From 6565dccf1b053702a71bb68c1546ac4a84e693c3 Mon Sep 17 00:00:00 2001
From: Krzesimir Nowak <knowak@microsoft.com>
Date: Thu, 8 Aug 2024 13:51:09 +0200
Subject: [PATCH] net-firewall/conntrack-tools: Sync with Gentoo

It's from Gentoo commit bba3b5ebac787dfe00976780ba5ac918368dcf70.
---
 .../net-firewall/conntrack-tools/Manifest     |  6 +-
 ...ebuild => conntrack-tools-1.4.7-r1.ebuild} | 57 ++++++++++++-------
 ...r1.ebuild => conntrack-tools-1.4.8.ebuild} | 34 ++++++-----
 ...e.am-don-t-suppress-various-warnings.patch | 28 +++++++++
 ...ls-1.4.5-0002-Fix-Wstrict-prototypes.patch | 19 +++++++
 ...3-Fix-Wimplicit-function-declaration.patch | 56 ++++++++++++++++++
 .../files/conntrack-tools-1.4.5-rpc.patch     | 41 -------------
 .../net-firewall/conntrack-tools/metadata.xml |  1 -
 8 files changed, 162 insertions(+), 80 deletions(-)
 rename sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/{conntrack-tools-1.4.5.ebuild => conntrack-tools-1.4.7-r1.ebuild} (54%)
 rename sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/{conntrack-tools-1.4.6-r1.ebuild => conntrack-tools-1.4.8.ebuild} (69%)
 create mode 100644 sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-0001-Makefile.am-don-t-suppress-various-warnings.patch
 create mode 100644 sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-0002-Fix-Wstrict-prototypes.patch
 create mode 100644 sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-0003-Fix-Wimplicit-function-declaration.patch
 delete mode 100644 sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-rpc.patch

diff --git a/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/Manifest b/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/Manifest
index 07bc0cabde..5b519c990d 100644
--- a/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/Manifest
+++ b/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/Manifest
@@ -1,2 +1,4 @@
-DIST conntrack-tools-1.4.5.tar.bz2 479562 BLAKE2B 229531d1c6c237e539df5b83525dca5ce0b009a76a2a5f873282eabc73cc00095c15c686bc68f9364e81efc846bfa8eac8b08f7fd476199d10d0c25190ca2456 SHA512 480fe2cc4420bc8477a2ba67b3d052bcb39c6b3ec000cff27fc12db70b42ec94fa3b5fe12ee35d439e88d9a631a33cd12ae470b69dde6d371d4e53af62a2eed1
-DIST conntrack-tools-1.4.6.tar.bz2 499806 BLAKE2B 7c1ee1c5fc2b6f9d33c6cf850eca80978b8763317b1a76892cefb776130564f15fbd4e4554fdb08dbba93d9f16b7e4624a1b4dd5a631f747f5fcc0a5b01b8d5e SHA512 a48260308a12b11b584fcf4658ec2c4c1adb2801c9cf9a73fc259e5c30d2fbe401aca21e931972413f03e415f98fbf9bd678d2126faa6c6d5748e8a652e58f1a
+DIST conntrack-tools-1.4.7.tar.bz2 539688 BLAKE2B 42a3cacf8a32a5b8b688a9fd68f66024c591e9814ef3cc349456691094bab0fae15bb1c00befa178b0f8e845bf6fc00715cbf9db55cd7bf2d155c2dfd55f9b1a SHA512 3d37a6b8cd13fd3c149ab80009d686d2184920ba2d0d5c1b57abed6e92e0dd92cba868bfe22f1a155479fe5ab2e291b8bb8a7e72123a73788032202ac142653b
+DIST conntrack-tools-1.4.7.tar.bz2.sig 566 BLAKE2B c513cd59d9aeb76bb33bb8c4e0d25c46b6303a9d3f3e359e20248e2d8dd2822777056e217c12da9005ee075036ea05a74dd1ed9f22a44b7d4745ff6917bda15b SHA512 5a2bcc6da792544029ddf0d3a4caf019b215907e66d491e5d98a4f1189fc9c03ec8aad5ad22166799c5f0c81273284cb757e9368c9d9d3049bc49da47c037e05
+DIST conntrack-tools-1.4.8.tar.xz 452980 BLAKE2B 2f8a7d7facf4890a8ca7dec54d5faa1383ad5e449a0599707578567e9c8ed6fd63ca308538afc34e99121e39e80c1ce686c8dda89247abdf4699bb420b52c4fb SHA512 95d8f6f068c1342ad7e767537e722272a4f5bd8b46b952713ade053a1043aa9ababbe5ce658ede9c77b6de5221b97ad8833777caffd69b67dd70a99f2b45afdf
+DIST conntrack-tools-1.4.8.tar.xz.sig 566 BLAKE2B 65c2ee185b099281603bca179038bd9ab6e28756f9fa12a53a8bcb75ed561097c9e4672c45fcecc366b86b65e1753073808090e264671d3a3d8dd18ed6f4d680 SHA512 8cd229d2e980ab1788e90fc8f53827fe1e4b21801cad6cddf6a9ff537501c40c52242cc964005b2889ad0a4548c772304db8696d4644611ecf9f091aca5c14ee
diff --git a/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/conntrack-tools-1.4.5.ebuild b/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/conntrack-tools-1.4.7-r1.ebuild
similarity index 54%
rename from sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/conntrack-tools-1.4.5.ebuild
rename to sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/conntrack-tools-1.4.7-r1.ebuild
index 373ac039b6..bf2390450b 100644
--- a/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/conntrack-tools-1.4.5.ebuild
+++ b/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/conntrack-tools-1.4.7-r1.ebuild
@@ -1,44 +1,53 @@
-# Copyright 1999-2020 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-EAPI=6
-inherit autotools linux-info
+EAPI=8
+
+VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/netfilter.org.asc
+inherit autotools linux-info systemd verify-sig
 
