Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package fence-agents for openSUSE:Factory checked in at 2022-05-19 22:49:32 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/fence-agents (Old) and /work/SRC/openSUSE:Factory/.fence-agents.new.1538 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "fence-agents" Thu May 19 22:49:32 2022 rev:61 rq:978037 version:4.11.0+git.1652860746.11107cb7 Changes: -------- --- /work/SRC/openSUSE:Factory/fence-agents/fence-agents.changes 2022-04-13 21:05:55.496613619 +0200 +++ /work/SRC/openSUSE:Factory/.fence-agents.new.1538/fence-agents.changes 2022-05-19 22:50:05.634394402 +0200 @@ -1,0 +2,16 @@ +Thu May 19 05:06:43 UTC 2022 - [email protected] + +- Update to version 4.11.0+git.1652860746.11107cb7: + * Mid: fence_scsi,fence_mpath: Add suppress-errors option. (#484) + * fence_gce: Make zone optional for get_nodes_list (#487) + +------------------------------------------------------------------- +Wed May 18 07:39:31 UTC 2022 - [email protected] + +- Update to version 4.11.0+git.1652779508.228f4a1b: + * fence_apc/fence_ilo_moonshot: add missing "import logging" + * fence_gce: inform that SSLError might be caused by old versions of httplib2 + * fence_ibm_vpc: remove unused instance parameter and make limit optional + * all agents: unify ssl parameters to avoid having to use --ssl when using --ssl-secure/--ssl-insecure for some agents + +------------------------------------------------------------------- Old: ---- fence-agents-4.11.0+git.1647434775.2f1b86d8.tar.xz New: ---- fence-agents-4.11.0+git.1652860746.11107cb7.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ fence-agents.spec ++++++ --- /var/tmp/diff_new_pack.reCFj2/_old 2022-05-19 22:50:06.306395263 +0200 +++ /var/tmp/diff_new_pack.reCFj2/_new 2022-05-19 22:50:06.314395274 +0200 @@ -29,7 +29,7 @@ Summary: Fence Agents for High Availability License: GPL-2.0-only AND LGPL-2.1-only Group: Productivity/Clustering/HA -Version: 4.11.0+git.1647434775.2f1b86d8 +Version: 4.11.0+git.1652860746.11107cb7 Release: 0 URL: https://github.com/ClusterLabs/fence-agents Source0: %{name}-%{version}.tar.xz ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.reCFj2/_old 2022-05-19 22:50:06.362395335 +0200 +++ /var/tmp/diff_new_pack.reCFj2/_new 2022-05-19 22:50:06.366395341 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/ClusterLabs/fence-agents.git</param> - <param name="changesrevision">cd893f97fd61da22080463fe168c40daaa86aafd</param></service></servicedata> + <param name="changesrevision">11107cb7feb394a1b97c58fec863fe0a53fa7d71</param></service></servicedata> (No newline at EOF) ++++++ fence-agents-4.11.0+git.1647434775.2f1b86d8.tar.xz -> fence-agents-4.11.0+git.1652860746.11107cb7.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/apc/fence_apc.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/apc/fence_apc.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/apc/fence_apc.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/apc/fence_apc.py 2022-05-18 09:59:06.000000000 +0200 @@ -15,6 +15,7 @@ ##### import sys, re, time +import logging import atexit sys.path.append("@FENCEAGENTSLIBDIR@") from fencing import * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/cisco_ucs/fence_cisco_ucs.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/cisco_ucs/fence_cisco_ucs.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/cisco_ucs/fence_cisco_ucs.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/cisco_ucs/fence_cisco_ucs.py 2022-05-18 09:59:06.000000000 +0200 @@ -99,7 +99,7 @@ def send_command(opt, command, timeout): ## setup correct URL - if "--ssl" in opt or "--ssl-secure" in opt or "--ssl-insecure" in opt: + if "--ssl-secure" in opt or "--ssl-insecure" in opt: url = "https:" else: url = "http:" @@ -114,13 +114,14 @@ conn.setopt(pycurl.POSTFIELDS, command.encode("ascii")) conn.setopt(pycurl.WRITEFUNCTION, web_buffer.write) conn.setopt(pycurl.TIMEOUT, timeout) - if "--ssl" in opt or "--ssl-secure" in opt: + + if "--ssl-secure" in opt: conn.setopt(pycurl.SSL_VERIFYPEER, 1) conn.setopt(pycurl.SSL_VERIFYHOST, 2) - - if "--ssl-insecure" in opt: + elif "--ssl-insecure" in opt: conn.setopt(pycurl.SSL_VERIFYPEER, 0) conn.setopt(pycurl.SSL_VERIFYHOST, 0) + conn.perform() result = web_buffer.getvalue().decode() diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/docker/fence_docker.