Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package docker for openSUSE:Factory checked
in at 2021-10-11 15:30:18
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/docker (Old)
and /work/SRC/openSUSE:Factory/.docker.new.2443 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "docker"
Mon Oct 11 15:30:18 2021 rev:114 rq:923378 version:20.10.9_ce
Changes:
--------
--- /work/SRC/openSUSE:Factory/docker/docker.changes 2021-09-21
09:15:15.200832024 +0200
+++ /work/SRC/openSUSE:Factory/.docker.new.2443/docker.changes 2021-10-11
15:30:22.886726091 +0200
@@ -1,0 +2,15 @@
+Wed Oct 6 02:51:16 UTC 2021 - Aleksa Sarai <asa...@suse.com>
+
+- Update to Docker 20.10.9-ce. See upstream changelog in the packaged
+ /usr/share/doc/packages/docker/CHANGELOG.md. bsc#1191355
+ CVE-2021-41092 CVE-2021-41089 CVE-2021-41091 CVE-2021-41103
+- Rebase patches:
+ * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
+ * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
+ * 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
+ * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
+ * 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch
+ * 0006-bsc1190670-seccomp-add-support-for-clone3-syscall-in.patch
+- Switch to Go 1.16.x compiler, in line with upstream.
+
+-------------------------------------------------------------------
Old:
----
docker-20.10.6_ce_8728dd246c3a.tar.xz
docker-cli-20.10.6_ce.tar.xz
docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46.tar.xz
New:
----
docker-20.10.9_ce_79ea9d308018.tar.xz
docker-cli-20.10.9_ce.tar.xz
docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ docker.spec ++++++
--- /var/tmp/diff_new_pack.2yMo8z/_old 2021-10-11 15:30:23.794727547 +0200
+++ /var/tmp/diff_new_pack.2yMo8z/_new 2021-10-11 15:30:23.798727553 +0200
@@ -42,24 +42,24 @@
# helpfully injects into our build environment from the changelog). If you want
# to generate a new git_commit_epoch, use this:
# $ date --date="$(git show --format=fuller --date=iso $COMMIT_ID | grep -oP
'(?<=^CommitDate: ).*')" '+%s'
-%define git_version 8728dd246c3a
-%define git_commit_epoch 1618005978
+%define git_version 79ea9d308018
+%define git_commit_epoch 1632421578
# We require a specific pin of libnetwork because it doesn't really do
# versioning and minor version mismatches in libnetwork can break Docker
# networking. All other key runtime dependencies (containerd, runc) are stable
# enough that this isn't necessary.
-%define libnetwork_version b3507428be5b458cb0e2b4086b13531fb0706e46
+%define libnetwork_version 64b7a4574d1426139437d20e81c0b6d391130ec8
%define dist_builddir %{_builddir}/dist-suse
%define cli_builddir %{dist_builddir}/src/github.com/docker/cli
%define proxy_builddir %{dist_builddir}/src/github.com/docker/libnetwork
Name: %{realname}%{name_suffix}
-Version: 20.10.6_ce
+Version: 20.10.9_ce
# This "nice version" is so that docker --version gives a result that can be
# parsed by other people. boo#1182476
-%define nice_version 20.10.6-ce
+%define nice_version 20.10.9-ce
Release: 0
Summary: The Moby-project Linux container runtime
License: Apache-2.0
@@ -110,9 +110,7 @@
BuildRequires: zsh
BuildRequires: fish
BuildRequires: go-go-md2man
-# We cannot use Go 1.14 because it breaks io.Copy (among other things) by
-# returning -EINTR from I/O syscalls much more often.
-BuildRequires: go1.13
+BuildRequires: go1.16
BuildRequires: pkgconfig(libsystemd)
Requires: apparmor-parser
Requires: ca-certificates-mozilla
@@ -122,8 +120,8 @@
Provides: docker-libnetwork%{name_suffix} = 0.7.0.2.%{version}
# Required to actually run containers. We require the minimum version that is
# pinned by Docker, but in order to avoid headaches we allow for updates.
-Requires: runc >= 1.0.0~rc93
-Requires: containerd >= 1.4.3
+Requires: runc >= 1.0.2
+Requires: containerd >= 1.4.11
# Needed for --init support. We don't use "tini", we use our own implementation
# which handles edge-cases better.
Requires: catatonit
@@ -312,6 +310,8 @@
export GITCOMMIT="%{git_version}"
export SOURCE_DATE_EPOCH="${SOURCE_DATE_EPOCH:-%{git_commit_epoch}}"
export BUILDTIME="$(date -u -d "@$SOURCE_DATE_EPOCH" --rfc-3339 ns 2>/dev/null
| sed -e 's/ /T/')"
+# NOTE: This will have to be removed with the next major Docker bump.
