rpms
/
kronosnet
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import kronosnet-1.10-1.el8_1.2

This commit is contained in:
CentOS Sources 2019-11-05 17:02:43 -05:00 committed by Andrew Lukoshko
commit 71bced9760
6 changed files with 2830 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
SOURCES/kronosnet-1.10.tar.gz

1
.kronosnet.metadata Normal file
View File

@ -0,0 +1 @@
b6b3a0b1c9b7f53b8218c545fd663983a0f422b9 SOURCES/kronosnet-1.10.tar.gz

37
SOURCES/bz1754442-link-mem-corruption.patch Normal file
View File

@ -0,0 +1,37 @@
commit 93f3df56ce1008c362df679b2768edbf2e5a860a
Author: Fabio M. Di Nitto <fdinitto@redhat.com>
Date: Thu Sep 19 09:02:44 2019 +0200
[links] fix memory corryption of link structure
the index would overflow the buffer and overwrite data in the link
structure. Depending on what was written the cluster could fall
apart in many ways, from crashing, to hung.
Fixes: https://github.com/kronosnet/kronosnet/issues/255
thanks to the proxmox developers and community for reporting the issue
and for all the help reproducing / debugging the problem.
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
diff --git a/libknet/links.c b/libknet/links.c
index 6abbd48..3d52511 100644
--- a/libknet/links.c
+++ b/libknet/links.c
@@ -62,13 +62,13 @@ int _link_updown(knet_handle_t knet_h, knet_node_id_t host_id, uint8_t link_id,
if (connected) {
time(&link->status.stats.last_up_times[link->status.stats.last_up_time_index]);
link->status.stats.up_count++;
- if (++link->status.stats.last_up_time_index > MAX_LINK_EVENTS) {
+ if (++link->status.stats.last_up_time_index >= MAX_LINK_EVENTS) {
link->status.stats.last_up_time_index = 0;
}
} else {
time(&link->status.stats.last_down_times[link->status.stats.last_down_time_index]);
link->status.stats.down_count++;
- if (++link->status.stats.last_down_time_index > MAX_LINK_EVENTS) {
+ if (++link->status.stats.last_down_time_index >= MAX_LINK_EVENTS) {
link->status.stats.last_down_time_index = 0;
}
}

415
SOURCES/bz1763714-fix-data-deliver-corruption-from-fragmented-packets.patch Normal file
View File

@ -0,0 +1,415 @@
commit db21da87bba6017c8343f9c6f255b21813ffd5d0
Author: Fabio M. Di Nitto <fdinitto@redhat.com>
Date: Tue Oct 15 06:46:36 2019 +0200
[host] rename variables to make it easier to read the code
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
diff --git a/libknet/host.c b/libknet/host.c
index abb1f89..ac26b89 100644
--- a/libknet/host.c
+++ b/libknet/host.c
@@ -569,7 +569,7 @@ static void _clear_cbuffers(struct knet_host *host, seq_num_t rx_seq_num)
int _seq_num_lookup(struct knet_host *host, seq_num_t seq_num, int defrag_buf, int clear_buf)
{
- size_t i, j; /* circular buffer indexes */
+ size_t head, tail; /* circular buffer indexes */
seq_num_t seq_dist;
char *dst_cbuf = host->circular_buffer;
char *dst_cbuf_defrag = host->circular_buffer_defrag;
@@ -585,13 +585,13 @@ int _seq_num_lookup(struct knet_host *host, seq_num_t seq_num, int defrag_buf, i
seq_dist = *dst_seq_num - seq_num;
}
- j = seq_num % KNET_CBUFFER_SIZE;
+ head = seq_num % KNET_CBUFFER_SIZE;
if (seq_dist < KNET_CBUFFER_SIZE) { /* seq num is in ring buffer */
if (!defrag_buf) {
- return (dst_cbuf[j] == 0) ? 1 : 0;
+ return (dst_cbuf[head] == 0) ? 1 : 0;
} else {
- return (dst_cbuf_defrag[j] == 0) ? 1 : 0;
+ return (dst_cbuf_defrag[head] == 0) ? 1 : 0;
}
} else if (seq_dist <= SEQ_MAX - KNET_CBUFFER_SIZE) {
memset(dst_cbuf, 0, KNET_CBUFFER_SIZE);
@@ -600,16 +600,16 @@ int _seq_num_lookup(struct knet_host *host, seq_num_t seq_num, int defrag_buf, i
}
/* cleaning up circular buffer */
- i = (*dst_seq_num + 1) % KNET_CBUFFER_SIZE;
+ tail = (*dst_seq_num + 1) % KNET_CBUFFER_SIZE;
- if (i > j) {
- memset(dst_cbuf + i, 0, KNET_CBUFFER_SIZE - i);
- memset(dst_cbuf, 0, j + 1);
- memset(dst_cbuf_defrag + i, 0, KNET_CBUFFER_SIZE - i);
- memset(dst_cbuf_defrag, 0, j + 1);
+ if (tail > head) {
+ memset(dst_cbuf + tail, 0, KNET_CBUFFER_SIZE - tail);
+ memset(dst_cbuf, 0, head + 1);
+ memset(dst_cbuf_defrag + tail, 0, KNET_CBUFFER_SIZE - tail);
+ memset(dst_cbuf_defrag, 0, head + 1);
} else {
- memset(dst_cbuf + i, 0, j - i + 1);
- memset(dst_cbuf_defrag + i, 0, j - i + 1);
+ memset(dst_cbuf + tail, 0, head - tail + 1);
+ memset(dst_cbuf_defrag + tail, 0, head - tail + 1);
}
*dst_seq_num = seq_num;
commit 1e473cf26d55c2b6ff8d5bfaa5aa689554de803c
Author: Fabio M. Di Nitto <fdinitto@redhat.com>
Date: Tue Oct 15 06:53:24 2019 +0200
[host] fix defrag buffers reclaim logic
The problem:
- let's assume a 2 nodes (A and B) cluster setup
- node A sends fragmented packets to node B and there is
packet loss on the network.
