From 6831489ff26936ffb3c3d23d538f42cdd4bc4dee Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Wed, 17 Jan 2024 18:46:08 +0100
Subject: [PATCH] Backport upstream patch to fix GCC 14 compatibility issues

Related to:

  <https://fedoraproject.org/wiki/Changes/PortingToModernC>
  <https://fedoraproject.org/wiki/Toolchain/PortingToModernC>
---
 conntrack-tools-c99-2.patch | 105 ++++++++++++++++++++++++++++++++++++
 conntrack-tools.spec        |   6 ++-
 2 files changed, 110 insertions(+), 1 deletion(-)
 create mode 100644 conntrack-tools-c99-2.patch

diff --git a/conntrack-tools-c99-2.patch b/conntrack-tools-c99-2.patch
new file mode 100644
index 0000000..297a7d1
--- /dev/null
+++ b/conntrack-tools-c99-2.patch
@@ -0,0 +1,105 @@
+commit d417ceaa947c5f7f5d691037d0abe1deca957313
+Author: Jeremy Sowden <jeremy@azazel.net>
+Date:   Sat Aug 26 17:32:26 2023 +0100
+
+    read_config_yy: correct arguments passed to `inet_aton`
+    
+    `inet_aton` expects a `struct in_addr *`.  In a number of calls, we pass
+    pointers to structs or unions which contain a `struct in_addr` member.  Pass
+    pointers to the members instead.  In another call, we pass a pointer to a
+    uint32_t.  Cast it.
+    
+    Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
+    Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+
+diff --git a/src/read_config_yy.y b/src/read_config_yy.y
+index f06c6afff7cbfd81..71a087187522efe1 100644
+--- a/src/read_config_yy.y
++++ b/src/read_config_yy.y
+@@ -246,9 +246,11 @@ multicast_options :
+ 
+ multicast_option : T_IPV4_ADDR T_IP
+ {
++	struct channel_conf *channel_conf = &conf.channel[conf.channel_num];
++
+ 	__max_dedicated_links_reached();
+ 
+-	if (!inet_aton($2, &conf.channel[conf.channel_num].u.mcast.in)) {
++	if (!inet_aton($2, &channel_conf->u.mcast.in.inet_addr)) {
+ 		dlog(LOG_WARNING, "%s is not a valid IPv4 address", $2);
+ 		free($2);
+ 		break;
+@@ -310,9 +312,11 @@ multicast_option : T_IPV6_ADDR T_IP
+ 
+ multicast_option : T_IPV4_IFACE T_IP
+ {
++	struct channel_conf *channel_conf = &conf.channel[conf.channel_num];
++
+ 	__max_dedicated_links_reached();
+ 
+-	if (!inet_aton($2, &conf.channel[conf.channel_num].u.mcast.ifa)) {
++	if (!inet_aton($2, &channel_conf->u.mcast.ifa.interface_addr)) {
+ 		dlog(LOG_WARNING, "%s is not a valid IPv4 address", $2);
+ 		free($2);
+ 		break;
+@@ -423,9 +427,11 @@ udp_options :
+ 
+ udp_option : T_IPV4_ADDR T_IP
+ {
++	struct channel_conf *channel_conf = &conf.channel[conf.channel_num];
++
+ 	__max_dedicated_links_reached();
+ 
+-	if (!inet_aton($2, &conf.channel[conf.channel_num].u.udp.server.ipv4)) {
++	if (!inet_aton($2, &channel_conf->u.udp.server.ipv4.inet_addr)) {
+ 		dlog(LOG_WARNING, "%s is not a valid IPv4 address", $2);
+ 		free($2);
+ 		break;
+@@ -456,9 +462,11 @@ udp_option : T_IPV6_ADDR T_IP
+ 
+ udp_option : T_IPV4_DEST_ADDR T_IP
+ {
++	struct channel_conf *channel_conf = &conf.channel[conf.channel_num];
++
+ 	__max_dedicated_links_reached();
+ 
+-	if (!inet_aton($2, &conf.channel[conf.channel_num].u.udp.client)) {
++	if (!inet_aton($2, &channel_conf->u.udp.client.inet_addr)) {
+ 		dlog(LOG_WARNING, "%s is not a valid IPv4 address", $2);
+ 		free($2);
+ 		break;
+@@ -574,9 +582,11 @@ tcp_options :
+ 
+ tcp_option : T_IPV4_ADDR T_IP
+ {
++	struct channel_conf *channel_conf = &conf.channel[conf.channel_num];
++
+ 	__max_dedicated_links_reached();
+ 
+-	if (!inet_aton($2, &conf.channel[conf.channel_num].u.tcp.server.ipv4)) {
++	if (!inet_aton($2, &channel_conf->u.tcp.server.ipv4.inet_addr)) {
+ 		dlog(LOG_WARNING, "%s is not a valid IPv4 address", $2);
+ 		free($2);
+ 		break;
+@@ -607,9 +617,11 @@ tcp_option : T_IPV6_ADDR T_IP
+ 
+ tcp_option : T_IPV4_DEST_ADDR T_IP
+ {
++	struct channel_conf *channel_conf = &conf.channel[conf.channel_num];
++
+ 	__max_dedicated_links_reached();
+ 
+-	if (!inet_aton($2, &conf.channel[conf.channel_num].u.tcp.client)) {
++	if (!inet_aton($2, &channel_conf->u.tcp.client.inet_addr)) {
+ 		dlog(LOG_WARNING, "%s is not a valid IPv4 address", $2);
+ 		free($2);
+ 		break;
+@@ -1239,7 +1251,7 @@ filter_address_item : T_IPV4_ADDR T_IP
+ 		}
+ 	}
+ 
+-	if (!inet_aton($2, &ip.ipv4)) {
++	if (!inet_aton($2, (struct in_addr *) &ip.ipv4)) {
+ 		dlog(LOG_WARNING, "%s is not a valid IPv4, ignoring", $2);
+ 		free($2);
+ 		break;
diff --git a/conntrack-tools.spec b/conntrack-tools.spec
index 200c511..e2f0964 100644
--- a/conntrack-tools.spec
+++ b/conntrack-tools.spec
@@ -1,6 +1,6 @@
 Name:           conntrack-tools
 Version:        1.4.7
-Release:        4%{?dist}
+Release:        5%{?dist}
 Summary:        Manipulate netfilter connection tracking table and run High Availability
 License:        GPL-2.0-only
 URL:            http://conntrack-tools.netfilter.org/
@@ -10,6 +10,7 @@ Source2:        NetfilterCoreTeam-OpenGPG-KEY.txt
 Source3:        conntrackd.service
 Source4:        conntrackd.conf
 Patch1:         conntrack-tools-c99.patch
+Patch2: conntrack-tools-c99-2.patch
 
 BuildRequires:  autoconf
 BuildRequires:  automake
@@ -91,6 +92,9 @@ install -m 0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/conntrackd/
 %systemd_postun conntrackd.service
 
 %changelog
+* Wed Jan 17 2024 Florian Weimer <fweimer@redhat.com> - 1.4.7-5
+- Backport upstream patch to fix GCC 14 compatibility issues
+
 * Fri Aug 11 2023 Phil Sutter <psutter@redhat.com> - 1.4.7-4
 - Convert license to SPDX format