From: Tim Yardley Date: Mon, 5 Mar 2007 01:38:44 +0000 (+0000) Subject: trunk.. same deal as changeset:6526 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=ccfa4a7af6c49dd72a541f25568e1ab561002aa7;p=openwrt%2Fstaging%2Fblocktrron.git trunk.. same deal as changeset:6526 SVN-Revision: 6527 --- diff --git a/package/bridge/patches/001-patch-libbridge_makefile_in b/package/bridge/patches/001-patch-libbridge_makefile_in new file mode 100644 index 0000000000..f44737750b --- /dev/null +++ b/package/bridge/patches/001-patch-libbridge_makefile_in @@ -0,0 +1,11 @@ +--- bridge-utils-0.9.6/libbridge/Makefile.in.dist 2004-03-01 20:55:52.000000000 -0600 ++++ bridge-utils-0.9.6/libbridge/Makefile.in 2004-03-01 20:56:23.000000000 -0600 +@@ -5,7 +5,7 @@ + RANLIB=@RANLIB@ + + CC=@CC@ +-CFLAGS = -Wall -g $(KERNEL_HEADERS) ++CFLAGS = -Wall -g @CFLAGS@ $(KERNEL_HEADERS) + + prefix=@prefix@ + exec_prefix=@exec_prefix@ diff --git a/package/bridge/patches/01-patch-libbridge_makefile_in b/package/bridge/patches/01-patch-libbridge_makefile_in deleted file mode 100644 index f44737750b..0000000000 --- a/package/bridge/patches/01-patch-libbridge_makefile_in +++ /dev/null @@ -1,11 +0,0 @@ ---- bridge-utils-0.9.6/libbridge/Makefile.in.dist 2004-03-01 20:55:52.000000000 -0600 -+++ bridge-utils-0.9.6/libbridge/Makefile.in 2004-03-01 20:56:23.000000000 -0600 -@@ -5,7 +5,7 @@ - RANLIB=@RANLIB@ - - CC=@CC@ --CFLAGS = -Wall -g $(KERNEL_HEADERS) -+CFLAGS = -Wall -g @CFLAGS@ $(KERNEL_HEADERS) - - prefix=@prefix@ - exec_prefix=@exec_prefix@ diff --git a/package/ipsec-tools/patches/001-no_libfl.patch b/package/ipsec-tools/patches/001-no_libfl.patch new file mode 100644 index 0000000000..c842e229ed --- /dev/null +++ b/package/ipsec-tools/patches/001-no_libfl.patch @@ -0,0 +1,24 @@ +diff -ruN ipsec-tools-0.6.3-old/src/racoon/cftoken.l ipsec-tools-0.6.3-new/src/racoon/cftoken.l +--- ipsec-tools-0.6.3-old/src/racoon/cftoken.l 2005-11-06 18:18:26.000000000 +0100 ++++ ipsec-tools-0.6.3-new/src/racoon/cftoken.l 2005-12-09 01:27:27.000000000 +0100 +@@ -105,6 +105,8 @@ + static int incstackp = 0; + + static int yy_first_time = 1; ++ ++int yywrap(void) { return 1; } + %} + + /* common seciton */ +diff -ruN ipsec-tools-0.6.3-old/src/setkey/token.l ipsec-tools-0.6.3-new/src/setkey/token.l +--- ipsec-tools-0.6.3-old/src/setkey/token.l 2005-06-29 15:01:30.000000000 +0200 ++++ ipsec-tools-0.6.3-new/src/setkey/token.l 2005-12-09 01:27:31.000000000 +0100 +@@ -84,6 +84,8 @@ + #ifndef SADB_X_EALG_AESCTR + #define SADB_X_EALG_AESCTR (-1) + #endif ++ ++int yywrap(void) { return 1; } + %} + + /* common section */ diff --git a/package/ipsec-tools/patches/002-configure_cppflags_typo.patch b/package/ipsec-tools/patches/002-configure_cppflags_typo.patch new file mode 100644 index 0000000000..f725ebdeed --- /dev/null +++ b/package/ipsec-tools/patches/002-configure_cppflags_typo.patch @@ -0,0 +1,24 @@ +diff -ruN ipsec-tools-0.6.3-old/configure.ac ipsec-tools-0.6.3-new/configure.ac +--- ipsec-tools-0.6.3-old/configure.ac 2005-11-21 12:11:41.000000000 +0100 ++++ ipsec-tools-0.6.3-new/configure.ac 2005-12-09 02:09:06.000000000 +0100 +@@ -180,7 +180,7 @@ + + if test "x$crypto_dir" != "x"; then + LIBS="$LIBS -L${crypto_dir}/lib" +- CPPFLAGS="-I${crypto_dir}/include $CPPLAGS" ++ CPPFLAGS="-I${crypto_dir}/include $CPPFLAGS" + fi + AC_MSG_CHECKING(openssl version) + +diff -ruN ipsec-tools-0.6.3-old/configure ipsec-tools-0.6.3-new/configure +--- ipsec-tools-0.6.3-old/configure 2005-11-21 12:15:12.000000000 +0100 ++++ ipsec-tools-0.6.3-new/configure 2005-12-09 02:09:13.000000000 +0100 +@@ -23680,7 +23680,7 @@ + + if test "x$crypto_dir" != "x"; then + LIBS="$LIBS -L${crypto_dir}/lib" +- CPPFLAGS="-I${crypto_dir}/include $CPPLAGS" ++ CPPFLAGS="-I${crypto_dir}/include $CPPFLAGS" + fi + echo "$as_me:$LINENO: checking openssl version" >&5 + echo $ECHO_N "checking openssl version... $ECHO_C" >&6 diff --git a/package/ipsec-tools/patches/003-linux_2.6.19_rtnetlink_changes.diff b/package/ipsec-tools/patches/003-linux_2.6.19_rtnetlink_changes.diff new file mode 100644 index 0000000000..555290674c --- /dev/null +++ b/package/ipsec-tools/patches/003-linux_2.6.19_rtnetlink_changes.diff @@ -0,0 +1,21 @@ +diff -ruN ipsec-tools-0.6.6-old/src/racoon/grabmyaddr.c ipsec-tools-0.6.6-new/src/racoon/grabmyaddr.c +--- ipsec-tools-0.6.6-old/src/racoon/grabmyaddr.c 2005-07-16 06:41:01.000000000 +0200 ++++ ipsec-tools-0.6.6-new/src/racoon/grabmyaddr.c 2006-12-15 15:50:13.000000000 +0100 +@@ -77,10 +77,17 @@ + #ifdef __linux__ + #include + #include ++#include ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,19) ++# include ++#endif + #ifndef HAVE_GETIFADDRS + #define HAVE_GETIFADDRS + #define NEED_LINUX_GETIFADDRS + #endif ++#ifndef IFA_RTA ++# define IFA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ifaddrmsg)))) ++#endif + #endif + + #ifndef HAVE_GETIFADDRS diff --git a/package/ipsec-tools/patches/01-no_libfl.patch b/package/ipsec-tools/patches/01-no_libfl.patch deleted file mode 100644 index c842e229ed..0000000000 --- a/package/ipsec-tools/patches/01-no_libfl.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -ruN ipsec-tools-0.6.3-old/src/racoon/cftoken.l ipsec-tools-0.6.3-new/src/racoon/cftoken.l ---- ipsec-tools-0.6.3-old/src/racoon/cftoken.l 2005-11-06 18:18:26.000000000 +0100 -+++ ipsec-tools-0.6.3-new/src/racoon/cftoken.l 2005-12-09 01:27:27.000000000 +0100 -@@ -105,6 +105,8 @@ - static int incstackp = 0; - - static int yy_first_time = 1; -+ -+int yywrap(void) { return 1; } - %} - - /* common seciton */ -diff -ruN ipsec-tools-0.6.3-old/src/setkey/token.l ipsec-tools-0.6.3-new/src/setkey/token.l ---- ipsec-tools-0.6.3-old/src/setkey/token.l 2005-06-29 15:01:30.000000000 +0200 -+++ ipsec-tools-0.6.3-new/src/setkey/token.l 2005-12-09 01:27:31.000000000 +0100 -@@ -84,6 +84,8 @@ - #ifndef SADB_X_EALG_AESCTR - #define SADB_X_EALG_AESCTR (-1) - #endif -+ -+int yywrap(void) { return 1; } - %} - - /* common section */ diff --git a/package/ipsec-tools/patches/02-configure_cppflags_typo.patch b/package/ipsec-tools/patches/02-configure_cppflags_typo.patch deleted file mode 100644 index f725ebdeed..0000000000 --- a/package/ipsec-tools/patches/02-configure_cppflags_typo.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -ruN ipsec-tools-0.6.3-old/configure.ac ipsec-tools-0.6.3-new/configure.ac ---- ipsec-tools-0.6.3-old/configure.ac 2005-11-21 12:11:41.000000000 +0100 -+++ ipsec-tools-0.6.3-new/configure.ac 2005-12-09 02:09:06.000000000 +0100 -@@ -180,7 +180,7 @@ - - if test "x$crypto_dir" != "x"; then - LIBS="$LIBS -L${crypto_dir}/lib" -- CPPFLAGS="-I${crypto_dir}/include $CPPLAGS" -+ CPPFLAGS="-I${crypto_dir}/include $CPPFLAGS" - fi - AC_MSG_CHECKING(openssl version) - -diff -ruN ipsec-tools-0.6.3-old/configure ipsec-tools-0.6.3-new/configure ---- ipsec-tools-0.6.3-old/configure 2005-11-21 12:15:12.000000000 +0100 -+++ ipsec-tools-0.6.3-new/configure 2005-12-09 02:09:13.000000000 +0100 -@@ -23680,7 +23680,7 @@ - - if test "x$crypto_dir" != "x"; then - LIBS="$LIBS -L${crypto_dir}/lib" -- CPPFLAGS="-I${crypto_dir}/include $CPPLAGS" -+ CPPFLAGS="-I${crypto_dir}/include $CPPFLAGS" - fi - echo "$as_me:$LINENO: checking openssl version" >&5 - echo $ECHO_N "checking openssl version... $ECHO_C" >&6 diff --git a/package/ipsec-tools/patches/03-linux_2.6.19_rtnetlink_changes.diff b/package/ipsec-tools/patches/03-linux_2.6.19_rtnetlink_changes.diff deleted file mode 100644 index 555290674c..0000000000 --- a/package/ipsec-tools/patches/03-linux_2.6.19_rtnetlink_changes.diff +++ /dev/null @@ -1,21 +0,0 @@ -diff -ruN ipsec-tools-0.6.6-old/src/racoon/grabmyaddr.c ipsec-tools-0.6.6-new/src/racoon/grabmyaddr.c ---- ipsec-tools-0.6.6-old/src/racoon/grabmyaddr.c 2005-07-16 06:41:01.000000000 +0200 -+++ ipsec-tools-0.6.6-new/src/racoon/grabmyaddr.c 2006-12-15 15:50:13.000000000 +0100 -@@ -77,10 +77,17 @@ - #ifdef __linux__ - #include - #include -+#include -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,19) -+# include -+#endif - #ifndef HAVE_GETIFADDRS - #define HAVE_GETIFADDRS - #define NEED_LINUX_GETIFADDRS - #endif -+#ifndef IFA_RTA -+# define IFA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ifaddrmsg)))) -+#endif - #endif - - #ifndef HAVE_GETIFADDRS diff --git a/package/ipset/patches/001-kernel_26.patch b/package/ipset/patches/001-kernel_26.patch new file mode 100644 index 0000000000..46112ab25f --- /dev/null +++ b/package/ipset/patches/001-kernel_26.patch @@ -0,0 +1,66 @@ +diff -Nur ipset-2.2.3.orig/ipset.c ipset-2.2.3/ipset.c +--- ipset-2.2.3.orig/ipset.c 2005-04-05 09:56:02.000000000 +0200 ++++ ipset-2.2.3/ipset.c 2005-09-29 13:07:07.446923250 +0200 +@@ -21,7 +21,6 @@ + #include + #include + #include +-#include + + #include "ipset.h" + +diff -Nur ipset-2.2.3.orig/ipset_iphash.c ipset-2.2.3/ipset_iphash.c +--- ipset-2.2.3.orig/ipset_iphash.c 2005-01-19 14:38:57.000000000 +0100 ++++ ipset-2.2.3/ipset_iphash.c 2005-09-29 13:07:26.308102000 +0200 +@@ -25,7 +25,6 @@ + #include + #include + #include +-#include + #include + + #include +diff -Nur ipset-2.2.3.orig/ipset_ipmap.c ipset-2.2.3/ipset_ipmap.c +--- ipset-2.2.3.orig/ipset_ipmap.c 2005-01-19 14:38:57.000000000 +0100 ++++ ipset-2.2.3/ipset_ipmap.c 2005-09-29 13:07:07.446923250 +0200 +@@ -22,7 +22,6 @@ + #include + #include + #include +-#include + + #include + #include "ipset.h" +diff -Nur ipset-2.2.3.orig/ipset_macipmap.c ipset-2.2.3/ipset_macipmap.c +--- ipset-2.2.3.orig/ipset_macipmap.c 2005-01-19 14:38:57.000000000 +0100 ++++ ipset-2.2.3/ipset_macipmap.c 2005-09-29 13:07:07.446923250 +0200 +@@ -24,7 +24,6 @@ + #include + #include + #include +-#include + #include + + #include +diff -Nur ipset-2.2.3.orig/ipset_nethash.c ipset-2.2.3/ipset_nethash.c +--- ipset-2.2.3.orig/ipset_nethash.c 2005-05-09 07:44:25.000000000 +0200 ++++ ipset-2.2.3/ipset_nethash.c 2005-09-29 13:07:07.446923250 +0200 +@@ -25,7 +25,6 @@ + #include + #include + #include +-#include + #include + + #include +diff -Nur ipset-2.2.3.orig/ipset_portmap.c ipset-2.2.3/ipset_portmap.c +--- ipset-2.2.3.orig/ipset_portmap.c 2005-01-19 14:38:57.000000000 +0100 ++++ ipset-2.2.3/ipset_portmap.c 2005-09-29 13:07:07.446923250 +0200 +@@ -21,7 +21,6 @@ + #include + #include + #include +-#include + + #include + #include "ipset.h" diff --git a/package/ipset/patches/01-kernel_26.patch b/package/ipset/patches/01-kernel_26.patch deleted file mode 100644 index 46112ab25f..0000000000 --- a/package/ipset/patches/01-kernel_26.patch +++ /dev/null @@ -1,66 +0,0 @@ -diff -Nur ipset-2.2.3.orig/ipset.c ipset-2.2.3/ipset.c ---- ipset-2.2.3.orig/ipset.c 2005-04-05 09:56:02.000000000 +0200 -+++ ipset-2.2.3/ipset.c 2005-09-29 13:07:07.446923250 +0200 -@@ -21,7 +21,6 @@ - #include - #include - #include --#include - - #include "ipset.h" - -diff -Nur ipset-2.2.3.orig/ipset_iphash.c ipset-2.2.3/ipset_iphash.c ---- ipset-2.2.3.orig/ipset_iphash.c 2005-01-19 14:38:57.000000000 +0100 -+++ ipset-2.2.3/ipset_iphash.c 2005-09-29 13:07:26.308102000 +0200 -@@ -25,7 +25,6 @@ - #include - #include - #include --#include - #include - - #include -diff -Nur ipset-2.2.3.orig/ipset_ipmap.c ipset-2.2.3/ipset_ipmap.c ---- ipset-2.2.3.orig/ipset_ipmap.c 2005-01-19 14:38:57.000000000 +0100 -+++ ipset-2.2.3/ipset_ipmap.c 2005-09-29 13:07:07.446923250 +0200 -@@ -22,7 +22,6 @@ - #include - #include - #include --#include - - #include - #include "ipset.h" -diff -Nur ipset-2.2.3.orig/ipset_macipmap.c ipset-2.2.3/ipset_macipmap.c ---- ipset-2.2.3.orig/ipset_macipmap.c 2005-01-19 14:38:57.000000000 +0100 -+++ ipset-2.2.3/ipset_macipmap.c 2005-09-29 13:07:07.446923250 +0200 -@@ -24,7 +24,6 @@ - #include - #include - #include --#include - #include - - #include -diff -Nur ipset-2.2.3.orig/ipset_nethash.c ipset-2.2.3/ipset_nethash.c ---- ipset-2.2.3.orig/ipset_nethash.c 2005-05-09 07:44:25.000000000 +0200 -+++ ipset-2.2.3/ipset_nethash.c 2005-09-29 13:07:07.446923250 +0200 -@@ -25,7 +25,6 @@ - #include - #include - #include --#include - #include - - #include -diff -Nur ipset-2.2.3.orig/ipset_portmap.c ipset-2.2.3/ipset_portmap.c ---- ipset-2.2.3.orig/ipset_portmap.c 2005-01-19 14:38:57.000000000 +0100 -+++ ipset-2.2.3/ipset_portmap.c 2005-09-29 13:07:07.446923250 +0200 -@@ -21,7 +21,6 @@ - #include - #include - #include --#include - - #include - #include "ipset.h" diff --git a/package/iptables/patches/001-ipp2p-0.8.1rc1.patch b/package/iptables/patches/001-ipp2p-0.8.1rc1.patch new file mode 100644 index 0000000000..f7129b4560 --- /dev/null +++ b/package/iptables/patches/001-ipp2p-0.8.1rc1.patch @@ -0,0 +1,454 @@ +diff -urN iptables.old/extensions/Makefile iptables.dev/extensions/Makefile +--- iptables.old/extensions/Makefile 2005-07-20 04:22:56.000000000 +0200 ++++ iptables.dev/extensions/Makefile 2006-03-23 14:42:28.000000000 +0100 +@@ -8,6 +8,10 @@ + PF_EXT_SLIB:=ah addrtype comment connlimit connmark conntrack dscp ecn esp hashlimit helper icmp iprange length limit mac mark multiport owner physdev pkttype realm rpc sctp standard state tcp tcpmss tos ttl udp unclean CLASSIFY CONNMARK DNAT DSCP ECN LOG MARK MASQUERADE MIRROR NETMAP NFQUEUE NOTRACK REDIRECT REJECT SAME SNAT TARPIT TCPMSS TOS TRACE TTL ULOG + PF6_EXT_SLIB:=eui64 hl icmpv6 length limit mac mark multiport owner physdev standard tcp udp HL LOG NFQUEUE MARK TRACE + ++ ++# ipp2p ++PF_EXT_SLIB += ipp2p ++ + # Optionals + PF_EXT_SLIB_OPTS:=$(foreach T,$(wildcard extensions/.*-test),$(shell KERNEL_DIR=$(KERNEL_DIR) $(T))) + PF6_EXT_SLIB_OPTS:=$(foreach T,$(wildcard extensions/.*-test6),$(shell KERNEL_DIR=$(KERNEL_DIR) $(T))) +diff -urN iptables.old/extensions/libipt_ipp2p.c iptables.dev/extensions/libipt_ipp2p.c +--- iptables.old/extensions/libipt_ipp2p.c 1970-01-01 01:00:00.000000000 +0100 ++++ iptables.dev/extensions/libipt_ipp2p.c 2006-03-23 14:43:26.000000000 +0100 +@@ -0,0 +1,401 @@ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++ ++#include ++ ++static void ++help(void) ++{ ++ printf( ++ "IPP2P v%s options:\n" ++ " --ipp2p Grab all known p2p packets\n" ++ " --edk [TCP&UDP] All known eDonkey/eMule/Overnet packets\n" ++ " --dc [TCP] All known Direct Connect packets\n" ++ " --kazaa [TCP&UDP] All known KaZaA packets\n" ++ " --gnu [TCP&UDP] All known Gnutella packets\n" ++ " --bit [TCP&UDP] All known BitTorrent packets\n" ++ " --apple [TCP] All known AppleJuice packets\n" ++ " --winmx [TCP] All known WinMX\n" ++ " --soul [TCP] All known SoulSeek\n" ++ " --ares [TCP] All known Ares\n\n" ++ " EXPERIMENTAL protocols (please send feedback to: ipp2p@ipp2p.org) :\n" ++ " --mute [TCP] All known Mute packets\n" ++ " --waste [TCP] All known Waste packets\n" ++ " --xdcc [TCP] All known XDCC packets (only xdcc login)\n\n" ++ " DEBUG SUPPPORT, use only if you know why\n" ++ " --debug Generate kernel debug output, THIS WILL SLOW DOWN THE FILTER\n" ++ "\nNote that the follwing options will have the same meaning:\n" ++ " '--ipp2p' is equal to '--edk --dc --kazaa --gnu --bit --apple --winmx --soul --ares'\n" ++ "\nIPP2P was intended for TCP only. Due to increasing usage of UDP we needed to change this.\n" ++ "You can now use -p udp to search UDP packets only or without -p switch to search UDP and TCP packets.\n" ++ "\nSee README included with this package for more details or visit http://www.ipp2p.org\n" ++ "\nExamples:\n" ++ " iptables -A FORWARD -m ipp2p --ipp2p -j MARK --set-mark 0x01\n" ++ " iptables -A FORWARD -p udp -m ipp2p --kazaa --bit -j DROP\n" ++ " iptables -A FORWARD -p tcp -m ipp2p --edk --soul -j DROP\n\n" ++ , IPP2P_VERSION); ++} ++ ++static struct option opts[] = { ++ { "ipp2p", 0, 0, '1' }, ++ { "edk", 0, 0, '2' }, ++ { "dc", 0, 0, '7' }, ++ { "gnu", 0, 0, '9' }, ++ { "kazaa", 0, 0, 'a' }, ++ { "bit", 0, 0, 'b' }, ++ { "apple", 0, 0, 'c' }, ++ { "soul", 0, 0, 'd' }, ++ { "winmx", 0, 0, 'e' }, ++ { "ares", 0, 0, 'f' }, ++ { "mute", 0, 0, 'g' }, ++ { "waste", 0, 0, 'h' }, ++ { "xdcc", 0, 0, 'i' }, ++ { "debug", 0, 0, 'j' }, ++ {0} ++}; ++ ++ ++ ++static void ++init(struct ipt_entry_match *m, unsigned int *nfcache) ++{ ++ struct ipt_p2p_info *info = (struct ipt_p2p_info *)m->data; ++ ++ *nfcache |= NFC_UNKNOWN; ++ ++ /*init the module with default values*/ ++ info->cmd = 0; ++ info->debug = 0; ++ ++} ++ ++ ++static int ++parse(int c, char **argv, int invert, unsigned int *flags, ++ const struct ipt_entry *entry, ++ unsigned int *nfcache, ++ struct ipt_entry_match **match) ++{ ++ struct ipt_p2p_info *info = (struct ipt_p2p_info *)(*match)->data; ++ ++ switch (c) { ++ case '1': /*cmd: ipp2p*/ ++ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p' may only be " ++ "specified once!"); ++/* if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p-data' may only be " ++ "specified alone!");*/ ++ if ((*flags) != 0) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p' may only be " ++ "specified alone!"); ++ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); ++ *flags += SHORT_HAND_IPP2P; ++ info->cmd = *flags; ++ break; ++ ++ case '2': /*cmd: edk*/ ++ if ((*flags & IPP2P_EDK) == IPP2P_EDK) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--edk' may only be " ++ "specified once"); ++ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p' may only be " ++ "specified alone!"); ++/* if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p-data' may only be " ++ "specified alone!");*/ ++ if ((*flags & IPP2P_DATA_EDK) == IPP2P_DATA_EDK) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: use `--edk' OR `--edk-data' but not both of them!"); ++ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); ++ *flags += IPP2P_EDK; ++ info->cmd = *flags; ++ break; ++ ++ ++ case '7': /*cmd: dc*/ ++ if ((*flags & IPP2P_DC) == IPP2P_DC) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--dc' may only be " ++ "specified once!"); ++ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p' may only be " ++ "specified alone!"); ++/* if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p-data' may only be " ++ "specified alone!");*/ ++ if ((*flags & IPP2P_DATA_DC) == IPP2P_DATA_DC) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: use `--dc' OR `--dc-data' but not both of them!"); ++ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); ++ *flags += IPP2P_DC; ++ info->cmd = *flags; ++ break; ++ ++ ++ case '9': /*cmd: gnu*/ ++ if ((*flags & IPP2P_GNU) == IPP2P_GNU) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--gnu' may only be " ++ "specified once!"); ++/* if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p-data' may only be " ++ "specified alone!");*/ ++ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p' may only be " ++ "specified alone!"); ++ if ((*flags & IPP2P_DATA_GNU) == IPP2P_DATA_GNU) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: use `--gnu' OR `--gnu-data' but not both of them!"); ++ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); ++ *flags += IPP2P_GNU; ++ info->cmd = *flags; ++ break; ++ ++ case 'a': /*cmd: kazaa*/ ++ if ((*flags & IPP2P_KAZAA) == IPP2P_KAZAA) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--kazaa' may only be " ++ "specified once!"); ++/* if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p-data' may only be " ++ "specified alone!");*/ ++ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p' may only be " ++ "specified alone!"); ++ if ((*flags & IPP2P_DATA_KAZAA) == IPP2P_DATA_KAZAA) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: use `--kazaa' OR `--kazaa-data' but not both of them!"); ++ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); ++ *flags += IPP2P_KAZAA; ++ info->cmd = *flags; ++ break; ++ ++ case 'b': /*cmd: bit*/ ++ if ((*flags & IPP2P_BIT) == IPP2P_BIT) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--bit' may only be " ++ "specified once!"); ++ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p' may only be " ++ "specified alone!"); ++ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); ++ *flags += IPP2P_BIT; ++ info->cmd = *flags; ++ break; ++ ++ case 'c': /*cmd: apple*/ ++ if ((*flags & IPP2P_APPLE) == IPP2P_APPLE) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--apple' may only be " ++ "specified once!"); ++ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p' may only be " ++ "specified alone!"); ++ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); ++ *flags += IPP2P_APPLE; ++ info->cmd = *flags; ++ break; ++ ++ ++ case 'd': /*cmd: soul*/ ++ if ((*flags & IPP2P_SOUL) == IPP2P_SOUL) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--soul' may only be " ++ "specified once!"); ++ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p' may only be " ++ "specified alone!"); ++ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); ++ *flags += IPP2P_SOUL; ++ info->cmd = *flags; ++ break; ++ ++ ++ case 'e': /*cmd: winmx*/ ++ if ((*flags & IPP2P_WINMX) == IPP2P_WINMX) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--winmx' may only be " ++ "specified once!"); ++ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p' may only be " ++ "specified alone!"); ++ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); ++ *flags += IPP2P_WINMX; ++ info->cmd = *flags; ++ break; ++ ++ case 'f': /*cmd: ares*/ ++ if ((*flags & IPP2P_ARES) == IPP2P_ARES) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ares' may only be " ++ "specified once!"); ++ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ipp2p' may only be " ++ "specified alone!"); ++ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); ++ *flags += IPP2P_ARES; ++ info->cmd = *flags; ++ break; ++ ++ case 'g': /*cmd: mute*/ ++ if ((*flags & IPP2P_MUTE) == IPP2P_MUTE) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--mute' may only be " ++ "specified once!"); ++ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); ++ *flags += IPP2P_MUTE; ++ info->cmd = *flags; ++ break; ++ case 'h': /*cmd: waste*/ ++ if ((*flags & IPP2P_WASTE) == IPP2P_WASTE) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--waste' may only be " ++ "specified once!"); ++ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); ++ *flags += IPP2P_WASTE; ++ info->cmd = *flags; ++ break; ++ case 'i': /*cmd: xdcc*/ ++ if ((*flags & IPP2P_XDCC) == IPP2P_XDCC) ++ exit_error(PARAMETER_PROBLEM, ++ "ipp2p: `--ares' may only be " ++ "specified once!"); ++ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); ++ *flags += IPP2P_XDCC; ++ info->cmd = *flags; ++ break; ++ ++ case 'j': /*cmd: debug*/ ++ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); ++ info->debug = 1; ++ break; ++ ++ default: ++// exit_error(PARAMETER_PROBLEM, ++// "\nipp2p-parameter problem: for ipp2p usage type: iptables -m ipp2p --help\n"); ++ return 0; ++ } ++ return 1; ++} ++ ++ ++static void ++final_check(unsigned int flags) ++{ ++ if (!flags) ++ exit_error(PARAMETER_PROBLEM, ++ "\nipp2p-parameter problem: for ipp2p usage type: iptables -m ipp2p --help\n"); ++} ++ ++ ++ ++static void ++print(const struct ipt_ip *ip, ++ const struct ipt_entry_match *match, ++ int numeric) ++{ ++ struct ipt_p2p_info *info = (struct ipt_p2p_info *)match->data; ++ ++ printf("ipp2p v%s", IPP2P_VERSION); ++ if ((info->cmd & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) printf(" --ipp2p"); ++// if ((info->cmd & SHORT_HAND_DATA) == SHORT_HAND_DATA) printf(" --ipp2p-data"); ++ if ((info->cmd & IPP2P_KAZAA) == IPP2P_KAZAA) printf(" --kazaa"); ++// if ((info->cmd & IPP2P_DATA_KAZAA) == IPP2P_DATA_KAZAA) printf(" --kazaa-data"); ++// if ((info->cmd & IPP2P_DATA_GNU) == IPP2P_DATA_GNU) printf(" --gnu-data"); ++ if ((info->cmd & IPP2P_GNU) == IPP2P_GNU) printf(" --gnu"); ++ if ((info->cmd & IPP2P_EDK) == IPP2P_EDK) printf(" --edk"); ++// if ((info->cmd & IPP2P_DATA_EDK) == IPP2P_DATA_EDK) printf(" --edk-data"); ++// if ((info->cmd & IPP2P_DATA_DC) == IPP2P_DATA_DC) printf(" --dc-data"); ++ if ((info->cmd & IPP2P_DC) == IPP2P_DC) printf(" --dc"); ++ if ((info->cmd & IPP2P_BIT) == IPP2P_BIT) printf(" --bit"); ++ if ((info->cmd & IPP2P_APPLE) == IPP2P_APPLE) printf(" --apple"); ++ if ((info->cmd & IPP2P_SOUL) == IPP2P_SOUL) printf(" --soul"); ++ if ((info->cmd & IPP2P_WINMX) == IPP2P_WINMX) printf(" --winmx"); ++ if ((info->cmd & IPP2P_ARES) == IPP2P_ARES) printf(" --ares"); ++ if ((info->cmd & IPP2P_MUTE) == IPP2P_MUTE) printf(" --mute"); ++ if ((info->cmd & IPP2P_WASTE) == IPP2P_WASTE) printf(" --waste"); ++ if ((info->cmd & IPP2P_XDCC) == IPP2P_XDCC) printf(" --xdcc"); ++ if (info->debug != 0) printf(" --debug"); ++ printf(" "); ++} ++ ++ ++ ++static void ++save(const struct ipt_ip *ip, const struct ipt_entry_match *match) ++{ ++ struct ipt_p2p_info *info = (struct ipt_p2p_info *)match->data; ++ ++ if ((info->cmd & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) printf("--ipp2p "); ++// if ((info->cmd & SHORT_HAND_DATA) == SHORT_HAND_DATA) printf("--ipp2p-data "); ++ if ((info->cmd & IPP2P_KAZAA) == IPP2P_KAZAA) printf("--kazaa "); ++// if ((info->cmd & IPP2P_DATA_KAZAA) == IPP2P_DATA_KAZAA) printf("--kazaa-data "); ++// if ((info->cmd & IPP2P_DATA_GNU) == IPP2P_DATA_GNU) printf("--gnu-data "); ++ if ((info->cmd & IPP2P_GNU) == IPP2P_GNU) printf("--gnu "); ++ if ((info->cmd & IPP2P_EDK) == IPP2P_EDK) printf("--edk "); ++// if ((info->cmd & IPP2P_DATA_EDK) == IPP2P_DATA_EDK) printf("--edk-data "); ++// if ((info->cmd & IPP2P_DATA_DC) == IPP2P_DATA_DC) printf("--dc-data "); ++ if ((info->cmd & IPP2P_DC) == IPP2P_DC) printf("--dc "); ++ if ((info->cmd & IPP2P_BIT) == IPP2P_BIT) printf("--bit "); ++ if ((info->cmd & IPP2P_APPLE) == IPP2P_APPLE) printf("--apple "); ++ if ((info->cmd & IPP2P_SOUL) == IPP2P_SOUL) printf("--soul "); ++ if ((info->cmd & IPP2P_WINMX) == IPP2P_WINMX) printf("--winmx "); ++ if ((info->cmd & IPP2P_ARES) == IPP2P_ARES) printf("--ares "); ++ if ((info->cmd & IPP2P_MUTE) == IPP2P_MUTE) printf(" --mute"); ++ if ((info->cmd & IPP2P_WASTE) == IPP2P_WASTE) printf(" --waste"); ++ if ((info->cmd & IPP2P_XDCC) == IPP2P_XDCC) printf(" --xdcc"); ++ if (info->debug != 0) printf("--debug "); ++} ++ ++ ++ ++ ++static ++struct iptables_match ipp2p= ++{ ++ .next = NULL, ++ .name = "ipp2p", ++ .version = IPTABLES_VERSION, ++ .size = IPT_ALIGN(sizeof(struct ipt_p2p_info)), ++ .userspacesize = IPT_ALIGN(sizeof(struct ipt_p2p_info)), ++ .help = &help, ++ .init = &init, ++ .parse = &parse, ++ .final_check = &final_check, ++ .print = &print, ++ .save = &save, ++ .extra_opts = opts ++}; ++ ++ ++ ++void _init(void) ++{ ++ register_match(&ipp2p); ++} ++ +diff -urN iptables.old/include/linux/netfilter_ipv4/ipt_ipp2p.h iptables.dev/include/linux/netfilter_ipv4/ipt_ipp2p.h +--- iptables.old/include/linux/netfilter_ipv4/ipt_ipp2p.h 1970-01-01 01:00:00.000000000 +0100 ++++ iptables.dev/include/linux/netfilter_ipv4/ipt_ipp2p.h 2006-03-23 14:44:26.000000000 +0100 +@@ -0,0 +1,31 @@ ++#ifndef __IPT_IPP2P_H ++#define __IPT_IPP2P_H ++#define IPP2P_VERSION "0.8.1_rc1" ++ ++struct ipt_p2p_info { ++ int cmd; ++ int debug; ++}; ++ ++#endif //__IPT_IPP2P_H ++ ++#define SHORT_HAND_IPP2P 1 /* --ipp2p switch*/ ++//#define SHORT_HAND_DATA 4 /* --ipp2p-data switch*/ ++#define SHORT_HAND_NONE 5 /* no short hand*/ ++ ++#define IPP2P_EDK (1 << 1) ++#define IPP2P_DATA_KAZAA (1 << 2) ++#define IPP2P_DATA_EDK (1 << 3) ++#define IPP2P_DATA_DC (1 << 4) ++#define IPP2P_DC (1 << 5) ++#define IPP2P_DATA_GNU (1 << 6) ++#define IPP2P_GNU (1 << 7) ++#define IPP2P_KAZAA (1 << 8) ++#define IPP2P_BIT (1 << 9) ++#define IPP2P_APPLE (1 << 10) ++#define IPP2P_SOUL (1 << 11) ++#define IPP2P_WINMX (1 << 12) ++#define IPP2P_ARES (1 << 13) ++#define IPP2P_MUTE (1 << 14) ++#define IPP2P_WASTE (1 << 15) ++#define IPP2P_XDCC (1 << 16) diff --git a/package/iptables/patches/002-layer7-1.5nbd.patch b/package/iptables/patches/002-layer7-1.5nbd.patch new file mode 100644 index 0000000000..95c62a860a --- /dev/null +++ b/package/iptables/patches/002-layer7-1.5nbd.patch @@ -0,0 +1,416 @@ +diff -urN iptables.old/extensions/.layer7-test iptables.dev/extensions/.layer7-test +--- iptables.old/extensions/.layer7-test 1970-01-01 01:00:00.000000000 +0100 ++++ iptables.dev/extensions/.layer7-test 2005-11-10 16:57:51.819381000 +0100 +@@ -0,0 +1,2 @@ ++#! /bin/sh ++[ -f $KERNEL_DIR/include/linux/netfilter_ipv4/ipt_layer7.h ] && echo layer7 +diff -urN iptables.old/extensions/ipt_layer7.h iptables.dev/extensions/ipt_layer7.h +--- iptables.old/extensions/ipt_layer7.h 1970-01-01 01:00:00.000000000 +0100 ++++ iptables.dev/extensions/ipt_layer7.h 2005-11-10 17:46:32.933599750 +0100 +@@ -0,0 +1,27 @@ ++/* ++ By Matthew Strait , Dec 2003. ++ http://l7-filter.sf.net ++ ++ This program is free software; you can redistribute it and/or ++ modify it under the terms of the GNU General Public License ++ as published by the Free Software Foundation; either version ++ 2 of the License, or (at your option) any later version. ++ http://www.gnu.org/licenses/gpl.txt ++*/ ++ ++#ifndef _IPT_LAYER7_H ++#define _IPT_LAYER7_H ++ ++#define MAX_PATTERN_LEN 8192 ++#define MAX_PROTOCOL_LEN 256 ++ ++typedef char *(*proc_ipt_search) (char *, char, char *); ++ ++struct ipt_layer7_info { ++ char protocol[MAX_PROTOCOL_LEN]; ++ char invert:1; ++ char pattern[MAX_PATTERN_LEN]; ++ char pkt; ++}; ++ ++#endif /* _IPT_LAYER7_H */ +diff -urN iptables.old/extensions/libipt_layer7.c iptables.dev/extensions/libipt_layer7.c +--- iptables.old/extensions/libipt_layer7.c 1970-01-01 01:00:00.000000000 +0100 ++++ iptables.dev/extensions/libipt_layer7.c 2005-11-10 17:47:01.399378750 +0100 +@@ -0,0 +1,358 @@ ++/* ++ Shared library add-on to iptables to add layer 7 matching support. ++ ++ By Matthew Strait , Oct 2003. ++ ++ http://l7-filter.sf.net ++ ++ This program is free software; you can redistribute it and/or ++ modify it under the terms of the GNU General Public License ++ as published by the Free Software Foundation; either version ++ 2 of the License, or (at your option) any later version. ++ http://www.gnu.org/licenses/gpl.txt ++ ++ Based on libipt_string.c (C) 2000 Emmanuel Roger ++*/ ++ ++#define _GNU_SOURCE ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++#include "ipt_layer7.h" ++ ++#define MAX_FN_LEN 256 ++ ++static char l7dir[MAX_FN_LEN] = "\0"; ++ ++/* Function which prints out usage message. */ ++static void help(void) ++{ ++ printf( ++ "LAYER7 match v%s options:\n" ++ "--l7dir : Look for patterns here instead of /etc/l7-protocols/\n" ++ " (--l7dir must be specified before --l7proto if used!)\n" ++ "--l7proto [!] : Match the protocol defined in /etc/l7-protocols/name.pat\n" ++ "--l7pkt : Skip connection tracking and match individual packets\n", ++ IPTABLES_VERSION); ++ fputc('\n', stdout); ++} ++ ++static struct option opts[] = { ++ { .name = "l7proto", .has_arg = 1, .flag = 0, .val = '1' }, ++ { .name = "l7dir", .has_arg = 1, .flag = 0, .val = '2' }, ++ { .name = "l7pkt", .has_arg = 0, .flag = 0, .val = '3' }, ++ { .name = 0 } ++}; ++ ++/* reads filename, puts protocol info into layer7_protocol_info, number of protocols to numprotos */ ++int parse_protocol_file(char * filename, const unsigned char * protoname, struct ipt_layer7_info *info) ++{ ++ FILE * f; ++ char * line = NULL; ++ size_t len = 0; ++ ++ enum { protocol, pattern, done } datatype = protocol; ++ ++ f = fopen(filename, "r"); ++ ++ if(!f) ++ return 0; ++ ++ while(getline(&line, &len, f) != -1) ++ { ++ if(strlen(line) < 2 || line[0] == '#') ++ continue; ++ ++ /* strip the pesky newline... */ ++ if(line[strlen(line) - 1] == '\n') ++ line[strlen(line) - 1] = '\0'; ++ ++ if(datatype == protocol) ++ { ++ if(strcmp(line, protoname)) ++ exit_error(OTHER_PROBLEM, ++ "Protocol name (%s) doesn't match file name (%s). Bailing out\n", ++ protoname, filename); ++ ++ if(strlen(line) >= MAX_PROTOCOL_LEN) ++ exit_error(PARAMETER_PROBLEM, ++ "Protocol name in %s too long!", filename); ++ strncpy(info->protocol, line, MAX_PROTOCOL_LEN); ++ ++ datatype = pattern; ++ } ++ else if(datatype == pattern) ++ { ++ if(strlen(line) >= MAX_PATTERN_LEN) ++ exit_error(PARAMETER_PROBLEM, "Pattern in %s too long!", filename); ++ strncpy(info->pattern, line, MAX_PATTERN_LEN); ++ ++ datatype = done; ++ break; ++ } ++ else ++ exit_error(OTHER_PROBLEM, "Internal error"); ++ } ++ ++ if(datatype != done) ++ exit_error(OTHER_PROBLEM, "Failed to get all needed data from %s", filename); ++ ++ if(line) free(line); ++ fclose(f); ++ ++ return 1; ++ ++/* ++ fprintf(stderr, "protocol: %s\npattern: %s\n\n", ++ info->protocol, ++ info->pattern); ++*/ ++} ++ ++static int hex2dec(char c) ++{ ++ switch (c) ++ { ++ case '0' ... '9': ++ return c - '0'; ++ case 'a' ... 'f': ++ return c - 'a' + 10; ++ case 'A' ... 'F': ++ return c - 'A' + 10; ++ default: ++ exit_error(OTHER_PROBLEM, "hex2dec: bad value!\n"); ++ return 0; ++ } ++} ++ ++/* takes a string with \xHH escapes and returns one with the characters ++they stand for */ ++static char * pre_process(char * s) ++{ ++ char * result = malloc(strlen(s) + 1); ++ int sindex = 0, rindex = 0; ++ while( sindex < strlen(s) ) ++ { ++ if( sindex + 3 < strlen(s) && ++ s[sindex] == '\\' && s[sindex+1] == 'x' && ++ isxdigit(s[sindex + 2]) && isxdigit(s[sindex + 3]) ) ++ { ++ /* carefully remember to call tolower here... */ ++ result[rindex] = tolower( hex2dec(s[sindex + 2])*16 + ++ hex2dec(s[sindex + 3] ) ); ++ sindex += 3; /* 4 total */ ++ } ++ else ++ result[rindex] = tolower(s[sindex]); ++ ++ sindex++; ++ rindex++; ++ } ++ result[rindex] = '\0'; ++ ++ return result; ++} ++ ++#define MAX_SUBDIRS 128 ++char ** readl7dir(char * dirname) ++{ ++ DIR * scratchdir; ++ struct dirent ** namelist; ++ char ** subdirs = malloc(MAX_SUBDIRS * sizeof(char *)); ++ ++ int n, d = 1; ++ subdirs[0] = ""; ++ ++ n = scandir(dirname, &namelist, 0, alphasort); ++ ++ if (n < 0) ++ { ++ perror("scandir"); ++ exit_error(OTHER_PROBLEM, "Couldn't open %s\n", dirname); ++ } ++ else ++ { ++ while(n--) ++ { ++ char fulldirname[MAX_FN_LEN]; ++ ++ snprintf(fulldirname, MAX_FN_LEN, "%s/%s", dirname, namelist[n]->d_name); ++ ++ if((scratchdir = opendir(fulldirname)) != NULL) ++ { ++ closedir(scratchdir); ++ ++ if(!strcmp(namelist[n]->d_name, ".") || ++ !strcmp(namelist[n]->d_name, "..")) ++ /* do nothing */ ; ++ else ++ { ++ subdirs[d] = malloc(strlen(namelist[n]->d_name) + 1); ++ strcpy(subdirs[d], namelist[n]->d_name); ++ d++; ++ if(d >= MAX_SUBDIRS - 1) ++ { ++ fprintf(stderr, ++ "Too many subdirectories, skipping the rest!\n"); ++ break; ++ } ++ } ++ } ++ free(namelist[n]); ++ } ++ free(namelist); ++ } ++ ++ subdirs[d] = NULL; ++ ++ return subdirs; ++} ++ ++static void ++parse_layer7_protocol(const unsigned char *s, struct ipt_layer7_info *info) ++{ ++ char filename[MAX_FN_LEN]; ++ char * dir = NULL; ++ char ** subdirs; ++ int n = 0, done = 0; ++ ++ if(strlen(l7dir) > 0) ++ dir = l7dir; ++ else ++ dir = "/etc/l7-protocols"; ++ ++ subdirs = readl7dir(dir); ++ ++ while(subdirs[n] != NULL) ++ { ++ int c = snprintf(filename, MAX_FN_LEN, "%s/%s/%s.pat", dir, subdirs[n], s); ++ ++ //fprintf(stderr, "Trying to find pattern in %s ... ", filename); ++ ++ if(c > MAX_FN_LEN) ++ { ++ exit_error(OTHER_PROBLEM, ++ "Filename beginning with %s is too long!\n", filename); ++ } ++ ++ /* read in the pattern from the file */ ++ if(parse_protocol_file(filename, s, info)) ++ { ++ //fprintf(stderr, "found\n"); ++ done = 1; ++ break; ++ } ++ ++ //fprintf(stderr, "not found\n"); ++ ++ n++; ++ } ++ ++ if(!done) ++ exit_error(OTHER_PROBLEM, ++ "Couldn't find a pattern definition file for %s.\n", s); ++ ++ /* process \xHH escapes and tolower everything. (our regex lib has no ++ case insensitivity option.) */ ++ strncpy(info->pattern, pre_process(info->pattern), MAX_PATTERN_LEN); ++} ++ ++/* Function which parses command options; returns true if it ate an option */ ++static int parse(int c, char **argv, int invert, unsigned int *flags, ++ const struct ipt_entry *entry, unsigned int *nfcache, ++ struct ipt_entry_match **match) ++{ ++ struct ipt_layer7_info *layer7info = ++ (struct ipt_layer7_info *)(*match)->data; ++ ++ switch (c) { ++ case '1': ++ check_inverse(optarg, &invert, &optind, 0); ++ parse_layer7_protocol(argv[optind-1], layer7info); ++ if (invert) ++ layer7info->invert = 1; ++ *flags = 1; ++ break; ++ ++ case '2': ++ /* not going to use this, but maybe we need to strip a ! anyway (?) */ ++ check_inverse(optarg, &invert, &optind, 0); ++ ++ if(strlen(argv[optind-1]) >= MAX_FN_LEN) ++ exit_error(PARAMETER_PROBLEM, "directory name too long\n"); ++ ++ strncpy(l7dir, argv[optind-1], MAX_FN_LEN); ++ ++ *flags = 1; ++ break; ++ case '3': ++ layer7info->pkt = 1; ++ break; ++ ++ default: ++ return 0; ++ } ++ ++ return 1; ++} ++ ++/* Final check; must have specified --pattern. */ ++static void final_check(unsigned int flags) ++{ ++ if (!flags) ++ exit_error(PARAMETER_PROBLEM, ++ "LAYER7 match: You must specify `--pattern'"); ++} ++ ++static void print_protocol(char s[], int invert, int numeric) ++{ ++ fputs("l7proto ", stdout); ++ if (invert) fputc('!', stdout); ++ printf("%s ", s); ++} ++ ++/* Prints out the matchinfo. */ ++static void print(const struct ipt_ip *ip, ++ const struct ipt_entry_match *match, ++ int numeric) ++{ ++ printf("LAYER7 "); ++ ++ print_protocol(((struct ipt_layer7_info *)match->data)->protocol, ++ ((struct ipt_layer7_info *)match->data)->invert, numeric); ++ ++ if (((struct ipt_layer7_info *)match->data)->pkt) ++ printf("l7pkt "); ++} ++/* Saves the union ipt_matchinfo in parsable form to stdout. */ ++static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match) ++{ ++ const struct ipt_layer7_info *info = ++ (const struct ipt_layer7_info*) match->data; ++ ++ printf("--l7proto %s%s ", (info->invert) ? "! ": "", info->protocol); ++} ++ ++static struct iptables_match layer7 = { ++ .name = "layer7", ++ .version = IPTABLES_VERSION, ++ .size = IPT_ALIGN(sizeof(struct ipt_layer7_info)), ++ .userspacesize = IPT_ALIGN(sizeof(struct ipt_layer7_info)), ++ .help = &help, ++ .parse = &parse, ++ .final_check = &final_check, ++ .print = &print, ++ .save = &save, ++ .extra_opts = opts ++}; ++ ++void _init(void) ++{ ++ register_match(&layer7); ++} +diff -urN iptables.old/extensions/libipt_layer7.man iptables.dev/extensions/libipt_layer7.man +--- iptables.old/extensions/libipt_layer7.man 1970-01-01 01:00:00.000000000 +0100 ++++ iptables.dev/extensions/libipt_layer7.man 2005-11-10 16:57:51.823381250 +0100 +@@ -0,0 +1,13 @@ ++This module matches packets based on the application layer data of ++their connections. It uses regular expression matching to compare ++the application layer data to regular expressions found it the layer7 ++configuration files. This is an experimental module which can be found at ++http://l7-filter.sf.net. It takes two options. ++.TP ++.BI "--l7proto " "\fIprotocol\fP" ++Match the specified protocol. The protocol name must match a file ++name in /etc/l7-protocols/ ++.TP ++.BI "--l7dir " "\fIdirectory\fP" ++Use \fIdirectory\fP instead of /etc/l7-protocols/ ++ diff --git a/package/iptables/patches/004-multiport_v1.patch b/package/iptables/patches/004-multiport_v1.patch new file mode 100644 index 0000000000..90b5144c75 --- /dev/null +++ b/package/iptables/patches/004-multiport_v1.patch @@ -0,0 +1,221 @@ +diff -urN iptables.old/extensions/libipt_multiport.c iptables.dev/extensions/libipt_multiport.c +--- iptables.old/extensions/libipt_multiport.c 2005-02-19 20:19:17.000000000 +0100 ++++ iptables.dev/extensions/libipt_multiport.c 2006-02-04 05:46:12.154127750 +0100 +@@ -8,24 +8,6 @@ + /* To ensure that iptables compiles with an old kernel */ + #include "../include/linux/netfilter_ipv4/ipt_multiport.h" + +-/* Function which prints out usage message. */ +-static void +-help(void) +-{ +- printf( +-"multiport v%s options:\n" +-" --source-ports port[,port,port...]\n" +-" --sports ...\n" +-" match source port(s)\n" +-" --destination-ports port[,port,port...]\n" +-" --dports ...\n" +-" match destination port(s)\n" +-" --ports port[,port,port]\n" +-" match both source and destination port(s)\n" +-" NOTE: this kernel does not support port ranges in multiport.\n", +-IPTABLES_VERSION); +-} +- + static void + help_v1(void) + { +@@ -75,26 +57,6 @@ + "invalid port/service `%s' specified", port); + } + +-static unsigned int +-parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto) +-{ +- char *buffer, *cp, *next; +- unsigned int i; +- +- buffer = strdup(portstring); +- if (!buffer) exit_error(OTHER_PROBLEM, "strdup failed"); +- +- for (cp=buffer, i=0; cp && idata; +- +- switch (c) { +- case '1': +- check_inverse(argv[optind-1], &invert, &optind, 0); +- proto = check_proto(entry); +- multiinfo->count = parse_multi_ports(argv[optind-1], +- multiinfo->ports, proto); +- multiinfo->flags = IPT_MULTIPORT_SOURCE; +- break; +- +- case '2': +- check_inverse(argv[optind-1], &invert, &optind, 0); +- proto = check_proto(entry); +- multiinfo->count = parse_multi_ports(argv[optind-1], +- multiinfo->ports, proto); +- multiinfo->flags = IPT_MULTIPORT_DESTINATION; +- break; +- +- case '3': +- check_inverse(argv[optind-1], &invert, &optind, 0); +- proto = check_proto(entry); +- multiinfo->count = parse_multi_ports(argv[optind-1], +- multiinfo->ports, proto); +- multiinfo->flags = IPT_MULTIPORT_EITHER; +- break; +- +- default: +- return 0; +- } +- +- if (invert) +- exit_error(PARAMETER_PROBLEM, +- "multiport does not support invert"); +- +- if (*flags) +- exit_error(PARAMETER_PROBLEM, +- "multiport can only have one option"); +- *flags = 1; +- return 1; +-} +- + static int + parse_v1(int c, char **argv, int invert, unsigned int *flags, + const struct ipt_entry *entry, +@@ -289,43 +199,6 @@ + printf("%s", service); + } + +-/* Prints out the matchinfo. */ +-static void +-print(const struct ipt_ip *ip, +- const struct ipt_entry_match *match, +- int numeric) +-{ +- const struct ipt_multiport *multiinfo +- = (const struct ipt_multiport *)match->data; +- unsigned int i; +- +- printf("multiport "); +- +- switch (multiinfo->flags) { +- case IPT_MULTIPORT_SOURCE: +- printf("sports "); +- break; +- +- case IPT_MULTIPORT_DESTINATION: +- printf("dports "); +- break; +- +- case IPT_MULTIPORT_EITHER: +- printf("ports "); +- break; +- +- default: +- printf("ERROR "); +- break; +- } +- +- for (i=0; i < multiinfo->count; i++) { +- printf("%s", i ? "," : ""); +- print_port(multiinfo->ports[i], ip->proto, numeric); +- } +- printf(" "); +-} +- + static void + print_v1(const struct ipt_ip *ip, + const struct ipt_entry_match *match, +@@ -369,34 +242,6 @@ + printf(" "); + } + +-/* Saves the union ipt_matchinfo in parsable form to stdout. */ +-static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match) +-{ +- const struct ipt_multiport *multiinfo +- = (const struct ipt_multiport *)match->data; +- unsigned int i; +- +- switch (multiinfo->flags) { +- case IPT_MULTIPORT_SOURCE: +- printf("--sports "); +- break; +- +- case IPT_MULTIPORT_DESTINATION: +- printf("--dports "); +- break; +- +- case IPT_MULTIPORT_EITHER: +- printf("--ports "); +- break; +- } +- +- for (i=0; i < multiinfo->count; i++) { +- printf("%s", i ? "," : ""); +- print_port(multiinfo->ports[i], ip->proto, 1); +- } +- printf(" "); +-} +- + static void save_v1(const struct ipt_ip *ip, + const struct ipt_entry_match *match) + { +@@ -432,19 +277,20 @@ + printf(" "); + } + ++ + static struct iptables_match multiport = { + .next = NULL, + .name = "multiport", +- .revision = 0, + .version = IPTABLES_VERSION, +- .size = IPT_ALIGN(sizeof(struct ipt_multiport)), +- .userspacesize = IPT_ALIGN(sizeof(struct ipt_multiport)), +- .help = &help, ++ .revision = 0, ++ .size = IPT_ALIGN(sizeof(struct ipt_multiport_v1)), ++ .userspacesize = IPT_ALIGN(sizeof(struct ipt_multiport_v1)), ++ .help = &help_v1, + .init = &init, +- .parse = &parse, ++ .parse = &parse_v1, + .final_check = &final_check, +- .print = &print, +- .save = &save, ++ .print = &print_v1, ++ .save = &save_v1, + .extra_opts = opts + }; + diff --git a/package/iptables/patches/005-imq1.patch b/package/iptables/patches/005-imq1.patch new file mode 100644 index 0000000000..4591890304 --- /dev/null +++ b/package/iptables/patches/005-imq1.patch @@ -0,0 +1,224 @@ +diff -urN iptables.old/extensions/.IMQ-test iptables.dev/extensions/.IMQ-test +--- iptables.old/extensions/.IMQ-test 1970-01-01 01:00:00.000000000 +0100 ++++ iptables.dev/extensions/.IMQ-test 2005-10-09 01:00:36.358959750 +0200 +@@ -0,0 +1,3 @@ ++#!