- node B receives all those fragments and attempts to
reassemble them.
- node A sends packet seq_num X in Y fragments.
- node B receives only part of the fragments and stores
them in a defrag buf.
- packet loss stops.
- node A continues to send packets and a seq_num
roll-over takes place.
- node A sends a new packet seq_num X in Y fragments.
- node B gets confused here because the parts of the old
packet seq_num X are still stored and the buffer
has not been reclaimed.
- node B continues to rebuild packet seq_num X with
old stale data and new data from after the roll-over.
- node B completes reassembling the packet and delivers
junk to the application.
The solution:
Add a much stronger buffer reclaim logic that will apply
on each received packet and not only when defrag buffers
are needed, as there might be a mix of fragmented and not
fragmented packets in-flight.
The new logic creates a window of N packets that can be
handled at the same time (based on the number of buffers)
and clear everything else.
Fixes https://github.com/kronosnet/kronosnet/issues/261
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
diff --git a/libknet/host.c b/libknet/host.c
index ac26b89..85d4626 100644
--- a/libknet/host.c
+++ b/libknet/host.c
@@ -562,6 +562,35 @@ static void _clear_cbuffers(struct knet_host *host, seq_num_t rx_seq_num)
}
}
+static void _reclaim_old_defrag_bufs(struct knet_host *host, seq_num_t seq_num)
+{
+ seq_num_t head, tail; /* seq_num boundaries */
+ int i;
+
+ head = seq_num + 1;
+ tail = seq_num - (KNET_MAX_LINK + 1);
+
+ /*
+ * expire old defrag buffers
+ */
+ for (i = 0; i < KNET_MAX_LINK; i++) {
+ if (host->defrag_buf[i].in_use) {
+ /*
+ * head has done a rollover to 0+
+ */
+ if (tail > head) {
+ if ((host->defrag_buf[i].pckt_seq >= head) && (host->defrag_buf[i].pckt_seq <= tail)) {
+ host->defrag_buf[i].in_use = 0;
+ }
+ } else {
+ if ((host->defrag_buf[i].pckt_seq >= head) || (host->defrag_buf[i].pckt_seq <= tail)){
+ host->defrag_buf[i].in_use = 0;
+ }
+ }
+ }
+ }
+}
+
/*
* check if a given packet seq num is in the circular buffers
* defrag_buf = 0 -> use normal cbuf 1 -> use the defrag buffer lookup
@@ -579,6 +608,8 @@ int _seq_num_lookup(struct knet_host *host, seq_num_t seq_num, int defrag_buf, i
_clear_cbuffers(host, seq_num);
}
+ _reclaim_old_defrag_bufs(host, seq_num);
+
if (seq_num < *dst_seq_num) {
seq_dist = (SEQ_MAX - seq_num) + *dst_seq_num;
} else {
commit 5bd88ebd63af20577095c2c98975f0f1781ba46a
Author: Fabio M. Di Nitto <fdinitto@redhat.com>
Date: Tue Oct 15 07:02:05 2019 +0200
[rx] copy data into the defrag buffer only if we know the size of the frame
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
diff --git a/libknet/threads_rx.c b/libknet/threads_rx.c
index b2a5dad..6c26cdc 100644
--- a/libknet/threads_rx.c
+++ b/libknet/threads_rx.c
@@ -186,8 +186,10 @@ static int pckt_defrag(knet_handle_t knet_h, struct knet_header *inbuf, ssize_t
defrag_buf->frag_size = *len;
}
- memmove(defrag_buf->buf + ((inbuf->khp_data_frag_seq - 1) * defrag_buf->frag_size),
- inbuf->khp_data_userdata, *len);
+ if (defrag_buf->frag_size) {
+ memmove(defrag_buf->buf + ((inbuf->khp_data_frag_seq - 1) * defrag_buf->frag_size),
+ inbuf->khp_data_userdata, *len);
+ }
defrag_buf->frag_recv++;
defrag_buf->frag_map[inbuf->khp_data_frag_seq] = 1;
commit cd59986900510119d8e7b63d33ad35466d480858
Author: Fabio M. Di Nitto <fdinitto@redhat.com>
Date: Tue Oct 15 07:16:22 2019 +0200
[test] add ability to knet_bench to specify a fixed packet size for perf test
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
diff --git a/libknet/tests/knet_bench.c b/libknet/tests/knet_bench.c
index dc04239..54b5303 100644
--- a/libknet/tests/knet_bench.c
+++ b/libknet/tests/knet_bench.c
@@ -67,6 +67,8 @@ static int test_type = TEST_PING;
