diff --git a/.booth.metadata b/.booth.metadata index c1ea9b1..0abddfe 100644 --- a/.booth.metadata +++ b/.booth.metadata @@ -1 +1 @@ -5444fbd98864fee07bc8b7c97a3c579b6ad72190 SOURCES/booth-1.0-251-bfb2f92.tar.gz +1fe5851af81995b4187b6c24ffbb9e8edead7060 SOURCES/booth-1.0-283-9d4029a.tar.gz diff --git a/.gitignore b/.gitignore index 5ce4e48..9cc4d95 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/booth-1.0-251-bfb2f92.tar.gz +SOURCES/booth-1.0-283-9d4029a.tar.gz diff --git a/SOURCES/bz2113970-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch b/SOURCES/bz2113970-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch deleted file mode 100644 index 3ab2586..0000000 --- a/SOURCES/bz2113970-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 35bf0b7b048d715f671eb68974fb6b4af6528c67 Mon Sep 17 00:00:00 2001 -From: Jan Friesse -Date: Mon, 4 Jul 2022 09:39:47 +0200 -Subject: [PATCH] Revert "Refactor: main: substitute is_auth_req macro" - -This reverts commit da79b8ba28ad4837a0fee13e5f8fb6f89fe0e24c. - -authfile != authkey - -Signed-off-by: Jan Friesse ---- - src/main.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/main.c b/src/main.c -index b50a883..b4a174f 100644 ---- a/src/main.c -+++ b/src/main.c -@@ -364,7 +364,7 @@ static int setup_config(int type) - if (rv < 0) - goto out; - -- if (is_auth_req()) { -+ if (booth_conf->authfile[0] != '\0') { - rv = read_authkey(); - if (rv < 0) - goto out; --- -2.37.1 - diff --git a/SOURCES/bz2113970-2-config-Add-enable-authfile-option.patch b/SOURCES/rhel-specific-0001-config-Add-enable-authfile-option.patch similarity index 88% rename from SOURCES/bz2113970-2-config-Add-enable-authfile-option.patch rename to SOURCES/rhel-specific-0001-config-Add-enable-authfile-option.patch index a3adc72..606f1fe 100644 --- a/SOURCES/bz2113970-2-config-Add-enable-authfile-option.patch +++ b/SOURCES/rhel-specific-0001-config-Add-enable-authfile-option.patch @@ -1,6 +1,6 @@ -From 466246c2fa8ea1bcc06593fbf7b900d0665606b1 Mon Sep 17 00:00:00 2001 +From 87c8545816cca03d19c2f3ef54031940f7e19d50 Mon Sep 17 00:00:00 2001 From: Jan Friesse -Date: Tue, 26 Jul 2022 18:39:38 +0200 +Date: Fri, 18 Nov 2022 11:57:46 +0100 Subject: [PATCH] config: Add enable-authfile option This option enables (or disables) usage of authfile. Can be 'yes' or 'no'. @@ -31,28 +31,28 @@ Signed-off-by: Jan Friesse 4 files changed, 26 insertions(+), 1 deletion(-) diff --git a/docs/boothd.8.txt b/docs/boothd.8.txt -index f58f27e..12f66f9 100644 +index 0f3d2c1..c7a8413 100644 --- a/docs/boothd.8.txt +++ b/docs/boothd.8.txt @@ -230,6 +230,13 @@ will always bind and listen to both UDP and TCP ports. parameter to a higher value. The time skew test is performed only in concert with authentication. -+*'enable-authfile'*:: ++'enable-authfile':: + Enables (or disables) usage of authfile. Can be 'yes' or 'no'. + Default is 'no'. + This is non-upstream option used to allow use of authfile without + breaking compatibility for clusters consisting of mixed + versions of booth. + - *'site'*:: - Defines a site Raft member with the given IP. Sites can - acquire tickets. The sites' IP should be managed by the cluster. + 'debug':: + Specifies the debug output level. Alternative to + command line argument. Effective only for 'daemon' diff --git a/src/config.c b/src/config.c -index 8e41553..b9df3e3 100644 +index f0ca4aa..e1f25f0 100644 --- a/src/config.c +++ b/src/config.c -@@ -729,6 +729,23 @@ no_value: +@@ -732,6 +732,23 @@ no_value: booth_conf->maxtimeskew = atoi(val); continue; } @@ -102,5 +102,5 @@ index b4a174f..0fdb295 100644 if (rv < 0) goto out; -- -2.37.1 +2.27.0 diff --git a/SPECS/booth.spec b/SPECS/booth.spec index dd02aa6..f4a9b4e 100644 --- a/SPECS/booth.spec +++ b/SPECS/booth.spec @@ -28,10 +28,10 @@ # This will be used to fill booth_ver, booth_numcomm and booth_sha1. # It is important to keep abbrev to get full length sha1! When updating source use # `spectool -g booth.spec` to download source. -%global git_describe_str v1.0-251-gbfb2f924c07db823f5c934d1aafbc5181bb25148 +%global git_describe_str v1.0-283-g9d4029aa14323a7f3b496215d25e40bd14f33632 # Set this to 1 when rebasing (changing git_describe_str) and increase otherwise -%global release 3 +%global release 1 # Run shell script to parse git_describe str into version, numcomm and sha1 hash %global booth_ver %(s=%{git_describe_str}; vver=${s%%%%-*}; echo ${vver:1}) @@ -57,13 +57,12 @@ Name: booth Version: %{booth_ver} -Release: %{booth_numcomm}.%{release}.%{booth_short_sha1}.git%{?dist}.1 +Release: %{booth_numcomm}.%{release}.%{booth_short_sha1}.git%{?dist} Summary: Ticket Manager for Multi-site Clusters License: GPLv2+ Url: https://github.com/%{github_owner}/%{name} Source0: https://github.com/%{github_owner}/%{name}/archive/%{booth_short_sha1}/%{booth_archive_name}.tar.gz -Patch0: bz2113970-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch -Patch1: bz2113970-2-config-Add-enable-authfile-option.patch +Patch0: rhel-specific-0001-config-Add-enable-authfile-option.patch # direct build process dependencies BuildRequires: autoconf @@ -312,13 +311,23 @@ VERBOSE=1 make check %{_usr}/lib/ocf/resource.d/booth/sharedrsc %changelog -* Tue Aug 09 2022 Jan Friesse - 1.0-251.3.bfb2f92.git.1 -- Related: rhbz#2113970 +* Mon Nov 21 2022 Jan Friesse - 1.0-283.1.9d4029a.git +- Resolves: rhbz#2135866 + +- Update to current snapshot (commit 9d4029a) (rhbz#2135866) + +* Tue Oct 25 2022 Jan Friesse - 1.0-251.5.bfb2f92.git +- Resolves: rhbz#2133833 + +- unit file: Remove Alias directive + +* Tue Aug 09 2022 Jan Friesse - 1.0-251.4.bfb2f92.git +- Related: rhbz#2111669 - Remove template unit from systemd_(post|preun|postun_with_restart) macro -* Thu Aug 04 2022 Jan Friesse - 1.0-251.2.bfb2f92.git.1 -- Resolves: rhbz#2113970 +* Wed Aug 03 2022 Jan Friesse - 1.0-251.3.bfb2f92.git +- Resolves: rhbz#2111669 - Fix authfile directive handling in booth config file (fixes CVE-2022-2553)