summaryrefslogtreecommitdiffstats
path: root/recipes-extended
diff options
context:
space:
mode:
authorHongzhi.Song <hongzhi.song@windriver.com>2019-03-14 06:15:53 -0400
committerBruce Ashfield <bruce.ashfield@gmail.com>2019-03-17 00:19:23 +0000
commit8d19a924405ee3acd4c560aa9d381facfcaa7ac4 (patch)
tree83b36886dd8feb1eeda2f4fb63f8a705ac963db7 /recipes-extended
parent61b2b5b3e38ff63bf39007cb9b7d4773f42a5f85 (diff)
downloadmeta-cloud-services-8d19a924405ee3acd4c560aa9d381facfcaa7ac4.tar.gz
glusterfs: uprev from v3.11.1 to v5.4
The latest stable release covers some CVEs and new features. Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Diffstat (limited to 'recipes-extended')
-rw-r--r--recipes-extended/glusterfs/files/0001-dict-handle-negative-key-value-length-while-unserial.patch39
-rw-r--r--recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch70
-rw-r--r--recipes-extended/glusterfs/files/0002-posix-disable-open-read-write-on-special-files.patch93
-rw-r--r--recipes-extended/glusterfs/files/0002-server-auth-add-option-for-strict-authentication.patch280
-rw-r--r--recipes-extended/glusterfs/files/0003-glusterfs-access-trusted-peer-group-via-remote-host-.patch43
-rw-r--r--recipes-extended/glusterfs/files/0003-server-protocol-don-t-allow-.-path-in-name.patch73
-rw-r--r--recipes-extended/glusterfs/files/0004-io-stats-dump-io-stats-info-in-var-run-gluster.patch153
-rw-r--r--recipes-extended/glusterfs/files/0006-posix-remove-not-supported-get-set-content.patch297
-rw-r--r--recipes-extended/glusterfs/files/0007-protocol-don-t-use-alloca.patch400
-rw-r--r--recipes-extended/glusterfs/files/configure.ac-allow-PYTHON-values-to-be-passed-via-en.patch81
-rw-r--r--recipes-extended/glusterfs/files/dependence-on-correct-header-file-path.patch18
-rw-r--r--recipes-extended/glusterfs/files/glusterd-change-port-range.patch19
-rw-r--r--recipes-extended/glusterfs/files/glusterfs-api-remove-unnecessary-library-options.patch17
-rw-r--r--recipes-extended/glusterfs/files/glusterfs-change-default-nfs-port-number.patch18
-rw-r--r--recipes-extended/glusterfs/files/libglusterfs-Don-t-link-against-libfl.patch29
-rw-r--r--recipes-extended/glusterfs/files/python-work-around-host-and-target-python.patch56
-rw-r--r--recipes-extended/glusterfs/files/xlator-host-contamination-5.4.patch (renamed from recipes-extended/glusterfs/files/xlator-host-contamination-3.4.patch)22
-rw-r--r--recipes-extended/glusterfs/glusterfs.inc24
-rw-r--r--recipes-extended/glusterfs/glusterfs_3.11.1.bb6
-rw-r--r--recipes-extended/glusterfs/glusterfs_5.4.bb6
20 files changed, 143 insertions, 1601 deletions
diff --git a/recipes-extended/glusterfs/files/0001-dict-handle-negative-key-value-length-while-unserial.patch b/recipes-extended/glusterfs/files/0001-dict-handle-negative-key-value-length-while-unserial.patch
deleted file mode 100644
index cb3400b..0000000
--- a/recipes-extended/glusterfs/files/0001-dict-handle-negative-key-value-length-while-unserial.patch
+++ /dev/null
@@ -1,39 +0,0 @@
1From 428ee988df7d6cbe6e18becffcee5cdfb0fa9d17 Mon Sep 17 00:00:00 2001
2From: Amar Tumballi <amarts@redhat.com>
3Date: Tue, 24 Jul 2018 13:25:12 +0530
4Subject: [PATCH 1/7] dict: handle negative key/value length while unserialize
5
6Fixes: bz#1625089
7Change-Id: Ie56df0da46c242846a1ba51ccb9e011af118b119
8Signed-off-by: Amar Tumballi <amarts@redhat.com>
9
10Upstream-Status: Backport
11
12Fix CVE-2018-10911
13
14Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
15---
16 libglusterfs/src/dict.c | 7 +++++++
17 1 file changed, 7 insertions(+)
18
19diff --git a/libglusterfs/src/dict.c b/libglusterfs/src/dict.c
20index 839b426..ac0a677 100644
21--- a/libglusterfs/src/dict.c
22+++ b/libglusterfs/src/dict.c
23@@ -2751,6 +2751,13 @@ dict_unserialize (char *orig_buf, int32_t size, dict_t **fill)
24 vallen = ntoh32 (hostord);
25 buf += DICT_DATA_HDR_VAL_LEN;
26
27+ if ((keylen < 0) || (vallen < 0)) {
28+ gf_msg_callingfn ("dict", GF_LOG_ERROR, 0,
29+ LG_MSG_UNDERSIZED_BUF,
30+ "undersized length passed "
31+ "key:%d val:%d", keylen, vallen);
32+ goto out;
33+ }
34 if ((buf + keylen) > (orig_buf + size)) {
35 gf_msg_callingfn ("dict", GF_LOG_ERROR, 0,
36 LG_MSG_UNDERSIZED_BUF,
37--
382.7.4
39
diff --git a/recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch b/recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch
deleted file mode 100644
index 0e24c56..0000000
--- a/recipes-extended/glusterfs/files/0001-shared-storage-Prevent-mounting-shared-storage-from-.patch
+++ /dev/null
@@ -1,70 +0,0 @@
1From d1936056d77abcfda14386235a88ed553341a429 Mon Sep 17 00:00:00 2001
2From: Mohammed Rafi KC <rkavunga@redhat.com>
3Date: Mon, 26 Mar 2018 20:27:34 +0530
4Subject: [PATCH 1/3] shared storage: Prevent mounting shared storage from
5 non-trusted client
6
7gluster shared storage is a volume used for internal storage for
8various features including ganesha, geo-rep, snapshot.
9
10So this volume should not be exposed to the client, as it is
11a special volume for internal use.
12
13This fix wont't generate non trusted volfile for shared storage volume.
14
15Change-Id: I8ffe30ae99ec05196d75466210b84db311611a4c
16fixes: bz#1568844
17BUG: 1568844
18Signed-off-by: Mohammed Rafi KC <rkavunga@redhat.com>
19
20Upstream-Status: Backport
21Fix CVE-2018-1088
22
23Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
24
25---
26 xlators/mgmt/glusterd/src/glusterd-volgen.c | 21 +++++++++++++++++++++
27 1 file changed, 21 insertions(+)
28
29diff --git a/xlators/mgmt/glusterd/src/glusterd-volgen.c b/xlators/mgmt/glusterd/src/glusterd-volgen.c
30index 0a0668e..308c41f 100644
31--- a/xlators/mgmt/glusterd/src/glusterd-volgen.c
32+++ b/xlators/mgmt/glusterd/src/glusterd-volgen.c
33@@ -5721,6 +5721,7 @@ generate_client_volfiles (glusterd_volinfo_t *volinfo,
34 int i = 0;
35 int ret = -1;
36 char filepath[PATH_MAX] = {0,};
37+ char *volname = NULL;
38 char *types[] = {NULL, NULL, NULL};
39 dict_t *dict = NULL;
40 xlator_t *this = NULL;
41@@ -5728,6 +5729,26 @@ generate_client_volfiles (glusterd_volinfo_t *volinfo,
42
43 this = THIS;
44
45+ volname = volinfo->is_snap_volume ?
46+ volinfo->parent_volname : volinfo->volname;
47+
48+
49+ if (volname && !strcmp (volname, GLUSTER_SHARED_STORAGE) &&
50+ client_type != GF_CLIENT_TRUSTED) {
51+ /*
52+ * shared storage volume cannot be mounted from non trusted
53+ * nodes. So we are not creating volfiles for non-trusted
54+ * clients for shared volumes as well as snapshot of shared
55+ * volumes.
56+ */
57+
58+ ret = 0;
59+ gf_msg_debug ("glusterd", 0, "Skipping the non-trusted volfile"
60+ "creation for shared storage volume. Volume %s",
61+ volname);
62+ goto out;
63+ }
64+
65 enumerate_transport_reqs (volinfo->transport_type, types);
66 dict = dict_new ();
67 if (!dict)
68--
692.7.4
70
diff --git a/recipes-extended/glusterfs/files/0002-posix-disable-open-read-write-on-special-files.patch b/recipes-extended/glusterfs/files/0002-posix-disable-open-read-write-on-special-files.patch
deleted file mode 100644
index 06cd06c..0000000
--- a/recipes-extended/glusterfs/files/0002-posix-disable-open-read-write-on-special-files.patch
+++ /dev/null
@@ -1,93 +0,0 @@
1From 08dc006aac79ee1d1f6a5b7044fc973df7f00ed6 Mon Sep 17 00:00:00 2001
2From: Chen Qi <Qi.Chen@windriver.com>
3Date: Tue, 25 Sep 2018 14:02:01 +0800
4Subject: [PATCH 2/7] posix: disable open/read/write on special files
5
6In the file system, the responsibility w.r.to the block and char device
7files is related to only support for 'creating' them (using mknod(2)).
8
9Once the device files are created, the read/write syscalls for the specific
10devices are handled by the device driver registered for the specific major
11number, and depending on the minor number, it knows where to read from.
12Hence, we are at risk of reading contents from devices which are handled
13by the host kernel on server nodes.
14
15By disabling open/read/write on the device file, we would be safe with
16the bypass one can achieve from client side (using gfapi)
17
18Fixes: bz#1625096
19
20Change-Id: I48c776b0af1cbd2a5240862826d3d8918601e47f
21Signed-off-by: Amar Tumballi <amarts@redhat.com>
22
23Upstream-Status: Backport
24
25Fix CVE-2018-10923
26Modified to suite the old version of glusterfs.
27
28Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
29---
30 xlators/storage/posix/src/posix.c | 33 +++++++++++++++++++++++++++++++++
31 1 file changed, 33 insertions(+)
32
33diff --git a/xlators/storage/posix/src/posix.c b/xlators/storage/posix/src/posix.c
34index b1a529b..506ae91 100644
35--- a/xlators/storage/posix/src/posix.c
36+++ b/xlators/storage/posix/src/posix.c
37@@ -3091,6 +3091,17 @@ posix_open (call_frame_t *frame, xlator_t *this,
38 priv = this->private;
39 VALIDATE_OR_GOTO (priv, out);
40
41+ if (loc->inode &&
42+ ((loc->inode->ia_type == IA_IFBLK) ||
43+ (loc->inode->ia_type == IA_IFCHR))) {
44+ gf_msg (this->name, GF_LOG_ERROR, EINVAL,
45+ P_MSG_INVALID_ARGUMENT,
46+ "open received on a block/char file (%s)",
47+ uuid_utoa (loc->inode->gfid));
48+ op_errno = EINVAL;
49+ goto out;
50+ }
51+
52 MAKE_INODE_HANDLE (real_path, this, loc, &stbuf);
53 if (!real_path) {
54 op_ret = -1;
55@@ -3180,6 +3191,17 @@ posix_readv (call_frame_t *frame, xlator_t *this,
56 priv = this->private;
57 VALIDATE_OR_GOTO (priv, out);
58
59+ if (fd->inode &&
60+ ((fd->inode->ia_type == IA_IFBLK) ||
61+ (fd->inode->ia_type == IA_IFCHR))) {
62+ gf_msg (this->name, GF_LOG_ERROR, EINVAL,
63+ P_MSG_INVALID_ARGUMENT,
64+ "readv received on a block/char file (%s)",
65+ uuid_utoa (fd->inode->gfid));
66+ op_errno = EINVAL;
67+ goto out;
68+ }
69+
70 ret = posix_fd_ctx_get (fd, this, &pfd, &op_errno);
71 if (ret < 0) {
72 gf_msg (this->name, GF_LOG_WARNING, op_errno, P_MSG_PFD_NULL,
73@@ -3415,6 +3437,17 @@ posix_writev (call_frame_t *frame, xlator_t *this, fd_t *fd,
74
75 VALIDATE_OR_GOTO (priv, out);
76
77+ if (fd->inode &&
78+ ((fd->inode->ia_type == IA_IFBLK) ||
79+ (fd->inode->ia_type == IA_IFCHR))) {
80+ gf_msg (this->name, GF_LOG_ERROR, EINVAL,
81+ P_MSG_INVALID_ARGUMENT,
82+ "writev received on a block/char file (%s)",
83+ uuid_utoa (fd->inode->gfid));
84+ op_errno = EINVAL;
85+ goto out;
86+ }
87+
88 ret = posix_fd_ctx_get (fd, this, &pfd, &op_errno);
89 if (ret < 0) {
90 gf_msg (this->name, GF_LOG_WARNING, ret, P_MSG_PFD_NULL,
91--
922.7.4
93
diff --git a/recipes-extended/glusterfs/files/0002-server-auth-add-option-for-strict-authentication.patch b/recipes-extended/glusterfs/files/0002-server-auth-add-option-for-strict-authentication.patch
deleted file mode 100644
index 8947f27..0000000
--- a/recipes-extended/glusterfs/files/0002-server-auth-add-option-for-strict-authentication.patch
+++ /dev/null
@@ -1,280 +0,0 @@
1From a74ab3ab169add1e86aae0a99855211b948be021 Mon Sep 17 00:00:00 2001
2From: Mohammed Rafi KC <rkavunga@redhat.com>
3Date: Mon, 2 Apr 2018 12:20:47 +0530
4Subject: [PATCH 2/3] server/auth: add option for strict authentication
5
6When this option is enabled, we will check for a matching
7username and password, if not found then the connection will
8be rejected. This also does a checksum validation of volfile
9
10The option is invalid when SSL/TLS is in use, at which point
11the SSL/TLS certificate user name is used to validate and
12hence authorize the right user. This expects TLS allow rules
13to be setup correctly rather than the default *.