static uint64_t perf_by_size_size = 1 * ONE_GIGABYTE;
static uint64_t perf_by_time_secs = 10;
+static uint32_t force_packet_size = 0;
+
struct node {
int nodeid;
int links;
@@ -109,6 +111,7 @@ static void print_help(void)
printf(" -s nodeid that will generate traffic for benchmarks\n");
printf(" -S [size|seconds] when used in combination with -T perf-by-size it indicates how many GB of traffic to generate for the test. (default: 1GB)\n");
printf(" when used in combination with -T perf-by-time it indicates how many Seconds of traffic to generate for the test. (default: 10 seconds)\n");
+ printf(" -x force packet size for perf-by-time or perf-by-size\n");
printf(" -C repeat the test continously (default: off)\n");
printf(" -X[XX] show stats at the end of the run (default: 1)\n");
printf(" 1: show handle stats, 2: show summary link stats\n");
@@ -250,7 +253,7 @@ static void setup_knet(int argc, char *argv[])
memset(nodes, 0, sizeof(nodes));
- while ((rv = getopt(argc, argv, "aCT:S:s:ldfom:wb:t:n:c:p:X::P:z:h")) != EOF) {
+ while ((rv = getopt(argc, argv, "aCT:S:s:ldfom:wb:t:n:c:p:x:X::P:z:h")) != EOF) {
switch(rv) {
case 'h':
print_help();
@@ -406,6 +409,13 @@ static void setup_knet(int argc, char *argv[])
perf_by_size_size = (uint64_t)atoi(optarg) * ONE_GIGABYTE;
perf_by_time_secs = (uint64_t)atoi(optarg);
break;
+ case 'x':
+ force_packet_size = (uint32_t)atoi(optarg);
+ if ((force_packet_size < 1) || (force_packet_size > 65536)) {
+ printf("Unsupported packet size %u (accepted 1 - 65536)\n", force_packet_size);
+ exit(FAIL);
+ }
+ break;
case 'C':
continous = 1;
break;
@@ -874,7 +884,7 @@ static int setup_send_buffers_common(struct knet_mmsghdr *msg, struct iovec *iov
printf("TXT: Unable to malloc!\n");
return -1;
}
- memset(tx_buf[i], 0, KNET_MAX_PACKET_SIZE);
+ memset(tx_buf[i], i, KNET_MAX_PACKET_SIZE);
iov_out[i].iov_base = (void *)tx_buf[i];
memset(&msg[i].msg_hdr, 0, sizeof(struct msghdr));
msg[i].msg_hdr.msg_iov = &iov_out[i];
@@ -898,6 +908,9 @@ static void send_perf_data_by_size(void)
setup_send_buffers_common(msg, iov_out, tx_buf);
while (packetsize <= KNET_MAX_PACKET_SIZE) {
+ if (force_packet_size) {
+ packetsize = force_packet_size;
+ }
for (i = 0; i < PCKT_FRAG_MAX; i++) {
iov_out[i].iov_len = packetsize;
}
@@ -926,7 +939,7 @@ static void send_perf_data_by_size(void)
knet_send(knet_h, ctrl_message, TEST_STOP, channel);
- if (packetsize == KNET_MAX_PACKET_SIZE) {
+ if ((packetsize == KNET_MAX_PACKET_SIZE) || (force_packet_size)) {
break;
}
@@ -1175,6 +1188,9 @@ static void send_perf_data_by_time(void)
memset(&clock_end, 0, sizeof(clock_start));
while (packetsize <= KNET_MAX_PACKET_SIZE) {
+ if (force_packet_size) {
+ packetsize = force_packet_size;
+ }
for (i = 0; i < PCKT_FRAG_MAX; i++) {
iov_out[i].iov_len = packetsize;
}
@@ -1205,7 +1221,7 @@ static void send_perf_data_by_time(void)
knet_send(knet_h, ctrl_message, TEST_STOP, channel);
- if (packetsize == KNET_MAX_PACKET_SIZE) {
+ if ((packetsize == KNET_MAX_PACKET_SIZE) || (force_packet_size)) {
break;
}
commit e28e2ea7c7e8139a6792ec1508215d4560b53e65
Author: Fabio M. Di Nitto <fdinitto@redhat.com>
Date: Wed Oct 16 08:10:23 2019 +0200
[test] add packet verification option to knet_bench
Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
diff --git a/libknet/tests/knet_bench.c b/libknet/tests/knet_bench.c
index 54b5303..c9e1c06 100644
--- a/libknet/tests/knet_bench.c
+++ b/libknet/tests/knet_bench.c
@@ -47,6 +47,7 @@ static char *compresscfg = NULL;
static char *cryptocfg = NULL;
static int machine_output = 0;
static int use_access_lists = 0;
+static int use_pckt_verification = 0;
static int bench_shutdown_in_progress = 0;
static pthread_mutex_t shutdown_mutex = PTHREAD_MUTEX_INITIALIZER;
@@ -76,6 +77,11 @@ struct node {
struct sockaddr_storage address[KNET_MAX_LINK];
};
+struct pckt_ver {
