Hello community, here is the log from the commit of package keepalived for openSUSE:Factory checked in at 2018-11-29 23:00:30 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/keepalived (Old) and /work/SRC/openSUSE:Factory/.keepalived.new.19453 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "keepalived" Thu Nov 29 23:00:30 2018 rev:23 rq:652407 version:2.0.10 Changes: -------- --- /work/SRC/openSUSE:Factory/keepalived/keepalived.changes 2018-05-01 23:40:56.618741254 +0200 +++ /work/SRC/openSUSE:Factory/.keepalived.new.19453/keepalived.changes 2018-11-29 23:00:30.751498124 +0100 @@ -1,0 +2,628 @@ +Wed Nov 28 12:27:13 UTC 2018 - Marcus Rueckert <mrueckert@suse.de> + +- update to 2.0.10 + - Fix compiling on Alpine Linux. + - Stop printf compiler warning on Alpine Linux due to rlim_t. + - manpage cosmetic. + - Fix removing snmpd read threads when snmpd becomes unavailable. + - Update to support libipset version 7. + - Use ipset_printf for ipset messages so can go to log. + - When opening files for write, ensure files can only be read by + root. Issue #1048 referred to CVE-2018-19046 regarding files + used for debugging purposes could potentially be read by non + root users. This commit ensures that such log files cannot be + opened by non root users. + - Disable fopen_safe() append mode by default If a non privileged + user creates /tmp/keepalived.log and has it open for read (e.g. + tail -f), then even though keepalived will change the owner to + root and remove all read/write permissions from non owners, the + application which already has the file open will be able to + read the added log entries. Accordingly, opening a file in + append mode is disabled by default, and only enabled if + --enable-smtp-alert-debug or --enable-log-file (which are + debugging options and unset by default) are enabled. This + should further alleviate security concerns related to + CVE-2018-19046. + - vrrp: add support to constant time memcmp. Just an update to + use best practise security design pattern. While comparing + password or hmac you need to ensure comparison function is time + constant in order to figth against any timing attacks. We turn + off potential compiler optimizations for this particular + function to avoid any short circuit. + - Make sure a non privileged user cannot read keepalived file + output Ensure that when a file such as /tmp/keepalived.data is + written, no non privileged can have a previous version of that + file already open, thereby allowing them to read the data. + This should fully resolve CVE-2018-19046. +- drop b7a98f9265ffb5927c4d54c9a30726c76e65bb52.patch: included in + update + +------------------------------------------------------------------- +Sat Nov 10 21:01:14 UTC 2018 - Marcus Rueckert <mrueckert@suse.de> + +- added b7a98f9265ffb5927c4d54c9a30726c76e65bb52.patch to fix + building with libipset >= 7 + +------------------------------------------------------------------- +Fri Nov 9 16:07:40 UTC 2018 - Marcus Rueckert <mrueckert@suse.de> + +- update to 2.0.9 + - Fix updating a timer thread's timeout. Issue #1042 identified + that the BFD process could segfault. This was tracked down to a + timer thread which had already expired having its timeout + updated by timer_thread_update_timeout(). The sands timer + should only be updated if the thread is on a waiting queue, and + not if it has already timed out or it is unused. + - Don't requeue read thread if it is not waiting. This update + matches commit 09a2a37 - Fix updating a timer thread's timeout + should. + - Allow BFD instance to recover after send error. If sendto + failed in bfd_send_packet(), the bfd instance was put into + admin down state, but there was no means for the bfd instance + to transition out of admin down state. This commit makes + keepalived log the first instance of a sequence of failures to + send a bfd packet, but does not bring the bfd instance down in + case the error is a transient error. If the error is longer + lasting, the remote system will timeout, transition to down + state, and send a message saying it is down. Once the bfd + instance can start sending again the bfd instance can now + transition again