+export GO111MODULE=off
EOF
) > docker_build_env
. ./docker_build_env
++++++ 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch ++++++
--- /var/tmp/diff_new_pack.2yMo8z/_old 2021-10-11 15:30:23.822727592 +0200
+++ /var/tmp/diff_new_pack.2yMo8z/_new 2021-10-11 15:30:23.826727598 +0200
@@ -1,7 +1,7 @@
-From 5dfd507cf2ab34a99d925eae7fa9a1a062c1930e Mon Sep 17 00:00:00 2001
+From 44214e643a578dfec9f5898f9225ccf3ccbec419 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asa...@suse.de>
Date: Wed, 8 Mar 2017 12:41:54 +1100
-Subject: [PATCH 1/5] SECRETS: daemon: allow directory creation in /run/secrets
+Subject: [PATCH 1/6] SECRETS: daemon: allow directory creation in /run/secrets
Since FileMode can have the directory bit set, allow a SecretStore
implementation to return secrets that are actually directories. This is
@@ -14,7 +14,7 @@
1 file changed, 21 insertions(+), 3 deletions(-)
diff --git a/daemon/container_operations_unix.go
b/daemon/container_operations_unix.go
-index 5521adbd2749..c103d9349c51 100644
+index 1647df0ce7ba..4ea2efed241f 100644
--- a/daemon/container_operations_unix.go
+++ b/daemon/container_operations_unix.go
@@ -3,6 +3,7 @@
@@ -70,5 +70,5 @@
return errors.Wrap(err, "error setting ownership for
secret")
}
--
-2.30.2
+2.33.0
++++++ 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch ++++++
--- /var/tmp/diff_new_pack.2yMo8z/_old 2021-10-11 15:30:23.838727618 +0200
+++ /var/tmp/diff_new_pack.2yMo8z/_new 2021-10-11 15:30:23.838727618 +0200
@@ -1,7 +1,7 @@
-From cb696ab8168b611535c04f8780c4632a2dc0ec2a Mon Sep 17 00:00:00 2001
+From 7202e34c5cf8e5c0816bfc610689e2f9d246d131 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asa...@suse.de>
Date: Wed, 8 Mar 2017 11:43:29 +1100
-Subject: [PATCH 2/5] SECRETS: SUSE: implement SUSE container secrets
+Subject: [PATCH 2/6] SECRETS: SUSE: implement SUSE container secrets
This allows for us to pass in host credentials to a container, allowing
for SUSEConnect to work with containers.
@@ -451,5 +451,5 @@
+ return nil
+}
--
-2.30.2
+2.33.0
++++++ 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch ++++++
--- /var/tmp/diff_new_pack.2yMo8z/_old 2021-10-11 15:30:23.850727637 +0200
+++ /var/tmp/diff_new_pack.2yMo8z/_new 2021-10-11 15:30:23.850727637 +0200
@@ -1,7 +1,7 @@
-From 759c1b0c2d4a3c89dea396510d2a1518ad2fcb2c Mon Sep 17 00:00:00 2001
+From 0bb32212d07d21b0704ef3b3197fad118ae87e7f Mon Sep 17 00:00:00 2001
From: Valentin Rothberg <vrothb...@suse.com>
Date: Mon, 2 Jul 2018 13:37:34 +0200
-Subject: [PATCH 3/5] PRIVATE-REGISTRY: add private-registry mirror support
+Subject: [PATCH 3/6] PRIVATE-REGISTRY: add private-registry mirror support
NOTE: This is a backport/downstream patch of the upstream pull-request
for Moby, which is still subject to changes. Please visit
@@ -1142,5 +1142,5 @@
endpoints = []APIEndpoint{
--
-2.30.2
+2.33.0
++++++ 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch ++++++
--- /var/tmp/diff_new_pack.2yMo8z/_old 2021-10-11 15:30:23.862727656 +0200
+++ /var/tmp/diff_new_pack.2yMo8z/_new 2021-10-11 15:30:23.866727662 +0200
@@ -1,7 +1,7 @@
-From 9f27140b54e30eed9d3428b24c3ca9c340c48394 Mon Sep 17 00:00:00 2001
+From 41a72d2a2d835de1e806a5b316067ea933f665e2 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asa...@suse.de>
Date: Fri, 29 Jun 2018 17:59:30 +1000
-Subject: [PATCH 4/5] bsc1073877: apparmor: clobber docker-default profile on
+Subject: [PATCH 4/6] bsc1073877: apparmor: clobber docker-default profile on
start
In the process of making docker-default reloading far less expensive,
@@ -69,7 +69,7 @@
return nil
}
diff --git a/daemon/daemon.go b/daemon/daemon.go
-index 3d8cca288010..62d3859cff8c 100644
+index 2a2fbbd52e19..0999ac3186b7 100644
--- a/daemon/daemon.go
+++ b/daemon/daemon.go
@@ -855,8 +855,9 @@ func NewDaemon(ctx context.Context, config *config.Config,
pluginStore *plugin.S
@@ -85,5 +85,5 @@
}
--
-2.30.2
+2.33.0
++++++ 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch ++++++