/bin/sh ++# True if IMQ target patch is applied. ++[ -f $KERNEL_DIR/net/ipv4/netfilter/ipt_IMQ.c ] && echo IMQ +diff -urN iptables.old/extensions/.IMQ-test6 iptables.dev/extensions/.IMQ-test6 +--- iptables.old/extensions/.IMQ-test6 1970-01-01 01:00:00.000000000 +0100 ++++ iptables.dev/extensions/.IMQ-test6 2005-10-09 01:00:36.358959750 +0200 +@@ -0,0 +1,3 @@ ++#!/bin/sh ++# True if IMQ target patch is applied. ++[ -f $KERNEL_DIR/net/ipv6/netfilter/ip6t_IMQ.c ] && echo IMQ +diff -urN iptables.old/extensions/libip6t_IMQ.c iptables.dev/extensions/libip6t_IMQ.c +--- iptables.old/extensions/libip6t_IMQ.c 1970-01-01 01:00:00.000000000 +0100 ++++ iptables.dev/extensions/libip6t_IMQ.c 2005-10-09 01:00:36.358959750 +0200 +@@ -0,0 +1,101 @@ ++/* Shared library add-on to iptables to add IMQ target support. */ ++#include ++#include ++#include ++#include ++ ++#include ++#include ++#include ++ ++/* Function which prints out usage message. */ ++static void ++help(void) ++{ ++ printf( ++"IMQ target v%s options:\n" ++" --todev enqueue to imq, defaults to 0\n", ++IPTABLES_VERSION); ++} ++ ++static struct option opts[] = { ++ { "todev", 1, 0, '1' }, ++ { 0 } ++}; ++ ++/* Initialize the target. */ ++static void ++init(struct ip6t_entry_target *t, unsigned int *nfcache) ++{ ++ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)t->data; ++ ++ mr->todev = 0; ++ *nfcache |= NFC_UNKNOWN; ++} ++ ++/* Function which parses command options; returns true if it ++ ate an option */ ++static int ++parse(int c, char **argv, int invert, unsigned int *flags, ++ const struct ip6t_entry *entry, ++ struct ip6t_entry_target **target) ++{ ++ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)(*target)->data; ++ ++ switch(c) { ++ case '1': ++ if (check_inverse(optarg, &invert, NULL, 0)) ++ exit_error(PARAMETER_PROBLEM, ++ "Unexpected `!' after --todev"); ++ mr->todev=atoi(optarg); ++ break; ++ default: ++ return 0; ++ } ++ return 1; ++} ++ ++static void ++final_check(unsigned int flags) ++{ ++} ++ ++/* Prints out the targinfo. */ ++static void ++print(const struct ip6t_ip6 *ip, ++ const struct ip6t_entry_target *target, ++ int numeric) ++{ ++ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)target->data; ++ ++ printf("IMQ: todev %u ", mr->todev); ++} ++ ++/* Saves the union ipt_targinfo in parsable form to stdout. */ ++static void ++save(const struct ip6t_ip6 *ip, const struct ip6t_entry_target *target) ++{ ++ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)target->data; ++ ++ printf("--todev %u", mr->todev); ++} ++ ++static struct ip6tables_target imq = { ++ .next = NULL, ++ .name = "IMQ", ++ .version = IPTABLES_VERSION, ++ .size = IP6T_ALIGN(sizeof(struct ip6t_imq_info)), ++ .userspacesize = IP6T_ALIGN(sizeof(struct ip6t_imq_info)), ++ .help = &help, ++ .init = &init, ++ .parse = &parse, ++ .final_check = &final_check, ++ .print = &print, ++ .save = &save, ++ .extra_opts = opts ++}; ++ ++void _init(void) ++{ ++ register_target6(&imq); ++} +diff -urN iptables.old/extensions/libipt_IMQ.c iptables.dev/extensions/libipt_IMQ.c +--- iptables.old/extensions/libipt_IMQ.c 1970-01-01 01:00:00.000000000 +0100 ++++ iptables.dev/extensions/libipt_IMQ.c 2005-10-09 01:00:36.358959750 +0200 +@@ -0,0 +1,101 @@ ++/* Shared library add-on to iptables to add IMQ target support. */ ++#include ++#include ++#include ++#include ++ ++#include ++#include ++#include ++ ++/* Function which prints out usage message. */ ++static void ++help(void) ++{ ++ printf( ++"IMQ target v%s options:\n" ++" --todev enqueue to imq, defaults to 0\n", ++IPTABLES_VERSION); ++} ++ ++static struct option opts[] = { ++ { "todev", 1, 0, '1' }, ++ { 0 } ++}; ++ ++/* Initialize the target. */ ++static void ++init(struct ipt_entry_target *t, unsigned int *nfcache) ++{ ++ struct ipt_imq_info *mr = (struct ipt_imq_info*)t->data; ++ ++ mr->todev = 0; ++ *nfcache |= NFC_UNKNOWN; ++} ++ ++/* Function which parses command options; returns true if it ++ ate an option */ ++static int ++parse(int c, char **argv, int invert, unsigned int *flags, ++ const struct ipt_entry *entry, ++ struct ipt_entry_target **target) ++{ ++ struct ipt_imq_info *mr = (struct ipt_imq_info*)(*target)->data; ++ ++ switch(c) { ++ case '1': ++ if (check_inverse(optarg, &invert, NULL, 0)) ++ exit_error(PARAMETER_PROBLEM, ++ "Unexpected `!' after --todev"); ++ mr->todev=atoi(optarg); ++ break; ++ default: ++ return 0; ++ } ++ return 1; ++} ++ ++static void ++final_check(unsigned int flags) ++{ ++} ++ ++/* Prints out the targinfo. */ ++static void ++print(const struct ipt_ip *ip, ++ const struct ipt_entry_target *target, ++ int numeric) ++{ ++ struct ipt_imq_info *mr = (struct ipt_imq_info*)target->data; ++ ++ printf("IMQ: todev %u ", mr->todev); ++} ++ ++/* Saves the union ipt_targinfo in parsable form to stdout. */ ++static void ++save(const struct ipt_ip *ip, const struct ipt_entry_target *target) ++{ ++ struct ipt_imq_info *mr = (struct ipt_imq_info*)target->data; ++ ++ printf("--todev %u", mr->todev); ++} ++ ++static struct iptables_target imq = { ++ .next = NULL, ++ .name = "IMQ", ++ .version = IPTABLES_VERSION, ++ .size = IPT_ALIGN(sizeof(struct ipt_imq_info)), ++ .userspacesize = IPT_ALIGN(sizeof(struct ipt_imq_info)), ++ .help = &help, ++ .init = &init, ++ .parse = &parse, ++ .final_check = &final_check, ++ .print = &print, ++ .save = &save, ++ .extra_opts = opts ++}; ++ ++void _init(void) ++{ ++ register_target(&imq); ++} diff --git a/package/iptables/patches/006-iprange-typesh.patch b/package/iptables/patches/006-iprange-typesh.patch new file mode 100644 index 0000000000..2dc60d44b3 --- /dev/null +++ b/package/iptables/patches/006-iprange-typesh.patch @@ -0,0 +1,10 @@ +--- iptables-1.3.5/extensions/libipt_iprange.c.orig 2006-12-05 19:28:58.000000000 +0100 ++++ iptables-1.3.5/extensions/libipt_iprange.c 2006-12-05 19:30:28.000000000 +0100 +@@ -6,6 +6,7 @@ + #include + + #include ++#include + #include + + /* Function which prints out usage message. */ diff --git a/package/iptables/patches/007-ifname_warning.patch b/package/iptables/patches/007-ifname_warning.patch new file mode 100644 index 0000000000..d6ffe13847 --- /dev/null +++ b/package/iptables/patches/007-ifname_warning.patch @@ -0,0 +1,28 @@ +diff -ur iptables.old/ip6tables.c iptables.dev/ip6tables.c +--- iptables.old/ip6tables.c 2006-01-30 09:43:12.000000000 +0100 ++++ iptables.dev/ip6tables.c 2007-01-02 00:29:50.000000000 +0100 +@@ -857,8 +857,9 @@ + for (i = 0; vianame[i]; i++) { + if (!isalnum(vianame[i]) + && vianame[i] != '_' ++ && vianame[i] != '-' + && vianame[i] != '.') { +- printf("Warning: wierd character in interface" ++ printf("Warning: weird character in interface" + " `%s' (No aliases, :, ! or *).\n", + vianame); + break; +diff -ur iptables.old/iptables.c iptables.dev/iptables.c +--- iptables.old/iptables.c 2006-01-30 09:43:09.000000000 +0100 ++++ iptables.dev/iptables.c 2007-01-02 00:29:38.000000000 +0100 +@@ -805,8 +805,9 @@ + for (i = 0; vianame[i]; i++) { + if (!isalnum(vianame[i]) + && vianame[i] != '_' ++ && vianame[i] != '-' + && vianame[i] != '.') { +- printf("Warning: wierd character in interface" ++ printf("Warning: weird character in interface" + " `%s' (No aliases, :, ! or *).\n", + vianame); + break; diff --git a/package/iptables/patches/008-chaostables.patch b/package/iptables/patches/008-chaostables.patch new file mode 100644 index 0000000000..7fc1aab456 --- /dev/null +++ b/package/iptables/patches/008-chaostables.patch @@ -0,0 +1,336 @@ +diff -ruN iptables-1.3.5.orig/extensions/.CHAOS-test iptables-1.3.5/extensions/.CHAOS-test +--- iptables-1.3.5.orig/extensions/.CHAOS-test 1970-01-01 01:00:00.000000000 +0100 ++++ iptables-1.3.5/extensions/.CHAOS-test 2007-01-09 16:05:23.251885840 +0100 +@@ -0,0 +1,2 @@ ++#!/bin/sh ++[ -f "$KERNEL_DIR/include/linux/netfilter/xt_CHAOS.h" ] && echo "CHAOS"; +diff -ruN iptables-1.3.5.orig/extensions/.DELUDE-test iptables-1.3.5/extensions/.DELUDE-test +--- iptables-1.3.5.orig/extensions/.DELUDE-test 1970-01-01 01:00:00.000000000 +0100 ++++ iptables-1.3.5/extensions/.DELUDE-test 2007-01-09 16:05:18.104057722 +0100 +@@ -0,0 +1,2 @@ ++#!/bin/sh ++echo "DELUDE"; +diff -ruN iptables-1.3.5.orig/extensions/libipt_CHAOS.c iptables-1.3.5/extensions/libipt_CHAOS.c +--- iptables-1.3.5.orig/extensions/libipt_CHAOS.c 1970-01-01 01:00:00.000000000 +0100 ++++ iptables-1.3.5/extensions/libipt_CHAOS.c 2007-01-09 16:05:23.251885840 +0100 +@@ -0,0 +1,111 @@ ++/* ++ CHAOS target for iptables ++ ++ Copyright © Jan Engelhardt , 2006 - 2007 ++ released under the terms of the GNU General Public ++ License version 2.x and only versions 2.x. ++*/ ++#include ++#include ++#include ++ ++#include ++#include ++#include ++ ++static void libipt_chaos_help(void) ++{ ++ printf( ++ "CHAOS target v%s options:\n" ++ " --delude Enable DELUDE processing for TCP\n" ++ " --tarpit Enable TARPIT processing for TCP\n", ++ IPTABLES_VERSION); ++ return; ++} ++ ++static int libipt_chaos_parse(int c, char **argv, int invert, ++ unsigned int *flags, const struct ipt_entry *entry, ++ struct ipt_entry_target **target) ++{ ++ struct xt_chaos_info *info = (void *)((*target)->data); ++ switch(c) { ++ case 'd': ++ info->variant = XTCHAOS_DELUDE; ++ *flags |= 0x02; ++ return 1; ++ case 't': ++ info->variant = XTCHAOS_TARPIT; ++ *flags |= 0x01; ++ return 1; ++ } ++ return 0; ++} ++ ++static void libipt_chaos_check(unsigned int flags) ++{ ++ if(flags != 0x03) ++ return; ++ /* If flags == 0x03, both were specified, which should not be. */ ++ exit_error(PARAMETER_PROBLEM, ++ "CHAOS: only one of --tarpit or --delude may be specified"); ++ return; ++} ++ ++static void libipt_chaos_print(const struct ipt_ip *ip, ++ const struct ipt_entry_target *target, int numeric) ++{ ++ const struct xt_chaos_info *info = (const void *)target->data; ++ switch(info->variant) { ++ case XTCHAOS_DELUDE: ++ printf("DELUDE "); ++ break; ++ case XTCHAOS_TARPIT: ++ printf("TARPIT "); ++ break; ++ default: ++ break; ++ } ++ return; ++} ++ ++static void libipt_chaos_save(const struct ipt_ip *ip, ++ const struct ipt_entry_target *target) ++{ ++ const struct xt_chaos_info *info = (const void *)target->data; ++ switch(info->variant) { ++ case XTCHAOS_DELUDE: ++ printf("--delude "); ++ break; ++ case XTCHAOS_TARPIT: ++ printf("--tarpit "); ++ break; ++ default: ++ break; ++ } ++ return; ++} ++ ++static struct option libipt_chaos_opts[] = { ++ {"delude", 0, NULL, 'd'}, ++ {"tarpit", 0, NULL, 't'}, ++ {NULL}, ++}; ++ ++static struct iptables_target libipt_chaos_info = { ++ .name = "CHAOS", ++ .version = IPTABLES_VERSION, ++ .size = IPT_ALIGN(sizeof(struct xt_chaos_info)), ++ .userspacesize = IPT_ALIGN(sizeof(struct xt_chaos_info)), ++ .help = libipt_chaos_help, ++ .parse = libipt_chaos_parse, ++ .final_check = libipt_chaos_check, ++ .print = libipt_chaos_print, ++ .save = libipt_chaos_save, ++ .extra_opts = libipt_chaos_opts, ++}; ++ ++static __attribute__((constructor)) void libipt_chaos_init(void) ++{ ++ register_target(&libipt_chaos_info); ++ return; ++} +diff -ruN iptables-1.3.5.orig/extensions/libipt_DELUDE.c iptables-1.3.5/extensions/libipt_DELUDE.c +--- iptables-1.3.5.orig/extensions/libipt_DELUDE.c 1970-01-01 01:00:00.000000000 +0100 ++++ iptables-1.3.5/extensions/libipt_DELUDE.c 2007-01-09 16:05:18.104057722 +0100 +@@ -0,0 +1,66 @@ ++/* ++ DELUDE target for iptables ++ ++ Copyright © Jan Engelhardt , 2006 - 2007 ++ released under the terms of the GNU General Public ++ License version 2.x and only versions 2.x. ++*/ ++#include ++#include ++#include ++ ++#include ++#include ++ ++static void libipt_delude_help(void) ++{ ++ printf("DELUDE takes no options\n"); ++ return; ++} ++ ++static int libipt_delude_parse(int c, char **argv, int invert, ++ unsigned int *flags, const struct ipt_entry *entry, ++ struct ipt_entry_target **target) ++{ ++ return 0; ++} ++ ++static void libipt_delude_check(unsigned int flags) ++{ ++ return; ++} ++ ++static void libipt_delude_print(const struct ipt_ip *ip, ++ const struct ipt_entry_target *target, int numeric) ++{ ++ return; ++} ++ ++static void libipt_delude_save(const struct ipt_ip *ip, ++ const struct ipt_entry_target *target) ++{ ++ return; ++} ++ ++static struct option libipt_delude_opts[] = { ++ {NULL}, ++}; ++ ++static struct iptables_target libipt_delude_info = { ++ .name = "DELUDE", ++ .version = IPTABLES_VERSION, ++ .size = IPT_ALIGN(0), ++ .userspacesize = IPT_ALIGN(0), ++ .help = libipt_delude_help, ++ .parse = libipt_delude_parse, ++ .final_check = libipt_delude_check, ++ .print = libipt_delude_print, ++ .save = libipt_delude_save, ++ .extra_opts = libipt_delude_opts, ++}; ++ ++static __attribute__((constructor)) void libipt_delude_init(void) ++{ ++ register_target(&libipt_delude_info); ++ return; ++} +diff -ruN iptables-1.3.5.orig/extensions/libipt_portscan.c iptables-1.3.5/extensions/libipt_portscan.c +--- iptables-1.3.5.orig/extensions/libipt_portscan.c 1970-01-01 01:00:00.000000000 +0100 ++++ iptables-1.3.5/extensions/libipt_portscan.c 2007-01-09 16:05:14.228187134 +0100 +@@ -0,0 +1,129 @@ ++/* ++ portscan match for iptables ++ ++ Copyright © Jan Engelhardt , 2006 - 2007 ++ released under the terms of the GNU General Public ++ License version 2.x and only versions 2.x. ++*/ ++#include ++#include ++#include ++#include ++ ++#include ++#include ++#include ++ ++static void libipt_portscan_help(void) ++{ ++ printf( ++ "portscan match v%s options:\n" ++ "(Combining them will make them match by OR-logic)\n" ++ " --stealth Match TCP Stealth packets\n" ++ " --synscan Match TCP SYN scans\n" ++ " --cnscan Match TCP Connect scans\n" ++ " --grscan Match Banner Grabbing scans\n", ++ IPTABLES_VERSION); ++ return; ++} ++ ++static void libipt_portscan_mtinit(struct ipt_entry_match *match, ++ unsigned int *nfcache) ++{ ++ /* Cannot cache this */ ++ *nfcache |= NFC_UNKNOWN; ++ return; ++} ++ ++static int libipt_portscan_parse(int c, char **argv, int invert, ++ unsigned int *flags, const struct ipt_entry *entry, unsigned int *nfc, ++ struct ipt_entry_match **match) ++{ ++ struct xt_portscan_info *info = (void *)((*match)->data); ++ ++ switch(c) { ++ case 'c': ++ info->match_cn = 1; ++ return 1; ++ case 'g': ++ info->match_gr = 1; ++ return 1; ++ case 's': ++ info->match_syn = 1; ++ return 1; ++ case 'x': ++ info->match_stealth = 1; ++ return 1; ++ default: ++ return 0; ++ } ++} ++ ++static void libipt_portscan_check(unsigned int flags) ++{ ++ return; ++} ++ ++static void libipt_portscan_print(const struct ipt_ip *ip, ++ const struct ipt_entry_match *match, int numeric) ++{ ++ const struct xt_portscan_info *info = (const void *)(match->data); ++ const char *s = ""; ++ ++ printf("portscan "); ++ if(info->match_stealth) { ++ printf("STEALTH"); ++ s = ","; ++ } ++ if(info->match_syn) { ++ printf("%sSYNSCAN", s); ++ s = ","; ++ } ++ if(info->match_cn) { ++ printf("%sCNSCAN", s); ++ s = ","; ++ } ++ if(info->match_gr) ++ printf("%sGRSCAN", s); ++ printf(" "); ++ return; ++} ++ ++static void libipt_portscan_save(const struct ipt_ip *ip, ++ const struct ipt_entry_match *match) ++{ ++ const struct xt_portscan_info *info = (const void *)(match->data); ++ if(info->match_stealth) printf("--stealth "); ++ if(info->match_syn) printf("--synscan "); ++ if(info->match_cn) printf("--cnscan "); ++ if(info->match_gr) printf("--grscan "); ++ return; ++} ++ ++static struct option libipt_portscan_opts[] = { ++ {"stealth", 0, NULL, 'x'}, ++ {"synscan", 0, NULL, 's'}, ++ {"cnscan", 0, NULL, 'c'}, ++ {"grscan", 0, NULL, 'g'}, ++ {NULL}, ++}; ++ ++static struct iptables_match libipt_portscan_info = { ++ .name = "portscan", ++ .version = IPTABLES_VERSION, ++ .size = IPT_ALIGN(sizeof(struct xt_portscan_info)), ++ .userspacesize = IPT_ALIGN(sizeof(struct xt_portscan_info)), ++ .help = libipt_portscan_help, ++ .init = libipt_portscan_mtinit, ++ .parse = libipt_portscan_parse, ++ .final_check = libipt_portscan_check, ++ .print = libipt_portscan_print, ++ .save = libipt_portscan_save, ++ .extra_opts = libipt_portscan_opts, ++}; ++ ++static __attribute__((constructor)) void libipt_portscan_init(void) ++{ ++ register_match(&libipt_portscan_info); ++ return; ++} +diff -ruN iptables-1.3.5.orig/extensions/.portscan-test iptables-1.3.5/extensions/.portscan-test +--- iptables-1.3.5.orig/extensions/.portscan-test 1970-01-01 01:00:00.000000000 +0100 ++++ iptables-1.3.5/extensions/.portscan-test 2007-01-09 16:05:14.228187134 +0100 +@@ -0,0 +1,2 @@ ++#!/bin/sh ++[ -f "$KERNEL_DIR/include/linux/netfilter/xt_portscan.h" ] && echo "portscan"; diff --git a/package/iptables/patches/01-ipp2p-0.8.1rc1.patch b/package/iptables/patches/01-ipp2p-0.8.1rc1.patch deleted file mode 100644 index f7129b4560..0000000000 --- a/package/iptables/patches/01-ipp2p-0.8.1rc1.patch +++ /dev/null @@ -1,454 +0,0 @@ -diff -urN iptables.old/extensions/Makefile iptables.dev/extensions/Makefile ---- iptables.old/extensions/Makefile 2005-07-20 04:22:56.000000000 +0200 -+++ iptables.dev/extensions/Makefile 2006-03-23 14:42:28.000000000 +0100 -@@ -8,6 +8,10 @@ - PF_EXT_SLIB:=ah addrtype comment connlimit connmark conntrack dscp ecn esp hashlimit helper icmp iprange length limit mac mark multiport owner physdev pkttype realm rpc sctp standard state tcp tcpmss tos ttl udp unclean CLASSIFY CONNMARK DNAT DSCP ECN LOG MARK MASQUERADE MIRROR NETMAP NFQUEUE NOTRACK REDIRECT REJECT SAME SNAT TARPIT TCPMSS TOS TRACE TTL ULOG - PF6_EXT_SLIB:=eui64 hl icmpv6 length limit mac mark multiport owner physdev standard tcp udp HL LOG NFQUEUE MARK TRACE - -+ -+# ipp2p -+PF_EXT_SLIB += ipp2p -+ - # Optionals - PF_EXT_SLIB_OPTS:=$(foreach T,$(wildcard extensions/.*-test),$(shell KERNEL_DIR=$(KERNEL_DIR) $(T))) - PF6_EXT_SLIB_OPTS:=$(foreach T,$(wildcard extensions/.*-test6),$(shell KERNEL_DIR=$(KERNEL_DIR) $(T))) -diff -urN iptables.old/extensions/libipt_ipp2p.c iptables.dev/extensions/libipt_ipp2p.c ---- iptables.old/extensions/libipt_ipp2p.c 1970-01-01 01:00:00.000000000 +0100 -+++ iptables.dev/extensions/libipt_ipp2p.c 2006-03-23 14:43:26.000000000 +0100 -@@ -0,0 +1,401 @@ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include -+ -+#include -+ -+static void -+help(void) -+{ -+ printf( -+ "IPP2P v%s options:\n" -+ " --ipp2p Grab all known p2p packets\n" -+ " --edk [TCP&UDP] All known eDonkey/eMule/Overnet packets\n" -+ " --dc [TCP] All known Direct Connect packets\n" -+ " --kazaa [TCP&UDP] All known KaZaA packets\n" -+ " --gnu [TCP&UDP] All known Gnutella packets\n" -+ " --bit [TCP&UDP] All known BitTorrent packets\n" -+ " --apple [TCP] All known AppleJuice packets\n" -+ " --winmx [TCP] All known WinMX\n" -+ " --soul [TCP] All known SoulSeek\n" -+ " --ares [TCP] All known Ares\n\n" -+ " EXPERIMENTAL protocols (please send feedback to: ipp2p@ipp2p.org) :\n" -+ " --mute [TCP] All known Mute packets\n" -+ " --waste [TCP] All known Waste packets\n" -+ " --xdcc [TCP] All known XDCC packets (only xdcc login)\n\n" -+ " DEBUG SUPPPORT, use only if you know why\n" -+ " --debug Generate kernel debug output, THIS WILL SLOW DOWN THE FILTER\n" -+ "\nNote that the follwing options will have the same meaning:\n" -+ " '--ipp2p' is equal to '--edk --dc --kazaa --gnu --bit --apple --winmx --soul --ares'\n" -+ "\nIPP2P was intended for TCP only. Due to increasing usage of UDP we needed to change this.\n" -+ "You can now use -p udp to search UDP packets only or without -p switch to search UDP and TCP packets.