Sync from SUSE:ALP:Source:Standard:1.0 libnbd revision 6f443ad15f648e0e0ed4184168b14ee9
This commit is contained in:
commit
08b6d4a6a2
23
.gitattributes
vendored
Normal file
23
.gitattributes
vendored
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
## Default LFS
|
||||||
|
*.7z filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.bsp filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.bz2 filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.gem filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.gz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.jar filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.lz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.lzma filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.obscpio filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.oxt filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.pdf filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.png filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.rpm filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.tbz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.tbz2 filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.tgz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.ttf filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.txz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.whl filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.xz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.zip filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.zst filter=lfs diff=lfs merge=lfs -text
|
82
4451e5b6-CVE-2023-5871.patch
Normal file
82
4451e5b6-CVE-2023-5871.patch
Normal file
@ -0,0 +1,82 @@
|
|||||||
|
commit 4451e5b61ca07771ceef3e012223779e7a0c7701
|
||||||
|
Author: Eric Blake <eblake@redhat.com>
|
||||||
|
Date: Mon Oct 30 12:50:53 2023 -0500
|
||||||
|
|
||||||
|
generator: Fix assertion in ext-mode BLOCK_STATUS, CVE-2023-5871
|
||||||
|
|
||||||
|
Another round of fuzz testing revealed that when a server negotiates
|
||||||
|
extended headers and replies with a 64-bit flag value where the client
|
||||||
|
used the 32-bit API command, we were correctly flagging the server's
|
||||||
|
response as being an EOVERFLOW condition, but then immediately failing
|
||||||
|
in an assertion failure instead of reporting it to the application.
|
||||||
|
|
||||||
|
The following one-byte change to qemu.git at commit fd9a38fd43 allows
|
||||||
|
the creation of an intentionally malicious server:
|
||||||
|
|
||||||
|
| diff --git i/nbd/server.c w/nbd/server.c
|
||||||
|
| index 859c163d19f..32e1e771a95 100644
|
||||||
|
| --- i/nbd/server.c
|
||||||
|
| +++ w/nbd/server.c
|
||||||
|
| @@ -2178,7 +2178,7 @@ static void nbd_extent_array_convert_to_be(NBDExtentArray *ea)
|
||||||
|
|
|
||||||
|
| for (i = 0; i < ea->count; i++) {
|
||||||
|
| ea->extents[i].length = cpu_to_be64(ea->extents[i].length);
|
||||||
|
| - ea->extents[i].flags = cpu_to_be64(ea->extents[i].flags);
|
||||||
|
| + ea->extents[i].flags = ~cpu_to_be64(ea->extents[i].flags);
|
||||||
|
| }
|
||||||
|
| }
|
||||||
|
|
||||||
|
and can then be detected with the following command line:
|
||||||
|
|
||||||
|
$ nbdsh -c - <<\EOF
|
||||||
|
> def f(a,b,c,d):
|
||||||
|
> pass
|
||||||
|
>
|
||||||
|
> h.connect_systemd_socket_activation(["/path/to/bad/qemu-nbd",
|
||||||
|
> "-r", "-f", "raw", "TODO"])
|
||||||
|
> h.block_staus(h.get_size(), 0, f)
|
||||||
|
> EOF
|
||||||
|
nbdsh: generator/states-reply-chunk.c:626: enter_STATE_REPLY_CHUNK_REPLY_RECV_BS_ENTRIES: Assertion `(len | flags) <= UINT32_MAX' failed.
|
||||||
|
Aborted (core dumped)
|
||||||
|
|
||||||
|
whereas a fixed libnbd will give:
|
||||||
|
|
||||||
|
nbdsh: command line script failed: nbd_block_status: block-status: command failed: Value too large for defined data type
|
||||||
|
|
||||||
|
We can either relax the assertion (by changing to 'assert ((len |
|
||||||
|
flags) <= UINT32_MAX || cmd->error)'), or intentionally truncate flags
|
||||||
|
to make the existing assertion reliable. This patch goes with the
|
||||||
|
latter approach.
|
||||||
|
|
||||||
|
Sadly, this crash is possible in all existing 1.18.x stable releases,
|
||||||
|
if they were built with assertions enabled (most distros do this by
|
||||||
|
default), meaning a malicious server has an easy way to cause a Denial
|
||||||
|
of Service attack by triggering the assertion failure in vulnerable
|
||||||
|
clients, so we have assigned this CVE-2023-5871. Mitigating factors:
|
||||||
|
the crash only happens for a server that sends a 64-bit status block
|
||||||
|
reply (no known production servers do so; qemu 8.2 will be the first
|
||||||
|
known server to support extended headers, but it is not yet released);
|
||||||
|
and as usual, a client can use TLS to guarantee it is connecting only
|
||||||
|
to a known-safe server. If libnbd is compiled without assertions,
|
||||||
|
there is no crash or other mistaken behavior; and when assertions are
|
||||||
|
enabled, the attacker cannot accomplish anything more than a denial of
|
||||||
|
service.
