pool/cfengine
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 621849 from systemsmanagement

Browse Source 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/621849
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cfengine?expand=0&rev=72
This commit is contained in:
Dominique Leuenberger 2018-07-18 20:53:15 +00:00 committed by Git OBS Bridge
commit 5f8a451fc5
11 changed files with 753 additions and 1971 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
0001-Set-sys.bindir-to-usr-sbin-expect-cf-components-ther.patch
View File

@ -1,4 +1,4 @@
From a3126babc502c7e79b866c3db04e92bd7cfa7bbb Mon Sep 17 00:00:00 2001
From 7f0daf6cd3b6018c882c553ce0a3da51d47fec83 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkaempf@suse.de>
Date: Thu, 30 Jul 2015 10:48:47 +0200
Subject: [PATCH 1/3] Set sys.bindir to /usr/sbin, expect cf-*components there
@ -13,7 +13,7 @@ masterfiles/update/update_processes.cf:enable_cfengine_agents
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/libenv/sysinfo.c b/libenv/sysinfo.c
index 7c20d9263108..8bea42c7f7a7 100644
index 5447659da5e1..5715d9acc7b7 100644
--- a/libenv/sysinfo.c
+++ b/libenv/sysinfo.c
@@ -589,8 +589,7 @@ static void GetNameInfo3(EvalContext *ctx)
@ -45,5 +45,5 @@ index 7c20d9263108..8bea42c7f7a7 100644
if (stat(name, &sb) != -1)
--
2.15.0
2.17.1

20
0002-Simplify-and-fix-parsing-of-etc-SuSE-release-fixes-i.patch
View File

@ -1,4 +1,4 @@
From 7b2bde90b9499920872723c733aea202f044d709 Mon Sep 17 00:00:00 2001
From 35f37177192c77c66634346db354140b3c494dd0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkaempf@suse.de>
Date: Fri, 11 Apr 2014 09:25:05 +0200
Subject: [PATCH 2/3] Simplify and fix parsing of /etc/SuSE-release (fixes
@ -13,14 +13,14 @@ to achieve the following
first line of /etc/SuSE-release
- verified for sles version 9,10,11,12; sled versions 10,11,12, openSUSE 13.1
---
libenv/sysinfo.c | 187 ++++++++++++++++++-------------------------------------
libenv/sysinfo.c | 187 +++++++++++++++--------------------------------
1 file changed, 60 insertions(+), 127 deletions(-)
diff --git a/libenv/sysinfo.c b/libenv/sysinfo.c
index 8bea42c7f7a7..b8fc9c76cf65 100644
index 5715d9acc7b7..29b82b36807b 100644
--- a/libenv/sysinfo.c
+++ b/libenv/sysinfo.c
@@ -1822,6 +1822,7 @@ static int Linux_Suse_Version(EvalContext *ctx)
@@ -1954,6 +1954,7 @@ static int Linux_Suse_Version(EvalContext *ctx)
#define SUSE_RELEASE_FLAG "linux "
char classbuf[CF_MAXVARSIZE];
@ -28,7 +28,7 @@ index 8bea42c7f7a7..b8fc9c76cf65 100644
Log(LOG_LEVEL_VERBOSE, "This appears to be a SUSE system.");
EvalContextClassPutHard(ctx, "SUSE", "inventory,attribute_name=none,source=agent");
@@ -1841,23 +1842,26 @@ static int Linux_Suse_Version(EvalContext *ctx)
@@ -1973,23 +1974,26 @@ static int Linux_Suse_Version(EvalContext *ctx)
return 1;
}
@ -62,7 +62,7 @@ index 8bea42c7f7a7..b8fc9c76cf65 100644
}
}
if (ferror(fp))
@@ -1871,28 +1875,38 @@ static int Linux_Suse_Version(EvalContext *ctx)
@@ -2003,28 +2007,38 @@ static int Linux_Suse_Version(EvalContext *ctx)
fclose(fp);
@ -117,7 +117,7 @@ index 8bea42c7f7a7..b8fc9c76cf65 100644
{
Item *list, *ip;
@@ -1910,120 +1924,39 @@ static int Linux_Suse_Version(EvalContext *ctx)
@@ -2042,120 +2056,39 @@ static int Linux_Suse_Version(EvalContext *ctx)
}
else
{
@ -203,7 +203,7 @@ index 8bea42c7f7a7..b8fc9c76cf65 100644
- EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent");
- strcat(classbuf, "_");
- strcat(classbuf, strmajor);
- SetFlavour(ctx, classbuf);
- SetFlavor(ctx, classbuf);
- strcat(classbuf, "_");
- strcat(classbuf, strminor);
- EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent");
@ -241,7 +241,7 @@ index 8bea42c7f7a7..b8fc9c76cf65 100644
- EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent");
-
- snprintf(classbuf, CF_MAXVARSIZE, "SUSE_%d", major);
- SetFlavour(ctx, classbuf);
- SetFlavor(ctx, classbuf);
-
- /* The correct spelling for SUSE is "SUSE" but CFEngine used to use "SuSE".
- * Keep this for backwards compatibility until CFEngine 3.7
@ -262,5 +262,5 @@ index 8bea42c7f7a7..b8fc9c76cf65 100644
}
--
2.15.0
2.17.1