\n" -+ "\nSee README included with this package for more details or visit http://www.ipp2p.org\n" -+ "\nExamples:\n" -+ " iptables -A FORWARD -m ipp2p --ipp2p -j MARK --set-mark 0x01\n" -+ " iptables -A FORWARD -p udp -m ipp2p --kazaa --bit -j DROP\n" -+ " iptables -A FORWARD -p tcp -m ipp2p --edk --soul -j DROP\n\n" -+ , IPP2P_VERSION); -+} -+ -+static struct option opts[] = { -+ { "ipp2p", 0, 0, '1' }, -+ { "edk", 0, 0, '2' }, -+ { "dc", 0, 0, '7' }, -+ { "gnu", 0, 0, '9' }, -+ { "kazaa", 0, 0, 'a' }, -+ { "bit", 0, 0, 'b' }, -+ { "apple", 0, 0, 'c' }, -+ { "soul", 0, 0, 'd' }, -+ { "winmx", 0, 0, 'e' }, -+ { "ares", 0, 0, 'f' }, -+ { "mute", 0, 0, 'g' }, -+ { "waste", 0, 0, 'h' }, -+ { "xdcc", 0, 0, 'i' }, -+ { "debug", 0, 0, 'j' }, -+ {0} -+}; -+ -+ -+ -+static void -+init(struct ipt_entry_match *m, unsigned int *nfcache) -+{ -+ struct ipt_p2p_info *info = (struct ipt_p2p_info *)m->data; -+ -+ *nfcache |= NFC_UNKNOWN; -+ -+ /*init the module with default values*/ -+ info->cmd = 0; -+ info->debug = 0; -+ -+} -+ -+ -+static int -+parse(int c, char **argv, int invert, unsigned int *flags, -+ const struct ipt_entry *entry, -+ unsigned int *nfcache, -+ struct ipt_entry_match **match) -+{ -+ struct ipt_p2p_info *info = (struct ipt_p2p_info *)(*match)->data; -+ -+ switch (c) { -+ case '1': /*cmd: ipp2p*/ -+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p' may only be " -+ "specified once!"); -+/* if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p-data' may only be " -+ "specified alone!");*/ -+ if ((*flags) != 0) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p' may only be " -+ "specified alone!"); -+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); -+ *flags += SHORT_HAND_IPP2P; -+ info->cmd = *flags; -+ break; -+ -+ case '2': /*cmd: edk*/ -+ if ((*flags & IPP2P_EDK) == IPP2P_EDK) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--edk' may only be " -+ "specified once"); -+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p' may only be " -+ "specified alone!"); -+/* if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p-data' may only be " -+ "specified alone!");*/ -+ if ((*flags & IPP2P_DATA_EDK) == IPP2P_DATA_EDK) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: use `--edk' OR `--edk-data' but not both of them!"); -+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); -+ *flags += IPP2P_EDK; -+ info->cmd = *flags; -+ break; -+ -+ -+ case '7': /*cmd: dc*/ -+ if ((*flags & IPP2P_DC) == IPP2P_DC) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--dc' may only be " -+ "specified once!"); -+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p' may only be " -+ "specified alone!"); -+/* if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p-data' may only be " -+ "specified alone!");*/ -+ if ((*flags & IPP2P_DATA_DC) == IPP2P_DATA_DC) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: use `--dc' OR `--dc-data' but not both of them!"); -+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); -+ *flags += IPP2P_DC; -+ info->cmd = *flags; -+ break; -+ -+ -+ case '9': /*cmd: gnu*/ -+ if ((*flags & IPP2P_GNU) == IPP2P_GNU) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--gnu' may only be " -+ "specified once!"); -+/* if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p-data' may only be " -+ "specified alone!");*/ -+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p' may only be " -+ "specified alone!"); -+ if ((*flags & IPP2P_DATA_GNU) == IPP2P_DATA_GNU) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: use `--gnu' OR `--gnu-data' but not both of them!"); -+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); -+ *flags += IPP2P_GNU; -+ info->cmd = *flags; -+ break; -+ -+ case 'a': /*cmd: kazaa*/ -+ if ((*flags & IPP2P_KAZAA) == IPP2P_KAZAA) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--kazaa' may only be " -+ "specified once!"); -+/* if ((*flags & SHORT_HAND_DATA) == SHORT_HAND_DATA) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p-data' may only be " -+ "specified alone!");*/ -+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p' may only be " -+ "specified alone!"); -+ if ((*flags & IPP2P_DATA_KAZAA) == IPP2P_DATA_KAZAA) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: use `--kazaa' OR `--kazaa-data' but not both of them!"); -+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); -+ *flags += IPP2P_KAZAA; -+ info->cmd = *flags; -+ break; -+ -+ case 'b': /*cmd: bit*/ -+ if ((*flags & IPP2P_BIT) == IPP2P_BIT) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--bit' may only be " -+ "specified once!"); -+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p' may only be " -+ "specified alone!"); -+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); -+ *flags += IPP2P_BIT; -+ info->cmd = *flags; -+ break; -+ -+ case 'c': /*cmd: apple*/ -+ if ((*flags & IPP2P_APPLE) == IPP2P_APPLE) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--apple' may only be " -+ "specified once!"); -+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p' may only be " -+ "specified alone!"); -+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); -+ *flags += IPP2P_APPLE; -+ info->cmd = *flags; -+ break; -+ -+ -+ case 'd': /*cmd: soul*/ -+ if ((*flags & IPP2P_SOUL) == IPP2P_SOUL) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--soul' may only be " -+ "specified once!"); -+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p' may only be " -+ "specified alone!"); -+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); -+ *flags += IPP2P_SOUL; -+ info->cmd = *flags; -+ break; -+ -+ -+ case 'e': /*cmd: winmx*/ -+ if ((*flags & IPP2P_WINMX) == IPP2P_WINMX) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--winmx' may only be " -+ "specified once!"); -+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p' may only be " -+ "specified alone!"); -+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); -+ *flags += IPP2P_WINMX; -+ info->cmd = *flags; -+ break; -+ -+ case 'f': /*cmd: ares*/ -+ if ((*flags & IPP2P_ARES) == IPP2P_ARES) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ares' may only be " -+ "specified once!"); -+ if ((*flags & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ipp2p' may only be " -+ "specified alone!"); -+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); -+ *flags += IPP2P_ARES; -+ info->cmd = *flags; -+ break; -+ -+ case 'g': /*cmd: mute*/ -+ if ((*flags & IPP2P_MUTE) == IPP2P_MUTE) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--mute' may only be " -+ "specified once!"); -+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); -+ *flags += IPP2P_MUTE; -+ info->cmd = *flags; -+ break; -+ case 'h': /*cmd: waste*/ -+ if ((*flags & IPP2P_WASTE) == IPP2P_WASTE) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--waste' may only be " -+ "specified once!"); -+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); -+ *flags += IPP2P_WASTE; -+ info->cmd = *flags; -+ break; -+ case 'i': /*cmd: xdcc*/ -+ if ((*flags & IPP2P_XDCC) == IPP2P_XDCC) -+ exit_error(PARAMETER_PROBLEM, -+ "ipp2p: `--ares' may only be " -+ "specified once!"); -+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); -+ *flags += IPP2P_XDCC; -+ info->cmd = *flags; -+ break; -+ -+ case 'j': /*cmd: debug*/ -+ if (invert) exit_error(PARAMETER_PROBLEM, "ipp2p: invert [!] is not allowed!"); -+ info->debug = 1; -+ break; -+ -+ default: -+// exit_error(PARAMETER_PROBLEM, -+// "\nipp2p-parameter problem: for ipp2p usage type: iptables -m ipp2p --help\n"); -+ return 0; -+ } -+ return 1; -+} -+ -+ -+static void -+final_check(unsigned int flags) -+{ -+ if (!flags) -+ exit_error(PARAMETER_PROBLEM, -+ "\nipp2p-parameter problem: for ipp2p usage type: iptables -m ipp2p --help\n"); -+} -+ -+ -+ -+static void -+print(const struct ipt_ip *ip, -+ const struct ipt_entry_match *match, -+ int numeric) -+{ -+ struct ipt_p2p_info *info = (struct ipt_p2p_info *)match->data; -+ -+ printf("ipp2p v%s", IPP2P_VERSION); -+ if ((info->cmd & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) printf(" --ipp2p"); -+// if ((info->cmd & SHORT_HAND_DATA) == SHORT_HAND_DATA) printf(" --ipp2p-data"); -+ if ((info->cmd & IPP2P_KAZAA) == IPP2P_KAZAA) printf(" --kazaa"); -+// if ((info->cmd & IPP2P_DATA_KAZAA) == IPP2P_DATA_KAZAA) printf(" --kazaa-data"); -+// if ((info->cmd & IPP2P_DATA_GNU) == IPP2P_DATA_GNU) printf(" --gnu-data"); -+ if ((info->cmd & IPP2P_GNU) == IPP2P_GNU) printf(" --gnu"); -+ if ((info->cmd & IPP2P_EDK) == IPP2P_EDK) printf(" --edk"); -+// if ((info->cmd & IPP2P_DATA_EDK) == IPP2P_DATA_EDK) printf(" --edk-data"); -+// if ((info->cmd & IPP2P_DATA_DC) == IPP2P_DATA_DC) printf(" --dc-data"); -+ if ((info->cmd & IPP2P_DC) == IPP2P_DC) printf(" --dc"); -+ if ((info->cmd & IPP2P_BIT) == IPP2P_BIT) printf(" --bit"); -+ if ((info->cmd & IPP2P_APPLE) == IPP2P_APPLE) printf(" --apple"); -+ if ((info->cmd & IPP2P_SOUL) == IPP2P_SOUL) printf(" --soul"); -+ if ((info->cmd & IPP2P_WINMX) == IPP2P_WINMX) printf(" --winmx"); -+ if ((info->cmd & IPP2P_ARES) == IPP2P_ARES) printf(" --ares"); -+ if ((info->cmd & IPP2P_MUTE) == IPP2P_MUTE) printf(" --mute"); -+ if ((info->cmd & IPP2P_WASTE) == IPP2P_WASTE) printf(" --waste"); -+ if ((info->cmd & IPP2P_XDCC) == IPP2P_XDCC) printf(" --xdcc"); -+ if (info->debug != 0) printf(" --debug"); -+ printf(" "); -+} -+ -+ -+ -+static void -+save(const struct ipt_ip *ip, const struct ipt_entry_match *match) -+{ -+ struct ipt_p2p_info *info = (struct ipt_p2p_info *)match->data; -+ -+ if ((info->cmd & SHORT_HAND_IPP2P) == SHORT_HAND_IPP2P) printf("--ipp2p "); -+// if ((info->cmd & SHORT_HAND_DATA) == SHORT_HAND_DATA) printf("--ipp2p-data "); -+ if ((info->cmd & IPP2P_KAZAA) == IPP2P_KAZAA) printf("--kazaa "); -+// if ((info->cmd & IPP2P_DATA_KAZAA) == IPP2P_DATA_KAZAA) printf("--kazaa-data "); -+// if ((info->cmd & IPP2P_DATA_GNU) == IPP2P_DATA_GNU) printf("--gnu-data "); -+ if ((info->cmd & IPP2P_GNU) == IPP2P_GNU) printf("--gnu "); -+ if ((info->cmd & IPP2P_EDK) == IPP2P_EDK) printf("--edk "); -+// if ((info->cmd & IPP2P_DATA_EDK) == IPP2P_DATA_EDK) printf("--edk-data "); -+// if ((info->cmd & IPP2P_DATA_DC) == IPP2P_DATA_DC) printf("--dc-data "); -+ if ((info->cmd & IPP2P_DC) == IPP2P_DC) printf("--dc "); -+ if ((info->cmd & IPP2P_BIT) == IPP2P_BIT) printf("--bit "); -+ if ((info->cmd & IPP2P_APPLE) == IPP2P_APPLE) printf("--apple "); -+ if ((info->cmd & IPP2P_SOUL) == IPP2P_SOUL) printf("--soul "); -+ if ((info->cmd & IPP2P_WINMX) == IPP2P_WINMX) printf("--winmx "); -+ if ((info->cmd & IPP2P_ARES) == IPP2P_ARES) printf("--ares "); -+ if ((info->cmd & IPP2P_MUTE) == IPP2P_MUTE) printf(" --mute"); -+ if ((info->cmd & IPP2P_WASTE) == IPP2P_WASTE) printf(" --waste"); -+ if ((info->cmd & IPP2P_XDCC) == IPP2P_XDCC) printf(" --xdcc"); -+ if (info->debug != 0) printf("--debug "); -+} -+ -+ -+ -+ -+static -+struct iptables_match ipp2p= -+{ -+ .next = NULL, -+ .name = "ipp2p", -+ .version = IPTABLES_VERSION, -+ .size = IPT_ALIGN(sizeof(struct ipt_p2p_info)), -+ .userspacesize = IPT_ALIGN(sizeof(struct ipt_p2p_info)), -+ .help = &help, -+ .init = &init, -+ .parse = &parse, -+ .final_check = &final_check, -+ .print = &print, -+ .save = &save, -+ .extra_opts = opts -+}; -+ -+ -+ -+void _init(void) -+{ -+ register_match(&ipp2p); -+} -+ -diff -urN iptables.old/include/linux/netfilter_ipv4/ipt_ipp2p.h iptables.dev/include/linux/netfilter_ipv4/ipt_ipp2p.h ---- iptables.old/include/linux/netfilter_ipv4/ipt_ipp2p.h 1970-01-01 01:00:00.000000000 +0100 -+++ iptables.dev/include/linux/netfilter_ipv4/ipt_ipp2p.h 2006-03-23 14:44:26.000000000 +0100 -@@ -0,0 +1,31 @@ -+#ifndef __IPT_IPP2P_H -+#define __IPT_IPP2P_H -+#define IPP2P_VERSION "0.8.1_rc1" -+ -+struct ipt_p2p_info { -+ int cmd; -+ int debug; -+}; -+ -+#endif //__IPT_IPP2P_H -+ -+#define SHORT_HAND_IPP2P 1 /* --ipp2p switch*/ -+//#define SHORT_HAND_DATA 4 /* --ipp2p-data switch*/ -+#define SHORT_HAND_NONE 5 /* no short hand*/ -+ -+#define IPP2P_EDK (1 << 1) -+#define IPP2P_DATA_KAZAA (1 << 2) -+#define IPP2P_DATA_EDK (1 << 3) -+#define IPP2P_DATA_DC (1 << 4) -+#define IPP2P_DC (1 << 5) -+#define IPP2P_DATA_GNU (1 << 6) -+#define IPP2P_GNU (1 << 7) -+#define IPP2P_KAZAA (1 << 8) -+#define IPP2P_BIT (1 << 9) -+#define IPP2P_APPLE (1 << 10) -+#define IPP2P_SOUL (1 << 11) -+#define IPP2P_WINMX (1 << 12) -+#define IPP2P_ARES (1 << 13) -+#define IPP2P_MUTE (1 << 14) -+#define IPP2P_WASTE (1 << 15) -+#define IPP2P_XDCC (1 << 16) diff --git a/package/iptables/patches/02-layer7-1.5nbd.patch b/package/iptables/patches/02-layer7-1.5nbd.patch deleted file mode 100644 index 95c62a860a..0000000000 --- a/package/iptables/patches/02-layer7-1.5nbd.patch +++ /dev/null @@ -1,416 +0,0 @@ -diff -urN iptables.old/extensions/.layer7-test iptables.dev/extensions/.layer7-test ---- iptables.old/extensions/.layer7-test 1970-01-01 01:00:00.000000000 +0100 -+++ iptables.dev/extensions/.layer7-test 2005-11-10 16:57:51.819381000 +0100 -@@ -0,0 +1,2 @@ -+#! /bin/sh -+[ -f $KERNEL_DIR/include/linux/netfilter_ipv4/ipt_layer7.h ] && echo layer7 -diff -urN iptables.old/extensions/ipt_layer7.h iptables.dev/extensions/ipt_layer7.h ---- iptables.old/extensions/ipt_layer7.h 1970-01-01 01:00:00.000000000 +0100 -+++ iptables.dev/extensions/ipt_layer7.h 2005-11-10 17:46:32.933599750 +0100 -@@ -0,0 +1,27 @@ -+/* -+ By Matthew Strait , Dec 2003. -+ http://l7-filter.sf.net -+ -+ This program is free software; you can redistribute it and/or -+ modify it under the terms of the GNU General Public License -+ as published by the Free Software Foundation; either version -+ 2 of the License, or (at your option) any later version. -+ http://www.gnu.org/licenses/gpl.txt -+*/ -+ -+#ifndef _IPT_LAYER7_H -+#define _IPT_LAYER7_H -+ -+#define MAX_PATTERN_LEN 8192 -+#define MAX_PROTOCOL_LEN 256 -+ -+typedef char *(*proc_ipt_search) (char *, char, char *); -+ -+struct ipt_layer7_info { -+ char protocol[MAX_PROTOCOL_LEN]; -+ char invert:1; -+ char pattern[MAX_PATTERN_LEN]; -+ char pkt; -+}; -+ -+#endif /* _IPT_LAYER7_H */ -diff -urN iptables.old/extensions/libipt_layer7.c iptables.dev/extensions/libipt_layer7.c ---- iptables.old/extensions/libipt_layer7.c 1970-01-01 01:00:00.000000000 +0100 -+++ iptables.dev/extensions/libipt_layer7.c 2005-11-10 17:47:01.399378750 +0100 -@@ -0,0 +1,358 @@ -+/* -+ Shared library add-on to iptables to add layer 7 matching support. -+ -+ By Matthew Strait , Oct 2003. -+ -+ http://l7-filter.sf.net -+ -+ This program is free software; you can redistribute it and/or -+ modify it under the terms of the GNU General Public License -+ as published by the Free Software Foundation; either version -+ 2 of the License, or (at your option) any later version. -+ http://www.gnu.org/licenses/gpl.txt -+ -+ Based on libipt_string.c (C) 2000 Emmanuel Roger -+*/ -+ -+#define _GNU_SOURCE -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include -+#include "ipt_layer7.h" -+ -+#define MAX_FN_LEN 256 -+ -+static char l7dir[MAX_FN_LEN] = "\0"; -+ -+/* Function which prints out usage message. */ -+static void help(void) -+{ -+ printf( -+ "LAYER7 match v%s options:\n" -+ "--l7dir : Look for patterns here instead of /etc/l7-protocols/\n" -+ " (--l7dir must be specified before --l7proto if used!)\n" -+ "--l7proto [!] : Match the protocol defined in /etc/l7-protocols/name.pat\n" -+ "--l7pkt : Skip connection tracking and match individual packets\n", -+ IPTABLES_VERSION); -+ fputc('\n', stdout); -+} -+ -+static struct option opts[] = { -+ { .name = "l7proto", .has_arg = 1, .flag = 0, .val = '1' }, -+ { .name = "l7dir", .has_arg = 1, .flag = 0, .val = '2' }, -+ { .name = "l7pkt", .has_arg = 0, .flag = 0, .val = '3' }, -+ { .name = 0 } -+}; -+ -+/* reads filename, puts protocol info into layer7_protocol_info, number of protocols to numprotos */ -+int parse_protocol_file(char * filename, const unsigned char * protoname, struct ipt_layer7_info *info) -+{ -+ FILE * f; -+ char * line = NULL; -+ size_t len = 0; -+ -+ enum { protocol, pattern, done } datatype = protocol; -+ -+ f = fopen(filename, "r"); -+ -+ if(!f) -+ return 0; -+ -+ while(getline(&line, &len, f) != -1) -+ { -+ if(strlen(line) < 2 || line[0] == '#') -+ continue; -+ -+ /* strip the pesky newline... */ -+ if(line[strlen(line) - 1] == '\n') -+ line[strlen(line) - 1] = '\0'; -+ -+ if(datatype == protocol) -+ { -+ if(strcmp(line, protoname)) -+ exit_error(OTHER_PROBLEM, -+ "Protocol name (%s) doesn't match file name (%s). Bailing out\n", -+ protoname, filename); -+ -+ if(strlen(line) >= MAX_PROTOCOL_LEN) -+ exit_error(PARAMETER_PROBLEM, -+ "Protocol name in %s too long!", filename); -+ strncpy(info->protocol, line, MAX_PROTOCOL_LEN); -+ -+ datatype = pattern; -+ } -+ else if(datatype == pattern) -+ { -+ if(strlen(line) >= MAX_PATTERN_LEN) -+ exit_error(PARAMETER_PROBLEM, "Pattern in %s too long!", filename); -+ strncpy(info->pattern, line, MAX_PATTERN_LEN); -+ -+ datatype = done; -+ break; -+ } -+ else -+ exit_error(OTHER_PROBLEM, "Internal error"); -+ } -+ -+ if(datatype != done) -+ exit_error(OTHER_PROBLEM, "Failed to get all needed data from %s", filename); -+ -+ if(line) free(line); -+ fclose(f); -+ -+ return 1; -+ -+/* -+ fprintf(stderr, "protocol: %s\npattern: %s\n\n", -+ info->protocol, -+ info->pattern); -+*/ -+} -+ -+static int hex2dec(char c) -+{ -+ switch (c) -+ { -+ case '0' ... '9': -+ return c - '0'; -+ case 'a' ... 'f': -+ return c - 'a' + 10; -+ case 'A' ... 'F': -+ return c - 'A' + 10; -+ default: -+ exit_error(OTHER_PROBLEM, "hex2dec: bad value!\n"); -+ return 0; -+ } -+} -+ -+/* takes a string with \xHH escapes and returns one with the characters -+they stand for */ -+static char * pre_process(char * s) -+{ -+ char * result = malloc(strlen(s) + 1); -+ int sindex = 0, rindex = 0; -+ while( sindex < strlen(s) ) -+ { -+ if( sindex + 3 < strlen(s) && -+ s[sindex] == '\\' && s[sindex+1] == 'x' && -+ isxdigit(s[sindex + 2]) && isxdigit(s[sindex + 3]) ) -+ { -+ /* carefully remember to call tolower here... */ -+ result[rindex] = tolower( hex2dec(s[sindex + 2])*16 + -+ hex2dec(s[sindex + 3] ) ); -+ sindex += 3; /* 4 total */ -+ } -+ else -+ result[rindex] = tolower(s[sindex]); -+ -+ sindex++; -+ rindex++; -+ } -+ result[rindex] = '\0'; -+ -+ return result; -+} -+ -+#define MAX_SUBDIRS 128 -+char ** readl7dir(char * dirname) -+{ -+ DIR * scratchdir; -+ struct dirent ** namelist; -+ char ** subdirs = malloc(MAX_SUBDIRS * sizeof(char *)); -+ -+ int n, d = 1; -+ subdirs[0] = ""; -+ -+ n = scandir(dirname, &namelist, 0, alphasort); -+ -+ if (n < 0) -+ { -+ perror("scandir"); -+ exit_error(OTHER_PROBLEM, "Couldn't open %s\n", dirname); -+ } -+ else -+ { -+ while(n--) -+ { -+ char fulldirname[MAX_FN_LEN]; -+ -+ snprintf(fulldirname, MAX_FN_LEN, "%s/%s", dirname, namelist[n]->d_name); -+ -+ if((scratchdir = opendir(fulldirname)) != NULL) -+ { -+ closedir(scratchdir); -+ -+ if(!strcmp(namelist[n]->d_name, ".") || -+ !strcmp(namelist[n]->d_name, "..")) -+ /* do nothing */ ; -+ else -+ { -+ subdirs[d] = malloc(strlen(namelist[n]->d_name) + 1); -+ strcpy(subdirs[d], namelist[n]->d_name); -+ d++; -+ if(d >= MAX_SUBDIRS - 1) -+ { -+ fprintf(stderr, -+ "Too many subdirectories, skipping the rest!\n"); -+ break; -+ } -+ } -+ } -+ free(namelist[n]); -+ } -+ free(namelist); -+ } -+ -+ subdirs[d] = NULL; -+ -+ return subdirs; -+} -+ -+static void -+parse_layer7_protocol(const unsigned char *s, struct ipt_layer7_info *info) -+{ -+ char filename[MAX_FN_LEN]; -+ char * dir = NULL; -+ char ** subdirs; -+ int n = 0, done = 0; -+ -+ if(strlen(l7dir) > 0) -+ dir = l7dir; -+ else -+ dir = "/etc/l7-protocols"; -+ -+ subdirs = readl7dir(dir); -+ -+ while(subdirs[n] != NULL) -+ { -+ int c = snprintf(filename, MAX_FN_LEN, "%s/%s/%s.pat", dir, subdirs[n], s); -+ -+ //fprintf(stderr, "Trying to find pattern in %s ... ", filename); -+ -+ if(c > MAX_FN_LEN) -+ { -+ exit_error(OTHER_PROBLEM, -+ "Filename beginning with %s is too long!\n", filename); -+ } -+ -+ /* read in the pattern from the file */ -+ if(parse_protocol_file(filename, s, info)) -+ { -+ //fprintf(stderr, "found\n"); -+ done = 1; -+ break; -+ } -+ -+ //fprintf(stderr, "not found\n"); -+ -+ n++; -+ } -+ -+ if(!done) -+ exit_error(OTHER_PROBLEM, -+ "Couldn't find a pattern definition file for %s.\n", s); -+ -+ /* process \xHH escapes and tolower everything. (our regex lib has no -+ case insensitivity option.) */ -+ strncpy(info->pattern, pre_process(info->pattern), MAX_PATTERN_LEN); -+} -+ -+/* Function which parses command options; returns true if it ate an option */ -+static int parse(int c, char **argv, int invert, unsigned int *flags, -+ const struct ipt_entry *entry, unsigned int *nfcache, -+ struct ipt_entry_match **match) -+{ -+ struct ipt_layer7_info *layer7info = -+ (struct ipt_layer7_info *)(*match)->data; -+ -+ switch (c) { -+ case '1': -+ check_inverse(optarg, &invert, &optind, 0); -+ parse_layer7_protocol(argv[optind-1], layer7info); -+ if (invert) -+ layer7info->invert = 1; -+ *flags = 1; -+ break; -+ -+ case '2': -+ /* not going to use this, but maybe we need to strip a ! anyway (?) */ -+ check_inverse(optarg, &invert, &optind, 0); -+ -+ if(strlen(argv[optind-1]) >= MAX_FN_LEN) -+ exit_error(PARAMETER_PROBLEM, "directory name too long\n"); -+ -+ strncpy(l7dir, argv[optind-1], MAX_FN_LEN); -+ -+ *flags = 1; -+ break; -+ case '3': -+ layer7info->pkt = 1; -+ break; -+ -+ default: -+ return 0; -+ } -+ -+ return 1; -+} -+ -+/* Final check; must have specified --pattern. */ -+static void final_check(unsigned int flags) -+{ -+ if (!flags) -+ exit_error(PARAMETER_PROBLEM, -+ "LAYER7 match: You must specify `--pattern'"); -+} -+ -+static void print_protocol(char s[], int invert, int numeric) -+{ -+ fputs("l7proto ", stdout); -+ if (invert) fputc('!', stdout); -+ printf("%s ", s); -+} -+ -+/* Prints out the matchinfo. */ -+static void print(const struct ipt_ip *ip, -+ const struct ipt_entry_match *match, -+ int numeric) -+{ -+ printf("LAYER7 "); -+ -+ print_protocol(((struct ipt_layer7_info *)match->data)->protocol, -+ ((struct ipt_layer7_info *)match->data)->invert, numeric); -+ -+ if (((struct ipt_layer7_info *)match->data)->pkt) -+ printf("l7pkt "); -+} -+/* Saves the union ipt_matchinfo in parsable form to stdout. */ -+static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match) -+{ -+ const struct ipt_layer7_info *info = -+ (const struct ipt_layer7_info*) match->data; -+ -+ printf("--l7proto %s%s ", (info->invert) ? "! ": "", info->protocol); -+} -+ -+static struct iptables_match layer7 = { -+ .name = "layer7", -+ .version = IPTABLES_VERSION, -+ .size = IPT_ALIGN(sizeof(struct ipt_layer7_info)), -+ .userspacesize = IPT_ALIGN(sizeof(struct ipt_layer7_info)), -+ .help = &help, -+ .parse = &parse, -+ .final_check = &final_check, -+ .print = &print, -+ .save = &save, -+ .extra_opts = opts -+}; -+ -+void _init(void) -+{ -+ register_match(&layer7); -+} -diff -urN iptables.old/extensions/libipt_layer7.man iptables.dev/extensions/libipt_layer7.man ---- iptables.old/extensions/libipt_layer7.man 1970-01-01 01:00:00.000000000 +0100 -+++ iptables.dev/extensions/libipt_layer7.man 2005-11-10 16:57:51.823381250 +0100 -@@ -0,0 +1,13 @@ -+This module matches packets based on the application layer data of -+their connections. It uses regular expression matching to compare -+the application layer data to regular expressions found it the layer7 -+configuration files. This is an experimental module which can be found at -+http://l7-filter.sf.net. It takes two options. -+.TP -+.BI "--l7proto " "\fIprotocol\fP" -+Match the specified protocol. The protocol name must match a file -+name in /etc/l7-protocols/ -+.TP -+.BI "--l7dir " "\fIdirectory\fP" -+Use \fIdirectory\fP instead of /etc/l7-protocols/ -+ diff --git a/package/iptables/patches/04-multiport_v1.patch b/package/iptables/patches/04-multiport_v1.patch deleted file mode 100644 index 90b5144c75..0000000000 --- a/package/iptables/patches/04-multiport_v1.patch +++ /dev/null @@ -1,221 +0,0 @@ -diff -urN iptables.old/extensions/libipt_multiport.c iptables.dev/extensions/libipt_multiport.c ---- iptables.old/extensions/libipt_multiport.c 2005-02-19 20:19:17.000000000 +0100 -+++ iptables.dev/extensions/libipt_multiport.c 2006-02-04 05:46:12.154127750 +0100 -@@ -8,24 +8,6 @@ - /* To ensure that iptables compiles with an old kernel */ - #include "../include/linux/netfilter_ipv4/ipt_multiport.h" - --/* Function which prints out usage message. */ --static void --help(void) --{ -- printf( --"multiport v%s options:\n" --" --source-ports port[,port,port...]