14
15This option is not settable, as a result this cannot be enabled
16for volumes using the CLI. This is used with the shared storage
17volume, to restrict access to the same in non-SSL/TLS environments
18to the gluster peers only.
19
20Tested:
21 ./tests/bugs/protocol/bug-1321578.t
22 ./tests/features/ssl-authz.t
23 - Ran tests on volumes with and without strict auth
24 checking (as brick vol file needed to be edited to test,
25 or rather to enable the option)
26 - Ran tests on volumes to ensure existing mounts are
27 disconnected when we enable strict checking
28
29Change-Id: I2ac4f0cfa5b59cc789cc5a265358389b04556b59
30fixes: bz#1568844
31Signed-off-by: Mohammed Rafi KC <rkavunga@redhat.com>
32Signed-off-by: ShyamsundarR <srangana@redhat.com>
33
34Upstream-Status: Backport
35Fix CVE-2018-1088
36
37Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
38
39---
40 xlators/mgmt/glusterd/src/glusterd-volgen.c | 16 +++++++-
41 xlators/protocol/auth/login/src/login.c | 51 ++++++++++++++++++++++----
42 xlators/protocol/server/src/authenticate.h | 4 +-
43 xlators/protocol/server/src/server-handshake.c | 2 +-
44 xlators/protocol/server/src/server.c | 18 +++++++++
45 xlators/protocol/server/src/server.h | 2 +
46 6 files changed, 81 insertions(+), 12 deletions(-)
47
48diff --git a/xlators/mgmt/glusterd/src/glusterd-volgen.c b/xlators/mgmt/glusterd/src/glusterd-volgen.c
49index 308c41f..8dd4907 100644
50--- a/xlators/mgmt/glusterd/src/glusterd-volgen.c
51+++ b/xlators/mgmt/glusterd/src/glusterd-volgen.c
52@@ -2250,6 +2250,7 @@ brick_graph_add_server (volgen_graph_t *graph, glusterd_volinfo_t *volinfo,
53 char *password = NULL;
54 char key[1024] = {0};
55 char *ssl_user = NULL;
56+ char *volname = NULL;
57 char *address_family_data = NULL;
58
59 if (!graph || !volinfo || !set_dict || !brickinfo)
60@@ -2325,6 +2326,19 @@ brick_graph_add_server (volgen_graph_t *graph, glusterd_volinfo_t *volinfo,
61 if (ret)
62 return -1;
63
64+ volname = volinfo->is_snap_volume ?
65+ volinfo->parent_volname : volinfo->volname;
66+
67+
68+ if (volname && !strcmp (volname, GLUSTER_SHARED_STORAGE)) {
69+ memset (key, 0, sizeof (key));
70+ snprintf (key, sizeof (key), "strict-auth-accept");
71+
72+ ret = xlator_set_option (xl, key, "true");
73+ if (ret)
74+ return -1;
75+ }
76+
77 if (dict_get_str (volinfo->dict, "auth.ssl-allow", &ssl_user) == 0) {
78 memset (key, 0, sizeof (key));
79 snprintf (key, sizeof (key), "auth.login.%s.ssl-allow",
80@@ -5734,7 +5748,7 @@ generate_client_volfiles (glusterd_volinfo_t *volinfo,
81
82
83 if (volname && !strcmp (volname, GLUSTER_SHARED_STORAGE) &&
84- client_type != GF_CLIENT_TRUSTED) {
85+ client_type != GF_CLIENT_TRUSTED) {
86 /*
87 * shared storage volume cannot be mounted from non trusted
88 * nodes. So we are not creating volfiles for non-trusted
89diff --git a/xlators/protocol/auth/login/src/login.c b/xlators/protocol/auth/login/src/login.c
90index e799dd2..da10d0b 100644
91--- a/xlators/protocol/auth/login/src/login.c
92+++ b/xlators/protocol/auth/login/src/login.c
93@@ -11,6 +11,16 @@
94 #include <fnmatch.h>
95 #include "authenticate.h"
96
97+/* Note on strict_auth
98+ * - Strict auth kicks in when authentication is using the username, password
99+ * in the volfile to login
100+ * - If enabled, auth is rejected if the username and password is not matched
101+ * or is not present
102+ * - When using SSL names, this is automatically strict, and allows only those
103+ * names that are present in the allow list, IOW strict auth checking has no
104+ * implication when using SSL names
105+*/
106+
107 auth_result_t gf_auth (dict_t *input_params, dict_t *config_params)
108 {
109 auth_result_t result = AUTH_DONT_CARE;
110@@ -27,6 +37,7 @@ auth_result_t gf_auth (dict_t *input_params, dict_t *config_params)
111 char *tmp = NULL;
112 char *username_cpy = NULL;
113 gf_boolean_t using_ssl = _gf_false;
114+ gf_boolean_t strict_auth = _gf_false;
115
116 username_data = dict_get (input_params, "ssl-name");
117 if (username_data) {
118@@ -35,16 +46,39 @@ auth_result_t gf_auth (dict_t *input_params, dict_t *config_params)
119 using_ssl = _gf_true;
120 }
121 else {
122+ ret = dict_get_str_boolean (config_params, "strict-auth-accept",
123+ _gf_false);
124+ if (ret == -1)
125+ strict_auth = _gf_false;
126+ else
127+ strict_auth = ret;
128+
129 username_data = dict_get (input_params, "username");
130 if (!username_data) {
131- gf_log ("auth/login", GF_LOG_DEBUG,
132- "username not found, returning DONT-CARE");
133+ if (strict_auth) {
134+ gf_log ("auth/login", GF_LOG_DEBUG,
135+ "username not found, strict auth"
136+ " configured returning REJECT");
137+ result = AUTH_REJECT;
138+ } else {
139+ gf_log ("auth/login", GF_LOG_DEBUG,
140+ "username not found, returning"
141+ " DONT-CARE");
142+ }
143 goto out;
144 }
145 password_data = dict_get (input_params, "password");
146 if (!password_data) {
147- gf_log ("auth/login", GF_LOG_WARNING,
148- "password not found, returning DONT-CARE");
149+ if (strict_auth) {
150+ gf_log ("auth/login", GF_LOG_DEBUG,
151+ "password not found, strict auth"
152+ " configured returning REJECT");
153+ result = AUTH_REJECT;
154+ } else {
155+ gf_log ("auth/login", GF_LOG_WARNING,
156+ "password not found, returning"
157+ " DONT-CARE");
158+ }
159 goto out;
160 }
161 password = data_to_str (password_data);
162@@ -62,9 +96,10 @@ auth_result_t gf_auth (dict_t *input_params, dict_t *config_params)
163 ret = gf_asprintf (&searchstr, "auth.login.%s.%s", brick_name,
164 using_ssl ? "ssl-allow" : "allow");
165 if (-1 == ret) {
166- gf_log ("auth/login", GF_LOG_WARNING,
167+ gf_log ("auth/login", GF_LOG_ERROR,
168 "asprintf failed while setting search string, "
169- "returning DONT-CARE");
170+ "returning REJECT");
171+ result = AUTH_REJECT;
172 goto out;
173 }
174
175@@ -92,8 +127,10 @@ auth_result_t gf_auth (dict_t *input_params, dict_t *config_params)
176 * ssl-allow=* case as well) authorization is effectively
177 * disabled, though authentication and encryption are still
178 * active.
179+ *
180+ * Read NOTE on strict_auth above.
181 */
182- if (using_ssl) {
183+ if (using_ssl || strict_auth) {
184 result = AUTH_REJECT;
185 }
186 username_cpy = gf_strdup (allow_user->data);
187diff --git a/xlators/protocol/server/src/authenticate.h b/xlators/protocol/server/src/authenticate.h
188index 3f80231..5f92183 100644
189--- a/xlators/protocol/server/src/authenticate.h
190+++ b/xlators/protocol/server/src/authenticate.h
191@@ -37,10 +37,8 @@ typedef struct {
192 volume_opt_list_t *vol_opt;
193 } auth_handle_t;
194
195-auth_result_t gf_authenticate (dict_t *input_params,
196- dict_t *config_params,
197- dict_t *auth_modules);
198 int32_t gf_auth_init (xlator_t *xl, dict_t *auth_modules);
199 void gf_auth_fini (dict_t *auth_modules);
200+auth_result_t gf_authenticate (dict_t *, dict_t *, dict_t *);
201
202 #endif /* _AUTHENTICATE_H */
203diff --git a/xlators/protocol/server/src/server-handshake.c b/xlators/protocol/server/src/server-handshake.c
204index f00804a..392a101 100644
205--- a/xlators/protocol/server/src/server-handshake.c
206+++ b/xlators/protocol/server/src/server-handshake.c
207@@ -631,7 +631,7 @@ server_setvolume (rpcsvc_request_t *req)
208 ret = dict_get_str (params, "volfile-key",
209 &volfile_key);
210 if (ret)
211- gf_msg_debug (this->name, 0, "failed to set "
212+ gf_msg_debug (this->name, 0, "failed to get "
213 "'volfile-key'");
214
215 ret = _validate_volfile_checksum (this, volfile_key,
216diff --git a/xlators/protocol/server/src/server.c b/xlators/protocol/server/src/server.c
217index 202fe71..61c6194 100644
218--- a/xlators/protocol/server/src/server.c
219+++ b/xlators/protocol/server/src/server.c
220@@ -883,6 +883,10 @@ do_rpc:
221 goto out;
222 }
223
224+ GF_OPTION_RECONF ("strict-auth-accept", conf->strict_auth_enabled,
225+ options, bool, out);
226+
227+
228 GF_OPTION_RECONF ("dynamic-auth", conf->dync_auth, options,
229 bool, out);
230
231@@ -1113,6 +1117,14 @@ init (xlator_t *this)
232 "Failed to initialize group cache.");
233 goto out;
234 }
235+
236+ ret = dict_get_str_boolean (this->options, "strict-auth-accept",
237+ _gf_false);
238+ if (ret == -1)
239+ conf->strict_auth_enabled = _gf_false;
240+ else
241+ conf->strict_auth_enabled = ret;
242+
243 ret = dict_get_str_boolean (this->options, "dynamic-auth",
244 _gf_true);
245 if (ret == -1)
246@@ -1667,5 +1679,11 @@ struct volume_options options[] = {
247 "transport connection immediately in response to "
248 "*.allow | *.reject volume set options."
249 },
250+ { .key = {"strict-auth-accept"},
251+ .type = GF_OPTION_TYPE_BOOL,
252+ .default_value = "off",
253+ .description = "strict-auth-accept reject connection with out"
254+ "a valid username and password."
255+ },
256 { .key = {NULL} },
257 };
258diff --git a/xlators/protocol/server/src/server.h b/xlators/protocol/server/src/server.h
259index 0b37eb1..7eea291 100644
260--- a/xlators/protocol/server/src/server.h
261+++ b/xlators/protocol/server/src/server.h
262@@ -24,6 +24,7 @@
263 #include "client_t.h"
264 #include "gidcache.h"
265 #include "defaults.h"
266+#include "authenticate.h"
267
268 #define DEFAULT_BLOCK_SIZE 4194304 /* 4MB */
269 #define DEFAULT_VOLUME_FILE_PATH CONFDIR "/glusterfs.vol"
270@@ -105,6 +106,7 @@ struct server_conf {
271 * false, when child is down */
272
273 gf_lock_t itable_lock;
274+ gf_boolean_t strict_auth_enabled;
275 };
276 typedef struct server_conf server_conf_t;
277
278--
2792.7.4
280
diff --git a/recipes-extended/glusterfs/files/0003-glusterfs-access-trusted-peer-group-via-remote-host-.patch b/recipes-extended/glusterfs/files/0003-glusterfs-access-trusted-peer-group-via-remote-host-.patch
deleted file mode 100644
index dcbb435..0000000
--- a/recipes-extended/glusterfs/files/0003-glusterfs-access-trusted-peer-group-via-remote-host-.patch
+++ /dev/null
@@ -1,43 +0,0 @@
1From e79741414777c25e5c2a08e6c31619a0fbaad058 Mon Sep 17 00:00:00 2001
2From: Mohit Agrawal <moagrawa@redhat.com>
3Date: Wed, 20 Jun 2018 16:13:00 +0530
4Subject: [PATCH 3/3] glusterfs: access trusted peer group via remote-host
5 command
6
7Problem: In SSL environment the user is able to access volume
8 via remote-host command without adding node in a trusted pool
9
10Solution: Change the list of rpc program in glusterd.c at the
11 time of initialization while SSL is enabled
12
13BUG: 1593232
14Change-Id: I987e433b639e68ad17b77b6452df1e22dbe0f199
15fixes: bz#1593232
16Signed-off-by: Mohit Agrawal <moagrawa@redhat.com>
17
18Upstream-Status: Backport
19Fix CVE-2018-10841
20Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
21---
22 xlators/mgmt/glusterd/src/glusterd.c | 5 -----
23 1 file changed, 5 deletions(-)
24
25diff --git a/xlators/mgmt/glusterd/src/glusterd.c b/xlators/mgmt/glusterd/src/glusterd.c
26index ef20689..5e0ed8d 100644
27--- a/xlators/mgmt/glusterd/src/glusterd.c
28+++ b/xlators/mgmt/glusterd/src/glusterd.c
29@@ -1646,11 +1646,6 @@ init (xlator_t *this)
30 goto out;
31 }
32 /*
33- * With strong authentication, we can afford to allow
34- * privileged operations over TCP.
35- */
36- gd_inet_programs[1] = &gd_svc_cli_prog;
37- /*
38 * This is the only place where we want secure_srvr to reflect
39 * the management-plane setting.
40 */
41--
422.7.4
43
diff --git a/recipes-extended/glusterfs/files/0003-server-protocol-don-t-allow-.-path-in-name.patch b/recipes-extended/glusterfs/files/0003-server-protocol-don-t-allow-.-path-in-name.patch
deleted file mode 100644
index e6ef9e3..0000000
--- a/recipes-extended/glusterfs/files/0003-server-protocol-don-t-allow-.-path-in-name.patch
+++ /dev/null
@@ -1,73 +0,0 @@
1From b89658672d137ef56bd0694457b9125bf7d45ba4 Mon Sep 17 00:00:00 2001
2From: Amar Tumballi <amarts@redhat.com>
3Date: Thu, 9 Aug 2018 13:00:01 +0530
4Subject: [PATCH 3/7] server-protocol: don't allow '../' path in 'name'
5
6This will prevent any arbitrary file creation through glusterfs
7by modifying the client bits.
