Compare commits
No commits in common. "c8" and "imports/c8/booth-1.0-6.ac1d34c.git.el8.2" have entirely different histories.
c8
...
imports/c8
|
@ -0,0 +1 @@
|
|||
4813ede4a6bb517564a3b9f6fe523164a7362c5b SOURCES/booth-ac1d34c.tar.gz
|
|
@ -1 +1 @@
|
|||
SOURCES/booth-1.1.tar.gz
|
||||
SOURCES/booth-ac1d34c.tar.gz
|
||||
|
|
|
@ -0,0 +1,33 @@
|
|||
From 2f944ea46b1b39113a34ca586cd8e3cd8f0d1d70 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Friesse <jfriesse@redhat.com>
|
||||
Date: Wed, 3 Jun 2020 15:04:56 +0200
|
||||
Subject: [PATCH] build: Do not link with pcmk libraries
|
||||
|
||||
Patch 4205de05fe337d1b1127fae302e6e6c2f0613ccf introduced better way to
|
||||
check for pacemaker headers but also usage of PCMK_LIBS when linking
|
||||
boothd.
|
||||
|
||||
This is not needed, because boothd uses just crm/services.h header file
|
||||
for inclusion of OCF return codes, so patch removes the use of PCMK_LIBS.
|
||||
|
||||
Signed-off-by: Jan Friesse <jfriesse@redhat.com>
|
||||
---
|
||||
src/Makefile.am | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/Makefile.am b/src/Makefile.am
|
||||
index 8598725..4023791 100644
|
||||
--- a/src/Makefile.am
|
||||
+++ b/src/Makefile.am
|
||||
@@ -23,7 +23,7 @@ boothd_SOURCES += auth.c
|
||||
endif
|
||||
|
||||
boothd_LDFLAGS = $(OS_DYFLAGS) -L./
|
||||
-boothd_LDADD = -lm $(GLIB_LIBS) $(ZLIB_LIBS) $(PCMK_LIBS)
|
||||
+boothd_LDADD = -lm $(GLIB_LIBS) $(ZLIB_LIBS)
|
||||
boothd_CFLAGS = $(GLIB_CFLAGS) $(PCMK_CFLAGS)
|
||||
|
||||
if !LOGGING_LIBQB
|
||||
--
|
||||
2.18.2
|
||||
|
|
@ -1,37 +0,0 @@
|
|||
From 4bdd96d767fc38239c4fac9e95404da99f61ac65 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Friesse <jfriesse@redhat.com>
|
||||
Date: Wed, 21 Feb 2024 17:40:11 +0100
|
||||
Subject: [PATCH 1/4] attr: Fix reading of server_reply
|
||||
|
||||
read_server_reply first reads boothc header and then rest of packet
|
||||
which contains hmac info. This should go in memory right after
|
||||
boothc_header and not after full length of packet, because full length
|
||||
of packet already contains hmac info.
|
||||
|
||||
Solution is to simply use length of header and not length of packet.
|
||||
|
||||
Longer term and better solution would be to drop read_server_reply
|
||||
completely and use recv_auth which is used for everything else but attr
|
||||
set and delete.
|
||||
|
||||
Signed-off-by: Jan Friesse <jfriesse@redhat.com>
|
||||
---
|
||||
src/attr.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/attr.c b/src/attr.c
|
||||
index 44061e3..bc154f0 100644
|
||||
--- a/src/attr.c
|
||||
+++ b/src/attr.c
|
||||
@@ -142,7 +142,7 @@ static int read_server_reply(
|
||||
return -2;
|
||||
}
|
||||
len = ntohl(header->length);
|
||||
- rv = tpt->recv(site, msg+len, len-sizeof(*header));
|
||||
+ rv = tpt->recv(site, msg+sizeof(*header), len-sizeof(*header));
|
||||
if (rv < 0) {
|
||||
return -1;
|
||||
}
|
||||
--
|
||||
2.44.0
|
||||
|
|
@ -1,65 +0,0 @@
|
|||
From 91fcfb5708f829ecff7d098ed4c0fc8f2da6d599 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Friesse <jfriesse@redhat.com>
|
||||
Date: Wed, 21 Feb 2024 18:12:28 +0100
|
||||
Subject: [PATCH 2/4] auth: Check result of gcrypt gcry_md_get_algo_dlen
|
||||
|
||||
When unknown hash is passed to gcry_md_get_algo_dlen 0 is returned. This
|
||||
value is then used for memcmp so wrong hmac might be accepted as
|
||||
correct.