\n" --" --sports ...\n" --" match source port(s)\n" --" --destination-ports port[,port,port...]\n" --" --dports ...\n" --" match destination port(s)\n" --" --ports port[,port,port]\n" --" match both source and destination port(s)\n" --" NOTE: this kernel does not support port ranges in multiport.\n", --IPTABLES_VERSION); --} -- - static void - help_v1(void) - { -@@ -75,26 +57,6 @@ - "invalid port/service `%s' specified", port); - } - --static unsigned int --parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto) --{ -- char *buffer, *cp, *next; -- unsigned int i; -- -- buffer = strdup(portstring); -- if (!buffer) exit_error(OTHER_PROBLEM, "strdup failed"); -- -- for (cp=buffer, i=0; cp && idata; -- -- switch (c) { -- case '1': -- check_inverse(argv[optind-1], &invert, &optind, 0); -- proto = check_proto(entry); -- multiinfo->count = parse_multi_ports(argv[optind-1], -- multiinfo->ports, proto); -- multiinfo->flags = IPT_MULTIPORT_SOURCE; -- break; -- -- case '2': -- check_inverse(argv[optind-1], &invert, &optind, 0); -- proto = check_proto(entry); -- multiinfo->count = parse_multi_ports(argv[optind-1], -- multiinfo->ports, proto); -- multiinfo->flags = IPT_MULTIPORT_DESTINATION; -- break; -- -- case '3': -- check_inverse(argv[optind-1], &invert, &optind, 0); -- proto = check_proto(entry); -- multiinfo->count = parse_multi_ports(argv[optind-1], -- multiinfo->ports, proto); -- multiinfo->flags = IPT_MULTIPORT_EITHER; -- break; -- -- default: -- return 0; -- } -- -- if (invert) -- exit_error(PARAMETER_PROBLEM, -- "multiport does not support invert"); -- -- if (*flags) -- exit_error(PARAMETER_PROBLEM, -- "multiport can only have one option"); -- *flags = 1; -- return 1; --} -- - static int - parse_v1(int c, char **argv, int invert, unsigned int *flags, - const struct ipt_entry *entry, -@@ -289,43 +199,6 @@ - printf("%s", service); - } - --/* Prints out the matchinfo. */ --static void --print(const struct ipt_ip *ip, -- const struct ipt_entry_match *match, -- int numeric) --{ -- const struct ipt_multiport *multiinfo -- = (const struct ipt_multiport *)match->data; -- unsigned int i; -- -- printf("multiport "); -- -- switch (multiinfo->flags) { -- case IPT_MULTIPORT_SOURCE: -- printf("sports "); -- break; -- -- case IPT_MULTIPORT_DESTINATION: -- printf("dports "); -- break; -- -- case IPT_MULTIPORT_EITHER: -- printf("ports "); -- break; -- -- default: -- printf("ERROR "); -- break; -- } -- -- for (i=0; i < multiinfo->count; i++) { -- printf("%s", i ? "," : ""); -- print_port(multiinfo->ports[i], ip->proto, numeric); -- } -- printf(" "); --} -- - static void - print_v1(const struct ipt_ip *ip, - const struct ipt_entry_match *match, -@@ -369,34 +242,6 @@ - printf(" "); - } - --/* Saves the union ipt_matchinfo in parsable form to stdout. */ --static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match) --{ -- const struct ipt_multiport *multiinfo -- = (const struct ipt_multiport *)match->data; -- unsigned int i; -- -- switch (multiinfo->flags) { -- case IPT_MULTIPORT_SOURCE: -- printf("--sports "); -- break; -- -- case IPT_MULTIPORT_DESTINATION: -- printf("--dports "); -- break; -- -- case IPT_MULTIPORT_EITHER: -- printf("--ports "); -- break; -- } -- -- for (i=0; i < multiinfo->count; i++) { -- printf("%s", i ? "," : ""); -- print_port(multiinfo->ports[i], ip->proto, 1); -- } -- printf(" "); --} -- - static void save_v1(const struct ipt_ip *ip, - const struct ipt_entry_match *match) - { -@@ -432,19 +277,20 @@ - printf(" "); - } - -+ - static struct iptables_match multiport = { - .next = NULL, - .name = "multiport", -- .revision = 0, - .version = IPTABLES_VERSION, -- .size = IPT_ALIGN(sizeof(struct ipt_multiport)), -- .userspacesize = IPT_ALIGN(sizeof(struct ipt_multiport)), -- .help = &help, -+ .revision = 0, -+ .size = IPT_ALIGN(sizeof(struct ipt_multiport_v1)), -+ .userspacesize = IPT_ALIGN(sizeof(struct ipt_multiport_v1)), -+ .help = &help_v1, - .init = &init, -- .parse = &parse, -+ .parse = &parse_v1, - .final_check = &final_check, -- .print = &print, -- .save = &save, -+ .print = &print_v1, -+ .save = &save_v1, - .extra_opts = opts - }; - diff --git a/package/iptables/patches/05-imq1.patch b/package/iptables/patches/05-imq1.patch deleted file mode 100644 index 4591890304..0000000000 --- a/package/iptables/patches/05-imq1.patch +++ /dev/null @@ -1,224 +0,0 @@ -diff -urN iptables.old/extensions/.IMQ-test iptables.dev/extensions/.IMQ-test ---- iptables.old/extensions/.IMQ-test 1970-01-01 01:00:00.000000000 +0100 -+++ iptables.dev/extensions/.IMQ-test 2005-10-09 01:00:36.358959750 +0200 -@@ -0,0 +1,3 @@ -+#!/bin/sh -+# True if IMQ target patch is applied. -+[ -f $KERNEL_DIR/net/ipv4/netfilter/ipt_IMQ.c ] && echo IMQ -diff -urN iptables.old/extensions/.IMQ-test6 iptables.dev/extensions/.IMQ-test6 ---- iptables.old/extensions/.IMQ-test6 1970-01-01 01:00:00.000000000 +0100 -+++ iptables.dev/extensions/.IMQ-test6 2005-10-09 01:00:36.358959750 +0200 -@@ -0,0 +1,3 @@ -+#!/bin/sh -+# True if IMQ target patch is applied. -+[ -f $KERNEL_DIR/net/ipv6/netfilter/ip6t_IMQ.c ] && echo IMQ -diff -urN iptables.old/extensions/libip6t_IMQ.c iptables.dev/extensions/libip6t_IMQ.c ---- iptables.old/extensions/libip6t_IMQ.c 1970-01-01 01:00:00.000000000 +0100 -+++ iptables.dev/extensions/libip6t_IMQ.c 2005-10-09 01:00:36.358959750 +0200 -@@ -0,0 +1,101 @@ -+/* Shared library add-on to iptables to add IMQ target support. */ -+#include -+#include -+#include -+#include -+ -+#include -+#include -+#include -+ -+/* Function which prints out usage message. */ -+static void -+help(void) -+{ -+ printf( -+"IMQ target v%s options:\n" -+" --todev enqueue to imq, defaults to 0\n", -+IPTABLES_VERSION); -+} -+ -+static struct option opts[] = { -+ { "todev", 1, 0, '1' }, -+ { 0 } -+}; -+ -+/* Initialize the target. */ -+static void -+init(struct ip6t_entry_target *t, unsigned int *nfcache) -+{ -+ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)t->data; -+ -+ mr->todev = 0; -+ *nfcache |= NFC_UNKNOWN; -+} -+ -+/* Function which parses command options; returns true if it -+ ate an option */ -+static int -+parse(int c, char **argv, int invert, unsigned int *flags, -+ const struct ip6t_entry *entry, -+ struct ip6t_entry_target **target) -+{ -+ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)(*target)->data; -+ -+ switch(c) { -+ case '1': -+ if (check_inverse(optarg, &invert, NULL, 0)) -+ exit_error(PARAMETER_PROBLEM, -+ "Unexpected `!' after --todev"); -+ mr->todev=atoi(optarg); -+ break; -+ default: -+ return 0; -+ } -+ return 1; -+} -+ -+static void -+final_check(unsigned int flags) -+{ -+} -+ -+/* Prints out the targinfo. */ -+static void -+print(const struct ip6t_ip6 *ip, -+ const struct ip6t_entry_target *target, -+ int numeric) -+{ -+ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)target->data; -+ -+ printf("IMQ: todev %u ", mr->todev); -+} -+ -+/* Saves the union ipt_targinfo in parsable form to stdout. */ -+static void -+save(const struct ip6t_ip6 *ip, const struct ip6t_entry_target *target) -+{ -+ struct ip6t_imq_info *mr = (struct ip6t_imq_info*)target->data; -+ -+ printf("--todev %u", mr->todev); -+} -+ -+static struct ip6tables_target imq = { -+ .next = NULL, -+ .name = "IMQ", -+ .version = IPTABLES_VERSION, -+ .size = IP6T_ALIGN(sizeof(struct ip6t_imq_info)), -+ .userspacesize = IP6T_ALIGN(sizeof(struct ip6t_imq_info)), -+ .help = &help, -+ .init = &init, -+ .parse = &parse, -+ .final_check = &final_check, -+ .print = &print, -+ .save = &save, -+ .extra_opts = opts -+}; -+ -+void _init(void) -+{ -+ register_target6(&imq); -+} -diff -urN iptables.old/extensions/libipt_IMQ.c iptables.dev/extensions/libipt_IMQ.c ---- iptables.old/extensions/libipt_IMQ.c 1970-01-01 01:00:00.000000000 +0100 -+++ iptables.dev/extensions/libipt_IMQ.c 2005-10-09 01:00:36.358959750 +0200 -@@ -0,0 +1,101 @@ -+/* Shared library add-on to iptables to add IMQ target support. */ -+#include -+#include -+#include -+#include -+ -+#include -+#include -+#include -+ -+/* Function which prints out usage message. */ -+static void -+help(void) -+{ -+ printf( -+"IMQ target v%s options:\n" -+" --todev enqueue to imq, defaults to 0\n", -+IPTABLES_VERSION); -+} -+ -+static struct option opts[] = { -+ { "todev", 1, 0, '1' }, -+ { 0 } -+}; -+ -+/* Initialize the target. */ -+static void -+init(struct ipt_entry_target *t, unsigned int *nfcache) -+{ -+ struct ipt_imq_info *mr = (struct ipt_imq_info*)t->data; -+ -+ mr->todev = 0; -+ *nfcache |= NFC_UNKNOWN; -+} -+ -+/* Function which parses command options; returns true if it -+ ate an option */ -+static int -+parse(int c, char **argv, int invert, unsigned int *flags, -+ const struct ipt_entry *entry, -+ struct ipt_entry_target **target) -+{ -+ struct ipt_imq_info *mr = (struct ipt_imq_info*)(*target)->data; -+ -+ switch(c) { -+ case '1': -+ if (check_inverse(optarg, &invert, NULL, 0)) -+ exit_error(PARAMETER_PROBLEM, -+ "Unexpected `!' after --todev"); -+ mr->todev=atoi(optarg); -+ break; -+ default: -+ return 0; -+ } -+ return 1; -+} -+ -+static void -+final_check(unsigned int flags) -+{ -+} -+ -+/* Prints out the targinfo. */ -+static void -+print(const struct ipt_ip *ip, -+ const struct ipt_entry_target *target, -+ int numeric) -+{ -+ struct ipt_imq_info *mr = (struct ipt_imq_info*)target->data; -+ -+ printf("IMQ: todev %u ", mr->todev); -+} -+ -+/* Saves the union ipt_targinfo in parsable form to stdout. */ -+static void -+save(const struct ipt_ip *ip, const struct ipt_entry_target *target) -+{ -+ struct ipt_imq_info *mr = (struct ipt_imq_info*)target->data; -+ -+ printf("--todev %u", mr->todev); -+} -+ -+static struct iptables_target imq = { -+ .next = NULL, -+ .name = "IMQ", -+ .version = IPTABLES_VERSION, -+ .size = IPT_ALIGN(sizeof(struct ipt_imq_info)), -+ .userspacesize = IPT_ALIGN(sizeof(struct ipt_imq_info)), -+ .help = &help, -+ .init = &init, -+ .parse = &parse, -+ .final_check = &final_check, -+ .print = &print, -+ .save = &save, -+ .extra_opts = opts -+}; -+ -+void _init(void) -+{ -+ register_target(&imq); -+} diff --git a/package/iptables/patches/06-iprange-typesh.patch b/package/iptables/patches/06-iprange-typesh.patch deleted file mode 100644 index 2dc60d44b3..0000000000 --- a/package/iptables/patches/06-iprange-typesh.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- iptables-1.3.5/extensions/libipt_iprange.c.orig 2006-12-05 19:28:58.000000000 +0100 -+++ iptables-1.3.5/extensions/libipt_iprange.c 2006-12-05 19:30:28.000000000 +0100 -@@ -6,6 +6,7 @@ - #include - - #include -+#include - #include - - /* Function which prints out usage message. */ diff --git a/package/iptables/patches/07-ifname_warning.patch b/package/iptables/patches/07-ifname_warning.patch deleted file mode 100644 index d6ffe13847..0000000000 --- a/package/iptables/patches/07-ifname_warning.patch +++ /dev/null @@ -1,28 +0,0 @@ -diff -ur iptables.old/ip6tables.c iptables.dev/ip6tables.c ---- iptables.old/ip6tables.c 2006-01-30 09:43:12.000000000 +0100 -+++ iptables.dev/ip6tables.c 2007-01-02 00:29:50.000000000 +0100 -@@ -857,8 +857,9 @@ - for (i = 0; vianame[i]; i++) { - if (!isalnum(vianame[i]) - && vianame[i] != '_' -+ && vianame[i] != '-' - && vianame[i] != '.') { -- printf("Warning: wierd character in interface" -+ printf("Warning: weird character in interface" - " `%s' (No aliases, :, ! or *).\n", - vianame); - break; -diff -ur iptables.old/iptables.c iptables.dev/iptables.c ---- iptables.old/iptables.c 2006-01-30 09:43:09.000000000 +0100 -+++ iptables.dev/iptables.c 2007-01-02 00:29:38.000000000 +0100 -@@ -805,8 +805,9 @@ - for (i = 0; vianame[i]; i++) { - if (!isalnum(vianame[i]) - && vianame[i] != '_' -+ && vianame[i] != '-' - && vianame[i] != '.') { -- printf("Warning: wierd character in interface" -+ printf("Warning: weird character in interface" - " `%s' (No aliases, :, ! or *).\n", - vianame); - break; diff --git a/package/iptables/patches/08-chaostables.patch b/package/iptables/patches/08-chaostables.patch deleted file mode 100644 index 7fc1aab456..0000000000 --- a/package/iptables/patches/08-chaostables.patch +++ /dev/null @@ -1,336 +0,0 @@ -diff -ruN iptables-1.3.5.orig/extensions/.CHAOS-test iptables-1.3.5/extensions/.CHAOS-test ---- iptables-1.3.5.orig/extensions/.CHAOS-test 1970-01-01 01:00:00.000000000 +0100 -+++ iptables-1.3.5/extensions/.CHAOS-test 2007-01-09 16:05:23.251885840 +0100 -@@ -0,0 +1,2 @@ -+#!/bin/sh -+[ -f "$KERNEL_DIR/include/linux/netfilter/xt_CHAOS.h" ] && echo "CHAOS"; -diff -ruN iptables-1.3.5.orig/extensions/.DELUDE-test iptables-1.3.5/extensions/.DELUDE-test ---- iptables-1.3.5.orig/extensions/.DELUDE-test 1970-01-01 01:00:00.000000000 +0100 -+++ iptables-1.3.5/extensions/.DELUDE-test 2007-01-09 16:05:18.104057722 +0100 -@@ -0,0 +1,2 @@ -+#!/bin/sh -+echo "DELUDE"; -diff -ruN iptables-1.3.5.orig/extensions/libipt_CHAOS.c iptables-1.3.5/extensions/libipt_CHAOS.c ---- iptables-1.3.5.orig/extensions/libipt_CHAOS.c 1970-01-01 01:00:00.000000000 +0100 -+++ iptables-1.3.5/extensions/libipt_CHAOS.c 2007-01-09 16:05:23.251885840 +0100 -@@ -0,0 +1,111 @@ -+/* -+ CHAOS target for iptables -+ -+ Copyright © Jan Engelhardt , 2006 - 2007 -+ released under the terms of the GNU General Public -+ License version 2.x and only versions 2.x. -+*/ -+#include -+#include -+#include -+ -+#include -+#include -+#include -+ -+static void libipt_chaos_help(void) -+{ -+ printf( -+ "CHAOS target v%s options:\n" -+ " --delude Enable DELUDE processing for TCP\n" -+ " --tarpit Enable TARPIT processing for TCP\n", -+ IPTABLES_VERSION); -+ return; -+} -+ -+static int libipt_chaos_parse(int c, char **argv, int invert, -+ unsigned int *flags, const struct ipt_entry *entry, -+ struct ipt_entry_target **target) -+{ -+ struct xt_chaos_info *info = (void *)((*target)->data); -+ switch(c) { -+ case 'd': -+ info->variant = XTCHAOS_DELUDE; -+ *flags |= 0x02; -+ return 1; -+ case 't': -+ info->variant = XTCHAOS_TARPIT; -+ *flags |= 0x01; -+ return 1; -+ } -+ return 0; -+} -+ -+static void libipt_chaos_check(unsigned int flags) -+{ -+ if(flags != 0x03) -+ return; -+ /* If flags == 0x03, both were specified, which should not be. */ -+ exit_error(PARAMETER_PROBLEM, -+ "CHAOS: only one of --tarpit or --delude may be specified"); -+ return; -+} -+ -+static void libipt_chaos_print(const struct ipt_ip *ip, -+ const struct ipt_entry_target *target, int numeric) -+{ -+ const struct xt_chaos_info *info = (const void *)target->data; -+ switch(info->variant) { -+ case XTCHAOS_DELUDE: -+ printf("DELUDE "); -+ break; -+ case XTCHAOS_TARPIT: -+ printf("TARPIT "); -+ break; -+ default: -+ break; -+ } -+ return; -+} -+ -+static void libipt_chaos_save(const struct ipt_ip *ip, -+ const struct ipt_entry_target *target) -+{ -+ const struct xt_chaos_info *info = (const void *)target->data; -+ switch(info->variant) { -+ case XTCHAOS_DELUDE: -+ printf("--delude "); -+ break; -+ case XTCHAOS_TARPIT: -+ printf("--tarpit "); -+ break; -+ default: -+ break; -+ } -+ return; -+} -+ -+static struct option libipt_chaos_opts[] = { -+ {"delude", 0, NULL, 'd'}, -+ {"tarpit", 0, NULL, 't'}, -+ {NULL}, -+}; -+ -+static struct iptables_target libipt_chaos_info = { -+ .name = "CHAOS", -+ .version = IPTABLES_VERSION, -+ .size = IPT_ALIGN(sizeof(struct xt_chaos_info)), -+ .userspacesize = IPT_ALIGN(sizeof(struct xt_chaos_info)), -+ .help = libipt_chaos_help, -+ .parse = libipt_chaos_parse, -+ .final_check = libipt_chaos_check, -+ .print = libipt_chaos_print, -+ .save = libipt_chaos_save, -+ .extra_opts = libipt_chaos_opts, -+}; -+ -+static __attribute__((constructor)) void libipt_chaos_init(void) -+{ -+ register_target(&libipt_chaos_info); -+ return; -+} -diff -ruN iptables-1.3.5.orig/extensions/libipt_DELUDE.c iptables-1.3.5/extensions/libipt_DELUDE.c ---- iptables-1.3.5.orig/extensions/libipt_DELUDE.c 1970-01-01 01:00:00.000000000 +0100 -+++ iptables-1.3.5/extensions/libipt_DELUDE.c 2007-01-09 16:05:18.104057722 +0100 -@@ -0,0 +1,66 @@ -+/* -+ DELUDE target for iptables -+ -+ Copyright © Jan Engelhardt , 2006 - 2007 -+ released under the terms of the GNU General Public -+ License version 2.x and only versions 2.x. -+*/ -+#include -+#include -+#include -+ -+#include -+#include -+ -+static void libipt_delude_help(void) -+{ -+ printf("DELUDE takes no options\n"); -+ return; -+} -+ -+static int libipt_delude_parse(int c, char **argv, int invert, -+ unsigned int *flags, const struct ipt_entry *entry, -+ struct ipt_entry_target **target) -+{ -+ return 0; -+} -+ -+static void libipt_delude_check(unsigned int flags) -+{ -+ return; -+} -+ -+static void libipt_delude_print(const struct ipt_ip *ip, -+ const struct ipt_entry_target *target, int numeric) -+{ -+ return; -+} -+ -+static void libipt_delude_save(const struct ipt_ip *ip, -+ const struct ipt_entry_target *target) -+{ -+ return; -+} -+ -+static struct option libipt_delude_opts[] = { -+ {NULL}, -+}; -+ -+static struct iptables_target libipt_delude_info = { -+ .name = "DELUDE", -+ .version = IPTABLES_VERSION, -+ .size = IPT_ALIGN(0), -+ .userspacesize = IPT_ALIGN(0), -+ .help = libipt_delude_help, -+ .parse = libipt_delude_parse, -+ .final_check = libipt_delude_check, -+ .print = libipt_delude_print, -+ .save = libipt_delude_save, -+ .extra_opts = libipt_delude_opts, -+}; -+ -+static __attribute__((constructor)) void libipt_delude_init(void) -+{ -+ register_target(&libipt_delude_info); -+ return; -+} -diff -ruN iptables-1.3.5.orig/extensions/libipt_portscan.c iptables-1.3.5/extensions/libipt_portscan.c ---- iptables-1.3.5.orig/extensions/libipt_portscan.c 1970-01-01 01:00:00.000000000 +0100 -+++ iptables-1.3.5/extensions/libipt_portscan.c 2007-01-09 16:05:14.228187134 +0100 -@@ -0,0 +1,129 @@ -+/* -+ portscan match for iptables -+ -+ Copyright © Jan Engelhardt , 2006 - 2007 -+ released under the terms of the GNU General Public -+ License version 2.x and only versions 2.x. -+*/ -+#include -+#include -+#include -+#include -+ -+#include -+#include -+#include -+ -+static void libipt_portscan_help(void) -+{ -+ printf( -+ "portscan match v%s options:\n" -+ "(Combining them will make them match by OR-logic)\n" -+ " --stealth Match TCP Stealth packets\n" -+ " --synscan Match TCP SYN scans\n" -+ " --cnscan Match TCP Connect scans\n" -+ " --grscan Match Banner Grabbing scans\n", -+ IPTABLES_VERSION); -+ return; -+} -+ -+static void libipt_portscan_mtinit(struct ipt_entry_match *match, -+ unsigned int *nfcache) -+{ -+ /* Cannot cache this */ -+ *nfcache |= NFC_UNKNOWN; -+ return; -+} -+ -+static int libipt_portscan_parse(int c, char **argv, int invert, -+ unsigned int *flags, const struct ipt_entry *entry, unsigned int *nfc, -+ struct ipt_entry_match **match) -+{ -+ struct xt_portscan_info *info = (void *)((*match)->data); -+ -+ switch(c) { -+ case 'c': -+ info->match_cn = 1; -+ return 1; -+ case 'g': -+ info->match_gr = 1; -+ return 1; -+ case 's': -+ info->match_syn = 1; -+ return 1; -+ case 'x': -+ info->match_stealth = 1; -+ return 1; -+ default: -+ return 0; -+ } -+} -+ -+static void libipt_portscan_check(unsigned int flags) -+{ -+ return; -+} -+ -+static void libipt_portscan_print(const struct ipt_ip *ip, -+ const struct ipt_entry_match *match, int numeric) -+{ -+ const struct xt_portscan_info *info = (const void *)(match->data); -+ const char *s = ""; -+ -+ printf("portscan "); -+ if(info->match_stealth) { -+ printf("STEALTH"); -+ s = ","; -+ } -+ if(info->match_syn) { -+ printf("%sSYNSCAN", s); -+ s = ","; -+ } -+ if(info->match_cn) { -+ printf("%sCNSCAN", s); -+ s = ","; -+ } -+ if(info->match_gr) -+ printf("%sGRSCAN", s); -+ printf(" "); -+ return; -+} -+ -+static void libipt_portscan_save(const struct ipt_ip *ip, -+ const struct ipt_entry_match *match) -+{ -+ const struct xt_portscan_info *info = (const void *)(match->data); -+ if(info->match_stealth) printf("--stealth "); -+ if(info->match_syn) printf("--synscan "); -+ if(info->match_cn) printf("--cnscan "); -+ if(info->match_gr) printf("--grscan "); -+ return; -+} -+ -+static struct option libipt_portscan_opts[] = { -+ {"stealth", 0, NULL, 'x'}, -+ {"synscan", 0, NULL, 's'}, -+ {"cnscan", 0, NULL, 'c'}, -+ {"grscan", 0, NULL, 'g'}, -+ {NULL}, -+}; -+ -+static struct iptables_match libipt_portscan_info = { -+ .name = "portscan", -+ .version = IPTABLES_VERSION, -+ .size = IPT_ALIGN(sizeof(struct xt_portscan_info)), -+ .userspacesize = IPT_ALIGN(sizeof(struct xt_portscan_info)), -+ .help = libipt_portscan_help, -+ .init = libipt_portscan_mtinit, -+ .parse = libipt_portscan_parse, -+ .final_check = libipt_portscan_check, -+ .print = libipt_portscan_print, -+ .save = libipt_portscan_save, -+ .extra_opts = libipt_portscan_opts, -+}; -+ -+static __attribute__((constructor)) void libipt_portscan_init(void) -+{ -+ register_match(&libipt_portscan_info); -+ return; -+} -diff -ruN iptables-1.3.5.orig/extensions/.portscan-test iptables-1.3.5/extensions/.portscan-test ---- iptables-1.3.5.orig/extensions/.portscan-test 1970-01-01 01:00:00.000000000 +0100 -+++ iptables-1.3.5/extensions/.portscan-test 2007-01-09 16:05:14.228187134 +0100 -@@ -0,0 +1,2 @@ -+#!