import corosync-3.1.5-1.el8
This commit is contained in:
parent
73848ee3c4
commit
da6723cb54
@ -1,2 +1,2 @@
|
||||
761fe353b2cbead7a8572bfb6b84fe5d2fc8d9d6 SOURCES/corosync-3.1.0.tar.gz
|
||||
5ae73ce01b451531b92eb6084d51bc69846f1375 SOURCES/corosync-3.1.5.tar.gz
|
||||
63e882d0bebed3f75436da0606fe7acbeabf1b25 SOURCES/spausedd-20201112.tar.gz
|
||||
|
2
.gitignore
vendored
2
.gitignore
vendored
@ -1,2 +1,2 @@
|
||||
SOURCES/corosync-3.1.0.tar.gz
|
||||
SOURCES/corosync-3.1.5.tar.gz
|
||||
SOURCES/spausedd-20201112.tar.gz
|
||||
|
@ -1,88 +0,0 @@
|
||||
From 4a2f48b17b06638d3d3adcae683aff1639351434 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Friesse <jfriesse@redhat.com>
|
||||
Date: Tue, 10 Nov 2020 18:10:17 +0100
|
||||
Subject: [PATCH] totemknet: Check both cipher and hash for crypto
|
||||
|
||||
Previously only crypto cipher was used as a way to find out if crypto is
|
||||
enabled or disabled.
|
||||
|
||||
This usually works ok until cipher is set to none and hash to some other
|
||||
value (like sha1). Such config is perfectly valid and it was not
|
||||
supported correctly.
|
||||
|
||||
As a solution, check both cipher and hash.
|
||||
|
||||
Signed-off-by: Jan Friesse <jfriesse@redhat.com>
|
||||
Reviewed-by: Fabio M. Di Nitto <fdinitto@redhat.com>
|
||||
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
|
||||
---
|
||||
exec/totemknet.c | 18 +++++++++++++-----
|
||||
1 file changed, 13 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/exec/totemknet.c b/exec/totemknet.c
|
||||
index c6a1649d..0834e8e4 100644
|
||||
--- a/exec/totemknet.c
|
||||
+++ b/exec/totemknet.c
|
||||
@@ -905,6 +905,14 @@ static void totemknet_add_config_notifications(struct totemknet_instance *instan
|
||||
LEAVE();
|
||||
}
|
||||
|
||||
+static int totemknet_is_crypto_enabled(const struct totemknet_instance *instance)
|
||||
+{
|
||||
+
|
||||
+ return (!(strcmp(instance->totem_config->crypto_cipher_type, "none") == 0 &&
|
||||
+ strcmp(instance->totem_config->crypto_hash_type, "none") == 0));
|
||||
+
|
||||
+}
|
||||
+
|
||||
static int totemknet_set_knet_crypto(struct totemknet_instance *instance)
|
||||
{
|
||||
struct knet_handle_crypto_cfg crypto_cfg;
|
||||
@@ -927,7 +935,7 @@ static int totemknet_set_knet_crypto(struct totemknet_instance *instance)
|
||||
);
|
||||
|
||||
/* If crypto is being disabled we need to explicitly allow cleartext traffic in knet */
|
||||
- if (strcmp(instance->totem_config->crypto_cipher_type, "none") == 0) {
|
||||
+ if (!totemknet_is_crypto_enabled(instance)) {
|
||||
res = knet_handle_crypto_rx_clear_traffic(instance->knet_handle, KNET_CRYPTO_RX_ALLOW_CLEAR_TRAFFIC);
|
||||
if (res) {
|
||||
knet_log_printf(LOGSYS_LEVEL_ERROR, "knet_handle_crypto_rx_clear_traffic(ALLOW) failed %s", strerror(errno));
|
||||
@@ -1108,7 +1116,7 @@ int totemknet_initialize (
|
||||
|
||||
/* Enable crypto if requested */
|
||||
#ifdef HAVE_KNET_CRYPTO_RECONF
|
||||
- if (strcmp(instance->totem_config->crypto_cipher_type, "none") != 0) {
|
||||
+ if (totemknet_is_crypto_enabled(instance)) {
|
||||
res = totemknet_set_knet_crypto(instance);
|
