SLFO-pool/salt
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
57abbb2a8f
salt/use-adler32-algorithm-to-compute-string-checksums.patch

125 lines
3.7 KiB
Diff
Raw Normal View History

Sync from SUSE:SLFO:Main salt revision e2b3ae454b5ecd93e077fcfe287e4ca7
2024-05-04 00:27:45 +02:00
From ef6da7d43fcf51a7d705422624c1e7a94b1297f2 Mon Sep 17 00:00:00 2001
From: Alexander Graul <agraul@suse.com>
Date: Tue, 18 Jan 2022 16:36:57 +0100
Subject: [PATCH] Use Adler32 algorithm to compute string checksums
Generate the same numeric value across all Python versions and platforms
Re-add getting hash by Python shell-out method
Add an option to choose between default hashing, Adler32 or CRC32 algorithms
Set default config option for server_id hashing to False on minion
Choose CRC method, default to faster but less reliable "adler32", if crc is in use
Add warning for Sodium.
Move server_id deprecation warning to reduce log spamming (bsc#1135567) (bsc#1135732)
Remove deprecated warning that breaks miniion execution when "server_id_use_crc" opts are missing
---
salt/config/__init__.py | 4 ++++
salt/grains/core.py | 48 +++++++++++++++++++++++++++++++++++++----
2 files changed, 48 insertions(+), 4 deletions(-)
diff --git a/salt/config/__init__.py b/salt/config/__init__.py
index 1632663474..43182f3f92 100644
--- a/salt/config/__init__.py
+++ b/salt/config/__init__.py
@@ -991,6 +991,9 @@ VALID_OPTS = immutabletypes.freeze(
"maintenance_interval": int,
# Fileserver process restart interval
"fileserver_interval": int,
+ # Use Adler32 hashing algorithm for server_id (default False until Sodium, "adler32" after)
+ # Possible values are: False, adler32, crc32
+ "server_id_use_crc": (bool, str),
}
)
@@ -1296,6 +1299,7 @@ DEFAULT_MINION_OPTS = immutabletypes.freeze(
"global_state_conditions": None,
"reactor_niceness": None,
"fips_mode": False,
+ "server_id_use_crc": False,
}
)
diff --git a/salt/grains/core.py b/salt/grains/core.py
index 1199ad274f..5c12556346 100644
--- a/salt/grains/core.py
+++ b/salt/grains/core.py
@@ -21,6 +21,7 @@ import subprocess
import sys
import time
import uuid
+import zlib
from errno import EACCES, EPERM
import salt.exceptions
@@ -3382,6 +3383,36 @@ def _hw_data(osdata):
return grains
+def _get_hash_by_shell():
+ """
+ Shell-out Python 3 for compute reliable hash
+ :return:
+ """
+ id_ = __opts__.get("id", "")
+ id_hash = None
+ py_ver = sys.version_info[:2]
+ if py_ver >= (3, 3):
+ # Python 3.3 enabled hash randomization, so we need to shell out to get
+ # a reliable hash.
+ id_hash = __salt__["cmd.run"](
+ [sys.executable, "-c", 'print(hash("{}"))'.format(id_)],
+ env={"PYTHONHASHSEED": "0"},
+ )
+ try:
+ id_hash = int(id_hash)
+ except (TypeError, ValueError):
+ log.debug(
+ "Failed to hash the ID to get the server_id grain. Result of hash command: %s",
+ id_hash,
+ )
+ id_hash = None
+ if id_hash is None:
+ # Python < 3.3 or error encountered above
+ id_hash = hash(id_)
+
+ return abs(id_hash % (2 ** 31))
+
+
def get_server_id():
"""
Provides an integer based on the FQDN of a machine.
@@ -3392,10 +3423,19 @@ def get_server_id():
# server_id
if salt.utils.platform.is_proxy():
- return {}
- id_ = __opts__.get("id", "")
- hash_ = int(hashlib.sha256(id_.encode()).hexdigest(), 16)
- return {"server_id": abs(hash_ % (2**31))}
+ server_id = {}
+ else:
+ use_crc = __opts__.get("server_id_use_crc")
+ if bool(use_crc):
+ id_hash = (
+ getattr(zlib, use_crc, zlib.adler32)(__opts__.get("id", "").encode())
+ & 0xFFFFFFFF
+ )
+ else:
+ id_hash = _get_hash_by_shell()
+ server_id = {"server_id": id_hash}
+
+ return server_id
def get_master():
--
2.39.2
Reference in New Issue Copy Permalink