--- /var/tmp/diff_new_pack.2yMo8z/_old 2021-10-11 15:30:23.878727682 +0200
+++ /var/tmp/diff_new_pack.2yMo8z/_new 2021-10-11 15:30:23.878727682 +0200
@@ -1,7 +1,7 @@
-From bb452793d224b00a3700af9fdd9b0f183e1141f1 Mon Sep 17 00:00:00 2001
+From db0df8889ebc1aad3613cf95803e4672dc8ce96a Mon Sep 17 00:00:00 2001
From: Michal Rostecki <mroste...@opensuse.org>
Date: Thu, 8 Apr 2021 14:42:02 +0100
-Subject: [PATCH 5/5] bsc1183855: btrfs: Do not disable quota on cleanup
+Subject: [PATCH 5/6] bsc1183855: btrfs: Do not disable quota on cleanup
Before this change, cleanup of the btrfs driver (occuring on each daemon
shutdown) resulted in disabling quotas. It was done with an assumption
@@ -24,10 +24,10 @@
1 file changed, 8 insertions(+), 42 deletions(-)
diff --git a/daemon/graphdriver/btrfs/btrfs.go
b/daemon/graphdriver/btrfs/btrfs.go
-index 0499489d16e6..0720bb571f2e 100644
+index 8fd2854a2673..32c4f07c620d 100644
--- a/daemon/graphdriver/btrfs/btrfs.go
+++ b/daemon/graphdriver/btrfs/btrfs.go
-@@ -96,7 +96,7 @@ func Init(home string, options []string, uidMaps, gidMaps
[]idtools.IDMap) (grap
+@@ -103,7 +103,7 @@ func Init(home string, options []string, uidMaps, gidMaps
[]idtools.IDMap) (grap
}
if userDiskQuota {
@@ -36,7 +36,7 @@
return nil, err
}
}
-@@ -165,18 +165,10 @@ func (d *Driver) GetMetadata(id string)
(map[string]string, error) {
+@@ -172,18 +172,10 @@ func (d *Driver) GetMetadata(id string)
(map[string]string, error) {
// Cleanup unmounts the home directory.
func (d *Driver) Cleanup() error {
@@ -56,7 +56,7 @@
return nil
}
-@@ -334,7 +326,7 @@ func (d *Driver) updateQuotaStatus() {
+@@ -341,7 +333,7 @@ func (d *Driver) updateQuotaStatus() {
d.once.Do(func() {
if !d.quotaEnabled {
// In case quotaEnabled is not set, check qgroup and
update quotaEnabled as needed
@@ -65,7 +65,7 @@
// quota is still not enabled
return
}
-@@ -343,7 +335,7 @@ func (d *Driver) updateQuotaStatus() {
+@@ -350,7 +342,7 @@ func (d *Driver) updateQuotaStatus() {
})
}
@@ -74,7 +74,7 @@
d.updateQuotaStatus()
if d.quotaEnabled {
-@@ -369,32 +361,6 @@ func (d *Driver) subvolEnableQuota() error {
+@@ -376,32 +368,6 @@ func (d *Driver) subvolEnableQuota() error {
return nil
}
@@ -107,7 +107,7 @@
func (d *Driver) subvolRescanQuota() error {
d.updateQuotaStatus()
-@@ -437,11 +403,11 @@ func subvolLimitQgroup(path string, size uint64) error {
+@@ -444,11 +410,11 @@ func subvolLimitQgroup(path string, size uint64) error {
return nil
}
@@ -121,7 +121,7 @@
dir, err := openDir(path)
if err != nil {
return err
-@@ -608,7 +574,7 @@ func (d *Driver) setStorageSize(dir string, driver
*Driver) error {
+@@ -622,7 +588,7 @@ func (d *Driver) setStorageSize(dir string, driver
*Driver) error {
if d.options.minSpace > 0 && driver.options.size < d.options.minSpace {
return fmt.Errorf("btrfs: storage size cannot be less than %s",
units.HumanSize(float64(d.options.minSpace)))
}
@@ -130,7 +130,7 @@
return err
}
return subvolLimitQgroup(dir, driver.options.size)
-@@ -662,7 +628,7 @@ func (d *Driver) Get(id, mountLabel string)
(containerfs.ContainerFS, error) {
+@@ -676,7 +642,7 @@ func (d *Driver) Get(id, mountLabel string)
(containerfs.ContainerFS, error) {
if quota, err := ioutil.ReadFile(d.quotasDirID(id)); err == nil {
if size, err := strconv.ParseUint(string(quota), 10, 64); err
== nil && size >= d.options.minSpace {
@@ -140,5 +140,5 @@
}
if err := subvolLimitQgroup(dir, size); err != nil {
--
-2.30.2
+2.33.0
++++++ 0006-bsc1190670-seccomp-add-support-for-clone3-syscall-in.patch ++++++
--- /var/tmp/diff_new_pack.2yMo8z/_old 2021-10-11 15:30:23.886727694 +0200
+++ /var/tmp/diff_new_pack.2yMo8z/_new 2021-10-11 15:30:23.890727701 +0200
@@ -1,4 +1,4 @@
-From ec9265210aaf10fe5f810d0ac7f566cf1929283a Mon Sep 17 00:00:00 2001
+From 9cc9665d00293bdff2420a4db49278bc7bb9ed72 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwig...@gmail.com>
Date: Thu, 9 Sep 2021 11:31:30 -0700