|
||||
|
||||
Signed-off-by: Jan Friesse <jfriesse@redhat.com>
|
||||
---
|
||||
src/auth.c | 16 +++++++++++++---
|
||||
1 file changed, 13 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/auth.c b/src/auth.c
|
||||
index 8f86b9a..a3b3d20 100644
|
||||
--- a/src/auth.c
|
||||
+++ b/src/auth.c
|
||||
@@ -28,6 +28,11 @@ int calc_hmac(const void *data, size_t datalen,
|
||||
{
|
||||
static gcry_md_hd_t digest;
|
||||
gcry_error_t err;
|
||||
+ int hlen;
|
||||
+
|
||||
+ hlen = gcry_md_get_algo_dlen(hid);
|
||||
+ if (!hlen)
|
||||
+ return -1;
|
||||
|
||||
if (!digest) {
|
||||
err = gcry_md_open(&digest, hid, GCRY_MD_FLAG_HMAC);
|
||||
@@ -42,7 +47,7 @@ int calc_hmac(const void *data, size_t datalen,
|
||||
}
|
||||
}
|
||||
gcry_md_write(digest, data, datalen);
|
||||
- memcpy(result, gcry_md_read(digest, 0), gcry_md_get_algo_dlen(hid));
|
||||
+ memcpy(result, gcry_md_read(digest, 0), hlen);
|
||||
gcry_md_reset(digest);
|
||||
return 0;
|
||||
}
|
||||
@@ -54,15 +59,20 @@ int verify_hmac(const void *data, size_t datalen,
|
||||
{
|
||||
unsigned char *our_hmac;
|
||||
int rc;
|
||||
+ int hlen;
|
||||
+
|
||||
+ hlen = gcry_md_get_algo_dlen(hid);
|
||||
+ if (!hlen)
|
||||
+ return -1;
|
||||
|
||||
- our_hmac = malloc(gcry_md_get_algo_dlen(hid));
|
||||
+ our_hmac = malloc(hlen);
|
||||
if (!our_hmac)
|
||||
return -1;
|
||||
|
||||
rc = calc_hmac(data, datalen, hid, our_hmac, key, keylen);
|
||||
if (rc)
|
||||
goto out_free;
|
||||
- rc = memcmp(our_hmac, hmac, gcry_md_get_algo_dlen(hid));
|
||||
+ rc = memcmp(our_hmac, hmac, hlen);
|
||||
|
||||
out_free:
|
||||
if (our_hmac)
|
||||
--
|
||||
2.44.0
|
||||
|
|
@ -1,106 +0,0 @@
|
|||
From 87c8545816cca03d19c2f3ef54031940f7e19d50 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Friesse <jfriesse@redhat.com>
|
||||
Date: Fri, 18 Nov 2022 11:57:46 +0100
|
||||
Subject: [PATCH] config: Add enable-authfile option
|
||||
|
||||
This option enables (or disables) usage of authfile. Can be 'yes' or 'no'.
|
||||
Default is 'no'.
|
||||
|
||||
Booth usage of authfile was broken for long time (since commit
|
||||
da79b8ba28ad4837a0fee13e5f8fb6f89fe0e24c).
