From 4e852590a863ce1fb25eaa0947d795ea547e229c Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Sep 23 2022 10:08:34 +0000 Subject: import booth-1.0-199.2.ac1d34c.git.el8 --- diff --git a/SOURCES/bz2111668-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch b/SOURCES/bz2111668-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch new file mode 100644 index 0000000..3ab2586 --- /dev/null +++ b/SOURCES/bz2111668-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch @@ -0,0 +1,30 @@ +From 35bf0b7b048d715f671eb68974fb6b4af6528c67 Mon Sep 17 00:00:00 2001 +From: Jan Friesse +Date: Mon, 4 Jul 2022 09:39:47 +0200 +Subject: [PATCH] Revert "Refactor: main: substitute is_auth_req macro" + +This reverts commit da79b8ba28ad4837a0fee13e5f8fb6f89fe0e24c. + +authfile != authkey + +Signed-off-by: Jan Friesse +--- + src/main.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/main.c b/src/main.c +index b50a883..b4a174f 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -364,7 +364,7 @@ static int setup_config(int type) + if (rv < 0) + goto out; + +- if (is_auth_req()) { ++ if (booth_conf->authfile[0] != '\0') { + rv = read_authkey(); + if (rv < 0) + goto out; +-- +2.37.1 + diff --git a/SOURCES/bz2111668-2-config-Add-enable-authfile-option.patch b/SOURCES/bz2111668-2-config-Add-enable-authfile-option.patch new file mode 100644 index 0000000..a3adc72 --- /dev/null +++ b/SOURCES/bz2111668-2-config-Add-enable-authfile-option.patch @@ -0,0 +1,106 @@ +From 466246c2fa8ea1bcc06593fbf7b900d0665606b1 Mon Sep 17 00:00:00 2001 +From: Jan Friesse +Date: Tue, 26 Jul 2022 18:39:38 +0200 +Subject: [PATCH] config: Add enable-authfile option + +This option enables (or disables) usage of authfile. Can be 'yes' or 'no'. +Default is 'no'. + +Booth usage of authfile was broken for long time (since commit +da79b8ba28ad4837a0fee13e5f8fb6f89fe0e24c). + +Pcs was adding authfile by default, but it was not used. Once booth bug +was fixed problem appears because mixed clusters (with fixed version and +without fixed one) stops working. + +This non-upstream option is added and used to allow use of +authfile without breaking compatibility for clusters +consisting of mixed versions (usually happens before all nodes are +updated) of booth (user have to explicitly +enable usage of authfile). + +This patch is transitional and will be removed in future major version of +distribution. + +Signed-off-by: Jan Friesse +--- + docs/boothd.8.txt | 7 +++++++ + src/config.c | 17 +++++++++++++++++ + src/config.h | 1 + + src/main.c | 2 +- + 4 files changed, 26 insertions(+), 1 deletion(-) + +diff --git a/docs/boothd.8.txt b/docs/boothd.8.txt +index f58f27e..12f66f9 100644 +--- a/docs/boothd.8.txt ++++ b/docs/boothd.8.txt +@@ -230,6 +230,13 @@ will always bind and listen to both UDP and TCP ports. + parameter to a higher value. The time skew test is performed + only in concert with authentication. + ++*'enable-authfile'*:: ++ Enables (or disables) usage of authfile. Can be 'yes' or 'no'. ++ Default is 'no'. ++ This is non-upstream option used to allow use of authfile without ++ breaking compatibility for clusters consisting of mixed ++ versions of booth. ++ + *'site'*:: + Defines a site Raft member with the given IP. Sites can + acquire tickets. The sites' IP should be managed by the cluster. +diff --git a/src/config.c b/src/config.c +index 8e41553..b9df3e3 100644 +--- a/src/config.c ++++ b/src/config.c +@@ -729,6 +729,23 @@ no_value: + booth_conf->maxtimeskew = atoi(val); + continue; + } ++ ++ if (strcmp(key, "enable-authfile") == 0) { ++ if (strcasecmp(val, "yes") == 0 || ++ strcasecmp(val, "on") == 0 || ++ strcasecmp(val, "1") == 0) { ++ booth_conf->enable_authfile = 1; ++ } else if (strcasecmp(val, "no") == 0 || ++ strcasecmp(val, "off") == 0 || ++ strcasecmp(val, "0") == 0) { ++ booth_conf->enable_authfile = 0; ++ } else { ++ error = "Expected yes/no value for enable-authfile"; ++ goto err; ++ } ++ ++ continue; ++ } + #endif + + if (strcmp(key, "site") == 0) { +diff --git a/src/config.h b/src/config.h +index bca73bc..da1e917 100644 +--- a/src/config.h ++++ b/src/config.h +@@ -297,6 +297,7 @@ struct booth_config { + struct stat authstat; + char authkey[BOOTH_MAX_KEY_LEN]; + int authkey_len; ++ int enable_authfile; + /** Maximum time skew between peers allowed */ + int maxtimeskew; + +diff --git a/src/main.c b/src/main.c +index b4a174f..0fdb295 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -364,7 +364,7 @@ static int setup_config(int type) + if (rv < 0) + goto out; + +- if (booth_conf->authfile[0] != '\0') { ++ if (booth_conf->authfile[0] != '\0' && booth_conf->enable_authfile) { + rv = read_authkey(); + if (rv < 0) + goto out; +-- +2.37.1 + diff --git a/SOURCES/bz2113967-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch b/SOURCES/bz2113967-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch deleted file mode 100644 index 3ab2586..0000000 --- a/SOURCES/bz2113967-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 35bf0b7b048d715f671eb68974fb6b4af6528c67 Mon Sep 17 00:00:00 2001 -From: Jan Friesse -Date: Mon, 4 Jul 2022 09:39:47 +0200 -Subject: [PATCH] Revert "Refactor: main: substitute is_auth_req macro" - -This reverts commit da79b8ba28ad4837a0fee13e5f8fb6f89fe0e24c. - -authfile != authkey - -Signed-off-by: Jan Friesse ---- - src/main.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/main.c b/src/main.c -index b50a883..b4a174f 100644 ---- a/src/main.c -+++ b/src/main.c -@@ -364,7 +364,7 @@ static int setup_config(int type) - if (rv < 0) - goto out; - -- if (is_auth_req()) { -+ if (booth_conf->authfile[0] != '\0') { - rv = read_authkey(); - if (rv < 0) - goto out; --- -2.37.1 - diff --git a/SOURCES/bz2113967-2-config-Add-enable-authfile-option.patch b/SOURCES/bz2113967-2-config-Add-enable-authfile-option.patch deleted file mode 100644 index a3adc72..0000000 --- a/SOURCES/bz2113967-2-config-Add-enable-authfile-option.patch +++ /dev/null @@ -1,106 +0,0 @@ -From 466246c2fa8ea1bcc06593fbf7b900d0665606b1 Mon Sep 17 00:00:00 2001 -From: Jan Friesse -Date: Tue, 26 Jul 2022 18:39:38 +0200 -Subject: [PATCH] config: Add enable-authfile option - -This option enables (or disables) usage of authfile. Can be 'yes' or 'no'. -Default is 'no'. - -Booth usage of authfile was broken for long time (since commit -da79b8ba28ad4837a0fee13e5f8fb6f89fe0e24c). - -Pcs was adding authfile by default, but it was not used. Once booth bug -was fixed problem appears because mixed clusters (with fixed version and -without fixed one) stops working. - -This non-upstream option is added and used to allow use of -authfile without breaking compatibility for clusters -consisting of mixed versions (usually happens before all nodes are -updated) of booth (user have to explicitly -enable usage of authfile). - -This patch is transitional and will be removed in future major version of -distribution. - -Signed-off-by: Jan Friesse ---- - docs/boothd.8.txt | 7 +++++++ - src/config.c | 17 +++++++++++++++++ - src/config.h | 1 + - src/main.c | 2 +- - 4 files changed, 26 insertions(+), 1 deletion(-) - -diff --git a/docs/boothd.8.txt b/docs/boothd.8.txt -index f58f27e..12f66f9 100644 ---- a/docs/boothd.8.txt -+++ b/docs/boothd.8.txt -@@ -230,6 +230,13 @@ will always bind and listen