Hello community, here is the log from the commit of package keepalived for openSUSE:Leap:15.2 checked in at 2020-03-19 08:36:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/keepalived (Old) and /work/SRC/openSUSE:Leap:15.2/.keepalived.new.3160 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "keepalived" Thu Mar 19 08:36:00 2020 rev:28 rq:786074 version:2.0.19 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/keepalived/keepalived.changes 2020-01-15 15:15:32.266245891 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.keepalived.new.3160/keepalived.changes 2020-03-19 08:36:05.141839820 +0100 @@ -1,0 +2,765 @@ +Thu Nov 7 02:20:31 UTC 2019 - Marcus Rueckert <[email protected]> + +- new BR pkgconfig(libnftnl) to fix nftables support + +------------------------------------------------------------------- +Thu Nov 7 02:03:15 UTC 2019 - Marcus Rueckert <[email protected]> + +- update to 2.0.19 + Fix minor IPVS features support. Extend BFD to support more than + one BFD instance with a neighnour. Extend nftable support. Script + timeout extension. Properly filter IGMP/MLD packets on VMAC + interface. Refer to ChangeLog for more infos. + + https://keepalived.org/changelog.html +- changes from 2.0.18 + Add support to IPVS new GUE tunnel type. New feature 'weight + reverse' available in all trackers. Resolve all outstanding + coverity issues. Some fixes and performance extensions. Refer to + ChangeLog for more infos. + + https://keepalived.org/changelog.html + +------------------------------------------------------------------- +Tue Jul 23 17:30:04 UTC 2019 - [email protected] + +- Update to 2.0.17 (2019-06-25) + * https://www.keepalived.org/changelog.html +- remove obsolete patch + * systemd-after-snmp.patch +- rebase patch + * linux-4.15.patch + +------------------------------------------------------------------- +Tue Apr 16 19:04:13 UTC 2019 - Marcus Rueckert <[email protected]> + +- added systemd-after-snmp.patch: + If you want to use the snmp support the masterx socket needs be + available otherwise the snmp support is broken + strictly speaking we would need to use BindsTo= here but that + would require that add a Requires for net-snmp to the keepalived + package. to be discussed. + +------------------------------------------------------------------- +Tue Apr 16 19:01:38 UTC 2019 - Marcus Rueckert <[email protected]> + +- update to 2.0.15 + - Fix uninitialised variable. + - Fix rpmbuild on CentOS7, and rely on auto-requires. + - Add option to flush lvs on shutdown. Currently all known + virtual servers and their real servers are removed one at a + time at shutdown. With large configurations on a busy system, + this can take some time. Add an option just like the existing + 'lvs_flush' which operates on shutdown. Typical environments + with a single keepalived instance can take advantage of this + option to achieve a faster shutdown or restart cycle. + - Make alpha mode checkers on new real servers start down on + reload. Patch #1180 identified that new real servers with + alpha mode checkers were being added online immediately, and if + the checker then failed were being removed. This commit makes + real servers that didn't exist before the reload start in down + state if they have alpha mode checkers. + - Remove duplicate config dump entry. + - Make new real servers at reload start down if have alpha mode + checkers. + - Close checker and smtp_alert sockets on reload. Issue #1177 + identified that sockets were being left open (lost) after a + reload. It transpired that these were sockets opened by + TCP_CHECK, HTTP_GET, SSL_GET, DNS_CHECK and SMTP_CHECK + checkers, and by smtp_alerts in the process of being sent. + This commit adds an extra parameter to thread_add_read() and + thread_add_write() to allow indicating that the scheduler + should close the socket when destroying threads. + - Send vrrp group backup notifies at startup. + - Make inhibit_on_failure be inherited by real server from + virtual server. + - Allow real