Some patches from upstream for misc build issues. Fixed hashlimit-htable-gcinterval save/restore issue, bug #254496, thank Михаил for report. Fixed save/restore issue for -m owner, bug #255113, thank Andrew Savchenko for report.

(Portage version: 2.2_rc23/cvs/Linux i686)
author: Peter Volkov <pva@gentoo.org> 2009-01-21 18:36:10 +0000
committer: Peter Volkov <pva@gentoo.org> 2009-01-21 18:36:10 +0000
commit: 0628d176384cb59ef20786a9f2881c4cf62c7153 (patch)
tree: 9f44b492153aeb69b51bab4c7724d2b08da3292d /net-firewall
parent: old (diff)
download: gentoo-2-0628d176384cb59ef20786a9f2881c4cf62c7153.tar.gz
gentoo-2-0628d176384cb59ef20786a9f2881c4cf62c7153.tar.bz2
gentoo-2-0628d176384cb59ef20786a9f2881c4cf62c7153.zip
6 files changed, 216 insertions, 2 deletions
diff --git a/net-firewall/iptables/ChangeLog b/net-firewall/iptables/ChangeLog
index 47e2ab2fd19f..fd0fbbca0b9d 100644
--- a/net-firewall/iptables/ChangeLog
+++ b/net-firewall/iptables/ChangeLog
@@ -1,6 +1,18 @@
 # ChangeLog for net-firewall/iptables
-# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.184 2008/12/06 23:52:05 robbat2 Exp $
+# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/ChangeLog,v 1.185 2009/01/21 18:36:10 pva Exp $
+
+*iptables-1.4.2-r2 (21 Jan 2009)
+
+  21 Jan 2009; Peter Volkov <pva@gentoo.org>
+  +files/iptables-1.4.2-hashlimit.patch,
+  +files/iptables-1.4.2-libxt_TOS-compilation.patch,
+  +files/iptables-1.4.2-libxt_iprange.c-build.patch,
+  +files/iptables-1.4.2-owner-restore.patch, +iptables-1.4.2-r2.ebuild:
+  Some patches from upstream for misc build issues. Fixed
+  hashlimit-htable-gcinterval save/restore issue, bug #254496, thank
+  Михаил for report. Fixed save/restore issue for -m owner, bug
+  #255113, thank Andrew Savchenko for report.
 
   06 Dec 2008; Robin H. Johnson <robbat2@gentoo.org> Manifest:
   Fix broken Manifest.
diff --git a/net-firewall/iptables/files/iptables-1.4.2-hashlimit.patch b/net-firewall/iptables/files/iptables-1.4.2-hashlimit.patch
new file mode 100644
index 000000000000..d5a77c6eb0e8
--- /dev/null
+++ b/net-firewall/iptables/files/iptables-1.4.2-hashlimit.patch
@@ -0,0 +1,16 @@
+Author: pva@gentoo.org
+Fixes bug http://bugs.gentoo.org/show_bug.cgi?id=254496
+
+=== modified file 'extensions/libxt_hashlimit.c'
+--- extensions/libxt_hashlimit.c	2009-01-21 18:23:22 +0000
++++ extensions/libxt_hashlimit.c	2009-01-21 18:23:32 +0000
+@@ -636,7 +636,7 @@
+ 	if (info->cfg.max != 0)
+ 		printf("--hashlimit-htable-max %u ", info->cfg.max);
+ 	if (info->cfg.gc_interval != XT_HASHLIMIT_GCINTERVAL)
+-		printf("--hashlimit-htable-gcinterval %u", info->cfg.gc_interval);
++		printf("--hashlimit-htable-gcinterval %u ", info->cfg.gc_interval);
+ 	if (info->cfg.expire != XT_HASHLIMIT_EXPIRE)
+ 		printf("--hashlimit-htable-expire %u ", info->cfg.expire);
+ 
+
diff --git a/net-firewall/iptables/files/iptables-1.4.2-libxt_TOS-compilation.patch b/net-firewall/iptables/files/iptables-1.4.2-libxt_TOS-compilation.patch
new file mode 100644
index 000000000000..9ae3955452c7
--- /dev/null
+++ b/net-firewall/iptables/files/iptables-1.4.2-libxt_TOS-compilation.patch
@@ -0,0 +1,32 @@
+From: Jirí Moravec <jim.lkml@gmail.com>
+Date: Wed, 22 Oct 2008 06:57:38 +0000 (+0200)
+Subject: libxt_TOS: fix compilation error
+X-Git-Tag: v1.4.3-rc1~15
+X-Git-Url: https://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commitdiff_plain;h=56156cda196154aa015b7df030a2a9bbf34f4fcc
+
+libxt_TOS: fix compilation error
+
+Fix compilation error caused by double definition of IPPROTO_SCTP:
+
+In file included from /usr/include/netinet/ip.h:25,