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/docker/fence_docker.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/docker/fence_docker.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/docker/fence_docker.py 2022-05-18 09:59:06.000000000 +0200 @@ -43,7 +43,7 @@ def send_cmd(options, cmd, post = False): - url = "http%s://%s:%s/v%s/%s" % ("s" if "--ssl" in options else "", options["--ip"], options["--ipport"], options["--api-version"], cmd) + url = "http%s://%s:%s/v%s/%s" % ("s" if "--ssl-secure" in options or "--ssl-insecure" in options else "", options["--ip"], options["--ipport"], options["--api-version"], cmd) conn = pycurl.Curl() output_buffer = io.BytesIO() if logging.getLogger().getEffectiveLevel() < logging.WARNING: @@ -55,7 +55,8 @@ conn.setopt(pycurl.POSTFIELDSIZE, 0) conn.setopt(pycurl.WRITEFUNCTION, output_buffer.write) conn.setopt(pycurl.TIMEOUT, int(options["--shell-timeout"])) - if "--ssl" in options: + + if "--ssl-secure" in options: if not (set(("--tlscert", "--tlskey", "--tlscacert")) <= set(options)): fail_usage("Failed. If --ssl option is used, You have to also \ specify: --tlscert, --tlskey and --tlscacert") @@ -63,7 +64,7 @@ conn.setopt(pycurl.SSLCERT, options["--tlscert"]) conn.setopt(pycurl.SSLKEY, options["--tlskey"]) conn.setopt(pycurl.CAINFO, options["--tlscacert"]) - else: + elif "--ssl-insecure" in options: conn.setopt(pycurl.SSL_VERIFYPEER, 0) conn.setopt(pycurl.SSL_VERIFYHOST, 0) @@ -136,6 +137,8 @@ device_opt = ["ipaddr", "no_password", "no_login", "port", "method", "web", "tlscert", "tlskey", "tlscacert", "ssl", "api_version"] + all_opt["ssl"]["default"] = "1" + options = check_input(device_opt, process_input(device_opt)) docs = { } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/gce/fence_gce.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/gce/fence_gce.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/gce/fence_gce.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/gce/fence_gce.py 2022-05-18 09:59:06.000000000 +0200 @@ -18,6 +18,8 @@ import sys import time +from ssl import SSLError + if sys.version_info >= (3, 0): # Python 3 imports. import urllib.parse as urlparse @@ -133,10 +135,12 @@ def get_nodes_list(conn, options): result = {} - if "--zone" not in options: - fail_fence_agent(options, "Failed: get_nodes_list: Please specify the --zone in the command") + plug = options["--plug"] if "--plug" in options else "" + zones = options["--zone"] if "--zone" in options else "" + if not zones: + zones = get_zone(conn, options, plug) if "--plugzonemap" not in options else options["--plugzonemap"][plug] try: - for zone in options["--zone"].split(","): + for zone in zones.split(","): instanceList = retry_api_execute(options, conn.instances().list( project=options["--project"], zone=zone)) @@ -564,6 +568,8 @@ else: conn = googleapiclient.discovery.build( 'compute', 'v1', credentials=credentials, cache_discovery=False) + except SSLError as err: + fail_fence_agent(options, "Failed: Create GCE compute v1 connection: {}\n\nThis might be caused by old versions of httplib2.".format(str(err))) except Exception as err: fail_fence_agent(options, "Failed: Create GCE compute v1 connection: {}".format(str(err))) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/ibm_vpc/fence_ibm_vpc.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/ibm_vpc/fence_ibm_vpc.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/ibm_vpc/fence_ibm_vpc.