/bin/sh -+[ -f "$KERNEL_DIR/include/linux/netfilter/xt_portscan.h" ] && echo "portscan"; diff --git a/package/keynote/patches/001-build.patch b/package/keynote/patches/001-build.patch new file mode 100644 index 0000000000..05351f714c --- /dev/null +++ b/package/keynote/patches/001-build.patch @@ -0,0 +1,327 @@ +diff -ru keynote-2.3/configure.in keynote-2.3.new/configure.in +--- keynote-2.3/configure.in 2000-09-27 01:16:28.000000000 +0200 ++++ keynote-2.3.new/configure.in 2004-01-16 11:34:03.991537404 +0100 +@@ -21,19 +21,13 @@ + AC_PATH_PROG(ECHO, echo, /bin/echo) + AC_PATH_PROG(SED, sed, /usr/bin/sed) + +-dnl Checks for libraries. +-LIBS="-L/usr/lib -L/usr/local/lib -L/usr/ssl/lib -L/usr/openssl/lib\ +- -L/usr/local/ssl/lib -L/usr/local/openssl/lib -L/usr/pkg/lib -L/pkg/lib" +- + AC_CHECK_LIB(m, floor, LIBS="$LIBS -lm") + AC_CHECK_LIB(rsaref, RSAPrivateDecrypt, LIBS="$LIBS -lrsaref") + AC_CHECK_LIB(crypto, i2a_ASN1_STRING, LIBS="$LIBS -lcrypto") + AC_CHECK_LIB(RSAglue, RSA_ref_private_encrypt, LIBS="$LIBS -lRSAglue") + + dnl Checks for header files. +-CPPFLAGS="-I/usr/include -I/usr/local/include -I/usr/ssl/include\ +- -I/usr/local/ssl/include -I/usr/openssl/include -I/usr/pkg/include\ +- -I/usr/local/openssl/include -I/pkg/include" ++CPPFLAGS="-I/usr/include/openssl" + + AC_HEADER_STDC + AC_HEADER_TIME +diff -ru keynote-2.3/keynote-keygen.c keynote-2.3.new/keynote-keygen.c +--- keynote-2.3/keynote-keygen.c 2000-09-27 02:09:13.000000000 +0200 ++++ keynote-2.3.new/keynote-keygen.c 2004-01-16 11:32:06.652242269 +0100 +@@ -161,7 +161,7 @@ + if (strlen(algname) + 2 > prlen) + { + fprintf(stderr, "Parameter ``print-length'' should be larger " +- "than the length of AlgorithmName (%d)\n", strlen(algname)); ++ "than the length of AlgorithmName (%lu)\n", strlen(algname)); + exit(-1); + } + +diff -ru keynote-2.3/keynote.l keynote-2.3.new/keynote.l +--- keynote-2.3/keynote.l 2000-08-11 22:49:13.000000000 +0200 ++++ keynote-2.3.new/keynote.l 2004-01-16 11:17:29.910430978 +0100 +@@ -61,7 +61,8 @@ struct lex_list + static struct lex_list *keynote_lex_list = (struct lex_list *) NULL; + static int keynote_max_lex_list = 32; + static int keynote_lex_counter = 0; +-static int first_tok = 0; ++extern int first_tok; ++int first_tok = 0; + %} + digit [0-9] + specnumber [1-9][0-9]* +@@ -766,7 +767,7 @@ + if (0) + { + yyunput(0, NULL); +- yy_flex_realloc(0, NULL); ++ yy_flex_realloc(NULL, 0); + } + + return en; +diff -ru keynote-2.3/keynote-ver.l keynote-2.3.new/keynote-ver.l +--- keynote-2.3/keynote-ver.l 2000-08-11 22:49:13.000000000 +0200 ++++ keynote-2.3.new/keynote-ver.l 2004-01-16 11:31:14.667107044 +0100 +@@ -267,7 +267,7 @@ + if (0) + { + yyunput(0, NULL); +- yy_flex_realloc(0, NULL); ++ yy_flex_realloc(NULL, 0); + } + } + +diff -ru keynote-2.3/keynote-ver.y keynote-2.3.new/keynote-ver.y +--- keynote-2.3/keynote-ver.y 1999-10-12 00:34:29.000000000 +0200 ++++ keynote-2.3.new/keynote-ver.y 2004-01-16 11:07:19.709634736 +0100 +@@ -49,7 +49,7 @@ + return keynote_errno; + free($1); + } +- ++ ; + expr: VSTRING EQ STRING { int i = kn_add_action(sessid, $1, $3, 0); + + if (i != 0) +@@ -64,6 +64,7 @@ + free($1); + free($3); + } expr ++ ; + %% + void + kverror(char *s) +diff -ru keynote-2.3/keynote.y keynote-2.3.new/keynote.y +--- keynote-2.3/keynote.y 2000-06-14 08:28:23.000000000 +0200 ++++ keynote-2.3.new/keynote.y 2004-01-16 11:14:55.365898229 +0100 +@@ -73,8 +73,7 @@ + %} + %% + +-grammarswitch: LOCINI { keynote_exceptionflag = keynote_donteval = 0; } +- localinit ++grammarswitch: LOCINI { keynote_exceptionflag = keynote_donteval = 0; } localinit + | ACTSTR { keynote_exceptionflag = keynote_donteval = 0; } program + | KEYPRE { keynote_exceptionflag = keynote_donteval = 0; } + keypredicate +@@ -91,17 +90,17 @@ + STRING { keynote_lex_remove($3); + keynote_privkey = $3; + } +- ++ ; + keypredicate: /* Nothing */ { keynote_returnvalue = 0; + return 0; + } + | notemptykeypredicate { keynote_returnvalue = $1; + return 0; + } +- ++ ; + notemptykeypredicate: key { $$ = $1; } + | keyexp { $$ = $1; } +- ++ ; + keyexp: notemptykeypredicate AND { if (($1 == 0) && !keynote_justrecord) + keynote_donteval = 1; + } notemptykeypredicate +@@ -138,7 +137,7 @@ + else + $$ = 0; + } /* K-th */ +- ++ ; + keylist: key + { /* Don't do anything if we're just recording */ + if (!keynote_justrecord && !keynote_donteval) +@@ -155,7 +154,7 @@ + + keylistcount++; + } +- ++ ; + key: str { + if (keynote_donteval) + $$ = 0; +@@ -193,10 +192,10 @@ + } + } + } +- ++ ; + localinit: /* Nothing */ + | localconstants +- ++ ; + localconstants: VARIABLE EQQ STRING + { + int i; +@@ -265,12 +264,12 @@ + if (i != RESULT_TRUE) + return -1; + } localconstants +- ++ ; + program: prog { + keynote_returnvalue = $1; + return 0; + } +- ++ ; + prog: /* Nada */ { $$ = 0; } + | notemptyprog { + /* +@@ -285,7 +284,7 @@ + else + $$ = $4; + } +- ++ ; + notemptyprog: expr HINT afterhint + { + if (checkexception($1)) +@@ -300,7 +299,7 @@ + else + $$ = 0; + } +- ++ ; + afterhint: str { if (keynote_exceptionflag || keynote_donteval) + $$ = 0; + else +@@ -315,7 +314,7 @@ + } + } + | OPENBLOCK prog CLOSEBLOCK { $$ = $2; } +- ++ ; + + expr: OPENPAREN expr CLOSEPAREN { $$ = $2; } + | expr AND { if ($1 == 0) +@@ -334,19 +333,19 @@ + | stringexp { $$ = $1; } + | TRUE { $$ = 1; } + | FALSE { $$ = 0; } +- ++ ; + numexp: numex LT numex { $$ = $1 < $3; } + | numex GT numex { $$ = $1 > $3; } + | numex EQ numex { $$ = $1 == $3; } + | numex LE numex { $$ = $1 <= $3; } + | numex GE numex { $$ = $1 >= $3; } + | numex NE numex { $$ = $1 != $3; } +- ++ ; + floatexp: floatex LT floatex { $$ = $1 < $3; } + | floatex GT floatex { $$ = $1 > $3; } + | floatex LE floatex { $$ = $1 <= $3; } + | floatex GE floatex { $$ = $1 >= $3; } +- ++ ; + numex: numex PLUS numex { $$ = $1 + $3; } + | numex MINUS numex { $$ = $1 - $3; } + | numex MULT numex { $$ = $1 * $3; } +@@ -384,7 +383,7 @@ + free($2); + } + } +- ++ ; + floatex: floatex PLUS floatex { $$ = ($1 + $3); } + | floatex MINUS floatex { $$ = ($1 - $3); } + | floatex MULT floatex { $$ = ($1 * $3); } +@@ -418,7 +417,7 @@ + free($2); + } + } +- ++ ; + stringexp: str EQ str { + if (keynote_exceptionflag || keynote_donteval) + $$ = 0; +@@ -529,9 +528,9 @@ + if (i == 0) + { + #if !defined(HAVE_SNPRINTF) +- sprintf(grp, "%d", preg.re_nsub); ++ sprintf(grp, "%d", (int)preg.re_nsub); + #else /* !HAVE_SNPRINTF */ +- snprintf(grp, 3, "%d", preg.re_nsub); ++ snprintf(grp, 3, "%d", (int)preg.re_nsub); + #endif /* !HAVE_SNPRINTF */ + if (keynote_env_add("_0", grp, &keynote_temp_list, + 1, 0) != RESULT_TRUE) +@@ -579,7 +578,7 @@ + } + } + } +- ++ ; + str: str DOTT str { if (keynote_exceptionflag || keynote_donteval) + $$ = (char *) NULL; + else +@@ -605,7 +604,7 @@ + } + } + | strnotconcat { $$ = $1; } +- ++ ; + strnotconcat: STRING { $$ = $1; } + | OPENPAREN str CLOSEPAREN { $$ = $2; } + | VARIABLE { if (keynote_exceptionflag || keynote_donteval) +@@ -660,6 +659,7 @@ + return -1; + } + } ++ ; + %% + + /* +diff -ru keynote-2.3/Makefile.in keynote-2.3.new/Makefile.in +--- keynote-2.3/Makefile.in 2000-09-27 01:16:27.000000000 +0200 ++++ keynote-2.3.new/Makefile.in 2004-01-16 11:35:38.841528129 +0100 +@@ -41,7 +41,7 @@ + YACCFLAGS = -d -p kn -b k + LEXFLAGS2 = -Pkv -s -i + LEXFLAGS = -Cr -Pkn -s -i +-CFLAGS = -O2 -Wall # -g ++CFLAGS = -O2 -Wall -fno-strict-aliasing # -g + RMFLAGS2 = -rf + RMFLAGS = -f + NROFFFLAGS = -mandoc +diff -ru keynote-2.3/signature.c keynote-2.3.new/signature.c +--- keynote-2.3/signature.c 1999-10-12 00:34:31.000000000 +0200 ++++ keynote-2.3.new/signature.c 2004-01-16 11:30:48.062084986 +0100 +@@ -515,7 +515,7 @@ + kk = dc->dec_key; + if (keytype == KEYNOTE_PRIVATE_KEY) + { +- if (d2i_DSAPrivateKey((DSA **) &kk, &decoded, len) == (DSA *) NULL) ++ if (d2i_DSAPrivateKey((DSA **) &kk, (const unsigned char **) &decoded, len) == (DSA *) NULL) + { + if (ptr != (unsigned char *) NULL) + free(ptr); +@@ -526,7 +526,7 @@ + } + else + { +- if (d2i_DSAPublicKey((DSA **) &kk, &decoded, len) == (DSA *) NULL) ++ if (d2i_DSAPublicKey((DSA **) &kk, (const unsigned char **) &decoded, len) == (DSA *) NULL) + { + if (ptr != (unsigned char *) NULL) + free(ptr); +@@ -556,7 +556,7 @@ + kk = dc->dec_key; + if (keytype == KEYNOTE_PRIVATE_KEY) + { +- if (d2i_RSAPrivateKey((RSA **) &kk, &decoded, len) == (RSA *) NULL) ++ if (d2i_RSAPrivateKey((RSA **) &kk, (const unsigned char **) &decoded, len) == (RSA *) NULL) + { + if (ptr != (unsigned char *) NULL) + free(ptr); +@@ -567,7 +567,7 @@ + } + else + { +- if (d2i_RSAPublicKey((RSA **) &kk, &decoded, len) == (RSA *) NULL) ++ if (d2i_RSAPublicKey((RSA **) &kk, (const unsigned char **) &decoded, len) == (RSA *) NULL) + { + if (ptr != (unsigned char *) NULL) + free(ptr); diff --git a/package/keynote/patches/002-cross_compile.patch b/package/keynote/patches/002-cross_compile.patch new file mode 100644 index 0000000000..c6d5365507 --- /dev/null +++ b/package/keynote/patches/002-cross_compile.patch @@ -0,0 +1,586 @@ +diff -urN keynote-2.3/configure keynote-2.3.new/configure +--- keynote-2.3/configure 2000-09-27 01:16:28.000000000 +0200 ++++ keynote-2.3.new/configure 2006-09-01 19:16:35.000000000 +0200 +@@ -889,52 +889,10 @@ + done + test -n "$YACC" || YACC="yacc" + +-for ac_prog in openssl ssleay +-do +-# Extract the first word of "$ac_prog", so it can be a program name with args. +-set dummy $ac_prog; ac_word=$2 +-echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +-echo "configure:898: checking for $ac_word" >&5 +-if eval "test \"`echo '$''{'ac_cv_path_SSLEAY'+set}'`\" = set"; then +- echo $ac_n "(cached) $ac_c" 1>&6 +-else +- case "$SSLEAY" in +- /*) +- ac_cv_path_SSLEAY="$SSLEAY" # Let the user override the test with a path. +- ;; +- ?:/*) +- ac_cv_path_SSLEAY="$SSLEAY" # Let the user override the test with a dos path. +- ;; +- *) +- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" +- ac_dummy="\ +- $PATH:/usr/local/bin:/usr/local/ssl/sbin:/usr/local/ssl/bin:/usr/ssl/bin:/usr/ssl/sbin:/usr/sbin:/usr/openssl/bin:/usr/openssl/bin:/usr/local/openssl/bin:/usr/local/openssl/sbin" +- for ac_dir in $ac_dummy; do +- test -z "$ac_dir" && ac_dir=. +- if test -f $ac_dir/$ac_word; then +- ac_cv_path_SSLEAY="$ac_dir/$ac_word" +- break +- fi +- done +- IFS="$ac_save_ifs" +- ;; +-esac +-fi +-SSLEAY="$ac_cv_path_SSLEAY" +-if test -n "$SSLEAY"; then +- echo "$ac_t""$SSLEAY" 1>&6 +-else +- echo "$ac_t""no" 1>&6 +-fi +- +-test -n "$SSLEAY" && break +-done +-test -n "$SSLEAY" || SSLEAY="/usr/local/bin/ssleay" +- + # Extract the first word of "rm", so it can be a program name with args. + set dummy rm; ac_word=$2 + echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +-echo "configure:938: checking for $ac_word" >&5 ++echo "configure:896: checking for $ac_word" >&5 + if eval "test \"`echo '$''{'ac_cv_path_RM'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else +@@ -970,7 +928,7 @@ + # Extract the first word of "ar", so it can be a program name with args. + set dummy ar; ac_word=$2 + echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +-echo "configure:974: checking for $ac_word" >&5 ++echo "configure:932: checking for $ac_word" >&5 + if eval "test \"`echo '$''{'ac_cv_path_AR'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else +@@ -1006,7 +964,7 @@ + # Extract the first word of "nroff", so it can be a program name with args. + set dummy nroff; ac_word=$2 + echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +-echo "configure:1010: checking for $ac_word" >&5 ++echo "configure:968: checking for $ac_word" >&5 + if eval "test \"`echo '$''{'ac_cv_path_NROFF'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else +@@ -1042,7 +1000,7 @@ + # Extract the first word of "tar", so it can be a program name with args. + set dummy tar; ac_word=$2 + echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +-echo "configure:1046: checking for $ac_word" >&5 ++echo "configure:1004: checking for $ac_word" >&5 + if eval "test \"`echo '$''{'ac_cv_path_TAR'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else +@@ -1078,7 +1036,7 @@ + # Extract the first word of "true", so it can be a program name with args. + set dummy true; ac_word=$2 + echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +-echo "configure:1082: checking for $ac_word" >&5 ++echo "configure:1040: checking for $ac_word" >&5 + if eval "test \"`echo '$''{'ac_cv_path_TRUE'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else +@@ -1114,7 +1072,7 @@ + # Extract the first word of "mkdir", so it can be a program name with args. + set dummy mkdir; ac_word=$2 + echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +-echo "configure:1118: checking for $ac_word" >&5 ++echo "configure:1076: checking for $ac_word" >&5 + if eval "test \"`echo '$''{'ac_cv_path_MKDIR'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else +@@ -1150,7 +1108,7 @@ + # Extract the first word of "tr", so it can be a program name with args. + set dummy tr; ac_word=$2 + echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +-echo "configure:1154: checking for $ac_word" >&5 ++echo "configure:1112: checking for $ac_word" >&5 + if eval "test \"`echo '$''{'ac_cv_path_TR'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else +@@ -1186,7 +1144,7 @@ + # Extract the first word of "echo", so it can be a program name with args. + set dummy echo; ac_word=$2 + echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +-echo "configure:1190: checking for $ac_word" >&5 ++echo "configure:1148: checking for $ac_word" >&5 + if eval "test \"`echo '$''{'ac_cv_path_ECHO'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else +@@ -1222,7 +1180,7 @@ + # Extract the first word of "sed", so it can be a program name with args. + set dummy sed; ac_word=$2 + echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 +-echo "configure:1226: checking for $ac_word" >&5 ++echo "configure:1184: checking for $ac_word" >&5 + if eval "test \"`echo '$''{'ac_cv_path_SED'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else +@@ -1256,11 +1214,8 @@ + fi + + +-LIBS="-L/usr/lib -L/usr/local/lib -L/usr/ssl/lib -L/usr/openssl/lib\ +- -L/usr/local/ssl/lib -L/usr/local/openssl/lib -L/usr/pkg/lib -L/pkg/lib" +- + echo $ac_n "checking for floor in -lm""... $ac_c" 1>&6 +-echo "configure:1264: checking for floor in -lm" >&5 ++echo "configure:1219: checking for floor in -lm" >&5 + ac_lib_var=`echo m'_'floor | sed 'y%./+-%__p_%'` + if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +@@ -1268,7 +1223,7 @@ + ac_save_LIBS="$LIBS" + LIBS="-lm $LIBS" + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++if { (eval echo configure:1238: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" + else +@@ -1300,7 +1255,7 @@ + fi + + echo $ac_n "checking for RSAPrivateDecrypt in -lrsaref""... $ac_c" 1>&6 +-echo "configure:1304: checking for RSAPrivateDecrypt in -lrsaref" >&5 ++echo "configure:1259: checking for RSAPrivateDecrypt in -lrsaref" >&5 + ac_lib_var=`echo rsaref'_'RSAPrivateDecrypt | sed 'y%./+-%__p_%'` + if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +@@ -1308,7 +1263,7 @@ + ac_save_LIBS="$LIBS" + LIBS="-lrsaref $LIBS" + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++if { (eval echo configure:1278: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" + else +@@ -1340,7 +1295,7 @@ + fi + + echo $ac_n "checking for i2a_ASN1_STRING in -lcrypto""... $ac_c" 1>&6 +-echo "configure:1344: checking for i2a_ASN1_STRING in -lcrypto" >&5 ++echo "configure:1299: checking for i2a_ASN1_STRING in -lcrypto" >&5 + ac_lib_var=`echo crypto'_'i2a_ASN1_STRING | sed 'y%./+-%__p_%'` + if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +@@ -1348,7 +1303,7 @@ + ac_save_LIBS="$LIBS" + LIBS="-lcrypto $LIBS" + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++if { (eval echo configure:1318: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" + else +@@ -1380,7 +1335,7 @@ + fi + + echo $ac_n "checking for RSA_ref_private_encrypt in -lRSAglue""... $ac_c" 1>&6 +-echo "configure:1384: checking for RSA_ref_private_encrypt in -lRSAglue" >&5 ++echo "configure:1339: checking for RSA_ref_private_encrypt in -lRSAglue" >&5 + ac_lib_var=`echo RSAglue'_'RSA_ref_private_encrypt | sed 'y%./+-%__p_%'` + if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 +@@ -1388,7 +1343,7 @@ + ac_save_LIBS="$LIBS" + LIBS="-lRSAglue $LIBS" + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++if { (eval echo configure:1358: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_lib_$ac_lib_var=yes" + else +@@ -1420,12 +1375,9 @@ + fi + + +-CPPFLAGS="-I/usr/include -I/usr/local/include -I/usr/ssl/include\ +- -I/usr/local/ssl/include -I/usr/openssl/include -I/usr/pkg/include\ +- -I/usr/local/openssl/include -I/pkg/include" + + echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6 +-echo "configure:1429: checking how to run the C preprocessor" >&5 ++echo "configure:1381: checking how to run the C preprocessor" >&5 + # On Suns, sometimes $CPP names a directory. + if test -n "$CPP" && test -d "$CPP"; then + CPP= +@@ -1440,13 +1392,13 @@ + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. + cat > conftest.$ac_ext < + Syntax Error + EOF + ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +-{ (eval echo configure:1450: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++{ (eval echo configure:1402: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } + ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` + if test -z "$ac_err"; then + : +@@ -1457,13 +1409,13 @@ + rm -rf conftest* + CPP="${CC-cc} -E -traditional-cpp" + cat > conftest.$ac_ext < + Syntax Error + EOF + ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +-{ (eval echo configure:1467: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++{ (eval echo configure:1419: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } + ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` + if test -z "$ac_err"; then + : +@@ -1474,13 +1426,13 @@ + rm -rf conftest* + CPP="${CC-cc} -nologo -E" + cat > conftest.$ac_ext < + Syntax Error + EOF + ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +-{ (eval echo configure:1484: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++{ (eval echo configure:1436: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } + ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` + if test -z "$ac_err"; then + : +@@ -1505,12 +1457,12 @@ + echo "$ac_t""$CPP" 1>&6 + + echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6 +-echo "configure:1509: checking for ANSI C header files" >&5 ++echo "configure:1461: checking for ANSI C header files" >&5 + if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else + cat > conftest.$ac_ext < + #include +@@ -1518,7 +1470,7 @@ + #include + EOF + ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +-{ (eval echo configure:1522: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++{ (eval echo configure:1474: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } + ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` + if test -z "$ac_err"; then + rm -rf conftest* +@@ -1535,7 +1487,7 @@ + if test $ac_cv_header_stdc = yes; then + # SunOS 4.x string.h does not declare mem*, contrary to ANSI. + cat > conftest.$ac_ext < + EOF +@@ -1553,7 +1505,7 @@ + if test $ac_cv_header_stdc = yes; then + # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. + cat > conftest.$ac_ext < + EOF +@@ -1574,7 +1526,7 @@ + : + else + cat > conftest.$ac_ext < + #define ISLOWER(c) ('a' <= (c) && (c) <= 'z') +@@ -1585,7 +1537,7 @@ + exit (0); } + + EOF +-if { (eval echo configure:1589: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null ++if { (eval echo configure:1541: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null + then + : + else +@@ -1609,12 +1561,12 @@ + fi + + echo $ac_n "checking whether time.h and sys/time.h may both be included""... $ac_c" 1>&6 +-echo "configure:1613: checking whether time.h and sys/time.h may both be included" >&5 ++echo "configure:1565: checking whether time.h and sys/time.h may both be included" >&5 + if eval "test \"`echo '$''{'ac_cv_header_time'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else + cat > conftest.