Import from AlmaLinux 9

.booth.metadata

@@ -1 +0,0 @@
-4813ede4a6bb517564a3b9f6fe523164a7362c5b SOURCES/booth-ac1d34c.tar.gz

.gitignore

@@ -1 +1 @@
-SOURCES/booth-ac1d34c.tar.gz
+SOURCES/booth-1.1.tar.gz

SOURCES/0001-build-Do-not-link-with-pcmk-libraries.patch

@@ -1,33 +0,0 @@
-From 2f944ea46b1b39113a34ca586cd8e3cd8f0d1d70 Mon Sep 17 00:00:00 2001
-From: Jan Friesse <jfriesse@redhat.com>
-Date: Wed, 3 Jun 2020 15:04:56 +0200
-Subject: [PATCH] build: Do not link with pcmk libraries
-
-Patch 4205de05fe337d1b1127fae302e6e6c2f0613ccf introduced better way to
-check for pacemaker headers but also usage of PCMK_LIBS when linking
-boothd.
-
-This is not needed, because boothd uses just crm/services.h header file
-for inclusion of OCF return codes, so patch removes the use of PCMK_LIBS.
-
-Signed-off-by: Jan Friesse <jfriesse@redhat.com>
----
- src/Makefile.am | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/Makefile.am b/src/Makefile.am
-index 8598725..4023791 100644
---- a/src/Makefile.am
-+++ b/src/Makefile.am
-@@ -23,7 +23,7 @@ boothd_SOURCES		+= auth.c
- endif
- 
- boothd_LDFLAGS		= $(OS_DYFLAGS) -L./
--boothd_LDADD		= -lm $(GLIB_LIBS) $(ZLIB_LIBS) $(PCMK_LIBS)
-+boothd_LDADD		= -lm $(GLIB_LIBS) $(ZLIB_LIBS)
- boothd_CFLAGS		= $(GLIB_CFLAGS) $(PCMK_CFLAGS)
- 
- if !LOGGING_LIBQB
--- 
-2.18.2
-

SOURCES/RHEL-32613-1-attr-Fix-reading-of-server_reply.patch

@@ -0,0 +1,37 @@
+From 4bdd96d767fc38239c4fac9e95404da99f61ac65 Mon Sep 17 00:00:00 2001
+From: Jan Friesse <jfriesse@redhat.com>
+Date: Wed, 21 Feb 2024 17:40:11 +0100
+Subject: [PATCH 1/4] attr: Fix reading of server_reply
+
+read_server_reply first reads boothc header and then rest of packet
+which contains hmac info. This should go in memory right after
+boothc_header and not after full length of packet, because full length
+of packet already contains hmac info.
+
+Solution is to simply use length of header and not length of packet.
+
+Longer term and better solution would be to drop read_server_reply
+completely and use recv_auth which is used for everything else but attr
+set and delete.
+
+Signed-off-by: Jan Friesse <jfriesse@redhat.com>
+---
+ src/attr.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/attr.c b/src/attr.c
+index 44061e3..bc154f0 100644
+--- a/src/attr.c
++++ b/src/attr.c
+@@ -142,7 +142,7 @@ static int read_server_reply(
+ 		return -2;
+ 	}
+ 	len = ntohl(header->length);
+-	rv = tpt->recv(site, msg+len, len-sizeof(*header));
++	rv = tpt->recv(site, msg+sizeof(*header), len-sizeof(*header));
+ 	if (rv < 0) {
+ 		return -1;
+ 	}
+-- 
+2.44.0
+