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/ibm_vpc/fence_ibm_vpc.py 2022-05-18 09:59:06.000000000 +0200 @@ -161,14 +161,6 @@ "shortdesc" : "API Key", "order" : 0 } - all_opt["instance"] = { - "getopt" : ":", - "longopt" : "instance", - "help" : "--instance=[instance] Cloud Instance", - "required" : "1", - "shortdesc" : "Cloud Instance", - "order" : 0 - } all_opt["region"] = { "getopt" : ":", "longopt" : "region", @@ -181,7 +173,7 @@ "getopt" : ":", "longopt" : "limit", "help" : "--limit=[number] Limit number of nodes returned by API", - "required" : "1", + "required" : "0", "default": 50, "shortdesc" : "Number of nodes returned by API", "order" : 0 @@ -191,7 +183,6 @@ def main(): device_opt = [ "apikey", - "instance", "region", "limit", "port", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/ibmz/fence_ibmz.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/ibmz/fence_ibmz.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/ibmz/fence_ibmz.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/ibmz/fence_ibmz.py 2022-05-18 09:59:06.000000000 +0200 @@ -534,7 +534,7 @@ requests_log.propagate = True if "--verbose" in options: requests_log.setLevel(logging.DEBUG) - if "--ssl-secure" not in options: + if "--ssl-insecure" in options: urllib3.disable_warnings( category=urllib3.exceptions.InsecureRequestWarning) @@ -548,7 +548,7 @@ 'connect_timeout': int(options['--connect-timeout']), 'read_timeout': int(options['--read-timeout']), 'port': int(options['--ipport']), - 'ssl_verify': bool('--ssl-secure' in options), + 'ssl_verify': bool('--ssl-insecure' not in options), 'load_on_activate': bool('--load-on-activate' in options), } try: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/ilo_moonshot/fence_ilo_moonshot.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/ilo_moonshot/fence_ilo_moonshot.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/ilo_moonshot/fence_ilo_moonshot.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/ilo_moonshot/fence_ilo_moonshot.py 2022-05-18 09:59:06.000000000 +0200 @@ -1,6 +1,7 @@ #!@PYTHON@ -tt import sys +import logging import atexit sys.path.append("@FENCEAGENTSLIBDIR@") from fencing import * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/mpath/fence_mpath.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/mpath/fence_mpath.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/mpath/fence_mpath.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/mpath/fence_mpath.py 2022-05-18 09:59:06.000000000 +0200 @@ -197,7 +197,8 @@ logging.getLogger().setLevel(logging.DEBUG) devs = dev_read(options, fail=False) if not devs: - logging.error("No devices found") + if "--suppress-errors" not in options: + logging.error("No devices found") return 0 for dev, key in list(devs.items()): for n in range(int(options["retry"]) + 1): @@ -237,6 +238,14 @@ "shortdesc" : "Replaced by port/-n/--plug", "order": 1 } + all_opt["suppress-errors"] = { + "getopt" : "", + "longopt" : "suppress-errors", + "help" : "--suppress-errors Suppress error log. Suppresses error logging when run from the watchdog service before pacemaker starts.", + "required" : "0", + "shortdesc" : "Error log suppression.", + "order": 4 + } all_opt["mpathpersist_path"] = { "getopt" : ":", "longopt" : "mpathpersist-path", @@ -261,7 +270,7 @@ device_opt = ["no_login", "no_password", "devices", "key", "sudo", \ "fabric_fencing", "on_target", "store_path", \ - "mpathpersist_path", "force_on", "port", "no_port"] + "suppress-errors", "mpathpersist_path", "force_on", "port", "no_port"] define_new_opts() diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/pve/fence_pve.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/pve/fence_pve.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/pve/fence_pve.