|
||||
|
||||
Pcs was adding authfile by default, but it was not used. Once booth bug
|
||||
was fixed problem appears because mixed clusters (with fixed version and
|
||||
without fixed one) stops working.
|
||||
|
||||
This non-upstream option is added and used to allow use of
|
||||
authfile without breaking compatibility for clusters
|
||||
consisting of mixed versions (usually happens before all nodes are
|
||||
updated) of booth (user have to explicitly
|
||||
enable usage of authfile).
|
||||
|
||||
This patch is transitional and will be removed in future major version of
|
||||
distribution.
|
||||
|
||||
Signed-off-by: Jan Friesse <jfriesse@redhat.com>
|
||||
---
|
||||
docs/boothd.8.txt | 7 +++++++
|
||||
src/config.c | 17 +++++++++++++++++
|
||||
src/config.h | 1 +
|
||||
src/main.c | 2 +-
|
||||
4 files changed, 26 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/docs/boothd.8.txt b/docs/boothd.8.txt
|
||||
index 0f3d2c1..c7a8413 100644
|
||||
--- a/docs/boothd.8.txt
|
||||
+++ b/docs/boothd.8.txt
|
||||
@@ -230,6 +230,13 @@ will always bind and listen to both UDP and TCP ports.
|
||||
parameter to a higher value. The time skew test is performed
|
||||
only in concert with authentication.
|
||||
|
||||
+'enable-authfile'::
|
||||
+ Enables (or disables) usage of authfile. Can be 'yes' or 'no'.
|
||||
+ Default is 'no'.
|
||||
+ This is non-upstream option used to allow use of authfile without
|
||||
+ breaking compatibility for clusters consisting of mixed
|
||||
+ versions of booth.
|
||||
+
|
||||
'debug'::
|
||||
Specifies the debug output level. Alternative to
|
||||
command line argument. Effective only for 'daemon'
|
||||
diff --git a/src/config.c b/src/config.c
|
||||
index f0ca4aa..e1f25f0 100644
|
||||
--- a/src/config.c
|
||||
+++ b/src/config.c
|
||||
@@ -732,6 +732,23 @@ no_value:
|
||||
booth_conf->maxtimeskew = atoi(val);
|
||||
continue;
|
||||
}
|
||||
+
|
||||
+ if (strcmp(key, "enable-authfile") == 0) {
|
||||
+ if (strcasecmp(val, "yes") == 0 ||
|
||||
+ strcasecmp(val, "on") == 0 ||
|
||||
+ strcasecmp(val, "1") == 0) {
|
||||
+ booth_conf->enable_authfile = 1;
|
||||
+ } else if (strcasecmp(val, "no") == 0 ||
|
||||
+ strcasecmp(val, "off") == 0 ||
|
||||
+ strcasecmp(val, "0") == 0) {
|
||||
+ booth_conf->enable_authfile = 0;
|
||||
+ } else {
|
||||
+ error = "Expected yes/no value for enable-authfile";
|
||||
+ goto err;
|
||||
+ }
|
||||
+
|
||||
+ continue;
|
||||
+ }
|
||||
#endif
|
||||
|
||||
if (strcmp(key, "site") == 0) {
|
||||
diff --git a/src/config.h b/src/config.h
|
||||
index bca73bc..da1e917 100644
|
||||
--- a/src/config.h
|
||||
+++ b/src/config.h
|
||||
@@ -297,6 +297,7 @@ struct booth_config {
|
||||
struct stat authstat;
|
||||
char authkey[BOOTH_MAX_KEY_LEN];
|
||||
int authkey_len;
|
||||
+ int enable_authfile;
|
||||
/** Maximum time skew between peers allowed */
|
||||
int maxtimeskew;
|
||||
|
||||
diff --git a/src/main.c b/src/main.c
|
||||
index b4a174f..0fdb295 100644
|
||||
--- a/src/main.c
|
||||
+++ b/src/main.c
|
||||
@@ -364,7 +364,7 @@ static int setup_config(int type)
|
||||
if (rv < 0)
|
||||
goto out;
|
||||
|
||||
- if (booth_conf->authfile[0] != '\0') {
|
||||
+ if (booth_conf->authfile[0] != '\0' && booth_conf->enable_authfile) {
|
||||
rv = read_authkey();
|
||||
if (rv < 0)
|
||||
goto out;
|
||||
--
|
||||
2.27.0
|
||||
|
103
SPECS/booth.spec
103
SPECS/booth.spec
|
