Hello community, here is the log from the commit of package sblim-sfcb.4008 for openSUSE:13.2:Update checked in at 2015-09-18 09:08:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.2:Update/sblim-sfcb.4008 (Old) and /work/SRC/openSUSE:13.2:Update/.sblim-sfcb.4008.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sblim-sfcb.4008" Changes: -------- New Changes file: --- /dev/null 2015-08-24 19:43:32.284261900 +0200 +++ /work/SRC/openSUSE:13.2:Update/.sblim-sfcb.4008.new/sblim-sfcb.changes 2015-09-18 09:08:18.000000000 +0200 @@ -0,0 +1,1112 @@ +------------------------------------------------------------------- +Wed Sep 2 07:41:37 UTC 2015 - mvet...@suse.com + +- Fix bsc#942628 lookupProviders() null pointer dereference: + sblim-sfcb-1.4.9-fix-null-deref.patch + +------------------------------------------------------------------- +Wed Sep 17 09:25:37 UTC 2014 - kkae...@suse.com + +- call service_add_pre unconditionally + +------------------------------------------------------------------- +Thu May 8 14:25:24 UTC 2014 - kkae...@suse.com + +- Pre-require aaa_base for /usr/sbin/service (bnc#874811) + +------------------------------------------------------------------- +Tue May 6 09:25:54 UTC 2014 - kkae...@suse.com + +- create /usr/sbin/rcsfcb, cmpi-provider-register depends on it + bnc#874811 + +------------------------------------------------------------------- +Fri Apr 25 10:02:31 UTC 2014 - kkae...@suse.com + +- Ensure cmpi-provider-register is present (bnc#874811) + +------------------------------------------------------------------- +Fri Mar 28 11:28:45 UTC 2014 - kkae...@suse.com + +- Update to 1.4.8 + New features: + - [sfcb-tix:#99] Add config property enableSslCipherServerPref + - [sfcb-tix:#101] Add config property indicationCurlUseExpect100 + - [sfcb-tix:#102] Add config property indicationCurlHonorRedirect + - [sfcb-tix:#105] Add config property embeddedObjectEncoding + + See README.conf for details about the new config properties + + Bugs fixed: + - [sfcb-tix:#94] Increase sigChldWaitTime + - [sfcb-tix:#95] Do not release pthread lock prior to stopBroker() exit + - [sfcb-tix:#89] Gracefully handle providers doing abort() + - [sfcb-tix:#96] Provider should close req handler on shutdown + - [sfcb-tix:#98] sfcbmofpp segfaults if mof file ends with block comment without newline + - [sfcb-tix:#100] Fix some compiler warnings & errors on newer distros + - [sfcb-tix:#103] Unsafe usage of strncpy in providerRegister.c + +- Patches dropped + 0009-Catch-SIGABRT.patch - upstream + 0011-Can-t-use-srcdir-in-TESTS.patch - upstream + +------------------------------------------------------------------- +Tue Jan 7 15:11:12 UTC 2014 - kkae...@suse.com + +- Fix SLE10 build + +------------------------------------------------------------------- +Thu Jan 2 10:10:24 UTC 2014 - kkae...@suse.com + +- Update to 1.4.7 + New features: (see README.conf) + - [sfcb-tix:#86] Support configurable SSL Diffie Hellman parameters file + - [sfcb-tix:#87] Support configurable SSL ECDH elliptic curve name + - [sfcb-tix:#76] Identify running SFCB processes in ps output + + Bugs fixed: + - [sfcb-tix:#81] Bad CMPIType assignment in cimXmlOps + - [sfcb-tix:#82] ClientEnvFT for SfcbLocal doesn't match SFCC + - [sfcb-tix:#83] Add Alternate getObjectPath() for SfcbLocal Connections + - [sfcb-tix:#84] Upcall mutex not freed on shutdown + - [sfcb-tix:#85] SFCB: SfcbLocal interface should expose markHeap() and releaseHeap() + - [sfcb-tix:#88] Ensure unique semaphore keys across multiple http adapters + - [sfcb-tix:#92] indicationDeliveryThreadLimit not properly enforced + - [sfcb-tix:#93] ProfileProvider segfault while stopping slpUpdate thread + - [sfcb-tix:#90] Problems with enableInteroOp=false + +- rebased and cleaned up patch list + Patches dropped (upstreamed): + 0001-Makefile.am-add-autoconfiscate.sh-to-dist.patch + 0003-providerMgr-add-prototypes.patch + 0005-Return-value-from-non-void-function.patch + 0006-Configurable-local-socket-group-permission-for-daemo.patch + 0007-Check-for-existance-of-autoconfiscate.sh-before-call.patch + 0015-Fix-startup-without-interop-namespace.patch + + Patches rebased: + 0001-Makefile.am-Honor-build-environment.patch + 0002-Enable-broker.LogMessage-and-broker.trace.patch + 0006-Define-YYPARSE_PARAM-early-for-cimXmlOps-and-cimXmlP.patch + 0007-Don-t-crash-if-class-repo-is-not-initialized.patch + 0008-Increase-max-trace-msg-len-to-4096.patch + 0009-Catch-SIGABRT.patch + 0010-Properly-shut-down-if-provider-crashed.patch + 0011-Can-t-use-srcdir-in-TESTS.patch + +------------------------------------------------------------------- +Thu Dec 19 10:55:15 UTC 2013 - kkae...@suse.com + +- BuildRequires sblim-sfcCommon-devel + +------------------------------------------------------------------- +Thu Nov 28 10:05:31 UTC 2013 - kkae...@suse.com + +- Added patches (pending upstream) + - 0001-Define-YYPARSE_PARAM-early-for-cimXmlOps-and-cimXmlP.patch + - 0001-sfcb-tix-61-classProviderSf.c-SIGSEGV-if-repo-is-not.patch + - 0004-Makefile.am-Honor-build-environment.patch + - 0005-providerMgr-add-prototypes.patch + - 0006-Enable-broker.LogMessage-and-broker.trace.patch + - 0008-fileRepository-show-which-directory-could-not-be-ope.patch + - 0011-Configurable-local-socket-group-permission-for-daemo.patch + - 0014-Ignore-sblim-sfcb.service.pre.patch + - 0015-Reflect-provider-information-in-ps-via-argv.patch + - 0019-Fix-segfault-in-classProviderSf.c-sfcb-tix-61.patch + - 0021-Increase-max-trace-msg-len-to-4096.patch + - cant-use-srcdir-in-tests.patch + - interop-debug.patch + - strip-postinstall.patch + +------------------------------------------------------------------- +Thu Nov 28 10:04:46 UTC 2013 - kkae...@suse.com + +- Dropped patches (included upstream) + - 0004-Don-t-call-tool_mm_flush-during-OPS_LoadProvider.patch + - 0006-Reflect-provider-information-in-ps-via-argv.patch + - 26000-tix69-bnc830525-No-logger-pipe-for-sfcblocal.patch + - fix-mofc-include-patch.patch + - pending-upstream.patch + - sblim-resource.patch + +------------------------------------------------------------------- +Thu Nov 28 10:00:48 UTC 2013 - kkae...@suse.com + +- Changes in 1.4.6 + ================ + + New features: + - [sfcb-tix:#64] Support maxObjCount for HTTP chunking + - [sfcb-tix:#70] Reload SSL context-without restarting httpd + + Bugs fixed: + - [sfcb-tix:#61] classProviderSf.c SIGSEGV if repo is not initialized + - [sfcb-tix:#63] Improve NamespaceProvider and ClassProvider Consistency + - [sfcb-tix:#66] SFCB_TRACE_VAR should be more restrictive + - [sfcb-tix:#60] fix providerMgr trace for localconnect + - [sfcb-tix:#68] reinitialize select timeout in SSL handshake + - [sfcb-tix:#79] sfcc cannot reconnect with sfcb if sfcb restarts + [bugs:#2663] + - [sfcb-tix:#69] Fix logger for long-lived clients, was: "#2347 Don't + spawn logger for clients" + - [sfcb-tix:#72] Make systemddir configurable + - [sfcb-tix:#74] providerRegister: check for and prevent buffer + overflows + - [sfcb-tix:#75] fileRepository: show which directory could not be + opened + - [sfcb-tix:#78] Missing null check in ift_getObjectPath, transposed + debug stmts in memAlloc + - [sfcb-tix:#78] Simplify mutex handling in instance.c + - [sfcb-tix:#77] Fix prototype for stopBroker + - [sfcb-tix:#80] sfcc cannot reconnect with sfcb + + +- Changes in 1.4.5 + ================ + + New features: + - [sfcb-tix:#44] Escape XML for Embedded Instances Instead of Using CDATA + - [sfcb-tix:#48] mofc: Allow absoltute paths in #pragma include + - [sfcb-tix:#52] ABT core check + - [sfcb-tix:#55] make install should not overwrite sfcb.cfg + - [sfcb-tix:#59] Improve httpAdapter error handling + + Bugs fixed: + - [sfcb-tix:#31] TestAssociationProvider can cause some queries to fail + - [sfcb-tix:#32] Provider Mgr trace should id the provider being called + - [sfcb-tix:#36] Add Pulled Enums test provider + - [sfcb-tix:#38] providerRegister:locateProvider() is unused + - [sfcb-tix:#40] Add valgrind test (implemented only for the "none" + init script at this time) + - [sfcb-tix:#41] Global IndicationService + - [sfcb-tix:#46] Error parsing CDATA with no whitespace + - [sfcb-tix:#47] Pulled Enumeration support - CIMXML parser + - [sfcb-tix:#37] indCIMXmlHandler coredumps in IndCIMXMLHandlerInvokeMethod + - [sfbb-tix:#51] Malformed OP causes segfault + - [sfcb-tix:#49] Cannot return EmbeddedInstance property from provider + - [sfcb-tix:#53] SFCB may not start if runtime does not support IPv6 + - [sfcb-tix:#54] Fix for sfcbproc.c + - [sfcb-tix:#18] disable default properties breaks test. Modified + failing tests, also made test case insensitive and fixed result + file naming. + - [sfcb-tix:#56] Intermittent segfault at shutdown Relocate trace_stop + due to timing issue on shmdt() call + - [sfcb-tix:#12] Support HTTP Expect: 100-continue header + - [sfcb-tix:#11] Remove unnecessary casts for allocs + - [sfcb-tix:#58] sfcbdump test fails. Remove local test classSchemas + file and use installed one instead. ++++ 915 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:13.2:Update/.sblim-sfcb.4008.new/sblim-sfcb.changes New: ---- 0001-Makefile.am-Honor-build-environment.patch 0002-Enable-broker.LogMessage-and-broker.trace.patch 0006-Define-YYPARSE_PARAM-early-for-cimXmlOps-and-cimXmlP.patch 0007-Don-t-crash-if-class-repo-is-not-initialized.patch 0008-Increase-max-trace-msg-len-to-4096.patch 0010-Properly-shut-down-if-provider-crashed.patch README.conf autoconfiscate.sh sblim-sfcb-1.4.8-fix-null-deref.patch sblim-sfcb-1.4.8.tar.bz2 sblim-sfcb-rpmlintrc sblim-sfcb.changes sblim-sfcb.init sblim-sfcb.spec sfcb-pam.conf susefirewall.conf ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sblim-sfcb.spec ++++++ # # spec file for package sblim-sfcb # # Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %if 0%{?suse_version} > 1140 || 0%{?fedora_version} > 14 %define has_systemd 1 %else %define has_systemd 0 %endif BuildRoot: %{_tmppath}/%{name}-%{version}-build Summary: Small Footprint CIM Broker License: EPL-1.0 Group: System/Management Name: sblim-sfcb Version: 1.4.8 Release: 0 %define srcversion 1.4.8 Url: http://sblim.sf.net/ Source0: %{name}-%{srcversion}.tar.bz2 Source1: autoconfiscate.sh %if 0%{?suse_version} Source2: sblim-sfcb.init %endif Source4: sfcb-pam.conf Source5: %{name}-rpmlintrc Source6: susefirewall.conf Source7: README.conf # SUSE build service Patch1: 0001-Makefile.am-Honor-build-environment.patch Patch2: 0002-Enable-broker.LogMessage-and-broker.trace.patch # fixes local build Patch6: 0006-Define-YYPARSE_PARAM-early-for-cimXmlOps-and-cimXmlP.patch Patch7: 0007-Don-t-crash-if-class-repo-is-not-initialized.patch Patch8: 0008-Increase-max-trace-msg-len-to-4096.patch Patch10: 0010-Properly-shut-down-if-provider-crashed.patch # bsc#942628 Patch11: sblim-sfcb-1.4.8-fix-null-deref.patch Provides: cim-server Provides: cimserver BuildRequires: cmpi-devel BuildRequires: curl BuildRequires: gcc-c++ BuildRequires: libstdc++-devel BuildRequires: openssl BuildRequires: sblim-sfcCommon-devel %if 0%{?suse_version} >= 1030 BuildRequires: libcurl-devel %else BuildRequires: curl-devel %endif BuildRequires: cim-schema BuildRequires: libtool BuildRequires: openssl-devel BuildRequires: pam-devel BuildRequires: sblim-sfcc-devel BuildRequires: zlib-devel %if 0%{?rhel_version} == 0 && 0%{?centos_version} == 0 BuildRequires: openslp-devel %endif BuildRequires: bison BuildRequires: flex BuildRequires: unzip %if 0%{?suse_version} >= 1140 %if 0%{?has_systemd} == 0 Requires: sysvinit-tools %endif %endif %if 0%{?has_systemd} BuildRequires: systemd %{?systemd_requires} # for /usr/sbin/service Requires(pre): aaa_base %endif Requires: curl %if 0%{?suse_version} < 1120 # unneeded explicit lib dependency Requires: zlib %endif Requires: openssl Requires: pam # Added NWP - dependency on cim-schema instead of inbuilt schema