+ uint32_t len;
+ uint32_t chksum;
+};
+
static void print_help(void)
{
printf("knet_bench usage:\n");
@@ -117,6 +123,7 @@ static void print_help(void)
printf(" 1: show handle stats, 2: show summary link stats\n");
printf(" 3: show detailed link stats\n");
printf(" -a enable machine parsable output (default: off).\n");
+ printf(" -v enable packet verification for performance tests (default: off).\n");
}
static void parse_nodes(char *nodesinfo[MAX_NODES], int onidx, int port, struct node nodes[MAX_NODES], int *thisidx)
@@ -253,7 +260,7 @@ static void setup_knet(int argc, char *argv[])
memset(nodes, 0, sizeof(nodes));
- while ((rv = getopt(argc, argv, "aCT:S:s:ldfom:wb:t:n:c:p:x:X::P:z:h")) != EOF) {
+ while ((rv = getopt(argc, argv, "aCT:S:s:lvdfom:wb:t:n:c:p:x:X::P:z:h")) != EOF) {
switch(rv) {
case 'h':
print_help();
@@ -411,11 +418,14 @@ static void setup_knet(int argc, char *argv[])
break;
case 'x':
force_packet_size = (uint32_t)atoi(optarg);
- if ((force_packet_size < 1) || (force_packet_size > 65536)) {
- printf("Unsupported packet size %u (accepted 1 - 65536)\n", force_packet_size);
+ if ((force_packet_size < 64) || (force_packet_size > 65536)) {
+ printf("Unsupported packet size %u (accepted 64 - 65536)\n", force_packet_size);
exit(FAIL);
}
break;
+ case 'v':
+ use_pckt_verification = 1;
+ break;
case 'C':
continous = 1;
break;
@@ -654,6 +664,24 @@ static void setup_knet(int argc, char *argv[])
}
}
+/*
+ * calculate weak chksum (stole from corosync for debugging purposes)
+ */
+static uint32_t compute_chsum(const unsigned char *data, uint32_t data_len)
+{
+ unsigned int i;
+ unsigned int checksum = 0;
+
+ for (i = 0; i < data_len; i++) {
+ if (checksum & 1) {
+ checksum |= 0x10000;
+ }
+
+ checksum = ((checksum >> 1) + (unsigned char)data[i]) & 0xffff;
+ }
+ return (checksum);
+}
+
static void *_rx_thread(void *args)
{
int rx_epoll;
@@ -766,6 +794,20 @@ static void *_rx_thread(void *args)
}
continue;
}
+ if (use_pckt_verification) {
+ struct pckt_ver *recv_pckt = (struct pckt_ver *)msg[i].msg_hdr.msg_iov->iov_base;
+ uint32_t chksum;
+
+ if (msg[i].msg_len != recv_pckt->len) {
+ printf("Wrong packet len received: %u expected: %u!\n", msg[i].msg_len, recv_pckt->len);
+ exit(FAIL);
+ }
+ chksum = compute_chsum((const unsigned char *)msg[i].msg_hdr.msg_iov->iov_base + sizeof(struct pckt_ver), msg[i].msg_len - sizeof(struct pckt_ver));
+ if (recv_pckt->chksum != chksum){
+ printf("Wrong packet checksum received: %u expected: %u!\n", recv_pckt->chksum, chksum);
+ exit(FAIL);
+ }
+ }
rx_pkts++;
rx_bytes = rx_bytes + msg[i].msg_len;
current_pckt_size = msg[i].msg_len;
@@ -913,6 +955,11 @@ static void send_perf_data_by_size(void)
}
for (i = 0; i < PCKT_FRAG_MAX; i++) {
iov_out[i].iov_len = packetsize;
+ if (use_pckt_verification) {
+ struct pckt_ver *tx_pckt = (struct pckt_ver *)&iov_out[i].iov_base;
+ tx_pckt->len = iov_out[i].iov_len;
+ tx_pckt->chksum = compute_chsum((const unsigned char *)iov_out[i].iov_base + sizeof(struct pckt_ver), iov_out[i].iov_len - sizeof(struct pckt_ver));
+ }
}
total_pkts_to_tx = perf_by_size_size / packetsize;
@@ -1193,6 +1240,11 @@ static void send_perf_data_by_time(void)
}
for (i = 0; i < PCKT_FRAG_MAX; i++) {
iov_out[i].iov_len = packetsize;
+ if (use_pckt_verification) {
+ struct pckt_ver *tx_pckt = (struct pckt_ver *)iov_out[i].iov_base;
+ tx_pckt->len = iov_out[i].iov_len;
+ tx_pckt->chksum = compute_chsum((const unsigned char *)iov_out[i].iov_base + sizeof(struct pckt_ver), iov_out[i].iov_len - sizeof(struct pckt_ver));
+ }
}
printf("[info]: testing with %u bytes packet size for %" PRIu64 " seconds.\n", packetsize, perf_by_time_secs);

1751
SOURCES/bz1763715-fix-mtu-calculation.patch Normal file
View File

File diff suppressed because it is too large Load Diff

625
SPECS/kronosnet.spec Normal file
View File

