From 36bec544d73dbed46f06875fdfa570e89a40e553 Mon Sep 17 00:00:00 2001 From: Nick Hainke Date: Sat, 13 Aug 2022 22:41:54 +0200 Subject: [PATCH] nftables: update to 1.0.5 Remove upstreamed patch: - 0001-meta-don-t-use-non-POSIX-formats-in-strptime.patch Changes: 13248670 build: Bump version to 1.0.5 3432eebd tests/py: disable arp family for queue statement 180ce4d7 meta: don't use non-POSIX formats in strptime() c1c223f1 src: allow anon set concatenation with ether and vlan 87c3041b evaluate: search stacked header list for matching payload dep b1e3ed03 netlink_delinearize: also postprocess OP_AND in set element context f680055c tests: add a test case for ether and vlan listing dbd5f348 debug: dump the l2 protocol stack 0d9daa04 proto: track full stack of seen l2 protocols, not just cumulative offset 89688c94 netlink_delinearize: postprocess binary ands in concatenations 0542a431 netlink_delinearize: allow postprocessing on concatenated elements 8efab552 parser_json: fix device parsing in netdev family 76fae8f5 src: proto: support DF, LE PHB, VA for DSCP 446e76db doc: Document limitations of ipsec expression with xfrm_interface a2ddb38f cache: report an error message if cache initialization fails 649b8ce3 cache: validate handle string length 64c74ba5 cache: prepare nft_cache_evaluate() to return error 46980cdd rule: crash when uncollapsing command with unexisting table or set 8a6cdfaf cache: release pending rules when chain binding lookup fails e17337df evaluate: report missing interval flag when using prefix/range in concatenation 45c097c6 scanner: allow prefix in ip6 scope 6c23bfa5 segtree: fix map listing with interface wildcard 8623772a scanner: don't pop active flex scanner scope 994bf500 parser: add missing synproxy scope closure ed2426bc tests/py: Add a test for failing ipsec after counter 27107b49 evaluate: fix segfault when adding elements to invalid set 0f82b07f mnl: store netlink error location for set elements 15b3be2e src: remove NFT_NLATTR_LOC_MAX limit for netlink location error reporting f56e901a parser_bison: fix error location for set elements 6d1ee926 intervals: check for EXPR_F_REMOVE in case of element mismatch 5357cb7b intervals: fix crash when trying to remove element in empty set d54510f8 netlink_delinearize: memleak when parsing concatenation data 12a223ce libnftables: release top level scope b91bbf88 optimize: limit statement is not supported yet 45a61a75 optimize: assume verdict is same when rules have no verdict fa409176 optimize: only merge OP_IMPLICIT and OP_EQ relational 29e62111 tests: shell: run -c -o on ruleset 887405df optimize: add unsupported statement 8f61a69e optimize: add hash expression support ca8fd77a optimize: add numgen expression support 721efd64 optimize: add binop expression support f7e901a2 optimize: add fib expression support 54b1e49f optimize: add xfrm expression support 0beaea37 optimize: add osf expression support d07fe8e8 optimize: fix verdict map merging 38d48fe5 optimize: fix reject statement f9939f89 optimize: remove comment after merging 8f10f33a optimize: do not print stateful information 3ac932e9 optimize: do not merge rules with set reference in rhs 64ebb03a optimize: do not compare relational expression rhs when collecting statements 59e3a592 intervals: Do not sort cached set elements over and over again d434de8b intervals: do not empty cache for maps 87ba510f intervals: do not report exact overlaps for new elements 498a5f0c rule: collapse set element commands 8fafe4e6 tests: shell: runtime set element automerge 638af0ce Revert "scanner: flags: move to own scope" Signed-off-by: Nick Hainke --- package/network/utils/nftables/Makefile | 6 +-- ...-t-use-non-POSIX-formats-in-strptime.patch | 49 ------------------- 2 files changed, 3 insertions(+), 52 deletions(-) delete mode 100644 package/network/utils/nftables/patches/0001-meta-don-t-use-non-POSIX-formats-in-strptime.patch diff --git a/package/network/utils/nftables/Makefile b/package/network/utils/nftables/Makefile index 850355df8d..fd53e3faa1 100644 --- a/package/network/utils/nftables/Makefile +++ b/package/network/utils/nftables/Makefile @@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=nftables -PKG_VERSION:=1.0.4 -PKG_RELEASE:=2 +PKG_VERSION:=1.0.5 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://netfilter.org/projects/$(PKG_NAME)/files -PKG_HASH:=927fb1fea1f685a328c10cf791eb655d7e1ed49d310eea5cb3101dfd8d6cba35 +PKG_HASH:=8d1b4b18393af43698d10baa25d2b9b6397969beecac7816c35dd0714e4de50a PKG_MAINTAINER:= PKG_LICENSE:=GPL-2.0 diff --git a/package/network/utils/nftables/patches/0001-meta-don-t-use-non-POSIX-formats-in-strptime.patch b/package/network/utils/nftables/patches/0001-meta-don-t-use-non-POSIX-formats-in-strptime.patch deleted file mode 100644 index a9d0ee5451..0000000000 --- a/package/network/utils/nftables/patches/0001-meta-don-t-use-non-POSIX-formats-in-strptime.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 1af8aabccd65e11caa397c4706353075f623cd01 Mon Sep 17 00:00:00 2001 -From: Jo-Philipp Wich -Date: Mon, 8 Aug 2022 23:57:03 +0200 -Subject: [PATCH] meta: don't use non-POSIX formats in strptime() - -The current strptime() invocations in meta.c use the `%F` format which -is not specified by POSIX and thus unimplemented by some libc flavors -such as musl libc. - -Replace all occurrences of `%F` with an equivalent `%Y-%m-%d` format -in order to be able to properly parse user supplied dates in such -environments. - -Signed-off-by: Jo-Philipp Wich ---- - src/meta.c | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/src/meta.c b/src/meta.c -index 80ace25b..257bbc9f 100644 ---- a/src/meta.c -+++ b/src/meta.c -@@ -399,7 +399,7 @@ static void date_type_print(const struct expr *expr, struct output_ctx *octx) - tstamp += cur_tm->tm_gmtoff; - - if ((tm = gmtime((time_t *) &tstamp)) != NULL && -- strftime(timestr, sizeof(timestr) - 1, "%F %T", tm)) -+ strftime(timestr, sizeof(timestr) - 1, "%Y-%m-%d %T", tm)) - nft_print(octx, "\"%s\"", timestr); - else - nft_print(octx, "Error converting timestamp to printed time"); -@@ -412,11 +412,11 @@ static bool parse_iso_date(uint64_t *tstamp, const char *sym) - - memset(&tm, 0, sizeof(struct tm)); - -- if (strptime(sym, "%F %T", &tm)) -+ if (strptime(sym, "%Y-%m-%d %T", &tm)) - goto success; -- if (strptime(sym, "%F %R", &tm)) -+ if (strptime(sym, "%Y-%m-%d %R", &tm)) - goto success; -- if (strptime(sym, "%F", &tm)) -+ if (strptime(sym, "%Y-%m-%d", &tm)) - goto success; - - return false; --- -2.35.1 - -- 2.30.2