$ac_ext < + #include +@@ -1623,7 +1575,7 @@ + struct tm *tp; + ; return 0; } + EOF +-if { (eval echo configure:1627: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++if { (eval echo configure:1579: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then + rm -rf conftest* + ac_cv_header_time=yes + else +@@ -1647,17 +1599,17 @@ + do + ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` + echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 +-echo "configure:1651: checking for $ac_hdr" >&5 ++echo "configure:1603: checking for $ac_hdr" >&5 + if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else + cat > conftest.$ac_ext < + EOF + ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +-{ (eval echo configure:1661: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++{ (eval echo configure:1613: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } + ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` + if test -z "$ac_err"; then + rm -rf conftest* +@@ -1687,17 +1639,17 @@ + do + ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` + echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 +-echo "configure:1691: checking for $ac_hdr" >&5 ++echo "configure:1643: checking for $ac_hdr" >&5 + if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else + cat > conftest.$ac_ext < + EOF + ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" +-{ (eval echo configure:1701: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++{ (eval echo configure:1653: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } + ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` + if test -z "$ac_err"; then + rm -rf conftest* +@@ -1726,12 +1678,12 @@ + + + echo $ac_n "checking for working const""... $ac_c" 1>&6 +-echo "configure:1730: checking for working const" >&5 ++echo "configure:1682: checking for working const" >&5 + if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else + cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then ++if { (eval echo configure:1736: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then + rm -rf conftest* + ac_cv_c_const=yes + else +@@ -1801,12 +1753,12 @@ + fi + + echo $ac_n "checking for u_int""... $ac_c" 1>&6 +-echo "configure:1805: checking for u_int" >&5 ++echo "configure:1757: checking for u_int" >&5 + if eval "test \"`echo '$''{'ac_cv_type_u_int'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else + cat > conftest.$ac_ext < + #if STDC_HEADERS +@@ -1834,12 +1786,12 @@ + fi + + echo $ac_n "checking for u_char""... $ac_c" 1>&6 +-echo "configure:1838: checking for u_char" >&5 ++echo "configure:1790: checking for u_char" >&5 + if eval "test \"`echo '$''{'ac_cv_type_u_char'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else + cat > conftest.$ac_ext < + #if STDC_HEADERS +@@ -1870,12 +1822,12 @@ + for ac_func in regcomp open close read _open _close _read strchr memcpy + do + echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 +-echo "configure:1874: checking for $ac_func" >&5 ++echo "configure:1826: checking for $ac_func" >&5 + if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++if { (eval echo configure:1854: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_func_$ac_func=yes" + else +@@ -1925,12 +1877,12 @@ + for ac_func in strcasecmp strncasecmp stricmp strnicmp snprintf __b64_ntop + do + echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 +-echo "configure:1929: checking for $ac_func" >&5 ++echo "configure:1881: checking for $ac_func" >&5 + if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++if { (eval echo configure:1909: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_func_$ac_func=yes" + else +@@ -1980,12 +1932,12 @@ + for ac_func in getopt + do + echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 +-echo "configure:1984: checking for $ac_func" >&5 ++echo "configure:1936: checking for $ac_func" >&5 + if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then + echo $ac_n "(cached) $ac_c" 1>&6 + else + cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++if { (eval echo configure:1964: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then + rm -rf conftest* + eval "ac_cv_func_$ac_func=yes" + else +@@ -2172,7 +2124,6 @@ + s%@CC@%$CC%g + s%@RANLIB@%$RANLIB%g + s%@YACC@%$YACC%g +-s%@SSLEAY@%$SSLEAY%g + s%@RM@%$RM%g + s%@AR@%$AR%g + s%@NROFF@%$NROFF%g +diff -urN keynote-2.3/configure.in keynote-2.3.new/configure.in +--- keynote-2.3/configure.in 2006-09-01 19:08:13.000000000 +0200 ++++ keynote-2.3.new/configure.in 2006-09-01 19:16:05.000000000 +0200 +@@ -9,8 +9,8 @@ + AC_PROG_CC + AC_PROG_RANLIB + AC_PROG_YACC +-AC_PATH_PROGS(SSLEAY, openssl ssleay, /usr/local/bin/ssleay, \ +- $PATH:/usr/local/bin:/usr/local/ssl/sbin:/usr/local/ssl/bin:/usr/ssl/bin:/usr/ssl/sbin:/usr/sbin:/usr/openssl/bin:/usr/openssl/bin:/usr/local/openssl/bin:/usr/local/openssl/sbin) ++dnl AC_PATH_PROGS(SSLEAY, openssl ssleay, /usr/local/bin/ssleay, \ ++dnl $PATH:/usr/local/bin:/usr/local/ssl/sbin:/usr/local/ssl/bin:/usr/ssl/bin:/usr/ssl/sbin:/usr/sbin:/usr/openssl/bin:/usr/openssl/bin:/usr/local/openssl/bin:/usr/local/openssl/sbin) + AC_PATH_PROG(RM, rm, /bin/rm) + AC_PATH_PROG(AR, ar, /usr/bin/ar) + AC_PATH_PROG(NROFF, nroff, /usr/bin/nroff) +@@ -27,7 +27,7 @@ + AC_CHECK_LIB(RSAglue, RSA_ref_private_encrypt, LIBS="$LIBS -lRSAglue") + + dnl Checks for header files. +-CPPFLAGS="-I/usr/include/openssl" ++dnl CPPFLAGS="-I/usr/include/openssl" + + AC_HEADER_STDC + AC_HEADER_TIME diff --git a/package/keynote/patches/01-build.patch b/package/keynote/patches/01-build.patch deleted file mode 100644 index 05351f714c..0000000000 --- a/package/keynote/patches/01-build.patch +++ /dev/null @@ -1,327 +0,0 @@ -diff -ru keynote-2.3/configure.in keynote-2.3.new/configure.in ---- keynote-2.3/configure.in 2000-09-27 01:16:28.000000000 +0200 -+++ keynote-2.3.new/configure.in 2004-01-16 11:34:03.991537404 +0100 -@@ -21,19 +21,13 @@ - AC_PATH_PROG(ECHO, echo, /bin/echo) - AC_PATH_PROG(SED, sed, /usr/bin/sed) - --dnl Checks for libraries. --LIBS="-L/usr/lib -L/usr/local/lib -L/usr/ssl/lib -L/usr/openssl/lib\ -- -L/usr/local/ssl/lib -L/usr/local/openssl/lib -L/usr/pkg/lib -L/pkg/lib" -- - AC_CHECK_LIB(m, floor, LIBS="$LIBS -lm") - AC_CHECK_LIB(rsaref, RSAPrivateDecrypt, LIBS="$LIBS -lrsaref") - AC_CHECK_LIB(crypto, i2a_ASN1_STRING, LIBS="$LIBS -lcrypto") - AC_CHECK_LIB(RSAglue, RSA_ref_private_encrypt, LIBS="$LIBS -lRSAglue") - - dnl Checks for header files. --CPPFLAGS="-I/usr/include -I/usr/local/include -I/usr/ssl/include\ -- -I/usr/local/ssl/include -I/usr/openssl/include -I/usr/pkg/include\ -- -I/usr/local/openssl/include -I/pkg/include" -+CPPFLAGS="-I/usr/include/openssl" - - AC_HEADER_STDC - AC_HEADER_TIME -diff -ru keynote-2.3/keynote-keygen.c keynote-2.3.new/keynote-keygen.c ---- keynote-2.3/keynote-keygen.c 2000-09-27 02:09:13.000000000 +0200 -+++ keynote-2.3.new/keynote-keygen.c 2004-01-16 11:32:06.652242269 +0100 -@@ -161,7 +161,7 @@ - if (strlen(algname) + 2 > prlen) - { - fprintf(stderr, "Parameter ``print-length'' should be larger " -- "than the length of AlgorithmName (%d)\n", strlen(algname)); -+ "than the length of AlgorithmName (%lu)\n", strlen(algname)); - exit(-1); - } - -diff -ru keynote-2.3/keynote.l keynote-2.3.new/keynote.l ---- keynote-2.3/keynote.l 2000-08-11 22:49:13.000000000 +0200 -+++ keynote-2.3.new/keynote.l 2004-01-16 11:17:29.910430978 +0100 -@@ -61,7 +61,8 @@ struct lex_list - static struct lex_list *keynote_lex_list = (struct lex_list *) NULL; - static int keynote_max_lex_list = 32; - static int keynote_lex_counter = 0; --static int first_tok = 0; -+extern int first_tok; -+int first_tok = 0; - %} - digit [0-9] - specnumber [1-9][0-9]* -@@ -766,7 +767,7 @@ - if (0) - { - yyunput(0, NULL); -- yy_flex_realloc(0, NULL); -+ yy_flex_realloc(NULL, 0); - } - - return en; -diff -ru keynote-2.3/keynote-ver.l keynote-2.3.new/keynote-ver.l ---- keynote-2.3/keynote-ver.l 2000-08-11 22:49:13.000000000 +0200 -+++ keynote-2.3.new/keynote-ver.l 2004-01-16 11:31:14.667107044 +0100 -@@ -267,7 +267,7 @@ - if (0) - { - yyunput(0, NULL); -- yy_flex_realloc(0, NULL); -+ yy_flex_realloc(NULL, 0); - } - } - -diff -ru keynote-2.3/keynote-ver.y keynote-2.3.new/keynote-ver.y ---- keynote-2.3/keynote-ver.y 1999-10-12 00:34:29.000000000 +0200 -+++ keynote-2.3.new/keynote-ver.y 2004-01-16 11:07:19.709634736 +0100 -@@ -49,7 +49,7 @@ - return keynote_errno; - free($1); - } -- -+ ; - expr: VSTRING EQ STRING { int i = kn_add_action(sessid, $1, $3, 0); - - if (i != 0) -@@ -64,6 +64,7 @@ - free($1); - free($3); - } expr -+ ; - %% - void - kverror(char *s) -diff -ru keynote-2.3/keynote.y keynote-2.3.new/keynote.y ---- keynote-2.3/keynote.y 2000-06-14 08:28:23.000000000 +0200 -+++ keynote-2.3.new/keynote.y 2004-01-16 11:14:55.365898229 +0100 -@@ -73,8 +73,7 @@ - %} - %% - --grammarswitch: LOCINI { keynote_exceptionflag = keynote_donteval = 0; } -- localinit -+grammarswitch: LOCINI { keynote_exceptionflag = keynote_donteval = 0; } localinit - | ACTSTR { keynote_exceptionflag = keynote_donteval = 0; } program - | KEYPRE { keynote_exceptionflag = keynote_donteval = 0; } - keypredicate -@@ -91,17 +90,17 @@ - STRING { keynote_lex_remove($3); - keynote_privkey = $3; - } -- -+ ; - keypredicate: /* Nothing */ { keynote_returnvalue = 0; - return 0; - } - | notemptykeypredicate { keynote_returnvalue = $1; - return 0; - } -- -+ ; - notemptykeypredicate: key { $$ = $1; } - | keyexp { $$ = $1; } -- -+ ; - keyexp: notemptykeypredicate AND { if (($1 == 0) && !keynote_justrecord) - keynote_donteval = 1; - } notemptykeypredicate -@@ -138,7 +137,7 @@ - else - $$ = 0; - } /* K-th */ -- -+ ; - keylist: key - { /* Don't do anything if we're just recording */ - if (!keynote_justrecord && !keynote_donteval) -@@ -155,7 +154,7 @@ - - keylistcount++; - } -- -+ ; - key: str { - if (keynote_donteval) - $$ = 0; -@@ -193,10 +192,10 @@ - } - } - } -- -+ ; - localinit: /* Nothing */ - | localconstants -- -+ ; - localconstants: VARIABLE EQQ STRING - { - int i; -@@ -265,12 +264,12 @@ - if (i != RESULT_TRUE) - return -1; - } localconstants -- -+ ; - program: prog { - keynote_returnvalue = $1; - return 0; - } -- -+ ; - prog: /* Nada */ { $$ = 0; } - | notemptyprog { - /* -@@ -285,7 +284,7 @@ - else - $$ = $4; - } -- -+ ; - notemptyprog: expr HINT afterhint - { - if (checkexception($1)) -@@ -300,7 +299,7 @@ - else - $$ = 0; - } -- -+ ; - afterhint: str { if (keynote_exceptionflag || keynote_donteval) - $$ = 0; - else -@@ -315,7 +314,7 @@ - } - } - | OPENBLOCK prog CLOSEBLOCK { $$ = $2; } -- -+ ; - - expr: OPENPAREN expr CLOSEPAREN { $$ = $2; } - | expr AND { if ($1 == 0) -@@ -334,19 +333,19 @@ - | stringexp { $$ = $1; } - | TRUE { $$ = 1; } - | FALSE { $$ = 0; } -- -+ ; - numexp: numex LT numex { $$ = $1 < $3; } - | numex GT numex { $$ = $1 > $3; } - | numex EQ numex { $$ = $1 == $3; } - | numex LE numex { $$ = $1 <= $3; } - | numex GE numex { $$ = $1 >= $3; } - | numex NE numex { $$ = $1 != $3; } -- -+ ; - floatexp: floatex LT floatex { $$ = $1 < $3; } - | floatex GT floatex { $$ = $1 > $3; } - | floatex LE floatex { $$ = $1 <= $3; } - | floatex GE floatex { $$ = $1 >= $3; } -- -+ ; - numex: numex PLUS numex { $$ = $1 + $3; } - | numex MINUS numex { $$ = $1 - $3; } - | numex MULT numex { $$ = $1 * $3; } -@@ -384,7 +383,7 @@ - free($2); - } - } -- -+ ; - floatex: floatex PLUS floatex { $$ = ($1 + $3); } - | floatex MINUS floatex { $$ = ($1 - $3); } - | floatex MULT floatex { $$ = ($1 * $3); } -@@ -418,7 +417,7 @@ - free($2); - } - } -- -+ ; - stringexp: str EQ str { - if (keynote_exceptionflag || keynote_donteval) - $$ = 0; -@@ -529,9 +528,9 @@ - if (i == 0) - { - #if !defined(HAVE_SNPRINTF) -- sprintf(grp, "%d", preg.re_nsub); -+ sprintf(grp, "%d", (int)preg.re_nsub); - #else /* !HAVE_SNPRINTF */ -- snprintf(grp, 3, "%d", preg.re_nsub); -+ snprintf(grp, 3, "%d", (int)preg.re_nsub); - #endif /* !HAVE_SNPRINTF */ - if (keynote_env_add("_0", grp, &keynote_temp_list, - 1, 0) != RESULT_TRUE) -@@ -579,7 +578,7 @@ - } - } - } -- -+ ; - str: str DOTT str { if (keynote_exceptionflag || keynote_donteval) - $$ = (char *) NULL; - else -@@ -605,7 +604,7 @@ - } - } - | strnotconcat { $$ = $1; } -- -+ ; - strnotconcat: STRING { $$ = $1; } - | OPENPAREN str CLOSEPAREN { $$ = $2; } - | VARIABLE { if (keynote_exceptionflag || keynote_donteval) -@@ -660,6 +659,7 @@ - return -1; - } - } -+ ; - %% - - /* -diff -ru keynote-2.3/Makefile.in keynote-2.3.new/Makefile.in ---- keynote-2.3/Makefile.in 2000-09-27 01:16:27.000000000 +0200 -+++ keynote-2.3.new/Makefile.in 2004-01-16 11:35:38.841528129 +0100 -@@ -41,7 +41,7 @@ - YACCFLAGS = -d -p kn -b k - LEXFLAGS2 = -Pkv -s -i - LEXFLAGS = -Cr -Pkn -s -i --CFLAGS = -O2 -Wall # -g -+CFLAGS = -O2 -Wall -fno-strict-aliasing # -g - RMFLAGS2 = -rf - RMFLAGS = -f - NROFFFLAGS = -mandoc -diff -ru keynote-2.3/signature.c keynote-2.3.new/signature.c ---- keynote-2.3/signature.c 1999-10-12 00:34:31.000000000 +0200 -+++ keynote-2.3.new/signature.c 2004-01-16 11:30:48.062084986 +0100 -@@ -515,7 +515,7 @@ - kk = dc->dec_key; - if (keytype == KEYNOTE_PRIVATE_KEY) - { -- if (d2i_DSAPrivateKey((DSA **) &kk, &decoded, len) == (DSA *) NULL) -+ if (d2i_DSAPrivateKey((DSA **) &kk, (const unsigned char **) &decoded, len) == (DSA *) NULL) - { - if (ptr != (unsigned char *) NULL) - free(ptr); -@@ -526,7 +526,7 @@ - } - else - { -- if (d2i_DSAPublicKey((DSA **) &kk, &decoded, len) == (DSA *) NULL) -+ if (d2i_DSAPublicKey((DSA **) &kk, (const unsigned char **) &decoded, len) == (DSA *) NULL) - { - if (ptr != (unsigned char *) NULL) - free(ptr); -@@ -556,7 +556,7 @@ - kk = dc->dec_key; - if (keytype == KEYNOTE_PRIVATE_KEY) - { -- if (d2i_RSAPrivateKey((RSA **) &kk, &decoded, len) == (RSA *) NULL) -+ if (d2i_RSAPrivateKey((RSA **) &kk, (const unsigned char **) &decoded, len) == (RSA *) NULL) - { - if (ptr != (unsigned char *) NULL) - free(ptr); -@@ -567,7 +567,7 @@ - } - else - { -- if (d2i_RSAPublicKey((RSA **) &kk, &decoded, len) == (RSA *) NULL) -+ if (d2i_RSAPublicKey((RSA **) &kk, (const unsigned char **) &decoded, len) == (RSA *) NULL) - { - if (ptr != (unsigned char *) NULL) - free(ptr); diff --git a/package/keynote/patches/02-cross_compile.patch b/package/keynote/patches/02-cross_compile.patch deleted file mode 100644 index c6d5365507..0000000000 --- a/package/keynote/patches/02-cross_compile.patch +++ /dev/null @@ -1,586 +0,0 @@ -diff -urN keynote-2.3/configure keynote-2.3.new/configure ---- keynote-2.3/configure 2000-09-27 01:16:28.000000000 +0200 -+++ keynote-2.3.new/configure 2006-09-01 19:16:35.000000000 +0200 -@@ -889,52 +889,10 @@ - done - test -n "$YACC" || YACC="yacc" - --for ac_prog in openssl ssleay --do --# Extract the first word of "$ac_prog", so it can be a program name with args. --set dummy $ac_prog; ac_word=$2 --echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 --echo "configure:898: checking for $ac_word" >&5 --if eval "test \"`echo '$''{'ac_cv_path_SSLEAY'+set}'`\" = set"; then -- echo $ac_n "(cached) $ac_c" 1>&6 --else -- case "$SSLEAY" in -- /*) -- ac_cv_path_SSLEAY="$SSLEAY" # Let the user override the test with a path. -- ;; -- ?:/*) -- ac_cv_path_SSLEAY="$SSLEAY" # Let the user override the test with a dos path. -- ;; -- *) -- IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" -- ac_dummy="\ -- $PATH:/usr/local/bin:/usr/local/ssl/sbin:/usr/local/ssl/bin:/usr/ssl/bin:/usr/ssl/sbin:/usr/sbin:/usr/openssl/bin:/usr/openssl/bin:/usr/local/openssl/bin:/usr/local/openssl/sbin" -- for ac_dir in $ac_dummy; do -- test -z "$ac_dir" && ac_dir=. -- if test -f $ac_dir/$ac_word; then -- ac_cv_path_SSLEAY="$ac_dir/$ac_word" -- break -- fi -- done -- IFS="$ac_save_ifs" -- ;; --esac --fi --SSLEAY="$ac_cv_path_SSLEAY" --if test -n "$SSLEAY"; then -- echo "$ac_t""$SSLEAY" 1>&6 --else -- echo "$ac_t""no" 1>&6 --fi -- --test -n "$SSLEAY" && break --done --test -n "$SSLEAY" || SSLEAY="/usr/local/bin/ssleay" -- - # Extract the first word of "rm", so it can be a program name with args. - set dummy rm; ac_word=$2 - echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 --echo "configure:938: checking for $ac_word" >&5 -+echo "configure:896: checking for $ac_word" >&5 - if eval "test \"`echo '$''{'ac_cv_path_RM'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else -@@ -970,7 +928,7 @@ - # Extract the first word of "ar", so it can be a program name with args. - set dummy ar; ac_word=$2 - echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 --echo "configure:974: checking for $ac_word" >&5 -+echo "configure:932: checking for $ac_word" >&5 - if eval "test \"`echo '$''{'ac_cv_path_AR'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else -@@ -1006,7 +964,7 @@ - # Extract the first word of "nroff", so it can be a program name with args. - set dummy nroff; ac_word=$2 - echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 --echo "configure:1010: checking for $ac_word" >&5 -+echo "configure:968: checking for $ac_word" >&5 - if eval "test \"`echo '$''{'ac_cv_path_NROFF'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else -@@ -1042,7 +1000,7 @@ - # Extract the first word of "tar", so it can be a program name with args. - set dummy tar; ac_word=$2 - echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 --echo "configure:1046: checking for $ac_word" >&5 -+echo "configure:1004: checking for $ac_word" >&5 - if eval "test \"`echo '$''{'ac_cv_path_TAR'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else -@@ -1078,7 +1036,7 @@ - # Extract the first word of "true", so it can be a program name with args. - set dummy true; ac_word=$2 - echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 --echo "configure:1082: checking for $ac_word" >&5 -+echo "configure:1040: checking for $ac_word" >&5 - if eval "test \"`echo '$''{'ac_cv_path_TRUE'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else -@@ -1114,7 +1072,7 @@ - # Extract the first word of "mkdir", so it can be a program name with args. - set dummy mkdir; ac_word=$2 - echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 --echo "configure:1118: checking for $ac_word" >&5 -+echo "configure:1076: checking for $ac_word" >&5 - if eval "test \"`echo '$''{'ac_cv_path_MKDIR'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else -@@ -1150,7 +1108,7 @@ - # Extract the first word of "tr", so it can be a program name with args. - set dummy tr; ac_word=$2 - echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 --echo "configure:1154: checking for $ac_word" >&5 -+echo "configure:1112: checking for $ac_word" >&5 - if eval "test \"`echo '$''{'ac_cv_path_TR'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else -@@ -1186,7 +1144,7 @@ - # Extract the first word of "echo", so it can be a program name with args. - set dummy echo; ac_word=$2 - echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 --echo "configure:1190: checking for $ac_word" >&5 -+echo "configure:1148: checking for $ac_word" >&5 - if eval "test \"`echo '$''{'ac_cv_path_ECHO'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else -@@ -1222,7 +1180,7 @@ - # Extract the first word of "sed", so it can be a program name with args. - set dummy sed; ac_word=$2 - echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 --echo "configure:1226: checking for $ac_word" >&5 -+echo "configure:1184: checking for $ac_word" >&5 - if eval "test \"`echo '$''{'ac_cv_path_SED'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else -@@ -1256,11 +1214,8 @@ - fi - - --LIBS="-L/usr/lib -L/usr/local/lib -L/usr/ssl/lib -L/usr/openssl/lib\ -- -L/usr/local/ssl/lib -L/usr/local/openssl/lib -L/usr/pkg/lib -L/pkg/lib" -- - echo $ac_n "checking for floor in -lm""... $ac_c" 1>&6 --echo "configure:1264: checking for floor in -lm" >&5 -+echo "configure:1219: checking for floor in -lm" >&5 - ac_lib_var=`echo m'_'floor | sed 'y%./+-%__p_%'` - if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -@@ -1268,7 +1223,7 @@ - ac_save_LIBS="$LIBS" - LIBS="-lm $LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then -+if { (eval echo configure:1238: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" - else -@@ -1300,7 +1255,7 @@ - fi - - echo $ac_n "checking for RSAPrivateDecrypt in -lrsaref""... $ac_c" 1>&6 --echo "configure:1304: checking for RSAPrivateDecrypt in -lrsaref" >&5 -+echo "configure:1259: checking for RSAPrivateDecrypt in -lrsaref" >&5 - ac_lib_var=`echo rsaref'_'RSAPrivateDecrypt | sed 'y%./+-%__p_%'` - if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -@@ -1308,7 +1263,7 @@ - ac_save_LIBS="$LIBS" - LIBS="-lrsaref $LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then -+if { (eval echo configure:1278: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" - else -@@ -1340,7 +1295,7 @@ - fi - - echo $ac_n "checking for i2a_ASN1_STRING in -lcrypto""... $ac_c" 1>&6 --echo "configure:1344: checking for i2a_ASN1_STRING in -lcrypto" >&5 -+echo "configure:1299: checking for i2a_ASN1_STRING in -lcrypto" >&5 - ac_lib_var=`echo crypto'_'i2a_ASN1_STRING | sed 'y%./+-%__p_%'` - if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -@@ -1348,7 +1303,7 @@ - ac_save_LIBS="$LIBS" - LIBS="-lcrypto $LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then -+if { (eval echo configure:1318: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" - else -@@ -1380,7 +1335,7 @@ - fi - - echo $ac_n "checking for RSA_ref_private_encrypt in -lRSAglue""... $ac_c" 1>&6 --echo "configure:1384: checking for RSA_ref_private_encrypt in -lRSAglue" >&5 -+echo "configure:1339: checking for RSA_ref_private_encrypt in -lRSAglue" >&5 - ac_lib_var=`echo RSAglue'_'RSA_ref_private_encrypt | sed 'y%./+-%__p_%'` - if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -@@ -1388,7 +1343,7 @@ - ac_save_LIBS="$LIBS" - LIBS="-lRSAglue $LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then -+if { (eval echo configure:1358: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" - else -@@ -1420,12 +1375,9 @@ - fi - - --CPPFLAGS="-I/usr/include -I/usr/local/include -I/usr/ssl/include\ -- -I/usr/local/ssl/include -I/usr/openssl/include -I/usr/pkg/include\ -- -I/usr/local/openssl/include -I/pkg/include" - - echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6 --echo "configure:1429: checking how to run the C preprocessor" >&5 -+echo "configure:1381: checking how to run the C preprocessor" >&5 - # On Suns, sometimes $CPP names a directory. - if test -n "$CPP" && test -d "$CPP"; then - CPP= -@@ -1440,13 +1392,13 @@ - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. - cat > conftest.