type) == 0: +- add_missing_type(type, name); +- no_gen = 1 ++ if is_known_param_type(type) == 0: ++ add_missing_type(type, name); ++ no_gen = 1 + if (type[-3:] == 'Ptr' or type[-4:] == '_ptr') and \ +- rtype[0:6] == 'const ': +- crtype = rtype[6:] +- else: +- crtype = rtype +- t_args.append((nam, type, rtype, crtype, info)) ++ rtype[0:6] == 'const ': ++ crtype = rtype[6:] ++ else: ++ crtype = rtype ++ t_args.append((nam, type, rtype, crtype, info)) + + try: +- rets = node.xpathEval("return") ++ rets = node.xpathEval("return") + except: + rets = [] + t_ret = None + for ret in rets: + rtype = ret.xpathEval("string(@type)") +- info = ret.xpathEval("string(@info)") ++ info = ret.xpathEval("string(@info)") + type = type_convert(rtype, 'return', info, module, name, 0) +- if rtype == 'void': +- break +- if is_known_return_type(type) == 0: +- add_missing_type(type, name); +- no_gen = 1 +- t_ret = (type, rtype, info) +- break ++ if rtype == 'void': ++ break ++ if is_known_return_type(type) == 0: ++ add_missing_type(type, name); ++ no_gen = 1 ++ t_ret = (type, rtype, info) ++ break + + if no_gen == 0: + for t_arg in t_args: +@@ -733,7 +733,7 @@ test_%s(void) { + + if no_gen == 1: + add_missing_functions(name, module) +- test.write(""" ++ test.write(""" + /* missing type support */ + return(test_ret); + } +@@ -742,22 +742,22 @@ test_%s(void) { + return + + try: +- conds = node.xpathEval("cond") +- for cond in conds: +- test.write("#if %s\n" % (cond.get_content())) +- nb_cond = nb_cond + 1 ++ conds = node.xpathEval("cond") ++ for cond in conds: ++ test.write("#if %s\n" % (cond.get_content())) ++ nb_cond = nb_cond + 1 + except: + pass + + define = 0 +- if function_defines.has_key(name): ++ if name in function_defines: + test.write("#ifdef %s\n" % (function_defines[name])) +- define = 1 ++ define = 1 + + # Declare the memory usage counter + no_mem = is_skipped_memcheck(name) + if no_mem == 0: +- test.write(" int mem_base;\n"); ++ test.write(" int mem_base;\n"); + + # Declare the return value + if t_ret != None: +@@ -766,29 +766,29 @@ test_%s(void) { + # Declare the arguments + for arg in t_args: + (nam, type, rtype, crtype, info) = arg; +- # add declaration +- test.write(" %s %s; /* %s */\n" % (crtype, nam, info)) +- test.write(" int n_%s;\n" % (nam)) ++ # add declaration ++ test.write(" %s %s; /* %s */\n" % (crtype, nam, info)) ++ test.write(" int n_%s;\n" % (nam)) + test.write("\n") + + # Cascade loop on of each argument list of values + for arg in t_args: + (nam, type, rtype, crtype, info) = arg; +- # +- test.write(" for (n_%s = 0;n_%s < gen_nb_%s;n_%s++) {\n" % ( +- nam, nam, type, nam)) ++ # ++ test.write(" for (n_%s = 0;n_%s < gen_nb_%s;n_%s++) {\n" % ( ++ nam, nam, type, nam)) + + # log the memory usage + if no_mem == 0: +- test.write(" mem_base = xmlMemBlocks();\n"); ++ test.write(" mem_base = xmlMemBlocks();\n"); + + # prepare the call + i = 0; + for arg in t_args: + (nam, type, rtype, crtype, info) = arg; +- # +- test.write(" %s = gen_%s(n_%s, %d);\n" % (nam, type, nam, i)) +- i = i + 1; ++ # ++ test.write(" %s = gen_%s(n_%s, %d);\n" % (nam, type, nam, i)) ++ i = i + 1; + + # add checks to avoid out-of-bounds array access + i = 0; +@@ -797,7 +797,7 @@ test_%s(void) { + # assume that "size", "len", and "start" parameters apply to either + # the nearest preceding or following char pointer + if type == "int" and (nam == "size" or nam == "len" or nam == "start"): +- for j in range(i - 1, -1, -1) + range(i + 1, len(t_args)): ++ for j in (*range(i - 1, -1, -1), *range(i + 1, len(t_args))): + (bnam, btype) = t_args[j][:2] + if btype == "const_char_ptr" or btype == "const_xmlChar_ptr": + test.write( +@@ -806,42 +806,42 @@ test_%s(void) { + " continue;\n" + % (bnam, nam, bnam)) + break +- i = i + 1; ++ i = i + 1; + + # do the call, and clanup the result +- if extra_pre_call.has_key(name): +- test.write(" %s\n"% (extra_pre_call[name])) ++ if name in extra_pre_call: ++ test.write(" %s\n"% (extra_pre_call[name])) + if t_ret != None: +- test.write("\n ret_val = %s(" % (name)) +- need = 0 +- for arg in t_args: +- (nam, type, rtype, crtype, info) = arg +- if need: +- test.write(", ") +- else: +- need = 1 +- if rtype != crtype: +- test.write("(%s)" % rtype) +- test.write("%s" % nam); +- test.write(");\n") +- if extra_post_call.has_key(name): +- test.write(" %s\n"% (extra_post_call[name])) +- test.write(" desret_%s(ret_val);\n" % t_ret[0]) ++ test.write("\n ret_val = %s(" % (name)) ++ need = 0 ++ for arg in t_args: ++ (nam, type, rtype, crtype, info) = arg ++ if need: ++ test.write(", ") ++ else: ++ need = 1 ++ if rtype != crtype: ++ test.write("(%s)" % rtype) ++ test.write("%s" % nam); ++ test.write(");\n") ++ if name in extra_post_call: ++ test.write(" %s\n"% (extra_post_call[name])) ++ test.write(" desret_%s(ret_val);\n" % t_ret[0]) + else: +- test.write("\n %s(" % (name)); +- need = 0; +- for arg in t_args: +- (nam, type, rtype, crtype, info) = arg; +- if need: +- test.write(", ") +- else: +- need = 1 +- if rtype != crtype: +- test.write("(%s)" % rtype) +- test.write("%s" % nam) +- test.write(");\n") +- if extra_post_call.has_key(name): +- test.write(" %s\n"% (extra_post_call[name])) ++ test.write("\n %s(" % (name)); ++ need = 0; ++ for arg in t_args: ++ (nam, type, rtype, crtype, info) = arg; ++ if need: ++ test.write(", ") ++ else: ++ need = 1 ++ if rtype != crtype: ++ test.write("(%s)" % rtype) ++ test.write("%s" % nam) ++ test.write(");\n") ++ if name in extra_post_call: ++ test.write(" %s\n"% (extra_post_call[name])) + + test.write(" call_tests++;\n"); + +@@ -849,32 +849,32 @@ test_%s(void) { + i = 0; + for arg in t_args: + (nam, type, rtype, crtype, info) = arg; +- # This is a hack to prevent generating a destructor for the +- # 'input' argument in xmlTextReaderSetup. There should be +- # a better, more generic way to do this! +- if string.find(info, 'destroy') == -1: +- test.write(" des_%s(n_%s, " % (type, nam)) +- if rtype != crtype: +- test.write("(%s)" % rtype) +- test.write("%s, %d);\n" % (nam, i)) +- i = i + 1; ++ # This is a hack to prevent generating a destructor for the ++ # 'input' argument in xmlTextReaderSetup. There should be ++ # a better, more generic way to do this! ++ if info.find('destroy') == -1: ++ test.write(" des_%s(n_%s, " % (type, nam)) ++ if rtype != crtype: ++ test.write("(%s)" % rtype) ++ test.write("%s, %d);\n" % (nam, i)) ++ i = i + 1; + + test.write(" xmlResetLastError();\n"); + # Check the memory usage + if no_mem == 0: +- test.write(""" if (mem_base != xmlMemBlocks()) { ++ test.write(""" if (mem_base != xmlMemBlocks()) { + printf("Leak of %%d blocks found in %s", +- xmlMemBlocks() - mem_base); +- test_ret++; ++\t xmlMemBlocks() - mem_base); ++\t test_ret++; + """ % (name)); +- for arg in t_args: +- (nam, type, rtype, crtype, info) = arg; +- test.write(""" printf(" %%d", n_%s);\n""" % (nam)) +- test.write(""" printf("\\n");\n""") +- test.write(" }\n") ++ for arg in t_args: ++ (nam, type, rtype, crtype, info) = arg; ++ test.write(""" printf(" %%d", n_%s);\n""" % (nam)) ++ test.write(""" printf("\\n");\n""") ++ test.write(" }\n") + + for arg in t_args: +- test.write(" }\n") ++ test.write(" }\n") + + test.write(" function_tests++;\n") + # +@@ -882,7 +882,7 @@ test_%s(void) { + # + while nb_cond > 0: + test.write("#endif\n") +- nb_cond = nb_cond -1 ++ nb_cond = nb_cond -1 + if