From cdac00501fc30fc7623c1194737e52da42000c4e Mon Sep 17 00:00:00 2001
From: zangrc <zangrc.fnst@fujitsu.com>
Date: Fri, 9 Jul 2021 09:37:11 +0800
Subject: firewalld: upgrade 0.9.3 -> 0.9.4

This is a bug fix only release.

$ git shortlog --grep "^fix" v0.9.3..v0.9.4
Eric Garver (10):

fix(dbus): conf: setting deprecated properties should be ignored
fix(dbus): properties: IPv4 and IPv6 should be true if using nftables
fix(fw): when checking tables make sure to check the actual backend
fix(ipset): nftables: use interval flag for "ip" types
fix(rpm): applet: don't replace config modified by admin
fix(rpm): logrotate: don't replace config modified by admin
fix(ipv6_filter): match fwmark
fix(direct): rule order with multiple address with -s/-d
fix(nm): reload: only consider NM connections with a real interface
fix(policy): warn instead of error for overlapping ports
Fabrizio D'Angelo (1):

fix(ipset): fix hash:net,net functionality
Robert Richmond (1):

fix(ipset): entry delete with timeout
Ye Shu (1):

fix(applet): Show a basic tooltip instead of HTML

Signed-off-by: Zang Ruochen <zangrc.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
 .../firewalld/firewalld_0.9.3.bb                   | 92 ----------------------
 .../firewalld/firewalld_0.9.4.bb                   | 92 ++++++++++++++++++++++
 2 files changed, 92 insertions(+), 92 deletions(-)
 delete mode 100644 meta-networking/recipes-connectivity/firewalld/firewalld_0.9.3.bb
 create mode 100644 meta-networking/recipes-connectivity/firewalld/firewalld_0.9.4.bb