Subject: [PATCH 6/6] bsc1190670: seccomp: add support for "clone3" syscall in
++++++ _service ++++++
--- /var/tmp/diff_new_pack.2yMo8z/_old 2021-10-11 15:30:23.970727829 +0200
+++ /var/tmp/diff_new_pack.2yMo8z/_new 2021-10-11 15:30:23.970727829 +0200
@@ -3,16 +3,16 @@
<param name="url">https://github.com/moby/moby.git</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="versionformat">20.10.6_ce_%h</param>
- <param name="revision">v20.10.6</param>
+ <param name="versionformat">20.10.9_ce_%h</param>
+ <param name="revision">v20.10.9</param>
<param name="filename">docker</param>
</service>
<service name="tar_scm" mode="disabled">
<param name="url">https://github.com/docker/cli.git</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="versionformat">20.10.6_ce</param>
- <param name="revision">v20.10.6</param>
+ <param name="versionformat">20.10.9_ce</param>
+ <param name="revision">v20.10.9</param>
<param name="filename">docker-cli</param>
</service>
<service name="tar_scm" mode="disabled">
@@ -20,7 +20,7 @@
<param name="scm">git</param>
<param name="exclude">.git</param>
<param name="versionformat">%H</param>
- <param name="revision">b3507428be5b458cb0e2b4086b13531fb0706e46</param>
+ <param name="revision">64b7a4574d1426139437d20e81c0b6d391130ec8</param>
<param name="filename">docker-libnetwork</param>
</service>
<service name="recompress" mode="disabled">
++++++ docker-20.10.6_ce_8728dd246c3a.tar.xz ->
docker-20.10.9_ce_79ea9d308018.tar.xz ++++++
/work/SRC/openSUSE:Factory/docker/docker-20.10.6_ce_8728dd246c3a.tar.xz
/work/SRC/openSUSE:Factory/.docker.new.2443/docker-20.10.9_ce_79ea9d308018.tar.xz
differ: char 15, line 1
++++++ docker-cli-20.10.6_ce.tar.xz -> docker-cli-20.10.9_ce.tar.xz ++++++
++++ 9233 lines of diff (skipped)
++++++ docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46.tar.xz ->
docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/.gitignore
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/.gitignore
--- old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/.gitignore
1970-01-01 01:00:00.000000000 +0100
+++ new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/.gitignore
2021-05-25 11:06:46.000000000 +0200
@@ -0,0 +1,45 @@
+# Compiled Object files, Static and Dynamic libs (Shared Objects)
+*.o
+*.a
+*.so
+*~
+.gtm
+bin/
+tags
+.DS_Store
+
+# Folders
+integration-tmp/
+_obj
+_test
+.vagrant
+
+
+# Architecture specific extensions/prefixes
+*.[568vq]
+[568vq].out
+
+*.cgo1.go
+*.cgo2.c
+_cgo_defun.c
+_cgo_gotypes.go
+_cgo_export.*
+
+_testmain.go
+
+*.exe
+*.test
+*.prof
+cmd/dnet/dnet
+
+# Coverage
+*.tmp
+*.coverprofile
+
+# IDE files and folders
+.project
+.settings/
+
+libnetworkbuild.created
+test/networkDb/testMain
+test/networkDb/gossipdb
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/drivers/bridge/port_mapping.go
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/drivers/bridge/port_mapping.go
---
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/drivers/bridge/port_mapping.go
2021-01-25 17:42:33.000000000 +0100
+++
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/drivers/bridge/port_mapping.go
2021-05-25 11:06:46.000000000 +0200
@@ -5,6 +5,7 @@
"errors"
"fmt"
"net"
+ "sync"
"github.com/docker/libnetwork/types"
"github.com/ishidawataru/sctp"
@@ -50,6 +51,13 @@
bs = append(bs, bIPv4)
}
+ // skip adding implicit v6 addr, when the kernel was booted
with `ipv6.disable=1`
+ // https://github.com/moby/moby/issues/42288
+ isV6Binding := c.HostIP != nil && c.HostIP.To4() == nil
+ if !isV6Binding && !IsV6Listenable() {
+ continue
+ }
+
// Allocate IPv6 Port mappings
// If the container has no IPv6 address, allow proxying host
IPv6 traffic to it
// by setting up the binding with the IPv4 interface if the
userland proxy is enabled
@@ -211,3 +219,26 @@
return portmapper.Unmap(host)
}
+
+var (
+ v6ListenableCached bool
+ v6ListenableOnce sync.Once
+)
+
+// IsV6Listenable returns true when `[::1]:0` is listenable.