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/pve/fence_pve.py 2022-05-18 09:59:06.000000000 +0200 @@ -111,12 +111,13 @@ conn.setopt(pycurl.POSTFIELDS, urllib.urlencode(post)) conn.setopt(pycurl.WRITEFUNCTION, output_buffer.write) conn.setopt(pycurl.TIMEOUT, int(options["--shell-timeout"])) - if "--ssl" in options or "--ssl-secure" in options: - conn.setopt(pycurl.SSL_VERIFYPEER, 1) - conn.setopt(pycurl.SSL_VERIFYHOST, 2) - else: + + if "--ssl-insecure" in options: conn.setopt(pycurl.SSL_VERIFYPEER, 0) conn.setopt(pycurl.SSL_VERIFYHOST, 0) + else: + conn.setopt(pycurl.SSL_VERIFYPEER, 1) + conn.setopt(pycurl.SSL_VERIFYHOST, 2) logging.debug("URL: " + url) @@ -181,11 +182,12 @@ "order": 2 } - device_opt = ["ipaddr", "login", "passwd", "web", "port", "pve_node", "pve_node_auto", "node_name", "vmtype", "method"] + device_opt = ["ipaddr", "login", "passwd", "ssl", "web", "port", "pve_node", "pve_node_auto", "node_name", "vmtype", "method"] all_opt["login"]["required"] = "0" all_opt["login"]["default"] = "root@pam" all_opt["ipport"]["default"] = "8006" + all_opt["ssl"]["default"] = "1" all_opt["port"]["shortdesc"] = "Id of the virtual machine." all_opt["ipaddr"]["shortdesc"] = "IP Address or Hostname of a node " +\ "within the Proxmox cluster." diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/rhevm/fence_rhevm.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/rhevm/fence_rhevm.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/rhevm/fence_rhevm.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/rhevm/fence_rhevm.py 2022-05-18 09:59:06.000000000 +0200 @@ -85,7 +85,7 @@ logging.debug("auto-detected API version: " + opt["--api-version"]) ## setup correct URL - if "--ssl" in opt or "--ssl-secure" in opt or "--ssl-insecure" in opt: + if "--ssl-secure" in opt or "--ssl-insecure" in opt: url = "https:" else: url = "http:" @@ -126,11 +126,11 @@ conn.setopt(pycurl.COOKIEJAR, cookie_file) conn.setopt(pycurl.TIMEOUT, int(opt["--shell-timeout"])) - if "--ssl" in opt or "--ssl-secure" in opt: + + if "--ssl-secure" in opt: conn.setopt(pycurl.SSL_VERIFYPEER, 1) conn.setopt(pycurl.SSL_VERIFYHOST, 2) - - if "--ssl-insecure" in opt: + elif "--ssl-insecure" in opt: conn.setopt(pycurl.SSL_VERIFYPEER, 0) conn.setopt(pycurl.SSL_VERIFYHOST, 0) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/scsi/fence_scsi.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/scsi/fence_scsi.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/scsi/fence_scsi.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/scsi/fence_scsi.py 2022-05-18 09:59:06.000000000 +0200 @@ -270,12 +270,13 @@ f.close() -def dev_read(fail=True): +def dev_read(fail=True, opt=None): file_path = STORE_PATH + ".dev" try: f = open(file_path, "r") except IOError: - fail_usage("Failed: Cannot open file \"" + file_path + "\"", fail) + if "--suppress-errors" not in opt: + fail_usage("Failed: Cannot open file \"" + file_path + "\"", fail) if not fail: return None # get not empty lines from file @@ -358,13 +359,21 @@ "shortdesc" : "Open DEVICE read-only.", "order": 4 } + all_opt["suppress-errors"] = { + "getopt" : "", + "longopt" : "suppress-errors", + "help" : "--suppress-errors Suppress error log. Suppresses error logging when run from the watchdog service before pacemaker starts.", + "required" : "0", + "shortdesc" : "Error log suppression.", + "order": 5 + } all_opt["logfile"] = { "getopt" : ":", "longopt" : "logfile", "help" : "-f, --logfile Log output (stdout and stderr) to file", "required" : "0", "shortdesc" : "Log output (stdout and stderr) to file", - "order": 5 + "order": 6 } all_opt["corosync_cmap_path"] = { "getopt" : ":", @@ -445,9 +454,10 @@ options = scsi_check_get_options(options) if "verbose" in options and options["verbose"] == "yes": logging.getLogger().setLevel(logging.DEBUG) - devs = dev_read(fail=False) + devs = dev_read(fail=False,opt=options) if not devs: - logging.error("No devices found") + if "--suppress-errors" not in options: + logging.error("No devices found") return 0 key = get_key(fail=False) if not key: @@ -480,7 +490,7 @@ device_opt = ["no_login", "no_password", "devices", "nodename", "port",\ "no_port", "key", "aptpl", "fabric_fencing", "on_target", "corosync_cmap_path",\ - "sg_persist_path", "sg_turs_path", "readonly", "logfile", "vgs_path",\ + "sg_persist_path", "sg_turs_path", "readonly", "suppress-errors", "logfile", "vgs_path",\ "force_on", "key_value"] define_new_opts() diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/skalar/fence_skalar.