From 8b0ed32b30fb1fe385cf69eadbd2f60d8ca560511660ab6f3ff683d0e7acfa23 Mon Sep 17 00:00:00 2001 From: Lars Vogdt Date: Mon, 12 Nov 2018 10:09:35 +0000 Subject: [PATCH] Accepting request 648192 from home:darix:playground - update to 2.0.9 OBS-URL: https://build.opensuse.org/request/show/648192 OBS-URL: https://build.opensuse.org/package/show/network/keepalived?expand=0&rev=47 --- ...8f9265ffb5927c4d54c9a30726c76e65bb52.patch | 217 +++++++ keepalive-init.patch | 155 +---- keepalive-rpmlintrc | 2 +- keepalived-1.4.1.tar.gz | 3 - keepalived-2.0.9.tar.gz | 3 + keepalived.changes | 588 ++++++++++++++++++ keepalived.spec | 26 +- linux-4.15.patch | 42 +- 8 files changed, 874 insertions(+), 162 deletions(-) create mode 100644 b7a98f9265ffb5927c4d54c9a30726c76e65bb52.patch delete mode 100644 keepalived-1.4.1.tar.gz create mode 100644 keepalived-2.0.9.tar.gz diff --git a/b7a98f9265ffb5927c4d54c9a30726c76e65bb52.patch b/b7a98f9265ffb5927c4d54c9a30726c76e65bb52.patch new file mode 100644 index 0000000..b0c78e6 --- /dev/null +++ b/b7a98f9265ffb5927c4d54c9a30726c76e65bb52.patch @@ -0,0 +1,217 @@ +From b7a98f9265ffb5927c4d54c9a30726c76e65bb52 Mon Sep 17 00:00:00 2001 +From: Quentin Armitage +Date: Sat, 10 Nov 2018 19:03:47 +0000 +Subject: [PATCH] Update to support libipset version 7 + +Issue #1058 reported that keepalived failed to build with libipset +version 7. This commit updates keepalived to detect if the version +of the keepalived libraries is pre v7 or not, and compiles +appropriately. + +Signed-off-by: Quentin Armitage +--- + configure.ac | 21 ++++++++++++ + keepalived/include/vrrp_ipset.h | 2 +- + keepalived/vrrp/vrrp_ipset.c | 58 ++++++++++++++++++++++++++++++--- + keepalived/vrrp/vrrp_iptables.c | 2 +- + 4 files changed, 76 insertions(+), 7 deletions(-) + +diff --git a/configure.ac b/configure.ac +index ecec32a2..708b04fe 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -1212,6 +1212,27 @@ if test .${enable_libiptc} != .no -a .$enable_vrrp != .no; then + [AC_DEFINE([LIBIPSET_H_ADD_IP_SET_H_GUARD], [1], [Define to add guard _IP_SET_H before including ])]) + ]) + fi ++ ++ if test $USE_LIBIPSET = Yes; then ++ AC_MSG_CHECKING([for libipset version 7 or later]) ++ AC_COMPILE_IFELSE([AC_LANG_SOURCE( ++ [[ ++ #include ++ ++ void test_func(void) ++ { ++ ipset_session_init(NULL, NULL); ++ } ++ ]])], ++ [ ++ AC_MSG_RESULT([yes]) ++ ], ++ [ ++ AC_MSG_RESULT([no]) ++ AC_DEFINE([LIBIPSET_PRE_V7_COMPAT], [ 1 ], [Define to 1 if libipset library version prior to v7]) ++ add_system_opt[LIBIPSET_PRE_V7] ++ ]) ++ fi + ]) + LIBS="$SAV_LIBS" + fi +diff --git a/keepalived/include/vrrp_ipset.h b/keepalived/include/vrrp_ipset.h +index 5a1a9562..5d83b21a 100644 +--- a/keepalived/include/vrrp_ipset.h ++++ b/keepalived/include/vrrp_ipset.h +@@ -29,7 +29,7 @@ + bool add_ipsets(bool); + bool remove_ipsets(void); + bool has_ipset_setname(void*, const char *); +-bool ipset_init(void); ++bool ipset_initialise(void); + void* ipset_session_start(void); + void ipset_session_end(void*); + void ipset_entry(void*, int cmd, const ip_address_t*); +diff --git a/keepalived/vrrp/vrrp_ipset.c b/keepalived/vrrp/vrrp_ipset.c +index 4b3ab7cd..dbe248eb 100644 +--- a/keepalived/vrrp/vrrp_ipset.c ++++ b/keepalived/vrrp/vrrp_ipset.c +@@ -43,6 +43,9 @@ + #endif + #include + #include ++#ifndef LIBIPSET_PRE_V7_COMPAT ++#include ++#endif + #include + #include /* For __beXX types in userland */ + #include /* For nf_inet_addr */ +@@ -60,11 +63,18 @@ + #include + + /* The addresses of the functions we want */ ++#ifdef LIBIPSET_PRE_V7_COMPAT + struct ipset_session* (*ipset_session_init_addr)(ipset_outfn outfn); ++#else ++struct ipset_session* (*ipset_session_init_addr)(ipset_print_outfn outfn, void *p); ++#endif + int (*ipset_session_fini_addr)(struct ipset_session *session); + struct ipset_data* (*ipset_session_data_addr)(const struct ipset_session *session); +-const char* (*ipset_session_error_addr)(const struct ipset_session *session); ++#ifdef LIBIPSET_PRE_V7_COMPAT + int (*ipset_envopt_parse_addr)(struct ipset_session *session, int env, const char *str); ++#else ++void (*ipset_envopt_set_addr)(struct ipset_session *session, int env); ++#endif + const struct ipset_type* (*ipset_type_get_addr)(struct ipset_session *session, enum ipset_cmd cmd); + int (*ipset_data_set_addr)(struct ipset_data *data, enum ipset_opt opt, const void *value); + int (*ipset_cmd_addr)(struct ipset_session *session, enum ipset_cmd cmd, uint32_t lineno); +@@ -74,8 +84,11 @@ void (*ipset_load_types_addr)(void); + #define ipset_session_init (*ipset_session_init_addr) + #define ipset_session_fini (*ipset_session_fini_addr) + #define ipset_session_data (*ipset_session_data_addr) +-#define ipset_session_error (*ipset_session_error_addr) ++#ifdef LIBIPSET_PRE_V7_COMPAT + #define ipset_envopt_parse (*ipset_envopt_parse_addr) ++#else ++#define ipset_envopt_set (*ipset_envopt_set_addr) ++#endif + #define ipset_type_get (*ipset_type_get_addr) + #define ipset_data_set (*ipset_data_set_addr) + /* Unfortunately ipset_cmd conflicts with struct ipset_cmd */ +@@ -87,6 +100,22 @@ static void* libipset_handle; + #define ipset_cmd1 ipset_cmd + #endif + ++#ifndef LIBIPSET_PRE_V7_COMPAT ++static int ++ipset_printf(__attribute ((__unused__)) struct ipset_session *session, void *p, const char *fmt, ...) ++{ ++ va_list args; ++ ++ log_message(LOG_INFO, "libipset message from %s", (const char *)p); ++ ++ va_start(args, fmt); ++ vlog_message(LOG_INFO, fmt, args); ++ va_end(args); ++ ++ return 0; ++} ++#endif ++ + static bool + do_ipset_cmd(struct ipset_session* session, enum ipset_cmd cmd, const char *setname, + const ip_address_t *addr, uint32_t timeout, const char* iface) +@@ -162,7 +191,11 @@ static bool create_sets(const char* addr4, const char* addr6, const char* addr_i + { + struct ipset_session *session; + ++#ifdef LIBIPSET_PRE_V7_COMPAT + session = ipset_session_init(printf); ++#else ++ session = ipset_session_init(ipset_printf, "create_sets"); ++#endif + if (!session) { + log_message(LOG_INFO, "Cannot initialize ipset session."); + return false; +@@ -171,7 +204,11 @@ static bool create_sets(const char* addr4, const char* addr6, const char* addr_i + /* If we aren't reloading, don't worry if sets already exists. With the + * IPSET_ENV_EXIST option set, any existing entries in the set are removed. */ + if (!reload) ++#ifdef LIBIPSET_PRE_V7_COMPAT + ipset_envopt_parse(session, IPSET_ENV_EXIST, NULL); ++#else ++ ipset_envopt_set(session, IPSET_ENV_EXIST); ++#endif + + if (block_ipv4) { + if (!reload || !has_ipset_setname(session, addr4)) +@@ -220,7 +257,7 @@ bool set_match_loaded(void) + return found; + } + +-bool ipset_init(void) ++bool ipset_initialise(void) + { + #ifdef _LIBIPSET_DYNAMIC_ + if (libipset_handle) +@@ -252,8 +289,11 @@ bool ipset_init(void) + if (!