From 4c14b2923e53881bc796636f98ab358076937547c6915c3b70be39ea88e8192b Mon Sep 17 00:00:00 2001
From: Christof Hanke <christof.hanke@mpcdf.mpg.de>
Date: Wed, 4 Jan 2023 09:37:51 +0000
Subject: [PATCH] Accepting request 1047094 from
 home:hauky:branches:filesystems

- update to offical openafs-1.8.9
  * all changes as openafs-1.8.9pre2
  * fix possible DoS attack

OBS-URL: https://build.opensuse.org/request/show/1047094
OBS-URL: https://build.opensuse.org/package/show/filesystems/openafs?expand=0&rev=101
---
 ChangeLog                            | 73 ++++++++++++++++++++++++++++
 RELNOTES-1.8.9pre2 => RELNOTES-1.8.9 |  8 ++-
 openafs-1.8.9-doc.tar.bz2            |  3 ++
 openafs-1.8.9-doc.tar.bz2.md5        |  1 +
 openafs-1.8.9-doc.tar.bz2.sha256     |  1 +
 openafs-1.8.9-src.tar.bz2            |  3 ++
 openafs-1.8.9-src.tar.bz2.md5        |  1 +
 openafs-1.8.9-src.tar.bz2.sha256     |  1 +
 openafs-1.8.9pre2-doc.tar.bz2        |  3 --
 openafs-1.8.9pre2-doc.tar.bz2.md5    |  1 -
 openafs-1.8.9pre2-doc.tar.bz2.sha256 |  1 -
 openafs-1.8.9pre2-src.tar.bz2        |  3 --
 openafs-1.8.9pre2-src.tar.bz2.md5    |  1 -
 openafs-1.8.9pre2-src.tar.bz2.sha256 |  1 -
 openafs.changes                      |  7 +++
 openafs.spec                         |  6 +--
 16 files changed, 100 insertions(+), 14 deletions(-)
 rename RELNOTES-1.8.9pre2 => RELNOTES-1.8.9 (85%)
 create mode 100644 openafs-1.8.9-doc.tar.bz2
 create mode 100644 openafs-1.8.9-doc.tar.bz2.md5
 create mode 100644 openafs-1.8.9-doc.tar.bz2.sha256
 create mode 100644 openafs-1.8.9-src.tar.bz2
 create mode 100644 openafs-1.8.9-src.tar.bz2.md5
 create mode 100644 openafs-1.8.9-src.tar.bz2.sha256
 delete mode 100644 openafs-1.8.9pre2-doc.tar.bz2
 delete mode 100644 openafs-1.8.9pre2-doc.tar.bz2.md5
 delete mode 100644 openafs-1.8.9pre2-doc.tar.bz2.sha256
 delete mode 100644 openafs-1.8.9pre2-src.tar.bz2
 delete mode 100644 openafs-1.8.9pre2-src.tar.bz2.md5
 delete mode 100644 openafs-1.8.9pre2-src.tar.bz2.sha256

