From 87c8545816cca03d19c2f3ef54031940f7e19d50 Mon Sep 17 00:00:00 2001 From: Jan Friesse Date: Fri, 18 Nov 2022 11:57:46 +0100 Subject: [PATCH] config: Add enable-authfile option This option enables (or disables) usage of authfile. Can be 'yes' or 'no'. Default is 'no'. Booth usage of authfile was broken for long time (since commit da79b8ba28ad4837a0fee13e5f8fb6f89fe0e24c). Pcs was adding authfile by default, but it was not used. Once booth bug was fixed problem appears because mixed clusters (with fixed version and without fixed one) stops working. This non-upstream option is added and used to allow use of authfile without breaking compatibility for clusters consisting of mixed versions (usually happens before all nodes are updated) of booth (user have to explicitly enable usage of authfile). This patch is transitional and will be removed in future major version of distribution. Signed-off-by: Jan Friesse --- docs/boothd.8.txt | 7 +++++++ src/config.c | 17 +++++++++++++++++ src/config.h | 1 + src/main.c | 2 +- 4 files changed, 26 insertions(+), 1 deletion(-) diff --git a/docs/boothd.8.txt b/docs/boothd.8.txt index 0f3d2c1..c7a8413 100644 --- a/docs/boothd.8.txt +++ b/docs/boothd.8.txt @@ -230,6 +230,13 @@ will always bind and listen to both UDP and TCP ports. parameter to a higher value. The time skew test is performed only in concert with authentication. +'enable-authfile':: + Enables (or disables) usage of authfile. Can be 'yes' or 'no'. + Default is 'no'. + This is non-upstream option used to allow use of authfile without + breaking compatibility for clusters consisting of mixed + versions of booth. + 'debug':: Specifies the debug output level. Alternative to command line argument. Effective only for 'daemon' diff --git a/src/config.c b/src/config.c index f0ca4aa..e1f25f0 100644 --- a/src/config.c +++ b/src/config.c @@ -732,6 +732,23 @@ no_value: booth_conf->maxtimeskew = atoi(val); continue; } + + if (strcmp(key, "enable-authfile") == 0) { + if (strcasecmp(val, "yes") == 0 || + strcasecmp(val, "on") == 0 || + strcasecmp(val, "1") == 0) { + booth_conf->enable_authfile = 1; + } else if (strcasecmp(val, "no") == 0 || + strcasecmp(val, "off") == 0 || + strcasecmp(val, "0") == 0) { + booth_conf->enable_authfile = 0; + } else { + error = "Expected yes/no value for enable-authfile"; + goto err; + } + + continue; + } #endif if (strcmp(key, "site") == 0) { diff --git a/src/config.h b/src/config.h index bca73bc..da1e917 100644 --- a/src/config.h +++ b/src/config.h @@ -297,6 +297,7 @@ struct booth_config { struct stat authstat; char authkey[BOOTH_MAX_KEY_LEN]; int authkey_len; + int enable_authfile; /** Maximum time skew between peers allowed */ int maxtimeskew; diff --git a/src/main.c b/src/main.c index b4a174f..0fdb295 100644 --- a/src/main.c +++ b/src/main.c @@ -364,7 +364,7 @@ static int setup_config(int type) if (rv < 0) goto out; - if (booth_conf->authfile[0] != '\0') { + if (booth_conf->authfile[0] != '\0' && booth_conf->enable_authfile) { rv = read_authkey(); if (rv < 0) goto out; -- 2.27.0