to up state. + - Make DGB definition use log_message() rather than syslog(). + - Fix building with --enable-debug configure option. + - Start list of required kernel features in INSTALL file. Issue + #1024 asked what kernel features are needed to support + keepalived. The simple answer was that it isn't recorded + anywhere, so this is a start of making a list of the features + required. + - Make list_remove() call list free function and add + list_transfer(). If an element is being removed from a list, + the free function should be called. list_transfer() allows a + list element to be moved from one list to another without + freeing and reallocating the list element control information. + - Add mem_check diagnostics re calling functions of list + functions. When using mem_check, mallocs and frees were + recorded against the list functions, and the originating + functions weren't identified. This patch adds recording of the + functions calling the list functions so that the originating + function is identified. + - Simplify the processing of comments in configuration files. + This commit moves the handling (and removal) of comments to a + single function (called from read_line()) which simplifies the + processing of config files. + - Add ~SEQ(start, step, end) config functionality Where a + configuration has repeated blocks of configuration where the + only thing that changes is a numeric value (e.g. for VRIDs from + 1 to 255) this allows the block to be defined once, and a + single line using ~SEQ can then generate all the blocks. + - Use REALLOC when building a multiline definition. The code + used to use MALLOC, strcpy() and FREE, but REALLOC can do all + this for us. + - Improve mem-check diagnostics. When using an allocation list + of over 50,000 entries, it was quite slow searching thtough all + the entries to find the matching memory allocation, and to find + free entries. This commit changes to using malloc() to create + entries, and a red-black tree to hold the entries. It also has + a separate list of free entries. This commit also adds 4 more + types of memory allocation error, and improves the consistency + of the entries in the log files. + - Don't attempt to delete VMAC when underlying interface is + deleted. If the underlying interface of one of our vmacs is + deleted, and we know the vmac has been deleted, don't attempt + to delete it again. + - Include master state in determining if vmacs are up or down + Netlink doesn't send messages for a state change of a macvlan + when the master device changes state, so we have to track that + for ourselves. + - Turn off parser debugging. + - Make test/mk_if create iptables chains. + - Handle interfaces not existing when keepalived terminates. If + the underlying interface of a vmac we created has been deleted, + the vmac will not exist so don't attempt to delete it again. + Also, don't attempt to reset the configuration of the + underlying interface. + - Handle the underlying interface of a macvlan interface going + up/down. The kernel doesn't send netlink messages for macvlans + going up or down when the underlying interface transitions (it + doesn't even update their status to say they are up/down), but + the interfaces don't work. We need to track the state of the + underlying interfaces and propagate that to the macvlan + interfaces. + - Fix duplicate value in track_t enum. + - Fix check for matching track types. + - Treat macvtap interfaces in the same way as macvlan interfaces. + - Improve handling of interfaces not existing when keepalived + starts. + - Fix handling interface deletion and creation of vmacs on + macvlan i/fs. + - When interface created, open sockets on it if used by VRRP + directly If an interface is created that has vrrp instances + configured on it that don't use VMACs, or use vmac_xmit_base, + then the raw sockets must be opened. + - Force seeing a transition to up state when an interface is + created. + - Fix netlink remnant data error. + - Add command line and configuration option to set umask. Issue + #1048 identified that files created by keepalived are created + with mode 0666. This commit changes the default to 0644, and + also