+                 from /usr/include/linux/ip.h:19,
+                 from tos_values.c:4,
+                 from libxt_TOS.c:15:
+/usr/include/netinet/in.h:84: error: expected identifier before numeric constant
+make[2]: *** [libxt_TOS.oo] Error 1
+
+Signed-off-by: Patrick McHardy <kaber@trash.net>
+---
+
+diff --git a/extensions/libxt_TOS.c b/extensions/libxt_TOS.c
+index 9ce8473..55a7172 100644
+--- a/extensions/libxt_TOS.c
++++ b/extensions/libxt_TOS.c
+@@ -8,6 +8,7 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <string.h>
++#include <netinet/in.h>
+ 
+ #include <xtables.h>
+ #include <linux/netfilter/xt_DSCP.h>
diff --git a/net-firewall/iptables/files/iptables-1.4.2-libxt_iprange.c-build.patch b/net-firewall/iptables/files/iptables-1.4.2-libxt_iprange.c-build.patch
new file mode 100644
index 000000000000..2a22848d0472
--- /dev/null
+++ b/net-firewall/iptables/files/iptables-1.4.2-libxt_iprange.c-build.patch
@@ -0,0 +1,40 @@
+From: Thomas Jarosch <thomas.jarosch@intra2net.com>
+Date: Thu, 23 Oct 2008 13:40:52 +0000 (+0200)
+Subject: Fix compile error in libxt_iprange.c using gcc 4.3.2
+X-Git-Tag: v1.4.3-rc1~12
+X-Git-Url: https://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commitdiff_plain;h=240eee607ab7e5bb9f671b7ceba40e2940182f61
+
+Fix compile error in libxt_iprange.c using gcc 4.3.2
+
+In file included from libxt_iprange.c:9:
+../include/linux/netfilter.h:43: error: field 'in' has incomplete type
+../include/linux/netfilter.h:44: error: field 'in6' has incomplete type
+libxt_iprange.c: In function 'parse_iprange':
+libxt_iprange.c:46: error: dereferencing pointer to incomplete type
+libxt_iprange.c:53: error: dereferencing pointer to incomplete type
+libxt_iprange.c: In function 'iprange_mt4_parse':
+libxt_iprange.c:117: error: dereferencing pointer to incomplete type
+libxt_iprange.c:121: error: dereferencing pointer to incomplete type
+libxt_iprange.c:136: error: dereferencing pointer to incomplete type
+libxt_iprange.c:140: error: dereferencing pointer to incomplete type
+libxt_iprange.c: In function 'iprange_mt6_parse':
+libxt_iprange.c:167: error: dereferencing pointer to incomplete type
+libxt_iprange.c:171: error: dereferencing pointer to incomplete type
+libxt_iprange.c:186: error: dereferencing pointer to incomplete type
+libxt_iprange.c:190: error: dereferencing pointer to incomplete type
+
+Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
+---
+
+diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c
+index 503372f..ee87a6f 100644
+--- a/extensions/libxt_iprange.c
++++ b/extensions/libxt_iprange.c
+@@ -5,6 +5,7 @@
+ #include <stdlib.h>
+ #include <getopt.h>
+ 
++#include <netinet/in.h>
+ #include <xtables.h>
+ #include <linux/netfilter.h>
+ #include <linux/netfilter/xt_iprange.h>
diff --git a/net-firewall/iptables/files/iptables-1.4.2-owner-restore.patch b/net-firewall/iptables/files/iptables-1.4.2-owner-restore.patch
new file mode 100644
index 000000000000..47f77c08f782
--- /dev/null
+++ b/net-firewall/iptables/files/iptables-1.4.2-owner-restore.patch
@@ -0,0 +1,41 @@
+From: Daniel Drake <dsd@gentoo.org>
+Date: Mon, 19 Jan 2009 14:36:41 +0000 (+0100)
+Subject: libxt_owner: add more spaces to output
+X-Git-Url: https://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commitdiff_plain;h=cfb9cf0509ad8100cd8d6ab52d60a8ffbb318578
+
+libxt_owner: add more spaces to output
+
+Commit bb9284d1 ("libxt_owner: add spaces to output") moved the printing
+of spaces away from the owner_mt_print() function family, but forgot to
+add spaces in all of the print_item() functions that are called.