SOURCES/RHEL-32613-2-auth-Check-result-of-gcrypt-gcry_md_get_algo_dlen.patch

@@ -0,0 +1,65 @@
+From 91fcfb5708f829ecff7d098ed4c0fc8f2da6d599 Mon Sep 17 00:00:00 2001
+From: Jan Friesse <jfriesse@redhat.com>
+Date: Wed, 21 Feb 2024 18:12:28 +0100
+Subject: [PATCH 2/4] auth: Check result of gcrypt gcry_md_get_algo_dlen
+
+When unknown hash is passed to gcry_md_get_algo_dlen 0 is returned. This
+value is then used for memcmp so wrong hmac might be accepted as
+correct.
+
+Signed-off-by: Jan Friesse <jfriesse@redhat.com>
+---
+ src/auth.c | 16 +++++++++++++---
+ 1 file changed, 13 insertions(+), 3 deletions(-)
+
+diff --git a/src/auth.c b/src/auth.c
+index 8f86b9a..a3b3d20 100644
+--- a/src/auth.c
++++ b/src/auth.c
+@@ -28,6 +28,11 @@ int calc_hmac(const void *data, size_t datalen,
+ {
+ 	static gcry_md_hd_t digest;
+ 	gcry_error_t err;
++	int hlen;
++
++	hlen = gcry_md_get_algo_dlen(hid);
++	if (!hlen)
++		return -1;
+ 
+ 	if (!digest) {
+ 		err = gcry_md_open(&digest, hid, GCRY_MD_FLAG_HMAC);
+@@ -42,7 +47,7 @@ int calc_hmac(const void *data, size_t datalen,
+ 		}
+ 	}
+ 	gcry_md_write(digest, data, datalen);
+-	memcpy(result, gcry_md_read(digest, 0), gcry_md_get_algo_dlen(hid));
++	memcpy(result, gcry_md_read(digest, 0), hlen);
+ 	gcry_md_reset(digest);
+ 	return 0;
+ }
+@@ -54,15 +59,20 @@ int verify_hmac(const void *data, size_t datalen,
+ {
+ 	unsigned char *our_hmac;
+ 	int rc;
++	int hlen;
++
++	hlen = gcry_md_get_algo_dlen(hid);
++	if (!hlen)
++		return -1;
+ 
+-	our_hmac = malloc(gcry_md_get_algo_dlen(hid));
++	our_hmac = malloc(hlen);
+ 	if (!our_hmac)
+ 		return -1;
+ 
+ 	rc = calc_hmac(data, datalen, hid, our_hmac, key, keylen);
+ 	if (rc)
+ 		goto out_free;
+-	rc = memcmp(our_hmac, hmac, gcry_md_get_algo_dlen(hid));
++	rc = memcmp(our_hmac, hmac, hlen);
+ 
+ out_free:
+ 	if (our_hmac)
+-- 
+2.44.0
+