@ -21,8 +21,6 @@
|
|||
|
||||
%bcond_with html_man
|
||||
%bcond_with glue
|
||||
%bcond_with run_build_tests
|
||||
%bcond_without include_unit_test
|
||||
|
||||
## User and group to use for nonprivileged services (should be in sync with pacemaker)
|
||||
%global uname hacluster
|
||||
|
@ -31,8 +29,30 @@
|
|||
# Disable automatic compilation of Python files in extra directories
|
||||
%global _python_bytecompile_extra 0
|
||||
|
||||
%global specver 6
|
||||
%global boothver 1.0
|
||||
# set following to the actual commit or, for final release, concatenate
|
||||
# "boothver" macro to "v" (will yield a tag per the convention)
|
||||
%global commit ac1d34ce172678a8f5ba415e976cf2366d45e15e
|
||||
%global lparen (
|
||||
%global rparen )
|
||||
%global shortcommit %(c=%{commit}; case ${c} in
|
||||
v*%{rparen} echo ${c:1};;
|
||||
*%{rparen} echo ${c:0:7};; esac)
|
||||
%global pre_release %(s=%{shortcommit}; [ ${s: -3:2} != rc ]; echo $?)
|
||||
%global post_release %([ %{commit} = v%{shortcommit} ]; echo $?)
|
||||
%global github_owner ClusterLabs
|
||||
|
||||
%if 0%{pre_release}
|
||||
%global boothrel 0.%{specver}.%(s=%{shortcommit}; echo ${s: -3})
|
||||
%else
|
||||
%if 0%{post_release}
|
||||
%global boothrel %{specver}.%{shortcommit}.git
|
||||
%else
|
||||
%global boothrel %{specver}
|
||||
%endif
|
||||
%endif
|
||||
|
||||
%{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}}
|
||||
# https://fedoraproject.org/wiki/EPEL:Packaging?rd=Packaging:EPEL#The_.25license_tag
|
||||
%{!?_licensedir:%global license %doc}
|
||||
|
@ -40,15 +60,13 @@
|
|||
%global test_path %{_datadir}/booth/tests
|
||||
|
||||
Name: booth
|
||||
Version: 1.1
|
||||
Release: 1%{?dist}.1
|
||||
Version: %{boothver}
|
||||
Release: %{boothrel}%{?dist}.2
|
||||
Summary: Ticket Manager for Multi-site Clusters
|
||||
License: GPLv2+
|
||||
Url: https://github.com/%{github_owner}/%{name}
|
||||
Source0: https://github.com/%{github_owner}/%{name}/releases/download/v%{version}/%{name}-%{version}.tar.gz
|
||||
Patch0: rhel-specific-0001-config-Add-enable-authfile-option.patch
|
||||
Patch1: RHEL-32613-1-attr-Fix-reading-of-server_reply.patch
|
||||
Patch2: RHEL-32613-2-auth-Check-result-of-gcrypt-gcry_md_get_algo_dlen.patch
|
||||
Source0: https://github.com/%{github_owner}/%{name}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
|
||||
Patch0: 0001-build-Do-not-link-with-pcmk-libraries.patch
|
||||
|
||||
# direct build process dependencies
|
||||
BuildRequires: autoconf
|
||||
|
@ -84,10 +102,8 @@ BuildRequires: sed
|
|||
BuildRequires: systemd
|
||||
## for autosetup
|
||||
BuildRequires: git
|
||||
%if 0%{?with_run_build_tests}
|
||||
# check scriptlet (for perl and netstat)
|
||||
BuildRequires: perl-interpreter net-tools
|
||||
%endif
|
||||
|
||||
# this is for a composite-requiring-its-components arranged
|
||||
# as an empty package (empty files section) requiring subpackages
|
||||
|
@ -95,9 +111,7 @@ BuildRequires: perl-interpreter net-tools
|
|||
Requires: %{name}-core%{?_isa}
|
||||
Requires: %{name}-site
|
||||
%files
|
||||
%license COPYING
|
||||
%dir %{_datadir}/pkgconfig
|
||||
%{_datadir}/pkgconfig/booth.pc
|
||||
# intentionally empty
|
||||
|
||||
%description
|
||||
Booth manages tickets which authorize cluster sites located
|
||||
|
@ -131,13 +145,13 @@ Support for running Booth, ticket manager for multi-site clusters,
|
|||
as an arbitrator.