and sorry servers to be configured with port 0 This + is to maintain backwards compatibility with keepalived prior to + commit d87f07c - "Ensure always check return from + inet_stosockaddr when parsing config". The proper way to + configure this is to omit the port, which requires the next + commit. + - Don't setup IPVS config with real and virtual servers ports + different. If the real server is using DR or TUN, the port of + the real server must be the same as the port of the virtual + server. This commit uses the virtual server port for the real + server when configuring IPVS. + - Log warnings if real server and virtual server ports don't + match This commit adds logging warnings if virtual and real + server ports, when using TUN or DR, don't match. It also sets + the real server ports to be the same as the virtual server + ports. Although listing the IPVS configuration with ipvsadm + will look different, the kernel ignored the port of a real + server when using DR or TUN, so the behaviour isn't changed, + but when looking at the configuration it now shows what is + actually happening. + - Fix warning when protocol specified for virtual server with + fwmark. + - Add log message that nb_get_retry is deprecated. + - Fix whitespace in configure.ac. + - Fix configure error when systemd not installed configure was + trying to execute pkg-config --variable=systemdsystemunitdir + systemd even if systemd was not available. This commit makes + configure only execute the above if it has determined that + systemd is the correct init package to use. + - Correct references to RFC6527 (VRRPv3 SNMP RFC). + - nsure checker->has_run is always set once a checker has run. + - Fix some indentation in configure.ac. + - Update fopen_safe() to open temporary file in destination + directory rename() in fopen_safe() was failing if the file + being created was not on the same filesystem as /tmp. + - Add ${_RANDOM} configuration keyword. It might seem strange to + introduce random elements to configuration files, but it can be + useful for testing. + - Fix using ~SEQ() in multiline configuration definitions. + - Make blank lines terminate a multiline definition. + - Minor updates for lvs_flush_on_stop. + - Add option to skip deleting real servers on shutdown or reload + If a virtual server is removed, the kernel will remove its real + servers, so keepalived doesn't explicitly need to do so. The + lvs_flush_onstop option removes all LVS configuration, whereas + this new option will only remove the virtual servers managed by + keepalived. + - Correct error message re checker_log_all_failures. + - Fix syntax error in configure.ac. + - Fix track_process initialisation for processes with PIDs + starting 9. + - Remove debugging log message. + - Remove inappropriate function const attributes They were + causing iptables/ipsets not to be initialised. + - Stop warning: function might be candidate for attribute + "const" Depending on what configure options are selected, + gcc can output the above warning for + initialise_debug_options(). This commit ensures that the + warning is not produced. + - Enable strict-config-checks option in keepalived.spec RPM file. + - vrrp: relax attribute 'const' warning at iptables helpers. + - Propagate libm to KA_LIBS. + - Fix building on Alpine Linux. Alpine (musl) doesn't have a + definition of __GNU_PREREQ, so create a dummy definition. + +------------------------------------------------------------------- +Wed Apr 3 13:52:51 UTC 2019 - Marcus Rueckert <[email protected]> + +- add buildrequires for file-devel + - used in the checker to verify scripts + +------------------------------------------------------------------- +Wed Apr 3 13:46:22 UTC 2019 - Marcus Rueckert <[email protected]> + +- update to 2.0.14 + - Add compiler warning -Wfloat-conversion and fix new warnings. + It was discovered that passing 0.000001 as a parameter + specified as uint32_t to a function did not generate any + warning of type mismatch, or loss of