Requires: cim-schema PreReq: /usr/sbin/groupadd PreReq: /usr/sbin/groupmod PreReq: cmpi-provider-register > 1.0 %description Small Footprint CIM Broker (sfcb) is a CIM server conforming to the CIM Operations over HTTP protocol. It is robust, with low resource consumption and therefore specifically suited for embedded and resource constrained environments. sfcb supports providers written against the Common Manageability Programming Interface (CMPI). %prep %setup -q -n %{name}-%{srcversion} cp %{S:1} . cp %{S:7} . %patch1 -p1 %patch2 -p1 %patch6 -p1 %patch7 -p1 %patch8 -p1 %patch10 -p1 %patch11 -p0 export PATCH_GET=0 %build autoreconf -f -i # 1.3.6 tarball seems incomplete. (issue #2931327 upstream) # might be able to remove the following workaround in a future version. #mkdir -p test/finaltest #mkdir -p test/TestProviders/tests #mkdir -p test/commands #mkdir -p test/wbemcli #mkdir -p test/xmltest #mkdir -p test/unittest #mkdir -p test/slptest #mkdir -p test/localtests #touch test/finaltest/Makefile.in #touch test/TestProviders/tests/Makefile.in #touch test/commands/Makefile.in #touch test/wbemcli/Makefile.in #touch test/xmltest/Makefile.in #touch test/unittest/Makefile.in #touch test/slptest/Makefile.in #touch test/localtests/Makefile.in if test -d mofc; then cd mofc && autoreconf -f -i; cd ..; fi #%%configure --enable-debug --enable-ssl --enable-pam --enable-ipv6 CIMSCHEMA_SOURCE=%{SOURCE1} CIMSCHEMA_MOF=cimv216.mof CIMSCHEMA_SUBDIRS=y mkdir -p m4 %if 0%{?rhel_version} == 0 && 0%{?centos_version} == 0 WITH_SLP=--enable-slp %else WITH_SLP= %endif export SFCB_DIR=`pwd` export SYSTEMDDIR=%{_unitdir} %configure --enable-debug --enable-ssl --enable-pam --enable-ipv6 \ --enable-uds $WITH_SLP \ --enable-large_volume_support \ --enable-optimized-enumeration \ --enable-cim-rs \ --enable-relax-mofsyntax echo "exit 0" > getSchema.sh make %install export SYSTEMDDIR=$RPM_BUILD_ROOT/%{_unitdir} %if 0%{?has_systemd} mkdir -p $RPM_BUILD_ROOT/%{_unitdir} %endif # SLE10 'make install' does not create /etc/sfcb %if 0%{?suse_version} == 1010 mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/sfcb %endif make install DESTDIR=$RPM_BUILD_ROOT make postinstall DESTDIR=$RPM_BUILD_ROOT # comment out - NWP - removing schema pkg #make DESTDIR=$RPM_BUILD_ROOT install-cimschema # remove docs from wrong dir. They are handled by %doc macro in files list rm -r $RPM_BUILD_ROOT/usr/share/doc # remove cmpi-devel rm -rf $RPM_BUILD_ROOT/usr/include/cmpi # remove unused libtool files rm -f $RPM_BUILD_ROOT/%{_libdir}/*a # make the cmpi directory that sfcb will own - for SuSE Autobuild checks of rpm directory ownership mkdir $RPM_BUILD_ROOT/%{_libdir}/cmpi %if 0%{?has_systemd} # sblim-sfcb.service, sfcbd.service, and sfcb.service are all aliases (cd $RPM_BUILD_ROOT/%{_unitdir}; ln -sf sblim-sfcb.service sfcbd.service; ln -sf sblim-sfcb.service sfcb.service) # remove the default-installed sfcb init script rm -f $RPM_BUILD_ROOT/etc/init.d/sfcb # create /usr/sbin/rcsfcb, esp. for cmpi-provider-register ln -sf %{_sbindir}/service $RPM_BUILD_ROOT%{_sbindir}/rcsfcb %else %if 0%{?suse_version} # override the default-installed sfcb init script - use the one from Source2 # due to /etc/SuSE-release not available in autobuild, so won't install # correct init script install %SOURCE2 $RPM_BUILD_ROOT/etc/init.d/sfcb ln -s /etc/init.d/sfcb $RPM_BUILD_ROOT/usr/sbin/rcsfcb %endif %endif # Added NWP 5/14/08 - transition to using cim-schema rpm instead of internal-built schema ln -sf /usr/share/mof/cim-current $RPM_BUILD_ROOT/%{_datadir}/sfcb/CIM install -m 0644 %SOURCE4 $RPM_BUILD_ROOT/etc/pam.d/sfcb rm $RPM_BUILD_ROOT%{_libdir}/sfcb/*.la %if 0%{?suse_version} > 1010 # firewall service definition mkdir -p $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services install -m 0644 %SOURCE6 $RPM_BUILD_ROOT/etc/sysconfig/SuSEfirewall2.d/services/sblim-sfcb %endif echo "%defattr(-,root,root)" > _pkg_list # Added NWP 5/14/08 - moved from 'files schema' echo "%dir %{_datadir}/sfcb/" >> _pkg_list find $RPM_BUILD_ROOT/%{_datadir}/sfcb -type f | grep -v $RPM_BUILD_ROOT/%{_datadir}/sfcb/CIM >> _pkg_list # Added next line - NWP - declaring link to CIM as part of pkg echo "%{_datadir}/sfcb/CIM" >> _pkg_list # end add NWP sed s?