!5 update conntrack-tools version to LTS branch's version (1.4.6)

Merge pull request !5 from eaglegai/master
2020-07-29 16:32:53 +08:00 · 2020-07-29 16:32:53 +08:00 · 226525785b
commit 226525785b
parent 10992a94b6 ac1ee9668d
7 changed files with 16 additions and 169 deletions
--- a/README.en.md
+++ b/README.en.md
@ -1,36 +0,0 @@
 # conntrack-tools
 #### Description
 {**When you're done, you can delete the content in this README and update the file with details for others getting started with your repository**}
 #### Software Architecture
 Software architecture description
 #### Installation
 1.  xxxx
 2.  xxxx
 3.  xxxx
 #### Instructions
 1.  xxxx
 2.  xxxx
 3.  xxxx
 #### Contribution
 1.  Fork the repository
 2.  Create Feat_xxx branch
 3.  Commit your code
 4.  Create Pull Request
 #### Gitee Feature
 1.  You can use Readme\_XXX.md to support different languages, such as Readme\_en.md, Readme\_zh.md
 2.  Gitee blog [blog.gitee.com](https://blog.gitee.com)
 3.  Explore open source project [https://gitee.com/explore](https://gitee.com/explore)
 4.  The most valuable open source project [GVP](https://gitee.com/gvp)
 5.  The manual of Gitee [https://gitee.com/help](https://gitee.com/help)
 6.  The most popular members  [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/)
--- a/README.md
+++ b/README.md
@ -1,39 +0,0 @@
 # conntrack-tools
 #### 介绍
 {**以下是码云平台说明，您可以替换此简介**
 码云是 OSCHINA 推出的基于 Git 的代码托管平台（同时支持 SVN）。专为开发者提供稳定、高效、安全的云端软件开发协作平台
 无论是个人、团队、或是企业，都能够用码云实现代码托管、项目管理、协作开发。企业项目请看 [https://gitee.com/enterprises](https://gitee.com/enterprises)}
 #### 软件架构
 软件架构说明
 #### 安装教程
 1.  xxxx
 2.  xxxx
 3.  xxxx
 #### 使用说明
 1.  xxxx
 2.  xxxx
 3.  xxxx
 #### 参与贡献
 1.  Fork 本仓库
 2.  新建 Feat_xxx 分支
 3.  提交代码
 4.  新建 Pull Request
 #### 码云特技
 1.  使用 Readme\_XXX.md 来支持不同的语言，例如 Readme\_en.md, Readme\_zh.md
 2.  码云官方博客 [blog.gitee.com](https://blog.gitee.com)
 3.  你可以 [https://gitee.com/explore](https://gitee.com/explore) 这个地址来了解码云上的优秀开源项目
 4.  [GVP](https://gitee.com/gvp) 全称是码云最有价值开源项目，是码云综合评定出的优秀开源项目
 5.  码云官方提供的使用手册 [https://gitee.com/help](https://gitee.com/help)
 6.  码云封面人物是一档用来展示码云会员风采的栏目 [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/)
--- a/conntrack-tools-1.4.4-free-pktb-after-use.patch
+++ b/conntrack-tools-1.4.4-free-pktb-after-use.patch
@ -1,29 +0,0 @@
 From 832166dc4780e259424ebab07b42ecf42cde6fe3 Mon Sep 17 00:00:00 2001
 From: Kevin Cernekee <cernekee@chromium.org>
 Date: Fri, 27 Jan 2017 12:38:46 -0800
 Subject: conntrackd: cthelper: Free pktb after use
 According to valgrind, this currently leaks ~512B to 2kB for each
 packet sent to the userspace helper.
 Signed-off-by: Kevin Cernekee <cernekee@chromium.org>
 Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 ---
 src/cthelper.c | 1 +
 1 file changed, 1 insertion(+)
 diff --git a/src/cthelper.c b/src/cthelper.c
 index 54eb830..f01c509 100644
 --- a/src/cthelper.c
 +++ b/src/cthelper.c
@@ -325,6 +325,7 @@ static int nfq_queue_cb(const struct nlmsghdr *nlh, void *data)
 	if (pkt_verdict_issue(helper, myct, queue_num, id, verdict, pktb) < 0)
 		goto err4;
 +	pktb_free(pktb);
 	nfct_destroy(ct);
 	if (myct->exp != NULL)
 		nfexp_destroy(myct->exp);
 -- 
 cgit v0.12
--- a/conntrack-tools-1.4.4-nat_tuple-leak.patch
+++ b/conntrack-tools-1.4.4-nat_tuple-leak.patch
@ -1,57 +0,0 @@
 From 1ba5e76a368aeb9fe17d3b691df4faa0dadc4523 Mon Sep 17 00:00:00 2001
 From: Kevin Cernekee <cernekee@chromium.org>
 Date: Thu, 26 Jan 2017 16:44:24 -0800
 Subject: conntrackd: cthelper: Don't leak nat_tuple
 nfexp_set_attr() copies |nat_tuple| rather than taking ownership, so
 it should be freed at the end of the loop.  Some of the other helpers
 (like rpc.c) do this, but it is missing here.