8
9Also check for the similar flaw inside posix too, so we prevent any
10changes in layers in-between.
11
12Fixes: bz#1625095
13
14Signed-off-by: Amar Tumballi <amarts@redhat.com>
15Change-Id: Id9fe0ef6e86459e8ed85ab947d977f058c5ae06e
16
17Upstream-Status: Backport
18
19Fix CVE-2018-10926
20Fix CVE-2018-10927
21Fix CVE-2018-10928
22Fix CVE-2018-10929
23Fix CVE-2018-10930
24
25Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
26---
27 xlators/protocol/server/src/server-resolve.c | 12 ++++++++++++
28 xlators/storage/posix/src/posix-handle.h | 6 ++++++
29 2 files changed, 18 insertions(+)
30
31diff --git a/xlators/protocol/server/src/server-resolve.c b/xlators/protocol/server/src/server-resolve.c
32index d0126aa..aa35685 100644
33--- a/xlators/protocol/server/src/server-resolve.c
34+++ b/xlators/protocol/server/src/server-resolve.c
35@@ -294,6 +294,18 @@ resolve_entry_simple (call_frame_t *frame)
36 /* expected @parent was found from the inode cache */
37 gf_uuid_copy (state->loc_now->pargfid, resolve->pargfid);
38 state->loc_now->parent = inode_ref (parent);
39+
40+ if (strstr (resolve->bname, "../")) {
41+ /* Resolving outside the parent's tree is not allowed */
42+ gf_msg (this->name, GF_LOG_ERROR, EPERM,
43+ PS_MSG_GFID_RESOLVE_FAILED,
44+ "%s: path sent by client not allowed",
45+ resolve->bname);
46+ resolve->op_ret = -1;
47+ resolve->op_errno = EPERM;
48+ ret = 1;
49+ goto out;
50+ }
51 state->loc_now->name = resolve->bname;
52
53 inode = inode_grep (state->itable, parent, resolve->bname);
54diff --git a/xlators/storage/posix/src/posix-handle.h b/xlators/storage/posix/src/posix-handle.h
55index 9af6a7a..6e7a8d2 100644
56--- a/xlators/storage/posix/src/posix-handle.h
57+++ b/xlators/storage/posix/src/posix-handle.h
58@@ -217,6 +217,12 @@
59 break; \
60 } \
61 \
62+ if (strstr (loc->name, "../")) { \
63+ gf_msg (this->name, GF_LOG_ERROR, 0, P_MSG_ENTRY_HANDLE_CREATE, \
64+ "'../' in name not allowed: (%s)", loc->name); \
65+ op_ret = -1; \
66+ break; \
67+ } \
68 if (LOC_HAS_ABSPATH (loc)) { \
69 MAKE_REAL_PATH (entp, this, loc->path); \
70 __parp = strdupa (entp); \
71--
722.7.4
73
diff --git a/recipes-extended/glusterfs/files/0004-io-stats-dump-io-stats-info-in-var-run-gluster.patch b/recipes-extended/glusterfs/files/0004-io-stats-dump-io-stats-info-in-var-run-gluster.patch
deleted file mode 100644
index 6fb261d..0000000
--- a/recipes-extended/glusterfs/files/0004-io-stats-dump-io-stats-info-in-var-run-gluster.patch
+++ /dev/null
@@ -1,153 +0,0 @@
1From 0f9c26d5e3a0d0480ff31a800ca8f31966da10ff Mon Sep 17 00:00:00 2001
2From: Amar Tumballi <amarts@redhat.com>
3Date: Tue, 24 Jul 2018 15:42:28 +0530
4Subject: [PATCH 4/7] io-stats: dump io-stats info in /var/run/gluster
5
6It wouldn't make sense to allow iostats file to be written in
7*any* directory. While the formating makes sure we try to append
8io-stats-name for the file, so overwriting existing file is slim,
9but in any case it makes sense to restrict dumping to one directory.
10
11Below are the sample commands, and files created for the corresponding
12values:
13
14 $ setfattr -n trusted.io-stats-dump -v file-for-dump $M0
15
16In this case, the file would be in /var/run/gluster/file-for-dump
17
18 $ setfattr -n trusted.io-stats-dump -v /dir1/dir2/file-for-dump $M0
19
20In this case, then the dump file is in /var/run/gluster/dir1-dir2-file-for-dump
21
22Note that the value passed for this virtual xattr would be treated as a
23file, and even if the value has '/' in it, it would be changed to '-'
24for sanity.
25
26Fixes: bz#1625106
27
28Change-Id: Id9ae6a40a190b8937c51662e6e1c2a0f6c86a0e0
29Signed-off-by: Amar Tumballi <amarts@redhat.com>
30
31Upstream-Status: Backport
32
33Fix CVE-2018-10904
34
35Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
36---
37 tests/bugs/core/io-stats-1322825.t | 12 ++++++------
38 xlators/debug/io-stats/src/io-stats.c | 34 +++++++++++++++++++++++++---------
39 2 files changed, 31 insertions(+), 15 deletions(-)
40
41diff --git a/tests/bugs/core/io-stats-1322825.t b/tests/bugs/core/io-stats-1322825.t
42index d232ecb..53f2d04 100755
43--- a/tests/bugs/core/io-stats-1322825.t
44+++ b/tests/bugs/core/io-stats-1322825.t
45@@ -23,7 +23,7 @@ TEST $CLI volume profile $V0 start
46 TEST mkdir $M0/dir1
47
48 # Generate the stat dump across the io-stat instances
49-TEST setfattr -n trusted.io-stats-dump -v /tmp/io-stats-1322825 $M0
50+TEST setfattr -n trusted.io-stats-dump -v io-stats-1322825 $M0
51
52 # Check if $M0 is clean w.r.t xattr information
53 # TODO: if there are better ways to check we really get no attr error, please
54@@ -42,12 +42,12 @@ ret=$(echo $?)
55 EXPECT 0 echo $ret
56
57 # Check if we have 5 io-stat files in /tmp
58-EXPECT 5 ls -1 /tmp/io-stats-1322825*
59+EXPECT 5 ls -1 /var/run/gluster/io-stats-1322825*
60 # Cleanup the 5 generated files
61-rm -f /tmp/io-stats-1322825*
62+rm -f /var/run/gluster/io-stats-1322825*
63
64 # Rinse and repeat above for a directory
65-TEST setfattr -n trusted.io-stats-dump -v /tmp/io-stats-1322825 $M0/dir1
66+TEST setfattr -n trusted.io-stats-dump -v io-stats-1322825 $M0/dir1
67 getfattr -n trusted.io-stats-dump $B0/${V0}1/dir1 2>&1 | grep -qi "no such attribute"
68 ret=$(echo $?)
69 EXPECT 0 echo $ret
70@@ -61,7 +61,7 @@ getfattr -n trusted.io-stats-dump $B0/${V0}4/dir1 2>&1 | grep -qi "no such attri
71 ret=$(echo $?)
72 EXPECT 0 echo $ret
73
74-EXPECT 5 ls -1 /tmp/io-stats-1322825*
75-rm -f /tmp/io-stats-1322825*
76+EXPECT 5 ls -1 /var/run/gluster/io-stats-1322825*
77+rm -f /var/run/gluster/io-stats-1322825*
78
79 cleanup;
80diff --git a/xlators/debug/io-stats/src/io-stats.c b/xlators/debug/io-stats/src/io-stats.c
81index d9d1e1d..72fa39c 100644
82--- a/xlators/debug/io-stats/src/io-stats.c
83+++ b/xlators/debug/io-stats/src/io-stats.c
84@@ -45,6 +45,8 @@
85 #define DEFAULT_GRP_BUF_SZ 16384
86 #define IOS_BLOCK_COUNT_SIZE 32
87
88+#define IOS_STATS_DUMP_DIR DEFAULT_VAR_RUN_DIRECTORY
89+
90 typedef enum {
91 IOS_STATS_TYPE_NONE,
92 IOS_STATS_TYPE_OPEN,
93@@ -2999,7 +3001,6 @@ io_stats_fsync (call_frame_t *frame, xlator_t *this,
94 return 0;
95 }
96
97-
98 int
99 conditional_dump (dict_t *dict, char *key, data_t *value, void *data)
100 {
101@@ -3012,9 +3013,10 @@ conditional_dump (dict_t *dict, char *key, data_t *value, void *data)
102 char *filename = NULL;
103 FILE *logfp = NULL;
104 struct ios_dump_args args = {0};
105- int pid, namelen;
106+ int pid, namelen, dirlen;
107 char dump_key[100];
108 char *slash_ptr = NULL;
109+ char *path_in_value = NULL;
110
111 stub = data;
112 this = stub->this;
113@@ -3023,16 +3025,30 @@ conditional_dump (dict_t *dict, char *key, data_t *value, void *data)
114 name as well. This helps when there is more than a single io-stats
115 instance in the graph, or the client and server processes are running
116 on the same node */
117- /* hmmm... no check for this */
118- /* name format: <passed in path/filename>.<xlator name slashes to -> */
119- namelen = value->len + strlen (this->name) + 2; /* '.' and '\0' */
120+ /* For the sanity of where the file should be located, we should make
121+ sure file is written only inside RUNDIR (ie, /var/run/gluster) */
122+ /* TODO: provide an option to dump it to different directory of
123+ choice, based on options */
124+ /* name format: /var/run/gluster/<passed in path/filename>.<xlator name slashes to -> */
125+
126+ path_in_value = data_to_str (value);
127+
128+ if (strstr (path_in_value, "../")) {
129+ gf_log (this->name, GF_LOG_ERROR,
130+ "%s: no \"../\" allowed in path", path_in_value);
131+ return -1;
132+ }
133+ dirlen = strlen (IOS_STATS_DUMP_DIR);
134+ namelen = (dirlen + value->len + strlen (this->name) + 3);
135+ /* +3 for '/', '.' and '\0' added in snprintf below*/
136+
137 filename = alloca0 (namelen);
138- memcpy (filename, data_to_str (value), value->len);
139- memcpy (filename + value->len, ".", 1);
140- memcpy (filename + value->len + 1, this->name, strlen(this->name));
141+
142+ snprintf (filename, namelen, "%s/%s.%s", IOS_STATS_DUMP_DIR,
143+ path_in_value, this->name);
144
145 /* convert any slashes to '-' so that fopen works correctly */
146- slash_ptr = strchr (filename + value->len + 1, '/');
147+ slash_ptr = strchr (filename + dirlen + 1, '/');
148 while (slash_ptr) {
149 *slash_ptr = '-';
150 slash_ptr = strchr (slash_ptr, '/');
151--
1522.7.4
153
diff --git a/recipes-extended/glusterfs/files/0006-posix-remove-not-supported-get-set-content.patch b/recipes-extended/glusterfs/files/0006-posix-remove-not-supported-get-set-content.patch
deleted file mode 100644
index d35ec48..0000000
--- a/recipes-extended/glusterfs/files/0006-posix-remove-not-supported-get-set-content.patch
+++ /dev/null
@@ -1,297 +0,0 @@
1From 76ee41dcb37d3c864d9cb70f957034c246de43ab Mon Sep 17 00:00:00 2001
2From: Chen Qi <Qi.Chen@windriver.com>
3Date: Tue, 25 Sep 2018 16:31:14 +0800
4Subject: [PATCH 6/7] posix: remove not supported get/set content
5
6getting and setting a file's content using extended
7attribute worked great as a GET/PUT alternative when
8an object storage is supported on top of Gluster. But
9it needs application changes, and also, it skips some
10caching layers. It is not used over years, and not
11supported any more. Remove the dead code.
12
13Fixes: bz#1625102
14
15Change-Id: Ide3b3f1f644f6ca58558bbe45561f346f96b95b7
16Signed-off-by: Amar Tumballi <amarts@redhat.com>
17
18Upstream-Status: Backport
19
20Fix CVE-2018-10913
21Fix CVE-2018-10914
22
23Modified to suite this old version.
24
25Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
26---
27 libglusterfs/src/glusterfs.h | 6 --
28 xlators/storage/posix/src/posix-helpers.c | 166 +-----------------------------
29 xlators/storage/posix/src/posix.c | 14 ---
30 xlators/storage/posix/src/posix.h | 4 -
31 4 files changed, 1 insertion(+), 189 deletions(-)
32
33diff --git a/libglusterfs/src/glusterfs.h b/libglusterfs/src/glusterfs.h
34index 9047373..77cafcb 100644
35--- a/libglusterfs/src/glusterfs.h
36+++ b/libglusterfs/src/glusterfs.h
37@@ -152,9 +152,6 @@
38 #define GLUSTERFS_INTERNAL_FOP_KEY "glusterfs-internal-fop"
39 #define DHT_CHANGELOG_RENAME_OP_KEY "changelog.rename-op"
40
41-#define ZR_FILE_CONTENT_STR "glusterfs.file."