(ipset_session_init_addr = dlsym(libipset_handle, "ipset_session_init")) || + !(ipset_session_fini_addr = dlsym(libipset_handle, "ipset_session_fini")) || + !(ipset_session_data_addr = dlsym(libipset_handle,"ipset_session_data")) || +- !(ipset_session_error_addr = dlsym(libipset_handle,"ipset_session_error")) || ++#ifdef LIBIPSET_PRE_V7_COMPAT + !(ipset_envopt_parse_addr = dlsym(libipset_handle,"ipset_envopt_parse")) || ++#else ++ !(ipset_envopt_set_addr = dlsym(libipset_handle,"ipset_envopt_set")) || ++#endif + !(ipset_type_get_addr = dlsym(libipset_handle,"ipset_type_get")) || + !(ipset_data_set_addr = dlsym(libipset_handle,"ipset_data_set")) || + !(ipset_cmd_addr = dlsym(libipset_handle,"ipset_cmd")) || +@@ -285,7 +325,11 @@ bool remove_ipsets(void) + return true; + #endif + ++#ifdef LIBIPSET_PRE_V7_COMPAT + session = ipset_session_init(printf); ++#else ++ session = ipset_session_init(ipset_printf, "remove_ipsets"); ++#endif + if (!session) { + log_message(LOG_INFO, "Cannot initialize ipset session."); + return false; +@@ -311,7 +355,11 @@ bool add_ipsets(bool reload) + + void* ipset_session_start(void) + { +- return ipset_session_init(NULL); ++#ifdef LIBIPSET_PRE_V7_COMPAT ++ return ipset_session_init(printf); ++#else ++ return ipset_session_init(ipset_printf, "session_start"); ++#endif + } + + void ipset_session_end(void* vsession) +diff --git a/keepalived/vrrp/vrrp_iptables.c b/keepalived/vrrp/vrrp_iptables.c +index 874b0d0b..9b05ca66 100644 +--- a/keepalived/vrrp/vrrp_iptables.c ++++ b/keepalived/vrrp/vrrp_iptables.c +@@ -468,7 +468,7 @@ iptables_init_lib(void) + #endif + + #ifdef _HAVE_LIBIPSET_ +- if (global_data->using_ipsets && !ipset_init()) ++ if (global_data->using_ipsets && !ipset_initialise()) + global_data->using_ipsets = false; + #endif + diff --git a/keepalive-init.patch b/keepalive-init.patch index 76f630e..9237e1a 100644 --- a/keepalive-init.patch +++ b/keepalive-init.patch @@ -1,8 +1,8 @@ -Index: keepalived-1.4.0/keepalived/etc/init.d/keepalived.suse.init.in +Index: keepalived-2.0.7/keepalived/etc/init.d/keepalived.suse.init.in =================================================================== ---- keepalived-1.4.0.orig/keepalived/etc/init.d/keepalived.suse.init.in -+++ keepalived-1.4.0/keepalived/etc/init.d/keepalived.suse.init.in -@@ -1,23 +1,23 @@ +--- keepalived-2.0.7.orig/keepalived/etc/init.d/keepalived.suse.init.in ++++ keepalived-2.0.7/keepalived/etc/init.d/keepalived.suse.init.in +@@ -1,23 +1,24 @@ #! /bin/sh ### BEGIN INIT INFO @@ -31,6 +31,7 @@ Index: keepalived-1.4.0/keepalived/etc/init.d/keepalived.suse.init.in +DAEMON_BIN='@sbindir@/keepalived' +DAEMON_CONF='@sysconfdir@/keepalived/keepalived.conf' +DAEMON_PIDFILE='@localstatedir@/run/keepalived.pid' ++DAEMON_SYSCONF='/etc/sysconfig/keepalived' +DAEMON_OPT='-d' #DAEMON_USER="root" -SUPPORTS_HUP="yes" @@ -38,7 +39,7 @@ Index: keepalived-1.4.0/keepalived/etc/init.d/keepalived.suse.init.in # PidFile @localstatedir@/run/keepalived.pid # DatabaseOwner root -@@ -25,6 +25,18 @@ pid_par=${DAEMON_PIDFILE:+"-p $DAEMON_PI +@@ -25,6 +26,18 @@ pid_par=${DAEMON_PIDFILE:+"-p $DAEMON_PI usr_par=${DAEMON_USER:+"-u $DAEMON_USER"} test -x $DAEMON_BIN || exit 5 @@ -57,140 +58,14 @@ Index: keepalived-1.4.0/keepalived/etc/init.d/keepalived.suse.init.in # Shell functions sourced from /etc/rc.status: # rc_check check and set local and overall rc status -@@ -60,71 +72,70 @@ rc_reset - test -e $DAEMON_PIDFILE && ! test -s $DAEMON_PIDFILE && rm $DAEMON_PIDFILE - - case "$1" in -- start) -- echo -n "Starting $DAEMON " -- if test ! -f ${DAEMON_CONF}; then -- echo -n >&2 "Configuration file, ${DAEMON_CONF} does not exist. " -- rc_status -s -- exit 6 -- fi -- checkproc $pid_par ${DAEMON_BIN} -- case $? in -- 0) echo -n "- Warning: daemon already running. " ;; -- 1) echo -n "- Warning: ${DAEMON_PIDFILE} exists. " ;; -- esac +@@ -72,8 +85,8 @@ case "$1" in + 0) echo -n "- Warning: daemon already running. " ;; + 1) echo -n "- Warning: ${DAEMON_PIDFILE} exists. " ;; + esac -# echo "startproc $usr_par $pid_par ${DAEMON_BIN} ${DAEMON_OPT}" - startproc $usr_par $pid_par ${DAEMON_BIN} ${DAEMON_OPT} -- rc_status -v -- ;; -- stop) -- echo -n "Shutting down $DAEMON " -- checkproc $pid_par ${DAEMON_BIN} || \ -- echo -n " Warning: daemon not running. " -- killproc $pid_par -t 10 ${DAEMON_BIN} -- rc_status -v -- ;; -- try-restart|condrestart) -- if test "$1" = "condrestart"; then -- echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}" -- fi -- $0 status -- if test $? = 0; then -- $0 restart -- else -- rc_reset -- fi -- rc_status -- ;; -- restart) -- $0 stop -- $0 start -- rc_status -- ;; -- force-reload|reload) -- if test "$SUPPORTS_HUP" = "yes"; then -- echo -n "Reload service $DAEMON " -- checkproc $pid_par ${DAEMON_BIN} && \ -- touch ${DAEMON_PIDFILE} || \ -- echo -n >&2 " Warning: daemon not running. " -- killproc $pid_par -HUP ${DAEMON_BIN} -- rc_status -v -- else -- $0 stop && sleep 3 && $0 start -- rc_status -- fi -- ;; -- status) -- echo -n "Checking for $DAEMON " -- checkproc $pid_par ${DAEMON_BIN} -- rc_status -v -- ;; -- probe) -- test ${DAEMON_CONF} -nt ${DAEMON_PIDFILE} && echo reload -- ;; -- *) -- echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}" -- exit 1 -- ;; -+ start) -+ echo -n "Starting $DAEMON " -+ if test ! -f ${DAEMON_CONF}; then -+ echo -n >&2 "Configuration file, ${DAEMON_CONF} does not exist. " -+ rc_status -s -+ exit 6 -+ fi -+ checkproc $pid_par ${DAEMON_BIN} -+ case $? in -+ 0) echo -n "- Warning: daemon already running. " ;; -+ 1) echo -n "- Warning: ${DAEMON_PIDFILE} exists. " ;; -+ esac -+# echo "startproc $usr_par $pid_par ${DAEMON_BIN} ${KEEPALIVED_OPTIONS}" -+ startproc $usr_par $pid_par ${DAEMON_BIN} ${KEEPALIVED_OPTIONS} -+ rc_status -v -+ ;; -+ stop) -+ echo -n "Shutting down $DAEMON " -+ checkproc $pid_par ${DAEMON_BIN} || \ -+ echo -n " Warning: daemon not running. " -+ killproc $pid_par -t 10 ${DAEMON_BIN} -+ rc_status -v -+ ;; -+ try-restart|condrestart) -+ if test "$1" = "condrestart"; then -+ echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}" -+ fi -+ $0 status -+ if test $? = 0; then -+ $0 restart -+ else -+ rc_reset -+ fi -+ rc_status -+ ;; -+ restart) -+ $0 stop -+ $0 start -+ rc_status -+ ;; -+ force-reload|reload) -+ if test "$SUPPORTS_HUP" = "yes"; then -+ echo -n "Reload service $DAEMON " -+ checkproc $pid_par ${DAEMON_BIN} && \ -+ touch ${DAEMON_PIDFILE} || \ -+ echo -n >&2 " Warning: daemon not running. " -+ killproc $pid_par -HUP ${DAEMON_BIN} -+ rc_status -v -+ else -+ $0 stop && sleep 3 && $0 start -+ rc_status -+ fi -+ ;; -+ status) -+ echo -n "Checking for $DAEMON " -+ checkproc $pid_par ${DAEMON_BIN} -+ rc_status -v -+ ;; -+ probe) -+ test ${DAEMON_CONF} -nt ${DAEMON_PIDFILE} && echo reload -+ ;; -+ *) -+ echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}" -+ exit 1 -+ ;; - esac - rc_exit -- ++# echo "startproc $usr_par $pid_par ${DAEMON_BIN} ${DAEMON_OPT} ${KEEPALIVED_OPTIONS}" ++ startproc $usr_par $pid_par ${DAEMON_BIN} ${DAEMON_OPT} ${KEEPALIVED_OPTIONS} + rc_status -v + ;; + stop) diff --git a/keepalive-rpmlintrc b/keepalive-rpmlintrc index 7a793d1..d9736ab 100644 --- a/keepalive-rpmlintrc +++ b/keepalive-rpmlintrc @@ -1,2 +1,2 @@ # Those PEM files are only examples: -addFilter("pem-certificate /usr/share/doc/packages/keepalived/samples/*.pem") +addFilter("pem-certificate /usr/share/doc/packages/keepalived/samples/.*.pem") diff --git a/keepalived-1.4.1.tar.gz b/keepalived-1.4.1.tar.gz deleted file mode 100644 index 7bde96d..0000000 --- a/keepalived-1.4.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:220407517ccad822d1ffa80f7bc37582abaf97da6f7bda2326fa6904b1855bd0 -size 735190 diff --git a/keepalived-2.0.9.tar.gz b/keepalived-2.0.9.tar.gz new file mode 100644 index 0000000..b5a670e --- /dev/null +++ b/keepalived-2.0.9.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3930b2e43bc8e7109ddb17d32f88cdd58071f2a9a41efa55852ca9ee26cd52c5 +size 924455 diff --git a/keepalived.changes b/keepalived.changes index 34d9b5b..21af91f 100644 --- a/keepalived.changes +++ b/keepalived.changes @@ -1,3 +1,591 @@ +------------------------------------------------------------------- +Sat Nov 10 21:01:14 UTC 2018 - Marcus Rueckert + +- added b7a98f9265ffb5927c4d54c9a30726c76e65bb52.patch to fix + building with libipset >= 7 + +------------------------------------------------------------------- +Fri Nov 9 16:07:40 UTC 2018 - Marcus Rueckert + +- update to 2.0.9 + - Fix updating a timer thread's timeout. Issue #1042 identified + that the BFD process could segfault. This was tracked down to a + timer thread which had already expired having its timeout + updated by timer_thread_update_timeout(). The sands timer + should only be updated if the thread is on a waiting queue, and + not if it has already timed out or it is unused. + - Don't requeue read thread if it is not waiting. This update + matches commit 09a2a37 - Fix updating a timer thread's timeout + should. + - Allow BFD instance to recover after send error. If sendto + failed in bfd_send_packet(), the bfd instance was put into + admin down state, but there was no means for the bfd instance + to transition out of admin down state. This commit makes + keepalived log the first instance of a sequence of failures to + send a bfd packet, but does not bring the bfd instance down in + case the error is a transient error. If the error is longer + lasting, the remote system will timeout, transition to down + state, and send a message saying it is down. Once the bfd + instance can start sending again the bfd instance can now + transition again to up state. + - Make DGB definition use log_message() rather than syslog(). + - Fix building with --enable-debug configure option. + - Start list of required kernel features in INSTALL file. Issue + #1024 asked what kernel features are needed to support + keepalived. The simple answer was that it isn't recorded + anywhere, so this is a start of making a list of the features + required. + - Make list_remove() call list free function and add + list_transfer(). If an element is being removed from a list, + the free function should be called. list_transfer() allows a + list element to be moved from one list to another without + freeing and reallocating the list element control information. + - Add mem_check diagnostics re calling functions of list + functions. When using mem_check, mallocs and frees were + recorded against the list functions, and the originating + functions weren't identified. This patch adds recording of the + functions calling the list functions so that the originating + function is identified. + - Simplify the processing of comments in configuration files. + This commit moves the handling (and removal) of comments to a + single function (called from read_line()) which simplifies the + processing of config files. + - Add ~SEQ(start, step, end) config functionality Where a + configuration has repeated blocks of configuration where the + only thing that changes is a numeric value (e.g. for VRIDs from + 1 to 255) this allows the block to be defined once, and a + single line using ~SEQ can then generate all the blocks. + - Use REALLOC when building a multiline definition. The code + used to use MALLOC, strcpy() and FREE, but REALLOC can do all + this for us. + - Improve mem-check diagnostics. When using an allocation list + of over 50,000 entries, it was quite slow searching thtough all + the entries to find the matching memory allocation, and to find + free entries. This commit changes to using malloc() to create + entries, and a red-black tree to hold the entries. It also has + a separate list of free entries. This commit also adds 4 more + types of memory allocation error, and improves the consistency + of the entries in the log files. + - Don't attempt to delete VMAC when underlying interface is + deleted. If the underlying interface of one of our vmacs is + deleted, and we know the vmac has been deleted, don't attempt + to delete it again. + - Include master state in determining if vmacs are up or down + Netlink doesn't send messages for a state change of a