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/skalar/fence_skalar.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/skalar/fence_skalar.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/skalar/fence_skalar.py 2022-05-18 09:59:06.000000000 +0200 @@ -200,7 +200,7 @@ run_delay(options) proto = "https://"; - if "--ssl" in options or "--ssl-secure" in options: + if "--ssl-secure" in options: ssl_verify = True elif "--ssl-insecure" in options: ssl_verify = False diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/vmware_rest/fence_vmware_rest.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/vmware_rest/fence_vmware_rest.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/vmware_rest/fence_vmware_rest.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/vmware_rest/fence_vmware_rest.py 2022-05-18 09:59:06.000000000 +0200 @@ -69,7 +69,7 @@ conn = pycurl.Curl() ## setup correct URL - if "--ssl" in opt or "--ssl-secure" in opt or "--ssl-insecure" in opt: + if "--ssl-secure" in opt or "--ssl-insecure" in opt: conn.base_url = "https:" else: conn.base_url = "http:" @@ -89,11 +89,11 @@ conn.setopt(pycurl.USERPWD, opt["--username"] + ":" + opt["--password"]) conn.setopt(pycurl.TIMEOUT, int(opt["--shell-timeout"])) - if "--ssl" in opt or "--ssl-secure" in opt: + + if "--ssl-secure" in opt: conn.setopt(pycurl.SSL_VERIFYPEER, 1) conn.setopt(pycurl.SSL_VERIFYHOST, 2) - - if "--ssl-insecure" in opt: + elif "--ssl-insecure" in opt: conn.setopt(pycurl.SSL_VERIFYPEER, 0) conn.setopt(pycurl.SSL_VERIFYHOST, 0) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/vmware_soap/fence_vmware_soap.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/vmware_soap/fence_vmware_soap.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/vmware_soap/fence_vmware_soap.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/vmware_soap/fence_vmware_soap.py 2022-05-18 09:59:06.000000000 +0200 @@ -34,7 +34,7 @@ def soap_login(options): run_delay(options) - if "--ssl" in options or "--ssl-secure" in options or "--ssl-insecure" in options: + if "--ssl-secure" in options or "--ssl-insecure" in options: if "--ssl-insecure" in options: import ssl import urllib3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/vmware_vcloud/fence_vmware_vcloud.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/vmware_vcloud/fence_vmware_vcloud.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/vmware_vcloud/fence_vmware_vcloud.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/vmware_vcloud/fence_vmware_vcloud.py 2022-05-18 09:59:06.000000000 +0200 @@ -60,7 +60,7 @@ conn = pycurl.Curl() ## setup correct URL - if "--ssl" in opt or "--ssl-secure" in opt or "--ssl-insecure" in opt: + if "--ssl-secure" in opt or "--ssl-insecure" in opt: conn.base_url = "https:" else: conn.base_url = "http:" @@ -76,7 +76,7 @@ conn.setopt(pycurl.USERPWD, opt["--username"] + ":" + opt["--password"]) conn.setopt(pycurl.TIMEOUT, int(opt["--shell-timeout"])) - if "--ssl" in opt or "--ssl-secure" in opt: + if "--ssl-secure" in opt: conn.setopt(pycurl.SSL_VERIFYPEER, 1) conn.setopt(pycurl.SSL_VERIFYHOST, 2) elif "--ssl-insecure" in opt: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/zvm/fence_zvmip.py new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/zvm/fence_zvmip.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/agents/zvm/fence_zvmip.