|
||||||
|
|
||||||
|
Reported-by: Richard W.M. Jones <rjones@redhat.com>
|
||||||
|
Fixes: 20dadb0e10 ("generator: Prepare for extent64 callback", v1.17.4)
|
||||||
|
Signed-off-by: Eric Blake <eblake@redhat.com>
|
||||||
|
(cherry picked from commit 177308adb17e81fce7c0f2b2fcf655c5c0b6a4d6)
|
||||||
|
Signed-off-by: Eric Blake <eblake@redhat.com>
|
||||||
|
|
||||||
|
Index: libnbd-1.18.1/generator/states-reply-chunk.c
|
||||||
|
===================================================================
|
||||||
|
--- libnbd-1.18.1.orig/generator/states-reply-chunk.c
|
||||||
|
+++ libnbd-1.18.1/generator/states-reply-chunk.c
|
||||||
|
@@ -600,6 +600,7 @@ STATE_MACHINE {
|
||||||
|
break; /* Skip this and later extents; we already made progress */
|
||||||
|
/* Expose this extent as an error; we made no progress */
|
||||||
|
cmd->error = cmd->error ? : EOVERFLOW;
|
||||||
|
+ flags = (uint32_t)flags;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
18
_service
Normal file
18
_service
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
<services>
|
||||||
|
<service name="tar_scm" mode="disabled">
|
||||||
|
<param name="filename">libnbd</param>
|
||||||
|
<param name="revision">v1.18.1</param>
|
||||||
|
<param name="scm">git</param>
|
||||||
|
<param name="submodules">disable</param>
|
||||||
|
<param name="url">https://gitlab.com/nbdkit/libnbd.git</param>
|
||||||
|
<param name="versionformat">@PARENT_TAG@</param>
|
||||||
|
<param name="versionrewrite-pattern">[v]?([^\+]+)(.*)</param>
|
||||||
|
<param name="versionrewrite-replacement">\1</param>
|
||||||
|
<param name="changesgenerate">enable</param>
|
||||||
|
</service>
|
||||||
|
<service name="recompress" mode="disabled">
|
||||||
|
<param name="file">*.tar</param>
|
||||||
|
<param name="compression">bz2</param>
|
||||||
|
</service>
|
||||||
|
<service name="set_version" mode="disabled"/>
|
||||||
|
</services>
|
4
_servicedata
Normal file
4
_servicedata
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<servicedata>
|
||||||
|
<service name="tar_scm">
|
||||||
|
<param name="url">https://gitlab.com/nbdkit/libnbd.git</param>
|
||||||
|
<param name="changesrevision">ebadf0df2122edb99361c66f78ac1f90f1500f96</param></service></servicedata>
|
BIN
libnbd-1.18.1.tar.bz2
(Stored with Git LFS)
Normal file
BIN
libnbd-1.18.1.tar.bz2
(Stored with Git LFS)
Normal file
Binary file not shown.
367
libnbd.changes
Normal file
367
libnbd.changes
Normal file
@ -0,0 +1,367 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Nov 13 21:15:40 UTC 2023 - James Fehlig <jfehlig@suse.com>
|
||||||
|
|
||||||
|
- Fix assertion in ext-mode BLOCK_STATUS, CVE-2023-5871
|
||||||
|
4451e5b6-CVE-2023-5871.patch
|
||||||
|
bsc#1216769
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Oct 25 19:29:55 UTC 2023 - jfehlig@suse.com
|
||||||
|
|
||||||
|
- Update to version 1.18.1:
|
||||||
|
* Version 1.18.1.
|
||||||
|
* rust: Use string_starts_with instead of String.starts_with
|
||||||
|
* rust: Build the examples
|
||||||
|
* rust: Write a custom translator from POD to rustdoc
|
||||||
|
* rust: Add overview documentation
|
||||||
|
* rust: Annotate 'endif' with corresponding label
|
||||||
|
* utils: Slightly simplify human_size()
|
||||||
|
* docs: Assign CVE-2023-5215 to nbd_get_size negative result issue
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Sep 29 17:22:47 UTC 2023 - jfehlig@suse.com
|
||||||
|
|
||||||
|
- Update to version 1.18.0:
|
||||||
|
* CVE-2023-5215 (bsc#1215799)
|
||||||
|
* docs: Add link to nbd_get_size announcement in release notes
|
||||||
|
* docs: Add URL to list post on nbd_get_size security
|
||||||
|
* docs: Update release notes for nbd_get_size backport to 1.16.5
|
||||||
|
* docs: Finalize release notes for release tomorrow
|
||||||
|
* dump: Add more examples of running subprocesses from nbddump
|
||||||
|
* info: Tolerate missing size
|
||||||
|
* block_status: Fix assertion on bad 64-bit block status reply
|
||||||
|
* block_status: Fix assertion with large server size
|
||||||
|
* api: Sanitize sizes larger than INT64_MAX
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Mar 23 16:15:44 UTC 2023 - Martin Liška <mliska@suse.cz>
|
||||||
|
|
||||||
|
- Enable LTO as it works fine.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Oct 13 21:25:07 UTC 2022 - jfehlig@suse.com
|
||||||
|
|
||||||
|
- Update to version 1.14.1:
|
||||||
|
* Version 1.14.1.
