From fbe109d9baf2c6b1152c055a575651a4ef80a8c7 Mon Sep 17 00:00:00 2001
From: Natanael Copa <ncopa@alpinelinux.org>
Date: Wed, 30 Jul 2014 10:00:36 +0000
Subject: main/awall: fix activation

ref #3098
---
 main/awall/APKBUILD                                | 15 ++--
 .../check-against-definition-type-mismatch.patch   | 80 ++++++++++++++++++++++
 2 files changed, 90 insertions(+), 5 deletions(-)
 create mode 100644 main/awall/check-against-definition-type-mismatch.patch

diff --git a/main/awall/APKBUILD b/main/awall/APKBUILD
index e575a22ad..f315fc65a 100644
--- a/main/awall/APKBUILD
+++ b/main/awall/APKBUILD
@@ -2,7 +2,7 @@
 # Maintainer: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
 pkgname=awall
 pkgver=1.2.1
-pkgrel=1
+pkgrel=2
 pkgdesc="Alpine Wall"
 url="http://git.alpinelinux.org/cgit/awall/"
 arch="noarch"
@@ -12,7 +12,9 @@ depends="bind-tools ip6tables ipset iptables lua lua-alt-getopt lua-cjson
          lua-filesystem lua-pc lua-signal lua-sleep lua-stringy xtables-addons"
 subpackages=$pkgname-masquerade
 triggers="$pkgname.trigger=/usr/share/awall"
-source=http://dev.alpinelinux.org/archive/awall/awall-$pkgver.tar.xz
+source="http://dev.alpinelinux.org/archive/awall/awall-$pkgver.tar.xz
+	check-against-definition-type-mismatch.patch
+	"
 
 _builddir=$srcdir/awall-$pkgver
 prepare() {
@@ -43,6 +45,9 @@ masquerade() {
 	done
 }
 
-md5sums="aab7a6dc111d7f58e6e26469309f5efb  awall-1.2.1.tar.xz"
-sha256sums="a4f77e57ddda971e98d1ef3dffa447f491f40d5c384ad875728eaf1279b32696  awall-1.2.1.tar.xz"
-sha512sums="77268fca46242fc55710a5e9d7e04cd05afc8de1c5baefb6a1dcb3de70d872e60813a2b83e5a94f17d971d2b4ebf2469e1d1196a674934d309c9d390808f861a  awall-1.2.1.tar.xz"
+md5sums="aab7a6dc111d7f58e6e26469309f5efb  awall-1.2.1.tar.xz
+7e70ecf00cdb9bb00971c227110d0d13  check-against-definition-type-mismatch.patch"
+sha256sums="a4f77e57ddda971e98d1ef3dffa447f491f40d5c384ad875728eaf1279b32696  awall-1.2.1.tar.xz
+043ecb50f1c20c85080d5b67ac3ccd9e2177ed2aa70615e9d8d4a2f04f5f0b9b  check-against-definition-type-mismatch.patch"
+sha512sums="77268fca46242fc55710a5e9d7e04cd05afc8de1c5baefb6a1dcb3de70d872e60813a2b83e5a94f17d971d2b4ebf2469e1d1196a674934d309c9d390808f861a  awall-1.2.1.tar.xz
+b6b03525fbbc26b2adaa02bccb38a29ce76b7c31ce67d0af6bc98e3ddda023646fd1208455579576a87f5cb6a99fec7e79dbff3a6c0065b30df15967e8d2908b  check-against-definition-type-mismatch.patch"
diff --git a/main/awall/check-against-definition-type-mismatch.patch b/main/awall/check-against-definition-type-mismatch.patch
new file mode 100644
index 000000000..4ad92cf75
--- /dev/null
+++ b/main/awall/check-against-definition-type-mismatch.patch
@@ -0,0 +1,80 @@
+From 041b4b69c4e36a24342cfc3ce2e1a7a7307ad492 Mon Sep 17 00:00:00 2001
+From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
+Date: Tue, 1 Jul 2014 11:27:52 +0300
+Subject: check against definition type mismatch (objects vs. arrays)
+
+fixes #3098
+
+diff --git a/awall/policy.lua b/awall/policy.lua
+index efd52e0..093390d 100644
+--- a/awall/policy.lua
++++ b/awall/policy.lua
+@@ -11,7 +11,9 @@ local raise = require('awall.uerror').raise
+ 
+ local util = require('awall.util')
+ local contains = util.contains
++local keys = util.keys
+ local listpairs = util.listpairs
++local map = util.map
+ 
+ 
+ local json = require('cjson')
+@@ -29,7 +31,7 @@ end
+ function PolicyConfig:expand()
+ 
+    local function expand(value)
+-      if type(value) == 'table' then return util.map(value, expand) end
++      if type(value) == 'table' then return map(value, expand) end
+ 
+       local visited = {}
+       local pattern = '%$(%a[%w_]*)'
+@@ -212,22 +214,37 @@ function PolicySet:load()
+ 	       input[cls] = objs
+ 	       for k, v in pairs(objs) do source[cls][k] = name end
+ 
+-	    elseif objs[1] then
+-	       local last = #input[cls]
+-	       util.extend(input[cls], objs)
+-	       for i = 1,#objs do source[cls][last + i] = name end
+-
+ 	    else
+-	       for k, v in pairs(objs) do
+-		  input[cls][k] = v
+-		  source[cls][k] = name
++	       local fk = next(input[cls])
++	       map(
++		  keys(objs),
++		  function(k)
++		     if type(k) ~= type(fk) then
++			raise(
++			   'Type mismatch in '..cls..' definitions ('..
++			      name..', '..source[cls][fk]..')'
++			)
++		     end
++		  end
++	       )
++
++	       if objs[1] then
++		  local last = #input[cls]
++		  util.extend(input[cls], objs)
++		  for i = 1,#objs do source[cls][last + i] = name end
++
++	       else
++		  for k, v in pairs(objs) do
++		     input[cls][k] = v
++		     source[cls][k] = name
++		  end
+ 	       end
+ 	    end
+ 	 end
+       end
+    end
+ 
+-   return PolicyConfig(input, source, util.keys(imported))
++   return PolicyConfig(input, source, keys(imported))
+ end
+ 
+ return PolicySet
+-- 
+cgit v0.10.1
+
-- 
cgit v1.2.3