 DESCRIPTION="Connection tracking userspace tools"
-HOMEPAGE="http://conntrack-tools.netfilter.org"
-SRC_URI="http://www.netfilter.org/projects/conntrack-tools/files/${P}.tar.bz2"
+HOMEPAGE="https://conntrack-tools.netfilter.org"
+SRC_URI="https://www.netfilter.org/projects/conntrack-tools/files/${P}.tar.bz2
+	verify-sig? ( https://www.netfilter.org/projects/conntrack-tools/files/${P}.tar.bz2.sig )"
 
 LICENSE="GPL-2"
 SLOT="0"
-KEYWORDS="~alpha amd64 ~arm64 ~hppa x86"
-IUSE="doc +cthelper +cttimeout +libtirpc"
+KEYWORDS="~alpha amd64 ~arm64 ~hppa ppc ppc64 ~riscv x86"
+IUSE="doc +cthelper +cttimeout systemd"
 
 RDEPEND="
 	>=net-libs/libmnl-1.0.3
-	>=net-libs/libnetfilter_conntrack-1.0.7
+	>=net-libs/libnetfilter_conntrack-1.0.9
+	>=net-libs/libnetfilter_queue-1.0.2
+	>=net-libs/libnfnetlink-1.0.1
+	net-libs/libtirpc
 	cthelper? (
 		>=net-libs/libnetfilter_cthelper-1.0.0
 	)
 	cttimeout? (
 		>=net-libs/libnetfilter_cttimeout-1.0.0
 	)
-	>=net-libs/libnetfilter_queue-1.0.2
-	>=net-libs/libnfnetlink-1.0.1
-	!libtirpc? ( sys-libs/glibc[rpc(-)] )
-	libtirpc? ( net-libs/libtirpc )
+	systemd? (
+		>=sys-apps/systemd-227
+	)
 "
-DEPEND="
-	${RDEPEND}
+DEPEND="${RDEPEND}"
+BDEPEND="
+	app-alternatives/yacc
+	app-alternatives/lex
+	virtual/pkgconfig
 	doc? (
 		app-text/docbook-xml-dtd:4.1.2
 		app-text/xmlto
 	)
-	virtual/pkgconfig
-	sys-devel/bison
-	sys-devel/flex
+	verify-sig? ( sec-keys/openpgp-keys-netfilter )
 "
+
 PATCHES=(
-	"${FILESDIR}"/${PN}-1.4.5-rpc.patch
+	"${FILESDIR}"/${PN}-1.4.5-0001-Makefile.am-don-t-suppress-various-warnings.patch
+	"${FILESDIR}"/${PN}-1.4.5-0002-Fix-Wstrict-prototypes.patch
+	"${FILESDIR}"/${PN}-1.4.5-0003-Fix-Wimplicit-function-declaration.patch
 )
 
 pkg_setup() {
@@ -48,7 +57,7 @@ pkg_setup() {
 		die "${PN} requires at least 2.6.18 kernel version"
 	fi
 
-	#netfilter core team has changed some option names with kernel 2.6.20
+	# netfilter core team has changed some option names with kernel 2.6.20
 	if kernel_is lt 2 6 20 ; then
 		CONFIG_CHECK="~IP_NF_CONNTRACK_NETLINK"
 	else
@@ -72,6 +81,7 @@ src_prepare() {
 	# bug #474858
 	sed -i -e 's:/var/lock:/run/lock:' doc/stats/conntrackd.conf || die
 