42-#define ZR_FILE_CONTENT_STRLEN 15
43-
44 #define GLUSTERFS_WRITE_IS_APPEND "glusterfs.write-is-append"
45 #define GLUSTERFS_WRITE_UPDATE_ATOMIC "glusterfs.write-update-atomic"
46 #define GLUSTERFS_OPEN_FD_COUNT "glusterfs.open-fd-count"
47@@ -220,9 +217,6 @@
48
49 #define STARTING_EVENT_THREADS 1
50
51-#define ZR_FILE_CONTENT_REQUEST(key) (!strncmp(key, ZR_FILE_CONTENT_STR, \
52- ZR_FILE_CONTENT_STRLEN))
53-
54 #define DEFAULT_VAR_RUN_DIRECTORY DATADIR "/run/gluster"
55 #define DEFAULT_GLUSTERFSD_MISC_DIRETORY DATADIR "/lib/misc/glusterfsd"
56 #ifdef GF_LINUX_HOST_OS
57diff --git a/xlators/storage/posix/src/posix-helpers.c b/xlators/storage/posix/src/posix-helpers.c
58index 69f61bf..f849845 100644
59--- a/xlators/storage/posix/src/posix-helpers.c
60+++ b/xlators/storage/posix/src/posix-helpers.c
61@@ -890,166 +890,6 @@ out:
62 return ret;
63 }
64
65-
66-int
67-posix_set_file_contents (xlator_t *this, const char *path, char *keyp,
68- data_t *value, int flags)
69-{
70- char * key = NULL;
71- char real_path[PATH_MAX];
72- int32_t file_fd = -1;
73- int op_ret = 0;
74- int ret = -1;
75-
76-
77- /* XXX: does not handle assigning GFID to created files */
78- return -1;
79-
80- key = &(keyp[15]);
81- sprintf (real_path, "%s/%s", path, key);
82-
83- if (flags & XATTR_REPLACE) {
84- /* if file exists, replace it
85- * else, error out */
86- file_fd = open (real_path, O_TRUNC|O_WRONLY);
87-
88- if (file_fd == -1) {
89- goto create;
90- }
91-
92- if (value->len) {
93- ret = sys_write (file_fd, value->data, value->len);
94- if (ret == -1) {
95- op_ret = -errno;
96- gf_msg (this->name, GF_LOG_ERROR, errno,
97- P_MSG_SET_FILE_CONTENTS, "write failed"
98- "while doing setxattr for key %s on"
99- "path%s", key, real_path);
100- goto out;
101- }
102-
103- ret = sys_close (file_fd);
104- if (ret == -1) {
105- op_ret = -errno;
106- gf_msg (this->name, GF_LOG_ERROR, errno,
107- P_MSG_SET_FILE_CONTENTS,
108- "close failed on %s",
109- real_path);
110- goto out;
111- }
112- }
113-
114- create: /* we know file doesn't exist, create it */
115-
116- file_fd = open (real_path, O_CREAT|O_WRONLY, 0644);
117-
118- if (file_fd == -1) {
119- op_ret = -errno;
120- gf_msg (this->name, GF_LOG_ERROR, errno,
121- P_MSG_SET_FILE_CONTENTS, "failed to open file"
122- "%s with O_CREAT", key);
123- goto out;
124- }
125-
126- ret = sys_write (file_fd, value->data, value->len);
127- if (ret == -1) {
128- op_ret = -errno;
129- gf_msg (this->name, GF_LOG_ERROR, errno,
130- P_MSG_SET_FILE_CONTENTS, "write failed on %s"
131- "while setxattr with key %s", real_path, key);
132- goto out;
133- }
134-
135- ret = sys_close (file_fd);
136- if (ret == -1) {
137- op_ret = -errno;
138- gf_msg (this->name, GF_LOG_ERROR, errno,
139- P_MSG_SET_FILE_CONTENTS, "close failed on"
140- " %s while setxattr with key %s",
141- real_path, key);
142- goto out;
143- }
144- }
145-
146-out:
147- return op_ret;
148-}
149-
150-
151-int
152-posix_get_file_contents (xlator_t *this, uuid_t pargfid,
153- const char *name, char **contents)
154-{
155- char *real_path = NULL;
156- int32_t file_fd = -1;
157- struct iatt stbuf = {0,};
158- int op_ret = 0;
159- int ret = -1;
160-
161-
162- MAKE_HANDLE_PATH (real_path, this, pargfid, name);
163- if (!real_path) {
164- op_ret = -ESTALE;
165- gf_msg (this->name, GF_LOG_ERROR, ESTALE,
166- P_MSG_XDATA_GETXATTR,
167- "Failed to create handle path for %s/%s",
168- uuid_utoa (pargfid), name);
169- goto out;
170- }
171-
172- op_ret = posix_istat (this, pargfid, name, &stbuf);
173- if (op_ret == -1) {
174- op_ret = -errno;
175- gf_msg (this->name, GF_LOG_ERROR, errno, P_MSG_XDATA_GETXATTR,
176- "lstat failed on %s", real_path);
177- goto out;
178- }
179-
180- file_fd = open (real_path, O_RDONLY);
181-
182- if (file_fd == -1) {
183- op_ret = -errno;
184- gf_msg (this->name, GF_LOG_ERROR, errno, P_MSG_XDATA_GETXATTR,
185- "open failed on %s", real_path);
186- goto out;
187- }
188-
189- *contents = GF_CALLOC (stbuf.ia_size + 1, sizeof(char),
190- gf_posix_mt_char);
191- if (! *contents) {
192- op_ret = -errno;
193- goto out;
194- }
195-
196- ret = sys_read (file_fd, *contents, stbuf.ia_size);
197- if (ret <= 0) {
198- op_ret = -1;
199- gf_msg (this->name, GF_LOG_ERROR, errno, P_MSG_XDATA_GETXATTR,
200- "read on %s failed", real_path);
201- goto out;
202- }
203-
204- *contents[stbuf.ia_size] = '\0';
205-
206- op_ret = sys_close (file_fd);
207- file_fd = -1;
208- if (op_ret == -1) {
209- op_ret = -errno;
210- gf_msg (this->name, GF_LOG_ERROR, errno, P_MSG_XDATA_GETXATTR,
211- "close on %s failed", real_path);
212- goto out;
213- }
214-
215-out:
216- if (op_ret < 0) {
217- GF_FREE (*contents);
218- if (file_fd != -1)
219- sys_close (file_fd);
220- }
221-
222- return op_ret;
223-}
224-
225 #ifdef HAVE_SYS_ACL_H
226 int
227 posix_pacl_set (const char *path, const char *key, const char *acl_s)
228@@ -1154,9 +994,6 @@ posix_handle_pair (xlator_t *this, const char *real_path,
229 if (XATTR_IS_PATHINFO (key)) {
230 ret = -EACCES;
231 goto out;
232- } else if (ZR_FILE_CONTENT_REQUEST(key)) {
233- ret = posix_set_file_contents (this, real_path, key, value,
234- flags);
235 } else if (GF_POSIX_ACL_REQUEST (key)) {
236 if (stbuf && IS_DHT_LINKFILE_MODE (stbuf))
237 goto out;
238@@ -1609,8 +1446,7 @@ _handle_entry_create_keyvalue_pair (dict_t *d, char *k, data_t *v,
239 !strcmp ("gfid-req", k) ||
240 !strcmp (POSIX_ACL_DEFAULT_XATTR, k) ||
241 !strcmp (POSIX_ACL_ACCESS_XATTR, k) ||
242- posix_xattr_ignorable (k) ||
243- ZR_FILE_CONTENT_REQUEST(k)) {
244+ posix_xattr_ignorable (k)) {
245 return 0;
246 }
247
248diff --git a/xlators/storage/posix/src/posix.c b/xlators/storage/posix/src/posix.c
249index 506ae91..a69e8f6 100644
250--- a/xlators/storage/posix/src/posix.c
251+++ b/xlators/storage/posix/src/posix.c
252@@ -4427,7 +4427,6 @@ posix_getxattr (call_frame_t *frame, xlator_t *this,
253 char *value = NULL;
254 char *real_path = NULL;
255 dict_t *dict = NULL;
256- char *file_contents = NULL;
257 int ret = -1;
258 char *path = NULL;
259 char *rpath = NULL;
260@@ -4458,19 +4457,6 @@ posix_getxattr (call_frame_t *frame, xlator_t *this,
261 goto out;
262 }
263
264- if (loc->inode && IA_ISDIR(loc->inode->ia_type) && name &&
265- ZR_FILE_CONTENT_REQUEST(name)) {
266- ret = posix_get_file_contents (this, loc->gfid, &name[15],
267- &file_contents);
268- if (ret < 0) {
269- op_errno = -ret;
270- gf_msg (this->name, GF_LOG_ERROR, op_errno,
271- P_MSG_FILE_FAILED, "getting file contents"
272- "failed");
273- goto out;
274- }
275- }
276-
277 dict = dict_new ();
278 if (!dict) {
279 op_errno = ENOMEM;
280diff --git a/xlators/storage/posix/src/posix.h b/xlators/storage/posix/src/posix.h
281index febd432..3d2566b 100644
282--- a/xlators/storage/posix/src/posix.h
283+++ b/xlators/storage/posix/src/posix.h
284@@ -250,10 +250,6 @@ int posix_handle_pair (xlator_t *this, const char *real_path, char *key,
285 int posix_fhandle_pair (xlator_t *this, int fd, char *key, data_t *value,
286 int flags, struct iatt *stbuf);
287 void posix_spawn_janitor_thread (xlator_t *this);
288-int posix_get_file_contents (xlator_t *this, uuid_t pargfid,
289- const char *name, char **contents);
290-int posix_set_file_contents (xlator_t *this, const char *path, char *key,
291- data_t *value, int flags);
292 int posix_acl_xattr_set (xlator_t *this, const char *path, dict_t *xattr_req);
293 int posix_gfid_heal (xlator_t *this, const char *path, loc_t *loc, dict_t *xattr_req);
294 int posix_entry_create_xattr_set (xlator_t *this, const char *path,
295--
2962.7.4
297
diff --git a/recipes-extended/glusterfs/files/0007-protocol-don-t-use-alloca.patch b/recipes-extended/glusterfs/files/0007-protocol-don-t-use-alloca.patch
deleted file mode 100644
index bd45437..0000000
--- a/recipes-extended/glusterfs/files/0007-protocol-don-t-use-alloca.patch
+++ /dev/null
@@ -1,400 +0,0 @@
1From 7d8d9bd27f245739a6f297e4ecfc87b90c783987 Mon Sep 17 00:00:00 2001
2From: Chen Qi <Qi.Chen@windriver.com>
3Date: Wed, 26 Sep 2018 09:47:28 +0800
4Subject: [PATCH 7/7] protocol: don't use alloca
5
6current implementation of alloca can cause issues when strings larger
7than the allocated buffer is passed to the xdr. Hence it makes sense
8to allow XDR decode functions to deal with memory allocations, which
9we can free later.
