Bump version for ST

Add patach for setting custom vici socket path.
New version 7.4
2020-10-12 20:37:15 +02:00 · 2020-10-12 20:37:14 +02:00 · 2020-09-21 14:40:08 +02:00 · 2020-06-18 12:20:25 +02:00 · 2020-02-19 10:36:30 +01:00
9 changed files with 155 additions and 42 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,6 @@
 /frr-7.1.tar.gz
 /frr-7.2.tar.gz
 /frr-7.3.tar.gz
 /remove-babeld-ldpd.sh
 /frr-7.3.1.tar.gz
 /frr-7.4.tar.gz
--- a/0001-nhrp-Make-vici-socket-path-configurable.patch
+++ b/0001-nhrp-Make-vici-socket-path-configurable.patch
@@ -0,0 +1,93 @@
 From 354196c027e81affb05163a6c3676eef1ba06dd9 Mon Sep 17 00:00:00 2001
 From: Zoran Pericic <zpericic@netst.org>
 Date: Sat, 25 Jan 2020 19:38:39 +0100
 Subject: [PATCH] nhrp: Make vici socket path configurable
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 nhrp: Configure vici socket path using
 configure --with-vici-socket=/var/run/charon.vici
 If not specified default to /var/run/charon.vici
 Signed-off-by: Zoran Peričić <zpericic@netst.org>
 ---
 configure.ac              | 8 ++++++++
 doc/user/installation.rst | 4 ++++
 nhrpd/README.nhrpd        | 3 ++-
 nhrpd/vici.c              | 2 +-
 4 files changed, 15 insertions(+), 2 deletions(-)
 diff --git a/configure.ac b/configure.ac
 index 3cc74c411..8e86ba87f 100755
 --- a/configure.ac
 +++ b/configure.ac
@@ -139,6 +139,13 @@ AC_ARG_WITH([yangmodelsdir], [AS_HELP_STRING([--with-yangmodelsdir=DIR], [yang m
 ])
 AC_SUBST([yangmodelsdir])
 +AC_ARG_WITH([vici-socket], [AS_HELP_STRING([--with-vici-socket=PATH], [vici-socket (/var/run/charon.vici)])], [
 +	vici_socket="$withval"
 +], [
 +	vici_socket="/var/run/charon.vici"
 +])
 +AC_DEFINE_UNQUOTED([VICI_SOCKET], ["$vici_socket"], [StrongSWAN vici socket path])
 +
 AC_ARG_ENABLE(tcmalloc,
 	AS_HELP_STRING([--enable-tcmalloc], [Turn on tcmalloc]),
 [case "${enableval}" in
@@ -2512,6 +2519,7 @@ group for vty sockets   : ${enable_vty_group}
 config file mask        : ${enable_configfile_mask}
 log file mask           : ${enable_logfile_mask}
 zebra protobuf enabled  : ${enable_protobuf:-no}
 +vici socket path        : ${vici_socket}
 The above user and group must have read/write access to the state file
 directory and to the config files in the config file directory."
 diff --git a/doc/user/installation.rst b/doc/user/installation.rst
 index 0fd33eace..ee06578b7 100644
 --- a/doc/user/installation.rst
 +++ b/doc/user/installation.rst
@@ -380,6 +380,10 @@ options to the configuration script.
    Look for YANG modules in `dir` [`prefix`/share/yang]. Note that the FRR
    YANG modules will be installed here.
 +.. option:: --with-vici-socket <path>
 +
 +   Set StrongSWAN vici interface socket path [/var/run/charon.vici].
 +
 Python dependency, documentation and tests
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 diff --git a/nhrpd/README.nhrpd b/nhrpd/README.nhrpd
 index 569b3f446..8bb5f69be 100644
 --- a/nhrpd/README.nhrpd
 +++ b/nhrpd/README.nhrpd
@@ -126,7 +126,8 @@ Integration with strongSwan
 Contrary to opennhrp, Quagga/NHRP has tight integration with IKE daemon.
 Currently strongSwan is supported using the VICI protocol. strongSwan
 -is connected using UNIX socket (hardcoded now as /var/run/charon.vici).
 +is connected using UNIX socket (default /var/run/charon.vici use configure
 +argument --with-vici-socket= to change).
 Thus nhrpd needs to be run as user that can open that file.