diff --git a/ChangeLog b/ChangeLog
index 0e37a89..5c92c73 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,76 @@
+commit 6cb9320825c3617abcb48e7fbd9d0d64f0c2f65b
+Author: Stephan Wiesand <stephan.wiesand@desy.de>
+Date:   Thu Dec 8 18:49:41 2022 +0100
+
+    Make OpenAFS 1.8.9
+    
+    Update version strings for the 1.8.9 release, and add the
+    finishing touch to NEWS.
+    
+    Change-Id: I8185cc177c1150d29d802df522e3b161dac7d75e
+    Reviewed-on: https://gerrit.openafs.org/15215
+    Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
+    Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
+    Tested-by: BuildBot <buildbot@rampaginggeek.com>
+    Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
+
+commit 0ad4c50f91c2d322688981b97aa05ba471b848c1
+Author: Benjamin Kaduk <kaduk@mit.edu>
+Date:   Fri Oct 8 20:11:19 2021 -0700
+
+    viced: cope with signed length/position in FetchData
+    
+    For legacy reasons, the "Pos" (initial position) and "Len" (length)
+    inputs to the RXAFS_FetchData and RXAFS_FetchData64 RPCs are represented
+    as signed integers (the corresponding StoreData RPCs use unsigned values).
+    
+    The use of signed values allows for the possibility of negative inputs,
+    and of signed integer overflow (undefined behavior in C), though the latter
+    is unlikely to arise naturally given that the implementation uses a
+    common backend with 64-bit values.
+    
+    In particular, if a negative "Pos" value is supplied, we end up in
+    FetchData_RXStyle() that performs either FDH_PREAD() or FDH_PREADV()
+    with the negative value as the position from which to read, which is
+    an error.  The error handling for those calls treats any error as
+    indicative of a problem with the volume or its underlying storage,
+    and takes the volume offline for salvage.  Furthermore, after the
+    maximum number of automatic salvages the volume is left offline for
+    administrator action.  This presents a simple route for
+    (unauthenticated) denial of service, as root.cell.readonly must be
+    available to all users of the cell, and can be brought offline in this
+    way; rendering root.cell.readonly unavailable would bring essentially
+    all access to the cell to a halt.  (Other volumes could be targeted as
+    well, subject to their corresponding ACLs.)
+    
+    Since there is no valid use for a negative position or length input,
+    reject them outright from the common_FetchData64() implementation.
+    Also check for whether the combination requests a read that would
+    overflow a signed integer and reject that as well.
+    
+    Thanks to Jeffrey Altman and Chaskiel Grundman for collaborating on
+    this change.
+    
+    FIXES 135263
+    
+    Reviewed-on: https://gerrit.openafs.org/15223
+    Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
+    Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
+    Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
+    Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
+    Tested-by: Mark Vitale <mvitale@sinenomine.net>
+    Reviewed-by: Jeffrey Altman <jaltman@auristor.com>
+    Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
+    (cherry picked from commit 1fbbcbee0183aa7855c0e5d9d38aa89af75902db)
+    
+    Change-Id: I1d634918789dddd5500ab50a0b508c142d83dc84
+    Reviewed-on: https://gerrit.openafs.org/15224
+    Reviewed-by: Cheyenne Wills <cwills@sinenomine.net>
+    Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
+    Tested-by: BuildBot <buildbot@rampaginggeek.com>
+    Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>
+    Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
+
 commit f812d1125f785df05bf1028f665d22c608006bae
 Author: Stephan Wiesand <stephan.wiesand@desy.de>
 Date:   Thu Nov 3 15:59:04 2022 +0100
diff --git a/RELNOTES-1.8.9pre2 b/RELNOTES-1.8.9
similarity index 85%
rename from RELNOTES-1.8.9pre2
rename to RELNOTES-1.8.9
index 7c2bf39..82354ad 100644
--- a/RELNOTES-1.8.9pre2
+++ b/RELNOTES-1.8.9
@@ -1,6 +1,6 @@
                        User-Visible OpenAFS Changes
 
-OpenAFS 1.8.9 (in progress)
+OpenAFS 1.8.9
 
   All platforms
 
@@ -26,6 +26,12 @@ OpenAFS 1.8.9 (in progress)
       unnecessary several second delays in some cases during database
       quorum processing (14815)
 
+    * Detect invalid (negative) inputs to FetchData RPCs and reject them
+      early.  The previous behavior only detected the error when actually
+      attempting to read from storage, which resulted in the volume being
+      taken offline since errors were assumed to originate from the
+      underlying storage (15224)
+
   All UNIX/Linux client platforms
 