diff --git a/meta-networking/recipes-connectivity/firewalld/firewalld_0.9.3.bb b/meta-networking/recipes-connectivity/firewalld/firewalld_0.9.3.bb
deleted file mode 100644
index 9aad510b4e..0000000000
--- a/meta-networking/recipes-connectivity/firewalld/firewalld_0.9.3.bb
+++ /dev/null
@@ -1,92 +0,0 @@
-SUMMARY = "Dynamic firewall daemon with a D-Bus interface"
-HOMEPAGE = "https://firewalld.org/"
-BUGTRACKER = "https://github.com/firewalld/firewalld/issues"
-UPSTREAM_CHECK_URI = "https://github.com/firewalld/firewalld/releases"
-LICENSE = "GPLv2+"
-LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
-
-SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/v${PV}/${BP}.tar.gz \
-           file://firewalld.init \
-"
-SRC_URI[sha256sum] = "5998894db976d77996ca0a6b700a2f4125b9f283465fb255da9bddfb1640cb27"
-
-# glib-2.0-native is needed for GSETTINGS_RULES autoconf macro from gsettings.m4
-DEPENDS = "intltool-native glib-2.0-native nftables"
-
-inherit gettext autotools bash-completion python3native gsettings systemd update-rc.d
-
-PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}"
-PACKAGECONFIG[systemd] = "--with-systemd-unitdir=${systemd_system_unitdir},--disable-systemd"
-PACKAGECONFIG[docs] = "--with-xml-catalog=${STAGING_ETCDIR_NATIVE}/xml/catalog,--disable-docs,libxslt-native docbook-xsl-stylesheets-native"
-
-PACKAGES += "${PN}-zsh-completion"
-
-# iptables, ip6tables, ebtables, and ipset *should* be unnecessary
-# when the nftables backend is available, because nftables supersedes all of them.
-# However we still need iptables and ip6tables to be available otherwise any
-# application relying on "direct passthrough" rules (such as docker) will break.
-# /etc/sysconfig/firewalld is a Red Hat-ism, only referenced by
-# the Red Hat-specific init script which we aren't using, so we disable that.
-EXTRA_OECONF = "\
-    --without-ipset \
-    --with-iptables=${sbindir}/iptables \
-    --with-iptables-restore=${sbindir}/iptables-restore \
-    --with-ip6tables=${sbindir}/ip6tables \
-    --with-ip6tables-restore=${sbindir}/ip6tables-restore \
-    --without-ebtables \
-    --without-ebtables-restore \
-    --disable-sysconfig \
-"
-
-INITSCRIPT_NAME = "firewalld"
-SYSTEMD_SERVICE_${PN} = "firewalld.service"
-
-do_install_append() {
-    if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
-        :
-    else
-        # firewalld ships an init script but it contains Red Hat-isms, replace it with our own
-        rm -rf ${D}${sysconfdir}/rc.d/
-        install -d ${D}${sysconfdir}/init.d
-        install -m0755 ${WORKDIR}/firewalld.init ${D}${sysconfdir}/init.d/firewalld
-    fi
-
-    # We ran ./configure with PYTHON pointed at the binary inside $STAGING_BINDIR_NATIVE
-    # so now we need to fix up any references to point at the proper path in the image.
-    # This hack is also in distutils.bbclass, but firewalld doesn't use distutils/setuptools.
-    if [ ${PN} != "${BPN}-native" ]; then
-        sed -i -e s:${STAGING_BINDIR_NATIVE}/python3-native/python3:${bindir}/python3:g \
-            ${D}${bindir}/* ${D}${sbindir}/* ${D}${sysconfdir}/firewalld/*.xml
-    fi
-    sed -i -e s:${STAGING_BINDIR_NATIVE}:${bindir}:g \
-        ${D}${bindir}/* ${D}${sbindir}/* ${D}${sysconfdir}/firewalld/*.xml
-
-    # This file contains Red Hat-isms. Modules get loaded without it.
-    rm -f ${D}${sysconfdir}/modprobe.d/firewalld-sysctls.conf
-}
-
-FILES_${PN} += "\
-    ${PYTHON_SITEPACKAGES_DIR}/firewall \
-    ${nonarch_libdir}/firewalld \
-    ${datadir}/dbus-1 \
-    ${datadir}/polkit-1 \
-    ${datadir}/metainfo \
-"
-FILES_${PN}-zsh-completion = "${datadir}/zsh/site-functions"
-
-RDEPENDS_${PN} = "\
-    nftables-python \
-    iptables \
-    python3-core \
-    python3-io \
-    python3-fcntl \
-    python3-shell \
-    python3-syslog \
-    python3-xml \
-    python3-dbus \
-    python3-slip-dbus \
-    python3-decorator \
-    python3-pygobject \
-    python3-json \
-    python3-ctypes \
-"
diff --git a/meta-networking/recipes-connectivity/firewalld/firewalld_0.9.4.bb b/meta-networking/recipes-connectivity/firewalld/firewalld_0.9.4.bb
new file mode 100644
index 0000000000..b8025c7078
--- /dev/null
+++ b/meta-networking/recipes-connectivity/firewalld/firewalld_0.9.4.bb
@@ -0,0 +1,92 @@
+SUMMARY = "Dynamic firewall daemon with a D-Bus interface"
+HOMEPAGE = "https://firewalld.org/"
+BUGTRACKER = "https://github.com/firewalld/firewalld/issues"
+UPSTREAM_CHECK_URI = "https://github.com/firewalld/firewalld/releases"
+LICENSE = "GPLv2+"
+LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
+
+SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/v${PV}/${BP}.tar.gz \
+           file://firewalld.init \
+"
+SRC_URI[sha256sum] = "52c5e3d5b1e2efc0e86c22b2bc1f7fd80908cc2d8130157dc2a3517a59b0a760"
+
+# glib-2.0-native is needed for GSETTINGS_RULES autoconf macro from gsettings.m4
+DEPENDS = "intltool-native glib-2.0-native nftables"
+
+inherit gettext autotools bash-completion python3native gsettings systemd update-rc.d
+
+PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}"
+PACKAGECONFIG[systemd] = "--with-systemd-unitdir=${systemd_system_unitdir},--disable-systemd"
+PACKAGECONFIG[docs] = "--with-xml-catalog=${STAGING_ETCDIR_NATIVE}/xml/catalog,--disable-docs,libxslt-native docbook-xsl-stylesheets-native"
+
+PACKAGES += "${PN}-zsh-completion"
+
+# iptables, ip6tables, ebtables, and ipset *should* be unnecessary
+# when the nftables backend is available, because nftables supersedes all of them.
+# However we still need iptables and ip6tables to be available otherwise any
+# application relying on "direct passthrough" rules (such as docker) will break.
+# /etc/sysconfig/firewalld is a Red Hat-ism, only referenced by
+# the Red Hat-specific init script which we aren't using, so we disable that.
+EXTRA_OECONF = "\
+    --without-ipset \
+    --with-iptables=${sbindir}/iptables \
+    --with-iptables-restore=${sbindir}/iptables-restore \
+    --with-ip6tables=${sbindir}/ip6tables \
+    --with-ip6tables-restore=${sbindir}/ip6tables-restore \
+    --without-ebtables \
+    --without-ebtables-restore \
+    --disable-sysconfig \
+"
+
+INITSCRIPT_NAME = "firewalld"
+SYSTEMD_SERVICE_${PN} = "firewalld.service"
+
+do_install_append() {
+    if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
+        :
+    else
+        # firewalld ships an init script but it contains Red Hat-isms, replace it with our own
+        rm -rf ${D}${sysconfdir}/rc.d/
+        install -d ${D}${sysconfdir}/init.d
+        install -m0755 ${WORKDIR}/firewalld.init ${D}${sysconfdir}/init.d/firewalld
+    fi
+
+    # We ran ./configure with PYTHON pointed at the binary inside $STAGING_BINDIR_NATIVE
+    # so now we need to fix up any references to point at the proper path in the image.
+    # This hack is also in distutils.bbclass, but firewalld doesn't use distutils/setuptools.
+    if [ ${PN} != "${BPN}-native" ]; then
+        sed -i -e s:${STAGING_BINDIR_NATIVE}/python3-native/python3:${bindir}/python3:g \
+            ${D}${bindir}/* ${D}${sbindir}/* ${D}${sysconfdir}/firewalld/*.xml
+    fi
+    sed -i -e s:${STAGING_BINDIR_NATIVE}:${bindir}:g \
+        ${D}${bindir}/* ${D}${sbindir}/* ${D}${sysconfdir}/firewalld/*.xml
+
+    # This file contains Red Hat-isms. Modules get loaded without it.
+    rm -f ${D}${sysconfdir}/modprobe.d/firewalld-sysctls.conf
+}
+
+FILES_${PN} += "\
+    ${PYTHON_SITEPACKAGES_DIR}/firewall \
+    ${nonarch_libdir}/firewalld \
+    ${datadir}/dbus-1 \
+    ${datadir}/polkit-1 \
+    ${datadir}/metainfo \
+"
+FILES_${PN}-zsh-completion = "${datadir}/zsh/site-functions"
+
+RDEPENDS_${PN} = "\
+    nftables-python \
+    iptables \
+    python3-core \
+    python3-io \
+    python3-fcntl \
+    python3-shell \
+    python3-syslog \
+    python3-xml \
+    python3-dbus \
+    python3-slip-dbus \
+    python3-decorator \
+    python3-pygobject \
+    python3-json \
+    python3-ctypes \
+"
-- 
cgit v1.2.3-54-g00ecf