+// IsV6Listenable returns false mostly when the kernel was booted with
`ipv6.disable=1` option.
+func IsV6Listenable() bool {
+ v6ListenableOnce.Do(func() {
+ ln, err := net.Listen("tcp6", "[::1]:0")
+ if err != nil {
+ // When the kernel was booted with `ipv6.disable=1`,
+ // we get err "listen tcp6 [::1]:0: socket: address
family not supported by protocol"
+ // https://github.com/moby/moby/issues/42288
+ logrus.Debugf("port_mapping: v6Listenable=false (%v)",
err)
+ } else {
+ v6ListenableCached = true
+ ln.Close()
+ }
+ })
+ return v6ListenableCached
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/libnetwork_test.go
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/libnetwork_test.go
---
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/libnetwork_test.go
2021-01-25 17:42:33.000000000 +0100
+++
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/libnetwork_test.go
2021-05-25 11:06:46.000000000 +0200
@@ -16,6 +16,7 @@
"github.com/docker/libnetwork/config"
"github.com/docker/libnetwork/datastore"
"github.com/docker/libnetwork/driverapi"
+ "github.com/docker/libnetwork/drivers/bridge"
"github.com/docker/libnetwork/ipamapi"
"github.com/docker/libnetwork/netlabel"
"github.com/docker/libnetwork/options"
@@ -199,7 +200,11 @@
if !ok {
t.Fatalf("Unexpected format for port mapping in endpoint
operational data")
}
- if len(pm) != 10 {
+ expectedLen := 10
+ if !bridge.IsV6Listenable() {
+ expectedLen = 5
+ }
+ if len(pm) != expectedLen {
t.Fatalf("Incomplete data for port mapping in endpoint
operational data: %d", len(pm))
}
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/network.go
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/network.go
--- old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/network.go
2021-01-25 17:42:33.000000000 +0100
+++ new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/network.go
2021-05-25 11:06:46.000000000 +0200
@@ -1409,21 +1409,21 @@
if n.ingress {
return
}
-
- logrus.Debugf("%s (%.7s).addSvcRecords(%s, %s, %s, %t) %s sid:%s", eID,
n.ID(), name, epIP, epIPv6, ipMapUpdate, method, serviceID)
+ networkID := n.ID()
+ logrus.Debugf("%s (%.7s).addSvcRecords(%s, %s, %s, %t) %s sid:%s", eID,
networkID, name, epIP, epIPv6, ipMapUpdate, method, serviceID)
c := n.getController()
c.Lock()
defer c.Unlock()
- sr, ok := c.svcRecords[n.ID()]
+ sr, ok := c.svcRecords[networkID]
if !ok {
sr = svcInfo{
svcMap: setmatrix.NewSetMatrix(),
svcIPv6Map: setmatrix.NewSetMatrix(),
ipMap: setmatrix.NewSetMatrix(),
}
- c.svcRecords[n.ID()] = sr
+ c.svcRecords[networkID] = sr
}
if ipMapUpdate {
@@ -1445,14 +1445,14 @@
if n.ingress {
return
}
-
- logrus.Debugf("%s (%.7s).deleteSvcRecords(%s, %s, %s, %t) %s sid:%s ",
eID, n.ID(), name, epIP, epIPv6, ipMapUpdate, method, serviceID)
+ networkID := n.ID()
+ logrus.Debugf("%s (%.7s).deleteSvcRecords(%s, %s, %s, %t) %s sid:%s ",
eID, networkID, name, epIP, epIPv6, ipMapUpdate, method, serviceID)
c := n.getController()
c.Lock()
defer c.Unlock()
- sr, ok := c.svcRecords[n.ID()]
+ sr, ok := c.svcRecords[networkID]
if !ok {
return
}
@@ -1972,9 +1972,10 @@
var ipv6Miss bool
c := n.getController()
+ networkID := n.ID()
c.Lock()
defer c.Unlock()
- sr, ok := c.svcRecords[n.ID()]
+ sr, ok := c.svcRecords[networkID]
if !ok {
return nil, false
@@ -2012,10 +2013,11 @@
}
func (n *network) HandleQueryResp(name string, ip net.IP) {
+ networkID := n.ID()
c := n.getController()
c.Lock()
defer c.Unlock()
- sr, ok := c.svcRecords[n.ID()]
+ sr, ok := c.svcRecords[networkID]
if !ok {
return
@@ -2031,10 +2033,11 @@