precision. This commit + adds -Wfloat-conversion and fixes 3 instances of new warnings + that were generated. + - For non systemd enviroment, it occurs syntax error 'fi'. To + avoid syntax error, modify keepalived.spec.in. + - When uninstall keepalived with init upstart, stop keepalived + process. + - Fix type re LOG_INGO should be LOG_INFO - 6git stash --cached. + The code was actualy in a #ifdef INCLUDE_UNUSED_CODE block, and + so isn't currently compiled. + - Register missing thread function for thread debugging. + - Fix reutrn value of notify_script_compare misusing issue. + - Fix typo in keepalived.conf man page re BFD min_rx. + - Fix segfault when bfd process reloads config. Issue #1145 + reported the bdf process was segfaulting when reloading. The + bfd process was freeing and allocating a new thread_master_t + when reloading, which doesn't work. This commit changes the bfd + process to clean and reinitialise the thread_master_t. + - Fix segfault in handle_proc_ev(). On Linux 3.10 the ack bit + can be set in a connector message, and the CPU number is set to + UINT32_MAX. This commit skips acks, and also checks that CPU + number is within range of the number of CPUs on the system. + - Fix OpenSSL init failure with OpenSSL v1.1.1. OpenSSL v1.1.1, + but not v1.1.0h or v1.1.1b failed in SSL_CTX_new() if + OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG) had previously + been called. This commit doesn't call OPENSSL_init_crypto() if + doing so causes SSL_CTX_new() to fail. + - Remove all references to libnfnetlink. Commit 2899da6 (Stop + using linbl for mcast group membership and setting rx buf + sizes) stopped using libnfnetlink, but INSTALL and + keepalived.spec.in were not updated accordingly. + - Fix genhash re OPENSSL_init_crypto bug and improve + configure.ac. Commit fe6d6ac (Fix OpenSSL init failure with + OpenSSL v1.1.1) didn't update the identical code in + genhash/ssl.c. Also, an improvement for the test in + configure.ac was suggested. + - Fix log output when real server removed. FMT_VS() and FMT_RS() + both call inet_sockaddrtotrio which uses a static buffer to + return the formatted string, but since FMT_VS(), wheich simply + calls format_vs() copies the returned string to its own static + buffer, if FMT_VS() was called before FMT_RS() then the + returned strings from both could be used. The problem occurs + when both FMT_VS() and FMT_RS() are used as parameters to + log_message() (or printf etc). It appeared to work fine on ++++ 568 more lines (skipped) ++++ between /work/SRC/openSUSE:Leap:15.2/keepalived/keepalived.changes ++++ and /work/SRC/openSUSE:Leap:15.2/.keepalived.new.3160/keepalived.changes Old: ---- keepalived-2.0.10.tar.gz New: ---- keepalived-2.0.19.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ keepalived.spec ++++++ --- /var/tmp/diff_new_pack.kkBTTO/_old 2020-03-19 08:36:05.557840075 +0100 +++ /var/tmp/diff_new_pack.kkBTTO/_new 2020-03-19 08:36:05.561840077 +0100 @@ -1,7 +1,7 @@ # # spec file for package keepalived # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -26,57 +26,57 @@ %else %bcond_with systemd %endif + %if 0%{?suse_version} > 1500 %bcond_without dbus +%bcond_without keepalived_nftables %else %bcond_with dbus +%bcond_with keepalived_nftables +%endif + +%if 0%{?suse_version} >= 1500 +%bcond_without keepalived_regex +%else +%bcond_with keepalived_regex %endif %bcond_without json Name: keepalived -Version: 2.0.10 +Version: 2.0.19 Release: 0 Summary: A keepalive facility for Linux License: GPL-2.0-or-later Group: Productivity/Networking/Routing -Url: http://www.keepalived.org/ +URL: http://www.keepalived.org/ Source: http://www.keepalived.org/software/%{name}-%{version}.tar.gz Source2: keepalive-rpmlintrc Patch1: keepalive-init.patch # PATCH-FIX-UPSTREAM: https://github.com/acassen/keepalived/commit/947248af144bcab6376ccddab8dc40f313b14281.patch Patch2: linux-4.15.patch -BuildRequires: libnfnetlink-devel -%if %{with json} -BuildRequires: libjson-c-devel -%endif +BuildRequires: file-devel