10
11Fixes: bz#1625097
12
13Change-Id: I3a05553f5702de9575c244649ca0e5ac9abaac94
14Signed-off-by: Amar Tumballi <amarts@redhat.com>
15
16Upstream-Status: Backport
17
18Fix CVE-2018-10907
19
20Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
21---
22 xlators/protocol/server/src/server-rpc-fops.c | 73 +++++++++++----------------
23 1 file changed, 30 insertions(+), 43 deletions(-)
24
25diff --git a/xlators/protocol/server/src/server-rpc-fops.c b/xlators/protocol/server/src/server-rpc-fops.c
26index 0ba4ffa..d3a44fc 100644
27--- a/xlators/protocol/server/src/server-rpc-fops.c
28+++ b/xlators/protocol/server/src/server-rpc-fops.c
29@@ -3983,8 +3983,6 @@ server3_3_create (rpcsvc_request_t *req)
30 if (!req)
31 return ret;
32
33- args.bname = alloca (req->msg[0].iov_len);
34-
35 ret = xdr_to_generic (req->msg[0], &args,
36 (xdrproc_t)xdr_gfs3_create_req);
37 if (ret < 0) {
38@@ -4034,6 +4032,7 @@ server3_3_create (rpcsvc_request_t *req)
39 out:
40 /* memory allocated by libc, don't use GF_FREE */
41 free (args.xdata.xdata_val);
42+ free (args.bname);
43
44 if (op_errno)
45 SERVER_REQ_SET_ERROR (req, ret);
46@@ -4693,8 +4692,6 @@ server3_3_unlink (rpcsvc_request_t *req)
47 if (!req)
48 return ret;
49
50- args.bname = alloca (req->msg[0].iov_len);
51-
52 ret = xdr_to_generic (req->msg[0], &args,
53 (xdrproc_t)xdr_gfs3_unlink_req);
54 if (ret < 0) {
55@@ -4734,6 +4731,7 @@ server3_3_unlink (rpcsvc_request_t *req)
56 resolve_and_resume (frame, server_unlink_resume);
57 out:
58 free (args.xdata.xdata_val);
59+ free (args.bname);
60
61 if (op_errno)
62 SERVER_REQ_SET_ERROR (req, ret);
63@@ -4755,8 +4753,6 @@ server3_3_setxattr (rpcsvc_request_t *req)
64 if (!req)
65 return ret;
66
67- args.dict.dict_val = alloca (req->msg[0].iov_len);
68-
69 ret = xdr_to_generic (req->msg[0], &args,
70 (xdrproc_t)xdr_gfs3_setxattr_req);
71 if (ret < 0) {
72@@ -4809,6 +4805,7 @@ server3_3_setxattr (rpcsvc_request_t *req)
73
74 out:
75 free (args.xdata.xdata_val);
76+ free (args.dict.dict_val);
77
78 if (op_errno)
79 SERVER_REQ_SET_ERROR (req, ret);
80@@ -4834,7 +4831,6 @@ server3_3_fsetxattr (rpcsvc_request_t *req)
81 if (!req)
82 return ret;
83
84- args.dict.dict_val = alloca (req->msg[0].iov_len);
85 ret = xdr_to_generic (req->msg[0], &args,
86 (xdrproc_t)xdr_gfs3_fsetxattr_req);
87 if (ret < 0) {
88@@ -4885,6 +4881,7 @@ server3_3_fsetxattr (rpcsvc_request_t *req)
89
90 out:
91 free (args.xdata.xdata_val);
92+ free (args.dict.dict_val);
93
94 if (op_errno)
95 SERVER_REQ_SET_ERROR (req, ret);
96@@ -4910,7 +4907,6 @@ server3_3_fxattrop (rpcsvc_request_t *req)
97 if (!req)
98 return ret;
99
100- args.dict.dict_val = alloca (req->msg[0].iov_len);
101 ret = xdr_to_generic (req->msg[0], &args,
102 (xdrproc_t)xdr_gfs3_fxattrop_req);
103 if (ret < 0) {
104@@ -4961,6 +4957,7 @@ server3_3_fxattrop (rpcsvc_request_t *req)
105
106 out:
107 free (args.xdata.xdata_val);
108+ free (args.dict.dict_val);
109
110 if (op_errno)
111 SERVER_REQ_SET_ERROR (req, ret);
112@@ -4986,8 +4983,6 @@ server3_3_xattrop (rpcsvc_request_t *req)
113 if (!req)
114 return ret;
115
116- args.dict.dict_val = alloca (req->msg[0].iov_len);
117-
118 ret = xdr_to_generic (req->msg[0], &args,
119 (xdrproc_t)xdr_gfs3_xattrop_req);
120 if (ret < 0) {
121@@ -5037,6 +5032,7 @@ server3_3_xattrop (rpcsvc_request_t *req)
122
123 out:
124 free (args.xdata.xdata_val);
125+ free (args.dict.dict_val);
126
127 if (op_errno)
128 SERVER_REQ_SET_ERROR (req, ret);
129@@ -5060,8 +5056,6 @@ server3_3_getxattr (rpcsvc_request_t *req)
130 if (!req)
131 return ret;
132
133- args.name = alloca (256);
134-
135 ret = xdr_to_generic (req->msg[0], &args,
136 (xdrproc_t)xdr_gfs3_getxattr_req);
137 if (ret < 0) {
138@@ -5104,6 +5098,7 @@ server3_3_getxattr (rpcsvc_request_t *req)
139 resolve_and_resume (frame, server_getxattr_resume);
140 out:
141 free (args.xdata.xdata_val);
142+ free (args.name);
143
144 if (op_errno)
145 SERVER_REQ_SET_ERROR (req, ret);
146@@ -5124,7 +5119,6 @@ server3_3_fgetxattr (rpcsvc_request_t *req)
147 if (!req)
148 return ret;
149
150- args.name = alloca (256);
151 ret = xdr_to_generic (req->msg[0], &args,
152 (xdrproc_t)xdr_gfs3_fgetxattr_req);
153 if (ret < 0) {
154@@ -5165,6 +5159,7 @@ server3_3_fgetxattr (rpcsvc_request_t *req)
155 resolve_and_resume (frame, server_fgetxattr_resume);
156 out:
157 free (args.xdata.xdata_val);
158+ free (args.name);
159
160 if (op_errno)
161 SERVER_REQ_SET_ERROR (req, ret);
162@@ -5186,8 +5181,6 @@ server3_3_removexattr (rpcsvc_request_t *req)
163 if (!req)
164 return ret;
165
166- args.name = alloca (256);
167-
168 ret = xdr_to_generic (req->msg[0], &args,
169 (xdrproc_t)xdr_gfs3_removexattr_req);
170 if (ret < 0) {
171@@ -5225,6 +5218,7 @@ server3_3_removexattr (rpcsvc_request_t *req)
172 resolve_and_resume (frame, server_removexattr_resume);
173 out:
174 free (args.xdata.xdata_val);
175+ free (args.name);
176
177 if (op_errno)
178 SERVER_REQ_SET_ERROR (req, ret);
179@@ -5244,8 +5238,6 @@ server3_3_fremovexattr (rpcsvc_request_t *req)
180 if (!req)
181 return ret;
182
183- args.name = alloca (4096);
184-
185 ret = xdr_to_generic (req->msg[0], &args,
186 (xdrproc_t)xdr_gfs3_fremovexattr_req);
187 if (ret < 0) {
188@@ -5284,6 +5276,7 @@ server3_3_fremovexattr (rpcsvc_request_t *req)
189 resolve_and_resume (frame, server_fremovexattr_resume);
190 out:
191 free (args.xdata.xdata_val);
192+ free (args.name);
193
194 if (op_errno)
195 SERVER_REQ_SET_ERROR (req, ret);
196@@ -5561,8 +5554,6 @@ server3_3_mknod (rpcsvc_request_t *req)
197 if (!req)
198 return ret;
199
200- args.bname = alloca (req->msg[0].iov_len);
201-
202 ret = xdr_to_generic (req->msg[0], &args,
203 (xdrproc_t)xdr_gfs3_mknod_req);
204 if (ret < 0) {
205@@ -5609,6 +5600,7 @@ out:
206
207 /* memory allocated by libc, don't use GF_FREE */
208 free (args.xdata.xdata_val);
209+ free (args.bname);
210
211 return ret;
212
213@@ -5627,8 +5619,6 @@ server3_3_mkdir (rpcsvc_request_t *req)
214 if (!req)
215 return ret;
216
217- args.bname = alloca (req->msg[0].iov_len);
218-
219 ret = xdr_to_generic (req->msg[0], &args,
220 (xdrproc_t)xdr_gfs3_mkdir_req);
221 if (ret < 0) {
222@@ -5674,6 +5664,7 @@ out:
223 SERVER_REQ_SET_ERROR (req, ret);
224
225 free (args.xdata.xdata_val);
226+ free (args.bname);
227
228 return ret;
229 }
230@@ -5691,8 +5682,6 @@ server3_3_rmdir (rpcsvc_request_t *req)
231 if (!req)
232 return ret;
233
234- args.bname = alloca (req->msg[0].iov_len);
235-
236 ret = xdr_to_generic (req->msg[0], &args,
237 (xdrproc_t)xdr_gfs3_rmdir_req);
238 if (ret < 0) {
239@@ -5732,6 +5721,7 @@ server3_3_rmdir (rpcsvc_request_t *req)
240 resolve_and_resume (frame, server_rmdir_resume);
241 out:
242 free (args.xdata.xdata_val);
243+ free (args.bname);
244
245 if (op_errno)
246 SERVER_REQ_SET_ERROR (req, ret);
247@@ -5754,8 +5744,6 @@ server3_3_inodelk (rpcsvc_request_t *req)
248 if (!req)
249 return ret;
250
251- args.volume = alloca (256);
252-
253 ret = xdr_to_generic (req->msg[0], &args,
254 (xdrproc_t)xdr_gfs3_inodelk_req);
255 if (ret < 0) {
256@@ -5822,6 +5810,7 @@ server3_3_inodelk (rpcsvc_request_t *req)
257 resolve_and_resume (frame, server_inodelk_resume);
258 out:
259 free (args.xdata.xdata_val);
260+ free (args.volume);
261
262 free (args.flock.lk_owner.lk_owner_val);
263
264@@ -5843,7 +5832,6 @@ server3_3_finodelk (rpcsvc_request_t *req)
265 if (!req)
266 return ret;
267
268- args.volume = alloca (256);
269 ret = xdr_to_generic (req->msg[0], &args,
270 (xdrproc_t)xdr_gfs3_finodelk_req);
271 if (ret < 0) {
272@@ -5911,6 +5899,7 @@ server3_3_finodelk (rpcsvc_request_t *req)
273 resolve_and_resume (frame, server_finodelk_resume);
274 out:
275 free (args.xdata.xdata_val);
276+ free (args.volume);
277
278 free (args.flock.lk_owner.lk_owner_val);
279
280@@ -5933,9 +5922,6 @@ server3_3_entrylk (rpcsvc_request_t *req)
281 if (!req)
282 return ret;
283
284- args.volume = alloca (256);
285- args.name = alloca (256);
286-
287 ret = xdr_to_generic (req->msg[0], &args,
288 (xdrproc_t)xdr_gfs3_entrylk_req);
289 if (ret < 0) {
290@@ -5979,6 +5965,8 @@ server3_3_entrylk (rpcsvc_request_t *req)
291 resolve_and_resume (frame, server_entrylk_resume);
292 out:
293 free (args.xdata.xdata_val);
294+ free (args.volume);
295+ free (args.name);
296
297 if (op_errno)
298 SERVER_REQ_SET_ERROR (req, ret);
299@@ -5998,9 +5986,6 @@ server3_3_fentrylk (rpcsvc_request_t *req)
300 if (!req)
301 return ret;
302
303- args.name = alloca (256);
304- args.volume = alloca (256);
305-
306 ret = xdr_to_generic (req->msg[0], &args,
307 (xdrproc_t)xdr_gfs3_fentrylk_req);
308 if (ret < 0) {
309@@ -6044,6 +6029,8 @@ server3_3_fentrylk (rpcsvc_request_t *req)
310 resolve_and_resume (frame, server_fentrylk_resume);
311 out:
312 free (args.xdata.xdata_val);
313+ free (args.volume);
314+ free (args.name);
315
316 if (op_errno)
317 SERVER_REQ_SET_ERROR (req, ret);
318@@ -6121,9 +6108,6 @@ server3_3_symlink (rpcsvc_request_t *req)
319 if (!req)
320 return ret;
321
322- args.bname = alloca (req->msg[0].iov_len);
323- args.linkname = alloca (4096);
324-
325 ret = xdr_to_generic (req->msg[0], &args,
326 (xdrproc_t)xdr_gfs3_symlink_req);
327 if (ret < 0) {
328@@ -6168,6 +6152,8 @@ out:
329
330 /* memory allocated by libc, don't use GF_FREE */
331 free (args.xdata.xdata_val);
332+ free (args.linkname);
333+ free (args.bname);
334
335 return ret;
336 }
337@@ -6186,8 +6172,6 @@ server3_3_link (rpcsvc_request_t *req)
338 if (!req)
339 return ret;
340
341- args.newbname = alloca (req->msg[0].iov_len);
342-
343 ret = xdr_to_generic (req->msg[0], &args, (xdrproc_t)xdr_gfs3_link_req);
344 if (ret < 0) {
345 //failed to decode msg;
346@@ -6227,6 +6211,7 @@ server3_3_link (rpcsvc_request_t *req)
347 resolve_and_resume (frame, server_link_resume);
348 out:
349 free (args.xdata.xdata_val);
350+ free (args.newbname);
351
352 if (op_errno)
353 SERVER_REQ_SET_ERROR (req, ret);
354@@ -6247,9 +6232,6 @@ server3_3_rename (rpcsvc_request_t *req)
355 if (!req)
356 return ret;
357
358- args.oldbname = alloca (req->msg[0].iov_len);
359- args.newbname = alloca (req->msg[0].iov_len);
360-
361 ret = xdr_to_generic (req->msg[0], &args,
362 (xdrproc_t)xdr_gfs3_rename_req);
363 if (ret < 0) {
364@@ -6291,6 +6273,8 @@ server3_3_rename (rpcsvc_request_t *req)
365 resolve_and_resume (frame, server_rename_resume);
366 out:
367 free (args.xdata.xdata_val);
368+ free (args.newbname);
369+ free (args.oldbname);
370
371 if (op_errno)
372 SERVER_REQ_SET_ERROR (req, ret);
373@@ -6537,9 +6521,6 @@ server3_3_lookup (rpcsvc_request_t *req)
374
375 GF_VALIDATE_OR_GOTO ("server", req, err);
376
377- args.bname = alloca (req->msg[0].iov_len);
378- args.xdata.xdata_val = alloca (req->msg[0].iov_len);
379-
380 ret = xdr_to_generic (req->msg[0], &args,
381 (xdrproc_t)xdr_gfs3_lookup_req);
382 if (ret < 0) {
383@@ -6585,8 +6566,14 @@ server3_3_lookup (rpcsvc_request_t *req)
384 ret = 0;
385 resolve_and_resume (frame, server_lookup_resume);
386
387+ free (args.bname);
388+ free (args.xdata.xdata_val);
389+
390 return ret;
391 out:
392+ free (args.bname);
393+ free (args.xdata.xdata_val);
394+
395 server_lookup_cbk (frame, NULL, frame->this, -1, EINVAL, NULL, NULL,
396 NULL, NULL);
397 ret = 0;
398--
3992.7.4
400
diff --git a/recipes-extended/glusterfs/files/configure.ac-allow-PYTHON-values-to-be-passed-via-en.patch b/recipes-extended/glusterfs/files/configure.ac-allow-PYTHON-values-to-be-passed-via-en.patch
index e146f7d..4bbcbe9 100644
--- a/recipes-extended/glusterfs/files/configure.ac-allow-PYTHON-values-to-be-passed-via-en.patch
+++ b/recipes-extended/glusterfs/files/configure.ac-allow-PYTHON-values-to-be-passed-via-en.patch
@@ -1,6 +1,6 @@
1From ff524f14ba93eb422963c8009a108516639d9b3a Mon Sep 17 00:00:00 2001 1From f2a1c67e2b3b60ba54f506cf806437924b5242ca Mon Sep 17 00:00:00 2001
2From: Yi Zhao <yi.zhao@windriver.com> 2From: "Hongzhi.Song" <hongzhi.song@windriver.com>
3Date: Wed, 19 Jul 2017 09:40:57 +0800 3Date: Tue, 12 Mar 2019 20:21:48 -0700
4Subject: [PATCH] configure.ac: allow PYTHON values to be passed via env 4Subject: [PATCH] configure.ac: allow PYTHON values to be passed via env
5 5
6Allow the recipe can specify specific values for PYTHON. 6Allow the recipe can specify specific values for PYTHON.
@@ -8,58 +8,39 @@ Allow the recipe can specify specific values for PYTHON.
