Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock
Please unblock package condor
I have just made an upload of an upstream security fix release
addressing CVE-2012-3416. I decided to upload this upstream release
instead of cherry-picking the security fix, because this release only
addresses this fix anyway. I'm attaching the full diff to the current
version in wheezy. Here are the stats:
CMakeLists.txt | 2 +-
debian/changelog | 9 +
doc/condor-macros.tex | 2 +-
doc/version-history/7-8.history.tex | 58 ++++-
nmi_tools/condor_nmi_submit | 49 ++--
nmi_tools/glue/SubmitInfo.pm | 423 ++---------------------------------
nmi_tools/nmi-build-platforms | 6 +-
src/condor_utils/ipv6_hostname.cpp | 70 +++++-
8 files changed, 178 insertions(+), 441 deletions(-)
The fix is in src/condor_utils/... CMakeLists only reflects the version
number change. doc/... is the upstream changelog item. And the changes
in nmi_tools/ are concerned with the upstream build and test framework
for pushing out this release. The latter code is just dead weight and
is not built, installed or otherwise touched by the Debian package.
Thanks
unblock condor/7.8.2~dfsg.1-1
-- System Information:
Debian Release: wheezy/sid
Architecture: i386 (i686)
Kernel: Linux 3.2.0-2-686-pae (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff --git a/CMakeLists.txt b/CMakeLists.txt
index e34ef70..afce6ea 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -29,7 +29,7 @@ set(PACKAGE "condor")
# Condor and other systems parse this number. Keep it simple:
# Number.Number.Number. Do nothing else. If you need to add
# more information, PRE_RELEASE is usually the right location.
-set(VERSION "7.8.1")
+set(VERSION "7.8.2")
# Set PRE_RELEASE to either a string (i.e. "PRE-RELEASE-UWCS") or OFF
# This shuld be "PRE-RELEASE-UWCS most of the time, and OFF when
diff --git a/debian/changelog b/debian/changelog
index f0d1789..052d595 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+condor (7.8.2~dfsg.1-1) unstable; urgency=high
+
+ * Upstream security release. Prevent an attacker who is manipulating
+ reverse-DNS entries and is able to connect to a Condor daemon to gain
+ access to a Condor pool that is using DNS/hostname host-based authentication
+ (only). CVE-2012-3416
+
+ -- Michael Hanke <m...@debian.org> Thu, 16 Aug 2012 08:32:49 +0200
+
condor (7.8.1~dfsg.1-2) unstable; urgency=low
* Remove dangling symlink /usr/sbin/condor -> ../bin/condor. This file no
diff --git a/doc/condor-macros.tex b/doc/condor-macros.tex
index 75e2ecb..b7bd2b8 100644
--- a/doc/condor-macros.tex
+++ b/doc/condor-macros.tex
@@ -5,7 +5,7 @@
% Set up version, author and copyright notices
%
\newcommand{\AuthorNotice}{Condor Team, University of Wisconsin--Madison}
-\newcommand{\VersionNotice}{Version 7.8.1}
+\newcommand{\VersionNotice}{Version 7.8.2}
\newcommand{\CondorR}{\Reg{Condor}}
\newcommand{\CopyrightNotice}{
diff --git a/doc/version-history/7-8.history.tex b/doc/version-history/7-8.history.tex
index e7bb224..cbf3328 100644
--- a/doc/version-history/7-8.history.tex
+++ b/doc/version-history/7-8.history.tex
@@ -16,6 +16,61 @@ New features will be added in the 7.9.x development series.
The details of each version are described below.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\subsection*{\label{sec:New-7-8-2}Version 7.8.2}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+\noindent Release Notes:
+
+\begin{itemize}
+
+\item Condor version 7.8.2 released on August 14, 2012.
+
+\item \Security Fixed a critical problem with DNS handling.
+
+\end{itemize}
+
+\noindent New Features:
+
+\begin{itemize}
+
+\item None.
+
+\end{itemize}
+
+\noindent Configuration Variable and ClassAd Attribute Additions and Changes:
+
+\begin{itemize}
+
+\item None.
+
+\end{itemize}
+
+\noindent Bugs Fixed:
+
+\begin{itemize}
+
+\item \Security Fixed a critical problem with DNS handling.
+
+\end{itemize}
+
+\noindent Known Bugs:
+
+\begin{itemize}
+
+\item None.