|
||||||
|
* copy/copy-file-to-qcow2-compressed.sh: Alternate test for compressed clusters
|
||||||
|
* ci: Expire artifacts after 1 week
|
||||||
|
* sh: Add workaround for macOS SIP DYLD_* environment sanitiser
|
||||||
|
* info: Tone down the colours in nbdinfo normal output
|
||||||
|
* tests/make-pki.sh: Use Subject Alternative Name for server certificate
|
||||||
|
* info: Improve error message when the export may be unknown to the server
|
||||||
|
* info: Add limited colourized output
|
||||||
|
* dump: Move ANSI colours to separate library under common/include
|
||||||
|
* Version 1.14.0.
|
||||||
|
* docs: Finalize release notes for 1.14
|
||||||
|
* Version 1.13.9.
|
||||||
|
* build: Document gmake instead of make on *BSD, macOS
|
||||||
|
* build: Use GNUTLS_CFLAGS when checking for <gnutls/socket.h>
|
||||||
|
* build: Remove use of $^
|
||||||
|
* copy: Skip compressed qcow2 test on older qemu-nbd
|
||||||
|
* interop: Skip interop-qemu-nbd-tls-psk if qemu-nbd doesn't support PSK
|
||||||
|
* tests: Check nbdkit supports --tls-verify-peer before using
|
||||||
|
* docs: Document signal handling
|
||||||
|
* generator: Set SO_NOSIGPIPE on sockets
|
||||||
|
* lib/crypto: Use GNUTLS_NO_SIGNAL if available
|
||||||
|
* docs: Add outline release notes for libnbd 1.14
|
||||||
|
* lib/crypto.c: Ignore TLS premature termination after write shutdown
|
||||||
|
* lib/crypto.c: Check for <gnutls/socket.h> before including
|
||||||
|
* Version 1.13.8.
|
||||||
|
* generator: Add README.state-machine.md to EXTRA_DIST
|
||||||
|
* generator: Fix reentry to REPLY.START when recv returns EAGAIN
|
||||||
|
* generator: Move state machine documentation to a README file
|
||||||
|
* tests: Avoid bash namerefs, for RHEL 7
|
||||||
|
* tests: Better quoting for cleanup_fn
|
||||||
|
* Version 1.13.7.
|
||||||
|
* configure: Document --with-* flags that require a parameter
|
||||||
|
* copy: Remove advice about using nbdcopy + cmp to compare NBD sources
|
||||||
|
* build: Print full versions of nbdkit and qemu-nbd
|
||||||
|
* tests: Add tests/connect-uri-nbd-vsock.sh to EXTRA_DIST
|
||||||
|
* tests: Test nbd+vsock:// support
|
||||||
|
* lib/uri.c: Don't corrupt memory on error path
|
||||||
|
* info/show.c: Don't misuse nbd_get_error or leak nbd_get_export_name
|
||||||
|
* fuzzing/libnbd-fuzz-wrapper.c: Fix loop condition
|
||||||
|
* fuse: Check return value from nbd_poll
|
||||||
|
* examples/batched-read-write.c: Use _exit in signal handler
|
||||||
|
* copy: Remove dead store
|
||||||
|
* Version 1.13.6.
|
||||||
|
* configure: Add status of interop and examples
|
||||||
|
* configure: Print the versions of certain external libraries
|
||||||
|
* configure: Check for nbdkit-file-plugin
|
||||||
|
* configure: Make the 'feature' function print the dots
|
||||||
|
* ci: Update generated files
|
||||||
|
* copy: Assert that request size is not too large
|
||||||
|
* copy: Force block size, request size and sparse size to be powers of 2
|
||||||
|
* copy/copy-file-to-qcow2-compressed.sh: Break up long lines
|
||||||
|
* Use ARRAY_SIZE macro in a few places in libnbd
|
||||||
|
* common/include: Rename BUILD_BUG_ON_ZERO to something more meaningful
|
||||||
|
* common/include/test-array-size.c: Avoid Clang warning
|
||||||
|
* common/include: Add ARRAY_SIZE macro
|
||||||
|
* dump: Add another example to the manual
|
||||||
|
* Version 1.13.5.
|
||||||
|
* copy: Use preferred block size for copying
|
||||||
|
* copy: Store the preferred block size in the operations struct
|
||||||
|
* dump/dump-data.sh: Test requires nbdkit 1.22
|
||||||
|
* dump: Fix tests on Debian 10
|
||||||
|
* dump: Fix build on i686
|
||||||
|
* dump: Visually separate columns 0-7 and 8-15
|
||||||
|
* Version 1.13.4.
|
||||||
|
* Add nbddump tool
|
||||||
|
* copy/nbd-ops.c: Fix whitespace for indentation
|
||||||
|
* copy/nbd-ops.c: Move related extents functions together
|
||||||
|
* lib: Display kTLS status
|
||||||
|
* copy: Print program name in some error messages
|
||||||
|
* Version 1.13.3.