$RPM_BUILD_ROOT??g _pkg_list > _pkg_list_2 mv -f _pkg_list_2 _pkg_list echo "%dir %{_libdir}/cmpi/" >> _pkg_list echo "%dir %{_sysconfdir}/sfcb/" >> _pkg_list echo "%dir %{_libdir}/sfcb" >> _pkg_list echo "%config %{_sysconfdir}/sfcb/*" >> _pkg_list echo "%config %{_sysconfdir}/pam.d/*" >> _pkg_list %if 0%{?suse_version} > 1010 echo "%config %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services/sblim-sfcb" >> _pkg_list %endif echo "%doc README COPYING AUTHORS" >> _pkg_list echo "%doc README.conf" >> _pkg_list echo "%doc %{_datadir}/man/man1/*" >> _pkg_list %if 0%{?has_systemd} echo "%{_unitdir}/sblim-sfcb.service" >> _pkg_list echo "%{_unitdir}/sfcb.service" >> _pkg_list echo "%{_unitdir}/sfcbd.service" >> _pkg_list %else echo "%{_sysconfdir}/init.d/sfcb" >> _pkg_list %endif echo "%{_localstatedir}/lib/sfcb" >> _pkg_list echo "%{_bindir}/*" >> _pkg_list echo "%{_sbindir}/*" >> _pkg_list echo "%{_libdir}/sfcb/*.so*" >> _pkg_list echo ======================================= cat _pkg_list %clean %{__rm} -rf $RPM_BUILD_ROOT %pre /usr/sbin/groupadd -r sfcb >/dev/null 2>&1 || : /usr/sbin/groupmod -A root sfcb >/dev/null 2>&1 || : # cleanup up schema directory (bnc#590196) if [ -d %{_datadir}/sfcb/CIM -a \( \! -L /usr/share/sfcb/CIM \) ] then rm -rf %{_datadir}/sfcb/CIM fi # follow http://en.opensuse.org/openSUSE:Systemd_packaging_guidelines %if 0%{?has_systemd} %service_add_pre sfcbd.service %endif %post test -n "$FIRST_ARG" || FIRST_ARG=$1 %if 0%{?has_systemd} %{_datadir}/sfcb/genSslCert.sh %{_sysconfdir}/sfcb %service_add_post sfcbd.service %else #removed NWP, placed into init script for first service startup #%{_datadir}/sfcb/genSslCert.sh %{_sysconfdir}/sfcb %if 0%{?suse_version} %{fillup_and_insserv -f sfcb} %endif %endif if test "$FIRST_ARG" -eq 1 ; then sfcbrepos -f 2> /dev/null || : fi # else we do it in postun instead. /sbin/ldconfig exit 0 %preun %if 0%{?has_systemd} %service_del_preun sfcbd.service %else %stop_on_removal sfcb %endif %postun test -n "$FIRST_ARG" || FIRST_ARG=$1 /sbin/ldconfig if test "$FIRST_ARG" -ge 1 ; then sfcbrepos -f 2> /dev/null || : fi %if 0%{?has_systemd} %service_del_postun sfcbd.service %else %restart_on_update sfcb %insserv_cleanup %endif %files -f _pkg_list %changelog ++++++ 0001-Makefile.am-Honor-build-environment.patch ++++++ >From 074d1140eaa2f48f401e26ef736686cca9843d49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkae...@suse.de> Date: Wed, 18 Aug 2010 11:20:53 +0200 Subject: [PATCH 01/11] Makefile.am: Honor build environment --- Makefile.am | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/Makefile.am b/Makefile.am index 9554155e3211..d91036fd9462 100644 --- a/Makefile.am +++ b/Makefile.am @@ -555,11 +555,15 @@ dist-hook: install-cimschema: getSchema.sh test -d $(DESTDIR)$(sfcbdatadir) || $(mkdir_p) $(DESTDIR)$(sfcbdatadir) - sh getSchema.sh -f $(DESTDIR)$(sfcbdatadir) + if test ! -f /.buildenv; then \ + sh getSchema.sh -f $(DESTDIR)$(sfcbdatadir); \ + fi; create-sslkeys: if SSL - $(sfcbdatadir)/genSslCert.sh $(sfcbconfdir) + if test ! -f /.buildenv; then \ + $(sfcbdatadir)/genSslCert.sh $(sfcbconfdir); \ + fi; endif footprint-sloc: -- 1.8.1.4 ++++++ 0002-Enable-broker.LogMessage-and-broker.trace.patch ++++++ >From f84cc8ed658db1430c0b6c8ac724ff2e27be67c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkae...@suse.de> Date: Thu, 5 Aug 2010 12:23:45 +0200 Subject: [PATCH 02/11] Enable broker.LogMessage and broker.trace --- brokerEnc.