SOURCES/rhel-specific-0001-config-Add-enable-authfile-option.patch

@@ -0,0 +1,106 @@
+From 87c8545816cca03d19c2f3ef54031940f7e19d50 Mon Sep 17 00:00:00 2001
+From: Jan Friesse <jfriesse@redhat.com>
+Date: Fri, 18 Nov 2022 11:57:46 +0100
+Subject: [PATCH] config: Add enable-authfile option
+
+This option enables (or disables) usage of authfile. Can be 'yes' or 'no'.
+Default is 'no'.
+
+Booth usage of authfile was broken for long time (since commit
+da79b8ba28ad4837a0fee13e5f8fb6f89fe0e24c).
+
+Pcs was adding authfile by default, but it was not used. Once booth bug
+was fixed problem appears because mixed clusters (with fixed version and
+without fixed one) stops working.
+
+This non-upstream option is added and used to allow use of
+authfile without breaking compatibility for clusters
+consisting of mixed versions (usually happens before all nodes are
+updated) of booth (user have to explicitly
+enable usage of authfile).
+
+This patch is transitional and will be removed in future major version of
+distribution.
+
+Signed-off-by: Jan Friesse <jfriesse@redhat.com>
+---
+ docs/boothd.8.txt |  7 +++++++
+ src/config.c      | 17 +++++++++++++++++
+ src/config.h      |  1 +
+ src/main.c        |  2 +-
+ 4 files changed, 26 insertions(+), 1 deletion(-)
+
+diff --git a/docs/boothd.8.txt b/docs/boothd.8.txt
+index 0f3d2c1..c7a8413 100644
+--- a/docs/boothd.8.txt
++++ b/docs/boothd.8.txt
+@@ -230,6 +230,13 @@ will always bind and listen to both UDP and TCP ports.
+ 	parameter to a higher value. The time skew test is performed
+ 	only in concert with authentication.
+ 
++'enable-authfile'::
++	Enables (or disables) usage of authfile. Can be 'yes' or 'no'.
++	Default is 'no'.
++	This is non-upstream option used to allow use of authfile without
++	breaking compatibility for clusters consisting of mixed
++	versions of booth.
++
+ 'debug'::
+ 	Specifies the debug output level. Alternative to
+ 	command line argument. Effective only for 'daemon'
+diff --git a/src/config.c b/src/config.c
+index f0ca4aa..e1f25f0 100644
+--- a/src/config.c
++++ b/src/config.c
+@@ -732,6 +732,23 @@ no_value:
+ 			booth_conf->maxtimeskew = atoi(val);
+ 			continue;
+ 		}
++
++		if (strcmp(key, "enable-authfile") == 0) {
++			if (strcasecmp(val, "yes") == 0 ||
++			    strcasecmp(val, "on") == 0 ||
++			    strcasecmp(val, "1") == 0) {
++				booth_conf->enable_authfile = 1;
++			} else if (strcasecmp(val, "no") == 0 ||
++			    strcasecmp(val, "off") == 0 ||
++			    strcasecmp(val, "0") == 0) {
++				booth_conf->enable_authfile = 0;
++			} else {
++				error = "Expected yes/no value for enable-authfile";
++				goto err;
++			}
++
++			continue;
++		}
+ #endif
+ 
+ 		if (strcmp(key, "site") == 0) {
+diff --git a/src/config.h b/src/config.h
+index bca73bc..da1e917 100644
+--- a/src/config.h
++++ b/src/config.h
+@@ -297,6 +297,7 @@ struct booth_config {
+ 	struct stat authstat;
+ 	char authkey[BOOTH_MAX_KEY_LEN];
+ 	int authkey_len;
++	int enable_authfile;
+     /** Maximum time skew between peers allowed */
+ 	int maxtimeskew;
+ 
+diff --git a/src/main.c b/src/main.c
+index b4a174f..0fdb295 100644
+--- a/src/main.c
++++ b/src/main.c
+@@ -364,7 +364,7 @@ static int setup_config(int type)
+ 	if (rv < 0)
+ 		goto out;
+ 
+-	if (booth_conf->authfile[0] != '\0') {
++	if (booth_conf->authfile[0] != '\0' && booth_conf->enable_authfile) {
+ 		rv = read_authkey();
+ 		if (rv < 0)
+ 			goto out;
+-- 
+2.27.0
+

SPECS/booth.spec

@@ -21,6 +21,8 @@
 
 %bcond_with html_man
 %bcond_with glue
+%bcond_with run_build_tests
+%bcond_without include_unit_test
 
 ## User and group to use for nonprivileged services (should be in sync with pacemaker)
 %global uname hacluster
@@ -29,30 +31,8 @@
 # Disable automatic compilation of Python files in extra directories
 %global _python_bytecompile_extra 0
 
-%global specver 6
-%global boothver 1.0
-# set following to the actual commit or, for final release, concatenate
-# "boothver" macro to "v" (will yield a tag per the convention)
-%global commit ac1d34ce172678a8f5ba415e976cf2366d45e15e
-%global lparen (
-%global rparen )
-%global shortcommit %(c=%{commit}; case ${c} in
-                      v*%{rparen} echo ${c:1};;
-                      *%{rparen} echo ${c:0:7};; esac)
-%global pre_release %(s=%{shortcommit}; [ ${s: -3:2} != rc ]; echo $?)
-%global post_release %([ %{commit} = v%{shortcommit} ]; echo $?)
 %global github_owner ClusterLabs
 