}
func (n *network) ResolveIP(ip string) string {
+ networkID := n.ID()
c := n.getController()
c.Lock()
defer c.Unlock()
- sr, ok := c.svcRecords[n.ID()]
+ sr, ok := c.svcRecords[networkID]
if !ok {
return ""
@@ -2085,9 +2088,10 @@
proto := parts[1]
svcName := strings.Join(parts[2:], ".")
+ networkID := n.ID()
c.Lock()
defer c.Unlock()
- sr, ok := c.svcRecords[n.ID()]
+ sr, ok := c.svcRecords[networkID]
if !ok {
return nil, nil
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/vendor/github.com/ishidawataru/sctp/NOTICE
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/vendor/github.com/ishidawataru/sctp/NOTICE
---
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/vendor/github.com/ishidawataru/sctp/NOTICE
1970-01-01 01:00:00.000000000 +0100
+++
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/vendor/github.com/ishidawataru/sctp/NOTICE
2021-05-25 11:06:46.000000000 +0200
@@ -0,0 +1,3 @@
+This source code includes following third party code
+
+- ipsock_linux.go : licensed by the Go authors, see GO_LICENSE file for the
license which applies to the code
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/vendor/github.com/ishidawataru/sctp/go.mod
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/vendor/github.com/ishidawataru/sctp/go.mod
---
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/vendor/github.com/ishidawataru/sctp/go.mod
1970-01-01 01:00:00.000000000 +0100
+++
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/vendor/github.com/ishidawataru/sctp/go.mod
2021-05-25 11:06:46.000000000 +0200
@@ -0,0 +1,3 @@
+module github.com/ishidawataru/sctp
+
+go 1.12
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/vendor/github.com/ishidawataru/sctp/ipsock_linux.go
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/vendor/github.com/ishidawataru/sctp/ipsock_linux.go
---
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/vendor/github.com/ishidawataru/sctp/ipsock_linux.go
2021-01-25 17:42:33.000000000 +0100
+++
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/vendor/github.com/ishidawataru/sctp/ipsock_linux.go
2021-05-25 11:06:46.000000000 +0200
@@ -1,3 +1,7 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the GO_LICENSE file.
+
package sctp
import (
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/vendor/github.com/ishidawataru/sctp/sctp.go
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/vendor/github.com/ishidawataru/sctp/sctp.go
---
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/vendor/github.com/ishidawataru/sctp/sctp.go
2021-01-25 17:42:33.000000000 +0100
+++
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/vendor/github.com/ishidawataru/sctp/sctp.go
2021-05-25 11:06:46.000000000 +0200
@@ -1,3 +1,18 @@
+// Copyright 2019 Wataru Ishida. All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+// implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
package sctp
import (
@@ -678,3 +693,37 @@
func (c *SCTPSndRcvInfoWrappedConn) SetWriteDeadline(t time.Time) error {
return c.conn.SetWriteDeadline(t)
}
+
+func (c *SCTPSndRcvInfoWrappedConn) SetWriteBuffer(bytes int) error {
+ return c.conn.SetWriteBuffer(bytes)
+}
+
+func (c *SCTPSndRcvInfoWrappedConn) GetWriteBuffer() (int, error) {
+ return c.conn.GetWriteBuffer()
+}
+
+func (c *SCTPSndRcvInfoWrappedConn) SetReadBuffer(bytes int) error {
+ return c.conn.SetReadBuffer(bytes)
+}
+
+func (c *SCTPSndRcvInfoWrappedConn) GetReadBuffer() (int, error) {
+ return c.conn.GetReadBuffer()
+}
+
+// SocketConfig contains options for the SCTP socket.
