Fabrice Fontaine 2022-01-28 22:20:05 +01:00 committed by Peter Korsgaard
parent 714498eb29
commit 79f631000f
4 changed files with 2 additions and 81 deletions

View File

@ -1,34 +0,0 @@
From 3fd0c21e4f63ac0a52b5d7a09575f0f364972e4d Mon Sep 17 00:00:00 2001
From: Quentin Armitage <quentin@armitage.org.uk>
Date: Tue, 8 Jun 2021 08:57:45 +0100
Subject: [PATCH] core: Fix compiling on RHEL 9
Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
[Retrieved from:
https://github.com/acassen/keepalived/commit/3fd0c21e4f63ac0a52b5d7a09575f0f364972e4d]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
keepalived/core/layer4.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/keepalived/core/layer4.c b/keepalived/core/layer4.c
index d2cc971a3..fdca04913 100644
--- a/keepalived/core/layer4.c
+++ b/keepalived/core/layer4.c
@@ -27,13 +27,14 @@
#include <errno.h>
#include <unistd.h>
#include <fcntl.h>
+#include <netinet/in.h>
+#include <net/if.h>
#include <linux/icmp.h>
#include <linux/icmpv6.h>
#ifdef ERRQUEUE_NEEDS_SYS_TIME
#include <sys/time.h>
#endif
#include <linux/errqueue.h>
-#include <netinet/in.h>
#include "layer4.h"
#include "logger.h"

View File

@ -1,42 +0,0 @@
From 7977fec0be89ae6fe87405b3f8da2f0b5e415e3d Mon Sep 17 00:00:00 2001
From: Vincent Bernat <vincent@bernat.ch>
Date: Tue, 23 Nov 2021 06:50:59 +0100
Subject: [PATCH] dbus: fix policy to not be overly broad
The DBus policy did not restrict the message destination, allowing any
user to inspect and manipulate any property.
Signed-off-by: Vincent Bernat <vincent@bernat.ch>
[Retrieved from:
https://github.com/acassen/keepalived/commit/7977fec0be89ae6fe87405b3f8da2f0b5e415e3d]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
keepalived/dbus/org.keepalived.Vrrp1.conf | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/keepalived/dbus/org.keepalived.Vrrp1.conf b/keepalived/dbus/org.keepalived.Vrrp1.conf
index 2b78a575c..b5ced6085 100644
--- a/keepalived/dbus/org.keepalived.Vrrp1.conf
+++ b/keepalived/dbus/org.keepalived.Vrrp1.conf
@@ -3,12 +3,15 @@
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<policy user="root">
- <allow own="org.keepalived.Vrrp1"/>
- <allow send_destination="org.keepalived.Vrrp1"/>
+ <allow own="org.keepalived.Vrrp1" />
+ <allow send_destination="org.keepalived.Vrrp1" />
</policy>
<policy context="default">
- <allow send_interface="org.freedesktop.DBus.Introspectable" />
- <allow send_interface="org.freedesktop.DBus.Peer" />
- <allow send_interface="org.freedesktop.DBus.Properties" />
+ <allow send_destination="org.keepalived.Vrrp1"
+ send_interface="org.freedesktop.DBus.Introspectable" />
+ <allow send_destination="org.keepalived.Vrrp1"
+ send_interface="org.freedesktop.DBus.Peer" />
+ <allow send_destination="org.keepalived.Vrrp1"
+ send_interface="org.freedesktop.DBus.Properties" />
</policy>
</busconfig>

View File

@ -1,3 +1,3 @@
# Locally calculated
sha256 245bf399e4320064996ac5507236a8896f545d005f6c4c3b91701bcbc5728c60 keepalived-2.1.4.tar.gz
sha256 c61940d874154a560a54627ecf7ef47adebdf832164368d10bf242a4d9b7d49d keepalived-2.2.7.tar.gz
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING

View File

@ -4,7 +4,7 @@
#
################################################################################
KEEPALIVED_VERSION = 2.1.4
KEEPALIVED_VERSION = 2.2.7
KEEPALIVED_SITE = http://www.keepalived.org/software
KEEPALIVED_DEPENDENCIES = host-pkgconf openssl
KEEPALIVED_LICENSE = GPL-2.0+
@ -12,9 +12,6 @@ KEEPALIVED_LICENSE_FILES = COPYING
KEEPALIVED_CPE_ID_VENDOR = keepalived
KEEPALIVED_CONF_OPTS = --disable-hardening
# 0002-dbus-fix-policy-to-not-be-overly-broad.patch
KEEPALIVED_IGNORE_CVES += CVE-2021-44225
ifeq ($(BR2_PACKAGE_JSON_C),y)
KEEPALIVED_DEPENDENCIES += json-c
KEEPALIVED_CONF_OPTS += --enable-json