Here now my comments/thoughts on the various items.
[EMAIL PROTECTED] wrote:
Hi, coders. Working with the Redhat team to incorporate
several of their patches into the main code.
At this moment, the Redhat team starts with 5.1.2 release,
then provide a number of patches. Some of those patches are
very specific build patches. Other patches are a wee bit out
of date. There are a number of patches that are very specific,
and therefore easy to assess.
Here are several brief descriptions of the patches that are
part of net-snmp-5.1.2-6.src.rpm. Many are also found in
older 5.1.2 based source RPMs as well.
Us - me, representing Net-SNMP project
Your - Phil Knirsch and Radek Vokal at RedHat
If one were to cut a 5.1.3 release, these patches would
not be needed:
net-snmp-5.0.6-syslog.patch IN 5.1.2
net-snmp-5.0.8-ipv6-sock-close.patch IN 5.1.2
net-snmp-5.0.9-smux-stack-var.patch APPLIED
net-snmp-5.1-xs-label-iid.patch APPLIED (modified)
net-snmp-5.1.1-hr_storage-mbuf-v2.patch APPLIED
Have all been marked to be removed with 5.1.3 (5.1.2 doesn't contain the fixes yet ;-).
#-#-#-#-#-#-#-#
The sensors patch causes some concern, probably not suitable for us
1. It modifies HOST-RESOURCES-MIBS -- did your team check with
the current author of this MIB to test the change's correctness?
The Net-SNMP project would be setting a bad example if it
incorporated an out-of-sync MIB.
2. Instead of adding the lm_sensors code which was ported from
UCD-V4 work, why not use the ucd-snmp/lmSensors
already installed (fixes applied to net-snmp CVS)?
Agreed, patch has been removed and the ucd-snmp/lmSensors module included.
#-#-#-#-#-#-#-#
As noted, the ipv4-socks-close.patch should not be applied, since
the 5.1.2 base you now use already incorporated the fix.
Checked and marked to be removed.
#-#-#-#-#-#-#-#
net-snmp-5.0.6-libtool.patch Thanks for adding verbiage from the
bug list on this one. Makes it easier for us to choose.
That patch is required because of our buildmethod and having rpaths in binaries is a very bad idea securitywise (i could elaborate a little deeper, but trust me on this). You might ignore that patch for upstream, but in our build environment it's really necessary.
#-#-#-#-#-#-#-#
net-snmp-5.0.6-compat.patch
This header change for UCD_COMPATIBLE seems overdue.
Has been removed.
#-#-#-#-#-#-#-#
net-snmp-5.0.6-syslog.patch This patch is already in net-snmp CVS
Checked and marked to be removed.
#-#-#-#-#-#-#-#
net-snmp-5.0.8-ipv6-sock-close.patch Already in net-snmp CVS
Checked and marked to be removed.
#-#-#-#-#-#-#-#
net-snmp-5.0.8-readonly.patch
This change to netsnmp_wrap_up_request fixing a problem with
processing RO vs RW objects (I'm not sure) was applied in a different
source location.
I've reviewed the latest code in snmp_agent.c and can't find a place where you fix this somewhere else. Could you please be a little more specific so i can verify that our patch is obsolete?
#-#-#-#-#-#-#-#
net-snmp-5.0.9-HUP_doublefree.patch
The source currently handles this by commenting out
the netsnmp_handler_registration_free() call in netsnmp_register_old_api().
So, I would presume that it is no longer necessary ?
Yeah, looks like it. Hopefully it's now not leaking, but i assume that the fix is at least as good as our old patch, so has been marked for removal, too.
#-#-#-#-#-#-#-# net-snmp-5.0.9-smux-stack-var.patch In/out var not preset... We will apply this one.
Checked and marked to be removed.
#-#-#-#-#-#-#-#
net-snmp-5.1.1-hr_storage-mbuf-v2.patch
I've tested that Memory Buffers values appear when applied.
We will apply this one.
Checked and marked to be removed.
#-#-#-#-#-#-#-#
net-snmp-5.1.1-ipAdEntIfIndex.patch
Will adding struct in_ifaddr break compiles on RedHat 7.2 ?
