SHA256
1
0
forked from pool/ipset

Accepting request 379266 from security:netfilter

- Update to new upstream release 6.29

OBS-URL: https://build.opensuse.org/request/show/379266
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ipset?expand=0&rev=22
This commit is contained in:
Dominique Leuenberger 2016-03-26 14:28:48 +00:00 committed by Git OBS Bridge
commit 92c16ebf61
6 changed files with 133 additions and 27 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:724897a80395534466142c3542184e5a480a5046140ca2a7d9097690b931b235
size 532887

3
ipset-6.29.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:6af58b21c8b475b1058e02529ea9f15b4b727dbc13dc9cbddf89941b0103880e
size 542735

31
ipset-destdir.diff Normal file
View File

@ -0,0 +1,31 @@
From: Jan Engelhardt <jengelh@inai.de>
Date: 2016-03-17 01:13:03.340741300 +0100
Skip these two steps from Makefile.am altogether.
1. If $INSTALL_MOD_PATH/lib/modules/uname_r is missing, no depmod
files will be created at all (by depmod as invoked by the kernel's
modules_install target).
2. Therefore, modinfo -b will error out because it cannot find
$INSTALL_MOD_PATH/lib/modules/uname-r/modules.order.
3. lsmod fails because /proc and /sys are not mounted.
---
Makefile.am | 2 --
1 file changed, 2 deletions(-)
Index: ipset-6.29/Makefile.am
===================================================================
--- ipset-6.29.orig/Makefile.am
+++ ipset-6.29/Makefile.am
@@ -72,8 +72,6 @@ modules_install:
if WITH_KMOD
${MAKE} -C $(KBUILD_OUTPUT) M=$$PWD/kernel/net \
KDIR=$$PWD/kernel modules_install
- @modinfo -b ${INSTALL_MOD_PATH} ip_set_hash_ip | ${GREP} /extra/ >/dev/null || echo "$$DEPMOD_WARNING"
- @lsmod | ${GREP} '^ip_set' >/dev/null && echo "$$MODULE_WARNING"
else
@echo Skipping kernel modules due to --with-kmod=no
endif

3
ipset-preamble Normal file
View File

@ -0,0 +1,3 @@
Enhances: kernel-%1
Requires: kernel-%1
Supplements: packageand(kernel-%1:ipset)

View File

@ -1,3 +1,22 @@
-------------------------------------------------------------------
Wed Mar 16 23:25:41 UTC 2016 - jengelh@inai.de
- Update to new upstream release 6.29
* Fix race condition in ipset save, swap and delete
-------------------------------------------------------------------
Sat Mar 12 21:40:08 UTC 2016 - jengelh@inai.de
- Update to new upstream release 6.28
* Test added to check 0.0.0.0/0,iface to be matched in
hash:net,iface type
* Check IPSET_ATTR_ETHER netlink attribute length
* Fix set:list type crash when flush/dump set in parallel
* Allow a 0 netmask with hash_netiface type
- Restore unreviewed deletion of KMP production,
undo spec-cleaner refucktoring
- Add ipset-destdir.diff
-------------------------------------------------------------------
Mon Jan 18 15:42:54 UTC 2016 - kstreitova@suse.com