BuildRequires: net-snmp-devel -BuildRequires: openssl-devel BuildRequires: pkgconfig BuildRequires: snmp-mibs -%if 0%{?suse_version} > 1110 BuildRequires: pkgconfig(dbus-1) BuildRequires: pkgconfig(gio-2.0) +BuildRequires: pkgconfig(openssl) +%if %{with json} BuildRequires: pkgconfig(json-c) +%endif BuildRequires: pkgconfig(libipset) BuildRequires: pkgconfig(libiptc) BuildRequires: pkgconfig(libnl-3.0) +%if %{with keepalived_regex} BuildRequires: pkgconfig(libpcre2-8) -BuildRequires: pkgconfig(xtables) -%else -BuildRequires: dbus-1-devel -BuildRequires: glib2-devel -BuildRequires: ipset-devel -BuildRequires: libiptc-devel -BuildRequires: libnl-devel -BuildRequires: libxtables-devel -BuildRequires: pcre2-devel -%endif -BuildRequires: libnfnetlink-devel -# BuildRequires: netsnmp-devel -BuildRequires: popt-devel -%if 0%{?suse_version} && 0%{?suse_version} <= 1110 -BuildRequires: cyrus-sasl-devel %endif +BuildRequires: pkgconfig(libnfnetlink) +%if %{with keepalived_nftables} +BuildRequires: pkgconfig(libnftables) +BuildRequires: pkgconfig(libnftnl) +%endif +BuildRequires: pkgconfig(popt) +BuildRequires: pkgconfig(xtables) Requires(pre): pwdutils Requires(pre): %fillup_prereq %if %{with systemd} @@ -101,13 +101,14 @@ %prep %setup -q %patch1 -p1 -%patch2 -p1 +%patch2 -p0 chmod 644 doc/samples/* %build export STRIP=true export CPPFLAGS="$(pkg-config --cflags libnfnetlink libiptc libipset xtables)" export CFLAGS="%optflags -DOPENSSL_NO_SSL_INTERN" +# --enable-dbus-create-instance \ %configure \ --disable-silent-rules \ --enable-bfd \ @@ -122,24 +123,28 @@ --enable-snmp-rfcv3 \ %if %{with dbus} --enable-dbus \ - --enable-dbus-create-instance \ %endif + %if %{with keepalived_regex} --enable-regex \ --enable-regex-timers \ + %endif + %if %{with keepalived_nftables} + --enable-nftables \ + %endif %if %{with systemd} --with-init=systemd \ --with-systemdsystemunitdir="%{_unitdir}" \ %endif - --enable-snmp-checker \ - --enable-snmp-rfc \ - --enable-snmp-rfcv2 \ - --enable-snmp-rfcv3 \ --enable-sha1 \ --enable-routes \ + --enable-iptables \ + --enable-dynamic-linking \ --enable-libiptc \ + --enable-libiptc-dynamic \ --enable-libipset \ - --disable-libipset-dynamic \ + --enable-libipset-dynamic \ --enable-libnl \ + --enable-libnl-dynamic \ --enable-stacktrace \ --enable-json make %{?_smp_mflags} ++++++ keepalived-2.0.10.tar.gz -> keepalived-2.0.19.tar.gz ++++++ ++++ 56052 lines of diff (skipped) ++++++ linux-4.15.patch ++++++ --- /var/tmp/diff_new_pack.kkBTTO/_old 2020-03-19 08:36:05.853840256 +0100 +++ /var/tmp/diff_new_pack.kkBTTO/_new 2020-03-19 08:36:05.853840256 +0100 @@ -28,10 +28,10 @@ keepalived/vrrp/vrrp.c | 1 + 2 files changed, 2 insertions(+) -Index: keepalived-2.0.9/keepalived/include/vrrp_arp.h +Index: keepalived/include/vrrp_arp.h =================================================================== ---- keepalived-2.0.9.orig/keepalived/include/vrrp_arp.h -+++ keepalived-2.0.9/keepalived/include/vrrp_arp.h +--- keepalived/include/vrrp_arp.h.orig ++++ keepalived/include/vrrp_arp.h @@ -24,6 +24,7 @@ #define _VRRP_ARP_H @@ -40,22 +40,22 @@ #include <sys/types.h> #include <linux/if_infiniband.h> -Index: keepalived-2.0.9/keepalived/vrrp/vrrp.c +Index: keepalived/vrrp/vrrp.c =================================================================== ---- keepalived-2.0.9.orig/keepalived/vrrp/vrrp.c -+++ keepalived-2.0.9/keepalived/vrrp/vrrp.c -@@ -40,6 +40,7 @@ - #include <net/ethernet.h> +--- keepalived/vrrp/vrrp.c.orig ++++ keepalived/vrrp/vrrp.c +@@ -44,6 +44,7 @@ + #endif /* local include */ +#define _GNU_SOURCE #include "parser.h" #include "vrrp_arp.h" -Index: keepalived-2.0.9/keepalived/include/vrrp_if.h +Index: keepalived/include/vrrp_if.h =================================================================== ---- keepalived-2.0.9.orig/keepalived/include/vrrp_if.h -+++ keepalived-2.0.9/keepalived/include/vrrp_if.h +--- keepalived/include/vrrp_if.h.orig ++++ keepalived/include/vrrp_if.h @@ -33,9 +33,7 @@ #include <sys/types.h> #include <net/if.h>