8Upstream-Status: Inappropriate [embedded specific] 8Upstream-Status: Inappropriate [embedded specific]
9 9
10Signed-off-by: Yi Zhao <yi.zhao@windriver.com> 10Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
11 11[Hongzhi: minor adjust the patch on v5.4]
12Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
12--- 13---
13 configure.ac | 26 ++++++++++---------------- 14 configure.ac | 12 ++++++++++--
14 1 file changed, 10 insertions(+), 16 deletions(-) 15 1 file changed, 10 insertions(+), 2 deletions(-)
15 16
16diff --git a/configure.ac b/configure.ac 17diff --git a/configure.ac b/configure.ac
17index 8e0652a..f49b9b3 100644 18index d55a7b2..36b0980 100644
18--- a/configure.ac 19--- a/configure.ac
19+++ b/configure.ac 20+++ b/configure.ac
20@@ -546,9 +546,6 @@ fi 21@@ -650,12 +650,20 @@ if test "x${PYTHON_VERSION}" = "x2.6"; then
21 dnl Check if version matches that we require 22 PYTHON_CFLAGS=$(python-config --includes)
22 PYTHONDEV_CPPFLAGS= 23 PYTHON_LIBS=$(python-config --libs)
23 PYTHONDEV_LDFLAGS= 24 else
24-BUILD_PYTHON_SITE_PACKAGES= 25- PKG_CHECK_MODULES([PYTHON], "python-${PYTHON_VERSION}",,true)
25-BUILD_PYTHON_INC= 26+ PKG_CHECK_MODULES([PYTHONDEV], "python-$PYTHON_VERSION", [AC_SUBST(PYTHONDEV_CPPFLAGS) AC_SUBST(PYTHONDEV_LDFLAGS)], AC_MSG_ERROR([Can not find python]))
26-BUILD_PYTHON_LIB=
27 have_python2=no
28 have_Python_h=no
29
30@@ -557,25 +554,22 @@ if echo $PYTHON_VERSION | grep -q ^2; then
31
32 dnl Use pkg-config to get runtime search patch missing from ${PYTHON}-config
33 dnl Just do "true" on failure so that configure does not bail out
34- PKG_CHECK_MODULES([PYTHON], "python-$PYTHON_VERSION",,true)
35+ PKG_CHECK_MODULES([PYTHONDEV], "python-$PYTHON_VERSION", [AC_SUBST(PYTHONDEV_CPPFLAGS) AC_SUBST(PYTHONDEV_LDFLAGS)], AC_MSG_ERROR([Can not find python]))
36
37- PYTHONDEV_CPPFLAGS="`${PYTHON}-config --cflags`"
38- dnl Edit out the flags that are not required or are conflicting
39- PYTHONDEV_CPPFLAGS=`echo ${PYTHONDEV_CPPFLAGS} | sed -e 's/-Wp,-D_FORTIFY_SOURCE=[[0-9]]//g'`
40-
41- dnl Find python libs at user configured libdir and also "lib" under prefix
42- PYTHONDEV_LDFLAGS="${PYTHON_LIBS} -L`${PYTHON}-config --prefix`/lib -L`${PYTHON}-config --prefix`/$libdir `${PYTHON}-config --ldflags`"
43-
44- BUILD_PYTHON_SITE_PACKAGES=${pythondir}
45- BUILD_PYTHON_INC=`$PYTHON -c "import sys; from distutils import sysconfig; sys.stdout.write(sysconfig.get_python_inc())" 2>/dev/null`
46- BUILD_PYTHON_LIB=python$PYTHON_VERSION
47+ if test -z "${BUILD_PYTHON_SITE_PACKAGES}"; then
48+ BUILD_PYTHON_SITE_PACKAGES=${pythondir}
49+ fi
50+ if test -z "${BUILD_PYTHON_INC}"; then
51+ BUILD_PYTHON_INC=`$PYTHON -c "import sys; from distutils import sysconfig; sys.stdout.write(sysconfig.get_python_inc())" 2>/dev/null`
52+ fi
53+ if test -z "${BUILD_PYTHON_LIB}"; then
54+ BUILD_PYTHON_LIB=python$PYTHON_VERSION
55+ fi
56
57 dnl Now check for python header using the include path obtained above
58 AC_CHECK_HEADERS([${BUILD_PYTHON_INC}/Python.h],[have_Python_h=yes],[])
59 fi 27 fi
60 28
61-AC_SUBST(PYTHONDEV_CPPFLAGS) 29 PYTHON_CFLAGS=$(echo ${PYTHON_CFLAGS} | sed -e 's|-I|-isystem |')
62-AC_SUBST(PYTHONDEV_LDFLAGS) 30
31-BUILD_PYTHON_SITE_PACKAGES=${pythondir}
32+if test -z "${BUILD_PYTHON_SITE_PACKAGES}"; then
33+ BUILD_PYTHON_SITE_PACKAGES=${pythondir}
34+fi
35+if test -z "${BUILD_PYTHON_INC}"; then
36+ BUILD_PYTHON_INC=`$PYTHON -c "import sys; from distutils import sysconfig; sys.stdout.write(sysconfig.get_python_inc())" 2>/dev/null`
37+fi
38+if test -z "${BUILD_PYTHON_LIB}"; then
39+ BUILD_PYTHON_LIB=python$PYTHON_VERSION
40+fi
63 AC_SUBST(BUILD_PYTHON_SITE_PACKAGES) 41 AC_SUBST(BUILD_PYTHON_SITE_PACKAGES)
64 AC_SUBST(BUILD_PYTHON_INC) 42
65 AC_SUBST(BUILD_PYTHON_LIB) 43 # Eval two times to expand fully. First eval replaces $exec_prefix into $prefix
44--
452.17.1
46
diff --git a/recipes-extended/glusterfs/files/dependence-on-correct-header-file-path.patch b/recipes-extended/glusterfs/files/dependence-on-correct-header-file-path.patch
index 4096cd5..a4b01c1 100644
--- a/recipes-extended/glusterfs/files/dependence-on-correct-header-file-path.patch
+++ b/recipes-extended/glusterfs/files/dependence-on-correct-header-file-path.patch
@@ -1,6 +1,6 @@
1From e585cea1d27be3769c33cf1c0a38bf0de41e2bf9 Mon Sep 17 00:00:00 2001 1From 204149d9b46ccec3a354ad4cfcc230c1fab93982 Mon Sep 17 00:00:00 2001
2From: Xulin Sun <xulin.sun@windriver.com> 2From: "Hongzhi.Song" <hongzhi.song@windriver.com>
3Date: Tue, 22 Mar 2016 16:05:32 +0800 3Date: Tue, 12 Mar 2019 22:04:12 -0700
4Subject: [PATCH] dependence on correct header file path 4Subject: [PATCH] dependence on correct header file path
5 5
6To avoid the below building error, use the correct header file path. 6To avoid the below building error, use the correct header file path.
@@ -10,21 +10,25 @@ No such file or directory
10Upstream-Status: Inappropriate [embedded specific] 10Upstream-Status: Inappropriate [embedded specific]
11 11
12Signed-off-by: Xulin Sun <xulin.sun@windriver.com> 12Signed-off-by: Xulin Sun <xulin.sun@windriver.com>
13 13[Hongzhi:adjust the patch for v5.4]
14Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
14--- 15---
15 xlators/features/glupy/src/glupy.c | 2 +- 16 xlators/features/glupy/src/glupy.c | 2 +-
16 1 file changed, 1 insertion(+), 1 deletion(-) 17 1 file changed, 1 insertion(+), 1 deletion(-)
17 18
18diff --git a/xlators/features/glupy/src/glupy.c b/xlators/features/glupy/src/glupy.c 19diff --git a/xlators/features/glupy/src/glupy.c b/xlators/features/glupy/src/glupy.c
19index bca4764..7c2b271 100644 20index d1a111e..58cdaf9 100644
20--- a/xlators/features/glupy/src/glupy.c 21--- a/xlators/features/glupy/src/glupy.c
21+++ b/xlators/features/glupy/src/glupy.c 22+++ b/xlators/features/glupy/src/glupy.c
22@@ -10,7 +10,7 @@ 23@@ -11,7 +11,7 @@
23
24 #include <ctype.h> 24 #include <ctype.h>
25 #include <dlfcn.h>
25 #include <sys/uio.h> 26 #include <sys/uio.h>
26-#include <Python.h> 27-#include <Python.h>
27+#include <python2.7/Python.h> 28+#include <python2.7/Python.h>
28 29
29 #include "glusterfs.h" 30 #include "glusterfs.h"
30 #include "xlator.h" 31 #include "xlator.h"
32--
332.17.1
34
diff --git a/recipes-extended/glusterfs/files/glusterd-change-port-range.patch b/recipes-extended/glusterfs/files/glusterd-change-port-range.patch
index 884a5f0..52b6ffa 100644
--- a/recipes-extended/glusterfs/files/glusterd-change-port-range.patch
+++ b/recipes-extended/glusterfs/files/glusterd-change-port-range.patch
@@ -1,6 +1,6 @@
1From 0102ca092047f51b936d39af966f19b23548c606 Mon Sep 17 00:00:00 2001 1From a0ed85e0b268dba76d9c820571e1b9217b51e985 Mon Sep 17 00:00:00 2001
2From: Vu Tran <vu.tran@windriver.com> 2From: "Hongzhi.Song" <hongzhi.song@windriver.com>
3Date: Wed, 26 Jul 2017 08:42:09 +0800 3Date: Tue, 12 Mar 2019 20:03:21 -0700
4Subject: [PATCH] glusterd: change port range 4Subject: [PATCH] glusterd: change port range
5 5
6glusterfsd chooses tcp ports within the dynamic 6glusterfsd chooses tcp ports within the dynamic
@@ -22,19 +22,24 @@ Signed-off-by: Vu Tran <vu.tran@windriver.com>
22Signed-off-by: Xulin Sun <xulin.sun@windriver.com> 22Signed-off-by: Xulin Sun <xulin.sun@windriver.com>
23[Yi: minor adjust to apply the patch on 3.11.1] 23[Yi: minor adjust to apply the patch on 3.11.1]
24Signed-off-by: Yi Zhao <yi.zhao@windriver.com> 24Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
25 25[Hogzhi: minor adjust to apply the patch on v5.4]
26Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
26--- 27---
27 extras/glusterd.vol | 2 +- 28 extras/glusterd.vol | 2 +-
28 1 file changed, 1 insertion(+), 1 deletion(-) 29 1 file changed, 1 insertion(+), 1 deletion(-)
29 30
30diff --git a/extras/glusterd.vol b/extras/glusterd.vol 31diff --git a/extras/glusterd.vol b/extras/glusterd.vol
31index d882007..c8dfe91 100644 32index 88d412c..b89aa56 100644
32--- a/extras/glusterd.vol 33--- a/extras/glusterd.vol
33+++ b/extras/glusterd.vol 34+++ b/extras/glusterd.vol
34@@ -8,5 +8,5 @@ volume management 35@@ -9,6 +9,6 @@ volume management
35 option ping-timeout 0
36 option event-threads 1 36 option event-threads 1
37 # option lock-timer 180
37 # option transport.address-family inet6 38 # option transport.address-family inet6
38-# option base-port 49152 39-# option base-port 49152
39+# option base-port 59152 40+# option base-port 59152
41 # option max-port 65535
40 end-volume 42 end-volume
43--
442.17.1
45
diff --git a/recipes-extended/glusterfs/files/glusterfs-api-remove-unnecessary-library-options.patch b/recipes-extended/glusterfs/files/glusterfs-api-remove-unnecessary-library-options.patch
index 5b54974..2f140ea 100644
--- a/recipes-extended/glusterfs/files/glusterfs-api-remove-unnecessary-library-options.patch
+++ b/recipes-extended/glusterfs/files/glusterfs-api-remove-unnecessary-library-options.patch
@@ -1,7 +1,7 @@
1From 61075d7e4459e4cb9168d1c423ac56db240bb463 Mon Sep 17 00:00:00 2001 1From 2ef09531d1d14cd64d5ba4ffbd9a99af10ae1ec4 Mon Sep 17 00:00:00 2001
2From: Jim Somerville <Jim.Somerville@windriver.com> 2From: "Hongzhi.Song" <hongzhi.song@windriver.com>
3Date: Wed, 12 Feb 2014 15:41:50 +0000 3Date: Tue, 12 Mar 2019 19:37:51 -0700
4Subject: [PATCH] glusterfs-api remove unnecessary library options 4Subject: [PATCH] glusterfs-api: remove unnecessary library options
5 5
6These cause QA errors when users of the api such 6These cause QA errors when users of the api such
7as qemu generate their packages. The reported 7as qemu generate their packages. The reported
@@ -11,13 +11,13 @@ Upstream-Status: Inappropriate [embedded specific]
11 11
12Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com> 12Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
13Signed-off-by: Xulin Sun <xulin.sun@windriver.com> 13Signed-off-by: Xulin Sun <xulin.sun@windriver.com>
14 14Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
15--- 15---
16 glusterfs-api.pc.in | 2 +- 16 glusterfs-api.pc.in | 2 +-
17 1 file changed, 1 insertion(+), 1 deletion(-) 17 1 file changed, 1 insertion(+), 1 deletion(-)
18 18
19diff --git a/glusterfs-api.pc.in b/glusterfs-api.pc.in 19diff --git a/glusterfs-api.pc.in b/glusterfs-api.pc.in
20index 5d23454..8a602f6 100644 20index 6af4e10..01b9d0f 100644
21--- a/glusterfs-api.pc.in 21--- a/glusterfs-api.pc.in
22+++ b/glusterfs-api.pc.in 22+++ b/glusterfs-api.pc.in
23@@ -8,5 +8,5 @@ Description: GlusterFS API 23@@ -8,5 +8,5 @@ Description: GlusterFS API
@@ -26,4 +26,7 @@ index 5d23454..8a602f6 100644
26 Requires: @PKGCONFIG_UUID@ 26 Requires: @PKGCONFIG_UUID@
27-Libs: -L${libdir} @GFAPI_LIBS@ -lgfapi -lglusterfs -lgfrpc -lgfxdr 27-Libs: -L${libdir} @GFAPI_LIBS@ -lgfapi -lglusterfs -lgfrpc -lgfxdr
28+Libs: -lgfapi -lglusterfs -lgfrpc -lgfxdr 28+Libs: -lgfapi -lglusterfs -lgfrpc -lgfxdr
29 Cflags: -I${includedir}/glusterfs -D_FILE_OFFSET_BITS=64 -D__USE_FILE_OFFSET64 -DUSE_POSIX_ACLS=@USE_POSIX_ACLS@ 29 Cflags: -I${includedir} -D_FILE_OFFSET_BITS=64 -D__USE_FILE_OFFSET64 -DUSE_POSIX_ACLS=@USE_POSIX_ACLS@
30--
312.17.1
32
diff --git a/recipes-extended/glusterfs/files/glusterfs-change-default-nfs-port-number.patch b/recipes-extended/glusterfs/files/glusterfs-change-default-nfs-port-number.patch
index 874f7de..e3453a2 100644
--- a/recipes-extended/glusterfs/files/glusterfs-change-default-nfs-port-number.patch
+++ b/recipes-extended/glusterfs/files/glusterfs-change-default-nfs-port-number.patch
@@ -1,6 +1,6 @@
1From 9fdaa80b4c933e8f0e97dfde2ba25ed4cea834d5 Mon Sep 17 00:00:00 2001 1From b0c106e74beee36c20f73b956841007209a7f23c Mon Sep 17 00:00:00 2001
2From: Vu Tran <vu.tran@windriver.com> 2From: "Hongzhi.Song" <hongzhi.song@windriver.com>
3Date: Wed, 26 Jul 2017 08:42:09 +0800 3Date: Tue, 12 Mar 2019 19:52:03 -0700
4Subject: [PATCH] glusterfs: change default nfs port number 4Subject: [PATCH] glusterfs: change default nfs port number
5 5
6Currently both native nfs and glusterfs-nfs use NFS well 6Currently both native nfs and glusterfs-nfs use NFS well
@@ -30,21 +30,25 @@ Signed-off-by: Vu Tran <vu.tran@windriver.com>
30Signed-off-by: Xulin Sun <xulin.sun@windriver.com> 30Signed-off-by: Xulin Sun <xulin.sun@windriver.com>
31[Yi: minor adjust to apply the patch on 3.11.1] 31[Yi: minor adjust to apply the patch on 3.11.1]
32Signed-off-by: Yi Zhao <yi.zhao@windriver.com> 32Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
33 33[Hongzhi: minor adjust to apply the patch on v5.4]
34Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
34--- 35---
35 libglusterfs/src/common-utils.h | 2 +- 36 libglusterfs/src/common-utils.h | 2 +-
36 1 file changed, 1 insertion(+), 1 deletion(-) 37 1 file changed, 1 insertion(+), 1 deletion(-)
37 38
38diff --git a/libglusterfs/src/common-utils.h b/libglusterfs/src/common-utils.h 39diff --git a/libglusterfs/src/common-utils.h b/libglusterfs/src/common-utils.h
39index 6bd2417..25a92b0 100644 40index 6a6fd8c..218e379 100644
40--- a/libglusterfs/src/common-utils.h 41--- a/libglusterfs/src/common-utils.h
41+++ b/libglusterfs/src/common-utils.h 42+++ b/libglusterfs/src/common-utils.h
42@@ -94,7 +94,7 @@ void trap (void); 43@@ -108,7 +108,7 @@ trap(void);
43 /* Defining this here as it is needed by glusterd for setting 44 /* Defining this here as it is needed by glusterd for setting
44 * nfs port in volume status. 45 * nfs port in volume status.