$ac_ext < - Syntax Error - EOF - ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" --{ (eval echo configure:1450: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -+{ (eval echo configure:1402: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } - ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` - if test -z "$ac_err"; then - : -@@ -1457,13 +1409,13 @@ - rm -rf conftest* - CPP="${CC-cc} -E -traditional-cpp" - cat > conftest.$ac_ext < - Syntax Error - EOF - ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" --{ (eval echo configure:1467: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -+{ (eval echo configure:1419: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } - ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` - if test -z "$ac_err"; then - : -@@ -1474,13 +1426,13 @@ - rm -rf conftest* - CPP="${CC-cc} -nologo -E" - cat > conftest.$ac_ext < - Syntax Error - EOF - ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" --{ (eval echo configure:1484: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -+{ (eval echo configure:1436: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } - ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` - if test -z "$ac_err"; then - : -@@ -1505,12 +1457,12 @@ - echo "$ac_t""$CPP" 1>&6 - - echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6 --echo "configure:1509: checking for ANSI C header files" >&5 -+echo "configure:1461: checking for ANSI C header files" >&5 - if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else - cat > conftest.$ac_ext < - #include -@@ -1518,7 +1470,7 @@ - #include - EOF - ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" --{ (eval echo configure:1522: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -+{ (eval echo configure:1474: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } - ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` - if test -z "$ac_err"; then - rm -rf conftest* -@@ -1535,7 +1487,7 @@ - if test $ac_cv_header_stdc = yes; then - # SunOS 4.x string.h does not declare mem*, contrary to ANSI. - cat > conftest.$ac_ext < - EOF -@@ -1553,7 +1505,7 @@ - if test $ac_cv_header_stdc = yes; then - # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. - cat > conftest.$ac_ext < - EOF -@@ -1574,7 +1526,7 @@ - : - else - cat > conftest.$ac_ext < - #define ISLOWER(c) ('a' <= (c) && (c) <= 'z') -@@ -1585,7 +1537,7 @@ - exit (0); } - - EOF --if { (eval echo configure:1589: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -+if { (eval echo configure:1541: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null - then - : - else -@@ -1609,12 +1561,12 @@ - fi - - echo $ac_n "checking whether time.h and sys/time.h may both be included""... $ac_c" 1>&6 --echo "configure:1613: checking whether time.h and sys/time.h may both be included" >&5 -+echo "configure:1565: checking whether time.h and sys/time.h may both be included" >&5 - if eval "test \"`echo '$''{'ac_cv_header_time'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else - cat > conftest.$ac_ext < - #include -@@ -1623,7 +1575,7 @@ - struct tm *tp; - ; return 0; } - EOF --if { (eval echo configure:1627: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then -+if { (eval echo configure:1579: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_header_time=yes - else -@@ -1647,17 +1599,17 @@ - do - ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` - echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 --echo "configure:1651: checking for $ac_hdr" >&5 -+echo "configure:1603: checking for $ac_hdr" >&5 - if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else - cat > conftest.$ac_ext < - EOF - ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" --{ (eval echo configure:1661: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -+{ (eval echo configure:1613: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } - ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` - if test -z "$ac_err"; then - rm -rf conftest* -@@ -1687,17 +1639,17 @@ - do - ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` - echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 --echo "configure:1691: checking for $ac_hdr" >&5 -+echo "configure:1643: checking for $ac_hdr" >&5 - if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else - cat > conftest.$ac_ext < - EOF - ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" --{ (eval echo configure:1701: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -+{ (eval echo configure:1653: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } - ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` - if test -z "$ac_err"; then - rm -rf conftest* -@@ -1726,12 +1678,12 @@ - - - echo $ac_n "checking for working const""... $ac_c" 1>&6 --echo "configure:1730: checking for working const" >&5 -+echo "configure:1682: checking for working const" >&5 - if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else - cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then -+if { (eval echo configure:1736: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_c_const=yes - else -@@ -1801,12 +1753,12 @@ - fi - - echo $ac_n "checking for u_int""... $ac_c" 1>&6 --echo "configure:1805: checking for u_int" >&5 -+echo "configure:1757: checking for u_int" >&5 - if eval "test \"`echo '$''{'ac_cv_type_u_int'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else - cat > conftest.$ac_ext < - #if STDC_HEADERS -@@ -1834,12 +1786,12 @@ - fi - - echo $ac_n "checking for u_char""... $ac_c" 1>&6 --echo "configure:1838: checking for u_char" >&5 -+echo "configure:1790: checking for u_char" >&5 - if eval "test \"`echo '$''{'ac_cv_type_u_char'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else - cat > conftest.$ac_ext < - #if STDC_HEADERS -@@ -1870,12 +1822,12 @@ - for ac_func in regcomp open close read _open _close _read strchr memcpy - do - echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 --echo "configure:1874: checking for $ac_func" >&5 -+echo "configure:1826: checking for $ac_func" >&5 - if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then -+if { (eval echo configure:1854: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" - else -@@ -1925,12 +1877,12 @@ - for ac_func in strcasecmp strncasecmp stricmp strnicmp snprintf __b64_ntop - do - echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 --echo "configure:1929: checking for $ac_func" >&5 -+echo "configure:1881: checking for $ac_func" >&5 - if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then -+if { (eval echo configure:1909: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" - else -@@ -1980,12 +1932,12 @@ - for ac_func in getopt - do - echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 --echo "configure:1984: checking for $ac_func" >&5 -+echo "configure:1936: checking for $ac_func" >&5 - if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 - else - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then -+if { (eval echo configure:1964: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" - else -@@ -2172,7 +2124,6 @@ - s%@CC@%$CC%g - s%@RANLIB@%$RANLIB%g - s%@YACC@%$YACC%g --s%@SSLEAY@%$SSLEAY%g - s%@RM@%$RM%g - s%@AR@%$AR%g - s%@NROFF@%$NROFF%g -diff -urN keynote-2.3/configure.in keynote-2.3.new/configure.in ---- keynote-2.3/configure.in 2006-09-01 19:08:13.000000000 +0200 -+++ keynote-2.3.new/configure.in 2006-09-01 19:16:05.000000000 +0200 -@@ -9,8 +9,8 @@ - AC_PROG_CC - AC_PROG_RANLIB - AC_PROG_YACC --AC_PATH_PROGS(SSLEAY, openssl ssleay, /usr/local/bin/ssleay, \ -- $PATH:/usr/local/bin:/usr/local/ssl/sbin:/usr/local/ssl/bin:/usr/ssl/bin:/usr/ssl/sbin:/usr/sbin:/usr/openssl/bin:/usr/openssl/bin:/usr/local/openssl/bin:/usr/local/openssl/sbin) -+dnl AC_PATH_PROGS(SSLEAY, openssl ssleay, /usr/local/bin/ssleay, \ -+dnl $PATH:/usr/local/bin:/usr/local/ssl/sbin:/usr/local/ssl/bin:/usr/ssl/bin:/usr/ssl/sbin:/usr/sbin:/usr/openssl/bin:/usr/openssl/bin:/usr/local/openssl/bin:/usr/local/openssl/sbin) - AC_PATH_PROG(RM, rm, /bin/rm) - AC_PATH_PROG(AR, ar, /usr/bin/ar) - AC_PATH_PROG(NROFF, nroff, /usr/bin/nroff) -@@ -27,7 +27,7 @@ - AC_CHECK_LIB(RSAglue, RSA_ref_private_encrypt, LIBS="$LIBS -lRSAglue") - - dnl Checks for header files. --CPPFLAGS="-I/usr/include/openssl" -+dnl CPPFLAGS="-I/usr/include/openssl" - - AC_HEADER_STDC - AC_HEADER_TIME diff --git a/package/rt2500/patches/001-rt2561t.patch b/package/rt2500/patches/001-rt2561t.patch new file mode 100644 index 0000000000..8bdb623b51 --- /dev/null +++ b/package/rt2500/patches/001-rt2561t.patch @@ -0,0 +1,31 @@ +diff -urN rt2500-1.1.0-b4/Module/rt_config.h rt2500-1.1.0-b4.new/Module/rt_config.h +--- rt2500-1.1.0-b4/Module/rt_config.h 2006-06-17 22:12:58.000000000 +0200 ++++ rt2500-1.1.0-b4.new/Module/rt_config.h 2006-12-30 02:56:30.000000000 +0100 +@@ -55,7 +55,7 @@ + #error You must compile this driver with "-O". + #endif + +-#include //can delete ++#include //can delete + #include + #include + #include +@@ -154,6 +154,7 @@ + + enum rt2560_chips { + RT2560A = 0, ++ RT2561T = 0, + }; + + #ifdef RTMP_EMBEDDED +diff -urN rt2500-1.1.0-b4/Module/rtmp_main.c rt2500-1.1.0-b4.new/Module/rtmp_main.c +--- rt2500-1.1.0-b4/Module/rtmp_main.c 2006-06-17 22:12:58.000000000 +0200 ++++ rt2500-1.1.0-b4.new/Module/rtmp_main.c 2006-12-30 02:56:01.000000000 +0100 +@@ -975,6 +975,7 @@ + static struct pci_device_id rt2500_pci_tbl[] __devinitdata = + { + {0x1814, 0x0201, PCI_ANY_ID, PCI_ANY_ID, 0, 0, RT2560A}, ++ {0x1814, 0x0301, PCI_ANY_ID, PCI_ANY_ID, 0, 0, RT2561T}, + {0,} /* terminate list */ + }; + MODULE_DEVICE_TABLE(pci, rt2500_pci_tbl); diff --git a/package/rt2500/patches/01-rt2561t.patch b/package/rt2500/patches/01-rt2561t.patch deleted file mode 100644 index 8bdb623b51..0000000000 --- a/package/rt2500/patches/01-rt2561t.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff -urN rt2500-1.1.0-b4/Module/rt_config.h rt2500-1.1.0-b4.new/Module/rt_config.h ---- rt2500-1.1.0-b4/Module/rt_config.h 2006-06-17 22:12:58.000000000 +0200 -+++ rt2500-1.1.0-b4.new/Module/rt_config.h 2006-12-30 02:56:30.000000000 +0100 -@@ -55,7 +55,7 @@ - #error You must compile this driver with "-O". - #endif - --#include //can delete -+#include //can delete - #include - #include - #include -@@ -154,6 +154,7 @@ - - enum rt2560_chips { - RT2560A = 0, -+ RT2561T = 0, - }; - - #ifdef RTMP_EMBEDDED -diff -urN rt2500-1.1.0-b4/Module/rtmp_main.c rt2500-1.1.0-b4.new/Module/rtmp_main.c ---- rt2500-1.1.0-b4/Module/rtmp_main.c 2006-06-17 22:12:58.000000000 +0200 -+++ rt2500-1.1.0-b4.new/Module/rtmp_main.c 2006-12-30 02:56:01.000000000 +0100 -@@ -975,6 +975,7 @@ - static struct pci_device_id rt2500_pci_tbl[] __devinitdata = - { - {0x1814, 0x0201, PCI_ANY_ID, PCI_ANY_ID, 0, 0, RT2560A}, -+ {0x1814, 0x0301, PCI_ANY_ID, PCI_ANY_ID, 0, 0, RT2561T}, - {0,} /* terminate list */ - }; - MODULE_DEVICE_TABLE(pci, rt2500_pci_tbl); diff --git a/package/rt61/patches/001-wireless_extensions_version.patch b/package/rt61/patches/001-wireless_extensions_version.patch new file mode 100644 index 0000000000..b0e254a908 --- /dev/null +++ b/package/rt61/patches/001-wireless_extensions_version.patch @@ -0,0 +1,12 @@ +diff -urN rt61-1.1.0-b1/Module/rtmp_main.c rt61-1.1.0-b1.new/Module/rtmp_main.c +--- rt61-1.1.0-b1/Module/rtmp_main.c 2006-06-18 10:58:40.000000000 +0200 ++++ rt61-1.1.0-b1.new/Module/rtmp_main.c 2006-12-17 19:59:10.000000000 +0100 +@@ -252,7 +252,7 @@ + net_dev->stop = RT61_close; + net_dev->get_stats = RT61_get_ether_stats; + +-#if WIRELESS_EXT >= 12 ++#if WIRELESS_EXT >= 12 && WIRELESS_EXT < 21 + net_dev->get_wireless_stats = RT61_get_wireless_stats; + net_dev->wireless_handlers = (struct iw_handler_def *) &rt61_iw_handler_def; + #endif diff --git a/package/rt61/patches/002-linux_2_4_module_param.patch b/package/rt61/patches/002-linux_2_4_module_param.patch new file mode 100644 index 0000000000..ee773a856a --- /dev/null +++ b/package/rt61/patches/002-linux_2_4_module_param.patch @@ -0,0 +1,22 @@ +--- rt61-old/Module/rtmp_main.c 2006/06/16 11:12:40 1.14 ++++ rt61-new/Module/rtmp_main.c 2006/08/12 13:03:25 1.15 +@@ -48,11 +48,19 @@ + // Global variable, debug level flag + // Don't hide this behing debug define. There should be as little difference between debug and no-debug as possible. + int debug = 0; ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) + module_param(debug, int, 0444); ++#else ++MODULE_PARM(debug, "i"); ++#endif + MODULE_PARM_DESC(debug, "Enable level: accepted values: 1 to switch debug on, 0 to switch debug off."); + + static char *ifname = NULL ; ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) + module_param(ifname, charp, 0444); ++#else ++MODULE_PARM(ifname, "s"); ++#endif + MODULE_PARM_DESC(ifname, "Network device name (default ra%d)"); + + static dma_addr_t dma_adapter; diff --git a/package/rt61/patches/01-wireless_extensions_version.patch b/package/rt61/patches/01-wireless_extensions_version.patch deleted file mode 100644 index b0e254a908..0000000000 --- a/package/rt61/patches/01-wireless_extensions_version.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -urN rt61-1.1.0-b1/Module/rtmp_main.c rt61-1.1.0-b1.new/Module/rtmp_main.c ---- rt61-1.1.0-b1/Module/rtmp_main.c 2006-06-18 10:58:40.000000000 +0200 -+++ rt61-1.1.0-b1.new/Module/rtmp_main.c 2006-12-17 19:59:10.000000000 +0100 -@@ -252,7 +252,7 @@ - net_dev->stop = RT61_close; - net_dev->get_stats = RT61_get_ether_stats; - --#if WIRELESS_EXT >= 12 -+#if WIRELESS_EXT >= 12 && WIRELESS_EXT < 21 - net_dev->get_wireless_stats = RT61_get_wireless_stats; - net_dev->wireless_handlers = (struct iw_handler_def *) &rt61_iw_handler_def; - #endif diff --git a/package/rt61/patches/02-linux_2_4_module_param.patch b/package/rt61/patches/02-linux_2_4_module_param.patch deleted file mode 100644 index ee773a856a..0000000000 --- a/package/rt61/patches/02-linux_2_4_module_param.patch +++ /dev/null @@ -1,22 +0,0 @@ ---- rt61-old/Module/rtmp_main.c 2006/06/16 11:12:40 1.14 -+++ rt61-new/Module/rtmp_main.c 2006/08/12 13:03:25 1.15 -@@ -48,11 +48,19 @@ - // Global variable, debug level flag - // Don't hide this behing debug define. There should be as little difference between debug and no-debug as possible. - int debug = 0; -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) - module_param(debug, int, 0444); -+#else -+MODULE_PARM(debug, "i"); -+#endif - MODULE_PARM_DESC(debug, "Enable level: accepted values: 1 to switch debug on, 0 to switch debug off."); - - static char *ifname = NULL ; -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) - module_param(ifname, charp, 0444); -+#else -+MODULE_PARM(ifname, "s"); -+#endif - MODULE_PARM_DESC(ifname, "Network device name (default ra%d)"); - - static dma_addr_t dma_adapter; diff --git a/package/udev/patches/001-no_debug.patch b/package/udev/patches/001-no_debug.patch new file mode 100644 index 0000000000..8b3df30bf3 --- /dev/null +++ b/package/udev/patches/001-no_debug.patch @@ -0,0 +1,21 @@ +diff -Nur udev-103-old/Makefile udev-103-new/Makefile +--- udev-103-old/Makefile 2006-10-20 14:43:35.000000000 +0200 ++++ udev-103-new/Makefile 2006-11-24 15:44:35.000000000 +0100 +@@ -113,7 +113,7 @@ + AR = $(CROSS_COMPILE)ar + RANLIB = $(CROSS_COMPILE)ranlib + +-CFLAGS = -g -Wall -pipe -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 ++CFLAGS = -Wall -pipe -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 + WARNINGS = -Wstrict-prototypes -Wsign-compare -Wshadow \ + -Wchar-subscripts -Wmissing-declarations -Wnested-externs \ + -Wpointer-arith -Wcast-align -Wsign-compare -Wmissing-prototypes +@@ -130,7 +130,7 @@ + + # if DEBUG is enabled, then we do not strip + ifeq ($(strip $(DEBUG)),true) +- CFLAGS += -DDEBUG ++ CFLAGS += -g -DDEBUG + endif + + ifeq ($(strip $(USE_GCOV)),true) diff --git a/package/udev/patches/002-udevtrigger_no_config.patch b/package/udev/patches/002-udevtrigger_no_config.patch new file mode 100644 index 0000000000..e9c22d4c0b --- /dev/null +++ b/package/udev/patches/002-udevtrigger_no_config.patch @@ -0,0 +1,10 @@ +--- udev.old/udevtrigger.c 2007-03-03 18:42:09.000000000 +0100 ++++ udev.dev/udevtrigger.c 2007-03-04 21:15:18.459211632 +0100 +@@ -446,7 +446,6 @@ + }; + + logging_init("udevtrigger"); +- udev_config_init(); + dbg("version %s", UDEV_VERSION); + sysfs_init(); + diff --git a/package/udev/patches/01-no_debug.patch b/package/udev/patches/01-no_debug.patch deleted file mode 100644 index 8b3df30bf3..0000000000 --- a/package/udev/patches/01-no_debug.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -Nur udev-103-old/Makefile udev-103-new/Makefile ---- udev-103-old/Makefile 2006-10-20 14:43:35.000000000 +0200 -+++ udev-103-new/Makefile 2006-11-24 15:44:35.000000000 +0100 -@@ -113,7 +113,7 @@ - AR = $(CROSS_COMPILE)ar - RANLIB = $(CROSS_COMPILE)ranlib - --CFLAGS = -g -Wall -pipe -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -+CFLAGS = -Wall -pipe -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 - WARNINGS = -Wstrict-prototypes -Wsign-compare -Wshadow \ - -Wchar-subscripts -Wmissing-declarations -Wnested-externs \ - -Wpointer-arith -Wcast-align -Wsign-compare -Wmissing-prototypes -@@ -130,7 +130,7 @@ - - # if DEBUG is enabled, then we do not strip - ifeq ($(strip $(DEBUG)),true) -- CFLAGS += -DDEBUG -+ CFLAGS += -g -DDEBUG - endif - - ifeq ($(strip $(USE_GCOV)),true) diff --git a/package/udev/patches/02-udevtrigger_no_config.patch b/package/udev/patches/02-udevtrigger_no_config.patch deleted file mode 100644 index e9c22d4c0b..0000000000 --- a/package/udev/patches/02-udevtrigger_no_config.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- udev.old/udevtrigger.c 2007-03-03 18:42:09.000000000 +0100 -+++ udev.dev/udevtrigger.c 2007-03-04 21:15:18.459211632 +0100 -@@ -446,7 +446,6 @@ - }; - - logging_init("udevtrigger"); -- udev_config_init(); - dbg("version %s", UDEV_VERSION); - sysfs_init(); - diff --git a/package/wireless-tools/patches/001-debian.patch b/package/wireless-tools/patches/001-debian.patch new file mode 100644 index 0000000000..ba8755b705 --- /dev/null +++ b/package/wireless-tools/patches/001-debian.patch @@ -0,0 +1,35 @@ +--- wireless-tools-27.orig/iwlib.c ++++ wireless-tools-27/iwlib.c +@@ -622,6 +622,7 @@ + { + struct iwreq wrq; + ++ memset((char *) &wrq, 0, sizeof(struct iwreq)); + memset((char *) info, 0, sizeof(struct wireless_config)); + + /* Get wireless name */ +--- wireless-tools-27.orig/Makefile ++++ wireless-tools-27/Makefile +@@ -64,8 +64,8 @@ + # Install directories + INSTALL_DIR= $(PREFIX)/sbin/ + INSTALL_LIB= $(PREFIX)/lib/ +-INSTALL_INC= $(PREFIX)/include/ +-INSTALL_MAN= $(PREFIX)/man/ ++INSTALL_INC= $(PREFIX)/usr/include/ ++INSTALL_MAN= $(PREFIX)/usr/share/man/ + + # Various commands + RM = rm -f +@@ -81,9 +81,9 @@ + endif + + # Other flags +-CFLAGS=-Os -W -Wall -Wstrict-prototypes -Wmissing-prototypes -Wshadow \ ++#CFLAGS=-Os -W -Wall -Wstrict-prototypes -Wmissing-prototypes -Wshadow \ + -Wpointer-arith -Wcast-qual -Winline -I. +-#CFLAGS=-O2 -W -Wall -Wstrict-prototypes -I. ++CFLAGS=-O2 -W -Wall -Wstrict-prototypes -I. + DEPFLAGS=-MMD + XCFLAGS=$(CFLAGS) $(DEPFLAGS) $(WARN) $(HEADERS) $(WELIB_FLAG) + PICFLAG=-fPIC diff --git a/package/wireless-tools/patches/01-debian.patch b/package/wireless-tools/patches/01-debian.patch deleted file mode 100644 index ba8755b705..0000000000 --- a/package/wireless-tools/patches/01-debian.patch +++ /dev/null @@ -1,35 +0,0 @@ ---- wireless-tools-27.orig/iwlib.c -+++ wireless-tools-27/iwlib.c -@@ -622,6 +622,7 @@ - { - struct iwreq wrq; - -+ memset((char *) &wrq, 0, sizeof(struct iwreq)); - memset((char *) info, 0, sizeof(struct wireless_config)); - - /* Get wireless name */ ---- wireless-tools-27.orig/Makefile -+++ wireless-tools-27/Makefile -@@ -64,8 +64,8 @@ - # Install directories - INSTALL_DIR= $(PREFIX)/sbin/ - INSTALL_LIB= $(PREFIX)/lib/ --INSTALL_INC= $(PREFIX)/include/ --INSTALL_MAN= $(PREFIX)/man/ -+INSTALL_INC= $(PREFIX)/usr/include/ -+INSTALL_MAN= $(PREFIX)/usr/share/man/ - - # Various commands - RM = rm -f -@@ -81,9 +81,9 @@ - endif - - # Other flags --CFLAGS=-Os -W -Wall -Wstrict-prototypes -Wmissing-prototypes -Wshadow \ -+#CFLAGS=-Os -W -Wall -Wstrict-prototypes -Wmissing-prototypes -Wshadow \ - -Wpointer-arith -Wcast-qual -Winline -I. --#CFLAGS=-O2 -W -Wall -Wstrict-prototypes -I. -+CFLAGS=-O2 -W -Wall -Wstrict-prototypes -I. - DEPFLAGS=-MMD - XCFLAGS=$(CFLAGS) $(DEPFLAGS) $(WARN) $(HEADERS) $(WELIB_FLAG) - PICFLAG=-fPIC