[-]
[+]
|
Changed |
keepalived.spec
|
|
[-]
[+]
|
Added |
keepalived-bind.patch
^
|
@@ -0,0 +1,24 @@
+From 794273c2729f4b79ddd321d3fa90f9b300e86800 Mon Sep 17 00:00:00 2001
+From: Vincent Bernat <bernat@luffy.cx>
+Date: Mon, 05 Dec 2011 13:47:14 +0000
+Subject: Don't use bind() with AF_UNSPEC
+
+tcp_bind_connect() may be called with a non NULL bind_addr variable
+but filled with 0. This cause bind() to be called with AF_UNSPEC and
+make it fail with recent kernels.
+---
+diff --git a/keepalived/core/layer4.c b/keepalived/core/layer4.c
+index 5725500..5b33417 100644
+--- a/keepalived/core/layer4.c
++++ b/keepalived/core/layer4.c
+@@ -43,7 +43,7 @@ tcp_bind_connect(int fd, struct sockaddr_storage *addr, struct sockaddr_storage
+ fcntl(fd, F_SETFL, val | O_NONBLOCK);
+
+ /* Bind socket */
+- if (bind_addr) {
++ if (bind_addr && ((struct sockaddr *) bind_addr)->sa_family != AF_UNSPEC) {
+ addrlen = sizeof(*bind_addr);
+ if (bind(fd, (struct sockaddr *) bind_addr, addrlen) != 0)
+ return connect_error;
+--
+cgit v0.8.3.4
|
[-]
[+]
|
Added |
keepalived-check-ipv6-mark.patch
^
|
@@ -0,0 +1,58 @@
+From 479bb39cb94e602e8e8891d84538b2f67de14f04 Mon Sep 17 00:00:00 2001
+From: Vincent Bernat <bernat@luffy.cx>
+Date: Wed, 26 Oct 2011 21:26:44 +0000
+Subject: check: enable the use of fwmark with IPv6 virtual servers
+
+When using fwmark, the virtual server was assumed to use IPv4. We
+correct this by looking at the address family of the first real
+server.
+---
+diff --git a/keepalived/check/ipvswrapper.c b/keepalived/check/ipvswrapper.c
+index 511be53..6f49b19 100644
+--- a/keepalived/check/ipvswrapper.c
++++ b/keepalived/check/ipvswrapper.c
+@@ -455,9 +455,9 @@ ipvs_group_range_cmd(int cmd, virtual_server_group_entry *vsg_entry)
+
+ /* set IPVS group rules */
+ static void
+-ipvs_group_cmd(int cmd, list vs_group, real_server * rs, char * vsgname)
++ipvs_group_cmd(int cmd, list vs_group, real_server * rs, virtual_server * vs)
+ {
+- virtual_server_group *vsg = ipvs_get_group_by_name(vsgname, vs_group);
++ virtual_server_group *vsg = ipvs_get_group_by_name(vs->vsgname, vs_group);
+ virtual_server_group_entry *vsg_entry;
+ list l;
+ element e;
+@@ -493,6 +493,12 @@ ipvs_group_cmd(int cmd, list vs_group, real_server * rs, char * vsgname)
+ for (e = LIST_HEAD(l); e; ELEMENT_NEXT(e)) {
+ vsg_entry = ELEMENT_DATA(e);
+ srule->af = AF_INET;
++ /* Need to get address family from first real server */
++ if (vs->rs && !LIST_ISEMPTY(vs->rs) &&
++ (((real_server *)ELEMENT_DATA(LIST_HEAD(vs->rs)))->addr.ss_family == AF_INET6)) {
++ srule->af = AF_INET6;
++ srule->netmask = 128;
++ }
+ srule->fwmark = vsg_entry->vfwmark;
+
+ /* Talk to the IPVS channel */
+@@ -584,10 +590,16 @@ ipvs_cmd(int cmd, list vs_group, virtual_server * vs, real_server * rs)
+
+ /* Set vs rule and send to kernel */
+ if (vs->vsgname) {
+- ipvs_group_cmd(cmd, vs_group, rs, vs->vsgname);
++ ipvs_group_cmd(cmd, vs_group, rs, vs);
+ } else {
+ if (vs->vfwmark) {
+ srule->af = AF_INET;
++ /* Need to get address family from first real server */
++ if (vs->rs && !LIST_ISEMPTY(vs->rs) &&
++ (((real_server *)ELEMENT_DATA(LIST_HEAD(vs->rs)))->addr.ss_family == AF_INET6)) {
++ srule->af = AF_INET6;
++ srule->netmask = 128;
++ }
+ srule->fwmark = vs->vfwmark;
+ } else {
+ srule->af = vs->addr.ss_family;
+--
+cgit v0.8.3.4
|
[-]
[+]
|
Added |
keepalived-docu-update.patch
^
|
@@ -0,0 +1,59 @@
+From c02b0ebab4e6f622e914295025807abbe777feee Mon Sep 17 00:00:00 2001
+From: Vincent Bernat <bernat@luffy.cx>
+Date: Wed, 26 Oct 2011 22:18:19 +0000
+Subject: vrrp: better documentation of the limitation on password length
+
+Patch from Dan Wallis:
+
+ I've been helping debug a password issue between versions v1.1.15 &
+ v1.1.20, and it turns out that auth_pass is being truncated to eight
+ characters in the former, and seven in the latter. This is later
+ "fixed" to be eight characters again in v1.2.1.