+
+\end{itemize}
+
+\noindent Additions and Changes to the Manual:
+
+\begin{itemize}
+
+\item None.
+
+\end{itemize}
+
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\subsection*{\label{sec:New-7-8-1}Version 7.8.1}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -23,8 +78,7 @@ The details of each version are described below.
\begin{itemize}
-\item Condor version 7.8.1 not yet released.
-%\item Condor version 7.8.1 released on Month Date, 2012.
+\item Condor version 7.8.1 released on June 15, 2012.
\end{itemize}
diff --git a/nmi_tools/condor_nmi_submit b/nmi_tools/condor_nmi_submit
index 27457ff..9c0751d 100755
--- a/nmi_tools/condor_nmi_submit
+++ b/nmi_tools/condor_nmi_submit
@@ -41,7 +41,7 @@ use vars qw/ $opt_build $opt_test
$opt_clear_externals_cache_weekly $opt_clear_externals_cache_daily
$opt_externals_only $opt_release_only $opt_version_buildid
$opt_build_args
- $opt_skip_doc $opt_sha1
+ $opt_skip_doc $opt_sha1 $opt_private_build
$opt_buildid $opt_test_src $opt_test_timeout $opt_test_class
$opt_input_platform $opt_tests_at_once
/;
@@ -59,7 +59,7 @@ sub SRC { 0; };
######################################################################
# Root of the GIT Source repository
-my $GITROOT_SRC = $ENV{'GIT_DIR'} || ( is_new_batlab() ? "/home/condorauto/condor.git" : "/space/git/CONDOR_SRC.git") ;
+my $GITROOT_SRC = $ENV{'GIT_DIR'} || "/home/condorauto/condor.git";
# Root of the GIT Manual repository
# my $GITROOT_DOC = "/space/git/CONDOR_DOC.git";
@@ -74,10 +74,10 @@ my $submit_info = "nmi_tools/glue/$submit_info_basename";
my $cvs_condor_nmi_submit = "nmi_tools/condor_nmi_submit";
# Default location to check for NMI tools (if NMI_BIN isn't set)
-my $default_nmi_bin = ( is_new_batlab() ? "/usr/local/nmi/bin" : "/nmi/bin") ;
+my $default_nmi_bin = "/usr/local/nmi/bin";
# Find where the Condor binaries we should use are located
-my $default_condor_bin = is_new_batlab() ? "/usr/bin" : "/usr/local/condor/bin";
+my $default_condor_bin = "/usr/bin";
# Config file encapsulating dependencies on NMI framework.
my $nmiconf;
@@ -174,6 +174,9 @@ my $nmi_submit;
# only used by nmi_submit, but set still have to find them)
my $condor_bin;
+# Whether or not the build should be private. default: NO
+my $private_build;
+
######################################################################
# Actual work of the script
######################################################################
@@ -353,6 +356,7 @@ sub parseOptions
'add-build-args=s' => \$opt_build_args,
'skip-doc' => \$opt_skip_doc,
'sha1=s' => \$opt_sha1,
+ 'private-build:s' => \$opt_private_build,
# test-specific options
'buildid=i' => \$opt_buildid,
'test-src=s' => \$opt_test_src,
@@ -385,8 +389,7 @@ sub parseOptions
if( defined $opt_platforms ) {
foreach $platform ( split(/\s*,\s*/, $opt_platforms) ) {
if( $platform eq "all" ) {
- if($runtype eq "build" and is_new_batlab()) {
- # For new Batlab, "all" means build on the set of defined build platforms
+ if($runtype eq "build") {
my $file = dirname($0) . "/nmi-build-platforms";
open(IN, '<', $file) or die("Cannot open $file for reading: $!");
while(<IN>) {
@@ -398,11 +401,7 @@ sub parseOptions
close(IN);
next;
}
- else {
- if( $runtype ne "test" ) {
- print "ERROR: --platforms=all only works with --test\n";
- printUsage( 1 );
- }
+ elsif($runtype eq "test") {
if( ! defined $opt_buildid ) {
print "ERROR: --platforms=all only works with --buildid\n";
printUsage( 1 );
@@ -587,6 +586,10 @@ sub parseOptions
printUsage( 1 );
}
}
+
+ if( defined($opt_private_build) ) {
+ $private_build = $opt_private_build;
+ }
}
# TODO: this should be more clear about the required vs. optional
@@ -905,6 +908,23 @@ sub createSubmitFilesNew
writeTestGlueNew( *CMDFILE );
}
+ # Not all builds should be public (e.g. security releases). Set the flag
+ # if defined
+ if (defined($private_build)) {
+ my $private_username;
+ if ($private_build ne "") {