1902
0003-CFE-2629-Openssl-1.1-compatibility.patch
View File

File diff suppressed because it is too large Load Diff

662
0003-Reduce-string-truncation-warnings.patch Normal file
View File

@ -0,0 +1,662 @@
From be9783fd1ba5f5150fef1c95349192271942a478 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkaempf@suse.de>
Date: Tue, 3 Jul 2018 09:18:08 +0200
Subject: [PATCH 3/3] Reduce string truncation warnings
---
cf-agent/verify_databases.c | 18 ++++++-------
cf-agent/verify_exec.c | 4 +--
cf-agent/verify_packages.c | 2 +-
cf-execd/cf-execd-runner.c | 4 +--
cf-monitord/env_monitor.c | 8 +++---
cf-monitord/mon_network_sniffer.c | 6 ++---
cf-runagent/cf-runagent.c | 6 ++---
cf-serverd/server_common.c | 18 ++++++-------
libcfnet/client_protocol.c | 2 +-
libenv/sysinfo.c | 45 ++++++++++++++++---------------
libpromises/cf3globals.c | 2 +-
libpromises/cf3lex.l | 6 ++---
libpromises/cf3parse.y | 2 +-
libpromises/eval_context.c | 4 +--
libpromises/evalfunction.c | 2 +-
libpromises/expand.c | 2 +-
libpromises/keyring.c | 4 +--
libpromises/syslog_client.c | 2 +-
tests/unit/logging_test.c | 2 +-
tests/unit/set_domainname_test.c | 2 +-
20 files changed, 71 insertions(+), 70 deletions(-)
diff --git a/cf-agent/verify_databases.c b/cf-agent/verify_databases.c
index 704a938d1bc1..a60ccb9682a7 100644
--- a/cf-agent/verify_databases.c
+++ b/cf-agent/verify_databases.c
@@ -221,7 +221,7 @@ static PromiseResult VerifySQLPromise(EvalContext *ctx, Attributes a, const Prom
}
else
{
- snprintf(query, CF_MAXVARSIZE - 1, "%s.%s", database, table);
+ snprintf(query, sizeof(query) - 1, "%s.%s", database, table);
if (VerifyTablePromise(ctx, &cfdb, query, a.database.columns, a, pp, &result))
{
@@ -300,7 +300,7 @@ static int VerifyDatabasePromise(CfdbConn *cfdb, char *database, Attributes a)
if (((a.transaction.action) != cfa_warn) && (!DONTDO))
{
Log(LOG_LEVEL_VERBOSE, "Attempting to delete the database '%s'", database);
- snprintf(query, CF_MAXVARSIZE - 1, "drop database %s", database);
+ snprintf(query, sizeof(query) - 1, "drop database %s", database);
CfVoidQueryDB(cfdb, query);
return cfdb->result;
}
@@ -316,7 +316,7 @@ static int VerifyDatabasePromise(CfdbConn *cfdb, char *database, Attributes a)
if (((a.transaction.action) != cfa_warn) && (!DONTDO))
{
Log(LOG_LEVEL_VERBOSE, "Attempting to create the database '%s'", database);
- snprintf(query, CF_MAXVARSIZE - 1, "create database %s", database);
+ snprintf(query, sizeof(query) - 1, "create database %s", database);
CfVoidQueryDB(cfdb, query);
return cfdb->result;
}
@@ -499,7 +499,7 @@ static int ValidateRegistryPromiser(char *key, const Promise *pp)
static int VerifyTablePromise(EvalContext *ctx, CfdbConn *cfdb, char *table_path, Rlist *columns, Attributes a,
const Promise *pp, PromiseResult *result)
{
- char name[CF_MAXVARSIZE], type[CF_MAXVARSIZE], query[CF_MAXVARSIZE], table[CF_MAXVARSIZE], db[CF_MAXVARSIZE];
+ char name[CF_MAXVARSIZE], type[CF_MAXVARSIZE], query[CF_BUFSIZE], table[CF_MAXVARSIZE], db[CF_MAXVARSIZE];
int i, count, size, no_of_cols, *size_table, *done, identified, retval = true;
char **name_table, **type_table;
@@ -670,12 +670,12 @@ static int VerifyTablePromise(EvalContext *ctx, CfdbConn *cfdb, char *table_path
{
if (size_table[i] > 0)
{
- snprintf(query, CF_MAXVARSIZE - 1, "ALTER TABLE %s ADD %s %s(%d)", table, name_table[i],
+ snprintf(query, sizeof(query) - 1, "ALTER TABLE %s ADD %s %s(%d)", table, name_table[i],
type_table[i], size_table[i]);
}
else
{
- snprintf(query, CF_MAXVARSIZE - 1, "ALTER TABLE %s ADD %s %s", table, name_table[i],
+ snprintf(query, sizeof(query) - 1, "ALTER TABLE %s ADD %s %s", table, name_table[i],
type_table[i]);
}
@@ -742,7 +742,7 @@ static int CreateTableColumns(CfdbConn *cfdb, char *table, Rlist *columns)
if (no_of_cols > 0)
{
- snprintf(query, CF_BUFSIZE - 1, "create table %s(", table);
+ snprintf(query, sizeof(query) - 1, "create table %s(", table);
for (i = 0; i < no_of_cols; i++)
{
@@ -781,7 +781,7 @@ static int CreateTableColumns(CfdbConn *cfdb, char *table, Rlist *columns)
static Rlist *GetSQLTables(CfdbConn *cfdb)
{
Rlist *list = NULL;
- char query[CF_MAXVARSIZE];
+ char query[CF_BUFSIZE];
