pool/firewalld
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 633723 from security:netfilter

Browse Source 
- Add firewalld-fix-firewalld-config-crash.patch: set
  nm_get_zone_of_connection to return 'None' instead of 'False' for
  automatically generated connections to avoid firewall-config
  crashes. Patch provided by upstream (boo#1106319,
  gh#firewalld/firewalld#370).

OBS-URL: https://build.opensuse.org/request/show/633723
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/firewalld?expand=0&rev=35
This commit is contained in:
Yuchen Lin 2018-09-13 10:09:22 +00:00 committed by Git OBS Bridge
commit c8fc60e4fb
3 changed files with 56 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
firewalld-fix-firewalld-config-crash.patch Normal file
View File

@ -0,0 +1,44 @@
From a24ab61eabe24656b457273f54133fa99087f2f6 Mon Sep 17 00:00:00 2001
From: Farenjihn <farenjihn@gmail.com>
Date: Fri, 17 Aug 2018 11:58:55 +0200
Subject: [PATCH] firewall/core/fw_nm: nm_get_zone_of_connection should return
None or empty string instead of False
(cherry picked from commit 5a59a90f449a8bf836e62e2d9ad486301b1aa2bb)
---
src/firewall/core/fw_nm.py | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/firewall/core/fw_nm.py b/src/firewall/core/fw_nm.py
index 97113d95..37282a1a 100644
--- a/src/firewall/core/fw_nm.py
+++ b/src/firewall/core/fw_nm.py
@@ -75,21 +75,21 @@ def nm_get_zone_of_connection(connection):
con = nm_get_client().get_connection_by_uuid(connection)
if con is None:
- return False
+ return None
setting_con = con.get_setting_connection()
if setting_con is None:
- return False
+ return None
try:
if con.get_flags() & (NM.SettingsConnectionFlags.NM_GENERATED
| NM.SettingsConnectionFlags.NM_VOLATILE):
- return False
+ return ""
except AttributeError:
# Prior to NetworkManager 1.12, we can only guess
# that a connection was generated/volatile.
if con.get_unsaved():
- return False
+ return ""
zone = setting_con.get_zone()
if zone is None:
--
2.18.0

9
firewalld.changes
View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Sun Sep 2 03:50:37 UTC 2018 - luc14n0@linuxmail.org
- Add firewalld-fix-firewalld-config-crash.patch: set
nm_get_zone_of_connection to return 'None' instead of 'False' for
automatically generated connections to avoid firewall-config
crashes. Patch provided by upstream (boo#1106319,
gh#firewalld/firewalld#370).
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Aug 13 19:08:39 UTC 2018 - mchandras@suse.de Mon Aug 13 19:08:39 UTC 2018 - mchandras@suse.de

4
firewalld.spec
View File

@ -30,6 +30,8 @@ Url: http://www.firewalld.org
Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz Source: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
# PATCH-FIX-SUSE: 0001-firewall-backend-Switch-default-backend-to-iptables.patch (bsc#1102761) # PATCH-FIX-SUSE: 0001-firewall-backend-Switch-default-backend-to-iptables.patch (bsc#1102761)
Patch0: 0001-firewall-backend-Switch-default-backend-to-iptables.patch Patch0: 0001-firewall-backend-Switch-default-backend-to-iptables.patch
# PATCH-FIX-UPSTREAM firewalld-fix-firewalld-config-crash.patch luc14n0@linuxmail.org -- fix firewall-config crash when nm_get_zone_of_connection returns "False"
Patch1: firewalld-fix-firewalld-config-crash.patch
BuildRequires: autoconf BuildRequires: autoconf
BuildRequires: automake BuildRequires: automake
BuildRequires: desktop-file-utils BuildRequires: desktop-file-utils
@ -112,8 +114,8 @@ firewalld.
%prep %prep
%setup -q %setup -q
# bsc#1102761 - switch to iptables as default
%patch0 -p1 %patch0 -p1
%patch1 -p1
# bsc#1078223 # bsc#1078223
rm config/services/high-availability.xml rm config/services/high-availability.xml