+
+This is likely to be at least the partial cause of
+https://bugs.gentoo.org/show_bug.cgi?id=254435
+
+Signed-off-by: Daniel Drake <dsd@gentoo.org>
+Approves-of-this-patch: Jan Engelhardt <jengelh@medozas.de>
+Signed-off-by: Patrick McHardy <kaber@trash.net>
+---
+
+diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c
+index 298075e..4cd173e 100644
+--- a/extensions/libxt_owner.c
++++ b/extensions/libxt_owner.c
+@@ -324,7 +324,7 @@ owner_mt_print_item_v0(const struct ipt_owner_info *info, const char *label,
+ 		return;
+ 	if (info->invert & flag)
+ 		printf("! ");
+-	printf(label);
++	printf("%s ", label);
+ 
+ 	switch (info->match & flag) {
+ 	case IPT_OWNER_UID:
+@@ -375,7 +375,7 @@ owner_mt6_print_item_v0(const struct ip6t_owner_info *info, const char *label,
+ 		return;
+ 	if (info->invert & flag)
+ 		printf("! ");
+-	printf(label);
++	printf("%s ", label);
+ 
+ 	switch (info->match & flag) {
+ 	case IP6T_OWNER_UID:
diff --git a/net-firewall/iptables/iptables-1.4.2-r2.ebuild b/net-firewall/iptables/iptables-1.4.2-r2.ebuild
new file mode 100644
index 000000000000..2b518b23f421
--- /dev/null
+++ b/net-firewall/iptables/iptables-1.4.2-r2.ebuild
@@ -0,0 +1,73 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-firewall/iptables/iptables-1.4.2-r2.ebuild,v 1.1 2009/01/21 18:36:10 pva Exp $
+
+inherit eutils toolchain-funcs
+
+DESCRIPTION="Linux kernel (2.4+) firewall, NAT and packet mangling tools"
+HOMEPAGE="http://www.iptables.org/"
+SRC_URI="http://iptables.org/projects/iptables/files/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE=""
+
+DEPEND="virtual/os-headers"
+RDEPEND=""
+
+src_unpack() {
+	unpack ${P}.tar.bz2
+	cd "${S}"
+	epatch "${FILESDIR}"/${P}-glibc.patch
+	epatch "${FILESDIR}"/${P}-no-ldconfig.patch
+	epatch "${FILESDIR}"/${P}-as-needed.patch #244431
+	epatch "${FILESDIR}"/${P}-owner-restore.patch #255113
+	epatch "${FILESDIR}"/${P}-libxt_TOS-compilation.patch
+	epatch "${FILESDIR}"/${P}-libxt_iprange.c-build.patch
+	epatch "${FILESDIR}"/${P}-hashlimit.patch #254496
+
+	local check base=${PORTAGE_CONFIGROOT}/etc/portage/patches
+	for check in {${CATEGORY}/${PF},${CATEGORY}/${P},${CATEGORY}/${PN}}; do
+		EPATCH_SOURCE=${base}/${CTARGET}/${check}
+		[[ -r ${EPATCH_SOURCE} ]] || EPATCH_SOURCE=${base}/${CHOST}/${check}
+		[[ -r ${EPATCH_SOURCE} ]] || EPATCH_SOURCE=${base}/${check}
+		if [[ -d ${EPATCH_SOURCE} ]] ; then
+			EPATCH_SUFFIX="patch"
+			EPATCH_FORCE="yes" \
+			EPATCH_MULTI_MSG="Applying user patches from ${EPATCH_SOURCE} ..." \
+			epatch
+			break
+		fi
+	done
+}
+
+src_compile() {
+	econf \
+		--sbindir=/sbin \
+		--libexecdir=/$(get_libdir) \
+		--without-kernel \
+		--enable-devel \
+		--enable-libipq \
+		--enable-shared \
+		--enable-static \
+		|| die
+	emake V=1 || die
+}
+
+src_install() {
+	emake install DESTDIR="${D}" || die
+
+	insinto /usr/include
+	doins include/iptables.h include/ip6tables.h || die
+	dolib.a libiptc/libiptc.a || die
+	insinto /usr/include/libiptc
+	doins include/libiptc/*.h || die
+
+	keepdir /var/lib/iptables
+	newinitd "${FILESDIR}"/${PN}-1.3.2.init iptables
+	newconfd "${FILESDIR}"/${PN}-1.3.2.confd iptables
+	keepdir /var/lib/ip6tables
+	newinitd "${FILESDIR}"/iptables-1.3.2.init ip6tables
+	newconfd "${FILESDIR}"/ip6tables-1.3.2.confd ip6tables
+}
author	Peter Volkov <pva@gentoo.org>	2009-01-21 18:36:10 +0000
committer	Peter Volkov <pva@gentoo.org>	2009-01-21 18:36:10 +0000
commit	0628d176384cb59ef20786a9f2881c4cf62c7153 (patch)
tree	9f44b492153aeb69b51bab4c7724d2b08da3292d /net-firewall
parent	old (diff)
download	gentoo-2-0628d176384cb59ef20786a9f2881c4cf62c7153.tar.gz gentoo-2-0628d176384cb59ef20786a9f2881c4cf62c7153.tar.bz2 gentoo-2-0628d176384cb59ef20786a9f2881c4cf62c7153.zip