+type SocketConfig struct {
+ // If Control is not nil it is called after the socket is created but
before
+ // it is bound or connected.
+ Control func(network, address string, c syscall.RawConn) error
+
+ // InitMsg is the options to send in the initial SCTP message
+ InitMsg InitMsg
+}
+
+func (cfg *SocketConfig) Listen(net string, laddr *SCTPAddr) (*SCTPListener,
error) {
+ return listenSCTPExtConfig(net, laddr, cfg.InitMsg, cfg.Control)
+}
+
+func (cfg *SocketConfig) Dial(net string, laddr, raddr *SCTPAddr) (*SCTPConn,
error) {
+ return dialSCTPExtConfig(net, laddr, raddr, cfg.InitMsg, cfg.Control)
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/vendor/github.com/ishidawataru/sctp/sctp_linux.go
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/vendor/github.com/ishidawataru/sctp/sctp_linux.go
---
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/vendor/github.com/ishidawataru/sctp/sctp_linux.go
2021-01-25 17:42:33.000000000 +0100
+++
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/vendor/github.com/ishidawataru/sctp/sctp_linux.go
2021-05-25 11:06:46.000000000 +0200
@@ -1,4 +1,18 @@
// +build linux,!386
+// Copyright 2019 Wataru Ishida. All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+// implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
package sctp
@@ -40,6 +54,23 @@
return r0, r1, nil
}
+type rawConn struct {
+ sockfd int
+}
+
+func (r rawConn) Control(f func(fd uintptr)) error {
+ f(uintptr(r.sockfd))
+ return nil
+}
+
+func (r rawConn) Read(f func(fd uintptr) (done bool)) error {
+ panic("not implemented")
+}
+
+func (r rawConn) Write(f func(fd uintptr) (done bool)) error {
+ panic("not implemented")
+}
+
func (c *SCTPConn) SCTPWrite(b []byte, info *SndRcvInfo) (int, error) {
var cbuf []byte
if info != nil {
@@ -114,6 +145,22 @@
return syscall.EBADF
}
+func (c *SCTPConn) SetWriteBuffer(bytes int) error {
+ return syscall.SetsockoptInt(c.fd(), syscall.SOL_SOCKET,
syscall.SO_SNDBUF, bytes)
+}
+
+func (c *SCTPConn) GetWriteBuffer() (int, error) {
+ return syscall.GetsockoptInt(c.fd(), syscall.SOL_SOCKET,
syscall.SO_SNDBUF)
+}
+
+func (c *SCTPConn) SetReadBuffer(bytes int) error {
+ return syscall.SetsockoptInt(c.fd(), syscall.SOL_SOCKET,
syscall.SO_RCVBUF, bytes)
+}
+
+func (c *SCTPConn) GetReadBuffer() (int, error) {
+ return syscall.GetsockoptInt(c.fd(), syscall.SOL_SOCKET,
syscall.SO_RCVBUF)
+}
+
// ListenSCTP - start listener on specified address/port
func ListenSCTP(net string, laddr *SCTPAddr) (*SCTPListener, error) {
return ListenSCTPExt(net, laddr, InitMsg{NumOstreams: SCTP_MAX_STREAM})
@@ -121,6 +168,11 @@
// ListenSCTPExt - start listener on specified address/port with given SCTP
options
func ListenSCTPExt(network string, laddr *SCTPAddr, options InitMsg)
(*SCTPListener, error) {
+ return listenSCTPExtConfig(network, laddr, options, nil)
+}
+
+// listenSCTPExtConfig - start listener on specified address/port with given
SCTP options and socket configuration
+func listenSCTPExtConfig(network string, laddr *SCTPAddr, options InitMsg,
control func(network, address string, c syscall.RawConn) error) (*SCTPListener,
error) {
af, ipv6only := favoriteAddrFamily(network, laddr, nil, "listen")
sock, err := syscall.Socket(
af,
@@ -140,6 +192,12 @@
if err = setDefaultSockopts(sock, af, ipv6only); err != nil {
return nil, err
}
+ if control != nil {
+ rc := rawConn{sockfd: sock}
+ if err = control(network, laddr.String(), rc); err != nil {
+ return nil, err
+ }
+ }
err = setInitOpts(sock, options)
if err != nil {
return nil, err
@@ -154,7 +212,7 @@
laddr.IPAddrs = append(laddr.IPAddrs,
net.IPAddr{IP: net.IPv6zero})
}
}
- err := SCTPBind(sock, laddr, SCTP_BINDX_ADD_ADDR)
+ err = SCTPBind(sock, laddr, SCTP_BINDX_ADD_ADDR)
if err != nil {
return nil, err
}
@@ -191,6 +249,11 @@
