nftables: update to 1.0.5

Remove upstreamed patch:
- 0001-meta-don-t-use-non-POSIX-formats-in-strptime.patch

Changes:
13248670 build: Bump version to 1.0.5
3432eebd tests/py: disable arp family for queue statement
180ce4d7 meta: don't use non-POSIX formats in strptime()
c1c223f1 src: allow anon set concatenation with ether and vlan
87c3041b evaluate: search stacked header list for matching payload dep
b1e3ed03 netlink_delinearize: also postprocess OP_AND in set element context
f680055c tests: add a test case for ether and vlan listing
dbd5f348 debug: dump the l2 protocol stack
0d9daa04 proto: track full stack of seen l2 protocols, not just cumulative offset
89688c94 netlink_delinearize: postprocess binary ands in concatenations
0542a431 netlink_delinearize: allow postprocessing on concatenated elements
8efab552 parser_json: fix device parsing in netdev family
76fae8f5 src: proto: support DF, LE PHB, VA for DSCP
446e76db doc: Document limitations of ipsec expression with xfrm_interface
a2ddb38f cache: report an error message if cache initialization fails
649b8ce3 cache: validate handle string length
64c74ba5 cache: prepare nft_cache_evaluate() to return error
46980cdd rule: crash when uncollapsing command with unexisting table or set
8a6cdfaf cache: release pending rules when chain binding lookup fails
e17337df evaluate: report missing interval flag when using prefix/range in concatenation
45c097c6 scanner: allow prefix in ip6 scope
6c23bfa5 segtree: fix map listing with interface wildcard
8623772a scanner: don't pop active flex scanner scope
994bf500 parser: add missing synproxy scope closure
ed2426bc tests/py: Add a test for failing ipsec after counter
27107b49 evaluate: fix segfault when adding elements to invalid set
0f82b07f mnl: store netlink error location for set elements
15b3be2e src: remove NFT_NLATTR_LOC_MAX limit for netlink location error reporting
f56e901a parser_bison: fix error location for set elements
6d1ee926 intervals: check for EXPR_F_REMOVE in case of element mismatch
5357cb7b intervals: fix crash when trying to remove element in empty set
d54510f8 netlink_delinearize: memleak when parsing concatenation data
12a223ce libnftables: release top level scope
b91bbf88 optimize: limit statement is not supported yet
45a61a75 optimize: assume verdict is same when rules have no verdict
fa409176 optimize: only merge OP_IMPLICIT and OP_EQ relational
29e62111 tests: shell: run -c -o on ruleset
887405df optimize: add unsupported statement
8f61a69e optimize: add hash expression support
ca8fd77a optimize: add numgen expression support
721efd64 optimize: add binop expression support
f7e901a2 optimize: add fib expression support
54b1e49f optimize: add xfrm expression support
0beaea37 optimize: add osf expression support
d07fe8e8 optimize: fix verdict map merging
38d48fe5 optimize: fix reject statement
f9939f89 optimize: remove comment after merging
8f10f33a optimize: do not print stateful information
3ac932e9 optimize: do not merge rules with set reference in rhs
64ebb03a optimize: do not compare relational expression rhs when collecting statements
59e3a592 intervals: Do not sort cached set elements over and over again
d434de8b intervals: do not empty cache for maps
87ba510f intervals: do not report exact overlaps for new elements
498a5f0c rule: collapse set element commands
8fafe4e6 tests: shell: runtime set element automerge
638af0ce Revert "scanner: flags: move to own scope"

Signed-off-by: Nick Hainke <vincent@systemli.org>
This commit is contained in:
Nick Hainke 2022-08-13 22:41:54 +02:00 committed by Hauke Mehrtens
parent ce28f303e8
commit 36bec544d7
2 changed files with 3 additions and 52 deletions

View File

@ -6,12 +6,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=nftables
PKG_VERSION:=1.0.4
PKG_RELEASE:=2
PKG_VERSION:=1.0.5
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://netfilter.org/projects/$(PKG_NAME)/files
PKG_HASH:=927fb1fea1f685a328c10cf791eb655d7e1ed49d310eea5cb3101dfd8d6cba35
PKG_HASH:=8d1b4b18393af43698d10baa25d2b9b6397969beecac7816c35dd0714e4de50a
PKG_MAINTAINER:=
PKG_LICENSE:=GPL-2.0

View File

@ -1,49 +0,0 @@
From 1af8aabccd65e11caa397c4706353075f623cd01 Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jo@mein.io>
Date: Mon, 8 Aug 2022 23:57:03 +0200
Subject: [PATCH] meta: don't use non-POSIX formats in strptime()
The current strptime() invocations in meta.c use the `%F` format which
is not specified by POSIX and thus unimplemented by some libc flavors
such as musl libc.
Replace all occurrences of `%F` with an equivalent `%Y-%m-%d` format
in order to be able to properly parse user supplied dates in such
environments.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
---
src/meta.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/meta.c b/src/meta.c
index 80ace25b..257bbc9f 100644
--- a/src/meta.c
+++ b/src/meta.c
@@ -399,7 +399,7 @@ static void date_type_print(const struct expr *expr, struct output_ctx *octx)
tstamp += cur_tm->tm_gmtoff;
if ((tm = gmtime((time_t *) &tstamp)) != NULL &&
- strftime(timestr, sizeof(timestr) - 1, "%F %T", tm))
+ strftime(timestr, sizeof(timestr) - 1, "%Y-%m-%d %T", tm))
nft_print(octx, "\"%s\"", timestr);
else
nft_print(octx, "Error converting timestamp to printed time");
@@ -412,11 +412,11 @@ static bool parse_iso_date(uint64_t *tstamp, const char *sym)
memset(&tm, 0, sizeof(struct tm));
- if (strptime(sym, "%F %T", &tm))
+ if (strptime(sym, "%Y-%m-%d %T", &tm))
goto success;
- if (strptime(sym, "%F %R", &tm))
+ if (strptime(sym, "%Y-%m-%d %R", &tm))
goto success;
- if (strptime(sym, "%F", &tm))
+ if (strptime(sym, "%Y-%m-%d", &tm))
goto success;
return false;
--
2.35.1