+	# Drop once Clang 16 patches merged (implicit func decl, etc)
 	eautoreconf
 }
 
@@ -79,23 +89,26 @@ src_configure() {
 	econf \
 		$(use_enable cthelper) \
 		$(use_enable cttimeout) \
-		$(use_with libtirpc)
+		$(use_enable systemd)
 }
 
 src_compile() {
 	default
+
 	use doc && emake -C doc/manual
 }
 
 src_install() {
 	default
 
-	newinitd "${FILESDIR}/conntrackd.initd-r3" conntrackd
-	newconfd "${FILESDIR}/conntrackd.confd-r2" conntrackd
+	newinitd "${FILESDIR}"/conntrackd.initd-r3 conntrackd
+	newconfd "${FILESDIR}"/conntrackd.confd-r2 conntrackd
 
 	insinto /etc/conntrackd
 	doins doc/stats/conntrackd.conf
 
+	systemd_dounit "${FILESDIR}"/conntrackd.service
+
 	dodoc -r doc/sync doc/stats AUTHORS TODO
 	use doc && dodoc doc/manual/${PN}.html
 }
diff --git a/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/conntrack-tools-1.4.6-r1.ebuild b/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/conntrack-tools-1.4.8.ebuild
similarity index 69%
rename from sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/conntrack-tools-1.4.6-r1.ebuild
rename to sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/conntrack-tools-1.4.8.ebuild
index 228854d83c..9f8f953c6f 100644
--- a/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/conntrack-tools-1.4.6-r1.ebuild
+++ b/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/conntrack-tools-1.4.8.ebuild
@@ -1,13 +1,17 @@
-# Copyright 1999-2021 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 
-EAPI=7
+EAPI=8
 
-inherit linux-info systemd
+VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/netfilter.org.asc
+inherit linux-info systemd verify-sig
 
 DESCRIPTION="Connection tracking userspace tools"
-HOMEPAGE="http://conntrack-tools.netfilter.org"
-SRC_URI="http://www.netfilter.org/projects/conntrack-tools/files/${P}.tar.bz2"
+HOMEPAGE="https://conntrack-tools.netfilter.org"
+SRC_URI="
+	https://www.netfilter.org/projects/conntrack-tools/files/${P}.tar.xz
+	verify-sig? ( https://www.netfilter.org/projects/conntrack-tools/files/${P}.tar.xz.sig )
+"
 
 LICENSE="GPL-2"
 SLOT="0"
@@ -16,7 +20,7 @@ IUSE="doc +cthelper +cttimeout systemd"
 
 RDEPEND="
 	>=net-libs/libmnl-1.0.3
-	>=net-libs/libnetfilter_conntrack-1.0.8
+	>=net-libs/libnetfilter_conntrack-1.0.9
 	>=net-libs/libnetfilter_queue-1.0.2
 	>=net-libs/libnfnetlink-1.0.1
 	net-libs/libtirpc
@@ -32,13 +36,14 @@ RDEPEND="
 "
 DEPEND="${RDEPEND}"
 BDEPEND="
-	sys-devel/bison
-	sys-devel/flex
+	app-alternatives/yacc
+	app-alternatives/lex
 	virtual/pkgconfig
 	doc? (
 		app-text/docbook-xml-dtd:4.1.2
 		app-text/xmlto
 	)
+	verify-sig? ( sec-keys/openpgp-keys-netfilter )
 "
 
 pkg_setup() {
@@ -48,7 +53,7 @@ pkg_setup() {
 		die "${PN} requires at least 2.6.18 kernel version"
 	fi
 
-	#netfilter core team has changed some option names with kernel 2.6.20
+	# netfilter core team has changed some option names with kernel 2.6.20
 	if kernel_is lt 2 6 20 ; then
 		CONFIG_CHECK="~IP_NF_CONNTRACK_NETLINK"
 	else
@@ -67,10 +72,10 @@ pkg_setup() {
 }
 
 src_prepare() {
+	default
+
 	# bug #474858
 	sed -i -e 's:/var/lock:/run/lock:' doc/stats/conntrackd.conf || die
-
-	default
 }
 
 src_configure() {
@@ -82,19 +87,20 @@ src_configure() {
 
 src_compile() {
 	default
+
 	use doc && emake -C doc/manual
 }
 
 src_install() {
 	default
 
-	newinitd "${FILESDIR}/conntrackd.initd-r3" conntrackd
-	newconfd "${FILESDIR}/conntrackd.confd-r2" conntrackd
+	newinitd "${FILESDIR}"/conntrackd.initd-r3 conntrackd
+	newconfd "${FILESDIR}"/conntrackd.confd-r2 conntrackd
 