View File

@ -16,9 +16,9 @@
#
%define lname libipset3
Name: ipset
Version: 6.27
%define lname libipset3
Version: 6.29
Release: 0
Summary: Netfilter ipset administration utility
License: GPL-2.0
@ -26,14 +26,29 @@ Group: Productivity/Networking/Security
Url: http://ipset.netfilter.org/
#Git-Clone: git://git.netfilter.org/ipset
#Git-Web: http://git.netfilter.org/
Source: ftp://ftp.netfilter.org/pub/ipset/%{name}-%{version}.tar.bz2
Source: ftp://ftp.netfilter.org/pub/ipset/%name-%version.tar.bz2
Source3: %name-preamble
Patch1: ipset-destdir.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: libtool
BuildRequires: linux-glibc-devel >= 2.6.24
BuildRequires: pkgconfig >= 0.21
BuildRequires: pkg-config >= 0.21
BuildRequires: pkgconfig(libmnl) >= 1
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if 0%{?suse_version} && 0%{?suse_version} < 1330
# Factory gets new kernels, old releases don't.
# Always build KMPs for all versions older than Factory.
%define ipset_build_kmp 1
%endif
%if 0%{?ipset_build_kmp}
BuildRequires: %kernel_module_package_buildreqs
%if 0%{?suse_version} >= 1320
BuildRequires: kmod-compat
%endif
BuildRequires: kernel-syms >= 2.6.39
%kernel_module_package -p %name-preamble
%endif
%description
IP sets are a framework inside the Linux kernel, which can be
@ -50,11 +65,24 @@ ipset can:
* express complex IP address and ports based rulesets with one single
iptables rule and benefit from the speed of IP sets
%package -n %{lname}
%package KMP
Summary: Netfilter ipset kernel modules
Group: System/Kernel
%description KMP
IP sets are a framework inside the Linux kernel, which can be
administered by the ipset utility. Depending on the type, currently
an IP set may store IP addresses, (TCP/UDP) port numbers or IP
addresses with MAC addresses in a way, which ensures lightning speed
when matching an entry against a set.
This package contains a version update to the in-kernel ipset modules.
%package -n %lname
Summary: Userspace library for the in-kernel Netfilter ipset interface
Group: System/Libraries
%description -n %{lname}
%description -n %lname
IP sets are a framework inside the Linux kernel, which can be
administered by the ipset utility. Depending on the type, currently
an IP set may store IP addresses, (TCP/UDP) port numbers or IP
@ -64,7 +92,7 @@ when matching an entry against a set.
%package devel
Summary: Development files for ipset extensions
Group: Development/Libraries/C and C++
Requires: %{lname} = %{version}
Requires: %lname = %version
%description devel
IP sets are a framework inside the Linux kernel, which can be
@ -75,34 +103,59 @@ when matching an entry against a set.
%prep
%setup -q
%patch -P 1 -p1
%build
# build wants to call modinfo at some point
export PATH="$PATH:/usr/sbin"
autoreconf -fi
%if 0%{?ipset_build_kmp}
for flavor in %flavors_to_build; do
cp -a . "../%name-$flavor-%version"
pushd "../%name-$flavor-%version/"
# ksource: it just checks for a header
%configure --disable-static \
--with-kmod=no \
--includedir="%{_includedir}/pkg/%{name}"
make %{?_smp_mflags};
--with-kbuild="/usr/src/linux-obj/%_target_cpu/$flavor" \
--with-ksource="/usr/src/linux" \
--includedir="%_includedir/%name"
make %{?_smp_mflags} all modules
popd
done
%endif
%configure --disable-static --with-kmod=no \
--includedir="%_includedir/%name"
make %{?_smp_mflags}
%install
make %{?_smp_mflags} install DESTDIR="%{buildroot}";
find %{buildroot} -type f -name "*.la" -delete -print
export PATH="$PATH:/usr/sbin"
b="%buildroot"
%if 0%{?ipset_build_kmp}
for flavor in %flavors_to_build; do
pushd "../%name-$flavor-%version/"
make %{?_smp_mflags} install modules_install \
DESTDIR="$b" INSTALL_MOD_PATH="$b" V=1
popd;
done;
%endif
make %{?_smp_mflags} install DESTDIR="$b"
find "$b/%_libdir" -type f -name "*.la" -delete
%post -n %{lname} -p /sbin/ldconfig
%postun -n %{lname} -p /sbin/ldconfig
%post -n %lname -p /sbin/ldconfig
%postun -n %lname -p /sbin/ldconfig
%files
%defattr(-,root,root)
%{_sbindir}/ipset
%{_mandir}/man*/*
%_sbindir/ipset
%_mandir/man*/*
%files -n %{lname}
%files -n %lname
%defattr(-,root,root)
%{_libdir}/libipset.so.3*
%_libdir/libipset.so.3*
%files devel
%defattr(-,root,root)
%{_libdir}/libipset.so
%{_libdir}/pkgconfig/libipset.pc
%{_includedir}/pkg/
%_libdir/libipset.so
%_libdir/pkgconfig/libipset.pc
%_includedir/%name/
%changelog