CentOS Sources
2 years ago
committed by
MSVSphere Packaging Team
commit
29585c86c9
@ -0,0 +1,2 @@
|
||||
SOURCES/libguestfs.keyring
|
||||
SOURCES/nbdkit-1.32.5.tar.gz
|
||||
@ -0,0 +1,2 @@
|
||||
cc1b37b9cfafa515aab3eefd345ecc59aac2ce7b SOURCES/libguestfs.keyring
|
||||
c8260e2f6fb16a16cefe0cf670fc5a0f41dd7110 SOURCES/nbdkit-1.32.5.tar.gz
|
||||
@ -0,0 +1,31 @@
|
||||
From e0e592775911ebe2178b04b4b20f95fea2f2fe9c Mon Sep 17 00:00:00 2001
|
||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||
Date: Thu, 5 Jan 2023 16:05:33 +0000
|
||||
Subject: [PATCH] ssh: Remove left over comment
|
||||
|
||||
This comment was left over from when I copied the libssh example code.
|
||||
It adds no value so remove it.
|
||||
|
||||
(cherry picked from commit c93a8957efcc26652b31f5bc359dfd3c4019b4f8)
|
||||
---
|
||||
plugins/ssh/ssh.c | 4 ----
|
||||
1 file changed, 4 deletions(-)
|
||||
|
||||
diff --git a/plugins/ssh/ssh.c b/plugins/ssh/ssh.c
|
||||
index 6cf40c26..aaa7c2b9 100644
|
||||
--- a/plugins/ssh/ssh.c
|
||||
+++ b/plugins/ssh/ssh.c
|
||||
@@ -356,10 +356,6 @@ authenticate (struct ssh_handle *h)
|
||||
if (rc == SSH_AUTH_SUCCESS) return 0;
|
||||
}
|
||||
|
||||
- /* Example code tries keyboard-interactive here, but we cannot use
|
||||
- * that method from a server.
|
||||
- */
|
||||
-
|
||||
if (password != NULL && (method & SSH_AUTH_METHOD_PASSWORD)) {
|
||||
rc = authenticate_password (h->session, password);
|
||||
if (rc == SSH_AUTH_SUCCESS) return 0;
|
||||
--
|
||||
2.31.1
|
||||
|
||||
@ -0,0 +1,68 @@
|
||||
From 916f90972af60576591dea4a4f1d07e4dae6d9cf Mon Sep 17 00:00:00 2001
|
||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||
Date: Thu, 5 Jan 2023 11:29:32 +0000
|
||||
Subject: [PATCH] ssh: Improve the error message when all authentication
|
||||
methods fail
|
||||
|
||||
The current error message:
|
||||
|
||||
nbdkit: ssh[1]: error: all possible authentication methods failed
|
||||
|
||||
is confusing and non-actionable. It's hard even for experts to
|
||||
understand the relationship between the authentication methods offered
|
||||
by a server and what we require.
|
||||
|
||||
Try to improve the error message in some common situations, especially
|
||||
where password authentication on the server side is disabled but the
|
||||
client supplied a password=... parameter. After this change, you will
|
||||
see an actionable error:
|
||||
|
||||
nbdkit: ssh[1]: error: the server does not offer password
|
||||
authentication but you tried to use a password; if you have root
|
||||
access to the server, try editing 'sshd_config' and setting
|
||||
'PasswordAuthentication yes'; otherwise try setting up public key
|
||||
authentication
|
||||
|
||||
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2158300
|
||||
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
|
||||
(cherry picked from commit bea88cff5ac9c42f1a068ad24d43d5ed0506edaa)
|
||||
---
|
||||
plugins/ssh/ssh.c | 22 ++++++++++++++++++++++
|
||||
1 file changed, 22 insertions(+)
|
||||
|
||||
diff --git a/plugins/ssh/ssh.c b/plugins/ssh/ssh.c
|
||||
index aaa7c2b9..5a132d8f 100644
|
||||
--- a/plugins/ssh/ssh.c
|
||||
+++ b/plugins/ssh/ssh.c
|
||||
@@ -361,6 +361,28 @@ authenticate (struct ssh_handle *h)
|
||||
if (rc == SSH_AUTH_SUCCESS) return 0;
|
||||
}
|
||||
|
||||
+ /* All compatible methods were tried and none worked. Come up with
|
||||
+ * an actionable diagnostic message if we recognise the problem.
