From b3799ac6a1df92fc23b655aa97f39b349b572343 Mon Sep 17 00:00:00 2001 From: renmingshuai Date: Wed, 15 Feb 2023 17:27:22 +0800 Subject: [PATCH] fix one patch from 1.8.7 and delete useless Patches enabled-makecheck-in-extensions.patch --- "\033:q" | 322 ++++++++++++++++++++++++++ bugfix-add-check-fw-in-entry.patch | 135 ----------- enabled-makecheck-in-extensions.patch | 10 +- iptables.spec | 15 +- 4 files changed, 340 insertions(+), 142 deletions(-) create mode 100644 "\033:q" delete mode 100644 bugfix-add-check-fw-in-entry.patch diff --git "a/\033:q" "b/\033:q" new file mode 100644 index 0000000..10819d9 --- /dev/null +++ "b/\033:q" @@ -0,0 +1,322 @@ +commit 2b882802a0540b3054f901fd07082c8f031b90f0 (HEAD -> master, origin/master, origin/HEAD) +Author: renmingshuai +Date: Wed Feb 8 11:49:22 2023 +0800 + + iptables:update to 1.8.9 + +commit 445a4d92c8c9c50b9845dc2d612b8874c611c4c7 +Merge: aee4a75 96f2aa4 +Author: openeuler-ci-bot +Date: Tue Nov 29 06:13:11 2022 +0000 + + !66 enabled DT testcases + + From: @yuh-kevin + Reviewed-by: @seuzw + Signed-off-by: @seuzw + +commit 96f2aa4434b6f00676800e0b0ac360e29b9c83a9 +Author: renmingshuai +Date: Tue Nov 29 11:06:01 2022 +0800 + + fix error message + + Signed-off-by: huangyu + +commit aee4a75708245559bd637806f791927bb290fc33 +Merge: 0b55512 924270a +Author: openeuler-ci-bot +Date: Mon Nov 28 03:45:37 2022 +0000 + + !64 enabled DT testcases + + From: @yuh-kevin + Reviewed-by: @kircher + Signed-off-by: @kircher + +commit 924270aafab69ec7f76f3941206740070dceb2c6 +Author: huangyu +Date: Sat Nov 26 14:44:33 2022 +0800 + + enabled Dt test + + Signed-off-by: huangyu + +commit 0b555124b6e7cac8db2d56780763195b7146cb4d +Merge: 09c4312 8c5c334 +Author: openeuler-ci-bot <80474298@qq.com> +Date: Mon Aug 15 09:08:21 2022 +0000 + + !58 fix failed message when stop iptables service + + From: @seuzw + Reviewed-by: @kircher + Signed-off-by: @kircher + +commit 8c5c33432f65cd8c7f8b325700908722d99c8800 +Author: seuzw <930zhaowei@163.com> +Date: Mon Aug 15 16:11:17 2022 +0800 + + fix failed message when stop iptables service + + Signed-off-by: seuzw <930zhaowei@163.com> + +commit 09c43126ff4c4e5acc851f5c923c20c64959a02e +Merge: 7523b41 a38790a +Author: openeuler-ci-bot <80474298@qq.com> +Date: Thu Jun 30 09:07:05 2022 +0000 + + !48 /etc/ethertypes has been moved into the setup package + From: @XWwalker + Reviewed-by: @zengwefeng + Signed-off-by: @zengwefeng + +commit a38790a13116272c93476bfec44f4bc350d80c42 +Author: XWwalker +Date: Thu Jun 30 11:50:23 2022 +0800 + + /etc/ethertypes has been moved into the setup package + +commit 7523b4104145218b05c3ecf4951713520aaa45d2 +Merge: 87d40d1 b32bf5f +Author: openeuler-ci-bot <80474298@qq.com> +Date: Wed May 25 14:11:43 2022 +0000 + + !38 fix spec changelog date + From: @loong-C + Reviewed-by: @seuzw + Signed-off-by: @seuzw + +commit b32bf5f9eaabcd797094b91dae6b1633379e963f +Author: loong_C +Date: Wed May 25 13:29:39 2022 +0800 + + fix spec changelog date + +commit 87d40d195047e1b7f4635ad5b43bf59f383d2ab8 +Merge: 87ae235 5059b30 +Author: openeuler-ci-bot <80474298@qq.com> +Date: Sat Mar 26 04:01:39 2022 +0000 + + !34 delete useless so files + From: @yangl777 + Reviewed-by: @zengwefeng + Signed-off-by: @zengwefeng + +commit 5059b30b9951fae8738c7cbf9e9b1cff4dcb55f7 +Author: yangl777 +Date: Sat Mar 26 11:37:40 2022 +0800 + + delete useless so files + +commit 87ae23563a8b79f7cf20d024cd26316f4e250a25 +Merge: 7ce6543 b900a1b +Author: openeuler-ci-bot <80474298@qq.com> +Date: Wed Mar 2 03:03:18 2022 +0000 + + !29 change %systemd_requires to %{?systemd_requires} + From: @duyiwei7w + Reviewed-by: @zengwefeng + Signed-off-by: @zengwefeng + +commit b900a1b0feb30c4a50dbdb1c00d228155631443a +Author: duyiwei +Date: Tue Mar 1 06:13:32 2022 +0000 + + change %systemd_requires to %{?systemd_requires} + +commit 7ce6543e3cad40f91f17dc65c2628368e8f37912 +Merge: 185068f c88f146 +Author: openeuler-ci-bot <80474298@qq.com> +Date: Fri Nov 26 09:03:10 2021 +0000 + + !24 synchronize some patches + From: @haochenstar + Reviewed-by: @wangxp006 + Signed-off-by: @wangxp006 + +commit c88f146dc190c1e9cafb561f3ffee41a8c7a425e +Author: haochenstar +Date: Fri Nov 26 14:10:50 2021 +0800 + + synchronize some patches + +commit 185068f3ceba952b99f1242b5b08842e1e2cf4c6 (origin/openEuler-21.09) +Merge: 418dca8 d5c02e8 +Author: openeuler-ci-bot <80474298@qq.com> +Date: Tue Aug 3 08:59:02 2021 +0000 + + !23 iptables delete -S git from %autosetup, and delete BuildRequires git + From: @chenyanpanHW + Reviewed-by: @zengwefeng + Signed-off-by: @zengwefeng + +commit d5c02e81fe315f230d6b75dcb54c13c17f9e572c +Author: chenyanpanHW +Date: Mon Aug 2 11:24:11 2021 +0800 + + delete -S git from %autosetup, and delete BuildRequires git + +commit 418dca8a844f12f50db450353f89fc0fdab3d6da +Merge: abfd66e 88f3bb9 +Author: openeuler-ci-bot <80474298@qq.com> +Date: Mon Aug 2 02:17:01 2021 +0000 + + !22 回退 'Pull Request !21 : iptables delete -S git from %autosetup, and delete BuildRequires git' + From: @zengwefeng + Reviewed-by: @wangxp006 + Signed-off-by: @wangxp006 + +commit 88f3bb9b9ac75032c648f44c3f3be41baf00747b (origin/revert-merge-21-master) +Author: keep-sun +Date: Mon Aug 2 01:54:02 2021 +0000 + + 回退 'Pull Request !21 : iptables delete -S git from %autosetup, and delete BuildRequires git' + +commit abfd66efd035aa75db252cec0e5156a3950de53e +Merge: 044866e 222b084 +Author: openeuler-ci-bot <80474298@qq.com> +Date: Mon Aug 2 01:50:15 2021 +0000 + + !21 iptables delete -S git from %autosetup, and delete BuildRequires git + From: @chenyanpanHW + Reviewed-by: @zengwefeng + Signed-off-by: @zengwefeng + +commit 222b084797a55471100ebc5873f58a5547ebceeb +Author: chenyanpanHW +Date: Fri Jul 30 22:54:18 2021 +0800 + + delete -S git from %autosetup, and delete BuildRequires git + +commit 044866eafb2be6f0e046334ca0626004ed3a2847 +Merge: 0915424 082120c +Author: openeuler-ci-bot <80474298@qq.com> +Date: Mon Jul 26 01:26:36 2021 +0000 + + !20 update to 1.8.7 + From: @eaglegai + Reviewed-by: @zengwefeng + Signed-off-by: @zengwefeng + +commit 082120c90d64dc6b8138cfa7eb9582fbe32235bf +Author: eaglegai +Date: Fri Jul 23 11:35:01 2021 +0800 + + update to 1.8.7 + +commit 0915424f8c34b62abead9c2b76e866d54708c71f (tag: openEuler-21.03-20210330, tag: openEuler-20.09-20200929, origin/openEuler-21.03) +Merge: c88d7df c83c176 +Author: openeuler-ci-bot <80474298@qq.com> +Date: Sat Jul 25 17:54:19 2020 +0800 + + !15 update 1.8.5 + Merge pull request !15 from hanzj0122/master + +commit c83c1768c506fdb034a687492cd948b6b2f78691 +Author: hanzj0122_admin <961123325@gmail.com> +Date: Sat Jul 25 10:50:57 2020 +0800 + + update to 1.8.5 + +commit c88d7df7418e8cf254372fc945d9043cc79f9be8 +Merge: 450380b 46989e5 +Author: openeuler-ci-bot <80474298@qq.com> +Date: Thu Jul 2 22:54:36 2020 +0800 + + !14 add yaml file + Merge pull request !14 from yixiangzhike/master + +commit 46989e5b8caebe5c9dfc61657912df1afe7383e7 +Author: yixiangzhike +Date: Sat Jun 13 13:10:06 2020 +0800 + + add yaml file + +commit 450380b2a71a617869de338bb6e3b167a042ecf3 +Merge: 82f68d5 8f794e0 +Author: openeuler-ci-bot <80474298@qq.com> +Date: Thu Apr 16 11:40:56 2020 +0800 + + !10 fix CVE-2019-11360 + Merge pull request !10 from Vchanger/master + +commit 8f794e06640a4e9597492717c354ff9c0cabce53 +Author: Vchanger +Date: Thu Apr 16 11:08:21 2020 +0800 + + iptables: fix CVE-2019-11360 + +commit 82f68d5a8ead8649680c2501faed24c4f7291305 (tag: openEuler-20.03-LTS-tag, origin/openEuler1.0-base, origin/openEuler1.0) +Merge: 2649c95 2994d25 +Author: openeuler-ci-bot <80474298@qq.com> +Date: Sat Jan 18 14:27:32 2020 +0800 + + !9 增加iptable.init的可执行权限 + Merge pull request !9 from zhouxudong8/zhouxudong + +commit 2994d251b403f94e72d71ae9378d92b2d66e1c48 +Author: z00507040 +Date: Sat Jan 18 12:44:36 2020 +0800 + + initfile + +commit 2649c952f6ec426070eeb5f0aa4604d5ddd81480 +Merge: d4807c7 0a80329 +Author: openeuler-ci-bot <80474298@qq.com> +Date: Wed Jan 15 04:59:43 2020 +0800 + + !8 optimization the spec + Merge pull request !8 from yaqwer/test_ci + +commit 0a803294c9ed7d0a4157da1923b815f60e1ca816 +Author: yaqwer <980830296@qq.com> +Date: Wed Jan 15 04:40:14 2020 +0800 + + optimization the patch + +commit d4807c7c0adc68fa2c6615c3b5b9c3936707e949 +Merge: 39708db 850eff5 +Author: openeuler-ci-bot <80474298@qq.com> +Date: Sun Jan 12 15:32:33 2020 +0800 + + !7 optimization the spec + Merge pull request !7 from yanan-rock/aa + +commit 850eff58f6a514d1238a479275886c075c19909f +Author: yanan +Date: Sun Jan 12 13:46:38 2020 +0800 + + optimization the spec + +commit 39708db643bffd9f9470f7145bb3e9bee01ed46c +Merge: a9b3582 9e25cff +Author: openeuler-ci-bot <80474298@qq.com> +Date: Sat Jan 11 20:47:33 2020 +0800 + + !5 update1.8.1 + Merge pull request !5 from zhouxudong8/zxd + +commit 9e25cff7f5ad00de06fb2d07308a9a7d6d9112d1 +Author: z00507040 +Date: Fri Jan 10 11:19:03 2020 +0800 + + update-1.8.1 + +commit a9b3582ca5c0c9d936228e1a42b1b0e997630c3d +Author: dogsheng <960055655@qq.com> +Date: Sat Dec 14 14:35:33 2019 +0800 + + Package init + +commit 