+ $private_username = $private_build;
+ } else {
+ $private_username = "condor-team";
+ }
+
+ print "PRIVATE BUILD: $private_username\n";
+ print CMDFILE "private_web_users = " . $private_username . "\n";
+ } else {
+ print "PUBLIC BUILD\n";
+ }
+
+
# Sometimes builds and tests get backed up. If so, we would
# like to eventually run all the jobs, but we'd like to see results from
# newer ones first. Setting the user job prio to the Qdate should
@@ -2287,10 +2307,3 @@ sub parseError
my $err = shift;
die "ERROR (line $orig_lineno): $err!\n";
}
-
-#----------------------------------------------------------------------
-# Helper method to determine if we are running in new Batlab
-#----------------------------------------------------------------------
-sub is_new_batlab {
- return `hostname -f` eq "submit-2.batlab.org\n";
-}
diff --git a/nmi_tools/glue/SubmitInfo.pm b/nmi_tools/glue/SubmitInfo.pm
index 805d0df..276a39b 100755
--- a/nmi_tools/glue/SubmitInfo.pm
+++ b/nmi_tools/glue/SubmitInfo.pm
@@ -43,23 +43,11 @@ our %build_and_test_sets = (
# NOTE: Keep the stable or developer release branches synchronized with
# https://condor-wiki.cs.wisc.edu/index.cgi/wiki?p=DeveloperReleasePlan
'official_ports' => [
- 'x86_64_deb_6.0-updated', # this will switch to non-updated when NMI has that platform
- 'x86_64_deb_5.0',
- 'x86_64_rhap_5',
- 'x86_64_rhas_3',
- 'x86_deb_5.0',
- 'x86_rhap_5',
- 'x86_rhas_3',
- 'x86_winnt_5.1',
- 'x86_64_rhap_6.1-updated',
- 'x86_64_macos_10.6-updated',
],
# NMI will need builds on a set of platforms that we do not provide in our
# core builds. These are those platforms.
'nmi_one_offs' => [
- #'x86_64_freebsd_8.2-updated',
- #'x86_64_sol_5.11',
],
# We will build on a set of machines that we want to be sure continue building
@@ -68,9 +56,6 @@ our %build_and_test_sets = (
# release - a build problem on this platform could indicate problems on a future
# release of RHEL.
'extra_builds' => [
- #'x86_64_fedora_14-updated',
- #'x86_64_opensuse_11.4-updated',
- #'x86_64_macos_10.6-updated',
],
'stduniv' => [
@@ -85,25 +70,7 @@ our %build_and_test_sets = (
# For every build, test, and cross test, of condor everywhere,
# these are the default prereqs _usually_ involved.
###############################################################################
-my @default_prereqs = (
- 'tar-1.14',
- 'patch-2.5.4',
- 'cmake-2.8.3',
- 'flex-2.5.4a',
- 'make-3.80',
- 'byacc-1.9',
- 'bison-1.25',
- 'wget-1.9.1',
- 'm4-1.4.1',
- );
-
-# Hackery to test running in new batlab
-my $isNewBatlab = 0;
-if ((`hostname -f` eq "submit-1.batlab.org\n") ||
- (`hostname -f` eq "submit-2.batlab.org\n")) {
-@default_prereqs = ();
-$isNewBatlab = 1;
-}
+my @default_prereqs = ();
###############################################################################
# Minimal build configuration
@@ -319,39 +286,19 @@ our %submit_info = (
'configure_args' => { @default_build_configure_args,
'-DCLIPPED:BOOL' => 'OFF',
},
- 'prereqs' => ($isNewBatlab ? [] : [ 'libtool-1.5.26', 'cmake-2.8.3' ]),
- 'xtests' => ($isNewBatlab ? [] : [ 'x86_64_ubuntu_10.04', ]),
+ 'prereqs' => [],
+ 'xtests' => [],
},
'test' => {
'configure_args' => { @default_test_configure_args },
- 'prereqs' => ($isNewBatlab ? [] : [ 'java-1.4.2_05' ]),
+ 'prereqs' => [],
'testclass' => [ @default_testclass ],
},
},
##########################################################################
- # Platform Debian 6.0 on x86_64 (updated)
- ##########################################################################
- # This is the name of the platform in old batlab
- 'x86_64_deb_6.0-updated' => {
- 'build' => {
- 'configure_args' => { @default_build_configure_args,
- '-DCLIPPED:BOOL=OFF' => undef,
- },
- 'prereqs' => [ 'libtool-1.5.26', 'cmake-2.8.3' ],
- 'xtests' => undef,
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ 'java-1.4.2_05' ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