|
||||
+ */
|
||||
+ if (!(method & SSH_AUTH_METHOD_PUBLICKEY) && password == NULL) {
|
||||
+ nbdkit_error ("the server does not offer public key authentication; "
|
||||
+ "try using the password=... parameter");
|
||||
+ return -1;
|
||||
+ }
|
||||
+ if ((method & SSH_AUTH_METHOD_PASSWORD) && password != NULL) {
|
||||
+ nbdkit_error ("password authentication failed, "
|
||||
+ "is the username and password correct?");
|
||||
+ return -1;
|
||||
+ }
|
||||
+ if (!(method & SSH_AUTH_METHOD_PASSWORD) && password != NULL) {
|
||||
+ nbdkit_error ("the server does not offer password authentication "
|
||||
+ "but you tried to use a password; if you have root access "
|
||||
+ "to the server, try editing 'sshd_config' and setting "
|
||||
+ "'PasswordAuthentication yes'; otherwise try setting up "
|
||||
+ "public key authentication");
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
nbdkit_error ("all possible authentication methods failed");
|
||||
return -1;
|
||||
}
|
||||
--
|
||||
2.31.1
|
||||
|
||||
@ -0,0 +1,44 @@
|
||||
From dc86950fff020688a17b6ff0dbfea7bdb0d8f1b9 Mon Sep 17 00:00:00 2001
|
||||
From: "Richard W.M. Jones" <rjones@redhat.com>
|
||||
Date: Tue, 10 Jan 2023 08:39:11 +0000
|
||||
Subject: [PATCH] luks: Avoid crash when image does not contain a LUKS header
|
||||
|
||||
We attempt to load the LUKS header in the prepare() callback. If this
|
||||
fails, h->h will be NULL and we'll crash in close() when we attempt to
|
||||
access and free h->h->masterkey.
|
||||
|
||||
This crash could have been triggered another way: if open() followed
|
||||
by close() was called, without prepare() or other callbacks.
|
||||
|
||||
Reported-by: Ming Xie
|
||||
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2159581
|
||||
(cherry picked from commit cad4b96b17ed4ad7882100efa0d9073ac9d8b11c)
|
||||
---
|
||||
filters/luks/luks-encryption.c | 10 ++++++----
|
||||
1 file changed, 6 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/filters/luks/luks-encryption.c b/filters/luks/luks-encryption.c
|
||||
index 26f81e7b..6f33e76e 100644
|
||||
--- a/filters/luks/luks-encryption.c
|
||||
+++ b/filters/luks/luks-encryption.c
|
||||
@@ -856,11 +856,13 @@ load_header (nbdkit_next *next, const char *passphrase)
|
||||
void
|
||||
free_luks_data (struct luks_data *h)
|
||||
{
|
||||
- if (h->masterkey) {
|
||||
- memset (h->masterkey, 0, h->phdr.master_key_len);
|
||||
- free (h->masterkey);
|
||||
+ if (h) {
|
||||
+ if (h->masterkey) {
|
||||
+ memset (h->masterkey, 0, h->phdr.master_key_len);
|
||||
+ free (h->masterkey);
|
||||
+ }
|
||||
+ free (h);
|
||||
}
|
||||
- free (h);
|
||||
}
|
||||
|
||||
uint64_t
|
||||
--
|
||||
2.31.1
|
||||
|
||||
@ -0,0 +1,55 @@
|
||||
#!/bin/bash -
|
||||
|
||||
set -e
|
||||
|
||||
# Maintainer script to copy patches from the git repo to the current
|
||||
# directory. Use it like this:
|
||||
# ./copy-patches.sh
|
||||
|
||||
rhel_version=9.2
|
||||
|
||||
# Check we're in the right directory.
|
||||
if [ ! -f nbdkit.spec ]; then
|
||||
echo "$0: run this from the directory containing 'nbdkit.spec'"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
git_checkout=$HOME/d/nbdkit-rhel-$rhel_version
|
||||
if [ ! -d $git_checkout ]; then
|
||||
echo "$0: $git_checkout does not exist"
|
||||
echo "This script is only for use by the maintainer when preparing a"
|
||||
echo "nbdkit release on RHEL."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Get the base version of nbdkit.
|
||||
version=`grep '^Version:' nbdkit.spec | awk '{print $2}'`
|
||||
tag="v$version"
|
||||
|
||||
# Remove any existing patches.
|
||||
git rm -f [0-9]*.patch ||:
|
||||
rm -f [0-9]*.patch
|
||||
|
||||
# Get the patches.
|
||||
(cd $git_checkout; rm -f [0-9]*.patch; git format-patch -N $tag)
|
||||
mv $git_checkout/[0-9]*.patch .