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/agents/zvm/fence_zvmip.py 2022-05-18 09:59:06.000000000 +0200 @@ -26,7 +26,7 @@ except socket.gaierror: fail(EC_LOGIN_DENIED) - if "--ssl" in options: + if "--ssl-secure" in options or "--ssl-insecure" in options: import ssl sock = socket.socket() sslcx = ssl.create_default_context() @@ -132,7 +132,7 @@ images = set() if output_len > 3*INT4: - recvflag = socket.MSG_WAITALL if "--ssl" not in options else 0 + recvflag = socket.MSG_WAITALL if "--ssl-secure" not in options and "--ssl-insecure" not in options else 0 array_len = struct.unpack("!i", conn.recv(INT4))[0] data = "" @@ -182,7 +182,9 @@ options = check_input(device_opt, process_input(device_opt), other_conditions=True) if "--disable-ssl" in options or options["--ssl"] == "0": - del options["--ssl"] + for k in ["--ssl", "--ssl-secure", "--ssl-insecure"]: + if k in options: + del options[k] if len(options.get("--plug", "")) > 8: fail_usage("Failed: Name of image can not be longer than 8 characters") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/lib/fencing.py.py new/fence-agents-4.11.0+git.1652860746.11107cb7/lib/fencing.py.py --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/lib/fencing.py.py 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/lib/fencing.py.py 2022-05-18 09:59:06.000000000 +0200 @@ -789,6 +789,12 @@ if "--password-script" in options: options["--password"] = os.popen(options["--password-script"]).read().rstrip() + if "--ssl-secure" in options or "--ssl-insecure" in options: + options["--ssl"] = "" + + if "--ssl" in options and "--ssl-insecure" not in options: + options["--ssl-secure"] = "" + if os.environ.get("PCMK_service") == "pacemaker-fenced" and "--disable-timeout" not in options: options["--disable-timeout"] = "1" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/tests/data/metadata/fence_docker.xml new/fence-agents-4.11.0+git.1652860746.11107cb7/tests/data/metadata/fence_docker.xml --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/tests/data/metadata/fence_docker.xml 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/tests/data/metadata/fence_docker.xml 2022-05-18 09:59:06.000000000 +0200 @@ -20,7 +20,7 @@ </parameter> <parameter name="ipport" unique="0" required="0"> <getopt mixed="-u, --ipport=[port]" /> - <content type="integer" default="80" /> + <content type="integer" default="443" /> <shortdesc lang="en">TCP/UDP port to use for connection with device</shortdesc> </parameter> <parameter name="method" unique="0" required="0"> @@ -43,7 +43,7 @@ </parameter> <parameter name="ssl" unique="0" required="0"> <getopt mixed="-z, --ssl" /> - <content type="boolean" /> + <content type="boolean" default="1" /> <shortdesc lang="en">Use SSL connection with verifying certificate</shortdesc> </parameter> <parameter name="ssl_insecure" unique="0" required="0"> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/tests/data/metadata/fence_ibm_vpc.xml new/fence-agents-4.11.0+git.1652860746.11107cb7/tests/data/metadata/fence_ibm_vpc.xml --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/tests/data/metadata/fence_ibm_vpc.xml 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/tests/data/metadata/fence_ibm_vpc.xml 2022-05-18 09:59:06.000000000 +0200 @@ -8,12 +8,7 @@ <content type="string" /> <shortdesc lang="en">API Key</shortdesc> </parameter> - <parameter name="instance" unique="0" required="1"> - <getopt mixed="--instance=[instance]" /> - <content type="string" /> - <shortdesc lang="en">Cloud Instance</shortdesc> - </parameter> - <parameter name="limit" unique="0" required="1"> + <parameter name="limit" unique="0" required="0"> <getopt mixed="--limit=[number]" /> <content type="string" default="50" /> <shortdesc lang="en">Number of nodes returned by API</shortdesc> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/tests/data/metadata/fence_mpath.xml new/fence-agents-4.11.0+git.1652860746.11107cb7/tests/data/metadata/fence_mpath.xml --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/tests/data/metadata/fence_mpath.xml 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/tests/data/metadata/fence_mpath.xml 2022-05-18 09:59:06.000000000 +0200 @@ -31,6 +31,16 @@ <content type="string" /> <shortdesc lang="en">Key to use for the current operation. This key should be unique to a node and have to be written in /etc/multipath.conf. For the "on" action, the key specifies the key use to register the local node. For the "off" action, this key specifies the key to be removed from the device(s).