summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'net-firewall')
-rw-r--r--net-firewall/iptables/files/iptables-1.8.8-musl-headers.patch59
-rw-r--r--net-firewall/iptables/files/iptables-1.8.8-out-of-tree-build.patch26
-rw-r--r--net-firewall/iptables/iptables-1.8.8-r2.ebuild2
3 files changed, 87 insertions, 0 deletions
diff --git a/net-firewall/iptables/files/iptables-1.8.8-musl-headers.patch b/net-firewall/iptables/files/iptables-1.8.8-musl-headers.patch
new file mode 100644
index 000000000000..52e2c7019972
--- /dev/null
+++ b/net-firewall/iptables/files/iptables-1.8.8-musl-headers.patch
@@ -0,0 +1,59 @@
+https://git.netfilter.org/iptables/commit/?id=0e7cf0ad306cdf95dc3c28d15a254532206a888e
+https://bugs.gentoo.org/846377
+
+From: Phil Sutter <phil@nwl.cc>
+Date: Wed, 18 May 2022 16:04:09 +0200
+Subject: Revert "fix build for missing ETH_ALEN definition"
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This reverts commit c5d9a723b5159a28f547b577711787295a14fd84 as it broke
+compiling against musl libc. Might be a bug in the latter, but for the
+time being try to please both by avoiding the include and instead
+defining ETH_ALEN if unset.
+
+While being at it, move netinet/ether.h include up.
+
+Fixes: 1bdb5535f561a ("libxtables: Extend MAC address printing/parsing support")
+Signed-off-by: Phil Sutter <phil@nwl.cc>
+Reviewed-by: Maciej Żenczykowski <maze@google.com>
+--- a/libxtables/xtables.c
++++ b/libxtables/xtables.c
+@@ -28,6 +28,7 @@
+ #include <stdlib.h>
+ #include <string.h>
+ #include <unistd.h>
++#include <netinet/ether.h>
+ #include <sys/socket.h>
+ #include <sys/stat.h>
+ #include <sys/statfs.h>
+@@ -45,7 +46,6 @@
+
+ #include <xtables.h>
+ #include <limits.h> /* INT_MAX in ip_tables.h/ip6_tables.h */
+-#include <linux/if_ether.h> /* ETH_ALEN */
+ #include <linux/netfilter_ipv4/ip_tables.h>
+ #include <linux/netfilter_ipv6/ip6_tables.h>
+ #include <libiptc/libxtc.h>
+@@ -72,6 +72,10 @@
+ #define PROC_SYS_MODPROBE "/proc/sys/kernel/modprobe"
+ #endif
+
++#ifndef ETH_ALEN
++#define ETH_ALEN 6
++#endif
++
+ /* we need this for ip6?tables-restore. ip6?tables-restore.c sets line to the
+ * current line of the input file, in order to give a more precise error
+ * message. ip6?tables itself doesn't need this, so it is initialized to the
+@@ -2245,8 +2249,6 @@ void xtables_print_num(uint64_t number, unsigned int format)
+ printf(FMT("%4lluT ","%lluT "), (unsigned long long)number);
+ }
+
+-#include <netinet/ether.h>
+-
+ static const unsigned char mac_type_unicast[ETH_ALEN] = {};
+ static const unsigned char msk_type_unicast[ETH_ALEN] = {1};
+ static const unsigned char mac_type_multicast[ETH_ALEN] = {1};
+cgit v1.2.3
diff --git a/net-firewall/iptables/files/iptables-1.8.8-out-of-tree-build.patch b/net-firewall/iptables/files/iptables-1.8.8-out-of-tree-build.patch
new file mode 100644
index 000000000000..ee9e218b5dbd
--- /dev/null
+++ b/net-firewall/iptables/files/iptables-1.8.8-out-of-tree-build.patch
@@ -0,0 +1,26 @@
+https://git.netfilter.org/iptables/commit/?id=0ebf52fc951b2a4d98a166afb34af4f364bbeece
+
+From: Ben Brown <ben@demerara.io>
+Date: Wed, 25 May 2022 16:26:13 +0100
+Subject: build: Fix error during out of tree build
+
+Fixes the following error:
+
+ ../../libxtables/xtables.c:52:10: fatal error: libiptc/linux_list.h: No such file or directory
+ 52 | #include <libiptc/linux_list.h>
+
+Fixes: f58b0d7406451 ("libxtables: Implement notargets hash table")
+Signed-off-by: Ben Brown <ben@demerara.io>
+Signed-off-by: Phil Sutter <phil@nwl.cc>
+--- a/libxtables/Makefile.am
++++ b/libxtables/Makefile.am
+@@ -1,7 +1,7 @@
+ # -*- Makefile -*-
+
+ AM_CFLAGS = ${regular_CFLAGS}
+-AM_CPPFLAGS = ${regular_CPPFLAGS} -I${top_builddir}/include -I${top_srcdir}/include -I${top_srcdir}/iptables ${kinclude_CPPFLAGS}
++AM_CPPFLAGS = ${regular_CPPFLAGS} -I${top_builddir}/include -I${top_srcdir}/include -I${top_srcdir}/iptables -I${top_srcdir} ${kinclude_CPPFLAGS}
+
+ lib_LTLIBRARIES = libxtables.la
+ libxtables_la_SOURCES = xtables.c xtoptions.c getethertype.c
+cgit v1.2.3
diff --git a/net-firewall/iptables/iptables-1.8.8-r2.ebuild b/net-firewall/iptables/iptables-1.8.8-r2.ebuild
index 03c908c9d9b1..c4fcdc0fb260 100644
--- a/net-firewall/iptables/iptables-1.8.8-r2.ebuild
+++ b/net-firewall/iptables/iptables-1.8.8-r2.ebuild
@@ -52,6 +52,8 @@ PATCHES=(
"${FILESDIR}/${P}-format-security.patch"
"${FILESDIR}/${P}-uint-musl.patch"
+ "${FILESDIR}/${P}-musl-headers.patch"
+ "${FILESDIR}/${P}-out-of-tree-build.patch"
)
src_prepare() {