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/brokerEnc.c b/brokerEnc.c index 9115e71d0d3d..32e7345afb64 100644 --- a/brokerEnc.c +++ b/brokerEnc.c @@ -219,19 +219,21 @@ __beft_getMessage(const CMPIBroker * broker, static CMPIStatus __beft_logMessage (const CMPIBroker * broker, int severity, const char *id, - const char *text, const CMPIString *string) { - CMPIStatus rc = { CMPI_RC_ERR_NOT_SUPPORTED, NULL }; - _SFCB_ENTER(TRACE_ENCCALLS, "logMessage"); - _SFCB_TRACE(1, ("This operation is not yet supported.")); + const char *text, const CMPIString *string) +{ + CMPIStatus rc = {CMPI_RC_OK,NULL}; + _SFCB_ENTER(TRACE_ENCCALLS,id); + _SFCB_TRACE(severity,((char *)text)); _SFCB_RETURN(rc); } static CMPIStatus __beft_trace (const CMPIBroker * broker, int level, const char *component, - const char *text, const CMPIString *string) { - CMPIStatus rc = { CMPI_RC_ERR_NOT_SUPPORTED, NULL }; - _SFCB_ENTER(TRACE_ENCCALLS, "trace"); - _SFCB_TRACE(1, ("This operation is not yet supported.")); + const char *text, const CMPIString *string) +{ + CMPIStatus rc = {CMPI_RC_OK,NULL}; + _SFCB_ENTER(TRACE_ENCCALLS,component); + _SFCB_TRACE(level,((char *)text)); _SFCB_RETURN(rc); } -- 1.8.1.4 ++++++ 0006-Define-YYPARSE_PARAM-early-for-cimXmlOps-and-cimXmlP.patch ++++++ >From d086e3093f6f79c48aa4ff705e782fcf5848d5b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkae...@suse.de> Date: Tue, 16 Jul 2013 11:17:01 +0200 Subject: [PATCH 06/11] Define YYPARSE_PARAM early for cimXmlOps and cimXmlParser --- cimXmlParser.h | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cimXmlParser.h b/cimXmlParser.h index 3a89cd1772b2..786a2703e0ea 100644 --- a/cimXmlParser.h +++ b/cimXmlParser.h @@ -35,6 +35,8 @@ #include <providerMgr.h> #include "cimRequest.h" +#define YYPARSE_PARAM parm + // TODO these need to be defined in cmpidt.h in cmpi-base... # define CMPI_FLAG_ContinueOnError 16 # define CMPI_FLAG_ReturnQueryResultClass 32 -- 1.8.1.4 ++++++ 0007-Don-t-crash-if-class-repo-is-not-initialized.patch ++++++ >From f798f3f85546206ec6ae81f9a61d7c6b393a604a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkae...@suse.de> Date: Thu, 8 Aug 2013 12:25:35 +0200 Subject: [PATCH 07/11] Don't crash if class repo is not initialized --- classProviderSf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/classProviderSf.c b/classProviderSf.c index 9b0de415eb0f..e1b83a063b3b 100644 --- a/classProviderSf.c +++ b/classProviderSf.c @@ -723,7 +723,7 @@ getResolvedClass(ClassRegister * cr, const char *clsName, _SFCB_TRACE(1, ("--- classname %s cReg %p", clsName, cr)); /* if standard repo, skip straight to normal gc */ - if (cr->vr->options != ClTypeClassReducedRep) { + if (cr->vr && cr->vr->options != ClTypeClassReducedRep) { return getClass(cr, clsName, rctl); } -- 1.8.1.4 ++++++ 0008-Increase-max-trace-msg-len-to-4096.patch ++++++ >From 6ef8e7325be337c951900238bc3ac3ec3846885e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkae...@suse.de> Date: Wed, 28 Aug 2013 15:20:53 +0200 Subject: [PATCH 08/11] Increase max trace msg len to 4096 --- trace.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/trace.h b/trace.h index 2c6d8beb92ab..970043b977e4 100644 --- a/trace.h +++ b/trace.h @@ -132,7 +132,7 @@ typedef struct traceId { void changeTextColor(int reset); int colorTrace; -#define MAX_MSG_SIZE 1024 /* max length of trace message */ +#define MAX_MSG_SIZE 4096 /* max length of trace message */ #define TRACE_PROVIDERMGR 1 #define TRACE_PROVIDERDRV 2 -- 1.8.1.4 ++++++ 0010-Properly-shut-down-if-provider-crashed.patch ++++++ >From 94411523d1eecff4ab15e6958552c8f18671daba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Klaus=20K=C3=A4mpf?= <kkae...@suse.de> Date: Fri, 15 Nov 2013 12:56:04 -0500 Subject: [PATCH 10/11] Properly shut down if provider crashed --- sfcBroker.