ListTables(cfdb->type, query);
@@ -870,7 +870,7 @@ static int ValidateSQLTableName(char *table_path, char *db, char *table)
static void QueryTableColumns(char *s, char *db, char *table)
{
- snprintf(s, CF_MAXVARSIZE - 1,
+ snprintf(s, CF_BUFSIZE - 1,
"SELECT column_name,data_type,character_maximum_length FROM information_schema.columns WHERE table_name ='%s' AND table_schema = '%s'",
table, db);
}
diff --git a/cf-agent/verify_exec.c b/cf-agent/verify_exec.c
index a21126c4fd48..a5a16ee68b8f 100644
--- a/cf-agent/verify_exec.c
+++ b/cf-agent/verify_exec.c
@@ -203,7 +203,7 @@ static char *GetLockNameExec(Attributes a, const Promise *pp)
static ActionResult RepairExec(EvalContext *ctx, Attributes a,
const Promise *pp, PromiseResult *result)
{
- char eventname[CF_BUFSIZE];
+ char eventname[CF_BUFSIZE * 2];
char cmdline[CF_BUFSIZE];
char comm[20];
int outsourced, count = 0;
@@ -456,7 +456,7 @@ static ActionResult RepairExec(EvalContext *ctx, Attributes a,
umask(maskval);
#endif
- snprintf(eventname, CF_BUFSIZE - 1, "Exec(%s)", cmdline);
+ snprintf(eventname, CF_BUFSIZE*2 - 1, "Exec(%s)", cmdline);
#ifndef __MINGW32__
if ((a.transaction.background) && outsourced)
diff --git a/cf-agent/verify_packages.c b/cf-agent/verify_packages.c
index 54b8564bca13..1e55a9513da6 100644
--- a/cf-agent/verify_packages.c
+++ b/cf-agent/verify_packages.c
@@ -3176,7 +3176,7 @@ static void DeletePackageManagers(PackageManager *np)
const char *PrefixLocalRepository(const Rlist *repositories, const char *package)
{
- static char quotedPath[CF_MAXVARSIZE]; /* GLOBAL_R, no need to initialize */
+ static char quotedPath[CF_BUFSIZE * 2]; /* GLOBAL_R, no need to initialize */
struct stat sb;
char path[CF_BUFSIZE];
diff --git a/cf-execd/cf-execd-runner.c b/cf-execd/cf-execd-runner.c
index 67263c1fb075..18a32a0a32f2 100644
--- a/cf-execd/cf-execd-runner.c
+++ b/cf-execd/cf-execd-runner.c
@@ -195,7 +195,7 @@ void LocalExec(const ExecConfig *config)
strlcpy(esc_command, MapName(cmd), CF_BUFSIZE);
- char filename[CF_BUFSIZE];
+ char filename[CF_BUFSIZE * 3];
{
char line[CF_BUFSIZE];
snprintf(line, CF_BUFSIZE, "_%jd_%s", (intmax_t) starttime, CanonifyName(ctime(&starttime)));
@@ -205,7 +205,7 @@ void LocalExec(const ExecConfig *config)
strlcpy(canonified_fq_name, config->fq_name, CF_BUFSIZE);
CanonifyNameInPlace(canonified_fq_name);
- snprintf(filename, CF_BUFSIZE, "%s/outputs/cf_%s_%s_%p",
+ snprintf(filename, sizeof(filename), "%s/outputs/cf_%s_%s_%p",
GetWorkDir(), canonified_fq_name, line, thread_name);
MapName(filename);
diff --git a/cf-monitord/env_monitor.c b/cf-monitord/env_monitor.c
index a55119625344..3f0f4faadc8d 100644
--- a/cf-monitord/env_monitor.c
+++ b/cf-monitord/env_monitor.c
@@ -936,7 +936,7 @@ static double SetClasses(EvalContext *ctx, char *name, double variable, double a
{
Log(LOG_LEVEL_DEBUG, "No sigma variation .. can't measure class");
- snprintf(buffer, CF_MAXVARSIZE, "entropy_%s.*", name);
+ snprintf(buffer, sizeof(buffer), "entropy_%s.*", name);
MonEntropyPurgeUnused(buffer);
return sig;
@@ -1044,13 +1044,13 @@ static void SetVariable(char *name, double value, double average, double stddev,
{
char var[CF_BUFSIZE];
- snprintf(var, CF_MAXVARSIZE, "value_%s=%.2lf", name, value);
+ snprintf(var, sizeof(var), "value_%s=%.2lf", name, value);
AppendItem(classlist, var, "");
- snprintf(var, CF_MAXVARSIZE, "av_%s=%.2lf", name, average);
+ snprintf(var, sizeof(var), "av_%s=%.2lf", name, average);
AppendItem(classlist, var, "");
- snprintf(var, CF_MAXVARSIZE, "dev_%s=%.2lf", name, stddev);
+ snprintf(var, sizeof(var), "dev_%s=%.2lf", name, stddev);
AppendItem(classlist, var, "");
}
diff --git a/cf-monitord/mon_network_sniffer.c b/cf-monitord/mon_network_sniffer.c
index 5813052768ea..1c5064a38b27 100644
--- a/cf-monitord/mon_network_sniffer.c
+++ b/cf-monitord/mon_network_sniffer.c
@@ -210,7 +210,7 @@ static void IncrementCounter(Item **list, char *name)
static void AnalyzeArrival(Item *ip_addresses, long iteration, char *arrival, double *cf_this)
{
- char src[CF_BUFSIZE], dest[CF_BUFSIZE], flag = '.', *arr;
+ char src[CF_BUFSIZE], dest[CF_BUFSIZE * 2], flag = '.', *arr;
int isme_dest, isme_src;
src[0] = dest[0] = '\0';
