jengelh/ipset
SHA256
1
0
Fork 0
forked from pool/ipset
Code Pull Requests Activity

Accepting request 354776 from security:netfilter

Browse Source 
1

OBS-URL: https://build.opensuse.org/request/show/354776
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ipset?expand=0&rev=21
This commit is contained in:
Dominique Leuenberger 2016-01-21 22:44:03 +00:00 committed by Git OBS Bridge
commit 746934f1f1
5 changed files with 57 additions and 78 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ipset-6.25.1.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:658e15d0d0d6a7160137ef1c2bc2c8669cfee996eb9e049df8d7313e34795e7b
size 531786

3
ipset-6.27.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:724897a80395534466142c3542184e5a480a5046140ca2a7d9097690b931b235
size 532887

3
ipset-preamble
View File

@ -1,3 +0,0 @@
Enhances: kernel-%1
Requires: kernel-%1
Supplements: packageand(kernel-%1:ipset)

31
ipset.changes
View File

@ -1,3 +1,34 @@
-------------------------------------------------------------------
Mon Jan 18 15:42:54 UTC 2016 - kstreitova@suse.com
- update to 6.27:
* kernel part changes
* fix reported memory size for hash:* types
* fix hash type expire: release empty hash bucket block
* fix hash type expiration: incorrect index fixed
* collapse same condition body to a single one
* fix extension alignment
* compatibility: include linux/export.h when needed
* compatibility: make sure vmalloc.h is included for kvfree()
* compatibility: Fix detecting 'struct net' in 'struct tcf_ematch'
* compatibility: Protect definition of RCU_INIT_POINTER in
compatibility header file
* netfilter: ipset: Fix sleeping memory allocation in atomic
context (Nikolay Borisov)
* userspace changes
* handle uint64_t alignment issue in ipset tool
- disable KMP build as we support the in-kernel version instead.
Remove ipset-preamble file that is no longer needed [bsc#962345]
- run spec-cleaner
-------------------------------------------------------------------
Sun Aug 30 11:23:27 UTC 2015 - jengelh@inai.de
- Update to new upstream release 6.26
* Out of bound access in hash:net* types fixed
* Make struct htype per ipset family
* Optimize hash creation routine
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Jun 25 09:57:08 UTC 2015 - jengelh@inai.de Thu Jun 25 09:57:08 UTC 2015 - jengelh@inai.de