@ -0,0 +1,625 @@
###############################################################################
###############################################################################
##
## Copyright (C) 2012-2019 Red Hat, Inc. All rights reserved.
##
## This copyrighted material is made available to anyone wishing to use,
## modify, copy, or redistribute it subject to the terms and conditions
## of the GNU General Public License v.2 or higher
##
###############################################################################
###############################################################################
# set defaults from ./configure invokation
%bcond_without sctp
%bcond_without nss
%bcond_without openssl
%bcond_without zlib
%bcond_without lz4
%bcond_without lzo2
%bcond_without lzma
%bcond_without bzip2
%bcond_with zstd
%bcond_with kronosnetd
%bcond_without libnozzle
%bcond_without runautogen
%bcond_with rpmdebuginfo
%bcond_with overriderpmdebuginfo
%bcond_without installtests
# DWZ crashes when making debuginfos. This workaround is from
# https://github.com/docker/docker/issues/22051
# I got this via https://bugzilla.redhat.com/show_bug.cgi?id=1691946
%global _dwz_low_mem_die_limit 0
%if %{with overriderpmdebuginfo}
%undefine _enable_debug_packages
%endif
%if %{with sctp}
%global buildsctp 1
%endif
%if %{with nss}
%global buildcryptonss 1
%endif
%if %{with openssl}
%global buildcryptoopenssl 1
%endif
%if %{with zlib}
%global buildcompresszlib 1
%endif
%if %{with lz4}
%global buildcompresslz4 1
%endif
%if %{with lzo2}
%global buildcompresslzo2 1
%endif
%if %{with lzma}
%global buildcompresslzma 1
%endif
%if %{with bzip2}
%global buildcompressbzip2 1
%endif
%if %{with zstd}
%global buildcompresszstd 1
%endif
%if %{with libnozzle}
%global buildlibnozzle 1
%endif
%if %{with kronosnetd}
%global buildlibnozzle 1
%global buildkronosnetd 1
%endif
%if %{with runautogen}
%global buildautogen 1
%endif
%if %{with installtests}
%global installtestsuite 1
%endif
# main (empty) package
# http://www.rpm.org/max-rpm/s1-rpm-subpack-spec-file-changes.html
Name: kronosnet
Summary: Multipoint-to-Multipoint VPN daemon
Version: 1.10
Release: 1%{?dist}.2
License: GPLv2+ and LGPLv2+
URL: http://www.kronosnet.org
Source0: http://www.kronosnet.org/releases/kronosnet-%{version}.tar.gz
#Patch0: bz1688880-covscan-fixes.patch
Patch1: bz1754442-link-mem-corruption.patch
Patch2: bz1763715-fix-mtu-calculation.patch
Patch3: bz1763714-fix-data-deliver-corruption-from-fragmented-packets.patch
# Build dependencies
BuildRequires: gcc
# required to build man pages
BuildRequires: libxml2-devel doxygen
BuildRequires: libqb-devel
%if %{defined buildsctp}
BuildRequires: lksctp-tools-devel
%endif
%if %{defined buildcryptonss}
BuildRequires: nss-devel
%endif
%if %{defined buildcryptoopenssl}
BuildRequires: openssl-devel
%endif
%if %{defined buildcompresszlib}
BuildRequires: zlib-devel
%endif
%if %{defined buildcompresslz4}
BuildRequires: lz4-devel
%endif
%if %{defined buildcompresslzo2}
BuildRequires: lzo-devel
%endif
%if %{defined buildcompresslzma}
BuildRequires: xz-devel
%endif
%if %{defined buildcompressbzip2}
BuildRequires: bzip2-devel
%endif
%if %{defined buildcompresszstd}
BuildRequires: libzstd-devel
%endif
%if %{defined buildkronosnetd}
BuildRequires: systemd
BuildRequires: pam-devel
%endif
%if %{defined buildlibnozzle}
BuildRequires: libnl3-devel
%endif
%if %{defined buildautogen}
BuildRequires: automake
BuildRequires: libtool
BuildRequires: autoconf
%endif
%prep
%setup -q -n %{name}-%{version}
#%patch0 -p1 -b .bz1688880-covscan-fixes
%patch1 -p1 -b .bz1754442-link-mem-corruption
%patch2 -p1 -b .bz1763715-fix-mtu-calculation
%patch3 -p1 -b .bz1763714-fix-data-deliver-corruption-from-fragmented-packets
%build
%if %{defined buildautogen}
./autogen.sh
%endif
%{configure} \
%if %{defined buildsctp}
--enable-libknet-sctp \
%else
--disable-libknet-sctp \
%endif
%if %{defined buildcryptonss}
--enable-crypto-nss \
%else
--disable-crypto-nss \
%endif
%if %{defined buildcryptoopenssl}
--enable-crypto-openssl \
%else
--disable-crypto-openssl \
%endif
%if %{defined buildcompresszlib}
--enable-compress-zlib \
%else
--disable-compress-zlib \
%endif
%if %{defined buildcompresslz4}
--enable-compress-lz4 \
%else
--disable-compress-lz4 \
%endif
%if %{defined buildcompresslzo2}
--enable-compress-lzo2 \
%else
--disable-compress-lzo2 \
%endif
%if %{defined buildcompresslzma}
--enable-compress-lzma \
%else
--disable-compress-lzma \
%endif
%if %{defined buildcompresszstd}
--enable-compress-zstd \
%else
--disable-compress-zstd \
%endif
%if %{defined buildkronosnetd}
--enable-kronosnetd \
%endif
%if %{defined buildlibnozzle}
--enable-libnozzle \
%endif
%if %{defined installtestsuite}
--enable-install-tests \
%else
--disable-install-tests \
%endif
--with-initdefaultdir=%{_sysconfdir}/sysconfig/ \
--with-systemddir=%{_unitdir}
make %{_smp_mflags}
%install
make install DESTDIR=%{buildroot}
# tree cleanup
# remove static libraries
find %{buildroot} -name "*.a" -exec rm {} \;
# remove libtools leftovers
find %{buildroot} -name "*.la" -exec rm {} \;