@@ -387,11 +387,11 @@ static void AnalyzeArrival(Item *ip_addresses, long iteration, char *arrival, do
if (strstr(arrival, ".138"))
{
- snprintf(dest, CF_BUFSIZE - 1, "%s NETBIOS", src);
+ snprintf(dest, sizeof(dest) - 1, "%s NETBIOS", src);
}
else if (strstr(arrival, ".2049"))
{
- snprintf(dest, CF_BUFSIZE - 1, "%s NFS", src);
+ snprintf(dest, sizeof(dest) - 1, "%s NFS", src);
}
else
{
diff --git a/cf-runagent/cf-runagent.c b/cf-runagent/cf-runagent.c
index 92045d31c9fe..3942929fcb98 100644
--- a/cf-runagent/cf-runagent.c
+++ b/cf-runagent/cf-runagent.c
@@ -794,15 +794,15 @@ static void HailExec(AgentConnection *conn, char *peer)
static FILE *NewStream(char *name)
{
FILE *fp;
- char filename[CF_BUFSIZE];
+ char filename[CF_BUFSIZE * 2];
if (OUTPUT_DIRECTORY[0] != '\0')
{
- snprintf(filename, CF_BUFSIZE, "%s/%s_runagent.out", OUTPUT_DIRECTORY, name);
+ snprintf(filename, sizeof(filename), "%s/%s_runagent.out", OUTPUT_DIRECTORY, name);
}
else
{
- snprintf(filename, CF_BUFSIZE, "%s%coutputs%c%s_runagent.out",
+ snprintf(filename, sizeof(filename), "%s%coutputs%c%s_runagent.out",
GetWorkDir(), FILE_SEPARATOR, FILE_SEPARATOR, name);
}
diff --git a/cf-serverd/server_common.c b/cf-serverd/server_common.c
index 6bf95be92852..bfcd25d386e2 100644
--- a/cf-serverd/server_common.c
+++ b/cf-serverd/server_common.c
@@ -370,8 +370,8 @@ static void AbortTransfer(ConnectionInfo *connection, char *filename)
{
Log(LOG_LEVEL_VERBOSE, "Aborting transfer of file due to source changes");
- char sendbuffer[CF_BUFSIZE];
- snprintf(sendbuffer, CF_BUFSIZE, "%s%s: %s",
+ char sendbuffer[CF_BUFSIZE*2];
+ snprintf(sendbuffer, sizeof(sendbuffer), "%s%s: %s",
CF_CHANGEDSTR1, CF_CHANGEDSTR2, filename);
if (SendTransaction(connection, sendbuffer, 0, CF_DONE) == -1)
@@ -385,9 +385,9 @@ static void FailedTransfer(ConnectionInfo *connection)
{
Log(LOG_LEVEL_VERBOSE, "Transfer failure");
- char sendbuffer[CF_BUFSIZE];
+ char sendbuffer[CF_BUFSIZE*2];
- snprintf(sendbuffer, CF_BUFSIZE, "%s", CF_FAILEDSTR);
+ snprintf(sendbuffer, sizeof(sendbuffer), "%s", CF_FAILEDSTR);
if (SendTransaction(connection, sendbuffer, 0, CF_DONE) == -1)
{
@@ -419,7 +419,7 @@ void CfGetFile(ServerFileGetState *args)
{
Log(LOG_LEVEL_INFO, "REFUSE access to file: %s", filename);
RefuseAccess(args->conn, args->replyfile);
- snprintf(sendbuffer, CF_BUFSIZE, "%s", CF_FAILEDSTR);
+ snprintf(sendbuffer, sizeof(sendbuffer), "%s", CF_FAILEDSTR);
if (ConnectionInfoProtocolVersion(conn_info) == CF_PROTOCOL_CLASSIC)
{
SendSocketStream(ConnectionInfoSocket(conn_info), sendbuffer, args->buf_size);
@@ -437,7 +437,7 @@ void CfGetFile(ServerFileGetState *args)
{
Log(LOG_LEVEL_ERR, "Open error of file '%s'. (open: %s)",
filename, GetErrorStr());
- snprintf(sendbuffer, CF_BUFSIZE, "%s", CF_FAILEDSTR);
+ snprintf(sendbuffer, sizeof(sendbuffer), "%s", CF_FAILEDSTR);
if (ConnectionInfoProtocolVersion(conn_info) == CF_PROTOCOL_CLASSIC)
{
SendSocketStream(ConnectionInfoSocket(conn_info), sendbuffer, args->buf_size);
@@ -458,7 +458,7 @@ void CfGetFile(ServerFileGetState *args)
while (true)
{
- memset(sendbuffer, 0, CF_BUFSIZE);
+ memset(sendbuffer, 0, sizeof(sendbuffer));
Log(LOG_LEVEL_DEBUG, "Now reading from disk...");
@@ -490,7 +490,7 @@ void CfGetFile(ServerFileGetState *args)
if (sb.st_size != savedlen)
{
- snprintf(sendbuffer, CF_BUFSIZE, "%s%s: %s", CF_CHANGEDSTR1, CF_CHANGEDSTR2, filename);
+ snprintf(sendbuffer, sizeof(sendbuffer), "%s%s: %s", CF_CHANGEDSTR1, CF_CHANGEDSTR2, filename);
if (ConnectionInfoProtocolVersion(conn_info) == CF_PROTOCOL_CLASSIC)
{
@@ -606,7 +606,7 @@ void CfEncryptGetFile(ServerFileGetState *args)
while (true)
{
- memset(sendbuffer, 0, CF_BUFSIZE);
+ memset(sendbuffer, 0, sizeof(sendbuffer));
if ((n_read = read(fd, sendbuffer, blocksize)) == -1)
{
diff --git a/libcfnet/client_protocol.c b/libcfnet/client_protocol.c
index 0b80f0acf519..085b0fa27e30 100644
--- a/libcfnet/client_protocol.c
+++ b/libcfnet/client_protocol.c
@@ -63,7 +63,7 @@ void SetSkipIdentify(bool enabled)
int IdentifyAgent(ConnectionInfo *conn_info)
{
- char uname[CF_BUFSIZE], sendbuff[CF_BUFSIZE];
+ char uname[CF_MAXVARSIZE], sendbuff[CF_BUFSIZE];
char dnsname[CF_MAXVARSIZE], localip[CF_MAX_IP_LEN];