|
||||||
|
* python: Allow control over copy/share of nbd.Buffer
|
||||||
|
* valgrind: Update comment about valgrind bug affecting OCaml
|
||||||
|
* ocaml: Add further valgrind suppression
|
||||||
|
* ocaml: Add valgrind suppression for OCaml 4.14 bug
|
||||||
|
* Version 1.13.2.
|
||||||
|
* python: Fix code style in the tests
|
||||||
|
* python: Slice structured read callback buffer from original
|
||||||
|
* python: Support len(nbd.Buffer(n))
|
||||||
|
* python: Accept all buffer-like objects in aio_p{read,write}
|
||||||
|
* python: Alter lock for persistent buffer
|
||||||
|
* python: Simplify passing of mutable *error to callbacks
|
||||||
|
* python: Whitespace cleanup
|
||||||
|
* python: Correctly use PyGILState
|
||||||
|
* Version 1.13.1.
|
||||||
|
* golang: aio_buffer.go: Explicit panic() on invalid usage
|
||||||
|
* golang: Whitespace change caused by gofmt
|
||||||
|
* golang: Add some more debug environment variables
|
||||||
|
* python: Another format tweak to generated code
|
||||||
|
* python: Make nbd.Buffer lighter-weight
|
||||||
|
* python: Simplify python generator
|
||||||
|
* python: Don't unwrap nbd.Buffer in nbd.py
|
||||||
|
* python: Make py_aio_buffer a private struct
|
||||||
|
* python: Reformat generated methods.c in a few places
|
||||||
|
* python: Enhance tests of nbd.Buffer
|
||||||
|
* python: Plug uninit leak in nbd.Buffer.to_bytearray
|
||||||
|
* python: Improve doc comments for nbd.py
|
||||||
|
* python: Drop pointless (char*)"..." cast
|
||||||
|
* python: Avoid memleak on (unlikely) module failure
|
||||||
|
* api: Tighter checking of structured read replies
|
||||||
|
* Fix small whitespace problem in README.md
|
||||||
|
* Change README to use markdown
|
||||||
|
* python: Speed up pread
|
||||||
|
* api: Speed up nbd_pread_structured when reading holes
|
||||||
|
* ci: Rebuild containers
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Jul 8 17:59:24 UTC 2022 - James Fehlig <jfehlig@suse.com>
|
||||||
|
|
||||||
|
- Update to version 1.12.4:
|
||||||
|
* python: Correctly use PyGILState
|
||||||
|
* olang: aio_buffer.go: Explicit panic() on invalid usage
|
||||||
|
* python: Enhance tests of nbd.Buffer
|
||||||
|
* python: Plug uninit leak in nbd.Buffer.to_bytearray
|
||||||
|
* python: Avoid memleak on (unlikely) module failure
|
||||||
|
* python: Accept buffers in nbd.Buffer.from_bytearray()
|
||||||
|
- Enable building python module and utilities
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue May 24 16:31:09 UTC 2022 - James Fehlig <jfehlig@suse.com>
|
||||||
|
|
||||||
|
- Adjust _service file to coincide with recent manual update to
|
||||||
|
version 1.12.2
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon May 16 10:35:34 MDT 2022 - carnold@suse.com
|
||||||
|
|
||||||
|
- Update to version 1.12.2:
|
||||||
|
* Version 1.12.2.
|
||||||
|
* Fix for CVE-2022-0485 Silent data corruption when using
|
||||||
|
nbdcopy(1).
|
||||||
|
* New APIs
|
||||||
|
get_pread_initialize
|
||||||
|
set_pread_initialize
|
||||||
|
Control whether libnbd clears the pread buffer to avoid
|
||||||
|
leaking memory contents if the client does not properly
|
||||||
|
handle errors. These were added as part of the fix for
|
||||||
|
CVE-2022-0485 (Eric Blake).
|
||||||
|
get_request_block_size
|
||||||
|
set_request_block_size
|
||||||
|
Control whether libnbd requests block size constraints from
|
||||||
|
the server during negotiation (Eric Blake).
|
||||||
|
* Error messages about incorrect URIs in nbd_connect_uri(3) have
|
||||||
|
been improved to make common mistakes clearer for the user.
|
||||||
|
* New syntax: nbdinfo [ CMD ... ] allowing you to query the
|
||||||
|
properties of an NBD server directly.
|
||||||
|
* nbdcopy(1) new --queue-size option to control the maximum
|
||||||
|
size of the internal buffer (Nir Soffer).
|
||||||
|
* nbdcopy(1) now names the source and destination handles to
|
||||||
|
make it easier to understand debug output.
|
||||||
|
* New OCaml NBD.with_handle helper which ensures that NBD.close
|
||||||
|
is always called even if the inner code throws an exception.
|
||||||
|
* The OCaml bindings now consistently use the correct types for
|
||||||
|
buffer sizes everywhere (Laszlo Ersek).