 Currently, you will need patched strongSwan. The working tree is at:
 diff --git a/nhrpd/vici.c b/nhrpd/vici.c
 index 2dc05a4aa..86554f53d 100644
 --- a/nhrpd/vici.c
 +++ b/nhrpd/vici.c
@@ -478,7 +478,7 @@ static int vici_reconnect(struct thread *t)
 	if (vici->fd >= 0)
 		return 0;
 -	fd = sock_open_unix("/var/run/charon.vici");
 +	fd = sock_open_unix(VICI_SOCKET);
 	if (fd < 0) {
 		debugf(NHRP_DEBUG_VICI,
 		       "%s: failure connecting VICI socket: %s", __func__,
 -- 
 2.26.2
--- a/0001-use-python3.patch
+++ b/0001-use-python3.patch
@@ -8,3 +8,13 @@ index 208fb11..0692adc 100755
 # Frr Reloader
 # Copyright (C) 2014 Cumulus Networks, Inc.
 #
 diff --git a/tools/generate_support_bundle.py b/tools/generate_support_bundle.py
 index 540b7a1..0876ebb 100755
 --- a/tools/generate_support_bundle.py
 +++ b/tools/generate_support_bundle.py
@@ -1,4 +1,4 @@
 -#!/usr/bin/python
 +#!/usr/bin/python3
 ########################################################
 ### Python Script to generate the FRR support bundle ###
--- a/0002-enable-openssl.patch
+++ b/0002-enable-openssl.patch
@@ -3,15 +3,15 @@ index 0b7af18..0533e24 100644
 --- a/lib/subdir.am
 +++ b/lib/subdir.am
@@ -41,7 +41,6 @@ lib_libfrr_la_SOURCES = \
 	lib/linklist.c \
 	lib/log.c \
 	lib/log_filter.c \
 	lib/log_vty.c \
 -	lib/md5.c \
 	lib/memory.c \
 	lib/memory_vty.c \
 	lib/mlag.c \
 	lib/module.c \
@@ -64,7 +64,6 @@ lib_libfrr_la_SOURCES = \
- 	lib/routemap.c \
+ 	lib/routemap_northbound.c \
 	lib/sbuf.c \
 	lib/seqlock.c \
 -	lib/sha256.c \
@@ -24,8 +24,8 @@ index 0b7af18..0533e24 100644
 	lib/log_vty.h \
 -	lib/md5.h \
 	lib/memory.h \
 	lib/memory_vty.h \
 	lib/module.h \
 	lib/monotime.h \
@@ -191,7 +190,6 @@ pkginclude_HEADERS += \
 	lib/routemap.h \
 	lib/sbuf.h \
--- a/0005-test-typelist-power.patch
+++ b/0005-test-typelist-power.patch
@@ -1,30 +0,0 @@
 diff --git a/tests/lib/test_typelist.h b/tests/lib/test_typelist.h
 index f20bbc52d..9039fa8a4 100644
 --- a/tests/lib/test_typelist.h
 +++ b/tests/lib/test_typelist.h
@@ -98,12 +98,13 @@ static void ts_hash(const char *text, const char *expect)
 	unsigned i = 0;
 	uint8_t hash[32];
 	char hashtext[65];
 -	uint32_t count;
 +	uint32_t swap_count, count;
 -	count = htonl(list_count(&head));
 +	count = list_count(&head);
 +	swap_count = htonl(count);
 	SHA256_Init(&ctx);
 -	SHA256_Update(&ctx, &count, sizeof(count));
 +	SHA256_Update(&ctx, &swap_count, sizeof(swap_count));
 	frr_each (list, &head, item) {
 		struct {
@@ -115,7 +115,7 @@ static void ts_hash(const char *text, const char *expect)
 		};
 		SHA256_Update(&ctx, &hashitem, sizeof(hashitem));
 		i++;
 -		assert(i < count);
 +		assert(i <= count);
 	}
 	SHA256_Final(hash, &ctx);
--- a/0006-python-version.patch
+++ b/0006-python-version.patch
@@ -0,0 +1,14 @@
 diff --git a/m4/ax_python.m4 b/m4/ax_python.m4
 index d293da525..9f43ea0ab 100644
 --- a/m4/ax_python.m4
 +++ b/m4/ax_python.m4
@@ -186,7 +186,8 @@ AC_REQUIRE([PKG_PROG_PKG_CONFIG])dnl
       AC_MSG_RESULT([yes])
       PYTHON_CFLAGS="`\"$pycfg\" --includes`"
