From 7cc3c145f5a692db01683227b5b685da182c484e Mon Sep 17 00:00:00 2001 From: Oyvind Albrigtsen Date: Mon, 15 Jun 2026 11:29:30 +0200 Subject: [PATCH] - fence_ibm_vpc: set proxy when token has expired as well Resolves: RHEL-140160 --- ...-proxy-when-token-is-expired-as-well.patch | 21 +++++++++++++++++++ fence-agents.spec | 8 ++++++- 2 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 RHEL-140160-fence_ibm_vpc-set-proxy-when-token-is-expired-as-well.patch diff --git a/RHEL-140160-fence_ibm_vpc-set-proxy-when-token-is-expired-as-well.patch b/RHEL-140160-fence_ibm_vpc-set-proxy-when-token-is-expired-as-well.patch new file mode 100644 index 0000000..6b4ecff --- /dev/null +++ b/RHEL-140160-fence_ibm_vpc-set-proxy-when-token-is-expired-as-well.patch @@ -0,0 +1,21 @@ +From 267cfcefb5830c4d4cc02c4d28ba3f4489a9c427 Mon Sep 17 00:00:00 2001 +From: Oyvind Albrigtsen +Date: Mon, 15 Jun 2026 11:23:31 +0200 +Subject: [PATCH] fence_ibm_vpc: set proxy when token has expired as well + +--- + agents/ibm_vpc/fence_ibm_vpc.py | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/agents/ibm_vpc/fence_ibm_vpc.py b/agents/ibm_vpc/fence_ibm_vpc.py +index 1acab72e6..69bd72146 100755 +--- a/agents/ibm_vpc/fence_ibm_vpc.py ++++ b/agents/ibm_vpc/fence_ibm_vpc.py +@@ -198,6 +198,7 @@ def send_command(conn, options, command, method="GET", action=None, expected_rc= + # auth if token has expired + if rc in [400, 401, 415]: + tokenconn = pycurl.Curl() ++ tokenconn.setopt(pycurl.PROXY, "{}".format(opt["--proxy"])) + token = get_bearer_token(tokenconn, options) + tokenconn.close() + conn = set_bearer_token(conn, token) diff --git a/fence-agents.spec b/fence-agents.spec index 32b9d1d..8e7cf7f 100644 --- a/fence-agents.spec +++ b/fence-agents.spec @@ -13,7 +13,7 @@ Name: fence-agents Summary: Set of unified programs capable of host isolation ("fencing") Version: 4.16.0 -Release: 27%{?alphatag:.%{alphatag}}%{?dist} +Release: 28%{?alphatag:.%{alphatag}}%{?dist} License: GPL-2.0-or-later AND LGPL-2.0-or-later URL: https://github.com/ClusterLabs/fence-agents Source0: https://fedorahosted.org/releases/f/e/fence-agents/%{name}-%{version}.tar.gz @@ -121,6 +121,7 @@ Patch19: RHEL-125959-fence_virt-print-errors-to-stderr.patch Patch20: RHEL-145086-fence_ibm_vpc-fix-missing-statuses.patch Patch21: RHEL-170614-fence_virtd-fix-discard-const-error-with-GCC-16.patch Patch22: RHEL-81658-fence_kubevirt-report-Succeeded-and-Failed-as-OFF.patch +Patch23: RHEL-140160-fence_ibm_vpc-set-proxy-when-token-is-expired-as-well.patch %global supportedagents amt_ws apc apc_snmp bladecenter brocade cisco_mds cisco_ucs drac5 eaton_snmp emerson eps hpblade ibmblade ibm_powervs ibm_vpc ifmib ilo ilo_moonshot ilo_mp ilo_ssh intelmodular ipdu ipmilan kdump kubevirt lpar mpath nutanix_ahv redfish rhevm rsa rsb sbd scsi vmware_rest vmware_soap wti %ifarch x86_64 @@ -252,6 +253,7 @@ BuildRequires: %{systemd_units} %patch -p1 -P 20 %patch -p1 -P 21 %patch -p1 -P 22 +%patch -p1 -P 23 # prevent compilation of something that won't get used anyway sed -i.orig 's|FENCE_ZVM=1|FENCE_ZVM=0|' configure.ac @@ -1224,6 +1226,10 @@ are located on corosync cluster nodes. %endif %changelog +* Mon Jun 15 2026 Oyvind Albrigtsen - 4.16.0-28 +- fence_ibm_vpc: set proxy when token has expired as well + Resolves: RHEL-140160 + * Mon Jun 8 2026 Oyvind Albrigtsen - 4.16.0-27 - bundled PyJWT: upgrade to v2.13.0 to fix CVE-2026-48526 Resolves: RHEL-182312