[openwrt/openwrt] nftables: update to 1.0.5

LEDE Commits lede-commits at lists.infradead.org
Sun Aug 28 09:29:50 PDT 2022 

hauke pushed a commit to openwrt/openwrt.git, branch master:
https://git.openwrt.org/36bec544d73dbed46f06875fdfa570e89a40e553

commit 36bec544d73dbed46f06875fdfa570e89a40e553
Author: Nick Hainke <vincent at systemli.org>
AuthorDate: Sat Aug 13 22:41:54 2022 +0200

    nftables: update to 1.0.5
    
    Remove upstreamed patch:
    - 0001-meta-don-t-use-non-POSIX-formats-in-strptime.patch
    
    Changes:
    13248670 build: Bump version to 1.0.5
    3432eebd tests/py: disable arp family for queue statement
    180ce4d7 meta: don't use non-POSIX formats in strptime()
    c1c223f1 src: allow anon set concatenation with ether and vlan
    87c3041b evaluate: search stacked header list for matching payload dep
    b1e3ed03 netlink_delinearize: also postprocess OP_AND in set element context
    f680055c tests: add a test case for ether and vlan listing
    dbd5f348 debug: dump the l2 protocol stack
    0d9daa04 proto: track full stack of seen l2 protocols, not just cumulative offset
    89688c94 netlink_delinearize: postprocess binary ands in concatenations
    0542a431 netlink_delinearize: allow postprocessing on concatenated elements
    8efab552 parser_json: fix device parsing in netdev family
    76fae8f5 src: proto: support DF, LE PHB, VA for DSCP
    446e76db doc: Document limitations of ipsec expression with xfrm_interface
    a2ddb38f cache: report an error message if cache initialization fails
    649b8ce3 cache: validate handle string length
    64c74ba5 cache: prepare nft_cache_evaluate() to return error
    46980cdd rule: crash when uncollapsing command with unexisting table or set
    8a6cdfaf cache: release pending rules when chain binding lookup fails
    e17337df evaluate: report missing interval flag when using prefix/range in concatenation
    45c097c6 scanner: allow prefix in ip6 scope
    6c23bfa5 segtree: fix map listing with interface wildcard
    8623772a scanner: don't pop active flex scanner scope
    994bf500 parser: add missing synproxy scope closure
    ed2426bc tests/py: Add a test for failing ipsec after counter
    27107b49 evaluate: fix segfault when adding elements to invalid set
    0f82b07f mnl: store netlink error location for set elements
    15b3be2e src: remove NFT_NLATTR_LOC_MAX limit for netlink location error reporting
    f56e901a parser_bison: fix error location for set elements
    6d1ee926 intervals: check for EXPR_F_REMOVE in case of element mismatch
    5357cb7b intervals: fix crash when trying to remove element in empty set
    d54510f8 netlink_delinearize: memleak when parsing concatenation data
    12a223ce libnftables: release top level scope
    b91bbf88 optimize: limit statement is not supported yet
    45a61a75 optimize: assume verdict is same when rules have no verdict
    fa409176 optimize: only merge OP_IMPLICIT and OP_EQ relational
    29e62111 tests: shell: run -c -o on ruleset
    887405df optimize: add unsupported statement
    8f61a69e optimize: add hash expression support
    ca8fd77a optimize: add numgen expression support
    721efd64 optimize: add binop expression support
    f7e901a2 optimize: add fib expression support
    54b1e49f optimize: add xfrm expression support
    0beaea37 optimize: add osf expression support
    d07fe8e8 optimize: fix verdict map merging
    38d48fe5 optimize: fix reject statement
    f9939f89 optimize: remove comment after merging
    8f10f33a optimize: do not print stateful information
    3ac932e9 optimize: do not merge rules with set reference in rhs
    64ebb03a optimize: do not compare relational expression rhs when collecting statements
    59e3a592 intervals: Do not sort cached set elements over and over again
    d434de8b intervals: do not empty cache for maps
    87ba510f intervals: do not report exact overlaps for new elements
    498a5f0c rule: collapse set element commands
    8fafe4e6 tests: shell: runtime set element automerge
    638af0ce Revert "scanner: flags: move to own scope"
    