0ebac682f45e69ea7fb5532850deb14b14ec5157 +Author: dogsheng <960055655@qq.com> +Date: Fri Dec 13 15:29:19 2019 +0800 + + Package init + +commit 0fc2966087282671394788aebf1c3e3a45e311b6 +Author: overweight <5324761+overweight@user.noreply.gitee.com> +Date: Mon Sep 30 10:53:23 2019 -0400 + + Package init diff --git a/bugfix-add-check-fw-in-entry.patch b/bugfix-add-check-fw-in-entry.patch deleted file mode 100644 index e2ca050..0000000 --- a/bugfix-add-check-fw-in-entry.patch +++ /dev/null @@ -1,135 +0,0 @@ -From cbc3a30711701f0e8d7f5df14f84adfb2c9fec1f Mon Sep 17 00:00:00 2001 -From: majun -Date: Fri, 16 Apr 2021 14:52:42 +0800 -Subject: [PATCH] - -iptables: add null check for fw in X_entry -If the fw pointer is empty, a core dump occurs. - ---- - iptables/ip6tables.c | 21 +++++++++++++++++++++ - iptables/iptables.c | 20 ++++++++++++++++++++ - 2 files changed, 41 insertions(+) - -diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c -index 576c2cf..db79906 100644 ---- a/iptables/ip6tables.c -+++ b/iptables/ip6tables.c -@@ -557,6 +557,10 @@ append_entry(const xt_chainlabel chain, - unsigned int i, j; - int ret = 1; - -+ if (!fw) { -+ return 0; -+ } -+ - for (i = 0; i < nsaddrs; i++) { - fw->ipv6.src = saddrs[i]; - fw->ipv6.smsk = smasks[i]; -@@ -581,6 +585,11 @@ replace_entry(const xt_chainlabel chain, - int verbose, - struct xtc_handle *handle) - { -+ -+ if (!fw) { -+ return 0; -+ } -+ - fw->ipv6.src = *saddr; - fw->ipv6.dst = *daddr; - fw->ipv6.smsk = *smask; -@@ -607,6 +616,10 @@ insert_entry(const xt_chainlabel chain, - unsigned int i, j; - int ret = 1; - -+ if (!fw) { -+ return 0; -+ } -+ - for (i = 0; i < nsaddrs; i++) { - fw->ipv6.src = saddrs[i]; - fw->ipv6.smsk = smasks[i]; -@@ -674,6 +687,10 @@ delete_entry(const xt_chainlabel chain, - int ret = 1; - unsigned char *mask; - -+ if (!fw) { -+ return 0; -+ } -+ - mask = make_delete_mask(matches, target); - for (i = 0; i < nsaddrs; i++) { - fw->ipv6.src = saddrs[i]; -@@ -704,6 +721,10 @@ check_entry(const xt_chainlabel chain, struct ip6t_entry *fw, - int ret = 1; - unsigned char *mask; - -+ if (!fw) { -+ return 0; -+ } -+ - mask = make_delete_mask(matches, target); - for (i = 0; i < nsaddrs; i++) { - fw->ipv6.src = saddrs[i]; -diff --git a/iptables/iptables.c b/iptables/iptables.c -index 88ef6cf..6507603 100644 ---- a/iptables/iptables.c -+++ b/iptables/iptables.c -@@ -549,6 +549,10 @@ append_entry(const xt_chainlabel chain, - unsigned int i, j; - int ret = 1; - -+ if (!fw) { -+ return 0; -+ } -+ - for (i = 0; i < nsaddrs; i++) { - fw->ip.src.s_addr = saddrs[i].s_addr; - fw->ip.smsk.s_addr = smasks[i].s_addr; -@@ -573,6 +577,10 @@ replace_entry(const xt_chainlabel chain, - int verbose, - struct xtc_handle *handle) - { -+ if (!fw) { -+ return 0; -+ } -+ - fw->ip.src.s_addr = saddr->s_addr; - fw->ip.dst.s_addr = daddr->s_addr; - fw->ip.smsk.s_addr = smask->s_addr; -@@ -599,6 +607,10 @@ insert_entry(const xt_chainlabel chain, - unsigned int i, j; - int ret = 1; - -+ if (!fw) { -+ return 0; -+ } -+ - for (i = 0; i < nsaddrs; i++) { - fw->ip.src.s_addr = saddrs[i].s_addr; - fw->ip.smsk.s_addr = smasks[i].s_addr; -@@ -666,6 +678,10 @@ delete_entry(const xt_chainlabel chain, - int ret = 1; - unsigned char *mask; - -+ if (!fw) { -+ return 0; -+ } -+ - mask = make_delete_mask(matches, target); - for (i = 0; i < nsaddrs; i++) { - fw->ip.src.s_addr = saddrs[i].s_addr; -@@ -696,6 +712,10 @@ check_entry(const xt_chainlabel chain, struct ipt_entry *fw, - int ret = 1; - unsigned char *mask; - -+ if (!fw) { -+ return 0; -+ } -+ - mask = make_delete_mask(matches, target); - for (i = 0; i < nsaddrs; i++) { - fw->ip.src.s_addr = saddrs[i].s_addr; --- -2.27.0 - diff --git a/enabled-makecheck-in-extensions.patch b/enabled-makecheck-in-extensions.patch index aad4e81..2a351c7 100644 --- a/enabled-makecheck-in-extensions.patch +++ b/enabled-makecheck-in-extensions.patch @@ -9,15 +9,15 @@ Signed-off-by: huangyu 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/extensions/GNUmakefile.in b/extensions/GNUmakefile.in -index 956ccb3..70515c4 100644 +index e289adf..7052ecc 100644 --- a/extensions/GNUmakefile.in +++ b/extensions/GNUmakefile.in @@ -79,7 +79,7 @@ targets_install := .SECONDARY: --.PHONY: all install uninstall clean distclean FORCE -+.PHONY: all install uninstall check clean distclean FORCE +-.PHONY: all install uninstall clean distclean FORCE dvi check installcheck ++.PHONY: all install uninstall check clean distclean FORCE dvi check installcheck all: ${targets} @@ -28,8 +28,8 @@ index 956ccb3..70515c4 100644 +check: + clean: - rm -f *.o *.oo *.so *.a {matches,targets}.man initext.c initext4.c initext6.c initextb.c initexta.c; - rm -f .*.d .*.dd; + rm -f *.o *.oo *.so *.a matches.man targets.man + rm -f initext.c initext4.c initext6.c initextb.c initexta.c -- 2.23.0 diff --git a/iptables.spec b/iptables.spec index 19dcec7..64ad119 100644 --- a/iptables.spec +++ b/iptables.spec @@ -2,7 +2,7 @@ %global legacy_actions %{_libexecdir}/initscripts/legacy-actions Name: iptables Version: 1.8.9 -Release: 1 +Release: 2 Summary: IP packet filter administration utilities License: GPLv2 and Artistic Licence 2.0 and ISC URL: https://www.netfilter.org/ @@ -13,7 +13,8 @@ Source3: iptables.service Source4: sysconfig_iptables Source5: sysconfig_ip6tables -Patch01: 0001-extensions-NAT-Fix-for-Werror-format-security.patch +Patch0: 0001-extensions-NAT-Fix-for-Werror-format-security.patch +Patch1: enabled-makecheck-in-extensions.patch BuildRequires: bison flex gcc kernel-headers libpcap-devel libselinux-devel systemd BuildRequires: libmnl-devel libnetfilter_conntrack-devel libnfnetlink-devel libnftnl-devel @@ -78,6 +79,9 @@ rm -f include/linux/types.h %make_build +%check +make check + %install %make_install @@ -327,6 +331,13 @@ fi %{_datadir}/xtables/iptables.xslt %changelog +* Wed Feb 15 2023 zhanghao - 1.8.9-2 +- Type:requirement +- ID:NA +- SUG:NA +- DESC:fix one patch from 1.8.7 and delete useless Patches + enabled-makecheck-in-extensions.patch + * Wed Feb 08 2023 zhanghao - 1.8.9-1 - Type:requirement - ID:NA -- Gitee