-%if 0%{pre_release}
-%global boothrel    0.%{specver}.%(s=%{shortcommit}; echo ${s: -3})
-%else
-%if 0%{post_release}
-%global boothrel    %{specver}.%{shortcommit}.git
-%else
-%global boothrel    %{specver}
-%endif
-%endif
-
 %{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}}
 # https://fedoraproject.org/wiki/EPEL:Packaging?rd=Packaging:EPEL#The_.25license_tag
 %{!?_licensedir:%global license %doc}
@@ -60,13 +40,15 @@
 %global test_path   %{_datadir}/booth/tests
 
 Name:           booth
-Version:        %{boothver}
-Release:        %{boothrel}%{?dist}.2
+Version:        1.1
+Release:        1%{?dist}.1
 Summary:        Ticket Manager for Multi-site Clusters
 License:        GPLv2+
 Url:            https://github.com/%{github_owner}/%{name}
-Source0:        https://github.com/%{github_owner}/%{name}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
-Patch0:         0001-build-Do-not-link-with-pcmk-libraries.patch
+Source0:        https://github.com/%{github_owner}/%{name}/releases/download/v%{version}/%{name}-%{version}.tar.gz
+Patch0:         rhel-specific-0001-config-Add-enable-authfile-option.patch
+Patch1:         RHEL-32613-1-attr-Fix-reading-of-server_reply.patch
+Patch2:         RHEL-32613-2-auth-Check-result-of-gcrypt-gcry_md_get_algo_dlen.patch
 
 # direct build process dependencies
 BuildRequires:  autoconf
@@ -102,8 +84,10 @@ BuildRequires:  sed
 BuildRequires:  systemd
 ## for autosetup
 BuildRequires:  git
+%if 0%{?with_run_build_tests}
 # check scriptlet (for perl and netstat)
 BuildRequires:  perl-interpreter net-tools
+%endif
 
 # this is for a composite-requiring-its-components arranged
 # as an empty package (empty files section) requiring subpackages
@@ -111,7 +95,9 @@ BuildRequires:  perl-interpreter net-tools
 Requires:       %{name}-core%{?_isa}
 Requires:       %{name}-site
 %files
-# intentionally empty
+%license COPYING
+%dir %{_datadir}/pkgconfig
+%{_datadir}/pkgconfig/booth.pc
 
 %description
 Booth manages tickets which authorize cluster sites located
@@ -145,13 +131,13 @@ Support for running Booth, ticket manager for multi-site clusters,
 as an arbitrator.
 
 %post arbitrator
-%systemd_post booth@.service booth-arbitrator.service
+%systemd_post booth-arbitrator.service
 
 %preun arbitrator
-%systemd_preun booth@.service booth-arbitrator.service
+%systemd_preun booth-arbitrator.service
 
 %postun arbitrator
-%systemd_postun_with_restart booth@.service booth-arbitrator.service
+%systemd_postun_with_restart booth-arbitrator.service
 
 %package        site
 Summary:        Booth support for running as a full-fledged site
@@ -181,7 +167,9 @@ Requires:       %{name}-arbitrator = %{version}-%{release}
 Requires:       %{name}-site = %{version}-%{release}
 Requires:       gdb
 Requires:       %{__python3}
+%if 0%{?with_include_unit_test}
 Requires:       python3-pexpect
+%endif
 # runtests.py suite (for perl and netstat)
 Requires:       perl-interpreter net-tools
 
@@ -191,7 +179,7 @@ Automated tests for running Booth, ticket manager for multi-site clusters.
 # BUILD #
 
 %prep
-%autosetup -n %{name}-%{commit} -S git_am
+%autosetup -n %{name}-%{version} -S git_am
 