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sfcBroker.c b/sfcBroker.c index 5063415ef883..c2e33dcc49d9 100644 --- a/sfcBroker.c +++ b/sfcBroker.c @@ -259,7 +259,9 @@ stopBroker(void *p) if (stopNextProc()) { pthread_cond_timedwait(&sdCnd, &sdMtx, &waitTime); } - // else providersStopped=1; + else { + providersStopped=1; + } pthread_mutex_unlock(&sdMtx); } if (providersStopped) -- 1.8.1.4 ++++++ README.conf ++++++ There are a couple of new sfcb.cfg properties: * sslDhParamsFilePath supports the use of an external Diffie Hellman (DH) parameters file, and sslEcDhCurveName allows the user to set the "curve name" for Elliptic Curve Diffie Hellman (ECDH) key generation. These options can be used with openssl cipher suites supporting "ephemeral" Diffie Hellman (DHE) key exchange algorithms. Ephemeral key exchange enhances security by decoupling the private key used to generate the session key, from the private key associated with the server certificate. This provides "forward secrecy" while maintaining a key exchange algorithm compatible with a conventional RSA-based server certificate. See the .cfg file comments for more info. * SFCB_LABELPROCS Perhaps the most fun new feature is SFCB_LABELPROCS. This will label each SFCB process by adding some identifying information to the cmdline so that it appears in 'ps' output. This provides an easy way to identify each running SFCB process without having to rely on the "sfcb-ps.sh" or "sfcbproc" utilities. This really enhances visibility and is a great troubleshooting tool. Further, when using the ps command's -T or H options, you can see a labeled view with thread-level granularity, which is something you can't really do with "sfcb-ps.sh" or "sfcbproc". (Individual threads are not labeled per se; that is, each thread of a process has the same label. But you can easily see which threads belong to which process, and you can see the individual thread ids for each.) For example, before starting sfcb: $ export SFCB_LABELPROCS=100 Get a view of running sfcb processes: $ watch 'ps -efT H | grep sfcb[d]' Thanks to all who contributed to this release, especially Chris who fixed up the SFCC issues and Klaus Kampf who made a big contribution to LABELPROCS. New features for 1.4.8 For new features: There is new config property * enableSslCipherServerPref which allows a fine adjustment in the selection of cipher suite on the connection, by enforcing the server's order of preference instead of the client's (as is the case by default). In general, the selection of cipher suite is determined by the openssl library based on the "cipher list" provided to the client and the server. SFCB's cipher list is set using the "sslCiphers" config property. Remember, you can use the openssl "s_client" tool to check the actual cipher used on the connection, for a given configuration at client and server. See the .cfg file comments for more info. There a a couple of new properties to control the behavior of the indication sender: * indicationCurlUseExpect100 and * indicationCurlHonorRedirect. This will have little or no impact for most environments but users should be aware we shut off curl's use of the HTTP Expect:100-continue by default. This eliminates a short delay on indication send that is not desirable unless Expect:100-continue behavior is really being used. For those who do rely on this behavior it can be reenabled with indicationCurlUseExpect100. It can be useful in conjunction with HTTP redirect, for example, which can now be enabled via the indicationCurlHonorRedirect property. See https://sourceforge.net/p/sblim/sfcb-tix/101/ for more info. On the aforementioned improvements: SFCB tix #94 is an attempt to reduce the likelihood of shutdown hang due to an inter-thread signal being missed, as can happen if shutdown occurs under particularly gnarly conditions. #95 is a tweak that tends to prevent a (benign but) annoying core dump at the end of shutdown. #89 improves providerDvr's handling and recovery when providers crash, making a req handler less likely to hang. And #96 is an attempt to also not hang a req handler when there is a request outstanding at shutdown, which can in fact hang the whole shutdown. Because these changes reduce but do not entirely eliminate the possibility of a req handler hang, it is determined we ultimately need some sort of configurable req handler timeout. This is under development but will have to wait until the next release! Watch this space for updates: https://sourceforge.net/p/sblim/sfcb-tix/97/. Thanks to Klaus from Novell for goals/assists on all of the new shutdown patches! And thanks to the others who contributed to this release. ++++++ autoconfiscate.sh ++++++ #!