     * Do not perform DNS SRV/AFSDB record queries when running "fs
diff --git a/openafs-1.8.9-doc.tar.bz2 b/openafs-1.8.9-doc.tar.bz2
new file mode 100644
index 0000000..b9ec961
--- /dev/null
+++ b/openafs-1.8.9-doc.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ef91e854eab4aa74268525954a41c2a2ad0a2eaf530eaa22bb9e4bf453b15939
+size 3771797
diff --git a/openafs-1.8.9-doc.tar.bz2.md5 b/openafs-1.8.9-doc.tar.bz2.md5
new file mode 100644
index 0000000..3b8e29c
--- /dev/null
+++ b/openafs-1.8.9-doc.tar.bz2.md5
@@ -0,0 +1 @@
+1f59a2942007bac5c7a8b83360852e29  openafs-1.8.9-doc.tar.bz2
diff --git a/openafs-1.8.9-doc.tar.bz2.sha256 b/openafs-1.8.9-doc.tar.bz2.sha256
new file mode 100644
index 0000000..cdc1b7e
--- /dev/null
+++ b/openafs-1.8.9-doc.tar.bz2.sha256
@@ -0,0 +1 @@
+ef91e854eab4aa74268525954a41c2a2ad0a2eaf530eaa22bb9e4bf453b15939  openafs-1.8.9-doc.tar.bz2
diff --git a/openafs-1.8.9-src.tar.bz2 b/openafs-1.8.9-src.tar.bz2
new file mode 100644
index 0000000..42f789a
--- /dev/null
+++ b/openafs-1.8.9-src.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d126178be1f42cca18cb7c0c2691ac354518e3790170150a76bbd25f4d151f06
+size 14875192
diff --git a/openafs-1.8.9-src.tar.bz2.md5 b/openafs-1.8.9-src.tar.bz2.md5
new file mode 100644
index 0000000..a7585ef
--- /dev/null
+++ b/openafs-1.8.9-src.tar.bz2.md5
@@ -0,0 +1 @@
+b48ac2fdeffc2005b78e255c67ac43ba  openafs-1.8.9-src.tar.bz2
diff --git a/openafs-1.8.9-src.tar.bz2.sha256 b/openafs-1.8.9-src.tar.bz2.sha256
new file mode 100644
index 0000000..fbcca19
--- /dev/null
+++ b/openafs-1.8.9-src.tar.bz2.sha256
@@ -0,0 +1 @@
+d126178be1f42cca18cb7c0c2691ac354518e3790170150a76bbd25f4d151f06  openafs-1.8.9-src.tar.bz2
diff --git a/openafs-1.8.9pre2-doc.tar.bz2 b/openafs-1.8.9pre2-doc.tar.bz2
deleted file mode 100644
index d1c8e4b..0000000
--- a/openafs-1.8.9pre2-doc.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:999f1fb5493df02359fecbe9e9f5cda580bacf3d333b7443112901d0b8732aac
-size 3773538
diff --git a/openafs-1.8.9pre2-doc.tar.bz2.md5 b/openafs-1.8.9pre2-doc.tar.bz2.md5
deleted file mode 100644
index d16c573..0000000
--- a/openafs-1.8.9pre2-doc.tar.bz2.md5
+++ /dev/null
@@ -1 +0,0 @@
-34695fb15df9c7320960939dd586494f  openafs-1.8.9pre2-doc.tar.bz2
diff --git a/openafs-1.8.9pre2-doc.tar.bz2.sha256 b/openafs-1.8.9pre2-doc.tar.bz2.sha256
deleted file mode 100644
index 340468f..0000000
--- a/openafs-1.8.9pre2-doc.tar.bz2.sha256
+++ /dev/null
@@ -1 +0,0 @@
-999f1fb5493df02359fecbe9e9f5cda580bacf3d333b7443112901d0b8732aac  openafs-1.8.9pre2-doc.tar.bz2
diff --git a/openafs-1.8.9pre2-src.tar.bz2 b/openafs-1.8.9pre2-src.tar.bz2
deleted file mode 100644
index 382a32a..0000000
--- a/openafs-1.8.9pre2-src.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:29006abf9c3163cdc17612bd2ea8ae951981bf1f7714b5c51fb73e0af0674ba3
-size 14877698
diff --git a/openafs-1.8.9pre2-src.tar.bz2.md5 b/openafs-1.8.9pre2-src.tar.bz2.md5
deleted file mode 100644
index eafe436..0000000
--- a/openafs-1.8.9pre2-src.tar.bz2.md5
+++ /dev/null
@@ -1 +0,0 @@
-1234973bfc9872d4d6f0b4d1998acdd3  openafs-1.8.9pre2-src.tar.bz2
diff --git a/openafs-1.8.9pre2-src.tar.bz2.sha256 b/openafs-1.8.9pre2-src.tar.bz2.sha256
deleted file mode 100644
index c02f3b7..0000000
--- a/openafs-1.8.9pre2-src.tar.bz2.sha256
+++ /dev/null
@@ -1 +0,0 @@
-29006abf9c3163cdc17612bd2ea8ae951981bf1f7714b5c51fb73e0af0674ba3  openafs-1.8.9pre2-src.tar.bz2
diff --git a/openafs.changes b/openafs.changes
index f9e417b..7328274 100644
--- a/openafs.changes
+++ b/openafs.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Wed Jan  4 08:14:39 UTC 2023 - Christof Hanke <christof.hanke@mpcdf.mpg.de>
+
+- update to offical openafs-1.8.9
+  * all changes as openafs-1.8.9pre2
+  * fix possible DoS attack 
+
 -------------------------------------------------------------------
 Mon Dec 12 07:40:28 UTC 2022 - Christof Hanke <christof.hanke@mpcdf.mpg.de>
 
diff --git a/openafs.spec b/openafs.spec
index 4f48278..f3ab796 100644
--- a/openafs.spec
+++ b/openafs.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package openafs
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -57,11 +57,11 @@
 
 # used for %setup only
 # leave upstream tar-balls untouched for integrity checks.
-%define upstream_version 1.8.9pre2
+%define upstream_version 1.8.9
 
 Name:           openafs
 
-Version:        1.8.9~pre2
+Version:        1.8.9
 Release:        0
 Summary:        OpenAFS Distributed File System
 License:        IPL-1.0