|
||||
|
||||
# Remove any not to be applied.
|
||||
rm -f *NOT-FOR-RPM*.patch
|
||||
|
||||
# Add the patches.
|
||||
git add [0-9]*.patch
|
||||
|
||||
# Print out the patch lines.
|
||||
echo
|
||||
echo "--- Copy the following text into nbdkit.spec file"
|
||||
echo
|
||||
|
||||
echo "# Patches."
|
||||
for f in [0-9]*.patch; do
|
||||
n=`echo $f | awk -F- '{print $1}'`
|
||||
echo "Patch$n: $f"
|
||||
done
|
||||
|
||||
echo
|
||||
echo "--- End of text"
|
||||
@ -0,0 +1,17 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmO0P9URHHJpY2hAYW5u
|
||||
ZXhpYS5vcmcACgkQkXOPc+G3aKBj/w/+MahWvHpk6oOoif9pvshQ5ZXWWH8+4DCZ
|
||||
fMPQPRuU3j64tj2kUrp87zChVPkQv27v+RuQcs5OuhfB/nvCIJiK6dSMq6KQmIv2
|
||||
b3LieGAuIlhr89YIGQRi7j+R8iWiQgm+dT6BNeu3n7kbpEbJPPUHhz2YNlw1x/LJ
|
||||
mfSEh+0HXKKz7HsCDwUCenq/pCPyD4p9x0UB0xqDT7PLg3qGwpHCMTuslrX3alOu
|
||||
EYl+NDr9q266IQYGUh1zpSkobLNLvHI+TFyYEvytDnU4MylyslOdDIsA89E/y29r
|
||||
rSMl9edDjhQ/h51In1Q8rKmlXFrcwDeRUywybn09m1gu++bxls5W1LFAZvp/YBa+
|
||||
nWYv3o58epJSbhEL6NO5fl88Ea5JJYqhB+I1ezud/nJ3Uu/t9C7m69Mt96U5NhQ5
|
||||
9irjO1Przz/3ft9+t7hW2u3MFNrEA/u1+e/Jnyr4+g8ZYmM1V7hQWqGwjO09zUZT
|
||||
5xR41WHxG3ZbuUOv5r5Xt7Xvp1tiiWxiyEWOBydQwsnV9yZR/G2m3eWFE5H315r+
|
||||
qGQXbr41mnsUAG6G8VXsNwK8cu3YQkZBHm4et4wFmvI6C1n2I7jhQBoXkdi9BKj9
|
||||
Rh/h3DDmYB2Ud6G/ApWwfRFhSPM/apuUYfuYlXPKteFhtPjfbNSlHkm4hr1lFbK/
|
||||
+X9eYoD9410=
|
||||
=qSZX
|
||||
-----END PGP SIGNATURE-----
|
||||
@ -0,0 +1,23 @@
|
||||
#!/bin/bash -
|
||||
|
||||
# Generate RPM provides automatically for nbdkit packages and filters.
|
||||
# Copyright (C) 2009-2022 Red Hat Inc.
|
||||
|
||||
# To test:
|
||||
# find /usr/lib64/nbdkit/plugins | ./nbdkit-find-provides VER REL
|
||||
# find /usr/lib64/nbdkit/filters | ./nbdkit-find-provides VER REL
|
||||
|
||||
ver="$1"
|
||||
rel="$2"
|
||||
|
||||
function process_file
|
||||
{
|
||||
if [[ $1 =~ /plugins/nbdkit-.*-plugin ]] ||
|
||||
[[ $1 =~ /filters/nbdkit-.*-filter ]]; then
|
||||
echo "Provides:" "$(basename $1 .so)" "=" "$ver-$rel"
|
||||
fi
|
||||
}
|
||||
|
||||
while read line; do
|
||||
process_file "$line"
|
||||
done
|
||||
@ -0,0 +1,3 @@
|
||||
%__nbdkit_provides %{_rpmconfigdir}/nbdkit-find-provides %{version} %{release}
|
||||
%__nbdkit_path %{_libdir}/nbdkit/(plugins|filters)/nbdkit-.*-(plugin|filter)(\.so)?$
|
||||
%__nbdkit_flags exeonly
|
||||
File diff suppressed because it is too large
Load Diff
Loading…
Reference in new issue