|
||||||
|
* Several improvements and fixes to the golang bindings and
|
||||||
|
tests. The golang bindings have been relicensed to LGPLv2+
|
||||||
|
like the rest of the library and are now published as a golang
|
||||||
|
module at https://libguestfs.org/libnbd (Nir Soffer).
|
||||||
|
* The Python bindings no longer crash if you pass None in place
|
||||||
|
of a buffer parameter. In addition some memory leaks were fixed
|
||||||
|
(Eric Blake).
|
||||||
|
* Various memory leaks have been fixed when using the optional
|
||||||
|
strict_mode settings (Eric Blake).
|
||||||
|
* The performance of the internal vector library has been
|
||||||
|
improved greatly and overflow is now handled correctly
|
||||||
|
(Nir Soffer, Laszlo Ersek and Eric Blake).
|
||||||
|
* Add simple_copy and aio_copy Golang examples (Nir Soffer).
|
||||||
|
* Error handling was reviewed and fixed across many of the
|
||||||
|
example programs and documentation (Eric Blake, Nir Soffer).
|
||||||
|
* Simplify and optimize handling of the extents callback in
|
||||||
|
Golang (Nir Soffer).
|
||||||
|
* Golang AioBuffer was enhanced, making it safer to use, faster
|
||||||
|
and adding documentation (Nir Soffer).
|
||||||
|
* Other fixes to Tests, Documentation, and Build.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu May 12 16:25:41 MDT 2022 - carnold@suse.com
|
||||||
|
|
||||||
|
- Enable building the ocaml bindings for libnbd.
|
||||||
|
virt-v2v has added a dependency on ocaml bindings from libnbd
|
||||||
|
beginning with virt-v2v version 2.0.0.
|
||||||
|
libnbd.spec
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Feb 08 16:46:29 UTC 2022 - jfehlig@suse.com
|
||||||
|
|
||||||
|
- Update to version 1.10.4:
|
||||||
|
* Version 1.10.4.
|
||||||
|
* copy: CVE-2022-0485: Fail nbdcopy if NBD read or write fails (bsc#1195636)
|
||||||
|
* copy: Pass in dummy variable rather than &errno to callback
|
||||||
|
* docs: Clarify how callbacks should handle errors
|
||||||
|
* ocaml: tests: Fix error handling
|
||||||
|
* python: tests: Fix error handling
|
||||||
|
* ocaml/helpers.c: Rearrange Assert_failure check
|
||||||
|
* golang: tests: Fix error handling
|
||||||
|
* docs: Fix typo in callback docs
|
||||||
|
* ocaml: Update comment
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Aug 25 23:00:54 UTC 2021 - jfehlig@suse.com
|
||||||
|
|
||||||
|
- Update to version 1.9.3:
|
||||||
|
* Version 1.9.3.
|
||||||
|
* maint: Modernize configure.ac to silence autoreconf warnings
|
||||||
|
* maint: Update to latest ax_pthread.m4
|
||||||
|
* copy: Avoid potential divide by zero when source size is zero
|
||||||
|
* copy: Test corner case of copying from zero-sized source
|
||||||
|
* copy: Fix progress bar
|
||||||
|
* Update CI files once more
|
||||||
|
* ci: Allow failure when building fedora rawhide container
|
||||||
|
* ci: Consolidate refresh scripts
|
||||||
|
* macOS: Simple cloexec/nonblock fix
|
||||||
|
* info: Require can_cache for info-can.sh
|
||||||
|
* CI: Add testing on Alpine
|
||||||
|
* Update CI files
|
||||||
|
* macOS: Do not use --version_script
|
||||||
|
* One more VSOCK include fix
|
||||||
|
* m4: Remove *~ on make clean
|
||||||
|
* ci: Rework the build script to run check-valgrind properly
|
||||||
|
* fuse: move check-valgrind out from condition
|
||||||
|
* qemu-storage-daemon 5.2.0 is still broken
|
||||||
|
* Version 1.9.2.
|
||||||
|
* python: Add missing test file to EXTRA_DIST
|
||||||
|
* build: Warn about large stack frames
|
||||||
|
* configure: Add a macro to test if compiler -W warning flags work
|
||||||
|
* lib/uri.c: nbd_get_uri: Do not translate port name into service
|
||||||
|
* python: Implement nbd.aio_connect for AF_UNIX
|
||||||
|
* bash: Generate completion files during build
|
||||||
|
* info: Add percentage after field in --map --totals
|
||||||
|
* info: Add --can|--is options to test for NBD flags
|
||||||
|
* info: Add --map --totals sub-mode to display summary of map
|
||||||
|
* info: Don't print extra trailing \n after output
|
||||||
|
* fuse: Tidy up MODES section of the documentation
|
||||||
|
* fuse: Note in docs that read-only server implies -r flag
|
||||||
|
* fuse: Improve documentation on the thread model
|
||||||
|
* fuse: Update comment as we expect zero support to be present in 5.14
|
||||||
|
* copy: Set default request-size to 2**18 (262144 bytes)
|
||||||
|
* copy/copy-sparse-no-extents.sh: Set request-size explicitly
|
||||||
|
* maint: Untabify configure.ac
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Jul 01 14:37:03 UTC 2021 - jfehlig@suse.com
|
||||||
|
|
||||||
|
- Update to version 1.9.1:
|
||||||
|
* Version 1.9.1.