45 */ 46 */
46-#define GF_NFS3_PORT 2049 47-#define GF_NFS3_PORT 2049
47+#define GF_NFS3_PORT 38467 48+#define GF_NFS3_PORT 38467
48 49
49 #define GF_CLIENT_PORT_CEILING 1024 50 #define GF_CLIENT_PORT_CEILING 1024
50 #define GF_IANA_PRIV_PORTS_START 49152 /* RFC 6335 */ 51 #define GF_IANA_PRIV_PORTS_START 49152 /* RFC 6335 */
52--
532.17.1
54
diff --git a/recipes-extended/glusterfs/files/libglusterfs-Don-t-link-against-libfl.patch b/recipes-extended/glusterfs/files/libglusterfs-Don-t-link-against-libfl.patch
index 27b08a8..660446b 100644
--- a/recipes-extended/glusterfs/files/libglusterfs-Don-t-link-against-libfl.patch
+++ b/recipes-extended/glusterfs/files/libglusterfs-Don-t-link-against-libfl.patch
@@ -1,6 +1,6 @@
1From d4109317c70c86a67464b7deebbe0c3de88773e1 Mon Sep 17 00:00:00 2001 1From 732bcca9f5fbb6defca8c327744d015d6747864b Mon Sep 17 00:00:00 2001
2From: Xulin Sun <xulin.sun@windriver.com> 2From: "Hongzhi.Song" <hongzhi.song@windriver.com>
3Date: Fri, 25 Mar 2016 12:33:04 +0800 3Date: Tue, 12 Mar 2019 19:56:59 -0700
4Subject: [PATCH] libglusterfs: Don't link against libfl 4Subject: [PATCH] libglusterfs: Don't link against libfl
5 5
6Remove reference to yywrap by adding "%option noyywrap" statements to 6Remove reference to yywrap by adding "%option noyywrap" statements to
@@ -11,25 +11,11 @@ undefined references to yylex.
11Upstream-Status: Inappropriate [embedded specific] 11Upstream-Status: Inappropriate [embedded specific]
12 12
13Signed-off-by: Xulin Sun <xulin.sun@windriver.com> 13Signed-off-by: Xulin Sun <xulin.sun@windriver.com>
14 14Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
15--- 15---
16 libglusterfs/src/Makefile.am | 2 +- 16 libglusterfs/src/graph.l | 1 +
17 libglusterfs/src/graph.l | 1 + 17 1 file changed, 1 insertion(+)
18 2 files changed, 2 insertions(+), 1 deletion(-)
19 18
20diff --git a/libglusterfs/src/Makefile.am b/libglusterfs/src/Makefile.am
21index 52b7316..ab5567a 100644
22--- a/libglusterfs/src/Makefile.am
23+++ b/libglusterfs/src/Makefile.am
24@@ -11,7 +11,7 @@ libglusterfs_la_CPPFLAGS = $(GF_CPPFLAGS) -D__USE_FILE_OFFSET64 \
25 -I$(CONTRIBDIR)/libexecinfo ${ARGP_STANDALONE_CPPFLAGS} \
26 -DSBIN_DIR=\"$(sbindir)\" -I$(CONTRIBDIR)/timer-wheel
27
28-libglusterfs_la_LIBADD = @LEXLIB@ $(ZLIB_LIBS) $(MATH_LIB) $(UUID_LIBS)
29+libglusterfs_la_LIBADD = $(ZLIB_LIBS) $(MATH_LIB) $(UUID_LIBS)
30 libglusterfs_la_LDFLAGS = -version-info $(LIBGLUSTERFS_LT_VERSION)
31
32 lib_LTLIBRARIES = libglusterfs.la
33diff --git a/libglusterfs/src/graph.l b/libglusterfs/src/graph.l 19diff --git a/libglusterfs/src/graph.l b/libglusterfs/src/graph.l
34index 8af28a4..742d934 100644 20index 8af28a4..742d934 100644
35--- a/libglusterfs/src/graph.l 21--- a/libglusterfs/src/graph.l
@@ -42,3 +28,6 @@ index 8af28a4..742d934 100644
42 %{ 28 %{
43 29
44 #define YYSTYPE char * 30 #define YYSTYPE char *
31--
322.17.1
33
diff --git a/recipes-extended/glusterfs/files/python-work-around-host-and-target-python.patch b/recipes-extended/glusterfs/files/python-work-around-host-and-target-python.patch
index d70a103..700b0ba 100644
--- a/recipes-extended/glusterfs/files/python-work-around-host-and-target-python.patch
+++ b/recipes-extended/glusterfs/files/python-work-around-host-and-target-python.patch
@@ -1,6 +1,6 @@
1From fbe4fdfddb096e4e6650908929c366dcc9556ade Mon Sep 17 00:00:00 2001 1From 80c38519224635e9fe2a21542b7dbb14e4c16dcc Mon Sep 17 00:00:00 2001
2From: Mark Asselstine <mark.asselstine@windriver.com> 2From: "Hongzhi.Song" <hongzhi.song@windriver.com>
3Date: Thu, 27 Feb 2014 21:50:40 -0500 3Date: Tue, 12 Mar 2019 19:46:27 -0700
4Subject: [PATCH] python: work around host and target python 4Subject: [PATCH] python: work around host and target python
5 5
6In order to allow for the build system to make use of python but not 6In order to allow for the build system to make use of python but not
@@ -18,7 +18,8 @@ Signed-off-by: Mark Asselstine <mark.asselstine@windriver.com>
18Signed-off-by: Xulin Sun <xulin.sun@windriver.com> 18Signed-off-by: Xulin Sun <xulin.sun@windriver.com>
19[Yi: minor adjust the code to apply the patch on 3.11.1] 19[Yi: minor adjust the code to apply the patch on 3.11.1]
20Signed-off-by: Yi Zhao <yi.zhao@windriver.com> 20Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
21 21[Hongzhi: minor adjust the code to apply on v5.4]
22Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
22--- 23---
23 configure.ac | 2 ++ 24 configure.ac | 2 ++
24 geo-replication/src/Makefile.am | 3 ++- 25 geo-replication/src/Makefile.am | 3 ++-
@@ -26,10 +27,10 @@ Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
26 3 files changed, 7 insertions(+), 4 deletions(-) 27 3 files changed, 7 insertions(+), 4 deletions(-)
27 28
28diff --git a/configure.ac b/configure.ac 29diff --git a/configure.ac b/configure.ac
29index 8ce28f6..8e0652a 100644 30index bc4cf93..d55a7b2 100644
30--- a/configure.ac 31--- a/configure.ac
31+++ b/configure.ac 32+++ b/configure.ac
32@@ -270,6 +270,8 @@ AC_CANONICAL_HOST 33@@ -279,6 +279,8 @@ AC_CANONICAL_HOST
33 AC_PROG_CC 34 AC_PROG_CC
34 AC_DISABLE_STATIC 35 AC_DISABLE_STATIC
35 AC_PROG_LIBTOOL 36 AC_PROG_LIBTOOL
@@ -53,27 +54,30 @@ index 9937a0b..07456fb 100644
53 AM_CFLAGS = -Wall $(GF_CFLAGS) 54 AM_CFLAGS = -Wall $(GF_CFLAGS)
54 55
55diff --git a/geo-replication/src/gsyncd.c b/geo-replication/src/gsyncd.c 56diff --git a/geo-replication/src/gsyncd.c b/geo-replication/src/gsyncd.c
56index 2c48ca5..b1d1126 100644 57index 77af662..8cd0551 100644
57--- a/geo-replication/src/gsyncd.c 58--- a/geo-replication/src/gsyncd.c
58+++ b/geo-replication/src/gsyncd.c 59+++ b/geo-replication/src/gsyncd.c
59@@ -153,9 +153,9 @@ invoke_gsyncd (int argc, char **argv) 60@@ -118,9 +118,9 @@ invoke_gsyncd(int argc, char **argv)
60 goto error; 61 goto error;
61 62
62 j = 0; 63 j = 0;
63- python = getenv("PYTHON"); 64- python = getenv("PYTHON");
64+ python = getenv("TARGET_PYTHON"); 65+ python = getenv("TARGET_PYTHON");
65 if(!python) 66 if (!python)
66- python = PYTHON; 67- python = PYTHON;
67+ python = TARGET_PYTHON; 68+ python = TARGET_PYTHON;
68 nargv[j++] = python; 69 nargv[j++] = python;
69 nargv[j++] = GSYNCD_PREFIX"/python/syncdaemon/"GSYNCD_PY; 70 nargv[j++] = GSYNCD_PREFIX "/python/syncdaemon/" GSYNCD_PY;
70 for (i = 1; i < argc; i++) 71 for (i = 1; i < argc; i++)
71@@ -205,7 +205,7 @@ find_gsyncd (pid_t pid, pid_t ppid, char *name, void *data) 72@@ -170,7 +170,7 @@ find_gsyncd(pid_t pid, pid_t ppid, char *name, void *data)
72 ret = 0; 73 ret = 0;
73 switch (zeros) { 74 switch (zeros) {
74 case 2: 75 case 2:
75- if ((strcmp (basename (buf), basename (PYTHON)) || 76- if ((strcmp(basename(buf), basename(PYTHON)) ||
76+ if ((strcmp (basename (buf), basename (TARGET_PYTHON)) || 77+ if ((strcmp (basename (buf), basename (TARGET_PYTHON)) ||
77 strcmp (basename (buf + strlen (buf) + 1), GSYNCD_PY)) == 0) { 78 strcmp(basename(buf + strlen(buf) + 1), GSYNCD_PY)) == 0) {
78 ret = 1; 79 ret = 1;
79 break; 80 break;
81--
822.17.1
83
diff --git a/recipes-extended/glusterfs/files/xlator-host-contamination-3.4.patch b/recipes-extended/glusterfs/files/xlator-host-contamination-5.4.patch
index 805c00a..ed11ce5 100644
--- a/recipes-extended/glusterfs/files/xlator-host-contamination-3.4.patch
+++ b/recipes-extended/glusterfs/files/xlator-host-contamination-5.4.patch
@@ -1,6 +1,6 @@
1From 79c943bba37cb10a462038ec56cd2b8045344951 Mon Sep 17 00:00:00 2001 1From a18891a9807b209c7c0811e0e6ca08c4570809d0 Mon Sep 17 00:00:00 2001
2From: Donn Seeley <donn.seeley@windriver.com> 2From: "Hongzhi.Song" <hongzhi.song@windriver.com>
3Date: Fri, 28 Feb 2014 09:11:02 -0500 3Date: Tue, 12 Mar 2019 22:00:46 -0700
4Subject: [PATCH] Add the glusterfs package 4Subject: [PATCH] Add the glusterfs package
5 5
6Three of the translator makefiles in glusterfs add unnecessary 6Three of the translator makefiles in glusterfs add unnecessary
@@ -13,7 +13,8 @@ Upstream-Status: Pending
13Signed-off-by: Donn Seeley <donn.seeley@windriver.com> 13Signed-off-by: Donn Seeley <donn.seeley@windriver.com>
14[Xulin: minor adjust to apply the patch] 14[Xulin: minor adjust to apply the patch]
15Signed-off-by: Xuin Sun <xulin.sun@windriver.com> 15Signed-off-by: Xuin Sun <xulin.sun@windriver.com>
16 16[Hongzhi: minor adjust to apply the patch]
17Signed-off-by: Hongzhi.Song <hongzhi.song@windriver.com>
17--- 18---
18 xlators/mgmt/glusterd/src/Makefile.am | 2 +- 19 xlators/mgmt/glusterd/src/Makefile.am | 2 +-
19 xlators/nfs/server/src/Makefile.am | 2 -- 20 xlators/nfs/server/src/Makefile.am | 2 --
@@ -21,12 +22,12 @@ Signed-off-by: Xuin Sun <xulin.sun@windriver.com>
21 3 files changed, 1 insertion(+), 5 deletions(-) 22 3 files changed, 1 insertion(+), 5 deletions(-)
22 23
23diff --git a/xlators/mgmt/glusterd/src/Makefile.am b/xlators/mgmt/glusterd/src/Makefile.am 24diff --git a/xlators/mgmt/glusterd/src/Makefile.am b/xlators/mgmt/glusterd/src/Makefile.am
24index b0f5a9b..0caad43 100644 25index aa75344..834c4b5 100644
25--- a/xlators/mgmt/glusterd/src/Makefile.am 26--- a/xlators/mgmt/glusterd/src/Makefile.am
26+++ b/xlators/mgmt/glusterd/src/Makefile.am 27+++ b/xlators/mgmt/glusterd/src/Makefile.am