# handle systemd vs init script
# remove init scripts
rm -rf %{buildroot}/etc/init.d
# remove docs
rm -rf %{buildroot}/usr/share/doc/kronosnet
# Disabled because of concern that the testsuite does not play nice with the
# network loopback interface. Upstream has a comprehensive CI/CD system which
# tests different versions of Fedora and should be very safe. In the unlikely
# event of bugs, we should probably avoid DoS´ing the fedora builders by
# generating unwanted traffic.
#%check
# main empty package
%description
kronosnet source
%if %{defined buildkronosnetd}
## Runtime and subpackages section
%package -n kronosnetd
Summary: Multipoint-to-Multipoint VPN daemon
License: GPLv2+
Requires(post): shadow-utils
Requires: pam, /etc/pam.d/passwd
%{?systemd_requires}
%description -n kronosnetd
The kronosnet daemon is a bridge between kronosnet switching engine
and kernel network tap devices, to create and administer a
distributed LAN over multipoint-to-multipoint VPNs.
The daemon does a poor attempt to provide a configure UI similar
to other known network devices/tools (Cisco, quagga).
Beside looking horrific, it allows runtime changes and
reconfiguration of the kronosnet(s) without daemon reload
or service disruption.
%post -n kronosnetd
%systemd_post kronosnetd.service
getent group kronosnetadm >/dev/null || groupadd --force kronosnetadm
%postun -n kronosnetd
%systemd_postun kronosnetd.service
%preun -n kronosnetd
%systemd_preun kronosnetd.service
%files -n kronosnetd
%license COPYING.* COPYRIGHT
%dir %{_sysconfdir}/kronosnet
%dir %{_sysconfdir}/kronosnet/*
%config(noreplace) %{_sysconfdir}/sysconfig/kronosnetd
%config(noreplace) %{_sysconfdir}/pam.d/kronosnetd
%config(noreplace) %{_sysconfdir}/logrotate.d/kronosnetd
%{_unitdir}/kronosnetd.service
%{_sbindir}/*
%{_mandir}/man8/*
%endif
%if %{defined buildlibnozzle}
%package -n libnozzle1
Summary: Simple userland wrapper around kernel tap devices
License: LGPLv2+
%description -n libnozzle1
This is an over-engineered commodity library to manage a pool
of tap devices and provides the basic
pre-up.d/up.d/down.d/post-down.d infrastructure.
%files -n libnozzle1
%license COPYING.* COPYRIGHT
%{_libdir}/libnozzle.so.*
%ldconfig_scriptlets -n libtap1
%package -n libnozzle1-devel
Summary: Simple userland wrapper around kernel tap devices (developer files)
License: LGPLv2+
Requires: libnozzle1%{_isa} = %{version}-%{release}
Requires: pkgconfig
%description -n libnozzle1-devel
This is an over-engineered commodity library to manage a pool
of tap devices and provides the basic
pre-up.d/up.d/down.d/post-down.d infrastructure.
%files -n libnozzle1-devel
%license COPYING.* COPYRIGHT
%{_libdir}/libnozzle.so
%{_includedir}/libnozzle.h
%{_libdir}/pkgconfig/libnozzle.pc
%endif
%package -n libknet1
Summary: Kronosnet core switching implementation (protocol v1)
License: LGPLv2+
BuildRequires: libqb-devel
BuildRequires: doxygen
%description -n libknet1
Kronosnet, often referred to as knet, is a network abstraction layer
designed for High Availability use cases, where redundancy, security,
fault tolerance and fast fail-over are the core requirements of your
application.
The whole kronosnet core is implemented in this library.
Please refer to https://kronosnet.org/ for further information.
%files -n libknet1
%license COPYING.* COPYRIGHT
%{_libdir}/libknet.so.*
%dir %{_libdir}/kronosnet
%ldconfig_scriptlets -n libknet1
%package -n libknet1-devel
Summary: Kronosnet core switching implementation (developer files)
License: LGPLv2+
Requires: libknet1%{_isa} = %{version}-%{release}
Requires: pkgconfig
%description -n libknet1-devel
The whole kronosnet core is implemented in this library.
Please refer to the not-yet-existing documentation for further
information.
# libknet.pc leading to pkgconfig(libknet) automatic virtual provides,
# like other files, is not explicitly versioned in the name like the
# subpackages are -- intention of doing so for subpackage names is
# to ease the cross-checking the compatibility of the remote clients
# interchanging data using this network communication library, as
# the number denotes the protocol version (providing multiple
# protocol versions in parallel is not planned).
%files -n libknet1-devel
%{_libdir}/libknet.so
%{_includedir}/libknet.h
%{_libdir}/pkgconfig/libknet.pc
%{_mandir}/man3/*.3.gz
%if %{defined buildcryptonss}
%package -n libknet1-crypto-nss-plugin
Summary: Libknet1 nss support
License: LGPLv2+
Requires: libknet1%{_isa} = %{version}-%{release}
%description -n libknet1-crypto-nss-plugin
NSS crypto support for libknet1.