macvlan + when the master device changes state, so we have to track that + for ourselves. + - Turn off parser debugging. + - Make test/mk_if create iptables chains. + - Handle interfaces not existing when keepalived terminates. If + the underlying interface of a vmac we created has been deleted, + the vmac will not exist so don't attempt to delete it again. + Also, don't attempt to reset the configuration of the + underlying interface. + - Handle the underlying interface of a macvlan interface going + up/down. The kernel doesn't send netlink messages for macvlans + going up or down when the underlying interface transitions (it + doesn't even update their status to say they are up/down), but + the interfaces don't work. We need to track the state of the + underlying interfaces and propagate that to the macvlan + interfaces. + - Fix duplicate value in track_t enum. + - Fix check for matching track types. + - Treat macvtap interfaces in the same way as macvlan interfaces. + - Improve handling of interfaces not existing when keepalived + starts. + - Fix handling interface deletion and creation of vmacs on + macvlan i/fs. + - When interface created, open sockets on it if used by VRRP + directly If an interface is created that has vrrp instances + configured on it that don't use VMACs, or use vmac_xmit_base, + then the raw sockets must be opened. + - Force seeing a transition to up state when an interface is + created. + - Fix netlink remnant data error. + - Add command line and configuration option to set umask. Issue + #1048 identified that files created by keepalived are created + with mode 0666. This commit changes the default to 0644, and + also allows the umask to be specified in the configuration or + as a command line option. + - Fix compile warning introduced in commit c6247a9. Commit + c6247a9 - "Add command line and configuration option to set + umask" introduced a compile warning, although the code would + have worked OK. + - When opening files for write, ensure they aren't symbolic + links. Issue #1048 identified that if, for example, a non + privileged user created a symbolic link from + /etc/keepalvied.data to /etc/passwd, writing to + /etc/keepalived.data (which could be invoked via DBus) would + cause /etc/passwd to be overwritten. This commit stops + keepalived writing to pathnames where the ultimate component is + a symbolic link, by setting O_NOFOLLOW whenever opening a file + for writing. This might break some setups, where, for example, + /etc/keepalived.data was a symbolic link to + /home/fred/keepalived.data. If this was the case, instead + create a symbolic link from /home/fred/keepalived.data to + /tmp/keepalived.data, so that the file is still accessible + via /home/fred/keepalived.data. There doesn't appear to be a + way around this backward incompatibility, since even checking + if the pathname is a symbolic link prior to opening for + writing would create a race condition. + - Make netlink error messages more meaningful. + - Fix compiling without support for macvlans. + - fix uninitialized structure. The linkinfo and linkattr + structures were not initialized, so we should not expect that + unexistant attributes are set to NULL. Add the missing + memset(). + - fix socket allocation with dynamic interfaces. When there are + several vrrp instance binding different interfaces that don't + exist at startup, their ifindex is set to 0 in the sock. The + function already_exist_sock() that lookup for an existing + socket will always return the first sock because the ifindex is + the same. Later, when an interface appears, the fd will be + created for one instance, and all instances will wrongly use + this fd to send the advertisments. Fix this by using the + interface structure pointer instead of the ifindex as the key + for sock lookup. The problem was identified by Olivier Matz + who also provided a patch fixing the problem. This patch is a + slight rework of Olivier's patch, better using the existing + data structures that keepalived already holds. + - When creating a macvlan interface, use AF_UNSPEC rather than + AF_INET. + - Stop using libnl for configuring interfaces. Since there is + code to configure the interfaces using netlink without using + libnl, there is no point in having code to do it using libnl. + - Fix building on Centos 6.5. + - Stop including some files not needed after libnl removal for + i/fs. + - Fix some compilation issues when building without vrrp support. + - Stop using linbl for mcast group membership and setting rx buf + sizes. Since there is code to handle multicast group + membership and setting kernel netlink receive buffer sizes + without using libnl, there is no point in having code to do it + using libnl. This now means that the vrrp functionality no + longer uses libnl. + - Add some sanity checking of configure options. Certain invalid + combinations of configure options could cause compile errors, + e.g. --disable-vrrp --enable-vrrp-fd-debug. This commit ensures + that invalid combinations aren't allowed, in order to stop the + compile errors. + - Fix invalid configuration combination caught by previous + commit. + - Use netlink to set/clear rp_filter on interfaces. + - Fix configure for building without vrrp. + - Actually update the .travis.yml file to fix the problem. + - Fix conditional compilation re epoll-thread-dump debugging. + - Update INSTALL file now no longer use libnl-route-3. + - Stop cast to incompatible function type warnings from gcc 8.1. + - Update snapcraft.yaml not to include libnl-route-3. + - keepalived exit with non-zero exit code if config file not + readable. + - Allow specifying default config file at configure time. + - Use keepalived define for exit code when malloc failure. + - Fix configuring fixed interface type. + - Add configuring keepalived default configuration file. + - Fix return value in get_time_rtt() error path. + - Update generation of git-commit.h. + - snapcraft.yaml: Enable all sensible build options. Preserve + build time version in the snap version. Expose genhash. + - snapcraft.yaml: Build keepalived with Linux 3.13 headers. + - snap: Add an install hook to make sure a keepalived + configuration exists. + - snap: Move the hooks to the correct location. + - snap: Make sure /etc/keepalived