- ##########################################################################
# Platform DEB 6 on x86_64
##########################################################################
# This is the name of the platform in new batlab
@@ -387,7 +334,7 @@ our %submit_info = (
'test' => {
'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs, 'java-1.4.2_05' ],
+ 'prereqs' => [ @default_prereqs ],
'testclass' => [ @default_testclass ],
},
},
@@ -396,6 +343,8 @@ our %submit_info = (
# Platform RHEL 6 on x86. Unmanaged.
##########################################################################
'x86_rhap_6.0-updated' => 'x86_rhap_6.0',
+ 'x86_rhap_6.2' => 'x86_rhap_6.0',
+ 'x86_rhap_6.3' => 'x86_rhap_6.0',
##########################################################################
# Platform RHEL 6 on x86_64
@@ -411,7 +360,7 @@ our %submit_info = (
'test' => {
'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs, 'java-1.4.2_05' ],
+ 'prereqs' => [ @default_prereqs ],
'testclass' => [ @default_testclass ],
},
},
@@ -440,6 +389,7 @@ our %submit_info = (
# And now, 6.1 has become 6.2 through the magic of auto-update
'x86_64_rhap_6.2' => 'x86_64_rhap_6.1',
+ 'x86_64_rhap_6.3' => 'x86_64_rhap_6.1',
##########################################################################
# Platform RHEL 5 on x86_64
@@ -457,13 +407,13 @@ our %submit_info = (
'test' => {
'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs, 'java-1.4.2_05' ],
+ 'prereqs' => [ @default_prereqs ],
'testclass' => [ @default_testclass ],
},
},
# This is the new batlab one
- 'x86_64_rhap_5.7' => {
+ 'x86_64_rhap_5.8' => {
'build' => {
'configure_args' => { @default_build_configure_args,
'-DCLIPPED:BOOL' => 'OFF',
@@ -481,27 +431,6 @@ our %submit_info = (
##########################################################################
- # Platform RHEL 3 on x86_64
- ##########################################################################
- 'x86_64_rhas_3' => {
- 'build' => {
- 'configure_args' => { @default_build_configure_args,
- '-DCLIPPED:BOOL' => 'OFF',
- '-DWITH_LIBCGROUP:BOOL' => 'OFF',
- },
- 'prereqs' => [ @default_prereqs ],
- 'xtests' => [ ],
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs, 'java-1.4.2_05', 'perl-5.8.5',
- 'VMware-server-1.0.7' ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
- ##########################################################################
# Platform Debian 5 on x86
##########################################################################
'x86_deb_5.0' => {
@@ -509,95 +438,17 @@ our %submit_info = (
'configure_args' => { @default_build_configure_args,
'-DCLIPPED:BOOL' => 'OFF',
},
- 'prereqs' => [ 'libtool-1.5.26', 'cmake-2.8.3' ],
- 'xtests' => [ ],
+ 'prereqs' => [ ],
+ 'xtests' => [ ],
},
'test' => {
'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ 'java-1.4.2_05' ],
+ 'prereqs' => [ ],
'testclass' => [ @default_testclass ],
},
},
- ##########################################################################
- # Platform Mac OSX 10.4 on x86
- ##########################################################################
- 'x86_macos_10.4' => {
- 'build' => {
- 'configure_args' => { @default_build_configure_args },
- 'prereqs' => [ @default_prereqs,
- 'coreutils-5.2.1',
- 'libtool-1.5.26',],
- 'xtests' => [
- 'x86_64_macos_10.6',
- 'x86_64_macos_10.6-updated',
- ],
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [
- @default_prereqs,
- 'java-1.4.2_12',
- 'coreutils-5.2.1'
- ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
- ##########################################################################
- # Platform Mac OSX 10.5 on x86_64
- # condor actually builds naturally for this one, we just don't release it
- ##########################################################################
- 'x86_64_macos_10.5' => {
- 'build' => {
- 'configure_args' => { @default_build_configure_args },
- 'prereqs' => [
- @default_prereqs,
- 'libtool-1.5.26',
- ],
- 'xtests' => undef,
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
- ##########################################################################
- # Platform Mac OSX 10.5 on x86_64 with updates
- # condor actually builds naturally for this one, we just don't release it
- ##########################################################################
- 'x86_64_macos_10.5-updated' => 'x86_64_macos_10.5',
-
-
- ##########################################################################
- # Platform Mac OSX 10.6 on x86_64
- ##########################################################################
- 'x86_64_macos_10.6' => {