95
ipset.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package ipset # spec file for package ipset
# #
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -16,38 +16,24 @@
# #
Name: ipset
%define lname libipset3 %define lname libipset3
Version: 6.25.1 Name: ipset
Version: 6.27
Release: 0 Release: 0
Summary: Netfilter ipset administration utility Summary: Netfilter ipset administration utility
License: GPL-2.0 License: GPL-2.0
Group: Productivity/Networking/Security Group: Productivity/Networking/Security
Url: http://ipset.netfilter.org/ Url: http://ipset.netfilter.org/
#Git-Clone: git://git.netfilter.org/ipset #Git-Clone: git://git.netfilter.org/ipset
#Git-Web: http://git.netfilter.org/ #Git-Web: http://git.netfilter.org/
Source: ftp://ftp.netfilter.org/pub/ipset/%name-%version.tar.bz2 Source: ftp://ftp.netfilter.org/pub/ipset/%{name}-%{version}.tar.bz2
Source3: %name-preamble
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: autoconf BuildRequires: autoconf
BuildRequires: automake BuildRequires: automake
BuildRequires: libtool BuildRequires: libtool
BuildRequires: linux-glibc-devel >= 2.6.24 BuildRequires: linux-glibc-devel >= 2.6.24
BuildRequires: pkgconfig >= 0.21 BuildRequires: pkgconfig >= 0.21
BuildRequires: pkgconfig(libmnl) >= 1 BuildRequires: pkgconfig(libmnl) >= 1
# Make quilt happy BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if 0%{?kernel_module_package_buildreqs:1}
%define with_kmp 1
BuildRequires: %kernel_module_package_buildreqs
%endif
BuildRequires: kernel-syms >= 2.6.39
Recommends: %name-kmp
%if 0%{?with_kmp:1}
%kernel_module_package -p %name-preamble
%endif
%description %description
IP sets are a framework inside the Linux kernel, which can be IP sets are a framework inside the Linux kernel, which can be
@ -64,24 +50,11 @@ ipset can:
* express complex IP address and ports based rulesets with one single * express complex IP address and ports based rulesets with one single
iptables rule and benefit from the speed of IP sets iptables rule and benefit from the speed of IP sets
%package KMP %package -n %{lname}
Summary: Netfilter ipset kernel modules
Group: System/Kernel
%description KMP
IP sets are a framework inside the Linux kernel, which can be
administered by the ipset utility. Depending on the type, currently
an IP set may store IP addresses, (TCP/UDP) port numbers or IP
addresses with MAC addresses in a way, which ensures lightning speed
when matching an entry against a set.
This package contains a version update to the in-kernel ipset modules.
%package -n %lname
Summary: Userspace library for the in-kernel Netfilter ipset interface Summary: Userspace library for the in-kernel Netfilter ipset interface
Group: System/Libraries Group: System/Libraries
%description -n %lname %description -n %{lname}
IP sets are a framework inside the Linux kernel, which can be IP sets are a framework inside the Linux kernel, which can be
administered by the ipset utility. Depending on the type, currently administered by the ipset utility. Depending on the type, currently
an IP set may store IP addresses, (TCP/UDP) port numbers or IP an IP set may store IP addresses, (TCP/UDP) port numbers or IP
@ -91,7 +64,7 @@ when matching an entry against a set.
%package devel %package devel
Summary: Development files for ipset extensions Summary: Development files for ipset extensions
Group: Development/Libraries/C and C++ Group: Development/Libraries/C and C++
Requires: %lname = %version Requires: %{lname} = %{version}
%description devel %description devel
IP sets are a framework inside the Linux kernel, which can be IP sets are a framework inside the Linux kernel, which can be
@ -104,54 +77,32 @@ when matching an entry against a set.
%setup -q %setup -q
%build %build
%if 0%{?with_kmp} %configure --disable-static \
for flavor in %flavors_to_build; do --with-kmod=no \
cp -a . "../%name-$flavor-%version"; --includedir="%{_includedir}/pkg/%{name}"
pushd "../%name-$flavor-%version/";
# ksource: it just checks for a header
%configure --disable-static \
--with-kbuild="/usr/src/linux-obj/%_target_cpu/$flavor" \
--with-ksource="/usr/src/linux" \
--includedir="%_includedir/pkg/%name"
make %{?_smp_mflags} all modules;
popd;
done;
%else
%configure --disable-static --with-kmod=no \
--includedir="%_includedir/pkg/%name"
make %{?_smp_mflags}; make %{?_smp_mflags};
%endif
%install %install
b="%buildroot"; make %{?_smp_mflags} install DESTDIR="%{buildroot}";
%if 0%{?with_kmp} find %{buildroot} -type f -name "*.la" -delete -print
for flavor in %flavors_to_build; do
pushd "../%name-$flavor-%version/";
make %{?_smp_mflags} install modules_install \
DESTDIR="$b" INSTALL_MOD_PATH="$b";
popd;
done;
%else
make %{?_smp_mflags} install DESTDIR="$b";
%endif
find "$b/%_libdir" -type f -name "*.la" -delete;
%post -n %lname -p /sbin/ldconfig %post -n %{lname} -p /sbin/ldconfig
%postun -n %lname -p /sbin/ldconfig
%postun -n %{lname} -p /sbin/ldconfig
%files %files
%defattr(-,root,root) %defattr(-,root,root)
%_sbindir/ipset %{_sbindir}/ipset
%_mandir/man*/* %{_mandir}/man*/*
%files -n %lname %files -n %{lname}
%defattr(-,root,root) %defattr(-,root,root)
%_libdir/libipset.so.3* %{_libdir}/libipset.so.3*
%files devel %files devel
%defattr(-,root,root) %defattr(-,root,root)
%_libdir/libipset.so %{_libdir}/libipset.so
%_libdir/pkgconfig/libipset.pc %{_libdir}/pkgconfig/libipset.pc
%_includedir/pkg/ %{_includedir}/pkg/
%changelog %changelog