import corosync-3.1.5-1.el8

This commit is contained in:
CentOS Sources 2021-11-09 04:47:45 -05:00 committed by Stepan Oksanichenko
parent 73848ee3c4
commit da6723cb54
5 changed files with 27 additions and 161 deletions

View File

@ -1,2 +1,2 @@
761fe353b2cbead7a8572bfb6b84fe5d2fc8d9d6 SOURCES/corosync-3.1.0.tar.gz
5ae73ce01b451531b92eb6084d51bc69846f1375 SOURCES/corosync-3.1.5.tar.gz
63e882d0bebed3f75436da0606fe7acbeabf1b25 SOURCES/spausedd-20201112.tar.gz

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/corosync-3.1.0.tar.gz
SOURCES/corosync-3.1.5.tar.gz
SOURCES/spausedd-20201112.tar.gz

View File

@ -1,88 +0,0 @@
From 4a2f48b17b06638d3d3adcae683aff1639351434 Mon Sep 17 00:00:00 2001
From: Jan Friesse <jfriesse@redhat.com>
Date: Tue, 10 Nov 2020 18:10:17 +0100
Subject: [PATCH] totemknet: Check both cipher and hash for crypto
Previously only crypto cipher was used as a way to find out if crypto is
enabled or disabled.
This usually works ok until cipher is set to none and hash to some other
value (like sha1). Such config is perfectly valid and it was not
supported correctly.
As a solution, check both cipher and hash.
Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
---
exec/totemknet.c | 18 +++++++++++++-----
1 file changed, 13 insertions(+), 5 deletions(-)
diff --git a/exec/totemknet.c b/exec/totemknet.c
index c6a1649d..0834e8e4 100644
--- a/exec/totemknet.c
+++ b/exec/totemknet.c
@@ -905,6 +905,14 @@ static void totemknet_add_config_notifications(struct totemknet_instance *instan
LEAVE();
}
+static int totemknet_is_crypto_enabled(const struct totemknet_instance *instance)
+{
+
+ return (!(strcmp(instance->totem_config->crypto_cipher_type, "none") == 0 &&
+ strcmp(instance->totem_config->crypto_hash_type, "none") == 0));
+
+}
+
static int totemknet_set_knet_crypto(struct totemknet_instance *instance)
{
struct knet_handle_crypto_cfg crypto_cfg;
@@ -927,7 +935,7 @@ static int totemknet_set_knet_crypto(struct totemknet_instance *instance)
);
/* If crypto is being disabled we need to explicitly allow cleartext traffic in knet */
- if (strcmp(instance->totem_config->crypto_cipher_type, "none") == 0) {
+ if (!totemknet_is_crypto_enabled(instance)) {
res = knet_handle_crypto_rx_clear_traffic(instance->knet_handle, KNET_CRYPTO_RX_ALLOW_CLEAR_TRAFFIC);
if (res) {
knet_log_printf(LOGSYS_LEVEL_ERROR, "knet_handle_crypto_rx_clear_traffic(ALLOW) failed %s", strerror(errno));
@@ -1108,7 +1116,7 @@ int totemknet_initialize (
/* Enable crypto if requested */
#ifdef HAVE_KNET_CRYPTO_RECONF
- if (strcmp(instance->totem_config->crypto_cipher_type, "none") != 0) {
+ if (totemknet_is_crypto_enabled(instance)) {
res = totemknet_set_knet_crypto(instance);
if (res == 0) {
res = knet_handle_crypto_use_config(instance->knet_handle, totem_config->crypto_index);
@@ -1134,7 +1142,7 @@ int totemknet_initialize (
}
}
#else
- if (strcmp(instance->totem_config->crypto_cipher_type, "none") != 0) {
+ if (totemknet_is_crypto_enabled(instance)) {
res = totemknet_set_knet_crypto(instance);
if (res) {
knet_log_printf(LOG_DEBUG, "Failed to set up knet crypto");
@@ -1616,7 +1624,7 @@ int totemknet_crypto_reconfigure_phase (
switch (phase) {
case CRYPTO_RECONFIG_PHASE_ACTIVATE:
config_to_use = totem_config->crypto_index;
- if (strcmp(instance->totem_config->crypto_cipher_type, "none") == 0) {
+ if (!totemknet_is_crypto_enabled(instance)) {
config_to_use = 0; /* we are clearing it */
}
@@ -1647,7 +1655,7 @@ int totemknet_crypto_reconfigure_phase (
}
/* If crypto is enabled then disable all cleartext reception */
- if (strcmp(instance->totem_config->crypto_cipher_type, "none") != 0) {
+ if (totemknet_is_crypto_enabled(instance)) {
res = knet_handle_crypto_rx_clear_traffic(instance->knet_handle, KNET_CRYPTO_RX_DISALLOW_CLEAR_TRAFFIC);
if (res) {
knet_log_printf(LOGSYS_LEVEL_ERROR, "knet_handle_crypto_rx_clear_traffic(DISALLOW) failed %s", strerror(errno));
--
2.18.2