allows the umask to be specified in the configuration or + as a command line option. + - Fix compile warning introduced in commit c6247a9. Commit + c6247a9 - "Add command line and configuration option to set + umask" introduced a compile warning, although the code would + have worked OK. + - When opening files for write, ensure they aren't symbolic + links. Issue #1048 identified that if, for example, a non + privileged user created a symbolic link from + /etc/keepalvied.data to /etc/passwd, writing to + /etc/keepalived.data (which could be invoked via DBus) would + cause /etc/passwd to be overwritten. This commit stops + keepalived writing to pathnames where the ultimate component is + a symbolic link, by setting O_NOFOLLOW whenever opening a file + for writing. This might break some setups, where, for example, + /etc/keepalived.data was a symbolic link to + /home/fred/keepalived.data. If this was the case, instead + create a symbolic link from /home/fred/keepalived.data to + /tmp/keepalived.data, so that the file is still accessible + via /home/fred/keepalived.data. There doesn't appear to be a + way around this backward incompatibility, since even checking + if the pathname is a symbolic link prior to opening for + writing would create a race condition. + - Make netlink error messages more meaningful. + - Fix compiling without support for macvlans. + - fix uninitialized structure. The linkinfo and linkattr + structures were not initialized, so we should not expect that + unexistant attributes are set to NULL. Add the missing + memset(). + - fix socket allocation with dynamic interfaces. When there are + several vrrp instance binding different interfaces that don't + exist at startup, their ifindex is set to 0 in the sock. The + function already_exist_sock() that lookup for an existing + socket will always return the first sock because the ifindex is + the same. Later, when an interface appears, the fd will be + created for one instance, and all instances will wrongly use + this fd to send the advertisments. Fix this by using the + interface structure pointer instead of the ifindex as the key + for sock lookup. The problem was identified by Olivier Matz + who also provided a patch fixing the problem. This patch is a + slight rework of Olivier's patch, better using the existing + data structures that keepalived already holds. + - When creating a macvlan interface, use AF_UNSPEC rather than + AF_INET. + - Stop using libnl for configuring interfaces. Since there is + code to configure the interfaces using netlink without using + libnl, there is no point in having code to do it using libnl. + - Fix building on Centos 6.5. + - Stop including some files not needed after libnl removal for + i/fs. + - Fix some compilation issues when building without vrrp support. ++++ 431 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/keepalived/keepalived.changes ++++ and /work/SRC/openSUSE:Factory/.keepalived.new.19453/keepalived.changes Old: ---- keepalived-1.4.1.tar.gz New: ---- keepalived-2.0.10.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ keepalived.spec ++++++ --- /var/tmp/diff_new_pack.TS20P6/_old 2018-11-29 23:00:31.595497085 +0100 +++ /var/tmp/diff_new_pack.TS20P6/_new 2018-11-29 23:00:31.611497064 +0100 @@ -26,11 +26,15 @@ %else %bcond_with systemd %endif +%if 0%{?suse_version} > 1500 +%bcond_without dbus +%else %bcond_with dbus -%bcond_with json +%endif +%bcond_without json Name: keepalived -Version: 1.4.1 +Version: 2.0.10 Release: 0 Summary: A keepalive facility for Linux License: GPL-2.0-or-later @@ -56,6 +60,7 @@ BuildRequires: pkgconfig(libipset) BuildRequires: pkgconfig(libiptc) BuildRequires: pkgconfig(libnl-3.0) +BuildRequires: pkgconfig(libpcre2-8) BuildRequires: pkgconfig(xtables) %else BuildRequires: dbus-1-devel @@ -64,6 +69,7 @@ BuildRequires: libiptc-devel BuildRequires: libnl-devel BuildRequires: libxtables-devel +BuildRequires: pcre2-devel %endif BuildRequires: libnfnetlink-devel # BuildRequires: netsnmp-devel @@ -80,8 +86,6 @@ Requires(pre): %insserv_prereq %endif -BuildRoot: %{_tmppath}/%{name}-%{version}-build - %description This project provides facilities for load balancing and