%files -n libknet1-crypto-nss-plugin
%{_libdir}/kronosnet/crypto_nss.so
%endif
%if %{defined buildcryptoopenssl}
%package -n libknet1-crypto-openssl-plugin
Summary: Libknet1 openssl support
License: LGPLv2+
Requires: libknet1%{_isa} = %{version}-%{release}
%description -n libknet1-crypto-openssl-plugin
OpenSSL crypto support for libknet1.
%files -n libknet1-crypto-openssl-plugin
%{_libdir}/kronosnet/crypto_openssl.so
%endif
%if %{defined buildcompresszlib}
%package -n libknet1-compress-zlib-plugin
Summary: Libknet1 zlib support
License: LGPLv2+
Requires: libknet1%{_isa} = %{version}-%{release}
%description -n libknet1-compress-zlib-plugin
zlib compression support for libknet1.
%files -n libknet1-compress-zlib-plugin
%{_libdir}/kronosnet/compress_zlib.so
%endif
%if %{defined buildcompresslz4}
%package -n libknet1-compress-lz4-plugin
Summary: Libknet1 lz4 and lz4hc support
License: LGPLv2+
Requires: libknet1%{_isa} = %{version}-%{release}
%description -n libknet1-compress-lz4-plugin
lz4 and lz4hc compression support for libknet1.
%files -n libknet1-compress-lz4-plugin
%{_libdir}/kronosnet/compress_lz4.so
%{_libdir}/kronosnet/compress_lz4hc.so
%endif
%if %{defined buildcompresslzo2}
%package -n libknet1-compress-lzo2-plugin
Summary: Libknet1 lzo2 support
License: LGPLv2+
Requires: libknet1%{_isa} = %{version}-%{release}
%description -n libknet1-compress-lzo2-plugin
lzo2 compression support for libknet1.
%files -n libknet1-compress-lzo2-plugin
%{_libdir}/kronosnet/compress_lzo2.so
%endif
%if %{defined buildcompresslzma}
%package -n libknet1-compress-lzma-plugin
Summary: Libknet1 lzma support
License: LGPLv2+
Requires: libknet1%{_isa} = %{version}-%{release}
%description -n libknet1-compress-lzma-plugin
lzma compression support for libknet1.
%files -n libknet1-compress-lzma-plugin
%{_libdir}/kronosnet/compress_lzma.so
%endif
%if %{defined buildcompressbzip2}
%package -n libknet1-compress-bzip2-plugin
Summary: Libknet1 bzip2 support
License: LGPLv2+
Requires: libknet1%{_isa} = %{version}-%{release}
%description -n libknet1-compress-bzip2-plugin
bzip2 compression support for libknet1.
%files -n libknet1-compress-bzip2-plugin
%{_libdir}/kronosnet/compress_bzip2.so
%endif
%if %{defined buildcompresszstd}
%package -n libknet1-compress-zstd-plugin
Summary: Libknet1 zstd support
License: LGPLv2+
Requires: libknet1%{_isa} = %{version}-%{release}
%description -n libknet1-compress-zstd-plugin
zstd compression support for libknet1.
%files -n libknet1-compress-zstd-plugin
%{_libdir}/kronosnet/compress_zstd.so
%endif
%package -n libknet1-crypto-plugins-all
Summary: Libknet1 crypto plugins meta package
License: LGPLv2+
%if %{defined buildcryptonss}
Requires: libknet1-crypto-nss-plugin%{_isa} = %{version}-%{release}
%endif
%if %{defined buildcryptoopenssl}
Requires: libknet1-crypto-openssl-plugin%{_isa} = %{version}-%{release}
%endif
%description -n libknet1-crypto-plugins-all
meta package to install all of libknet1 crypto plugins
%files -n libknet1-crypto-plugins-all
%package -n libknet1-compress-plugins-all
Summary: Libknet1 compress plugins meta package
License: LGPLv2+
%if %{defined buildcompresszlib}
Requires: libknet1-compress-zlib-plugin%{_isa} = %{version}-%{release}
%endif
%if %{defined buildcompresslz4}
Requires: libknet1-compress-lz4-plugin%{_isa} = %{version}-%{release}
%endif
%if %{defined buildcompresslzo2}
Requires: libknet1-compress-lzo2-plugin%{_isa} = %{version}-%{release}
%endif
%if %{defined buildcompresslzma}
Requires: libknet1-compress-lzma-plugin%{_isa} = %{version}-%{release}
%endif
%if %{defined buildcompressbzip2}
Requires: libknet1-compress-bzip2-plugin%{_isa} = %{version}-%{release}
%endif
%if %{defined buildcompresszstd}
Requires: libknet1-compress-zstd-plugin%{_isa} = %{version}-%{release}
%endif
%description -n libknet1-compress-plugins-all
meta package to install all of libknet1 compress plugins
%files -n libknet1-compress-plugins-all
%package -n libknet1-plugins-all
Summary: Libknet1 plugins meta package
License: LGPLv2+
Requires: libknet1-compress-plugins-all%{_isa} = %{version}-%{release}
Requires: libknet1-crypto-plugins-all%{_isa} = %{version}-%{release}
%description -n libknet1-plugins-all
meta package to install all of libknet1 plugins
%files -n libknet1-plugins-all
%if %{with installtests}
%package -n kronosnet-tests
Group: System Environment/Libraries
Summary: kronosnet test suite
Requires: libknet1 = %{version}-%{release}
Requires: libnozzle1%{_isa} = %{version}-%{release}
%description -n kronosnet-tests
this package contains the libknet test suite
%files -n kronosnet-tests
%defattr(-,root,root,-)