- 'build' => {
- 'configure_args' => { @default_build_configure_args },
- 'prereqs' => [
- @default_prereqs,
- 'libtool-1.5.26',
- ],
- 'xtests' => undef,
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
- ##########################################################################
- # Platform Mac OSX 10.6 with updates on x86_64
- ##########################################################################
- 'x86_64_macos_10.6-updated' => 'x86_64_macos_10.6',
# This is new batlab macos 10.7 machine
'x86_64_macos_10.7' => {
@@ -616,97 +467,10 @@ our %submit_info = (
##########################################################################
# Platform RHEL 5 on x86
##########################################################################
- 'x86_rhap_5' => {
- 'build' => {
- 'configure_args' => { @default_build_configure_args,
- '-DCLIPPED:BOOL' => 'OFF',
- },
- 'prereqs' => [ @default_prereqs ],
- 'xtests' => undef,
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs, 'java-1.4.2_05' ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
- ##########################################################################
- # Platform RHEL 3 on x86
- ##########################################################################
- 'x86_rhas_3' => {
+ 'x86_rhap_5.8' => {
'build' => {
'configure_args' => { @default_build_configure_args,
'-DCLIPPED:BOOL' => 'OFF',
- '-DWITH_LIBCGROUP:BOOL' => 'OFF',
- },
- 'prereqs' => [
- @default_prereqs,
- 'perl-5.8.5', 'gzip-1.3.3', 'autoconf-2.59'
- ],
- 'xtests' => [
- 'x86_64_rhas_3',
- ],
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs, 'java-1.5.0_08', 'perl-5.8.5',
- 'VMware-server-1.0.7' ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
-
- # These describe what a human, sadly, had to figure out about certain
- # ports that we do in a "one off" fashion. These ports are generally
- # not released to the public, but are often needed by NMI to run their
- # cluster. If by chance work happens on these ports to make them officially
- # released, then they will move from this section to the above section,
- # and most likely with the above arguments to configure. Most of these
- # builds of Condor are as clipped as possible to ensure compilation.
-
- ##########################################################################
- # Platform Fedora 13 on x86_64
- ##########################################################################
- 'x86_64_fedora_13' => {
- 'build' => {
- 'configure_args' => { @minimal_build_configure_args },
- 'prereqs' => [ @default_prereqs ],
- 'xtests' => undef,
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs, 'java-1.5.0_08' ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
- ##########################################################################
- # Platform Fedora 13 with updates on x86_64
- ##########################################################################
- 'x86_64_fedora_13-updated' => {
- 'build' => {
- 'configure_args' => { @minimal_build_configure_args },
- 'prereqs' => [ @default_prereqs ],
- 'xtests' => undef,
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs, 'java-1.5.0_08' ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
- ##########################################################################
- # Platform Fedora 14 on x86_64
- ##########################################################################
- 'x86_64_fedora_14' => {
- 'build' => {
- 'configure_args' => { @minimal_build_configure_args,
},
'prereqs' => [ @default_prereqs ],
'xtests' => undef,
@@ -719,28 +483,6 @@ our %submit_info = (
},
},
- 'x86_64_fedora_15' => 'x86_64_fedora_14',
- 'x86_64_fedora_16' => 'x86_64_fedora_14',
- 'x86_64_fedora_17' => 'x86_64_fedora_14',
- 'x86_64_fedora_18' => 'x86_64_fedora_14',
- ##########################################################################
- # Platform Fedora 14 with updates on x86_64
- ##########################################################################
- 'x86_64_fedora_14-updated' => {
- 'build' => {
- 'configure_args' => { @minimal_build_configure_args,
- },
- 'prereqs' => [ @default_prereqs ],
- 'xtests' => undef,
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs, 'java-1.5.0_08' ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
##########################################################################
# Platform Solaris 11 on x86_64
# Building openssl is problematic on this platform. There is
@@ -800,81 +542,6 @@ our %submit_info = (
},
##########################################################################
- # Platform RHEL 5 on x86 (umanaged!)
