rpm/cloud-init
SHA256
1
0
Fork 0
forked from pool/cloud-init
Code Pull Requests Activity

Accepting request 777713 from Cloud:Tools

Browse Source 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/777713
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cloud-init?expand=0&rev=67
This commit is contained in:
Dominique Leuenberger 2020-02-22 17:58:28 +00:00 committed by Git OBS Bridge
commit 31adfdd05a
5 changed files with 61 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
cloud-init-long-pass.patch Normal file
View File

@ -0,0 +1,11 @@
--- cloudinit/config/cc_set_passwords.py.orig
+++ cloudinit/config/cc_set_passwords.py
@@ -236,7 +236,7 @@ def handle(_name, cfg, cloud, log, args)
raise errors[-1]
-def rand_user_password(pwlen=9):
+def rand_user_password(pwlen=20):
return util.rand_str(pwlen, select_from=PW_SET)

16
cloud-init-use-different-random-src.diff Normal file
View File

@ -0,0 +1,16 @@
diff --git a/cloudinit/util.py b/cloudinit/util.py
index d99e82fa5..c02b3d9a5 100644
--- a/cloudinit/util.py
+++ b/cloudinit/util.py
@@ -397,9 +397,10 @@ def translate_bool(val, addons=None):
def rand_str(strlen=32, select_from=None):
+ r = random.SystemRandom()
if not select_from:
select_from = string.ascii_letters + string.digits
- return "".join([random.choice(select_from) for _x in range(0, strlen)])
+ return "".join([r.choice(select_from) for _x in range(0, strlen)])
def rand_dict_key(dictionary, postfix=None):

14
cloud-init-write-routes.patch
View File

@ -8,7 +8,7 @@
from cloudinit import helpers
from cloudinit import log as logging
@@ -172,7 +173,47 @@ class Distro(distros.Distro):
@@ -172,7 +173,53 @@ class Distro(distros.Distro):
util.write_file(out_fn, str(conf), 0o644)
def _write_network_config(self, netconfig):
@ -34,12 +34,18 @@
+ for subnet in subnets:
+ routes = subnet.get('routes', [])
+ for route in routes:
+ dest = route.get('network')
+ dest = route.get('destination')
+ if dest in default_nets:
+ dest = 'default'
+ if dest != 'default':
+ prefix = mask_to_net_prefix(route.get('netmask'))
+ dest += '/' + str(prefix)
+ netmask = route.get('genmask')
+ if netmask:
+ prefix = mask_to_net_prefix(netmask)
+ dest += '/' + str(prefix)
+ if '/' not in dest:
+ LOG.warning(
+ 'Route destination has no prefix "%s"', dest
+ )
+ gateway = route.get('gateway')
+ config_routes += ' '.join(
+ [dest, gateway, '-', '-\n']

20
cloud-init.changes
View File

@ -1,3 +1,23 @@
-------------------------------------------------------------------
Thu Feb 13 14:07:50 UTC 2020 - Robert Schweikert <rjschwei@suse.com>
- Add cloud-init-long-pass.patch (bsc#1162936, CVE-2020-8632)
+ Increase the default length of generated passwords
-------------------------------------------------------------------
Wed Feb 12 22:37:57 UTC 2020 - Robert Schweikert <rjschwei@suse.com>
- Add cloud-init-use-different-random-src.diff (bsc#1162937, CVE-2020-8631)
+ Use non-deterministic generator for password generation.
-------------------------------------------------------------------
Wed Feb 12 19:30:42 UTC 2020 - Robert Schweikert <rjschwei@suse.com>
- Update cloud-init-write-routes.patch (bsc#1163178)
+ Entries in the routes definition have changed causing a traceback
during rout config file writing. This patch update addresses the
issue by extracting the new entries properly.
-------------------------------------------------------------------
Fri Jan 17 18:55:41 UTC 2020 - Robert Schweikert <rjschwei@suse.com>

4
cloud-init.spec
View File

@ -45,6 +45,8 @@ Patch55: cloud-init-mix-static-dhcp.patch
Patch56: cloud-init-sysconf-path.patch
# FIXME (lp#1860164)
Patch57: cloud-init-no-tempnet-oci.patch
Patch58: cloud-init-use-different-random-src.diff
Patch59: cloud-init-long-pass.patch
BuildRequires: fdupes
BuildRequires: filesystem
@ -190,6 +192,8 @@ Documentation and examples for cloud-init tools
%patch55 -p0
%patch56
%patch57
%patch58 -p1
%patch59
%build
%if 0%{?suse_version} && 0%{?suse_version} <= 1315