%define rpmversion 1.1.5
%define specrelease 4%{?dist}
Name: libnftnl
Version: %{rpmversion}
Release: %{specrelease}%{?buildid}
Summary: Library for low-level interaction with nftables Netlink's API over libmnl
License: GPLv2+
URL: http://netfilter.org/projects/libnftnl/
Source0: http://ftp.netfilter.org/pub/libnftnl/libnftnl-%{version}.tar.bz2
BuildRequires: autoconf
BuildRequires: automake
BuildRequires: libtool
BuildRequires: libmnl-devel
Patch0: 0001-tests-flowtable-Don-t-check-NFTNL_FLOWTABLE_SIZE.patch
Patch1: 0002-flowtable-Fix-memleak-in-error-path-of-nftnl_flowtab.patch
Patch2: 0003-chain-Fix-memleak-in-error-path-of-nftnl_chain_parse.patch
Patch3: 0004-flowtable-Correctly-check-realloc-call.patch
Patch4: 0005-chain-Correctly-check-realloc-call.patch
Patch5: 0006-include-resync-nf_tables.h-cache-copy.patch
Patch6: 0007-set-Add-support-for-NFTA_SET_DESC_CONCAT-attributes.patch
Patch7: 0008-set_elem-Introduce-support-for-NFTNL_SET_ELEM_KEY_EN.patch
Patch8: 0009-src-Fix-for-reading-garbage-in-nftnl_chain-getters.patch
%description
A library for low-level interaction with nftables Netlink's API over libmnl.
%package devel
Summary: Development files for %{name}
Requires: %{name}%{_isa} = %{version}-%{release}
%description devel
The %{name}-devel package contains libraries and header files for
developing applications that use %{name}.
%prep
%autosetup -p1
%build
# This is what autogen.sh (only in git repo) does - without it, patches changing
# Makefile.am cause the build system to regenerate Makefile.in and trying to use
# automake-1.14 for that which is not available in RHEL.
autoreconf -fi
rm -rf autom4te*.cache
%configure --disable-static --disable-silent-rules
make %{?_smp_mflags}
%check
make %{?_smp_mflags} check
%install
%make_install
find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';'
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%files
%doc COPYING
%{_libdir}/*.so.*
%files devel
%{_libdir}/libnft*.so
%{_libdir}/pkgconfig/libnftnl.pc
%{_includedir}/libnftnl
%changelog
* Wed Feb 19 2020 Phil Sutter <psutter@redhat.com> [1.1.5-4.el8]
- src: Fix for reading garbage in nftnl_chain getters (Phil Sutter) [1758673]
* Fri Feb 14 2020 Phil Sutter <psutter@redhat.com> [1.1.5-3.el8]
- set_elem: Introduce support for NFTNL_SET_ELEM_KEY_END (Phil Sutter) [1795223]
- set: Add support for NFTA_SET_DESC_CONCAT attributes (Phil Sutter) [1795223]
- include: resync nf_tables.h cache copy (Phil Sutter) [1795223]
* Fri Dec 06 2019 Phil Sutter <psutter@redhat.com> [1.1.5-2.el8]
- chain: Correctly check realloc() call (Phil Sutter) [1778952]
- flowtable: Correctly check realloc() call (Phil Sutter) [1778952]
- chain: Fix memleak in error path of nftnl_chain_parse_devs() (Phil Sutter) [1778952]
- flowtable: Fix memleak in error path of nftnl_flowtable_parse_devs() (Phil Sutter) [1778952]
* Mon Dec 02 2019 Phil Sutter <psutter@redhat.com> [1.1.5-1.el8]
- Rebase onto upstream version 1.1.5 (Phil Sutter) [1717129]
* Thu Oct 24 2019 Phil Sutter <psutter@redhat.com> [1.1.4-3.el8]
- set: Export nftnl_set_list_lookup_byname() (Phil Sutter) [1762563]
* Thu Oct 17 2019 Phil Sutter <psutter@redhat.com> [1.1.4-2.el8]
- obj/ct_timeout: Fix NFTA_CT_TIMEOUT_DATA parser (Phil Sutter) [1758673]
- set_elem: Validate nftnl_set_elem_set() parameters (Phil Sutter) [1758673]
- obj/ct_timeout: Avoid array overrun in timeout_parse_attr_data() (Phil Sutter) [1758673]
- set: Don't bypass checks in nftnl_set_set_u{32,64}() (Phil Sutter) [1758673]
- obj/tunnel: Fix for undefined behaviour (Phil Sutter) [1758673]
- set_elem: Fix return code of nftnl_set_elem_set() (Phil Sutter) [1758673]
- obj: ct_timeout: Check return code of mnl_attr_parse_nested() (Phil Sutter) [1758673]
* Fri Oct 04 2019 Phil Sutter <psutter@redhat.com> [1.1.4-1.el8]
- Rebase to upstream version 1.1.4 (Phil Sutter) [1717129]