- # This might work.
- ##########################################################################
- 'unmanaged-x86_rhap_5' => {
- 'build' => {
- 'configure_args' => { @default_build_configure_args },
- 'prereqs' => [ @default_prereqs ],
- 'xtests' => undef,
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs, 'java-1.5.0_08' ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
- ##########################################################################
- # Platform RHEL 5.2 on X86_64
- # This might work.
- # I suspect this could be a real port if we bothered.
- ##########################################################################
- 'x86_64_rhap_5.2' => {
- 'build' => {
- 'configure_args' => { @minimal_build_configure_args },
- 'prereqs' => [ @default_prereqs ],
- 'xtests' => undef,
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
- ##########################################################################
- # Platform RHEL 5.3 on X86_64
- # This might work.
- # I suspect this could be a real port if we bothered.
- ##########################################################################
- 'x86_64_rhap_5.3' => {
- 'build' => {
- 'configure_args' => { @minimal_build_configure_args },
- 'prereqs' => [ @default_prereqs ],
- 'xtests' => undef,
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
- ##########################################################################
- # Platform RHEL 5.3 with updates on X86_64
- # This might work.
- # I suspect this could be a real port if we bothered.
- ##########################################################################
- 'x86_64_rhap_5.3-updated' => {
- 'build' => {
- 'configure_args' => { @default_build_configure_args },
- 'prereqs' => [ @default_prereqs ],
- 'xtests' => undef,
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs, 'java-1.4.2_05' ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
- ##########################################################################
# Platform RHEL 5.4 on X86_64
# This might work.
# I suspect this could be a real port if we bothered.
@@ -930,46 +597,6 @@ our %submit_info = (
##########################################################################
- # Platform RHEL 4 on X86_64
- # This might work.
- ##########################################################################
- 'x86_64_rhas_4' => {
- 'build' => {
- 'configure_args' => { @minimal_build_configure_args,
- '-DWITH_LIBCGROUP:BOOL' => 'OFF',
- },
- 'prereqs' => [ @default_prereqs ],
- 'xtests' => undef,
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs, 'java-1.5.0_08', 'perl-5.8.9' ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
- ##########################################################################
- # Platform SLES 9 on x86_64
- ##########################################################################
- 'x86_64_sles_9' => {
- 'build' => {
- 'configure_args' =>{ @minimal_build_configure_args },
- 'prereqs' => [ @default_prereqs, 'wget-1.9.1' ],
- 'xtests' => undef,
- },
-
- 'test' => {
- 'configure_args' => {
- @default_test_configure_args,
-
- },
- 'prereqs' => [ @default_prereqs, 'wget-1.9.1', 'java-1.4.2_05' ],
- 'testclass' => [ @default_testclass ],
- },
- },
-
- ##########################################################################
# Platform Ubuntu 10.04 on x86_64
# This might work.
##########################################################################
@@ -1006,22 +633,6 @@ our %submit_info = (
},
},
- ##########################################################################
- # Platform RHEL 4 on x86
- ##########################################################################
- 'x86_rhas_4' => {
- 'build' => {
- 'configure_args' => { @minimal_build_configure_args },
- 'prereqs' => [ @default_prereqs ],
- 'xtests' => undef,
- },
-
- 'test' => {
- 'configure_args' => { @default_test_configure_args },
- 'prereqs' => [ @default_prereqs, 'java-1.4.2_05', 'perl-5.8.5' ],
- 'testclass' => [ @default_testclass ],
- },
- },
##########################################################################
# Platform openSUSE 11.3 on x86_64 (& updated)
@@ -1060,7 +671,7 @@ our %submit_info = (
'-DWITH_LIBVIRT:BOOL' => 'ON',
'-DWITH_LIBXML2:BOOL' => 'ON',
},
- 'prereqs' => [ @default_prereqs, 'java-1.4.2_05' ],
+ 'prereqs' => [ @default_prereqs ],
'xtests' => undef,
},
@@ -1069,7 +680,7 @@ our %submit_info = (
@default_test_configure_args
},
- 'prereqs' => [ @default_prereqs, 'java-1.4.2_05' ],
+ 'prereqs' => [ @default_prereqs ],
'testclass' => [ @default_testclass ],
},
},
diff --git a/nmi_tools/nmi-build-platforms b/nmi_tools/nmi-build-platforms
index f321a64..5f96195 100644
--- a/nmi_tools/nmi-build-platforms
+++ b/nmi_tools/nmi-build-platforms
@@ -4,11 +4,11 @@
x86_64_deb_5.0
x86_64_deb_6.0
x86_64_macos_10.7
-x86_64_rhap_5.7
-x86_64_rhap_6.2
+x86_64_rhap_5.8
+x86_64_rhap_6.3
x86_64_winnt_6.1
x86_rhap_5.8
-x86_rhap_6.2
+x86_rhap_6.3
# We want to build all branches on Fedora because it is our "warning check" platform
x86_64_fedora_15
diff --git a/src/condor_utils/ipv6_hostname.cpp b/src/condor_utils/ipv6_hostname.cpp
index cfefb4b..9df81c8 100644
--- a/src/condor_utils/ipv6_hostname.cpp
+++ b/src/condor_utils/ipv6_hostname.cpp
@@ -286,16 +286,49 @@ MyString get_hostname(const condor_sockaddr& addr) {
return ret;
}
+// will this work for ipv6?