int ret;
diff --git a/libenv/sysinfo.c b/libenv/sysinfo.c
index 29b82b36807b..1f194c5522e5 100644
--- a/libenv/sysinfo.c
+++ b/libenv/sysinfo.c
@@ -443,7 +443,7 @@ static void GetNameInfo3(EvalContext *ctx)
};
int have_component[COMPONENTS_SIZE];
struct stat sb;
- char name[CF_MAXVARSIZE], quoteName[CF_MAXVARSIZE], shortname[CF_MAXVARSIZE];
+ char name[CF_MAXVARSIZE], quoteName[CF_BUFSIZE], shortname[CF_MAXVARSIZE];
if (uname(&VSYSNAME) == -1)
{
@@ -2064,7 +2064,7 @@ static int Linux_Suse_Version(EvalContext *ctx)
strncpy(classbuf, vendor, CF_MAXVARSIZE);
EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent");
snprintf(classbuf + strlen(classbuf), CF_MAXVARSIZE - strlen(classbuf), "_%d", major);
- SetFlavour(ctx, classbuf);
+ SetFlavor(ctx, classbuf);
if (minor != -1)
{
snprintf(classbuf + strlen(classbuf), CF_MAXVARSIZE - strlen(classbuf), "_%d", minor);
@@ -2177,7 +2177,7 @@ static void LinuxDebianSanitizeIssue(char *buffer)
static int Linux_Misc_Version(EvalContext *ctx)
{
- char flavor[CF_MAXVARSIZE];
+ char flavor[CF_BUFSIZE];
char version[CF_MAXVARSIZE];
char os[CF_MAXVARSIZE];
char buffer[CF_BUFSIZE];
@@ -2218,7 +2218,7 @@ static int Linux_Misc_Version(EvalContext *ctx)
if (*os && *version)
{
- snprintf(flavor, CF_MAXVARSIZE, "%s_%s", os, version);
+ snprintf(flavor, CF_BUFSIZE, "%s_%s", os, version);
SetFlavor(ctx, flavor);
return 1;
}
@@ -2233,7 +2233,7 @@ static int Linux_Debian_Version(EvalContext *ctx)
int major = -1;
int release = -1;
int result;
- char classname[CF_MAXVARSIZE], buffer[CF_MAXVARSIZE], os[CF_MAXVARSIZE], version[CF_MAXVARSIZE];
+ char classname[CF_BUFSIZE], buffer[CF_BUFSIZE], os[CF_MAXVARSIZE], version[CF_MAXVARSIZE];
Log(LOG_LEVEL_VERBOSE, "This appears to be a debian system.");
EvalContextClassPutHard(ctx, "debian", "inventory,attribute_name=none,source=agent");
@@ -2253,15 +2253,15 @@ static int Linux_Debian_Version(EvalContext *ctx)
{
case 2:
Log(LOG_LEVEL_VERBOSE, "This appears to be a Debian %u.%u system.", major, release);
- snprintf(classname, CF_MAXVARSIZE, "debian_%u_%u", major, release);
+ snprintf(classname, CF_BUFSIZE, "debian_%u_%u", major, release);
EvalContextClassPutHard(ctx, classname, "inventory,attribute_name=none,source=agent");
- snprintf(classname, CF_MAXVARSIZE, "debian_%u", major);
+ snprintf(classname, CF_BUFSIZE, "debian_%u", major);
SetFlavor(ctx, classname);
break;
case 1:
Log(LOG_LEVEL_VERBOSE, "This appears to be a Debian %u system.", major);
- snprintf(classname, CF_MAXVARSIZE, "debian_%u", major);
+ snprintf(classname, CF_BUFSIZE, "debian_%u", major);
SetFlavor(ctx, classname);
break;
@@ -2270,7 +2270,7 @@ static int Linux_Debian_Version(EvalContext *ctx)
sscanf(buffer, "%25[^/]", version);
if (strlen(version) > 0)
{
- snprintf(classname, CF_MAXVARSIZE, "debian_%s", version);
+ snprintf(classname, CF_BUFSIZE, "debian_%s", version);
EvalContextClassPutHard(ctx, classname, "inventory,attribute_name=none,source=agent");
}
break;
@@ -2288,7 +2288,7 @@ static int Linux_Debian_Version(EvalContext *ctx)
{
LinuxDebianSanitizeIssue(buffer);
sscanf(buffer, "%*s %*s %[^./]", version);
- snprintf(buffer, CF_MAXVARSIZE, "debian_%s", version);
+ snprintf(buffer, CF_BUFSIZE, "debian_%s", version);
EvalContextClassPutHard(ctx, "debian", "inventory,attribute_name=none,source=agent");
SetFlavor(ctx, buffer);
}
@@ -2296,12 +2296,12 @@ static int Linux_Debian_Version(EvalContext *ctx)
{
LinuxDebianSanitizeIssue(buffer);
sscanf(buffer, "%*s %[^.].%d", version, &release);
- snprintf(buffer, CF_MAXVARSIZE, "ubuntu_%s", version);
+ snprintf(buffer, CF_BUFSIZE, "ubuntu_%s", version);
SetFlavor(ctx, buffer);
EvalContextClassPutHard(ctx, "ubuntu", "inventory,attribute_name=none,source=agent");
if (release >= 0)
{
- snprintf(buffer, CF_MAXVARSIZE, "ubuntu_%s_%d", version, release);
+ snprintf(buffer, CF_BUFSIZE, "ubuntu_%s_%d", version, release);
EvalContextClassPutHard(ctx, buffer, "inventory,attribute_name=none,source=agent");
}
}
@@ -2515,13 +2515,13 @@ static int EOS_Version(EvalContext *ctx)
{
if (strstr(buffer, "EOS"))
{
- char version[CF_MAXVARSIZE], class[CF_MAXVARSIZE];
+ char version[CF_MAXVARSIZE], class[CF_BUFSIZE];
