From e7e1308e901d1e392d71dfb33c6fa15421859be4201870796bc05483d598020c Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@inai.de>
Date: Mon, 20 Jan 2014 23:54:09 +0000
Subject: [PATCH] SLE patches

OBS-URL: https://build.opensuse.org/package/show/security:netfilter/libnftnl?expand=0&rev=8
---
 ...ild-failure-involving-linux-netlink..patch |  43 ++++
 ...mpile-error-involving-XT_EXTENSION_M.patch | 209 ++++++++++++++++++
 baselibs.conf                                 |   4 +
 libnftnl.changes                              |   2 +
 libnftnl.spec                                 |   4 +
 5 files changed, 262 insertions(+)
 create mode 100644 0001-build-resolve-build-failure-involving-linux-netlink..patch
 create mode 100644 0002-build-resolve-compile-error-involving-XT_EXTENSION_M.patch
 create mode 100644 baselibs.conf

diff --git a/0001-build-resolve-build-failure-involving-linux-netlink..patch b/0001-build-resolve-build-failure-involving-linux-netlink..patch
new file mode 100644
index 0000000..d2d2b25
--- /dev/null
+++ b/0001-build-resolve-build-failure-involving-linux-netlink..patch
@@ -0,0 +1,43 @@
+From 59f557d1155233ece4841d07cc1e4635fb0f5bb2 Mon Sep 17 00:00:00 2001
+From: Jan Engelhardt <jengelh@inai.de>
+Date: Tue, 21 Jan 2014 00:48:27 +0100
+Subject: [PATCH 1/2] build: resolve build failure involving linux/netlink.h
+
+This was seen with a sufficiently-old /usr/include/linux
+(from Linux 2.6.32).
+
+	In file included from common.c:10:
+	/usr/include/linux/netlink.h:34: error: expected
+	specifier-qualifier-list before 'sa_family_t'
+
+The solution is to include <linux/*> last of all system headers.
+
+Signed-off-by: Jan Engelhardt <jengelh@inai.de>
+---
+ src/common.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/common.c b/src/common.c
+index b9598bf..336d2b4 100644
+--- a/src/common.c
++++ b/src/common.c
+@@ -7,6 +7,8 @@
+  * (at your option) any later version.
+  */
+ 
++#include <stdlib.h>
++#include <sys/socket.h>
+ #include <linux/netlink.h>
+ #include <linux/netfilter/nfnetlink.h>
+ 
+@@ -14,7 +16,6 @@
+ #include <libnftnl/common.h>
+ 
+ #include "internal.h"
+-#include<stdlib.h>
+ 
+ struct nlmsghdr *nft_nlmsg_build_hdr(char *buf, uint16_t cmd, uint16_t family,
+ 				     uint16_t type, uint32_t seq)
+-- 
+1.8.4
+
diff --git a/0002-build-resolve-compile-error-involving-XT_EXTENSION_M.patch b/0002-build-resolve-compile-error-involving-XT_EXTENSION_M.patch
new file mode 100644
index 0000000..7bee434
--- /dev/null
+++ b/0002-build-resolve-compile-error-involving-XT_EXTENSION_M.patch
@@ -0,0 +1,209 @@
+From b5d35ad41234e92e17168ce44dafb8d653a6bfc7 Mon Sep 17 00:00:00 2001
+From: Jan Engelhardt <jengelh@inai.de>
+Date: Tue, 21 Jan 2014 00:49:56 +0100
+Subject: [PATCH 2/2] build: resolve compile error involving
+ XT_EXTENSION_MAXNAMELEN
+
+2.6.32 headers in /usr/include/linux again.
+Ship a copy of x_tables.h from Linux 3.11.
+
+Signed-off-by: Jan Engelhardt <jengelh@inai.de>
+---
+ include/linux/netfilter/x_tables.h | 185 +++++++++++++++++++++++++++++++++++++
+ 1 file changed, 185 insertions(+)
+ create mode 100644 include/linux/netfilter/x_tables.h
+
+diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h
+new file mode 100644
+index 0000000..4120970
+--- /dev/null
++++ b/include/linux/netfilter/x_tables.h
+@@ -0,0 +1,185 @@
++#ifndef _X_TABLES_H
++#define _X_TABLES_H
++#include <linux/kernel.h>
++#include <linux/types.h>
++
++#define XT_FUNCTION_MAXNAMELEN 30
++#define XT_EXTENSION_MAXNAMELEN 29
++#define XT_TABLE_MAXNAMELEN 32
++
++struct xt_entry_match {
++	union {
++		struct {
++			__u16 match_size;
++
++			/* Used by userspace */
++			char name[XT_EXTENSION_MAXNAMELEN];
++			__u8 revision;
++		} user;
++		struct {
++			__u16 match_size;
++
++			/* Used inside the kernel */
++			struct xt_match *match;
++		} kernel;
++
++		/* Total length */
++		__u16 match_size;
++	} u;
++
++	unsigned char data[0];
++};
++
++struct xt_entry_target {
++	union {
++		struct {
++			__u16 target_size;
++
++			/* Used by userspace */
++			char name[XT_EXTENSION_MAXNAMELEN];
++			__u8 revision;
++		} user;
++		struct {
++			__u16 target_size;
++
++			/* Used inside the kernel */
++			struct xt_target *target;
++		} kernel;
++
++		/* Total length */
++		__u16 target_size;
++	} u;
++
++	unsigned char data[0];
++};
++
++#define XT_TARGET_INIT(__name, __size)					       \
++{									       \
++	.target.u.user = {						       \
++		.target_size	= XT_ALIGN(__size),			       \
++		.name		= __name,				       \
++	},								       \
++}
++
++struct xt_standard_target {
++	struct xt_entry_target target;
++	int verdict;
++};
++
++struct xt_error_target {
++	struct xt_entry_target target;
++	char errorname[XT_FUNCTION_MAXNAMELEN];
++};
++
++/* The argument to IPT_SO_GET_REVISION_*.  Returns highest revision
++ * kernel supports, if >= revision. */
++struct xt_get_revision {
++	char name[XT_EXTENSION_MAXNAMELEN];
++	__u8 revision;
++};
++
++/* CONTINUE verdict for targets */
++#define XT_CONTINUE 0xFFFFFFFF
++
++/* For standard target */
++#define XT_RETURN (-NF_REPEAT - 1)
++
++/* this is a dummy structure to find out the alignment requirement for a struct
++ * containing all the fundamental data types that are used in ipt_entry,
++ * ip6t_entry and arpt_entry.  This sucks, and it is a hack.  It will be my
++ * personal pleasure to remove it -HW
++ */
++struct _xt_align {
++	__u8 u8;
++	__u16 u16;
++	__u32 u32;
++	__u64 u64;
++};
++
++#define XT_ALIGN(s) __ALIGN_KERNEL((s), __alignof__(struct _xt_align))
++
++/* Standard return verdict, or do jump. */
++#define XT_STANDARD_TARGET ""
++/* Error verdict. */
++#define XT_ERROR_TARGET "ERROR"
++
++#define SET_COUNTER(c,b,p) do { (c).bcnt = (b); (c).pcnt = (p); } while(0)
++#define ADD_COUNTER(c,b,p) do { (c).bcnt += (b); (c).pcnt += (p); } while(0)
++
++struct xt_counters {
++	__u64 pcnt, bcnt;			/* Packet and byte counters */
++};
++
++/* The argument to IPT_SO_ADD_COUNTERS. */
++struct xt_counters_info {
++	/* Which table. */
++	char name[XT_TABLE_MAXNAMELEN];
++
++	unsigned int num_counters;
++
++	/* The counters (actually `number' of these). */
++	struct xt_counters counters[0];
++};
++
++#define XT_INV_PROTO		0x40	/* Invert the sense of PROTO. */
++
++/* fn returns 0 to continue iteration */
++#define XT_MATCH_ITERATE(type, e, fn, args...)			\