exists. + - Fix building with IP_MULTICAST_ALL in linux/in.h but not + netinet/in.h Issue #1054 identified that configure was checking + the definition of IP_MULTICAST_ALL in linux/in.h but including + netinet/in.h, which also has the definition, but only from + glibc 2.17. This commit creates a local definition (in + lib/config.h) of IP_MULTICAST_ALL if it is defined in + linux/in.h but not in netinet/in.h. The reason for this is that + compiles using linux/in.h fail due to conflicting definitions. + - Fix creating iptables tables in mk_if. + - Update .travis.yml to use xenial. + - Update .travis.yml to add --enable-regex option. + - Tidy up .travis.yml file. + - snap: Build multiple keepalived binaries. + - Updated snapcraft builds to support multiple kernel versions. +- drop patches: + - 5241e4d7b177d0b6f073cfc9ed5444bf51ec89d6.patch + - c6247a9ef2c7b33244ab1d3aa5d629ec49f0a067.patch + - 04f2d32871bb3b11d7dc024039952f2fe2750306.patch +- refreshed patch: linux-4.15.patch + +------------------------------------------------------------------- +Thu Nov 8 12:44:47 UTC 2018 - Marcus Rueckert + +- update to 2.0.8 + - Improve identifing interface as macvlan when reading interface + details + - Enslave a VMAC to the VRF master of the underlying interface. + - Use addattr32 rather than addattr_l for if_index. + - Only include VRF support if kernel headers support it. + - Fix --enable-timer-debug configure option. + - Fix some configure.ac enable option tests. + - Include stdbool.h in process.c. + - Fix diagnostic message re ignoring weight of tracked interface. + - Fix track_bfds with weights. + - Correct conditional compilation definition name. + - Fix memory leak in HTTP_GET/SSL_GET. + - Fix two memory leaks in DNS_CHECK. + - Don't consider retries for BFD_CHECK. The BFD_CHECKer doesn't + support retries, and the check was causing the checker not to + transition to down state. + - Fix memory leak with BFD_CHECK. + - Restart global notify FIFO handler after reload. + - modify @WITH_REGEX@ to @WITH_REGEX_TRUE@ + - Fix compiling without BFD support. + - Stop bfd process sending double the number of packets. If a + bfd process received an initial bfd packet, it scheduled a + second bfd_sender_thread thereby causing two packets to be sent + in every interval. + - Use timerfd for select timeouts rather than select timeout + parameter This is a precursor to moving to using epoll. + - Use epoll rather than select. epoll is both more efficient + than select and also doesn't have a file descriptor limit of + 1024, which limited the number of vrrp instances that could be + managed. This commit also introduces read-black trees and the + list_head list type. + - Add --enable-timer-check option for logging calls for getting + time Calls to update the current time from the kernel are made + too frequently, and this patch logs when the calls are made, + and how long since the previous call, so unnecessary calls can + be removed. + - Add debug option for monitoring epoll queues. This is enabled + by --enable-epoll-debug and replaces --enable-timer-debug. + - Use system monotonic clock to generate a monotonic clock. + Rather than have our own code for creating a monotonic clock, + use the kernel's monotonic clock. + - Make some functions in timer.c inline. The functions had one + line of code so inlining them is more efficient. + - Fix requeueing read and write threads after read/write + timeouts. + - Fix initial allocating and final freeing of thread_master + epoll_events. + - When cleaning up threads, also clean up their thread_events. + - Add thread_close_fd() function to release thread_event_t on + close When a file descriptor that has been monitored by epoll + is closed the thread_event_t structure used for managing epoll + for that fd has to be release. Therefore calls to close() and + replace by calls to thread_close_fd(). + - Make parent process write log entry when it is reloading. + - Move checking for thread timeouts to timerfd_handler There is + no point in checking for thread timeouts if the timerfd isn't + readable; in other words only check for thread timeouts if the + timer has expired. + - Make bfd reschuling timer threads more efficient. + - Streamline DNS_CHECK code. + - Fix buffer overrun with track file path names. + - Add timestamp when writing mem_check entries to file. + - Ensure thread_event_t released for ready threads at + termination. + - Increase open file limit if large number of VRRP instances. + Each VRRP instance can use up to 2 file descriptors, and so if + there are more than 500 ish VRRP instances the number of open + files can exceed the default per process limit (1024 on my + system). The commit allows 2 file descriptors per vrrp + instance plus a few more, and if the RLIMIT_NOFILE value + returned by getrlimit isn't high enough, keepalived will + increase the limit. + - Ensure that child processes run with standard + priorities/limits. When child processes such as notify + scripts, track_scripts and MISC_CHECK scripts are run, they + should not inherit any elevated priorities, system limits etc + from the parent keepalived process. + - Change multiple spaces to tabs in scheduler.h. + - Add family to sockpool listing. + - Fix a multiline definition expansion issue. + - Free allocated cache when closing/freeing netlink socket. When + running on a system with 500+ interfaces configured and adding + 1000 VMAC interfaces, the heap was growing by 340Mb due the + netlink cahce not being freed after creating each VMAC + interface. With this patch the heap only grow by 3.7Mb (if + creating 1000 VMAC interfaces the heap grep by 905Mb now + reduced to 6.1Mb). + - Stop using netlink cache when adding and configuring VMAC + interfaces. When running on a system with 500+ interfaces + configured and adding 1000 VMAC interfaces, it was taking 2.3 + seconds to add the interfaces. Without populating a netlink + cache each time a VMAC interface is created it now takes 0.38 + seconds to add the interfaces (if creating 1000 VMAC interfaces + it was taking 6.1 seconds, now reduced to 0.89 seconds, and the + heap growth is reduced from 6.1Mb to 3.9Mb). + - Add function rtnk_link_get_kernel for dynamic linking. + - Fix compiling without JSON support. + - Add support for recording