||||
if (res == 0) {
|
||||
res = knet_handle_crypto_use_config(instance->knet_handle, totem_config->crypto_index);
|
||||
@@ -1134,7 +1142,7 @@ int totemknet_initialize (
|
||||
}
|
||||
}
|
||||
#else
|
||||
- if (strcmp(instance->totem_config->crypto_cipher_type, "none") != 0) {
|
||||
+ if (totemknet_is_crypto_enabled(instance)) {
|
||||
res = totemknet_set_knet_crypto(instance);
|
||||
if (res) {
|
||||
knet_log_printf(LOG_DEBUG, "Failed to set up knet crypto");
|
||||
@@ -1616,7 +1624,7 @@ int totemknet_crypto_reconfigure_phase (
|
||||
switch (phase) {
|
||||
case CRYPTO_RECONFIG_PHASE_ACTIVATE:
|
||||
config_to_use = totem_config->crypto_index;
|
||||
- if (strcmp(instance->totem_config->crypto_cipher_type, "none") == 0) {
|
||||
+ if (!totemknet_is_crypto_enabled(instance)) {
|
||||
config_to_use = 0; /* we are clearing it */
|
||||
}
|
||||
|
||||
@@ -1647,7 +1655,7 @@ int totemknet_crypto_reconfigure_phase (
|
||||
}
|
||||
|
||||
/* If crypto is enabled then disable all cleartext reception */
|
||||
- if (strcmp(instance->totem_config->crypto_cipher_type, "none") != 0) {
|
||||
+ if (totemknet_is_crypto_enabled(instance)) {
|
||||
res = knet_handle_crypto_rx_clear_traffic(instance->knet_handle, KNET_CRYPTO_RX_DISALLOW_CLEAR_TRAFFIC);
|
||||
if (res) {
|
||||
knet_log_printf(LOGSYS_LEVEL_ERROR, "knet_handle_crypto_rx_clear_traffic(DISALLOW) failed %s", strerror(errno));
|
||||
--
|
||||
2.18.2
|
||||
|
@ -1,60 +0,0 @@
|
||||
commit aa326fb8f87fa0e2db6901db2ccb93cd582dd44f
|
||||
Author: Fabio M. Di Nitto <fdinitto@redhat.com>
|
||||
Date: Tue Apr 6 13:06:05 2021 +0200
|
||||
|
||||
knet: pass correct handle to knet_handle_compress
|
||||
|
||||
totemknet_configure_compression was using knet_context
|
||||
just to gather the knet handle / instance.
|
||||
|
||||
On first time config knet_contex is not initialized till
|
||||
much later in the code, passing some random garbage pointers
|
||||
to knet_handle_compress, that would crash later trying
|
||||
to acquire a mutex lock.
|
||||
|
||||
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
|
||||
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
|
||||
|
||||
diff --git a/exec/totemknet.c b/exec/totemknet.c
|
||||
index 0834e8e..e895256 100644
|
||||
--- a/exec/totemknet.c
|
||||
+++ b/exec/totemknet.c
|
||||
@@ -197,7 +197,7 @@ int totemknet_member_list_rebind_ip (
|
||||
|
||||
|
||||
static int totemknet_configure_compression (
|
||||
- void *knet_context,
|
||||
+ struct totemknet_instance *instance,
|
||||
struct totem_config *totem_config);
|
||||
|
||||
static void totemknet_start_merge_detect_timeout(
|
||||
@@ -1154,7 +1154,7 @@ int totemknet_initialize (
|
||||
/* Set up compression */
|
||||
if (strcmp(totem_config->knet_compression_model, "none") != 0) {
|
||||
/* Not fatal, but will log */
|
||||
- (void)totemknet_configure_compression(knet_context, totem_config);
|
||||
+ (void)totemknet_configure_compression(instance, totem_config);
|
||||
}
|
||||
|
||||
knet_handle_setfwd(instance->knet_handle, 1);
|
||||
@@ -1557,10 +1557,9 @@ int totemknet_member_list_rebind_ip (
|
||||
|
||||
