booth/SOURCES/bz2111668-2-config-Add-enable-authfile-option.patch
2022-09-23 10:08:41 +00:00

107 lines
3.2 KiB
Diff

From 466246c2fa8ea1bcc06593fbf7b900d0665606b1 Mon Sep 17 00:00:00 2001
From: Jan Friesse <jfriesse@redhat.com>
Date: Tue, 26 Jul 2022 18:39:38 +0200
Subject: [PATCH] config: Add enable-authfile option
This option enables (or disables) usage of authfile. Can be 'yes' or 'no'.
Default is 'no'.
Booth usage of authfile was broken for long time (since commit
da79b8ba28ad4837a0fee13e5f8fb6f89fe0e24c).
Pcs was adding authfile by default, but it was not used. Once booth bug
was fixed problem appears because mixed clusters (with fixed version and
without fixed one) stops working.
This non-upstream option is added and used to allow use of
authfile without breaking compatibility for clusters
consisting of mixed versions (usually happens before all nodes are
updated) of booth (user have to explicitly
enable usage of authfile).
This patch is transitional and will be removed in future major version of
distribution.
Signed-off-by: Jan Friesse <jfriesse@redhat.com>
---
docs/boothd.8.txt | 7 +++++++
src/config.c | 17 +++++++++++++++++
src/config.h | 1 +
src/main.c | 2 +-
4 files changed, 26 insertions(+), 1 deletion(-)
diff --git a/docs/boothd.8.txt b/docs/boothd.8.txt
index f58f27e..12f66f9 100644
--- a/docs/boothd.8.txt
+++ b/docs/boothd.8.txt
@@ -230,6 +230,13 @@ will always bind and listen to both UDP and TCP ports.
parameter to a higher value. The time skew test is performed
only in concert with authentication.
+*'enable-authfile'*::
+ Enables (or disables) usage of authfile. Can be 'yes' or 'no'.
+ Default is 'no'.
+ This is non-upstream option used to allow use of authfile without
+ breaking compatibility for clusters consisting of mixed
+ versions of booth.
+
*'site'*::
Defines a site Raft member with the given IP. Sites can
acquire tickets. The sites' IP should be managed by the cluster.
diff --git a/src/config.c b/src/config.c
index 8e41553..b9df3e3 100644
--- a/src/config.c
+++ b/src/config.c
@@ -729,6 +729,23 @@ no_value:
booth_conf->maxtimeskew = atoi(val);
continue;
}
+
+ if (strcmp(key, "enable-authfile") == 0) {
+ if (strcasecmp(val, "yes") == 0 ||
+ strcasecmp(val, "on") == 0 ||
+ strcasecmp(val, "1") == 0) {
+ booth_conf->enable_authfile = 1;
+ } else if (strcasecmp(val, "no") == 0 ||
+ strcasecmp(val, "off") == 0 ||
+ strcasecmp(val, "0") == 0) {
+ booth_conf->enable_authfile = 0;
+ } else {
+ error = "Expected yes/no value for enable-authfile";
+ goto err;
+ }
+
+ continue;
+ }
#endif
if (strcmp(key, "site") == 0) {
diff --git a/src/config.h b/src/config.h
index bca73bc..da1e917 100644
--- a/src/config.h
+++ b/src/config.h
@@ -297,6 +297,7 @@ struct booth_config {
struct stat authstat;
char authkey[BOOTH_MAX_KEY_LEN];
int authkey_len;
+ int enable_authfile;
/** Maximum time skew between peers allowed */
int maxtimeskew;
diff --git a/src/main.c b/src/main.c
index b4a174f..0fdb295 100644
--- a/src/main.c
+++ b/src/main.c
@@ -364,7 +364,7 @@ static int setup_config(int type)
if (rv < 0)
goto out;
- if (booth_conf->authfile[0] != '\0') {
+ if (booth_conf->authfile[0] != '\0' && booth_conf->enable_authfile) {
rv = read_authkey();
if (rv < 0)
goto out;
--
2.37.1