+
+ This patch makes this maximum length more obvious to the end user, so
+ as to avoid future issues with inadvertent truncation.
+---
+diff --git a/doc/keepalived.conf.SYNOPSIS b/doc/keepalived.conf.SYNOPSIS
+index 5d79720..7369ef3 100644
+--- a/doc/keepalived.conf.SYNOPSIS
++++ b/doc/keepalived.conf.SYNOPSIS
+@@ -170,7 +170,7 @@ vrrp_instance <STRING> { # VRRP instance declaration
+ advert_int <INTEGER> # VRRP Advert interval (use default)
+ authentication { # Authentication block
+ auth_type PASS|AH # Simple Passwd or IPSEC AH
+- auth_pass <STRING> # Password string
++ auth_pass <STRING> # Password string (up to 8 characters)
+ }
+ virtual_ipaddress { # VRRP IP addres block
+ <IP ADDRESS>/<MASK> brd <IP ADDRESS> dev <STRING> scope <SCOPE> label <LABEL>
+diff --git a/doc/man/man5/keepalived.conf.5 b/doc/man/man5/keepalived.conf.5
+index 09aae3a..53856da 100644
+--- a/doc/man/man5/keepalived.conf.5
++++ b/doc/man/man5/keepalived.conf.5
+@@ -172,6 +172,7 @@ which will transition together on any state change.
+ auth_type PASS
+ # Password for accessing vrrpd.
+ # should be the same for all machines.
++ # Only the first eight (8) characters are used.
+ auth_pass 1234
+
+ #addresses add|del on change to MASTER, to BACKUP.
+diff --git a/keepalived/vrrp/vrrp_parser.c b/keepalived/vrrp/vrrp_parser.c
+index 2b5ed33..5888723 100644
+--- a/keepalived/vrrp/vrrp_parser.c
++++ b/keepalived/vrrp/vrrp_parser.c
+@@ -307,8 +307,11 @@ vrrp_auth_pass_handler(vector strvec)
+ int max_size = sizeof (vrrp->auth_data);
+ int str_len = strlen(str);
+
+- if (str_len > max_size)
++ if (str_len > max_size) {
+ str_len = max_size;
++ log_message(LOG_INFO,
++ "Truncating auth_pass to %d characters", max_size);
++ }
+
+ memset(vrrp->auth_data, 0, max_size);
+ memcpy(vrrp->auth_data, str, str_len);
+--
+cgit v0.8.3.4
|
[-]
[+]
|
Added |
keepalived-ipv4compare.patch
^
|
@@ -0,0 +1,23 @@
+From bc49a46989c98eb6ee72a379b18b77e87ed624fa Mon Sep 17 00:00:00 2001
+From: Vincent Bernat <bernat@luffy.cx>
+Date: Wed, 07 Dec 2011 09:17:55 +0000
+Subject: Fix IPv4 address comparison routine.
+
+Two different IPv4 addresses were returned to be equal while this was
+not the case. Thanks to Ronie Gilberto Henrich for spotting this bug.
+---
+diff --git a/keepalived/include/check_data.h b/keepalived/include/check_data.h
+index 50a4757..e3ff458 100644
+--- a/keepalived/include/check_data.h
++++ b/keepalived/include/check_data.h
+@@ -163,7 +163,7 @@ static inline int sockstorage_equal(const struct sockaddr_storage *s1,
+ struct sockaddr_in *a1 = (struct sockaddr_in *) s1;
+ struct sockaddr_in *a2 = (struct sockaddr_in *) s2;
+
+- if ((a1->sin_addr.s_addr == a1->sin_addr.s_addr) &&
++ if ((a1->sin_addr.s_addr == a2->sin_addr.s_addr) &&
+ (a1->sin_port == a2->sin_port))
+ return 1;
+ }
+--
+cgit v0.8.3.4
|
[-]
[+]
|
Added |
keepalived-modprobe.patch
^
|
@@ -0,0 +1,22 @@
+From a3547673b4181999b26d1d21663b0d7c3664b2e1 Mon Sep 17 00:00:00 2001
+From: Vincent Bernat <bernat@luffy.cx>
+Date: Fri, 26 Aug 2011 05:25:05 +0000
+Subject: Fix modprobe arguments.
+
+Fix by Dan Wallis.
+---
+diff --git a/keepalived/check/ipvswrapper.c b/keepalived/check/ipvswrapper.c
+index a48ef0f..511be53 100644
+--- a/keepalived/check/ipvswrapper.c
++++ b/keepalived/check/ipvswrapper.c
+@@ -728,7 +728,7 @@ string_to_number(const char *s, int min, int max)
+ static int
+ modprobe_ipvs(void)
+ {
+- char *argv[] = { "/sbin/modprobe", "-s", "-k", "--", "ip_vs", NULL };
++ char *argv[] = { "/sbin/modprobe", "-s", "--", "ip_vs", NULL };
+ int child;
+ int status;
+ int rc;
+--
+cgit v0.8.3.4
|