Revert "miniupnpd: bump to latest git source"

This was reverted because the commit does more things than just "bump to latest git source". Also, it was not properly reviewed/tested. See: https://github.com/openwrt/packages/pull/18133#issuecomment-1106346788 This reverts commit b3b911e992. Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2022-04-22 17:19:51 +02:00 · 2022-04-22 17:19:51 +02:00 · 0bc25077b3
commit 0bc25077b3
parent 0248058f6b
5 changed files with 38 additions and 49 deletions
--- a/net/miniupnpd/Makefile
+++ b/net/miniupnpd/Makefile
@ -8,15 +8,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=miniupnpd
-PKG_VERSION:=2.3.0
+PKG_VERSION:=2.2.3
 PKG_RELEASE:=$(AUTORELEASE)

-PKG_SOURCE_PROTO:=git
-PKG_SOURCE_URL:=https://github.com/miniupnp/miniupnp.git
-PKG_SOURCE_DATE:=2022-03-20
-PKG_SOURCE_VERSION:=fda61180e07abd222623e54b9239557bbffbc21d
-PKG_MIRROR_HASH:=f81a5b920f1bddb5673a2455461d4dca20d17138f5488713c5a759f2a64e9f18
-PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(BUILD_VARIANT)/$(PKG_NAME)-$(PKG_VERSION)/miniupnpd
+PKG_SOURCE_URL:=https://miniupnp.tuxfamily.org/files
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_HASH:=f89c310ce9575183af3fec61af65e548f85114133df8caaaa9e204c13b7a9da5

 PKG_MAINTAINER:=
 PKG_LICENSE:=BSD-3-Clause
@ -29,9 +26,6 @@ PKG_BUILD_PARALLEL:=1
 include $(INCLUDE_DIR)/package.mk
 include $(INCLUDE_DIR)/version.mk

-TAR_OPTIONS+= --strip-components 1
-TAR_CMD=$(HOST_TAR) -C $(1)/.. $(TAR_OPTIONS)
-
 define Package/miniupnpd/Default
  SECTION:=net
  CATEGORY:=Network
@ -115,10 +109,6 @@ endef

 define Package/miniupnpd-nftables/install
 	$(call Package/miniupnpd/install/Default,$1)
-	$(INSTALL_DIR) $(1)/usr/share/miniupnpd
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/etc/miniupnpd/miniupnpd_functions.sh $(1)/usr/share/miniupnpd/miniupnpd_functions.sh
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/etc/miniupnpd/nft_init.sh $(1)/usr/share/miniupnpd/nft_init.sh
-	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/etc/miniupnpd/nft_removeall.sh $(1)/usr/share/miniupnpd/nft_removeall.sh
 endef

 $(eval $(call BuildPackage,miniupnpd-iptables))
--- a/net/miniupnpd/files/miniupnpd.hotplug
+++ b/net/miniupnpd/files/miniupnpd.hotplug
@ -13,7 +13,6 @@ tmpconf="/var/etc/miniupnpd.conf"
 external_iface=$(uci -q get upnpd.config.external_iface)
 external_iface6=$(uci -q get upnpd.config.external_iface6)
 external_zone=$(uci -q get upnpd.config.external_zone)
-[ -x "$(command -v nft)" ] && FW="fw4" || FW="fw3"

 . /lib/functions/network.sh

@ -21,7 +20,7 @@ if [ -n "$external_iface" ] ; then
 	network_get_device ifname "$external_iface"
 else
 	if [ -n "$external_zone" ] ; then
-		ifname=$($FW -q zone "$external_zone" 2>/dev/null | head -1)
+		ifname=$(fw3 -q zone "$external_zone" 2>/dev/null | head -1)
 	else
 		network_find_wan external_iface && \
 			network_get_device ifname "$external_iface"
@ -31,7 +30,7 @@ if [ -n "$external_iface6" ] ; then
 	network_get_device ifname6 "$external_iface6"
 else
 	if [ -n "$external_zone" ] ; then
-		ifname6=$($FW -q zone "$external_zone" 2>/dev/null | head -1)
+		ifname6=$(fw3 -q zone "$external_zone" 2>/dev/null | head -1)
 	else
 		network_find_wan6 external_iface6 && \
 			network_get_device ifname6 "$external_iface6"
--- a/net/miniupnpd/files/miniupnpd.init
+++ b/net/miniupnpd/files/miniupnpd.init
@ -5,8 +5,6 @@ START=94
 STOP=15
 USE_PROCD=1
 PROG=/usr/sbin/miniupnpd
-NFT_SCRIPTS_DIR=/usr/share/miniupnpd
-[ -x "$(command -v nft)" ] && FW="fw4" || FW="fw3"