    Signed-off-by: Nick Hainke <vincent at systemli.org>
---
 package/network/utils/nftables/Makefile            |  6 +--
 ...a-don-t-use-non-POSIX-formats-in-strptime.patch | 49 ----------------------
 2 files changed, 3 insertions(+), 52 deletions(-)

diff --git a/package/network/utils/nftables/Makefile b/package/network/utils/nftables/Makefile
index 850355df8d..fd53e3faa1 100644
--- a/package/network/utils/nftables/Makefile
+++ b/package/network/utils/nftables/Makefile
@@ -6,12 +6,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=nftables
-PKG_VERSION:=1.0.4
-PKG_RELEASE:=2
+PKG_VERSION:=1.0.5
+PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=https://netfilter.org/projects/$(PKG_NAME)/files
-PKG_HASH:=927fb1fea1f685a328c10cf791eb655d7e1ed49d310eea5cb3101dfd8d6cba35
+PKG_HASH:=8d1b4b18393af43698d10baa25d2b9b6397969beecac7816c35dd0714e4de50a
 
 PKG_MAINTAINER:=
 PKG_LICENSE:=GPL-2.0
diff --git a/package/network/utils/nftables/patches/0001-meta-don-t-use-non-POSIX-formats-in-strptime.patch b/package/network/utils/nftables/patches/0001-meta-don-t-use-non-POSIX-formats-in-strptime.patch
deleted file mode 100644
index a9d0ee5451..0000000000
--- a/package/network/utils/nftables/patches/0001-meta-don-t-use-non-POSIX-formats-in-strptime.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 1af8aabccd65e11caa397c4706353075f623cd01 Mon Sep 17 00:00:00 2001
-From: Jo-Philipp Wich <jo at mein.io>
-Date: Mon, 8 Aug 2022 23:57:03 +0200
-Subject: [PATCH] meta: don't use non-POSIX formats in strptime()
-
-The current strptime() invocations in meta.c use the `%F` format which
-is not specified by POSIX and thus unimplemented by some libc flavors
-such as musl libc.
-
-Replace all occurrences of `%F` with an equivalent `%Y-%m-%d` format
-in order to be able to properly parse user supplied dates in such
-environments.
-
-Signed-off-by: Jo-Philipp Wich <jo at mein.io>
----
- src/meta.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/src/meta.c b/src/meta.c
-index 80ace25b..257bbc9f 100644
---- a/src/meta.c
-+++ b/src/meta.c
-@@ -399,7 +399,7 @@ static void date_type_print(const struct expr *expr, struct output_ctx *octx)
- 		tstamp += cur_tm->tm_gmtoff;
- 
- 	if ((tm = gmtime((time_t *) &tstamp)) != NULL &&
--	     strftime(timestr, sizeof(timestr) - 1, "%F %T", tm))
-+	     strftime(timestr, sizeof(timestr) - 1, "%Y-%m-%d %T", tm))
- 		nft_print(octx, "\"%s\"", timestr);
- 	else
- 		nft_print(octx, "Error converting timestamp to printed time");
-@@ -412,11 +412,11 @@ static bool parse_iso_date(uint64_t *tstamp, const char *sym)
- 
- 	memset(&tm, 0, sizeof(struct tm));
- 
--	if (strptime(sym, "%F %T", &tm))
-+	if (strptime(sym, "%Y-%m-%d %T", &tm))
- 		goto success;
--	if (strptime(sym, "%F %R", &tm))
-+	if (strptime(sym, "%Y-%m-%d %R", &tm))
- 		goto success;
--	if (strptime(sym, "%F", &tm))
-+	if (strptime(sym, "%Y-%m-%d", &tm))
- 		goto success;
- 
- 	return false;
--- 
-2.35.1
-

More information about the lede-commits mailing list