perf profiling data for vrrp process. + - Add comment re usage of MAX_ALLOC_LIST. + - Some streamlining of scheduler.c. + - Merge --enable-epoll-debug and --enable-dump-threads + functionality. + - Let thread_add_unuse() set thread type, and use + thread_add_unuse() more. + - Use break rather than return in process_threads(). + - Fix segfault when reloading with HTTP_GET and no regex + configured. + - Merge the next-generation scheduler. + - Make all debug options need enabling at runtime. Previously if + configure enabled a debug option its output was always + recorded, which meant that if one didn't want the output, + configure/ compile was needed. This commit adds command line + options that need to be set in order to turn the debugging on. + - Remove unwanted debug message. + - Fix parsing --debug options. + - Fix rb tree insertion with timers. + - Add missing functions for thread debugging. + - Add vrrp instance VMAC flags when dumping configuration. + - Ensure parent thread terminates if child has permanant config + error. + - Ensure don't delete VMAC interface if keepalived didn't create + it. and sundry fixes. + - If receive lower priority advert, send GARP messages for sync + group. A recent update to issue #542 identified that following + recovery from a split brain situation, GARP messages weren't + being sent. It transpired that, if a member of a sync group in + master state received a lower priority advert and + vrrp_higher_prio_send_advert is set, a further (lower priority) + advert is sent, and the instance and all the members of the + sync group transition to backup (the other members of the sync + group don't send a further advert since they haven't received a + higher priority advert). This meant that the other members of + the sync group on the keepalived instance that remained master + didn't receive a lower priority advert, and so didn't send + further GARP messages. This commit changes keepalived's + behaviour, so that if a vrrp instance is sending GARP messages + due to receiving a lower priority advert and it is a member of + a sync group, keepalived will also send GARP messages for any + other member of the sync group that have garp_lower_prio_rep + set. + - Allow 0.0.0.0 and default/default6 for rule/route to/from + addresses. + - Check return value of SSL_CTX_new(). + - Check return values of SSL_new() and BIO_new_socket(). + - Only allow subnet masks with routes or virtual IP addresses. + For example, if specifying a via address or preferred source + address for a route, it isn't valid to specify a subnet mask. + - Add inet/inet6 to specify ip route/rule family if ambiguous. + - Remove superfluous parameter from parse_route(). + - Add "any" and "all" as synonyms for "default". + - Fix memory leak if route destination address is wrong address + family. + - Add ttl-propagate route option. + - Fix checking return status of kill(). + - Fix building with --enable-debug configure option. + - Stop delay in reload when using network namespaces. If running + in a network namespace, getaddrinfo() could take over 30 + seconds before timing out while trying to contact a name + server. To alleviate this, the hostname is remembered from when + keepalived started. + - Fix spelling of propagate in propagate_signal(). + - Fix effective_priority after reload if tracked interface down. + - Cosmetic grammatical changes. + - Add debug option for dumping vrrp fd lists. + - Fix calculation for vrrp fd timers. Starting or reloading + keepalived when an interface that was tracked interface was + failed was stopping other vrrp instances that were on the same + interface but not using VMACs coming up. + - Move code for initialising tracking priorities to vrrp_track.c. + - Don't overwrite track file on reload. + - Don't attempt to write track file if path not specified. + - Fix compiling when not using --enable-vrrp-fd-debug. + - Fix compiling with configure --enable-vrrp-fd-debug. + - Add sync group track_bfds and track file status to config dump. + - Move initialisation of track_files. + - Don't alter effective_priority if track_file take vrrp instance + down. + - Don't log vrrp instance in fault state at reload if already + fault. + - Fix calculating fd timer if all vrrp sands are set to + TIMER_DISABLED. + - Don't make all sync groups transition to backup on reload If a + sync group was in master state, and can still be after a reload + then allow it to stay in master state. + - Don't have track_bfd list in vrrp_sgroup_t in BFD not enabled. + - Fix memory leak re vrrp_sgroup_t track lists. + - Tidy up some freeing of MALLOC'd memory. Use FREE_PTR if it is + not known if the pointer is valid, and don't clear the pointer + afterr FREE/FREE_PTR since FREE does it anyway. + - Add memory.c list size definition and move definition from + memory.h. + - Increase size of checksum value for MEM_CHECK. + - Don't store checksum of memory allocation block. It can be + calculated from the size, so do so. + - Make the checksum for memory allocation blocks unsigned. + - Use an enum for memory allocation block types. + - Update comment re debug bit for memory detect error. + - In memory alloc debug code report free or realloc for not + alloc'd. + - Allow for PIDs up to 2^22 (7 decimal digits). + - Add function for dumping memory allocation while running. + - Fix max memory allocation size calculations. + - Fix reporting original and new file/line/func for realloc. + - Check matching block for realloc is allocated. The same memory + block may have been previously allocated and freed, so we need + to make sure that the block we find is currently marked as + allocated. + - Use a new MEMCHECK struct for realloc overrun detected It was + marking the allocated block as an overrun block, whereas it + needs to be an allocated block, so use a new block to mark the + overrun. + - Tidy up working of a couple of memory allocation messages. + - Use for loops rather than while blocks in memory allocation + code. + - Report number of mallocs and reallocs with MEMCHECK. + - Attempt to log first free after double free in MEMCHECK. + - Streamline use of buf/buffer in memory.c. + - Always use first free entry in alloc_list for MEMCHECK. + - Define MEMCHECK alloc_list size via configure. + - Align keepalived_free() and