* Thu Jan 31 2019 Phil Sutter <psutter@redhat.com> [1.1.1-4.el8]
- src: rule: Support NFTA_RULE_POSITION_ID attribute (Phil Sutter) [1670565]
* Tue Jan 29 2019 Phil Sutter <psutter@redhat.com> [1.1.1-3.el8]
- src: chain: Fix nftnl_chain_rule_insert_at() (Phil Sutter) [1666495]
- src: chain: Add missing nftnl_chain_rule_del() (Phil Sutter) [1666495]
- flowtable: Fix for reading garbage (Phil Sutter) [1661327]
- flowtable: Fix memleak in nftnl_flowtable_parse_devs() (Phil Sutter) [1661327]
- flowtable: Fix use after free in two spots (Phil Sutter) [1661327]
- flowtable: Add missing break (Phil Sutter) [1661327]
- object: Avoid obj_ops array overrun (Phil Sutter) [1661327]
* Mon Dec 17 2018 Phil Sutter <psutter@redhat.com> [1.1.1-2.el8]
- chain: Hash chain list by name (Phil Sutter) [1658533]
- chain: Add lookup functions for chain list and rules in chain (Phil Sutter) [1658533]
- chain: Support per chain rules list (Phil Sutter) [1658533]
- src: remove nftnl_rule_cmp() and nftnl_expr_cmp() (Phil Sutter) [1658533]
* Thu Jul 12 2018 Phil Sutter <psutter@redhat.com> [1.1.1-1.el8]
- Rebase onto upstream version 1.1.1
- Sync spec file with RHEL7
- Disable JSON parsing, deprecated by upstream
- Make use of builtin testsuite
* Sat Jun 23 2018 Phil Sutter - 1.0.9-3
- Drop leftover mxml dependency [1594917]
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.9-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Mon Jan 08 2018 Kevin Fenzi <kevin@scrye.com> - 1.0.9-1
- Update to 1.0.9. Fixes bug #1531004
* Sat Oct 21 2017 Kevin Fenzi <kevin@scrye.com> - 1.0.8-4
- Update to 1.0.8. Fixes bug #1504350
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.7-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.7-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.7-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Thu Dec 22 2016 Kevin Fenzi <kevin@scrye.com> - 1.0.7-1
- Update to 1.0.7. Fixes bug #1406201
* Wed Jun 01 2016 Kevin Fenzi <kevin@scrye.com> - 1.0.6-1
- Update to 1.0.6. Fixes bug #1341384
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Thu Sep 17 2015 Kevin Fenzi <kevin@scrye.com> 1.0.5-1
- Update to 1.0.5. Fixes bug #1263684
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Fri Dec 26 2014 Kevin Fenzi <kevin@scrye.com> 1.0.3-1
- Update to final 1.0.3
* Wed Sep 03 2014 Kevin Fenzi <kevin@scrye.com> 1.0.3-0.1.20140903git
- Update to 20140903 git snapshot
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Wed Jun 25 2014 Kevin Fenzi <kevin@scrye.com> 1.0.2-1
- Update to 1.0.2
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu Apr 24 2014 Kevin Fenzi <kevin@scrye.com> 1.0.1-1.
- Update to 1.0.1
* Sun Mar 30 2014 Kevin Fenzi <kevin@scrye.com> 1.0.0-1.20140330git
- Update to 20140330 snapshot
- Sync version to be a post 1.0.0 snapshot
* Wed Mar 26 2014 Kevin Fenzi <kevin@scrye.com> 0-0.10.20140326git
- Update to 20140326 snapshot
* Fri Mar 07 2014 Kevin Fenzi <kevin@scrye.com> 0-0.9.20140307git
- Update to 20140307 snapshot
* Sat Jan 25 2014 Kevin Fenzi <kevin@scrye.com> 0-0.8.20140125git
- Update to 20140125
* Thu Jan 23 2014 Kevin Fenzi <kevin@scrye.com> 0-0.7.20140122git
- Add obsoletes/provides to devel subpackage as well.
* Wed Jan 22 2014 Kevin Fenzi <kevin@scrye.com> 0-0.6.20140122git
- Renamed libnftnl
- Update to 20140122 snapshot.
* Sat Jan 18 2014 Kevin Fenzi <kevin@scrye.com> 0-0.5.20140118git
- Update to 20140118 snapshot.
* Sat Jan 11 2014 Kevin Fenzi <kevin@scrye.com> 0-0.4.20140111git
- Update to 20140111 snapshot.
- Enable xml (some tests stll fail, but it otherwise builds ok)
* Mon Dec 02 2013 Kevin Fenzi <kevin@scrye.com> 0-0.3.20131202git
- Update to 20131202 snapshot, switch to upstream snapshot repo instead of git checkouts.
* Mon Dec 02 2013 Kevin Fenzi <kevin@scrye.com> 0-0.2
- Fixes from review.
* Sat Nov 30 2013 Kevin Fenzi <kevin@scrye.com> 0-0.1
- initial version for Fedora review