|
||||
|
||||
%post arbitrator
|
||||
%systemd_post booth-arbitrator.service
|
||||
%systemd_post booth@.service booth-arbitrator.service
|
||||
|
||||
%preun arbitrator
|
||||
%systemd_preun booth-arbitrator.service
|
||||
%systemd_preun booth@.service booth-arbitrator.service
|
||||
|
||||
%postun arbitrator
|
||||
%systemd_postun_with_restart booth-arbitrator.service
|
||||
%systemd_postun_with_restart booth@.service booth-arbitrator.service
|
||||
|
||||
%package site
|
||||
Summary: Booth support for running as a full-fledged site
|
||||
|
@ -167,9 +181,7 @@ Requires: %{name}-arbitrator = %{version}-%{release}
|
|||
Requires: %{name}-site = %{version}-%{release}
|
||||
Requires: gdb
|
||||
Requires: %{__python3}
|
||||
%if 0%{?with_include_unit_test}
|
||||
Requires: python3-pexpect
|
||||
%endif
|
||||
# runtests.py suite (for perl and netstat)
|
||||
Requires: perl-interpreter net-tools
|
||||
|
||||
|
@ -179,7 +191,7 @@ Automated tests for running Booth, ticket manager for multi-site clusters.
|
|||
# BUILD #
|
||||
|
||||
%prep
|
||||
%autosetup -n %{name}-%{version} -S git_am
|
||||
%autosetup -n %{name}-%{commit} -S git_am
|
||||
|
||||
%build
|
||||
./autogen.sh
|
||||
|
@ -187,7 +199,7 @@ Automated tests for running Booth, ticket manager for multi-site clusters.
|
|||
--with-initddir=%{_initrddir} \
|
||||
--docdir=%{_pkgdocdir} \
|
||||
--enable-user-flags \
|
||||
%{?with_html_man:--with-html_man} \
|
||||
%{!?with_html_man:--without-html_man} \
|
||||
%{!?with_glue:--without-glue} \
|
||||
PYTHON=%{__python3}
|
||||
%{make_build}
|
||||
|
@ -210,11 +222,7 @@ rm -rf %{buildroot}/%{_pkgdocdir}/COPYING
|
|||
mkdir -p %{buildroot}/%{test_path}
|
||||
# Copy tests from tarball
|
||||
cp -a -t %{buildroot}/%{test_path} \
|
||||
-- conf test
|
||||
%if 0%{?with_include_unit_test}
|
||||
cp -a -t %{buildroot}/%{test_path} \
|
||||
-- unit-tests script/unit-test.py
|
||||
%endif
|
||||
-- conf test unit-tests script/unit-test.py
|
||||
chmod +x %{buildroot}/%{test_path}/test/booth_path
|
||||
chmod +x %{buildroot}/%{test_path}/test/live_test.sh
|
||||
mkdir -p %{buildroot}/%{test_path}/src
|
||||
|
@ -238,9 +246,7 @@ sed -e 's#PYTHON_SHEBANG#%{__python3} -Es#g' \
|
|||
|
||||
%check
|
||||
# alternatively: test/runtests.py
|
||||
%if 0%{?with_run_build_tests}
|
||||
VERBOSE=1 make check
|
||||
%endif
|
||||
|
||||