|
||||||
|
* ci: Update build files
|
||||||
|
* ci: Also perform `brew upgrade` on MacOS
|
||||||
|
* ci: Only run `make check` on Linux
|
||||||
|
* ci: Skip some broken tests/distro combinations
|
||||||
|
* ci: Rename build_script.sh to just build.sh
|
||||||
|
* ci: Add support for test skipping
|
||||||
|
* ci: Some build script fixes
|
||||||
|
* ci: Fix run commands in README
|
||||||
|
* ci: Add support for FreeBSD-13.0
|
||||||
|
* ci: Remove debian-10-clang build
|
||||||
|
* ci: Remove cross-compilation targets
|
||||||
|
* ci: Change docker driver and archive logs
|
||||||
|
* tests: Rename version to get-version
|
||||||
|
* tests: Do not use magic parameter for some nbdkit plugins
|
||||||
|
* tests: Require cap_sys_admin where root is required
|
||||||
|
* tests: Fix port randomisation
|
||||||
|
* tests: Enhance fuse probing
|
||||||
|
* tests: Clean up qemu-nbd detection
|
||||||
|
* tests: Fix hexdump probing
|
||||||
|
* interop: Do not test against broken qemu-storage-daemon
|
||||||
|
* fuse: Only support defined fallocate modes
|
||||||
|
* Include sys/vsock.h if linux/vm_sockets.h is not available
|
||||||
|
* info: Avoid ambiguous 'allocated' terminology in --map
|
||||||
|
* run: Unset DEBUGINFOD_URLS
|
||||||
|
* ci/cirrus: Update system before doing anything else
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Jun 09 19:50:28 UTC 2021 - jfehlig@suse.com
|
||||||
|
|
||||||
|
- Update to version 1.8.0:
|
||||||
|
* Version 1.8.0.
|
||||||
|
* docs: Get release notes ready for a release today
|
||||||
|
* copy/copy-file-to-qcow2.sh: Skip this test for old qemu-nbd
|
||||||
|
* docs: Put links to release notes in a separate section
|
||||||
|
* docs: Add preliminary release notes for libnbd 1.8
|
||||||
|
* common/utils: Add test-vector.c (unit test for vectors) from nbdkit
|
||||||
|
* copy, fuse, info: Synchronize --help output with manual
|
||||||
|
* generator: Update copyright year in generated files.
|
||||||
|
* Update README
|
||||||
|
* Version 1.7.12.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Apr 14 01:04:29 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>
|
||||||
|
|
||||||
|
- Update to 1.7.7
|
||||||
|
* Fixed CVE-2021-20286
|
||||||
|
* Fix parsing and construction of IPv6 URIs
|
||||||
|
* New API nbd_get_uri to get an NBD URI for a connection
|
||||||
|
* Permit "see also" links to nbd_get_error and nbd_get_errno
|
||||||
|
* Avoid over-long lines in POD.
|
||||||
|
* Fix reporting of NBD URI support
|
||||||
|
* Let exit status reflect any failures during NBD_OPT_INFO
|
||||||
|
* Fix page eviction when len < page_size.
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Sun Mar 14 18:31:11 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
|
||||||
|
|
||||||
|
- Specfile modernization
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Feb 25 23:25:24 UTC 2021 - James Fehlig <jfehlig@suse.com>
|
||||||
|
|
||||||
|
- spec: Only enable system nbd interop tests if
|
||||||
|
suse_version >= 1550
|
||||||
|
|
||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Jan 26 23:36:04 UTC 2021 - jfehlig@suse.com
|
||||||
|
|
||||||
|
- Initial packaging of libnbd:
|
||||||
|
* Version 1.7.1.
|
||||||
|
* sh: Add NOTES section.
|
||||||
|
* copy: Update multi-conn documentation.
|
||||||
|
* sh: Arrange --opt-mode documentation in alphabetical order.
|
||||||
|
* python: Add example.
|
||||||
|
* copy: Fix initialization complaint with ancient GCC on RHEL 7.
|
||||||
|
* python: Fix Python style error.
|
||||||
|
* copy/file-ops.c: Small whitespace fix.
|
||||||
|
* copy/copy-nbd-to-sparse-file.sh: Skip test unless nbdkit available.