%{_libdir}/kronosnet/tests/*
%endif
%if %{with rpmdebuginfo}
# This is left over from upstream.
%debug_package
%endif
%changelog
* Tue Oct 22 2019 Fabio M. Di Nitto <fdinitto@redhat.com> - 1.10-1.2
host: Fix defrag buffer reclaim logic that could cause delivery
of corrupted data
Resolves: rhbz#1763714
PMTUd: Fix MTU calculation when using crypto
Disable fun_pmtud_crypto_test as it can take several hours to run
Resolves: rhbz#1763715
* Mon Sep 23 2019 Fabio M. Di Nitto <fdinitto@redhat.com> - 1.10-1.1
link: Fix memory corruption when too many up/down events are recorded
Resolves: rhbz#1754442
* Wed Jun 12 2019 Christine Caulfield <ccaulfie@redhat.com> - 1.10-1
Rebase to 1.10 for ACL support
Resolves: rhbz#1688880
* Tue May 21 2019 Christine Caulfield <ccaulfie@redhat.com> - 1.9-3
Fix kronosnet-tests dependancies and add workaround for dwz crash
Resolves: rhbz#1688880
* Tue May 14 2019 Christine Caulfield <ccaulfie@redhat.com> - 1.9-2
add some covscan fixes
Resolves: rhbz#1688880
* Tue May 14 2019 Christine Caulfield <ccaulfie@redhat.com> - 1.9-1
Rebase to knet 1.9
Resolves: rhbz#1688880
* Thu Mar 28 2019 Christine Caulfield <ccaulfie@redhat.com> - 1.4-5
link: Check address families on a link always match
Resolves: rhbz#1691419
* Thu Mar 14 2019 Christine Caulfield <ccaulfie@redhat.com> - 1.4-4
Add Gating tests
Resolves: rhbz#1682128
* Fri Dec 14 2018 Christine Caulfield <ccaulfie@redhat.com> - 1.4-3
Don't spin if we get EPERM from sendmsg - iptables can cause this
Resolves: rhbz#1658301
* Fri Oct 19 2018 Christine Caulfield <ccaulfie@redhat.com> - 1.4-2
Don't close the loopback link when all the 'real' nodes are down
Resolves: rhbz1640619
* Tue Aug 7 2018 Christine Caulfield <ccaulfie@redhat.com> - 1.4-1
- Rebase to v1.4
* Tue May 22 2018 Christine Caulfield <ccaulfie@redhat.com> - 1.3-1
- Rebase to v1.3
* Tue Apr 10 2018 Christine Caulfield <ccaulfie@redhat.com> - 1.1-9
- Rebase from Fedora
* Fri Mar 09 2018 Madison Kelly <mkelly@alteeve.ca> - 1.1-8
- Changed pkgconfig() to normal package names to help avoid the wrong
package being pulled in to satisfy dependencies.
* Wed Mar 07 2018 Madison Kelly <mkelly@alteeve.ca> - 1.1-7
- Moved the comment back above '%%files -n libknet1-devel'.
- Added comment to '%%debug_package'.
* Wed Mar 07 2018 Madison Kelly <mkelly@alteeve.ca> - 1.1-6
- Added a version requirement to lz4 to deal with koji pulling in the
wrong package.
* Tue Mar 06 2018 Madison Kelly <mkelly@alteeve.ca> - 1.1-5
- Updated ldconfig scriptlet calls.
- Moved the debug_package leading comment.
* Sun Mar 04 2018 Madison Kelly <mkelly@alteeve.ca> - 1.1-4
- Removed leading spaces from descriptions.
- Added the (commented out) %%check tests.
- Updated the changelog macro references to have two percent signs.
- Dropped the redundant libknet1-devel license files.
- Changed 'GPLv2+ + LGPLv2+' to 'GPLv2+ and LGPLv2+'.
- Updated %%ldconfig_scriptlets call.
- Clarified the kronosnet protocol version in the summary.
* Mon Feb 26 2018 Madison Kelly <mkelly@alteeve.ca> - 1.1-3
- Fixed the changelog to not have the full macro names.
* Sun Feb 25 2018 Madison Kelly <mkelly@alteeve.ca> - 1.1-2
- Moved the 'BuildRequires: systemd' to be conditional with kronostnetd.
* Sun Feb 25 2018 Madison Kelly <mkelly@alteeve.ca> - 1.1-1
- Rerolled for 1.1 upstream release.
- Removed the (no longer needed) gcc8-fixes.patch
- Added the new doxygen and libqb-devel buildrequires for libknetd.