diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..d9972d0 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/v1.1.12.tar.gz diff --git a/.slirp4netns.metadata b/.slirp4netns.metadata new file mode 100644 index 0000000..3e8ebbd --- /dev/null +++ b/.slirp4netns.metadata @@ -0,0 +1 @@ +a64e67f2007fc3869565acb930fd2f7d1616e62f SOURCES/v1.1.12.tar.gz diff --git a/SOURCES/0001-Replace-deprecated-inet_ntoa-with-safer-inet_ntop.patch b/SOURCES/0001-Replace-deprecated-inet_ntoa-with-safer-inet_ntop.patch new file mode 100644 index 0000000..a4390aa --- /dev/null +++ b/SOURCES/0001-Replace-deprecated-inet_ntoa-with-safer-inet_ntop.patch @@ -0,0 +1,78 @@ +From 6db5ec8bba65b9eb3bbc0518ad74ed991126320d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= +Date: Tue, 15 Feb 2022 11:46:06 +0400 +Subject: [PATCH] Replace deprecated inet_ntoa with safer inet_ntop +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +inet_ntoa() is a legacy API with MT issues. Use the recommended +alternative instead. This makes some code checkers happy, and could +potentially fix issues if other parts of the process were to use +inet_ntoa() at the same time.. + +Signed-off-by: Marc-André Lureau +--- + main.c | 24 ++++++++++++------------ + 1 file changed, 12 insertions(+), 12 deletions(-) + +diff --git a/main.c b/main.c +index 3bf585924f7c..109dc59eea29 100644 +--- a/main.c ++++ b/main.c +@@ -336,6 +336,7 @@ static int recvfd(int sock) + static int parent(int sock, int ready_fd, int exit_fd, const char *api_socket, + struct slirp4netns_config *cfg, pid_t target_pid) + { ++ char str[INET6_ADDRSTRLEN]; + int rc, tapfd; + struct in_addr vdhcp_end = { + #define NB_BOOTP_CLIENTS 16 +@@ -351,25 +352,24 @@ static int parent(int sock, int ready_fd, int exit_fd, const char *api_socket, + close(sock); + printf("Starting slirp\n"); + printf("* MTU: %d\n", cfg->mtu); +- printf("* Network: %s\n", inet_ntoa(cfg->vnetwork)); +- printf("* Netmask: %s\n", inet_ntoa(cfg->vnetmask)); +- printf("* Gateway: %s\n", inet_ntoa(cfg->vhost)); +- printf("* DNS: %s\n", inet_ntoa(cfg->vnameserver)); +- printf("* DHCP begin: %s\n", inet_ntoa(cfg->vdhcp_start)); +- printf("* DHCP end: %s\n", inet_ntoa(vdhcp_end)); +- printf("* Recommended IP: %s\n", inet_ntoa(cfg->recommended_vguest)); ++ printf("* Network: %s\n", inet_ntop(AF_INET, &cfg->vnetwork, str, sizeof(str))); ++ printf("* Netmask: %s\n", inet_ntop(AF_INET, &cfg->vnetmask, str, sizeof(str))); ++ printf("* Gateway: %s\n", inet_ntop(AF_INET, &cfg->vhost, str, sizeof(str))); ++ printf("* DNS: %s\n", inet_ntop(AF_INET, &cfg->vnameserver, str, sizeof(str))); ++ printf("* DHCP begin: %s\n", inet_ntop(AF_INET, &cfg->vdhcp_start, str, sizeof(str))); ++ printf("* DHCP end: %s\n", inet_ntop(AF_INET, &vdhcp_end, str, sizeof(str))); ++ printf("* Recommended IP: %s\n", inet_ntop(AF_INET, &cfg->recommended_vguest, str, sizeof(str))); + if (api_socket != NULL) { + printf("* API Socket: %s\n", api_socket); + } + #if SLIRP_CONFIG_VERSION_MAX >= 2 + if (cfg->enable_outbound_addr) { + printf("* Outbound IPv4: %s\n", +- inet_ntoa(cfg->outbound_addr.sin_addr)); ++ inet_ntop(AF_INET, &cfg->outbound_addr.sin_addr, str, sizeof(str))); + } + if (cfg->enable_outbound_addr6) { +- char str[INET6_ADDRSTRLEN]; +- if (inet_ntop(AF_INET6, &cfg->outbound_addr6.sin6_addr, str, +- INET6_ADDRSTRLEN) != NULL) { ++ if (inet_ntop(AF_INET6, &cfg->outbound_addr6.sin6_addr, ++ str, sizeof(str)) != NULL) { + printf("* Outbound IPv6: %s\n", str); + } + } +@@ -383,7 +383,7 @@ static int parent(int sock, int ready_fd, int exit_fd, const char *api_socket, + printf( + "WARNING: 127.0.0.1:* on the host is accessible as %s (set " + "--disable-host-loopback to prohibit