EvalContextClassPutHard(ctx, "eos", "inventory,attribute_name=none,source=agent");
EvalContextClassPutHard(ctx, "arista", "source=agent");
version[0] = '\0';
sscanf(buffer, "%*s %*s %*s %s", version);
CanonifyNameInPlace(version);
- snprintf(class, CF_MAXVARSIZE, "eos_%s", version);
+ snprintf(class, CF_BUFSIZE, "eos_%s", version);
EvalContextClassPutHard(ctx, class, "inventory,attribute_name=none,source=agent");
}
}
@@ -2541,14 +2541,14 @@ static int MiscOS(EvalContext *ctx)
{
if (strstr(buffer, "BIG-IP"))
{
- char version[CF_MAXVARSIZE], build[CF_MAXVARSIZE], class[CF_MAXVARSIZE];
+ char version[CF_MAXVARSIZE], build[CF_MAXVARSIZE], class[CF_BUFSIZE];
EvalContextClassPutHard(ctx, "big_ip", "inventory,attribute_name=none,source=agent");
sscanf(buffer, "%*s %s %*s %s", version, build);
CanonifyNameInPlace(version);
CanonifyNameInPlace(build);
- snprintf(class, CF_MAXVARSIZE, "big_ip_%s", version);
+ snprintf(class, CF_BUFSIZE, "big_ip_%s", version);
EvalContextClassPutHard(ctx, class, "inventory,attribute_name=none,source=agent");
- snprintf(class, CF_MAXVARSIZE, "big_ip_%s_%s", version, build);
+ snprintf(class, CF_BUFSIZE, "big_ip_%s_%s", version, build);
EvalContextClassPutHard(ctx, class, "inventory,attribute_name=none,source=agent");
SetFlavor(ctx, "BIG-IP");
}
@@ -2561,7 +2561,8 @@ static int MiscOS(EvalContext *ctx)
static int VM_Version(EvalContext *ctx)
{
- char *sp, buffer[CF_BUFSIZE], classbuf[CF_BUFSIZE], version[CF_BUFSIZE];
+#define CF_CLASSBUFSIZE 2*CF_BUFSIZE
+ char *sp, buffer[CF_BUFSIZE], classbuf[CF_CLASSBUFSIZE], version[CF_BUFSIZE];
int major, minor, bug;
int sufficient = 0;
@@ -2573,17 +2574,17 @@ static int VM_Version(EvalContext *ctx)
{
if (sscanf(buffer, "VMware ESX Server %d.%d.%d", &major, &minor, &bug) > 0)
{
- snprintf(classbuf, CF_BUFSIZE, "VMware ESX Server %d", major);
+ snprintf(classbuf, CF_CLASSBUFSIZE, "VMware ESX Server %d", major);
EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent");
- snprintf(classbuf, CF_BUFSIZE, "VMware ESX Server %d.%d", major, minor);
+ snprintf(classbuf, CF_CLASSBUFSIZE, "VMware ESX Server %d.%d", major, minor);
EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent");
- snprintf(classbuf, CF_BUFSIZE, "VMware ESX Server %d.%d.%d", major, minor, bug);
+ snprintf(classbuf, CF_CLASSBUFSIZE, "VMware ESX Server %d.%d.%d", major, minor, bug);
EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent");
sufficient = 1;
}
else if (sscanf(buffer, "VMware ESX Server %s", version) > 0)
{
- snprintf(classbuf, CF_BUFSIZE, "VMware ESX Server %s", version);
+ snprintf(classbuf, CF_CLASSBUFSIZE, "VMware ESX Server %s", version);
EvalContextClassPutHard(ctx, classbuf, "inventory,attribute_name=none,source=agent");
sufficient = 1;
}
diff --git a/libpromises/cf3globals.c b/libpromises/cf3globals.c
index f16e14d688b8..8ede60fd8b0e 100644
--- a/libpromises/cf3globals.c
+++ b/libpromises/cf3globals.c
@@ -55,7 +55,7 @@ long LASTSEENEXPIREAFTER = SECONDS_PER_WEEK; /* GLOBAL_P */
bool DONTDO = false; /* GLOBAL_A */
/* NB! Check use before changing sizes */
-char VFQNAME[CF_MAXVARSIZE] = ""; /* GLOBAL_E GLOBAL_P */
+char VFQNAME[CF_BUFSIZE] = ""; /* GLOBAL_E GLOBAL_P */
char VUQNAME[CF_MAXVARSIZE] = ""; /* GLOBAL_E */
char VDOMAIN[CF_MAXVARSIZE] = ""; /* GLOBAL_E GLOBAL_P */
diff --git a/libpromises/cf3lex.l b/libpromises/cf3lex.l
index 7d9f666cc727..b18c573d0c64 100644
--- a/libpromises/cf3lex.l
+++ b/libpromises/cf3lex.l
@@ -333,7 +333,7 @@ promise_type [a-zA-Z_]+:
{
yyerror("identifier too long");
}
- strncpy(P.currentid, yytext, CF_MAXVARSIZE);
+ strncpy(P.currentid, yytext, CF_MAXVARSIZE-1);
return IDSYNTAX;
}
@@ -346,7 +346,7 @@ promise_type [a-zA-Z_]+:
{
yyerror("qualified identifier too long");
}
- strncpy(P.currentid, yytext, CF_MAXVARSIZE);
+ strncpy(P.currentid, yytext, CF_MAXVARSIZE-1);
return IDSYNTAX;
}
@@ -440,7 +440,7 @@ promise_type [a-zA-Z_]+:
tmp = xstrdup(yytext);
tmp[yyleng - 1] = '\0';
- strncpy(P.currenttype, tmp, CF_MAXVARSIZE);
+ strncpy(P.currenttype, tmp, CF_MAXVARSIZE-1);
if (P.currentclasses != NULL)
{
diff --git a/libpromises/cf3parse.y b/libpromises/cf3parse.y
index b29bb4445c68..bd899e240174 100644