 	insinto /etc/conntrackd
 	doins doc/stats/conntrackd.conf
 
-	systemd_dounit "${FILESDIR}/conntrackd.service"
+	systemd_dounit "${FILESDIR}"/conntrackd.service
 
 	dodoc -r doc/sync doc/stats AUTHORS TODO
 	use doc && dodoc doc/manual/${PN}.html
diff --git a/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-0001-Makefile.am-don-t-suppress-various-warnings.patch b/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-0001-Makefile.am-don-t-suppress-various-warnings.patch
new file mode 100644
index 0000000000..bc9bd8d3a1
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-0001-Makefile.am-don-t-suppress-various-warnings.patch
@@ -0,0 +1,28 @@
+https://bugzilla.netfilter.org/show_bug.cgi?id=1637
+
+From a450f6374dc1b0296578599adf77f9ac025fab85 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Thu, 24 Nov 2022 07:51:23 +0000
+Subject: [PATCH 1/3] Makefile.am: don't suppress various warnings
+
+These will become fatal with Clang 16 and GCC 14 anyway, but let's
+address the real problem (followup commit).
+
+We do have to keep one wrt yyerror() & const char* though, but
+the issue is contained to the code Bison generates.
+
+Bug: https://bugzilla.netfilter.org/show_bug.cgi?id=1637
+Signed-off-by: Sam James <sam@gentoo.org>
+--- a/src/Makefile.am
++++ b/src/Makefile.am
+@@ -60,8 +60,8 @@ if HAVE_SYSTEMD
+ conntrackd_SOURCES += systemd.c
+ endif
+ 
+-# yacc and lex generate dirty code
+-read_config_yy.o read_config_lex.o: AM_CFLAGS += -Wno-missing-prototypes -Wno-missing-declarations -Wno-implicit-function-declaration -Wno-nested-externs -Wno-undef -Wno-redundant-decls -Wno-sign-compare
++# yacc and lex generate dirty code (issue is in yyerror() wrt const char* vs. char*)
++read_config_yy.o read_config_lex.o: AM_CFLAGS += -Wno-incompatible-pointer-types -Wno-discarded-qualifiers
+ 
+ conntrackd_LDADD = ${LIBMNL_LIBS} ${LIBNETFILTER_CONNTRACK_LIBS} \
+ 		   ${libdl_LIBS} ${LIBNFNETLINK_LIBS}
diff --git a/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-0002-Fix-Wstrict-prototypes.patch b/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-0002-Fix-Wstrict-prototypes.patch
new file mode 100644
index 0000000000..e170ec07ba
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-0002-Fix-Wstrict-prototypes.patch
@@ -0,0 +1,19 @@
+https://bugzilla.netfilter.org/show_bug.cgi?id=1637
+
+From 11965f7020fbadcc9784daf598687841e96ef3fe Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Thu, 24 Nov 2022 07:52:01 +0000
+Subject: [PATCH 2/3] Fix -Wstrict-prototypes
+
+Signed-off-by: Sam James <sam@gentoo.org>
+--- a/src/network.c
++++ b/src/network.c
+@@ -113,7 +113,7 @@ void nethdr_track_update_seq(uint32_t seq)
+ 	STATE_SYNC(last_seq_recv) = seq;
+ }
+ 
+-int nethdr_track_is_seq_set()
++int nethdr_track_is_seq_set(void)
+ {
+ 	return local_seq_set;
+ }
diff --git a/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-0003-Fix-Wimplicit-function-declaration.patch b/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-0003-Fix-Wimplicit-function-declaration.patch
new file mode 100644
index 0000000000..eb34f4ffd4
--- /dev/null
+++ b/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-0003-Fix-Wimplicit-function-declaration.patch
@@ -0,0 +1,56 @@
+https://bugzilla.netfilter.org/show_bug.cgi?id=1637
+
+From a6df37777fc47c2473a13501c17eb3cbbf922ec1 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Thu, 24 Nov 2022 07:57:37 +0000
+Subject: [PATCH 3/3] Fix -Wimplicit-function-declaration
+
+Bug: https://bugzilla.netfilter.org/show_bug.cgi?id=1637
+Signed-off-by: Sam James <sam@gentoo.org>
+--- a/src/read_config_lex.l
++++ b/src/read_config_lex.l