 Reported-by: Eric Caruso <ejcaruso@chromium.org>
 Signed-off-by: Kevin Cernekee <cernekee@chromium.org>
 Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 ---
 src/helpers/amanda.c | 1 +
 src/helpers/ftp.c    | 1 +
 src/helpers/tftp.c   | 1 +
 3 files changed, 3 insertions(+)
 diff --git a/src/helpers/amanda.c b/src/helpers/amanda.c
 index 9e6c4e7..faee1cd 100644
 --- a/src/helpers/amanda.c
 +++ b/src/helpers/amanda.c
@@ -75,6 +75,7 @@ static int nat_amanda(struct pkt_buff *pkt, uint32_t ctinfo,
 			break;
 		}
 	}
 +	nfct_destroy(nat_tuple);
 	if (port == 0) {
 		pr_debug("all ports in use\n");
 diff --git a/src/helpers/ftp.c b/src/helpers/ftp.c
 index 27ab5eb..c3aa284 100644
 --- a/src/helpers/ftp.c
 +++ b/src/helpers/ftp.c
@@ -423,6 +423,7 @@ static unsigned int nf_nat_ftp(struct pkt_buff *pkt,
 			break;
 		}
 	}
 +	nfct_destroy(nat_tuple);
 	if (port == 0)
 		return NF_DROP;
 diff --git a/src/helpers/tftp.c b/src/helpers/tftp.c
 index 45591c6..70dd28a 100644
 --- a/src/helpers/tftp.c
 +++ b/src/helpers/tftp.c
@@ -65,6 +65,7 @@ static unsigned int nat_tftp(struct pkt_buff *pkt, uint32_t ctinfo,
 	nfexp_set_attr_u32(exp, ATTR_EXP_NAT_DIR, MYCT_DIR_REPL);
 	nfexp_set_attr(exp, ATTR_EXP_FN, "nat-follow-master");
 	nfexp_set_attr(exp, ATTR_EXP_NAT_TUPLE, nat_tuple);
 +	nfct_destroy(nat_tuple);
 	return NF_ACCEPT;
 }
 -- 
 cgit v0.12
--- a/conntrack-tools-1.4.4.tar.bz2
+++ b/conntrack-tools-1.4.4.tar.bz2
--- a/conntrack-tools-1.4.6.tar.bz2
+++ b/conntrack-tools-1.4.6.tar.bz2
--- a/conntrack-tools.spec
+++ b/conntrack-tools.spec
@ -1,17 +1,15 @@
 Name:             conntrack-tools
-Version:          1.4.4
+Version:          1.4.6
-Release:          9
+Release:          1
 Summary:          Userspace tools for interacting with the Connection Tracking System
 License:          GPLv2
 URL:              http://conntrack-tools.netfilter.org/
-Source0:          http://netfilter.org/projects/conntrack-tools/files/conntrack-tools-%{version}.tar.bz2
+Source0:          http://netfilter.org/projects/conntrack-tools/files/%{name}-%{version}.tar.bz2
 Source1:          conntrackd.service
 Source2:          conntrackd.conf
-Patch0001:        conntrack-tools-1.4.4-nat_tuple-leak.patch
+BuildRequires:    libnfnetlink-devel >= 1.0.1 libnetfilter_conntrack-devel >= 1.0.8 libtirpc-devel
 Patch0002:        conntrack-tools-1.4.4-free-pktb-after-use.patch
 BuildRequires:    libnfnetlink-devel >= 1.0.1 libnetfilter_conntrack-devel >= 1.0.6 libtirpc-devel
 BuildRequires:    libnetfilter_cttimeout-devel >= 1.0.0 libnetfilter_cthelper-devel >= 1.0.0 systemd
-BuildRequires:    libmnl-devel >= 1.0.3 libnetfilter_queue-devel >= 1.0.2 pkgconfig bison flex
+BuildRequires:    libmnl-devel >= 1.0.3 libnetfilter_queue-devel >= 1.0.2 pkgconfig bison flex systemd-devel
 Provides:         conntrack = 1.0-1
 Obsoletes:        conntrack < 1.0-1
 Requires(post):   systemd
@ -36,7 +34,11 @@ This package contains man manual for conntrack-tools.
 %autosetup -n conntrack-tools-%{version} -p1
 %build
-%configure CPPFLAGS=-I/usr/include/tirpc LIBS=-ltirpc
+%configure --disable-static --enable-systemd
 sed -i "s/DEFAULT_INCLUDES = -I./DEFAULT_INCLUDES = -I. -I\/usr\/include\/tirpc/" src/helpers/Makefile
 CFLAGS="${CFLAGS} -Wl,-z,lazy"
 CXXFLAGS="${CXXFLAGS} -Wl,-z,lazy"
 %make_build
 rm -f doc/sync/notrack/conntrackd.conf.orig doc/sync/alarm/conntrackd.conf.orig doc/helper/conntrackd.conf.orig
 chmod 644 doc/sync/primary-backup.sh
@ -72,5 +74,11 @@ install -m644   %{SOURCE2} %{buildroot}%{_sysconfdir}/conntrackd/
 %{_mandir}/man8/*
 %changelog
 * Sat Jul 25 2020 gaihuiying <gaihuiying1@huawei.com> - 1.4.6-1
 - Type:requirement
 - ID:NA
 - SUG:NA
 - DESC:update conntrack-tools version to 1.4.6
 * Tue Dec 31 2019 Tianfei <tianfei16@huawei.com> - 1.4.4-9
 - Package init