 upnpd_get_port_range() {
 	local var="$1"; shift
@ -100,7 +98,7 @@ upnpd() {
 		network_get_device ifname "$external_iface"
 	else
 		if [ -n "$external_zone" ] ; then
-			ifname=$($FW -q zone "$external_zone" 2>/dev/null | head -1)
+			ifname=$(fw3 -q zone "$external_zone" 2>/dev/null | head -1)
 		else
 			network_find_wan external_iface && \
 				network_get_device ifname "$external_iface"
@ -110,7 +108,7 @@ upnpd() {
 		network_get_device ifname6 "$external_iface6"
 	else
 		if [ -n "$external_zone" ] ; then
-			ifname6=$($FW -q zone "$external_zone" 2>/dev/null | head -1)
+			ifname6=$(fw3 -q zone "$external_zone" 2>/dev/null | head -1)
 		else
 			network_find_wan6 external_iface6 && \
 				network_get_device ifname6 "$external_iface6"
@ -178,12 +176,7 @@ upnpd() {

 	if [ -n "$ifname" ]; then
 		# start firewall
-		if [ "Z$FW" = "Zfw4" ]; then
-			$NFT_SCRIPTS_DIR/nft_init.sh 2>/dev/null
-			fw4 reload
-		else
-			iptables -L MINIUPNPD >/dev/null 2>&1 || fw3 reload
-		fi
+		iptables -L MINIUPNPD >/dev/null 2>&1 || fw3 reload
 	else
 		logger -t "upnp daemon" "external interface not found, not starting"
 	fi
@ -196,16 +189,11 @@ upnpd() {
 }

 stop_service() {
-	if [ "Z$FW" = "Zfw4" ]; then
-		$NFT_SCRIPTS_DIR/nft_removeall.sh 2>/dev/null
-		fw4 reload
-	else
-		iptables -t nat -F MINIUPNPD 2>/dev/null
-		iptables -t nat -F MINIUPNPD-POSTROUTING 2>/dev/null
-		iptables -t filter -F MINIUPNPD 2>/dev/null
+	iptables -t nat -F MINIUPNPD 2>/dev/null
+	iptables -t nat -F MINIUPNPD-POSTROUTING 2>/dev/null
+	iptables -t filter -F MINIUPNPD 2>/dev/null

-		[ -x /usr/sbin/ip6tables ] && ip6tables -t filter -F MINIUPNPD 2>/dev/null
-	fi
+	[ -x /usr/sbin/ip6tables ] && ip6tables -t filter -F MINIUPNPD 2>/dev/null
 }

 start_service() {
--- a/net/miniupnpd/patches/100-miniupnpd-configure-don-t-hardcode-iptables.patch
+++ b/net/miniupnpd/patches/100-miniupnpd-configure-don-t-hardcode-iptables.patch
@ -0,0 +1,25 @@
+From 51a422407b22f0cb7188ea4bfb3867b2bbfcfe68 Mon Sep 17 00:00:00 2001
+From: Stijn Tintel <stijn@linux-ipv6.be>
+Date: Sun, 7 Nov 2021 20:24:29 +0200
+Subject: [PATCH] miniupnpd/configure: don't hardcode iptables
+
+The OpenWrt Makefile that builds miniupnpd passes the firewall argument
+to the configure script, so this is not needed and it is blocking us
+from using nftables instead, which will be the default backend for
+firewall4 to be used in the next OpenWrt stable release.
+
+Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
+---
+ configure | 1 -
+ 1 file changed, 1 deletion(-)
+
+--- a/configure
+++ b/configure
+@@ -387,7 +387,6 @@ case $OS_NAME in
+ 	OpenWRT)
+ 		OS_URL=http://www.openwrt.org/
+ 		echo "#define USE_IFACEWATCHER 1" >> ${CONFIGFILE}
+-		FW=iptables
+ 		;;
+ 	OpenEmbedded)
+ 		OS_URL=http://www.openembedded.org/
--- a/net/miniupnpd/patches/201-change-default-chain-rule-to-accept.patch
+++ b/net/miniupnpd/patches/201-change-default-chain-rule-to-accept.patch
@ -1,13 +0,0 @@
--- a/netfilter_nft/scripts/nft_init.sh
-+++ b/netfilter_nft/scripts/nft_init.sh
-@@ -19,8 +19,8 @@ echo "Creating nftables structure"
- cat > /tmp/miniupnpd.nft <<EOF
- table inet $TABLE {
-     chain forward {
-        type filter hook forward priority 0;
-        policy drop;
-+        type filter hook forward priority -25;
-+        policy accept;
- 
-         # miniupnpd
-         jump $CHAIN