From 7d39fc99fc45bbc74a10f5164e4b5a61ae22528d Mon Sep 17 00:00:00 2001 From: liupei Date: Thu, 12 Dec 2024 14:31:28 +0800 Subject: [PATCH] Refactor: libcrmcommon: Add pcmk__tls_client_try_handshake. --- ...-orphans-when-outputting-node-histor.patch | 45 +++++++ ...ommon-Add-pcmk__tls_client_try_hands.patch | 119 ++++++++++++++++++ pacemaker.spec | 8 +- 3 files changed, 171 insertions(+), 1 deletion(-) create mode 100644 backport-Low-tools-handle-orphans-when-outputting-node-histor.patch create mode 100644 backport-Refactor-libcrmcommon-Add-pcmk__tls_client_try_hands.patch diff --git a/backport-Low-tools-handle-orphans-when-outputting-node-histor.patch b/backport-Low-tools-handle-orphans-when-outputting-node-histor.patch new file mode 100644 index 0000000..a49a141 --- /dev/null +++ b/backport-Low-tools-handle-orphans-when-outputting-node-histor.patch @@ -0,0 +1,45 @@ +From c36adbe6ec961d87b32cb90fe417e4d4911d41d9 Mon Sep 17 00:00:00 2001 +From: Ken Gaillot +Date: Tue, 20 Aug 2024 15:20:53 -0500 +Subject: [PATCH] Low: tools: handle orphans when outputting node history in + crm_mon + +--- + lib/pengine/pe_output.c | 14 ++++++++++++-- + 1 file changed, 12 insertions(+), 2 deletions(-) + +diff --git a/lib/pengine/pe_output.c b/lib/pengine/pe_output.c +index 7792983e0a..f4c7424392 100644 +--- a/lib/pengine/pe_output.c ++++ b/lib/pengine/pe_output.c +@@ -2449,8 +2449,17 @@ node_history_list(pcmk__output_t *out, va_list args) { + rsc_entry != NULL; rsc_entry = pcmk__xe_next_same(rsc_entry)) { + + const char *rsc_id = crm_element_value(rsc_entry, PCMK_XA_ID); +- pcmk_resource_t *rsc = pe_find_resource(scheduler->resources, rsc_id); +- const pcmk_resource_t *parent = pe__const_top_resource(rsc, false); ++ pcmk_resource_t *rsc = NULL; ++ const pcmk_resource_t *parent = NULL; ++ ++ if (rsc_id == NULL) { ++ continue; // Malformed entry ++ } ++ ++ rsc = pe_find_resource(scheduler->resources, rsc_id); ++ if (rsc == NULL) { ++ continue; // Resource was removed from configuration ++ } + + /* We can't use is_filtered here to filter group resources. For is_filtered, + * we have to decide whether to check the parent or not. If we check the +@@ -2460,6 +2469,7 @@ node_history_list(pcmk__output_t *out, va_list args) { + * + * For other resource types, is_filtered is okay. + */ ++ parent = pe__const_top_resource(rsc, false); + if (pcmk__is_group(parent)) { + if (!pcmk__str_in_list(rsc_printable_id(rsc), only_rsc, + pcmk__str_star_matches) +-- +2.33.1.windows.1 + diff --git a/backport-Refactor-libcrmcommon-Add-pcmk__tls_client_try_hands.patch b/backport-Refactor-libcrmcommon-Add-pcmk__tls_client_try_hands.patch new file mode 100644 index 0000000..b39f125 --- /dev/null +++ b/backport-Refactor-libcrmcommon-Add-pcmk__tls_client_try_hands.patch @@ -0,0 +1,119 @@ +From 0f3b5d28cf74ca5eddae767eeba65aa8c53f5070 Mon Sep 17 00:00:00 2001 +From: Chris Lumens +Date: Wed, 7 Aug 2024 14:22:39 -0400 +Subject: [PATCH] Refactor: libcrmcommon: Add pcmk__tls_client_try_handshake. + +This is the guts of pcmk__tls_client_handshake, broken out into a +separate function that doesn't loop which can be reused elsewhere. +pcmk__tls_client_handshake can then be reimplemented in terms of this +new function. +--- + include/crm/common/remote_internal.h | 13 ++++++ + lib/common/remote.c | 59 +++++++++++++++++----------- + 2 files changed, 50 insertions(+), 22 deletions(-) + +diff --git a/include/crm/common/remote_internal.h b/include/crm/common/remote_internal.h +index a6a0a0a152..0ce4208cd1 100644 +--- a/include/crm/common/remote_internal.h ++++ b/include/crm/common/remote_internal.h +@@ -84,6 +84,19 @@ gnutls_session_t *pcmk__new_tls_session(int csock, unsigned int conn_type, + int