summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'net-firewall/nftables')
-rw-r--r--net-firewall/nftables/files/nftables-1.0.2-build-explicitly-pass-version-script-to-linker.patch27
-rw-r--r--net-firewall/nftables/files/nftables-1.0.2-compilation.patch2
-rw-r--r--net-firewall/nftables/files/nftables-1.0.2-libnftables.map-export-new-nft_ctx_-get-set-_optimiz.patch31
-rw-r--r--net-firewall/nftables/nftables-1.0.2-r1.ebuild (renamed from net-firewall/nftables/nftables-1.0.2.ebuild)2
4 files changed, 62 insertions, 0 deletions
diff --git a/net-firewall/nftables/files/nftables-1.0.2-build-explicitly-pass-version-script-to-linker.patch b/net-firewall/nftables/files/nftables-1.0.2-build-explicitly-pass-version-script-to-linker.patch
new file mode 100644
index 000000000000..41c3de5bc83b
--- /dev/null
+++ b/net-firewall/nftables/files/nftables-1.0.2-build-explicitly-pass-version-script-to-linker.patch
@@ -0,0 +1,27 @@
+https://git.netfilter.org/nftables/commit/src?id=1d507ce7f1d3c12481ee24bd1dcac2fc1984ee9f
+
+From: Sam James <sam@gentoo.org>
+Date: Thu, 24 Feb 2022 19:45:43 +0000
+Subject: build: explicitly pass --version-script to linker
+
+--version-script is a linker option, so let's use -Wl, so that
+libtool handles it properly. It seems like the previous method gets silently
+ignored with GNU libtool in some cases(?) and downstream in Gentoo,
+we had to apply this change to make the build work with slibtool anyway.
+
+But it's indeed correct in any case, so let's swap.
+
+Signed-off-by: Sam James <sam@gentoo.org>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -91,7 +91,7 @@ libparser_la_CFLAGS = ${AM_CFLAGS} \
+
+ libnftables_la_LIBADD = ${LIBMNL_LIBS} ${LIBNFTNL_LIBS} libparser.la
+ libnftables_la_LDFLAGS = -version-info ${libnftables_LIBVERSION} \
+- --version-script=$(srcdir)/libnftables.map
++ -Wl,--version-script=$(srcdir)/libnftables.map
+
+ if BUILD_MINIGMP
+ noinst_LTLIBRARIES += libminigmp.la
+cgit v1.2.3
diff --git a/net-firewall/nftables/files/nftables-1.0.2-compilation.patch b/net-firewall/nftables/files/nftables-1.0.2-compilation.patch
index 166063587485..96670c1d9531 100644
--- a/net-firewall/nftables/files/nftables-1.0.2-compilation.patch
+++ b/net-firewall/nftables/files/nftables-1.0.2-compilation.patch
@@ -1,3 +1,5 @@
+https://git.netfilter.org/nftables/commit/?id=18a08fb7f0443f8bde83393bd6f69e23a04246b3
+
From 18a08fb7f0443f8bde83393bd6f69e23a04246b3 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 22 Feb 2022 00:56:36 +0100
diff --git a/net-firewall/nftables/files/nftables-1.0.2-libnftables.map-export-new-nft_ctx_-get-set-_optimiz.patch b/net-firewall/nftables/files/nftables-1.0.2-libnftables.map-export-new-nft_ctx_-get-set-_optimiz.patch
new file mode 100644
index 000000000000..09841d482222
--- /dev/null
+++ b/net-firewall/nftables/files/nftables-1.0.2-libnftables.map-export-new-nft_ctx_-get-set-_optimiz.patch
@@ -0,0 +1,31 @@
+https://git.netfilter.org/nftables/commit/src?id=e98a9b83cd52c7c75bedb3dad46539b197ed17ba
+
+From: Sam James <sam@gentoo.org>
+Date: Thu, 24 Feb 2022 19:45:42 +0000
+Subject: libnftables.map: export new nft_ctx_{get,set}_optimize API
+
+[ Remove incorrect symbol names were exported via .map file ]
+
+Without this, we're not explicitly saying this is part of the
+public API.
+
+This new API was added in 1.0.2 and is used by e.g. the main
+nft binary. Noticed when fixing the version-script option
+(separate patch) which picked up this problem when .map
+was missing symbols (related to when symbol visibility
+options get set).
+
+Signed-off-by: Sam James <sam@gentoo.org>
+Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+--- a/src/libnftables.map
++++ b/src/libnftables.map
+@@ -30,6 +30,6 @@ LIBNFTABLES_2 {
+ } LIBNFTABLES_1;
+
+ LIBNFTABLES_3 {
+- nft_set_optimize;
+- nft_get_optimize;
++ nft_ctx_set_optimize;
++ nft_ctx_get_optimize;
+ } LIBNFTABLES_2;
+cgit v1.2.3
diff --git a/net-firewall/nftables/nftables-1.0.2.ebuild b/net-firewall/nftables/nftables-1.0.2-r1.ebuild
index 0bbf94f10942..8b7db17f23e8 100644
--- a/net-firewall/nftables/nftables-1.0.2.ebuild
+++ b/net-firewall/nftables/nftables-1.0.2-r1.ebuild
@@ -54,6 +54,8 @@ REQUIRED_USE="
PATCHES=(
"${FILESDIR}/nftables-1.0.2-compilation.patch"
+ "${FILESDIR}/nftables-1.0.2-build-explicitly-pass-version-script-to-linker.patch"
+ "${FILESDIR}/nftables-1.0.2-libnftables.map-export-new-nft_ctx_-get-set-_optimiz.patch"
)
pkg_setup() {