--- a/libpromises/cf3parse.y
+++ b/libpromises/cf3parse.y
@@ -1132,7 +1132,7 @@ functionid: IDSYNTAX
| NAKEDVAR
{
ParserDebug("\tP:%s:%s:%s:%s function nakedvar = %s\n", P.block, P.blocktype, P.blockid, P.currentclasses ? P.currentclasses : "any", P.currentstring);
- strncpy(P.currentid,P.currentstring,CF_MAXVARSIZE); // Make a var look like an ID
+ strncpy(P.currentid,P.currentstring,CF_MAXVARSIZE-1); // Make a var look like an ID
free(P.currentstring);
P.currentstring = NULL;
}
diff --git a/libpromises/eval_context.c b/libpromises/eval_context.c
index cb751ae46796..5257a7d13c95 100644
--- a/libpromises/eval_context.c
+++ b/libpromises/eval_context.c
@@ -1568,7 +1568,7 @@ Class *EvalContextClassMatch(const EvalContext *ctx, const char *regex)
static bool EvalContextClassPut(EvalContext *ctx, const char *ns, const char *name, bool is_soft, ContextScope scope, const char *tags)
{
{
- char context_copy[CF_MAXVARSIZE];
+ char context_copy[CF_BUFSIZE];
char canonified_context[CF_MAXVARSIZE];
@@ -1591,7 +1591,7 @@ static bool EvalContextClassPut(EvalContext *ctx, const char *ns, const char *na
if (ns && strcmp(ns, "default") != 0)
{
- snprintf(context_copy, CF_MAXVARSIZE, "%s:%s", ns, canonified_context);
+ snprintf(context_copy, CF_BUFSIZE, "%s:%s", ns, canonified_context);
}
else
{
diff --git a/libpromises/evalfunction.c b/libpromises/evalfunction.c
index f4d5db0f8356..b88e6f20b0a2 100644
--- a/libpromises/evalfunction.c
+++ b/libpromises/evalfunction.c
@@ -496,7 +496,7 @@ static Rlist *GetHostsFromLastseenDB(Item *addresses, time_t horizon, bool retur
Item *ip;
time_t now = time(NULL);
double entrytime;
- char address[CF_MAXVARSIZE];
+ char address[CF_BUFSIZE];
for (ip = addresses; ip != NULL; ip = ip->next)
{
diff --git a/libpromises/expand.c b/libpromises/expand.c
index 7235930f41bf..62de3e091f2a 100644
--- a/libpromises/expand.c
+++ b/libpromises/expand.c
@@ -870,7 +870,7 @@ static void ResolveControlBody(EvalContext *ctx, GenericAgentConfig *config,
EvalContextVariableRemoveSpecial(ctx, SPECIAL_SCOPE_SYS, "domain");
EvalContextVariableRemoveSpecial(ctx, SPECIAL_SCOPE_SYS, "fqhost");
- snprintf(VFQNAME, CF_MAXVARSIZE, "%s.%s", VUQNAME, VDOMAIN);
+ snprintf(VFQNAME, CF_BUFSIZE, "%s.%s", VUQNAME, VDOMAIN);
EvalContextVariablePutSpecial(ctx, SPECIAL_SCOPE_SYS, "fqhost",
VFQNAME, CF_DATA_TYPE_STRING,
"inventory,source=agent,attribute_name=Host name");
diff --git a/libpromises/keyring.c b/libpromises/keyring.c
index d6cbdfa51aba..134bd165adf8 100644
--- a/libpromises/keyring.c
+++ b/libpromises/keyring.c
@@ -83,9 +83,9 @@ int RemovePublicKey(const char *id)
if (c && c[strlen(suffix)] == '\0') /* dirp->d_name ends with suffix */
{
- char keyfilename[CF_BUFSIZE];
+ char keyfilename[CF_BUFSIZE * 2];
- snprintf(keyfilename, CF_BUFSIZE, "%s/%s", keysdir, dirp->d_name);
+ snprintf(keyfilename, CF_BUFSIZE * 2, "%s/%s", keysdir, dirp->d_name);
MapName(keyfilename);
if (unlink(keyfilename) < 0)
diff --git a/libpromises/syslog_client.c b/libpromises/syslog_client.c
index 3109997436a1..d19572b6f970 100644
--- a/libpromises/syslog_client.c
+++ b/libpromises/syslog_client.c
@@ -111,7 +111,7 @@ void RemoteSysLog(int log_priority, const char *log_string)
char message[rfc3164_len];
char timebuffer[26];
pid_t pid = getpid();
-
+ // rfc3164_len is WAY too small
snprintf(message, sizeof(message), "<%i>%.15s %s %s[%d]: %s",
log_priority | SYSLOG_FACILITY,
cf_strtimestamp_local(now, timebuffer) + 4,
diff --git a/tests/unit/logging_test.c b/tests/unit/logging_test.c
index e625e2b8c945..dc6ee2451a88 100644
--- a/tests/unit/logging_test.c
+++ b/tests/unit/logging_test.c
@@ -6,7 +6,7 @@
#include <syslog_client.h>
#include <string_lib.h>
-char VFQNAME[CF_MAXVARSIZE];
+char VFQNAME[CF_BUFSIZE];
char VPREFIX[CF_MAXVARSIZE];
static struct sockaddr *got_address;
diff --git a/tests/unit/set_domainname_test.c b/tests/unit/set_domainname_test.c
index 7096109e8991..933d17d0d518 100644
--- a/tests/unit/set_domainname_test.c
+++ b/tests/unit/set_domainname_test.c
@@ -9,7 +9,7 @@
/* Global variables we care about */
-char VFQNAME[CF_MAXVARSIZE];
+char VFQNAME[CF_BUFSIZE];
char VUQNAME[CF_MAXVARSIZE];
char VDOMAIN[CF_MAXVARSIZE];
--
2.17.1