See https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=119106
It's not about breaking compiles, it's about a real bug that the IfIndex on Linux sometimes is wrong.
#-#-#-#-#-#-#-#
net-snmp-5.1.1-pie.patch
"Men like pie!" What does "-pie" accomplish for linking ?
Pie is good for you. Makes you lean & mean. ;-) But in our case it actually stands for Position Independant Executable. Basically the counterpart to -pic but for binaries instead of for libraries. This is required for newer releases for exec-shield to work properly, which is a security feature (makes buffer overflows much harder to exploit).
#-#-#-#-#-#-#-#
net-snmp-5.1.1-quiet-memshared.patch
I would prefer wrapping using DEBUGMSGTL construct. Will Review.
This was only needed to prevent a message log flood, but i suspect there are tons of other places where one could do that, too, so again more fairly Red Hat specific patch.
#-#-#-#-#-#-#-# net-snmp-5.1.2-lelf.patch We will need to make this elf test "if not Linux"
Again as you say fairly Linux/Red Hat specific. IIRC the test just produces a wrong/unecessary result on our distro so it was removed.
#-#-#-#-#-#-#-#
net-snmp-5.1.2.rc1-agentx-little64.patch
Do you have a test that verifies this agent patch ?
See: http://sourceforge.net/tracker/index.php?func=detail&aid=996462&group_id=12694&atid=312694
and: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=130752
So this has actually been already commited to the CVS tree of net-snmp and is a required fix for little endian 64bit archs. So again when 5.1.3 comes out it will be dropped.
#-#-#-#-#-#-#-#
net-snmp-5.1-64bit.patch
Interesting that some of the changes are HPUX11 specific...
What is the origin of this patch?
Regardless, this may take longer to segue.
That patch originally came from AMD. They verified that these fixes were needed for their new AMD64 boxes. IIRC this is the 3rd revision of the patch, so it has been around for quite some time now in our rpms.
#-#-#-#-#-#-#-# net-snmp-5.1-async-getnext.patch Do you have a test for this Perl module patch ?
Again a patch from Kaj J. Niemi: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=111479
He didn't provide a test though, but i generally trust his patches and fixes.
#-#-#-#-#-#-#-# net-snmp-5.1-bsdcompat.patch Removing SO_BSDCOMPAT should be done in both places used. Patch does not address the code in snmpUDPIPv6Domain.c
Yep, true, patch should fix it in snmpUDPIPv6Domain.c as well. Not a biggie, will do soon.
#-#-#-#-#-#-#-#
net-snmp-5.1-libwrap.patch
The places where USE_LIBWRAP is applied should be consolidated.
Patch does not address "like" code in snmptrapd.c
See: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=77926
But i agree, it should fix the same code in snmptrapd.c, as with previous patch will take a look at it soon.
#-#-#-#-#-#-#-#
net-snmp-5.1-xs-label-iid.patch
This was recently applied in kind so that ALL results
of __get_label_iid are evaluated properly.
OK, verified that the current CVS tree contains these fixes, marked for removal.
#-#-#-#-#-#-#-# ucd-snmp-4.2.4.pre3-mnttab.patch This will need to be made Linux specific
Oh yeah, that's actually really very Red Hat specific because i only hit that problem when i run the packages through our buildsystems as every "real" system usually has an /etc/mnttab file but our buildroots do not. :( So you can savely ignore that patch completely for upstream i guess. ;-)
Thats all the comments so far. As i said, i'll extend two of the patches in the next release we put out and as soon as 5.1.3 is out we can drop an awfull lot of patches, too.
Read ya, Phil
-- Philipp Knirsch | Tel.: +49-711-96437-470 Development | Fax.: +49-711-96437-111 Red Hat GmbH | Email: Phil Knirsch <[EMAIL PROTECTED]> Hauptstaetterstr. 58 | Web: http://www.redhat.de/ D-70178 Stuttgart Motd: You're only jealous cos the little penguins are talking to me.
------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl _______________________________________________ Net-snmp-coders mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