 %build
 ./autogen.sh
@@ -199,7 +187,7 @@ Automated tests for running Booth, ticket manager for multi-site clusters.
         --with-initddir=%{_initrddir} \
         --docdir=%{_pkgdocdir} \
         --enable-user-flags \
-        %{!?with_html_man:--without-html_man} \
+        %{?with_html_man:--with-html_man} \
         %{!?with_glue:--without-glue} \
         PYTHON=%{__python3}
 %{make_build}
@@ -222,7 +210,11 @@ rm -rf %{buildroot}/%{_pkgdocdir}/COPYING
 mkdir -p %{buildroot}/%{test_path}
 # Copy tests from tarball
 cp -a -t %{buildroot}/%{test_path} \
-        -- conf test unit-tests script/unit-test.py
+        -- conf test
+%if 0%{?with_include_unit_test}
+cp -a -t %{buildroot}/%{test_path} \
+        -- unit-tests script/unit-test.py
+%endif
 chmod +x %{buildroot}/%{test_path}/test/booth_path
 chmod +x %{buildroot}/%{test_path}/test/live_test.sh
 mkdir -p %{buildroot}/%{test_path}/src
@@ -246,7 +238,9 @@ sed -e 's#PYTHON_SHEBANG#%{__python3} -Es#g' \
 
 %check
 # alternatively: test/runtests.py
+%if 0%{?with_run_build_tests}
 VERBOSE=1 make check
+%endif
 
 %files          core
 %license COPYING
@@ -264,6 +258,12 @@ VERBOSE=1 make check
 %dir %attr (750, %{uname}, %{gname}) %{_var}/lib/booth/
 %dir %attr (750, %{uname}, %{gname}) %{_var}/lib/booth/cores
 
+# Generated html docs
+%if 0%{?with_html_man}
+%{_pkgdocdir}/booth-keygen.8.html
+%{_pkgdocdir}/boothd.8.html
+%endif
+
 %files          arbitrator
 %{_unitdir}/booth@.service
 %{_unitdir}/booth-arbitrator.service
@@ -284,6 +284,11 @@ VERBOSE=1 make check
 %dir %{_datadir}/booth
      %{_datadir}/booth/service-runnable
 
+# Generated html docs
+%if 0%{?with_html_man}
+%{_pkgdocdir}/geostore.8.html
+%endif
+
 %files          test
 %doc %{_pkgdocdir}/README-testing
 # /usr/share/booth provided by -site
@@ -292,6 +297,38 @@ VERBOSE=1 make check
 %{_usr}/lib/ocf/resource.d/booth/sharedrsc
 
 %changelog
+* Tue Apr 30 2024 Jan Friesse <jfriesse@redhat.com> - 1.1-1.1
+- Resolves: RHEL-32613
+
+- attr: Fix reading of server_reply
+- auth: Check result of gcrypt gcry_md_get_algo_dlen (fixes CVE-2024-3049)
+
+* Thu Nov 23 2023 Jan Friesse <jfriesse@redhat.com> - 1.1-1
+- Resolves: RHEL-15265
+
+- New upstream release (RHEL-15265)
+- Upstream releases should now be released regularly, so convert spec
+  to use them instead of git snapshots (RHEL-15265)
+
+* Mon Nov 21 2022 Jan Friesse <jfriesse@redhat.com> - 1.0-283.1.9d4029a.git
+- Resolves: rhbz#2135865
+
+- Update to current snapshot (commit 9d4029a) (rhbz#2135865)
+
+* Wed Aug 03 2022 Jan Friesse <jfriesse@redhat.com> - 1.0-199.2.ac1d34c.git
+- Resolves: rhbz#2111668
+
+- Fix authfile directive handling in booth config file
+  (fixes CVE-2022-2553)
+- Add enable-authfile option
+
+* Thu Oct 15 2020 Jan Friesse <jfriesse@redhat.com> - 1.0-199.1.ac1d34c.git
+- Resolves: rhbz#1873948
+- Resolves: rhbz#1768172
+
+- Fix versioning scheme to handle updates better
+- Handle updated exit code of crm_ticket
+
 * Wed Jun 3 2020 Jan Friesse <jfriesse@redhat.com> - 1.0-6.ac1d34c.git.2
 - Related: rhbz#1835831