27
0004-make-home-dir-for-tests.patch Normal file
View File

@ -0,0 +1,27 @@
From b5e4b0ca4384400cc8822ac06cdacbb97bc3c6e3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkaempf@suse.de>
Date: Tue, 3 Jul 2018 09:38:39 +0200
Subject: [PATCH 4/4] make home dir for tests
Author: Adam Majer <adam.majer@suse.de>
Upstream: https://tracker.mender.io/browse/CFE-2549
BNC#1016848
Summary: this tests requires home directory, otherwise spams logfile
---
tests/load/run_lastseen_threaded_load.sh | 2 ++
1 file changed, 2 insertions(+)
diff --git a/tests/load/run_lastseen_threaded_load.sh b/tests/load/run_lastseen_threaded_load.sh
index 7dc5bcae7c25..60ea99af0c55 100755
--- a/tests/load/run_lastseen_threaded_load.sh
+++ b/tests/load/run_lastseen_threaded_load.sh
@@ -6,4 +6,6 @@ then
exit 0;
fi
+text -x ~/.cfagent/state || mkdir -p ~/.cfagent/state
+
./lastseen_threaded_load -c 1 4 1 1
--
2.17.1

39
cfengine.changes
View File

@ -1,3 +1,42 @@
-------------------------------------------------------------------
Tue Jul 3 07:30:21 UTC 2018 - kkaempf@suse.com
- Update to 3.12.0 (LTS)
New Features:
- Add a --key-type option to specify RSA key size to cf-key
- New hash_to_int policy function (CFE-2733)
- Issue a warning on ignored locking attributes (CFE-2748)
- Add IPv6 hard classes with the "ipv6_" prefix (CFE-2310)
- Introduce "missing_ok" attribute in body copy_from
This allows to ignore missing sources in file copy operations
(CFE-2365)
- Enable Xen hypervisor detection on all x86 platforms (CFE-2203)
- Add sys.policy_entry variables (CFE-2572)
- Added inline_mustache template method (CFE-1846)
- New component cf-net (cf-net is a CLI for the CFEngine network
protocol, useful for debugging, testing etc) and accompanying
policy variable sys.cf_net containing path to cf-net binary
- Added --log-level option to all components
This allows you to specify any log level (info, verbose, debug
etc.).
It is also less strict, allowing different spelling. As an example,
--log-level i, --log-level INFO, --log-level inform are all the same.
- Added special behavior for bundles named __main__
If the bundle is defined in the entry policy it will be defined as
main.
If the bundle is defined elsewhere, it will be removed.
This makes it easy to make importable library policy which can also
be executed directly.
- See https://github.com/cfengine/core/blob/3.12.x/ChangeLog for other
changes and bug fixes
- drop 0003-CFE-2629-Openssl-1.1-compatibility.patch (upstream)
drop reproducible.patch (upstream)
add 0003-Reduce-string-truncation-warnings.patch
rename make_home_dir_for_tests.patch to
0004-make-home-dir-for-tests.patch
-------------------------------------------------------------------
Tue Jun 19 10:58:32 UTC 2018 - adam.majer@suse.de

19
cfengine.spec
View File

@ -16,7 +16,7 @@
#
%define srcversion 3.11.0
%define srcversion 3.12.0
%define srcname core-%{srcversion}
%define libname libpromises
%define libsoname %{libname}3
@ -70,12 +70,11 @@ Patch1: 0001-Set-sys.bindir-to-usr-sbin-expect-cf-components-ther.patch
# PATCH-FEATURE-UPSTREAM better /etc/SuSE-release parsing, upstream #5423
# kkaempf@suse.de
Patch2: 0002-Simplify-and-fix-parsing-of-etc-SuSE-release-fixes-i.patch
# PATCH-FIX-UPSTREAM https://github.com/cfengine/core/commit/f4b9c855c0b035c0188fcdf79d2cbddab2f1bdcc
Patch3: 0003-CFE-2629-Openssl-1.1-compatibility.patch
# PATCH-FIX-UPSTREAM https://github.com/cfengine/core/pull/2881
Patch4: reproducible.patch
# PATCH-FIX-SUSE reduce "string truncated" (in strncpy) warnings
Patch3: 0003-Reduce-string-truncation-warnings.patch
# PATCH-FIX-SUSE BNC#1016848, adam.majer
Patch10: 0004-make-home-dir-for-tests.patch
# SLE 11 or RHEL5 autoconf does not support AM_SUBST_NOTMAKE, kkaempf@suse.de
Patch10: make_home_dir_for_tests.patch
Patch99: remove-am_subst_notmake.patch
BuildRequires: bison
@ -89,8 +88,11 @@ BuildRequires: lmdb-devel >= 0.9.17
BuildRequires: openssl-devel >= 1.0.2e
BuildRequires: pam-devel
BuildRequires: pcre-devel >= 8.38
BuildRequires: python
# for flock
BuildRequires: util-linux
# for llzma
BuildRequires: xz-devel
Requires: %{libsoname} = %{version}
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if %{with mysql}
@ -170,11 +172,7 @@ Lots of example promises for CFEngine.
%setup -q -n %{srcname}
%patch1 -p1
%patch2 -p1
%if 0%{?suse_version} >= 1500
# openssl 1.1.0
%patch3 -p1
%endif
%patch4 -p1
%if 0%{?suse_version} <= 1110
%patch99 -p1
%endif
@ -191,6 +189,7 @@ install -d docs
cp -a $RPM_SOURCE_DIR/*pdf docs/
%build
echo %{version} > CFVERSION
EXPLICIT_VERSION=%{version} autoreconf -fvi -I m4
CC=cc CFLAGS="%{optflags} -fno-strict-aliasing" \
%configure \

3
core-3.11.0.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4a1403b19a362b8efd58cacc4c61e3da3e1dc438a8580072399bce7c6f317dfc
size 2039330

3
core-3.12.0.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:f93e2f112063a7d5b9e2ee197e46d6dac0414cca66bf2726c05f9dd3fa8f1970
size 2127099

15
make_home_dir_for_tests.patch
View File

@ -1,15 +0,0 @@
Author: Adam Majer <adam.majer@suse.de>
Upstream: https://tracker.mender.io/browse/CFE-2549
BNC#1016848
Summary: this tests requires home directory, otherwise spams logfile
Index: cfengine-3.10.0b1/tests/load/run_lastseen_threaded_load.sh
===================================================================
--- cfengine-3.10.0b1.orig/tests/load/run_lastseen_threaded_load.sh
+++ cfengine-3.10.0b1/tests/load/run_lastseen_threaded_load.sh
@@ -1,3 +1,5 @@
#!/bin/sh
+text -x ~/.cfagent/state || mkdir -p ~/.cfagent/state
+
./lastseen_threaded_load -c 1 4 1 1

28
reproducible.patch
View File

@ -1,28 +0,0 @@
commit fb4e70f9be4b37ab40505118553caf5a5b7c7daf
Author: Bernhard M. Wiedemann <bwiedemann@suse.de>
Date: Sun Jul 2 11:17:14 2017 +0200
libutils/man.c: allow to override build time
in order to enable reproducible builds.
See https://reproducible-builds.org/ for why this is good
and https://reproducible-builds.org/specs/source-date-epoch/
for the definition of this variable.
diff --git a/libutils/man.c b/libutils/man.c
index ef2cd1a28..ba46ba895 100644
--- a/libutils/man.c
+++ b/libutils/man.c
@@ -206,6 +206,11 @@ void ManPageWrite(Writer *out, const char *program, time_t last_modified,
const struct option options[],
const char *const option_hints[], bool accepts_file_argument)
{
+ time_t overridetime;
+ char *source_date_epoch = getenv("SOURCE_DATE_EPOCH");
+ if (source_date_epoch != NULL &&
+ (overridetime = (time_t)strtoll(source_date_epoch, NULL, 10)) > 0)
+ last_modified = overridetime;
WriteCopyright(out);
WriteHeader(out, program, last_modified);
WriteName(out, program, short_description);