+@@ -21,6 +21,7 @@
+ 
+ #include <string.h>
+ 
++#include "log.h"
+ #include "conntrackd.h"
+ #include "read_config_yy.h"
+ %}
+@@ -174,7 +175,7 @@ notrack		[N|n][O|o][T|t][R|r][A|a][C|c][K|k]
+ %%
+ 
+ int
+-yywrap()
++yywrap(void)
+ {
+ 	return 1;
+ }
+--- a/src/read_config_yy.y
++++ b/src/read_config_yy.y
+@@ -31,14 +31,25 @@
+ #include "cidr.h"
+ #include "helper.h"
+ #include "stack.h"
++#include "log.h"
++
++#include <sys/socket.h>
++#include <netinet/in.h>
++#include <arpa/inet.h>
++
+ #include <sched.h>
+ #include <dlfcn.h>
++
+ #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
+ #include <libnetfilter_conntrack/libnetfilter_conntrack_tcp.h>
+ 
+ extern char *yytext;
+ extern int   yylineno;
+ 
++int yylex (void);
++int yyerror (char *msg);
++void yyrestart (FILE *input_file);
++
+ struct ct_conf conf;
+ 
+ static void __kernel_filter_start(void);
diff --git a/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-rpc.patch b/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-rpc.patch
deleted file mode 100644
index 1f7fc44f44..0000000000
--- a/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/files/conntrack-tools-1.4.5-rpc.patch
+++ /dev/null
@@ -1,41 +0,0 @@
---- a/configure.ac
-+++ b/configure.ac
-@@ -50,6 +50,25 @@
-         AS_HELP_STRING([--enable-systemd], [Build systemd support]),
-         [enable_systemd="$enableval"], [enable_systemd="no"])
- 
-+AC_ARG_WITH([libtirpc],
-+           AS_HELP_STRING([--with-libtirpc], [Use libtirpc as RPC implementation (instead of sunrpc)]),
-+           [], [ with_libtirpc=no ])
-+
-+AS_IF([test "x$with_libtirpc" != xno],
-+      [PKG_CHECK_MODULES([TIRPC],
-+                         [libtirpc],
-+                         [RPC_CFLAGS=$TIRPC_CFLAGS; RPC_LIBS=$TIRPC_LIBS;],
-+                        [AC_MSG_ERROR([libtirpc requested, but library not found.])]
-+                       )],
-+      [AC_CHECK_HEADER(rpc/rpc.h,
-+                      [RPC_CFLAGS=""; RPC_LIBS="";],
-+                      [AC_MSG_ERROR([sunrpc requested, but headers are not present.])]
-+                     )]
-+)
-+
-+AC_SUBST(RPC_CFLAGS)
-+AC_SUBST(RPC_LIBS)
-+
- PKG_CHECK_MODULES([LIBNFNETLINK], [libnfnetlink >= 1.0.1])
- PKG_CHECK_MODULES([LIBMNL], [libmnl >= 1.0.3])
- PKG_CHECK_MODULES([LIBNETFILTER_CONNTRACK], [libnetfilter_conntrack >= 1.0.7])
---- a/src/helpers/Makefile.am
-+++ b/src/helpers/Makefile.am
-@@ -30,8 +30,8 @@
- ct_helper_mdns_la_CFLAGS = $(HELPER_CFLAGS)
- 
- ct_helper_rpc_la_SOURCES = rpc.c
--ct_helper_rpc_la_LDFLAGS = $(HELPER_LDFLAGS)
--ct_helper_rpc_la_CFLAGS = $(HELPER_CFLAGS)
-+ct_helper_rpc_la_LDFLAGS = $(HELPER_LDFLAGS) $(RPC_LIBS)
-+ct_helper_rpc_la_CFLAGS = $(HELPER_CFLAGS) $(RPC_CFLAGS)
- 
- ct_helper_tftp_la_SOURCES = tftp.c
- ct_helper_tftp_la_LDFLAGS = $(HELPER_LDFLAGS)
diff --git a/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/metadata.xml b/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/metadata.xml
index 990d814e3f..d406b96cdb 100644
--- a/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/metadata.xml
+++ b/sdk_container/src/third_party/portage-stable/net-firewall/conntrack-tools/metadata.xml
@@ -16,7 +16,6 @@ interface conntrack.
 <remote-id type="cpe">cpe:/a:netfilter:conntrack-tools</remote-id>
 </upstream>
 <use>
-<flag name="libtirpc">Use <pkg>net-libs/libtirpc</pkg> for RPC support</flag>
 <flag name="cthelper">Use <pkg>net-libs/libnetfilter_cthelper</pkg> for userspace conntrack helper support</flag>
 <flag name="cttimeout">Use <pkg>net-libs/libnetfilter_cttimeout</pkg> for conntrack timeout support</flag>
 </use>