// DialSCTPExt - same as DialSCTP but with given SCTP options
func DialSCTPExt(network string, laddr, raddr *SCTPAddr, options InitMsg)
(*SCTPConn, error) {
+ return dialSCTPExtConfig(network, laddr, raddr, options, nil)
+}
+
+// dialSCTPExtConfig - same as DialSCTP but with given SCTP options and socket
configuration
+func dialSCTPExtConfig(network string, laddr, raddr *SCTPAddr, options
InitMsg, control func(network, address string, c syscall.RawConn) error)
(*SCTPConn, error) {
af, ipv6only := favoriteAddrFamily(network, laddr, raddr, "dial")
sock, err := syscall.Socket(
af,
@@ -210,6 +273,12 @@
if err = setDefaultSockopts(sock, af, ipv6only); err != nil {
return nil, err
}
+ if control != nil {
+ rc := rawConn{sockfd: sock}
+ if err = control(network, laddr.String(), rc); err != nil {
+ return nil, err
+ }
+ }
err = setInitOpts(sock, options)
if err != nil {
return nil, err
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/vendor/github.com/ishidawataru/sctp/sctp_unsupported.go
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/vendor/github.com/ishidawataru/sctp/sctp_unsupported.go
---
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/vendor/github.com/ishidawataru/sctp/sctp_unsupported.go
2021-01-25 17:42:33.000000000 +0100
+++
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/vendor/github.com/ishidawataru/sctp/sctp_unsupported.go
2021-05-25 11:06:46.000000000 +0200
@@ -1,4 +1,18 @@
// +build !linux linux,386
+// Copyright 2019 Wataru Ishida. All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+// implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
package sctp
@@ -6,6 +20,7 @@
"errors"
"net"
"runtime"
+ "syscall"
)
var ErrUnsupported = errors.New("SCTP is unsupported on " + runtime.GOOS + "/"
+ runtime.GOARCH)
@@ -30,6 +45,22 @@
return ErrUnsupported
}
+func (c *SCTPConn) SetWriteBuffer(bytes int) error {
+ return ErrUnsupported
+}
+
+func (c *SCTPConn) GetWriteBuffer() (int, error) {
+ return 0, ErrUnsupported
+}
+
+func (c *SCTPConn) SetReadBuffer(bytes int) error {
+ return ErrUnsupported
+}
+
+func (c *SCTPConn) GetReadBuffer() (int, error) {
+ return 0, ErrUnsupported
+}
+
func ListenSCTP(net string, laddr *SCTPAddr) (*SCTPListener, error) {
return nil, ErrUnsupported
}
@@ -38,6 +69,10 @@
return nil, ErrUnsupported
}
+func listenSCTPExtConfig(network string, laddr *SCTPAddr, options InitMsg,
control func(network, address string, c syscall.RawConn) error) (*SCTPListener,
error) {
+ return nil, ErrUnsupported
+}
+
func (ln *SCTPListener) Accept() (net.Conn, error) {
return nil, ErrUnsupported
}
@@ -57,3 +92,7 @@
func DialSCTPExt(network string, laddr, raddr *SCTPAddr, options InitMsg)
(*SCTPConn, error) {
return nil, ErrUnsupported
}
+
+func dialSCTPExtConfig(network string, laddr, raddr *SCTPAddr, options
InitMsg, control func(network, address string, c syscall.RawConn) error)
(*SCTPConn, error) {
+ return nil, ErrUnsupported
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/vendor.conf
new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/vendor.conf
--- old/docker-libnetwork-b3507428be5b458cb0e2b4086b13531fb0706e46/vendor.conf
2021-01-25 17:42:33.000000000 +0100
+++ new/docker-libnetwork-64b7a4574d1426139437d20e81c0b6d391130ec8/vendor.conf
2021-05-25 11:06:46.000000000 +0200
@@ -43,7 +43,7 @@
golang.org/x/sys
ed371f2e16b4b305ee99df548828de367527b76b
golang.org/x/sync
cd5d95a43a6e21273425c7ae415d3df9ea832eeb
github.com/pkg/errors
614d223910a179a466c1767a985424175c39b465 # v0.9.1
-github.com/ishidawataru/sctp
6e2cb1366111dcf547c13531e3a263a067715847
+github.com/ishidawataru/sctp
f2269e66cdee387bd321445d5d300893449805be
go.opencensus.io
9c377598961b706d1542bd2d84d538b5094d596e # v0.22.0
gotest.tools/v3
bb0d8a963040ea5048dcef1a14d8f8b58a33d4b3 # v3.0.2