connecting to 127.0.0.1:*)\n", +- inet_ntoa(cfg->vhost)); ++ inet_ntop(AF_INET, &cfg->vhost, str, sizeof(str))); + } + if (cfg->enable_sandbox && geteuid() != 0) { + if ((rc = nsenter(target_pid, NULL, NULL, true)) < 0) { +-- +2.34.1.428.gdcc0cd074f0c + diff --git a/SPECS/slirp4netns.spec b/SPECS/slirp4netns.spec new file mode 100644 index 0000000..cb62485 --- /dev/null +++ b/SPECS/slirp4netns.spec @@ -0,0 +1,123 @@ +%global git0 https://github.com/rootless-containers/%{name} + +Name: slirp4netns +Version: 1.1.12 +Release: 4%{?dist} +Summary: slirp for network namespaces +License: GPLv2 +URL: %{git0} +# build fails on i686 with: No matching package to install: 'go-md2man' +ExcludeArch: i686 +Source0: %{git0}/archive/v%{version}.tar.gz +Patch0: 0001-Replace-deprecated-inet_ntoa-with-safer-inet_ntop.patch +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: gcc +BuildRequires: glib2-devel +BuildRequires: git +BuildRequires: go-md2man +BuildRequires: libcap-devel +BuildRequires: libseccomp-devel +BuildRequires: make +BuildRequires: libslirp-devel + +%description +slirp for network namespaces, without copying buffers across the namespaces. + +%package devel +Summary: %{summary} +BuildArch: noarch + +%description devel +%{summary} + +This package contains library source intended for +building other packages which use import path with +%{import_path} prefix. + +%prep +%autosetup -Sgit + +%build +export CFLAGS="%{optflags} -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64" +export LDFLAGS="-pie -Wl,-z,relro -Wl,-z,now" +./autogen.sh +./configure --prefix=%{_usr} --libdir=%{_libdir} +%{__make} generate-man + +%install +make DESTDIR=%{buildroot} install install-man + +%check + +#define license tag if not already defined +%{!?_licensedir:%global license %doc} + +%files +%license COPYING +%doc README.md +%{_bindir}/%{name} +%{_mandir}/man1/%{name}.1.gz + +%changelog +* Thu Feb 17 2022 Jindrich Novy - 1.1.12-4 +- update gating.yaml as we have no local tests in dist-git +- Related: #2000051 + +* Tue Feb 15 2022 Jindrich Novy - 1.1.12-3 +- fix gating - don't use insecure functions - thanks to Marc-André Lureau +- Related: #2000051 + +* Tue Feb 15 2022 Jindrich Novy - 1.1.12-2 +- add gating.yaml +- Related: #2000051 + +* Thu Nov 11 2021 Jindrich Novy - 1.1.12-1 +- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.12 +- Related: #2000051 + +* Tue Aug 10 2021 Mohan Boddu - 1.1.8-3 +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + +* Fri Apr 16 2021 Mohan Boddu - 1.1.8-2 +- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 + +* Fri Dec 04 2020 Jindrich Novy - 1.1.8-1 +- update to + https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.8 + +* Thu Dec 03 2020 Jindrich Novy - 1.1.7-2 +- exclude i686 because of build failures +- Related: #1883490 + +* Thu Nov 26 2020 Jindrich Novy - 1.1.7-1 +- update to + https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.7 + +* Mon Nov 09 2020 Jindrich Novy - 1.1.6-2 +- - be sure to harden the linked binary + +* Thu Nov 05 2020 Jindrich Novy - 1.1.6-1 +- update to + https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.6 + +* Wed Nov 04 2020 Jindrich Novy - 1.1.5-1 +- update to + https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.5 + +* Thu Sep 17 2020 Jindrich Novy - 1.1.4-2 +- sync with rhel8-8.3.0 +- use proper CFLAGS +- Related: #1821193 + +* Thu Feb 28 2019 Lokesh Mandvekar - 0.3.0-1.alpha.2.git30883b5 +- bump to v0.3.0-alpha.2 + +* Fri Nov 16 2018 Frantisek Kluknavsky - 0.1-2.dev.gitc4e1bc5 +- changed summary + +* Fri Aug 10 2018 Lokesh Mandvekar - 0.1-1.dev.gitc4e1bc5 +- First package for RHEL 8 +- import from Fedora rawhide +- Exclude ix86 and ppc64