%files core
|
||||
%license COPYING
|
||||
|
@ -258,12 +264,6 @@ VERBOSE=1 make check
|
|||
%dir %attr (750, %{uname}, %{gname}) %{_var}/lib/booth/
|
||||
%dir %attr (750, %{uname}, %{gname}) %{_var}/lib/booth/cores
|
||||
|
||||
# Generated html docs
|
||||
%if 0%{?with_html_man}
|
||||
%{_pkgdocdir}/booth-keygen.8.html
|
||||
%{_pkgdocdir}/boothd.8.html
|
||||
%endif
|
||||
|
||||
%files arbitrator
|
||||
%{_unitdir}/booth@.service
|
||||
%{_unitdir}/booth-arbitrator.service
|
||||
|
@ -284,11 +284,6 @@ VERBOSE=1 make check
|
|||
%dir %{_datadir}/booth
|
||||
%{_datadir}/booth/service-runnable
|
||||
|
||||
# Generated html docs
|
||||
%if 0%{?with_html_man}
|
||||
%{_pkgdocdir}/geostore.8.html
|
||||
%endif
|
||||
|
||||
%files test
|
||||
%doc %{_pkgdocdir}/README-testing
|
||||
# /usr/share/booth provided by -site
|
||||
|
@ -297,38 +292,6 @@ VERBOSE=1 make check
|
|||
%{_usr}/lib/ocf/resource.d/booth/sharedrsc
|
||||
|
||||
%changelog
|
||||
* Tue Apr 30 2024 Jan Friesse <jfriesse@redhat.com> - 1.1-1.1
|
||||
- Resolves: RHEL-32613
|
||||
|
||||
- attr: Fix reading of server_reply
|
||||
- auth: Check result of gcrypt gcry_md_get_algo_dlen (fixes CVE-2024-3049)
|
||||
|
||||
* Thu Nov 23 2023 Jan Friesse <jfriesse@redhat.com> - 1.1-1
|
||||
- Resolves: RHEL-15265
|
||||
|
||||
- New upstream release (RHEL-15265)
|
||||
- Upstream releases should now be released regularly, so convert spec
|
||||
to use them instead of git snapshots (RHEL-15265)
|
||||
|
||||
* Mon Nov 21 2022 Jan Friesse <jfriesse@redhat.com> - 1.0-283.1.9d4029a.git
|
||||
- Resolves: rhbz#2135865
|
||||
|
||||
- Update to current snapshot (commit 9d4029a) (rhbz#2135865)
|
||||
|
||||
* Wed Aug 03 2022 Jan Friesse <jfriesse@redhat.com> - 1.0-199.2.ac1d34c.git
|
||||
- Resolves: rhbz#2111668
|
||||
|
||||
- Fix authfile directive handling in booth config file
|
||||
(fixes CVE-2022-2553)
|
||||
- Add enable-authfile option
|
||||
|
||||
* Thu Oct 15 2020 Jan Friesse <jfriesse@redhat.com> - 1.0-199.1.ac1d34c.git
|
||||
- Resolves: rhbz#1873948
|
||||
- Resolves: rhbz#1768172
|
||||
|
||||
- Fix versioning scheme to handle updates better
|
||||
- Handle updated exit code of crm_ticket
|
||||
|
||||
* Wed Jun 3 2020 Jan Friesse <jfriesse@redhat.com> - 1.0-6.ac1d34c.git.2
|
||||
- Related: rhbz#1835831
|
||||
|
||||
|
|
Loading…
Reference in New Issue