27@@ -55,7 +55,7 @@ AM_CPPFLAGS = $(GF_CPPFLAGS) -I$(top_srcdir)/libglusterfs/src \ 28@@ -60,7 +60,7 @@ AM_CPPFLAGS = $(GF_CPPFLAGS) -I$(top_srcdir)/libglusterfs/src \
28 29
29 AM_CFLAGS = -Wall $(GF_CFLAGS) $(URCU_CFLAGS) $(URCU_CDS_CFLAGS) 30 AM_CFLAGS = -Wall $(GF_CFLAGS) $(URCU_CFLAGS) $(URCU_CDS_CFLAGS) $(XML_CFLAGS)
30 31
31-AM_LDFLAGS = -L$(xlatordir) $(URCU_LIBS) $(URCU_CDS_LIBS) 32-AM_LDFLAGS = -L$(xlatordir) $(URCU_LIBS) $(URCU_CDS_LIBS)
32+AM_LDFLAGS = -L$(URCU_LIBS) $(URCU_CDS_LIBS) 33+AM_LDFLAGS = -L$(URCU_LIBS) $(URCU_CDS_LIBS)
@@ -34,10 +35,10 @@ index b0f5a9b..0caad43 100644
34 CLEANFILES = 35 CLEANFILES =
35 36
36diff --git a/xlators/nfs/server/src/Makefile.am b/xlators/nfs/server/src/Makefile.am 37diff --git a/xlators/nfs/server/src/Makefile.am b/xlators/nfs/server/src/Makefile.am
37index bc6f8e9..56086a1 100644 38index 01071a7..297d3cb 100644
38--- a/xlators/nfs/server/src/Makefile.am 39--- a/xlators/nfs/server/src/Makefile.am
39+++ b/xlators/nfs/server/src/Makefile.am 40+++ b/xlators/nfs/server/src/Makefile.am
40@@ -25,8 +25,6 @@ AM_CPPFLAGS = $(GF_CPPFLAGS) \ 41@@ -31,8 +31,6 @@ AM_CPPFLAGS = $(GF_CPPFLAGS) \
41 42
42 AM_CFLAGS = -Wall $(GF_CFLAGS) 43 AM_CFLAGS = -Wall $(GF_CFLAGS)
43 44
@@ -59,3 +60,6 @@ index f57070c..70080a6 100644
59 CLEANFILES = 60 CLEANFILES =
60 61
61 access-control-compat: 62 access-control-compat:
63--
642.17.1
65
diff --git a/recipes-extended/glusterfs/glusterfs.inc b/recipes-extended/glusterfs/glusterfs.inc
index f7d3cc3..17aaf75 100644
--- a/recipes-extended/glusterfs/glusterfs.inc
+++ b/recipes-extended/glusterfs/glusterfs.inc
@@ -11,7 +11,7 @@ SECTION = "console/network"
11SRC_URI += "file://glusterd.init \ 11SRC_URI += "file://glusterd.init \
12 file://glusterd.service \ 12 file://glusterd.service \
13 file://glusterfs-configure-automake-with-subdir-objects-for.patch \ 13 file://glusterfs-configure-automake-with-subdir-objects-for.patch \
14 file://xlator-host-contamination-3.4.patch \ 14 file://xlator-host-contamination-5.4.patch \
15 file://glusterfs-disable-default-startup-scripts.patch \ 15 file://glusterfs-disable-default-startup-scripts.patch \
16 file://glusterfs-api-remove-unnecessary-library-options.patch \ 16 file://glusterfs-api-remove-unnecessary-library-options.patch \
17 file://python-work-around-host-and-target-python.patch \ 17 file://python-work-around-host-and-target-python.patch \
@@ -20,15 +20,6 @@ SRC_URI += "file://glusterd.init \
20 file://libglusterfs-Don-t-link-against-libfl.patch \ 20 file://libglusterfs-Don-t-link-against-libfl.patch \
21 file://glusterd-change-port-range.patch \ 21 file://glusterd-change-port-range.patch \
22 file://configure.ac-allow-PYTHON-values-to-be-passed-via-en.patch \ 22 file://configure.ac-allow-PYTHON-values-to-be-passed-via-en.patch \
23 file://0001-shared-storage-Prevent-mounting-shared-storage-from-.patch \
24 file://0002-server-auth-add-option-for-strict-authentication.patch \
25 file://0003-glusterfs-access-trusted-peer-group-via-remote-host-.patch \
26 file://0001-dict-handle-negative-key-value-length-while-unserial.patch \
27 file://0002-posix-disable-open-read-write-on-special-files.patch \
28 file://0003-server-protocol-don-t-allow-.-path-in-name.patch \
29 file://0004-io-stats-dump-io-stats-info-in-var-run-gluster.patch \
30 file://0006-posix-remove-not-supported-get-set-content.patch \
31 file://0007-protocol-don-t-use-alloca.patch \
32 " 23 "
33 24
34LICENSE = "(LGPLv3+ | GPLv2) & GPLv3+ & LGPLv3+ & GPLv2+ & LGPLv2+ & LGPLv2.1+ & Apache-2.0" 25LICENSE = "(LGPLv3+ | GPLv2) & GPLv3+ & LGPLv3+ & GPLv2+ & LGPLv2+ & LGPLv2.1+ & Apache-2.0"
@@ -38,8 +29,8 @@ LIC_FILES_CHKSUM = "file://COPYING-GPLV2;md5=b234ee4d69f5fce4486a80fdaf4a4263 \
38 29
39inherit autotools pkgconfig distutils-base update-rc.d systemd 30inherit autotools pkgconfig distutils-base update-rc.d systemd
40 31
41DEPENDS += "bison-native flex-native python-native fuse libaio libtirpc libxml2 ncurses \ 32DEPENDS += "bison-native flex-native python3-native fuse libaio libtirpc libxml2 ncurses \
42 openssl python readline zlib liburcu util-linux glib-2.0 acl" 33 openssl python3 readline zlib liburcu util-linux glib-2.0 acl"
43 34
44# rpc now comes from libtirpc instead of glibc 35# rpc now comes from libtirpc instead of glibc
45# 36#
@@ -49,6 +40,7 @@ LDFLAGS += " -ltirpc"
49EXTRA_OECONF = "ac_cv_file__etc_debian_version=no \ 40EXTRA_OECONF = "ac_cv_file__etc_debian_version=no \
50 ac_cv_file__etc_SuSE_release=no \ 41 ac_cv_file__etc_SuSE_release=no \
51 ac_cv_file__etc_redhat_release=no \ 42 ac_cv_file__etc_redhat_release=no \
43 ac_cv_file__etc_centos_release=no \
52 --with-mountutildir=${sbindir} \ 44 --with-mountutildir=${sbindir} \
53 --disable-fusermount \ 45 --disable-fusermount \
54 TARGET_PYTHON=${bindir}/python \ 46 TARGET_PYTHON=${bindir}/python \
@@ -64,7 +56,7 @@ PACKAGECONFIG[debug] = "--enable-debug,--disable-debug,,"
64PACKAGECONFIG[georeplication] = "--enable-georeplication,--disable-georeplication,,rsync" 56PACKAGECONFIG[georeplication] = "--enable-georeplication,--disable-georeplication,,rsync"
65PACKAGECONFIG[libibverbs] = "--enable-ibverbs,--disable-ibverbs,virtual/libibverbs librdmacm," 57PACKAGECONFIG[libibverbs] = "--enable-ibverbs,--disable-ibverbs,virtual/libibverbs librdmacm,"
66PACKAGECONFIG[ocf] = "--with-ocf,--without-ocf,," 58PACKAGECONFIG[ocf] = "--with-ocf,--without-ocf,,"
67PACKAGECONFIG[valgrind] = "--with-valgrind,--without-valgrind,valgrind," 59PACKAGECONFIG[valgrind] = "--enable-valgrind,--disable-valgrind,valgrind,"
68 60
69do_install_append() { 61do_install_append() {
70 install -d ${D}${sysconfdir}/init.d 62 install -d ${D}${sysconfdir}/init.d
@@ -123,9 +115,10 @@ INSANE_SKIP_${PN}-server += "dev-so"
123PACKAGES += "${PN}-rdma ${PN}-geo-replication ${PN}-fuse ${PN}-server \ 115PACKAGES += "${PN}-rdma ${PN}-geo-replication ${PN}-fuse ${PN}-server \
124 ${PN}-api ${PN}-ocf" 116 ${PN}-api ${PN}-ocf"
125 117
126RDEPENDS_${PN} += "python python-json python-ctypes bash" 118RDEPENDS_${PN} += "python3-core python-json python-ctypes bash"
127RDEPENDS_${PN}-ocf += "bash" 119RDEPENDS_${PN}-ocf += "bash"
128RDEPENDS_${PN}-server += "bash" 120RDEPENDS_${PN}-server += "bash"
121RDEPENDS_${PN}-geo-replication += "python3"
129 122
130FILES_${PN}-dbg += "${libdir}/glusterfs/${PV}/*/.debug \ 123FILES_${PN}-dbg += "${libdir}/glusterfs/${PV}/*/.debug \
131 ${libdir}/glusterfs/${PV}/*/*/.debug \ 124 ${libdir}/glusterfs/${PV}/*/*/.debug \
@@ -142,6 +135,7 @@ FILES_${PN} = "${libdir}/glusterfs/${PV}/auth \
142 ${libdir}/glusterfs/${PV}/xlator/protocol/client* \ 135 ${libdir}/glusterfs/${PV}/xlator/protocol/client* \
143 ${libdir}/glusterfs/${PV}/xlator/system \ 136 ${libdir}/glusterfs/${PV}/xlator/system \
144 ${libdir}/glusterfs/${PV}/xlator/testing \ 137 ${libdir}/glusterfs/${PV}/xlator/testing \
138 ${libdir}/glusterfs/${PV}/xlator/playground \
145 ${libdir}/glusterfs/${PV}/xlator/meta.so \ 139 ${libdir}/glusterfs/${PV}/xlator/meta.so \
146 ${libdir}/glusterfs/ganesha \ 140 ${libdir}/glusterfs/ganesha \
147 ${libdir}/glusterfs/glusterfs/glusterfind \ 141 ${libdir}/glusterfs/glusterfs/glusterfind \
@@ -154,6 +148,7 @@ FILES_${PN} = "${libdir}/glusterfs/${PV}/auth \
154 ${libdir}/libgfdb.so.* \ 148 ${libdir}/libgfdb.so.* \
155 ${libdir}/libgfxdr.so.* \ 149 ${libdir}/libgfxdr.so.* \
156 ${libdir}/python*/site-packages \ 150 ${libdir}/python*/site-packages \
151 ${libexecdir}/glusterfs/gfevents \
157 ${libexecdir}/glusterfs/events \ 152 ${libexecdir}/glusterfs/events \
158 ${libexecdir}/glusterfs/glusterfind \ 153 ${libexecdir}/glusterfs/glusterfind \
159 ${libexecdir}/glusterfs/gfind_missing_files \ 154 ${libexecdir}/glusterfs/gfind_missing_files \
@@ -174,6 +169,7 @@ FILES_${PN} = "${libdir}/glusterfs/${PV}/auth \
174 ${sbindir}/glustereventsd \ 169 ${sbindir}/glustereventsd \
175 ${sbindir}/gf_attach \ 170 ${sbindir}/gf_attach \
176 ${sbindir}/*.py \ 171 ${sbindir}/*.py \
172 ${sbindir}/gluster-setgfid2path \
177 ${bindir}/ \ 173 ${bindir}/ \
178 ${sysconfdir}/glusterfs \ 174 ${sysconfdir}/glusterfs \
179 ${sysconfdir}/ganesha \ 175 ${sysconfdir}/ganesha \
diff --git a/recipes-extended/glusterfs/glusterfs_3.11.1.bb b/recipes-extended/glusterfs/glusterfs_3.11.1.bb
deleted file mode 100644
index 6ca157c..0000000
--- a/recipes-extended/glusterfs/glusterfs_3.11.1.bb
+++ /dev/null
@@ -1,6 +0,0 @@
1SRC_URI = "https://bits.gluster.org/pub/gluster/glusterfs/src/${BPN}-${PV}.tar.gz"
2
3SRC_URI[md5sum] = "46d56837b8b5c785f2f1e5317d5f6da8"
4SRC_URI[sha256sum] = "c7e0502631c9bc9da05795b666b74ef40a30a0344f5a2e205e65bd2faefe1442"
5
6require glusterfs.inc
diff --git a/recipes-extended/glusterfs/glusterfs_5.4.bb b/recipes-extended/glusterfs/glusterfs_5.4.bb
new file mode 100644
index 0000000..90ffd14
--- /dev/null
+++ b/recipes-extended/glusterfs/glusterfs_5.4.bb
@@ -0,0 +1,6 @@
1SRC_URI = "https://bits.gluster.org/pub/gluster/glusterfs/src/${BPN}-${PV}.tar.gz"
2
3SRC_URI[md5sum] = "b52ec9101de3c01c7db17c00b3234d94"
4SRC_URI[sha256sum] = "d4f8cf7551c4ac97480fa4f2da6077171b12d5501ee1ddc4cd8535e2336bde7e"
5
6require glusterfs.inc
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-03 09:54:35 +0000