pcmk__init_tls_dh(gnutls_dh_params_t *dh_params); + int pcmk__read_handshake_data(const pcmk__client_t *client); + ++/*! ++ * \internal ++ * \brief Make a single attempt to perform the client TLS handshake ++ * ++ * \param[in,out] remote Newly established remote connection ++ * \param[out] gnutls_rc If this is non-NULL, it will be set to the GnuTLS ++ * rc (for logging) if this function returns EPROTO, ++ * otherwise GNUTLS_E_SUCCESS ++ * ++ * \return Standard Pacemaker return code ++ */ ++int pcmk__tls_client_try_handshake(pcmk__remote_t *remote, int *gnutls_rc); ++ + /*! + * \internal + * \brief Perform client TLS handshake after establishing TCP socket +diff --git a/lib/common/remote.c b/lib/common/remote.c +index 0974ccfb1d..b28b782fa1 100644 +--- a/lib/common/remote.c ++++ b/lib/common/remote.c +@@ -129,36 +129,51 @@ localized_remote_header(pcmk__remote_t *remote) + #ifdef HAVE_GNUTLS_GNUTLS_H + + int +-pcmk__tls_client_handshake(pcmk__remote_t *remote, int timeout_sec, +- int *gnutls_rc) ++pcmk__tls_client_try_handshake(pcmk__remote_t *remote, int *gnutls_rc) + { +- const time_t time_limit = time(NULL) + timeout_sec; ++ int rc = pcmk_rc_ok; + + if (gnutls_rc != NULL) { + *gnutls_rc = GNUTLS_E_SUCCESS; + } ++ ++ rc = gnutls_handshake(*remote->tls_session); ++ ++ switch (rc) { ++ case GNUTLS_E_SUCCESS: ++ rc = pcmk_rc_ok; ++ break; ++ ++ case GNUTLS_E_INTERRUPTED: ++ case GNUTLS_E_AGAIN: ++ rc = EAGAIN; ++ break; ++ ++ default: ++ if (gnutls_rc != NULL) { ++ *gnutls_rc = rc; ++ } ++ ++ rc = EPROTO; ++ break; ++ } ++ ++ return rc; ++} ++ ++int pcmk__tls_client_handshake(pcmk__remote_t *remote, int timeout_sec, ++ int *gnutls_rc) ++{ ++ const time_t time_limit = time(NULL) + timeout_sec; ++ + do { +- int rc = gnutls_handshake(*remote->tls_session); +- +- switch (rc) { +- case GNUTLS_E_SUCCESS: +- return pcmk_rc_ok; +- +- case GNUTLS_E_INTERRUPTED: +- case GNUTLS_E_AGAIN: +- rc = pcmk__remote_ready(remote, 1000); +- if ((rc != pcmk_rc_ok) && (rc != ETIME)) { // Fatal error +- return rc; +- } +- break; +- +- default: +- if (gnutls_rc != NULL) { +- *gnutls_rc = rc; +- } +- return EPROTO; ++ int rc = pcmk__tls_client_try_handshake(remote, gnutls_rc); ++ ++ if (rc != EAGAIN) { ++ return rc; + } + } while (time(NULL) < time_limit); ++ + return ETIME; + } + +-- +2.33.1.windows.1 + diff --git a/pacemaker.spec b/pacemaker.spec index 018ba9b..bbe602c 100644 --- a/pacemaker.spec +++ b/pacemaker.spec @@ -17,7 +17,7 @@ ## can be incremented to build packages reliably considered "newer" ## than previously built packages with the same pcmkversion) %global pcmkversion 2.1.8 -%global specversion 5 +%global specversion 6 ## Upstream commit (full commit ID, abbreviated commit ID, or tag) to build %global commit 3980678f0372f2c7c294c01f61d63f0b2cafaad1 @@ -161,6 +161,8 @@ Patch5: backport-Refactor-libpacemaker-de-inline-pcmk__colocation_has.pat Patch6: backport-Log-various-ensure-there-are-spaces-around-CRM_XS.patch Patch7: backport-Log-pacemaker-based-client-name-can-be-NULL.patch Patch8: backport-Refactor-libcib-drop-op_common.patch +Patch9: backport-Refactor-libcrmcommon-Add-pcmk__tls_client_try_hands.patch +Patch10: backport-Low-tools-handle-orphans-when-outputting-node-histor.patch Requires: resource-agents Requires: %{pkgname_pcmk_libs} = %{version}-%{release} @@ -768,6 +770,10 @@ exit 0 %license %{nagios_name}-%{nagios_hash}/COPYING %changelog +* Thu Dec 12 2024 liupei - 2.1.8-6 +- Refactor: libcrmcommon: Add pcmk__tls_client_try_handshake. +- Low: tools: handle orphans when outputting node history in crm_mon + * Tue Dec 10 2024 bixiaoyan - 2.1.8-5 - Log: pacemaker-based: client name can be NULL - Refactor: libcib: drop op_common() -- Gitee