keepalived_realloc(). + - Make char * const where possible for MEMCHECK. + - Merge MEMCHECK keepalived_free() and keepalived_realloc(). + Most of the code was common between the two (or should have + been), so it makes sense for them to use common code. + - Ensure only relevant thread types run during shutdown. + - Fix building without --enable-mem-check. + - Use rbtree search for finding child thread on child + termination. It was doing a linear search of the rbtree in + timeout order. This commit adds another rbtree for child + processes (vrrp track scripts and check_misc scripts), sorted + by PID, to make the search by PID more efficient. + - Make rbtree compare function thread_timer_cmp() more efficient. + - Remove child_remover functionality - it was superfluous. + - Fix checking that there are no duplicate vrrp instances + configured The tuple {interface, family, vrid} must be unique. + The check for this was being made completely incorrectly. + - Delay creating vrrp notify FIFO. + - Remove struct sockaddr_storage saddr from sock_t. + - Use an rbtree for finding vrrp instance for received advert. + Previously the code search a list of pointers to vrrp instances + and looked for a matching fd and vrid. In order to optimise + this, it was implemented using an mlist whose index was a hash + of the fd and vrid. This commit changes the approach and uses + an rbtree for each sock_t. Since the sock_t that the advert + was received on is known, the rbtree search is only searching + for a match on the vrid. Not only is this more efficient, but + it is simpler, uses standard code, and reduces the code by + over 60 lines. + - Use an rbtree for finding vrrp instance for socket timeout. + Previously the code search a list of pointers to vrrp instances + and looked for matching file descriptor and sands < time_now. + In order to optimise this, it was implemented using an mlist + whose index was a hash of the fd. This commit changes the + approach and uses a second rbtree for each sock_t. Since the + sock_t that the timeout occurred on is known, the rbtree search + is only searching for a match of the sands. Not only is this + more efficient, but it is simpler, uses standard code, and + reduces the code by over 220 lines. + - Remove superfluous checks of rbtree node != NULL in rb_move(). + - Remove superfluous check of node != NULL in rb_next(). + - Update rbtree code to Linux 4.18.10. + - Fix debug logging of sands timers before time_now. + - Update rb_for_each_entry etc and rb_move to use rb_entry_safe. + With the added definition of rb_entry_safe in the rbtree code + updated to Linux 4.18.10, the refinition of rb_entry was + reverted to the kernel definition. That meant that + rb_for_each_entry, rb_for_eacn_entry_safe and rb_move neded to + be updated to use rb_entry_safe rather than rb_entry. + - Add support functions for rbtree rb_root_cached. This is in + preparation for the use of rb_root_cached in the next patch. + - Use cached rbtrees where the key is a timeval_t sands When the + key of an rbtree is a timeval_t sands keepalived will + frequently need to access the first node of the tree in order + to calculate the next timeout. This applies to the read, write, + child and timer threads queues, and also the vrrp queues on a + sock_t. The use of cached rbtrees for these is ideal since it + gives direct access to the first node of the queue. + - Add thread_add_read_sands to avoid introducing timer errors. + When using thread_add_read and the timeout was held as + timeval_t, it was converted to and offset from time_now, and + then converted back to a timeval_t, but time_now was updated, + resulting in a slightly different value being used as the + timeout. Using thread_add_read_sands() avoids the double + conversion and results in the timeout being more accurate. + - Replace NETLINK_TIMER with TIMER_NEVER. It makes the code + easier to read, and since NETLINK_TIMER was defined to be + TIMER_NEVER it doesn't change the functionality. + - Handle preempt delays not expiring at same time on sync group + If different vrrp instances in a sync group had preempt delays + that expired at different times keepalived looped with very + small to epoll_wait() until all preempt delays had expired, + causing high CPU utilisation. Keepalived now reschedules vrrp + instances with a delay of 3 * advert_int + skew time while + waiting for all vrrp instances in the sync group to expire + their preempt delays. + - Fix segfault when receive netlink message for default route + added. + - Move vrf_master_index into conditional compilation block. + - Store interface macvlan type. + - Make vrp_master_ifp point to self for VRF master interfaces. + - Log if cannot create a VMAC due to existing interface with same + name. + - Handle delete/create of macvlan i/fs which aren't keepalived's. + - Tidying up keepalived_netlink.c. + - Handle VRFs changing on macvlan i/fs which have VMACs + configured on them. + - Fix recreating our VMACs if they are deleted. + - Fix detecting address add/deletion from underlying i/f of our + vmacs. + - Don't use configured_ifp or base_ifp if not _HAVE_VRRP_VMAC_. + - Distinguish between VMAC on real i/f and no VMAC on macvlan i/f + If keepalived is configured to have a non VMAC interface on a + macvlan interface, we want to use the macvlan interface rather + than the underlying interface, whereas if we have a VMAC + interface on a macvlan interface, we create the VMAC on the + underlying interface of the macvlan. + - Update duplicate VRID check where vrrp instance configured on + macvlan. If a VRRP instance is configured on a macvlan + interface, the duplicate VRID check needs to be done on the + underlying interface. + - Check for VRID conflicts when changeable interfaces are added + For example, a vrrp instance could be configured on a macvlan, + and that macvlan could be deleted and recreated with another + base interface. The VRIDs in this case need to be checked for + duplicates against the base interface, and so the VRID check + needs to be done dynamically. In order to allow VRID conflicts + to produce config errors at startup, by default keepalived + assumes that there won't be interface movements as described + above, and will only handle it if the global_defs option + 'dynamic_interfaces' is used along with the option + 'allow_if_changes'. + - Remove some comments inserted for tracking changes to code. + - Fix building with --enable-debug configure option. + - Check that '{'s and '}'s are balanced in the configuration + file. + - Allow more flexibility re placing of { and }. + - Improve reporting additional '}'s in configuration. + - Minor improvements re thread handling and cancellation. + - Remove unused THREAD_IF_UP and THREAD_IF_DOWN. + - Replace getpagesize() with sysconf(_SC_PAGESIZE). + - Increase netlink receive buffer for dumps to 16KiB. + - Dynamically set the netlink receive buffer size. + - Sort out setting netlink receive buffer size. +- added patches for changes found during the review of the dbus + code: (boo#1015141) + CVE-2018-19044 for + https://github.com/acassen/keepalived/commit/04f2d32871bb3b11d7dc024039952f2fe2750306.patch + CVE-2018-19045 for + https://github.com/acassen/keepalived/commit/c6247a9ef2c7b33244ab1d3aa5d629ec49f0a067.patch + https://github.com/acassen/keepalived/commit/5241e4d7b177d0b6f073cfc9ed5444bf51ec89d6.patch +- enable dbus support on TW by default (boo#1015141) +- enable json stats dump support + +------------------------------------------------------------------- +Thu Sep 13 07:28:25 UTC 2018 - Marcus Rueckert + +- use %license + +------------------------------------------------------------------- +Thu Sep 13 01:38:32 UTC 2018 - Marcus Rueckert + +- update to 2.0.7 + see /usr/share/doc/packages/keepalived/ChangeLog +- refreshed keepalive-init.patch: + - reduced patch to minimal changes + - made sure it actually reads our sysconfig file +- refreshed linux-4.15.patch +- enable http regexp support: new BR pcre2-devel +- update rpmlintrc to actually match the error message: glob vs + regexp + ------------------------------------------------------------------- Mon Apr 30 14:41:46 UTC 2018 - crrodriguez@opensuse.org diff --git a/keepalived.spec b/keepalived.spec index 1f7a27a..2f3cb09 100644 --- a/keepalived.spec +++ b/keepalived.spec @@ -26,11 +26,15 @@ %else %bcond_with systemd %endif -%bcond_with dbus -%bcond_with json +%if 0%{?suse_version} > 1500 +%bcond_without dbus +%else +%bcond_with dbus +%endif +%bcond_without json Name: keepalived -Version: 1.4.1 +Version: 2.0.9 Release: 0 Summary: A keepalive facility for Linux License: GPL-2.0-or-later @@ -41,6 +45,7 @@ Source2: keepalive-rpmlintrc Patch1: keepalive-init.patch # PATCH-FIX-UPSTREAM: https://github.com/acassen/keepalived/commit/947248af144bcab6376ccddab8dc40f313b14281.patch Patch2: linux-4.15.patch +Patch3: b7a98f9265ffb5927c4d54c9a30726c76e65bb52.patch BuildRequires: libnfnetlink-devel %if %{with json} BuildRequires: libjson-c-devel @@ -56,6 +61,7 @@ BuildRequires: pkgconfig(json-c) BuildRequires: pkgconfig(libipset) BuildRequires: pkgconfig(libiptc) BuildRequires: pkgconfig(libnl-3.0) +BuildRequires: pkgconfig(libpcre2-8) BuildRequires: pkgconfig(xtables) %else BuildRequires: dbus-1-devel @@ -64,6 +70,7 @@ BuildRequires: ipset-devel BuildRequires: libiptc-devel BuildRequires: libnl-devel BuildRequires: libxtables-devel +BuildRequires: pcre2-devel %endif BuildRequires: libnfnetlink-devel # BuildRequires: netsnmp-devel @@ -79,6 +86,10 @@ BuildRequires: systemd-rpm-macros %else Requires(pre): %insserv_prereq %endif +# remove when you remove b7a98f9265ffb5927c4d54c9a30726c76e65bb52.patch +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: libtool BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -98,18 +109,22 @@ resilient infrastructures. %setup -q %patch1 -p1 %patch2 -p1 +%patch3 -p1 chmod 644 doc/samples/* %build +autoreconf -fi export STRIP=true export CPPFLAGS="$(pkg-config --cflags libnfnetlink libiptc libipset xtables)" export CFLAGS="%optflags -DOPENSSL_NO_SSL_INTERN" %configure \ --disable-silent-rules \ + --enable-bfd \ %if %{with json} --enable-json \ %endif --enable-snmp \ + --enable-snmp-checker \ --enable-snmp-vrrp \ --enable-snmp-rfc \ --enable-snmp-rfcv2 \ @@ -118,6 +133,8 @@ export CFLAGS="%optflags -DOPENSSL_NO_SSL_INTERN" --enable-dbus \ --enable-dbus-create-instance \ %endif + --enable-regex \ + --enable-regex-timers \ %if %{with systemd} --with-init=systemd \ --with-systemdsystemunitdir="%{_unitdir}" \ @@ -191,7 +208,8 @@ getent passwd %{name} >/dev/null || \ %files %defattr(-,root,root) -%doc AUTHOR ChangeLog CONTRIBUTORS COPYING README +%license COPYING +%doc AUTHOR ChangeLog CONTRIBUTORS README %doc %{_datadir}/doc/keepalived/ %doc doc/samples/ %doc doc/keepalived.conf.SYNOPSIS doc/NOTE_vrrp_vmac.txt diff --git a/linux-4.15.patch b/linux-4.15.patch index 5038c1b..7e891b7 100644 --- a/linux-4.15.patch +++ b/linux-4.15.patch @@ -28,27 +28,41 @@ Signed-off-by: Baruch Siach keepalived/vrrp/vrrp.c | 1 + 2 files changed, 2 insertions(+) -diff --git a/keepalived/include/vrrp_arp.h b/keepalived/include/vrrp_arp.h -index c2b4e6b5..9dd68f63 100644 ---- a/keepalived/include/vrrp_arp.h -+++ b/keepalived/include/vrrp_arp.h +Index: keepalived-2.0.9/keepalived/include/vrrp_arp.h +=================================================================== +--- keepalived-2.0.9.orig/keepalived/include/vrrp_arp.h ++++ keepalived-2.0.9/keepalived/include/vrrp_arp.h @@ -24,6 +24,7 @@ #define _VRRP_ARP_H /* system includes */ +#include - #include - #include + #include + #include -diff --git a/keepalived/vrrp/vrrp.c b/keepalived/vrrp/vrrp.c -index 56395363..eaa9c567 100644 ---- a/keepalived/vrrp/vrrp.c -+++ b/keepalived/vrrp/vrrp.c -@@ -26,6 +26,7 @@ - #include "config.h" +Index: keepalived-2.0.9/keepalived/vrrp/vrrp.c +=================================================================== +--- keepalived-2.0.9.orig/keepalived/vrrp/vrrp.c ++++ keepalived-2.0.9/keepalived/vrrp/vrrp.c +@@ -40,6 +40,7 @@ + #include /* local include */ +#define _GNU_SOURCE + #include "parser.h" + #include "vrrp_arp.h" - #include "vrrp_ndisc.h" - #include "vrrp_scheduler.h" +Index: keepalived-2.0.9/keepalived/include/vrrp_if.h +=================================================================== +--- keepalived-2.0.9.orig/keepalived/include/vrrp_if.h ++++ keepalived-2.0.9/keepalived/include/vrrp_if.h +@@ -33,9 +33,7 @@ + #include + #include + #include +-#ifdef _HAVE_NET_LINUX_IF_H_COLLISION_ + #define _LINUX_IF_H +-#endif + #include + #ifdef _HAVE_VRRP_VMAC_ + #include