</shortdesc> </parameter> + <parameter name="suppress-errors" unique="0" required="0" deprecated="1"> + <getopt mixed="--suppress-errors" /> + <content type="boolean" /> + <shortdesc lang="en">Error log suppression.</shortdesc> + </parameter> + <parameter name="suppress_errors" unique="0" required="0" obsoletes="suppress-errors"> + <getopt mixed="--suppress-errors" /> + <content type="boolean" /> + <shortdesc lang="en">Error log suppression.</shortdesc> + </parameter> <parameter name="quiet" unique="0" required="0"> <getopt mixed="-q, --quiet" /> <content type="boolean" /> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/tests/data/metadata/fence_pve.xml new/fence-agents-4.11.0+git.1652860746.11107cb7/tests/data/metadata/fence_pve.xml --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/tests/data/metadata/fence_pve.xml 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/tests/data/metadata/fence_pve.xml 2022-05-18 09:59:06.000000000 +0200 @@ -66,6 +66,21 @@ <content type="string" /> <shortdesc lang="en">Id of the virtual machine.</shortdesc> </parameter> + <parameter name="ssl" unique="0" required="0"> + <getopt mixed="-z, --ssl" /> + <content type="boolean" default="1" /> + <shortdesc lang="en">Use SSL connection with verifying certificate</shortdesc> + </parameter> + <parameter name="ssl_insecure" unique="0" required="0"> + <getopt mixed="--ssl-insecure" /> + <content type="boolean" /> + <shortdesc lang="en">Use SSL connection without verifying certificate</shortdesc> + </parameter> + <parameter name="ssl_secure" unique="0" required="0"> + <getopt mixed="--ssl-secure" /> + <content type="boolean" /> + <shortdesc lang="en">Use SSL connection with verifying certificate</shortdesc> + </parameter> <parameter name="username" unique="0" required="1" obsoletes="login"> <getopt mixed="-l, --username=[name]" /> <content type="string" default="root@pam" /> @@ -176,6 +191,10 @@ <content type="integer" default="1" /> <shortdesc lang="en">Count of attempts to retry power on</shortdesc> </parameter> + <parameter name="gnutlscli_path" unique="0" required="0"> + <getopt mixed="--gnutlscli-path=[path]" /> + <shortdesc lang="en">Path to gnutls-cli binary</shortdesc> + </parameter> </parameters> <actions> <action name="on" automatic="0"/> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/fence-agents-4.11.0+git.1647434775.2f1b86d8/tests/data/metadata/fence_scsi.xml new/fence-agents-4.11.0+git.1652860746.11107cb7/tests/data/metadata/fence_scsi.xml --- old/fence-agents-4.11.0+git.1647434775.2f1b86d8/tests/data/metadata/fence_scsi.xml 2022-03-16 13:46:15.000000000 +0100 +++ new/fence-agents-4.11.0+git.1652860746.11107cb7/tests/data/metadata/fence_scsi.xml 2022-05-18 09:59:06.000000000 +0200 @@ -41,6 +41,16 @@ <content type="boolean" /> <shortdesc lang="en">Open DEVICE read-only.</shortdesc> </parameter> + <parameter name="suppress-errors" unique="0" required="0" deprecated="1"> + <getopt mixed="--suppress-errors" /> + <content type="boolean" /> + <shortdesc lang="en">Error log suppression.</shortdesc> + </parameter> + <parameter name="suppress_errors" unique="0" required="0" obsoletes="suppress-errors"> + <getopt mixed="--suppress-errors" /> + <content type="boolean" /> + <shortdesc lang="en">Error log suppression.</shortdesc> + </parameter> <parameter name="logfile" unique="0" required="0"> <getopt mixed="-f, --logfile" /> <content type="string" />