View File

@ -1,60 +0,0 @@
commit aa326fb8f87fa0e2db6901db2ccb93cd582dd44f
Author: Fabio M. Di Nitto <fdinitto@redhat.com>
Date: Tue Apr 6 13:06:05 2021 +0200
knet: pass correct handle to knet_handle_compress
totemknet_configure_compression was using knet_context
just to gather the knet handle / instance.
On first time config knet_contex is not initialized till
much later in the code, passing some random garbage pointers
to knet_handle_compress, that would crash later trying
to acquire a mutex lock.
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
diff --git a/exec/totemknet.c b/exec/totemknet.c
index 0834e8e..e895256 100644
--- a/exec/totemknet.c
+++ b/exec/totemknet.c
@@ -197,7 +197,7 @@ int totemknet_member_list_rebind_ip (
static int totemknet_configure_compression (
- void *knet_context,
+ struct totemknet_instance *instance,
struct totem_config *totem_config);
static void totemknet_start_merge_detect_timeout(
@@ -1154,7 +1154,7 @@ int totemknet_initialize (
/* Set up compression */
if (strcmp(totem_config->knet_compression_model, "none") != 0) {
/* Not fatal, but will log */
- (void)totemknet_configure_compression(knet_context, totem_config);
+ (void)totemknet_configure_compression(instance, totem_config);
}
knet_handle_setfwd(instance->knet_handle, 1);
@@ -1557,10 +1557,9 @@ int totemknet_member_list_rebind_ip (
static int totemknet_configure_compression (
- void *knet_context,
+ struct totemknet_instance *instance,
struct totem_config *totem_config)
{
- struct totemknet_instance *instance = (struct totemknet_instance *)knet_context;
struct knet_handle_compress_cfg compress_cfg;
int res = 0;
@@ -1584,7 +1583,7 @@ int totemknet_reconfigure (
struct totemknet_instance *instance = (struct totemknet_instance *)knet_context;
int res = 0;
- (void)totemknet_configure_compression(knet_context, totem_config);
+ (void)totemknet_configure_compression(instance, totem_config);
#ifdef HAVE_LIBNOZZLE
/* Set up nozzle device(s). Return code is ignored, because inability

View File

@ -22,15 +22,12 @@
Name: corosync
Summary: The Corosync Cluster Engine and Application Programming Interfaces
Version: 3.1.0
Release: 3%{?gitver}%{?dist}.1
Version: 3.1.5
Release: 1%{?gitver}%{?dist}
License: BSD
URL: http://corosync.github.io/corosync/
Source0: http://build.clusterlabs.org/corosync/releases/%{name}-%{version}%{?gittarver}.tar.gz
Patch0: bz1896493-1-totemknet-Check-both-cipher-and-hash-for-crypto.patch
Patch1: bz1951049-1-knet-pass-correct-handle-to-knet_handle_compress.patch
%if %{with spausedd}
Source1: https://github.com/jfriesse/spausedd/releases/download/%{spausedd_version}/spausedd-%{spausedd_version}.tar.gz
# VMGuestLib exists only for x86_64 architecture
@ -94,9 +91,6 @@ BuildRequires: pkgconfig(vmguestlib)
%setup -q -n %{name}-%{version}%{?gittarver}
%endif
%patch0 -p1 -b .bz1896493-1
%patch1 -p1 -b .bz1951049-1
%build
%if %{with runautogen}
./autogen.sh
@ -395,10 +389,30 @@ fi
%endif
%changelog
* Mon Apr 19 2021 Jan Friesse <jfriesse@redhat.com> 3.1.0-3.1
- Resolves: rhbz#1951049
* Wed Aug 04 2021 Jan Friesse <jfriesse@redhat.com> 3.1.5-1
- Related: rhbz#1948973
- knet: pass correct handle to knet_handle_compress (rhbz#1951049)
- New upstream release (rhbz#1948973)
* Thu Jun 03 2021 Jan Friesse <jfriesse@redhat.com> 3.1.4-1
- Related: rhbz#1948973
- Resolves: rhbz#1962139
- New upstream release (rhbz#1948973)
- stats: fix crash when iterating over deleted keys (rhbz#1962139)
* Fri May 21 2021 Jan Friesse <jfriesse@redhat.com> 3.1.3-1
- Resolves: rhbz#1948973
- New upstream release (rhbz#1948973)
* Fri Apr 30 2021 Jan Friesse <jfriesse@redhat.com> 3.1.0-5
- Resolves: rhbz#1954432
* Tue Apr 06 2021 Jan Friesse <jfriesse@redhat.com> 3.1.0-4
- Resolves: rhbz#1946623
- knet: pass correct handle to knet_handle_compress (rhbz#1946623)
* Thu Nov 12 2020 Jan Friesse <jfriesse@redhat.com> 3.1.0-3
- Resolves: rhbz#1897085