to both UDP and TCP ports. - parameter to a higher value. The time skew test is performed - only in concert with authentication. - -+*'enable-authfile'*:: -+ Enables (or disables) usage of authfile. Can be 'yes' or 'no'. -+ Default is 'no'. -+ This is non-upstream option used to allow use of authfile without -+ breaking compatibility for clusters consisting of mixed -+ versions of booth. -+ - *'site'*:: - Defines a site Raft member with the given IP. Sites can - acquire tickets. The sites' IP should be managed by the cluster. -diff --git a/src/config.c b/src/config.c -index 8e41553..b9df3e3 100644 ---- a/src/config.c -+++ b/src/config.c -@@ -729,6 +729,23 @@ no_value: - booth_conf->maxtimeskew = atoi(val); - continue; - } -+ -+ if (strcmp(key, "enable-authfile") == 0) { -+ if (strcasecmp(val, "yes") == 0 || -+ strcasecmp(val, "on") == 0 || -+ strcasecmp(val, "1") == 0) { -+ booth_conf->enable_authfile = 1; -+ } else if (strcasecmp(val, "no") == 0 || -+ strcasecmp(val, "off") == 0 || -+ strcasecmp(val, "0") == 0) { -+ booth_conf->enable_authfile = 0; -+ } else { -+ error = "Expected yes/no value for enable-authfile"; -+ goto err; -+ } -+ -+ continue; -+ } - #endif - - if (strcmp(key, "site") == 0) { -diff --git a/src/config.h b/src/config.h -index bca73bc..da1e917 100644 ---- a/src/config.h -+++ b/src/config.h -@@ -297,6 +297,7 @@ struct booth_config { - struct stat authstat; - char authkey[BOOTH_MAX_KEY_LEN]; - int authkey_len; -+ int enable_authfile; - /** Maximum time skew between peers allowed */ - int maxtimeskew; - -diff --git a/src/main.c b/src/main.c -index b4a174f..0fdb295 100644 ---- a/src/main.c -+++ b/src/main.c -@@ -364,7 +364,7 @@ static int setup_config(int type) - if (rv < 0) - goto out; - -- if (booth_conf->authfile[0] != '\0') { -+ if (booth_conf->authfile[0] != '\0' && booth_conf->enable_authfile) { - rv = read_authkey(); - if (rv < 0) - goto out; --- -2.37.1 - diff --git a/SPECS/booth.spec b/SPECS/booth.spec index 2720f22..eae04f6 100644 --- a/SPECS/booth.spec +++ b/SPECS/booth.spec @@ -30,7 +30,7 @@ %global git_describe_str v1.0-199-gac1d34ce172678a8f5ba415e976cf2366d45e15e # Set this to 1 when rebasing (changing git_describe_str) and increase otherwise -%global release 1 +%global release 2 # Run shell script to parse git_describe str into version, numcomm and sha1 hash %global booth_ver %(s=%{git_describe_str}; vver=${s%%%%-*}; echo ${vver:1}) @@ -56,15 +56,15 @@ Name: booth Version: %{booth_ver} -Release: %{booth_numcomm}.%{release}.%{booth_short_sha1}.git%{?dist}.1 +Release: %{booth_numcomm}.%{release}.%{booth_short_sha1}.git%{?dist} Summary: Ticket Manager for Multi-site Clusters License: GPLv2+ Url: https://github.com/%{github_owner}/%{name} Source0: https://github.com/%{github_owner}/%{name}/archive/%{booth_short_sha1}/%{booth_archive_name}.tar.gz Patch0: 0001-build-Do-not-link-with-pcmk-libraries.patch Patch1: 0002-pacemaker-Handle-updated-exit-code-of-crm_ticket.patch -Patch2: bz2113967-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch -Patch3: bz2113967-2-config-Add-enable-authfile-option.patch +Patch2: bz2111668-1-Revert-Refactor-main-substitute-is_auth_req-macro.patch +Patch3: bz2111668-2-config-Add-enable-authfile-option.patch # direct build process dependencies BuildRequires: autoconf @@ -305,8 +305,8 @@ VERBOSE=1 make check %{_usr}/lib/ocf/resource.d/booth/sharedrsc %changelog -* Thu Aug 04 2022 Jan Friesse - 1.0-199.1.ac1d34c.git.1 -- Resolves: rhbz#2113967 +* Wed Aug 03 2022 Jan Friesse - 1.0-199.2.ac1d34c.git +- Resolves: rhbz#2111668 - Fix authfile directive handling in booth config file (fixes CVE-2022-2553)