+// 1) maybe... even probably.
+// 2) i don't care
+
+bool verify_name_has_ip(MyString name, condor_sockaddr addr){
+ std::vector<condor_sockaddr> addrs;
+ bool found = false;
+
+ addrs = resolve_hostname(name);
+ dprintf(D_FULLDEBUG, "IPVERIFY: checking %s against %s\n", name.Value(), addr.to_ip_string().Value());
+ for(unsigned int i = 0; i < addrs.size(); i++) {
+ // compare MyStrings
+ // addr.to_ip_string
+ if(addrs[i].to_ip_string() == addr.to_ip_string()) {
+ dprintf(D_FULLDEBUG, "IPVERIFY: matched %s to %s\n", addrs[i].to_ip_string().Value(), addr.to_ip_string().Value());
+ found = true;
+ } else {
+ dprintf(D_FULLDEBUG, "IPVERIFY: comparing %s to %s\n", addrs[i].to_ip_string().Value(), addr.to_ip_string().Value());
+ }
+ }
+ dprintf(D_FULLDEBUG, "IPVERIFY: ip found is %i\n", found);
+
+ return found;
+}
+
std::vector<MyString> get_hostname_with_alias(const condor_sockaddr& addr)
{
- std::vector<MyString> ret;
+ std::vector<MyString> prelim_ret;
+ std::vector<MyString> actual_ret;
+
MyString hostname = get_hostname(addr);
if (hostname.IsEmpty())
- return ret;
- ret.push_back(hostname);
+ return prelim_ret;
+
+ // we now start to construct a list (prelim_ret) of the hostname and all
+ // the aliases. first the name itself.
+ prelim_ret.push_back(hostname);
if (nodns_enabled())
- return ret; // no need to call further DNS functions.
+ // don't need to verify this... the string is actually an IP here
+ return prelim_ret; // no need to call further DNS functions.
+
+ // now, add the aliases
hostent* ent;
//int aftype = addr.get_aftype();
@@ -309,14 +342,31 @@ std::vector<MyString> get_hostname_with_alias(const condor_sockaddr& addr)
// IPv6 addresses?
ent = gethostbyname(hostname.Value());
- if (!ent)
- return ret;
+ if (ent) {
+ char** alias = ent->h_aliases;
+ for (; *alias; ++alias) {
+ prelim_ret.push_back(MyString(*alias));
+ }
+ }
- char** alias = ent->h_aliases;
- for (; *alias; ++alias) {
- ret.push_back(MyString(*alias));
+ // WARNING! there is a reason this is implimented as two separate loops,
+ // so please don't try to combine them.
+ //
+ // calling verify_name_has_ip() will potentially overwrite static data that
+ // is referred to by ent->h_aliases (man 3 gethostbyname, see notes). so
+ // first, we push the name and then all aliases into the MyString vector
+ // prelim_ret, and then verify them in the following loop.
+
+ for (unsigned int i = 0; i < prelim_ret.size(); i++) {
+ if(verify_name_has_ip(prelim_ret[i], addr)) {
+ actual_ret.push_back(prelim_ret[i]);
+ } else {
+ dprintf(D_ALWAYS, "WARNING: forward resolution of %s doesn't match %s!\n",
+ prelim_ret[i].Value(), addr.to_ip_string().Value());
+ }
}
- return ret;
+
+ return actual_ret;
}
// look up FQDN for hostname and aliases.