++({								\
++	unsigned int __i;					\
++	int __ret = 0;						\
++	struct xt_entry_match *__m;				\
++								\
++	for (__i = sizeof(type);				\
++	     __i < (e)->target_offset;				\
++	     __i += __m->u.match_size) {			\
++		__m = (void *)e + __i;				\
++								\
++		__ret = fn(__m , ## args);			\
++		if (__ret != 0)					\
++			break;					\
++	}							\
++	__ret;							\
++})
++
++/* fn returns 0 to continue iteration */
++#define XT_ENTRY_ITERATE_CONTINUE(type, entries, size, n, fn, args...) \
++({								\
++	unsigned int __i, __n;					\
++	int __ret = 0;						\
++	type *__entry;						\
++								\
++	for (__i = 0, __n = 0; __i < (size);			\
++	     __i += __entry->next_offset, __n++) { 		\
++		__entry = (void *)(entries) + __i;		\
++		if (__n < n)					\
++			continue;				\
++								\
++		__ret = fn(__entry , ## args);			\
++		if (__ret != 0)					\
++			break;					\
++	}							\
++	__ret;							\
++})
++
++/* fn returns 0 to continue iteration */
++#define XT_ENTRY_ITERATE(type, entries, size, fn, args...) \
++	XT_ENTRY_ITERATE_CONTINUE(type, entries, size, 0, fn, args)
++
++
++/* pos is normally a struct ipt_entry/ip6t_entry/etc. */
++#define xt_entry_foreach(pos, ehead, esize) \
++	for ((pos) = (typeof(pos))(ehead); \
++	     (pos) < (typeof(pos))((char *)(ehead) + (esize)); \
++	     (pos) = (typeof(pos))((char *)(pos) + (pos)->next_offset))
++
++/* can only be xt_entry_match, so no use of typeof here */
++#define xt_ematch_foreach(pos, entry) \
++	for ((pos) = (struct xt_entry_match *)entry->elems; \
++	     (pos) < (struct xt_entry_match *)((char *)(entry) + \
++	             (entry)->target_offset); \
++	     (pos) = (struct xt_entry_match *)((char *)(pos) + \
++	             (pos)->u.match_size))
++
++
++#endif /* _X_TABLES_H */
+-- 
+1.8.4
+
diff --git a/baselibs.conf b/baselibs.conf
new file mode 100644
index 0000000..2ef6143
--- /dev/null
+++ b/baselibs.conf
@@ -0,0 +1,4 @@
+libnftnl0
+libnftnl-devel
+	requires -libnftnl-<targettype>
+	requires "libnftnl0-<targettype> = <version>"
diff --git a/libnftnl.changes b/libnftnl.changes
index 16b95b8..0aac049 100644
--- a/libnftnl.changes
+++ b/libnftnl.changes
@@ -2,3 +2,5 @@
 Mon Dec 17 00:03:37 UTC 2012 - jengelh@inai.de
 
 - Initial package (1.0.0+git1) for build.opensuse.org
+- Add 0001-build-resolve-build-failure-involving-linux-netlink..patch,
+  0002-build-resolve-compile-error-involving-XT_EXTENSION_M.patch
diff --git a/libnftnl.spec b/libnftnl.spec
index 7f79be6..13a969d 100644
--- a/libnftnl.spec
+++ b/libnftnl.spec
@@ -28,6 +28,9 @@ URL:		http://netfilter.org/projects/libnftnl/
 #Git-Snapshot:	libnftnl-1.0.0-1-g91264d8
 #Git-Clone:	git://git.netfilter.org/libnftnl
 Source:         %name-%version.tar.xz
+Source2:	baselibs.conf
+Patch1:		0001-build-resolve-build-failure-involving-linux-netlink..patch
+Patch2:		0002-build-resolve-compile-error-involving-XT_EXTENSION_M.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  pkgconfig >= 0.21
 BuildRequires:	libmnl-devel >= 1.0.3
@@ -72,6 +75,7 @@ applications that want to make use of libnftnl.
 
 %prep
 %setup -qn %name
+%patch -P 1 -P 2 -p1
 
 %build
 %configure \