/bin/sh aclocal --force && autoheader --force && libtoolize --force && automake -af && autoconf --force && #if test -d test; then cd test && ./autoconfiscate.sh && cd ..; fi if test -d mofc; then cd mofc && ./autoconfiscate.sh; fi if test -d cmpi-devel; then cd cmpi-devel && ./autoconfiscate.sh; fi ++++++ sblim-sfcb-1.4.8-fix-null-deref.patch ++++++ --- providerMgr.c 2014-03-27 00:46:30.000000000 +0100 +++ providerMgr.c.fixed 2015-09-02 09:39:46.900346726 +0200 @@ -355,6 +355,9 @@ _SFCB_ENTER(TRACE_PROVIDERMGR, "lookupProviders"); + if (className == NULL) + _SFCB_RETURN(NULL); + id = malloc(strlen(nameSpace) + strlen(className) + 8); strcpy(id, nameSpace); strcat(id, "|"); ++++++ sblim-sfcb-rpmlintrc ++++++ addFilter("devel-file-in-non-devel-package .*/sfcb/.*\.so") ++++++ sblim-sfcb.init ++++++ #!/bin/bash # # $Id: sfcb.init-suse.in,v 1.3 2005/07/28 08:09:38 mihajlov Exp $ # ### BEGIN INIT INFO # Provides: sfcb # Required-Start: $syslog $remote_fs # Required-Stop: $syslog $remote_fs # Default-Start: 3 5 # Default-Stop: 0 1 2 6 # Short-Description: Small Footprint CIM Broker Service # Description: Manage the sfcb Service ### END INIT INFO # Source function library. . /etc/rc.status function preload_pam_misc_so() { for dir in /lib64 /lib; do if test -e $dir/libpam_misc.so.0; then export LD_PRELOAD=$dir/libpam_misc.so.0 break; fi; done; } echo $PATH | grep -q /usr/sbin ||PATH=/usr/sbin:$PATH if [ -z "$LD_LIBRARY_PATH" ] || echo $LD_LIBRARY_PATH | grep -qv /usr/lib then LD_LIBRARY_PATH=/usr/lib:$LD_LIBRARY_PATH export LD_LIBRARY_PATH fi start() { echo -n "Starting sfcb: " preload_pam_misc_so # generate certificate if [ ! -f "/etc/sfcb/server.pem" ]; then if [ -f "/etc/ssl/servercerts/servercert.pem" \ -a -f "/etc/ssl/servercerts/serverkey.pem" ]; then echo "Using common server certificate /etc/ssl/servercerts/servercert.pem" ln -s /etc/ssl/servercerts/servercert.pem /etc/sfcb/server.pem ln -s /etc/ssl/servercerts/servercert.pem /etc/sfcb/client.pem ln -s /etc/ssl/servercerts/serverkey.pem /etc/sfcb/file.pem else echo "Generating SFCB server public certificate and private key" FQDN=`hostname --fqdn` if [ "x${FQDN}" = "x" ]; then FQDN=localhost.localdomain fi /usr/share/sfcb/genSslCert.sh /etc/sfcb #cat << EOF | sh /usr/share/sfcb/genSslCert.sh /etc/sfcb > /dev/null 2>&1 #-- #SomeState #SomeCity #SomeOrganization #SomeOrganizationalUnit #${FQDN} #root@${FQDN} #EOF fi fi # end generate certificate startproc /usr/sbin/sfcbd -d rc_status -v } stop() { echo -n "Shutting down sfcb: " killproc sfcbd rc_status -v } reload() { echo -n "Reloading sfcb configuration: " killproc -HUP sfcbd rc_status -v } case "$1" in start) start ;; stop) stop ;; status) echo -n "Checking for Small Footprint CIM Broker (SFCB): " checkproc sfcbd rc_status -v ;; restart) stop start ;; reload) reload ;; try-restart|condrestart) $0 status if test $? = 0; then $0 restart else rc_reset fi rc_status ;; *) echo "Usage: sfcb {start|stop|status|reload|restart|condrestart}" exit 1 ;; esac exit $? ++++++ sfcb-pam.conf ++++++ # Sample PAM Configuration for Small Footprint CIM Broker auth required pam_succeed_if.so quiet_success user ingroup sfcb auth required pam_localuser.so auth include common-auth account include common-account password include common-password session include common-session ++++++ susefirewall.conf ++++++ # SuSEfirewall2 service definition ## Name: sblim-sfcb CIMOM ## Description: Small footprint CIM broker # space separated list of allowed TCP ports TCP="5988 5989" UDP="5988 5989"