|
||||
static int totemknet_configure_compression (
|
||||
- void *knet_context,
|
||||
+ struct totemknet_instance *instance,
|
||||
struct totem_config *totem_config)
|
||||
{
|
||||
- struct totemknet_instance *instance = (struct totemknet_instance *)knet_context;
|
||||
struct knet_handle_compress_cfg compress_cfg;
|
||||
int res = 0;
|
||||
|
||||
@@ -1584,7 +1583,7 @@ int totemknet_reconfigure (
|
||||
struct totemknet_instance *instance = (struct totemknet_instance *)knet_context;
|
||||
int res = 0;
|
||||
|
||||
- (void)totemknet_configure_compression(knet_context, totem_config);
|
||||
+ (void)totemknet_configure_compression(instance, totem_config);
|
||||
|
||||
#ifdef HAVE_LIBNOZZLE
|
||||
/* Set up nozzle device(s). Return code is ignored, because inability
|
@ -22,15 +22,12 @@
|
||||
|
||||
Name: corosync
|
||||
Summary: The Corosync Cluster Engine and Application Programming Interfaces
|
||||
Version: 3.1.0
|
||||
Release: 3%{?gitver}%{?dist}.1
|
||||
Version: 3.1.5
|
||||
Release: 1%{?gitver}%{?dist}
|
||||
License: BSD
|
||||
URL: http://corosync.github.io/corosync/
|
||||
Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}%{?gittarver}.tar.gz
|
||||
|
||||
Patch0: bz1896493-1-totemknet-Check-both-cipher-and-hash-for-crypto.patch
|
||||
Patch1: bz1951049-1-knet-pass-correct-handle-to-knet_handle_compress.patch
|
||||
|
||||
%if %{with spausedd}
|
||||
Source1: https://github.com/jfriesse/spausedd/releases/download/%{spausedd_version}/spausedd-%{spausedd_version}.tar.gz
|
||||
# VMGuestLib exists only for x86_64 architecture
|
||||
@ -94,9 +91,6 @@ BuildRequires: pkgconfig(vmguestlib)
|
||||
%setup -q -n %{name}-%{version}%{?gittarver}
|
||||
%endif
|
||||
|
||||
%patch0 -p1 -b .bz1896493-1
|
||||
%patch1 -p1 -b .bz1951049-1
|
||||
|
||||
%build
|
||||
%if %{with runautogen}
|
||||
./autogen.sh
|
||||
@ -395,10 +389,30 @@ fi
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Mon Apr 19 2021 Jan Friesse <jfriesse@redhat.com> 3.1.0-3.1
|
||||
- Resolves: rhbz#1951049
|
||||
* Wed Aug 04 2021 Jan Friesse <jfriesse@redhat.com> 3.1.5-1
|
||||
- Related: rhbz#1948973
|
||||
|
||||
- knet: pass correct handle to knet_handle_compress (rhbz#1951049)
|
||||
- New upstream release (rhbz#1948973)
|
||||
|
||||
* Thu Jun 03 2021 Jan Friesse <jfriesse@redhat.com> 3.1.4-1
|
||||
- Related: rhbz#1948973
|
||||
- Resolves: rhbz#1962139
|
||||
|
||||
- New upstream release (rhbz#1948973)
|
||||
- stats: fix crash when iterating over deleted keys (rhbz#1962139)
|
||||
|
||||
* Fri May 21 2021 Jan Friesse <jfriesse@redhat.com> 3.1.3-1
|
||||
- Resolves: rhbz#1948973
|
||||
|
||||
- New upstream release (rhbz#1948973)
|
||||
|
||||
* Fri Apr 30 2021 Jan Friesse <jfriesse@redhat.com> 3.1.0-5
|
||||
- Resolves: rhbz#1954432
|
||||
|
||||
* Tue Apr 06 2021 Jan Friesse <jfriesse@redhat.com> 3.1.0-4
|
||||
- Resolves: rhbz#1946623
|
||||
|
||||
- knet: pass correct handle to knet_handle_compress (rhbz#1946623)
|
||||
|
||||
* Thu Nov 12 2020 Jan Friesse <jfriesse@redhat.com> 3.1.0-3
|
||||
- Resolves: rhbz#1897085
|
||||
|
Loading…
Reference in New Issue
Block a user