|
||||||
|
|
206
libnbd.spec
Normal file
206
libnbd.spec
Normal file
@ -0,0 +1,206 @@
|
|||||||
|
#
|
||||||
|
# spec file for package libnbd
|
||||||
|
#
|
||||||
|
# Copyright (c) 2023 SUSE LLC
|
||||||
|
#
|
||||||
|
# All modifications and additions to the file contributed by third parties
|
||||||
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
|
# upon. The license for this file, and modifications and additions to the
|
||||||
|
# file, is the same license as for the pristine package itself (unless the
|
||||||
|
# license for the pristine package is not an Open Source License, in which
|
||||||
|
# case the license is the MIT License). An "Open Source License" is a
|
||||||
|
# license that conforms to the Open Source Definition (Version 1.9)
|
||||||
|
# published by the Open Source Initiative.
|
||||||
|
|
||||||
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||||
|
#
|
||||||
|
|
||||||
|
|
||||||
|
%define sover 0
|
||||||
|
|
||||||
|
Name: libnbd
|
||||||
|
Version: 1.18.1
|
||||||
|
Release: 0
|
||||||
|
Summary: NBD client library in userspace
|
||||||
|
License: LGPL-2.1-or-later
|
||||||
|
URL: https://gitlab.com/nbdkit/libnbd
|
||||||
|
Source0: %{name}-%{version}.tar.bz2
|
||||||
|
Patch0: 4451e5b6-CVE-2023-5871.patch
|
||||||
|
BuildRequires: autoconf
|
||||||
|
BuildRequires: automake
|
||||||
|
BuildRequires: fdupes
|
||||||
|
BuildRequires: libtool
|
||||||
|
BuildRequires: ocaml-findlib
|
||||||
|
BuildRequires: pkg-config
|
||||||
|
BuildRequires: ocaml(compiler)
|
||||||
|
BuildRequires: perl(Pod::Man)
|
||||||
|
BuildRequires: perl(Pod::Simple)
|
||||||
|
BuildRequires: pkgconfig(bash-completion)
|
||||||
|
BuildRequires: pkgconfig(fuse3)
|
||||||
|
BuildRequires: pkgconfig(glib-2.0)
|
||||||
|
BuildRequires: pkgconfig(gnutls) >= 3.3.0
|
||||||
|
BuildRequires: pkgconfig(libxml-2.0)
|
||||||
|
BuildRequires: pkgconfig(python3)
|
||||||
|
Requires: libnbd%{sover} = %{version}
|
||||||
|
# Only for running the test suite.
|
||||||
|
BuildRequires: gcc-c++
|
||||||
|
BuildRequires: jq
|
||||||
|
%if 0%{?suse_version} >= 1550
|
||||||
|
BuildRequires: nbd
|
||||||
|
%endif
|
||||||
|
BuildRequires: qemu-tools
|
||||||
|
|
||||||
|
%description
|
||||||
|
NBD — Network Block Device — is a protocol for accessing Block Devices
|
||||||
|
(hard disks and disk-like things) over a Network.
|
||||||
|
|
||||||
|
This is the NBD client library in userspace, a simple library for
|
||||||
|
writing NBD clients.
|
||||||
|
|
||||||
|
The key features are:
|
||||||
|
|
||||||
|
* Synchronous and asynchronous APIs, both for ease of use and for
|
||||||
|
writing non-blocking, multithreaded clients.
|
||||||
|
|
||||||
|
* High performance.
|
||||||
|
|
||||||
|
* Minimal dependencies for the basic library.
|
||||||
|
|
||||||
|
* Well-documented, stable API.
|
||||||
|
|
||||||
|
* Bindings in several programming languages.
|
||||||
|
|
||||||
|
%package -n libnbd%{sover}
|
||||||
|
Summary: Core library for nbd
|
||||||
|
|
||||||
|
%description -n libnbd%{sover}
|
||||||
|
This is the NBD client library in userspace, a simple library for
|
||||||
|
writing NBD clients.
|
||||||
|
|
||||||
|
%package devel
|
||||||
|
Summary: Development headers for %{name}
|
||||||
|
Requires: libnbd%{sover} = %{version}-%{release}
|
||||||
|
|
||||||
|
%description devel
|
||||||
|
This package contains development headers for %{name}.
|
||||||
|
|
||||||
|
%package -n python3-%{name}
|
||||||
|
Summary: Python 3 bindings for %{name}
|
||||||
|
Requires: libnbd%{sover} = %{version}-%{release}
|
||||||
|
|
||||||
|
%description -n python3-%{name}
|
||||||
|
python3-%{name} contains Python 3 bindings for %{name}.
|
||||||
|
|
||||||
|
%package -n nbdfuse
|
||||||
|
Summary: FUSE support for %{name}
|
||||||
|
Requires: libnbd%{sover} = %{version}-%{release}
|
||||||
|
|
||||||
|
%description -n nbdfuse
|
||||||
|
This package contains FUSE support for %{name}.
|
||||||
|
|
||||||
|
%package bash-completion
|
||||||
|
Summary: Bash tab-completion for %{name}
|
||||||
|
BuildArch: noarch
|
||||||
|
Requires: bash-completion >= 2.0
|
||||||
|
Requires: libnbd%{sover} = %{version}-%{release}
|
||||||
|
|
||||||
|
%description bash-completion
|
||||||
|
Install this package if you want intelligent bash tab-completion
|
||||||
|
for %{name}.