high-availability to Linux system and Linux-based infrastructures. The load-balancing framework @@ -106,10 +110,12 @@ export CFLAGS="%optflags -DOPENSSL_NO_SSL_INTERN" %configure \ --disable-silent-rules \ + --enable-bfd \ %if %{with json} --enable-json \ %endif --enable-snmp \ + --enable-snmp-checker \ --enable-snmp-vrrp \ --enable-snmp-rfc \ --enable-snmp-rfcv2 \ @@ -118,6 +124,8 @@ --enable-dbus \ --enable-dbus-create-instance \ %endif + --enable-regex \ + --enable-regex-timers \ %if %{with systemd} --with-init=systemd \ --with-systemdsystemunitdir="%{_unitdir}" \ @@ -191,7 +199,8 @@ %files %defattr(-,root,root) -%doc AUTHOR ChangeLog CONTRIBUTORS COPYING README +%license COPYING +%doc AUTHOR ChangeLog CONTRIBUTORS README %doc %{_datadir}/doc/keepalived/ %doc doc/samples/ %doc doc/keepalived.conf.SYNOPSIS doc/NOTE_vrrp_vmac.txt ++++++ keepalive-init.patch ++++++ --- /var/tmp/diff_new_pack.TS20P6/_old 2018-11-29 23:00:31.659497005 +0100 +++ /var/tmp/diff_new_pack.TS20P6/_new 2018-11-29 23:00:31.671496990 +0100 @@ -1,8 +1,8 @@ -Index: keepalived-1.4.0/keepalived/etc/init.d/keepalived.suse.init.in +Index: keepalived-2.0.7/keepalived/etc/init.d/keepalived.suse.init.in =================================================================== ---- keepalived-1.4.0.orig/keepalived/etc/init.d/keepalived.suse.init.in -+++ keepalived-1.4.0/keepalived/etc/init.d/keepalived.suse.init.in -@@ -1,23 +1,23 @@ +--- keepalived-2.0.7.orig/keepalived/etc/init.d/keepalived.suse.init.in ++++ keepalived-2.0.7/keepalived/etc/init.d/keepalived.suse.init.in +@@ -1,23 +1,24 @@ #! /bin/sh ### BEGIN INIT INFO @@ -31,6 +31,7 @@ +DAEMON_BIN='@sbindir@/keepalived' +DAEMON_CONF='@sysconfdir@/keepalived/keepalived.conf' +DAEMON_PIDFILE='@localstatedir@/run/keepalived.pid' ++DAEMON_SYSCONF='/etc/sysconfig/keepalived' +DAEMON_OPT='-d' #DAEMON_USER="root" -SUPPORTS_HUP="yes" @@ -38,7 +39,7 @@ # PidFile @localstatedir@/run/keepalived.pid # DatabaseOwner root -@@ -25,6 +25,18 @@ pid_par=${DAEMON_PIDFILE:+"-p $DAEMON_PI +@@ -25,6 +26,18 @@ pid_par=${DAEMON_PIDFILE:+"-p $DAEMON_PI usr_par=${DAEMON_USER:+"-u $DAEMON_USER"} test -x $DAEMON_BIN || exit 5 @@ -57,140 +58,14 @@ # Shell functions sourced from /etc/rc.status: # rc_check check and set local and overall rc status -@@ -60,71 +72,70 @@ rc_reset - test -e $DAEMON_PIDFILE && ! test -s $DAEMON_PIDFILE && rm $DAEMON_PIDFILE - - case "$1" in -- start) -- echo -n "Starting $DAEMON " -- if test ! -f ${DAEMON_CONF}; then -- echo -n >&2 "Configuration file, ${DAEMON_CONF} does not exist. " -- rc_status -s -- exit 6 -- fi -- checkproc $pid_par ${DAEMON_BIN} -- case $? in -- 0) echo -n "- Warning: daemon already running. " ;; -- 1) echo -n "- Warning: ${DAEMON_PIDFILE} exists. " ;; -- esac +@@ -72,8 +85,8 @@ case "$1" in + 0) echo -n "- Warning: daemon already running. " ;; + 1) echo -n "- Warning: ${DAEMON_PIDFILE} exists. " ;; + esac -# echo "startproc $usr_par $pid_par ${DAEMON_BIN} ${DAEMON_OPT}" - startproc $usr_par $pid_par ${DAEMON_BIN} ${DAEMON_OPT} -- rc_status -v -- ;; -- stop) -- echo -n "Shutting down $DAEMON " -- checkproc $pid_par ${DAEMON_BIN} || \ -- echo -n " Warning: daemon not running. " -- killproc $pid_par -t 10 ${DAEMON_BIN} -- rc_status -v -- ;; -- try-restart|condrestart) -- if test "$1" = "condrestart"; then -- echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}" -- fi -- $0 status -- if test $? = 0; then -- $0 restart -- else -- rc_reset -- fi -- rc_status -- ;; -- restart) -- $0 stop -- $0 start -- rc_status -- ;; -- force-reload|reload) -- if test "$SUPPORTS_HUP" = "yes"; then -- echo -n "Reload service $DAEMON " -- checkproc $pid_par ${DAEMON_BIN} && \ -- touch ${DAEMON_PIDFILE} || \ -- echo -n >&2 " Warning: daemon not running. " -- killproc $pid_par -HUP ${DAEMON_BIN} -- rc_status -v -- else -- $0 stop && sleep 3 && $0 start -- rc_status -- fi -- ;; -- status) -- echo -n "Checking for $DAEMON " -- checkproc $pid_par ${DAEMON_BIN} -- rc_status -v -- ;; -- probe) -- test ${DAEMON_CONF} -nt ${DAEMON_PIDFILE} && echo reload -- ;; -- *) -- echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}" -- exit 1 -- ;; -+ start) -+ echo -n "Starting $DAEMON " -+ if test ! -f ${DAEMON_CONF}; then -+ echo -n >&2 "Configuration file, ${DAEMON_CONF} does not exist. " -+ rc_status -s -+ exit 6 -+ fi -+ checkproc $pid_par ${DAEMON_BIN} -+ case $? in -+ 0) echo -n "- Warning: daemon already running. " ;; -+ 1) echo -n "- Warning: ${DAEMON_PIDFILE} exists. " ;; -+ esac -+# echo "startproc $usr_par $pid_par ${DAEMON_BIN} ${KEEPALIVED_OPTIONS}" -+ startproc $usr_par $pid_par ${DAEMON_BIN} ${KEEPALIVED_OPTIONS} -+ rc_status -v -+ ;; -+ stop) -+ echo -n "Shutting down $DAEMON " -+ checkproc $pid_par ${DAEMON_BIN} || \ -+ echo -n " Warning: daemon not running. " -+ killproc $pid_par -t 10 ${DAEMON_BIN} -+ rc_status -v -+ ;; -+ try-restart|condrestart) -+ if test "$1" = "condrestart"; then -+ echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}" -+ fi -+ $0 status -+ if test $? = 0; then -+ $0 restart -+ else -+ rc_reset -+ fi -+ rc_status -+ ;; -+ restart) -+ $0 stop -+ $0 start -+ rc_status -+ ;; -+ force-reload|reload) -+ if test "$SUPPORTS_HUP" = "yes"; then -+ echo -n "Reload service $DAEMON " -+ checkproc $pid_par ${DAEMON_BIN} && \ -+ touch ${DAEMON_PIDFILE} || \ -+ echo -n >&2 " Warning: daemon not running. " -+ killproc $pid_par -HUP ${DAEMON_BIN} -+ rc_status -v -+ else -+ $0 stop && sleep 3 && $0 start -+ rc_status -+ fi -+ ;; -+ status) -+ echo -n "Checking for $DAEMON " -+ checkproc $pid_par ${DAEMON_BIN} -+ rc_status -v -+ ;; -+ probe) -+ test ${DAEMON_CONF} -nt ${DAEMON_PIDFILE} && echo reload -+ ;; -+ *) -+ echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}" -+ exit 1 -+ ;; - esac - rc_exit -- ++# echo "startproc $usr_par $pid_par ${DAEMON_BIN} ${DAEMON_OPT} ${KEEPALIVED_OPTIONS}" ++ startproc $usr_par $pid_par ${DAEMON_BIN} ${DAEMON_OPT} ${KEEPALIVED_OPTIONS} + rc_status -v + ;; + stop) ++++++ keepalive-rpmlintrc ++++++ --- /var/tmp/diff_new_pack.TS20P6/_old 2018-11-29 23:00:31.735496912 +0100 +++ /var/tmp/diff_new_pack.TS20P6/_new 2018-11-29 23:00:31.735496912 +0100 @@ -1,2 +1,2 @@ # Those PEM files are only examples: -addFilter("pem-certificate /usr/share/doc/packages/keepalived/samples/*.pem") +addFilter("pem-certificate /usr/share/doc/packages/keepalived/samples/.*.pem") ++++++ keepalived-1.4.1.tar.gz -> keepalived-2.0.10.tar.gz ++++++ ++++ 72941 lines of diff (skipped) ++++++ linux-4.15.patch ++++++ --- /var/tmp/diff_new_pack.TS20P6/_old 2018-11-29 23:00:32.107496453 +0100 +++ /var/tmp/diff_new_pack.TS20P6/_new 2018-11-29 23:00:32.107496453 +0100 @@ -28,27 +28,41 @@ keepalived/vrrp/vrrp.c | 1 + 2 files changed, 2 insertions(+) -diff --git a/keepalived/include/vrrp_arp.h b/keepalived/include/vrrp_arp.h -index c2b4e6b5..9dd68f63 100644 ---- a/keepalived/include/vrrp_arp.h -+++ b/keepalived/include/vrrp_arp.h +Index: keepalived-2.0.9/keepalived/include/vrrp_arp.h +=================================================================== +--- keepalived-2.0.9.orig/keepalived/include/vrrp_arp.h ++++ keepalived-2.0.9/keepalived/include/vrrp_arp.h @@ -24,6 +24,7 @@ #define _VRRP_ARP_H /* system includes */ +#include <netinet/in.h> - #include <net/ethernet.h> - #include <net/if_arp.h> + #include <sys/types.h> + #include <linux/if_infiniband.h> -diff --git a/keepalived/vrrp/vrrp.c b/keepalived/vrrp/vrrp.c -index 56395363..eaa9c567 100644 ---- a/keepalived/vrrp/vrrp.c -+++ b/keepalived/vrrp/vrrp.c -@@ -26,6 +26,7 @@ - #include "config.h" +Index: keepalived-2.0.9/keepalived/vrrp/vrrp.c +=================================================================== +--- keepalived-2.0.9.orig/keepalived/vrrp/vrrp.c ++++ keepalived-2.0.9/keepalived/vrrp/vrrp.c +@@ -40,6 +40,7 @@ + #include <net/ethernet.h> /* local include */ +#define _GNU_SOURCE + #include "parser.h" + #include "vrrp_arp.h" - #include "vrrp_ndisc.h" - #include "vrrp_scheduler.h" +Index: keepalived-2.0.9/keepalived/include/vrrp_if.h +=================================================================== +--- keepalived-2.0.9.orig/keepalived/include/vrrp_if.h ++++ keepalived-2.0.9/keepalived/include/vrrp_if.h +@@ -33,9 +33,7 @@ + #include <sys/types.h> + #include <net/if.h> + #include <stdio.h> +-#ifdef _HAVE_NET_LINUX_IF_H_COLLISION_ + #define _LINUX_IF_H +-#endif + #include <linux/netdevice.h> + #ifdef _HAVE_VRRP_VMAC_ + #include <linux/if_link.h>