|
||||||
|
|
||||||
|
%prep
|
||||||
|
%autosetup -p1
|
||||||
|
|
||||||
|
%build
|
||||||
|
%global _lto_cflags %{_lto_cflags} -ffat-lto-objects
|
||||||
|
autoreconf -fiv
|
||||||
|
%configure \
|
||||||
|
--enable-fuse \
|
||||||
|
--disable-golang \
|
||||||
|
PYTHON=%{__python3} \
|
||||||
|
--enable-python \
|
||||||
|
--disable-static \
|
||||||
|
%{nil}
|
||||||
|
|
||||||
|
%make_build
|
||||||
|
|
||||||
|
%install
|
||||||
|
%make_install
|
||||||
|
%fdupes %{buildroot}
|
||||||
|
# Delete libtool crap.
|
||||||
|
find "%{buildroot}" -name '*.la' -delete
|
||||||
|
|
||||||
|
# Delete the golang man page since we're not distributing the bindings.
|
||||||
|
rm %{buildroot}/%{_mandir}/man3/libnbd-golang.3*
|
||||||
|
|
||||||
|
%check
|
||||||
|
# All fuse tests fail in Koji with:
|
||||||
|
# fusermount: entry for fuse/test-*.d not found in /etc/mtab
|
||||||
|
# for unknown reasons but probably related to the Koji environment.
|
||||||
|
for f in fuse/test-*.sh; do
|
||||||
|
rm $f
|
||||||
|
touch $f
|
||||||
|
chmod +x $f
|
||||||
|
done
|
||||||
|
|
||||||
|
%make_build check || {
|
||||||
|
for f in $(find . -name test-suite.log); do
|
||||||
|
echo
|
||||||
|
echo "==== $f ===="
|
||||||
|
cat $f
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
%post -n libnbd%{sover} -p /sbin/ldconfig
|
||||||
|
%postun -n libnbd%{sover} -p /sbin/ldconfig
|
||||||
|
|
||||||
|
%files
|
||||||
|
%doc README.md
|
||||||
|
%{_bindir}/nbdcopy
|
||||||
|
%{_bindir}/nbddump
|
||||||
|
%{_bindir}/nbdinfo
|
||||||
|
%{_mandir}/man1/nbdcopy.1*
|
||||||
|
%{_mandir}/man1/nbddump.1*
|
||||||
|
%{_mandir}/man1/nbdinfo.1*
|
||||||
|
|
||||||
|
%files -n libnbd%{sover}
|
||||||
|
%license COPYING.LIB
|
||||||
|
%{_libdir}/libnbd.so.%{sover}
|
||||||
|
%{_libdir}/libnbd.so.%{sover}.*
|
||||||
|
%dir %{_libdir}/ocaml/nbd
|
||||||
|
%{_libdir}/ocaml/nbd/META
|
||||||
|
%{_libdir}/ocaml/nbd/NBD.cmi
|
||||||
|
%{_libdir}/ocaml/nbd/mlnbd.cma
|
||||||
|
%{_libdir}/ocaml/stublibs/dllmlnbd.so
|
||||||
|
%{_libdir}/ocaml/stublibs/dllmlnbd.so.owner
|
||||||
|
|
||||||
|
%files devel
|
||||||
|
%{_includedir}/libnbd.h
|
||||||
|
%{_libdir}/libnbd.so
|
||||||
|
%{_libdir}/pkgconfig/libnbd.pc
|
||||||
|
%{_libdir}/ocaml/nbd/NBD.cmx
|
||||||
|
%{_libdir}/ocaml/nbd/mlnbd.cmxa
|
||||||
|
%{_libdir}/ocaml/nbd/NBD.mli
|
||||||
|
%{_libdir}/ocaml/nbd/mlnbd.a
|
||||||
|
%{_libdir}/ocaml/nbd/libmlnbd.a
|
||||||
|
%{_mandir}/man3/libnbd.3*
|
||||||
|
%{_mandir}/man3/libnbd-ocaml.3.gz
|
||||||
|
%{_mandir}/man1/libnbd-release-notes-1.*.1*
|
||||||
|
%{_mandir}/man3/libnbd-security.3*
|
||||||
|
%{_mandir}/man3/nbd_*.3*
|
||||||
|
|
||||||
|
%files -n python3-%{name}
|
||||||
|
%{python3_sitearch}/libnbdmod*.so
|
||||||
|
%{python3_sitearch}/nbd.py
|
||||||
|
%{python3_sitearch}/nbdsh.py
|
||||||
|
%{_bindir}/nbdsh
|
||||||
|
%{_mandir}/man1/nbdsh.1*
|
||||||
|
|
||||||
|
%files -n nbdfuse
|
||||||
|
%{_bindir}/nbdfuse
|
||||||
|
%{_mandir}/man1/nbdfuse.1*
|
||||||
|
|
||||||
|
%files bash-completion
|
||||||
|
%{_datadir}/bash-completion
|
||||||
|
|
||||||
|
%changelog
|
Loading…
Reference in New Issue
Block a user