 -      if test x"${py_ver}" = x"3.8" || test x"{py_ver}" = x"3.9"; then
 +      minor_ver=${py_ver#*\.}
 +      if test $((minor_ver)) -gt 7; then
         PYTHON_LIBS="`\"$pycfg\" --ldflags --embed`"
       else
         PYTHON_LIBS="`\"$pycfg\" --ldflags`"
--- a/frr-tmpfiles.conf
+++ b/frr-tmpfiles.conf
@@ -0,0 +1 @@
 d /run/frr 0755 frr frr -
--- a/frr.spec
+++ b/frr.spec
@@ -1,17 +1,19 @@
-%global frrversion	7.2
+%global frrversion	7.4
 %global frr_libdir /usr/lib/frr
 %global checkout .st.1
 %global _hardened_build 1
 %define _legacy_common_support 1
 Name: frr
-Version: 7.2
+Version: 7.4
-Release: 2%{?checkout}%{?dist}
+Release: 1%{?checkout}%{?dist}
 Summary: Routing daemon
 License: GPLv2+
 URL: http://www.frrouting.org
 Source0: https://github.com/FRRouting/frr/releases/download/%{name}-%{frrversion}/%{name}-%{frrversion}.tar.gz
 Source1: %{name}-tmpfiles.conf
 BuildRequires: perl-generators
 BuildRequires: systemd
 BuildRequires: gcc
 BuildRequires: net-snmp-devel
 BuildRequires: texinfo libcap-devel texi2html autoconf automake libtool patch groff
@@ -33,7 +35,8 @@ Patch0001: 0001-use-python3.patch
 Patch0002: 0002-enable-openssl.patch
 Patch0003: 0003-disable-eigrp-crypto.patch
 Patch0004: 0004-fips-mode.patch
-Patch0005: 0005-test-typelist-power.patch
+Patch0006: 0006-python-version.patch
 Patch0060: 0001-nhrp-Make-vici-socket-path-configurable.patch
 %description
 FRRouting is free software that manages TCP/IP based routing protocols. It takes
@@ -72,6 +75,7 @@ autoreconf -ivf
    --disable-babeld \
    --with-moduledir=%{_libdir}/frr/modules \
    --with-crypto=openssl \
    --with-vici-socket=/run/strongswan/charon.vici \
    --enable-fpm
 %make_build MAKEINFO="makeinfo --no-split" PYTHON=%{__python3}
@@ -86,12 +90,14 @@ mkdir -p %{buildroot}/etc/{frr,rc.d/init.d,sysconfig,logrotate.d,pam.d,default}
         %{buildroot}%{_unitdir}
 mkdir -p -m 0755 %{buildroot}%{_libdir}/frr
 mkdir -p %{buildroot}%{_tmpfilesdir}
 %make_install
 # Remove this file, as it is uninstalled and causes errors when building on RH9
 rm -rf %{buildroot}/usr/share/info/dir
 install -p -m 644 %{SOURCE1} %{buildroot}%{_tmpfilesdir}/%{name}.conf
 install -p -m 644 %{_builddir}/%{name}-%{frrversion}/tools/etc/frr/daemons %{buildroot}/etc/frr/daemons
 install -p -m 644 %{_builddir}/%{name}-%{frrversion}/tools/frr.service %{buildroot}%{_unitdir}/frr.service
 install -p -m 755 %{_builddir}/%{name}-%{frrversion}/tools/frrinit.sh %{buildroot}%{frr_libdir}/frr
@@ -158,24 +164,38 @@ make check PYTHON=%{__python3}
 %doc ripngd/ripngd.conf.sample
 %doc pimd/pimd.conf.sample
 %doc doc/mpls
-%dir %attr(755,frr,frr) %{_sysconfdir}/frr
+%dir %attr(640,frr,frr) %{_sysconfdir}/frr
 %dir %attr(755,frr,frr) /var/log/frr
 %dir %attr(755,frr,frr) /run/frr
 %{_infodir}/*info*
 %{_mandir}/man*/*
 %dir %{frr_libdir}/
 %{frr_libdir}/*
 %{_bindir}/*
 %dir %{_libdir}/frr
 %{_libdir}/frr/*.so.*
 %dir %{_libdir}/frr/modules
 %{_libdir}/frr/modules/*
 %config(noreplace) %attr(644,root,root) /etc/logrotate.d/frr
-%config(noreplace) /etc/frr/daemons
+%config(noreplace) %attr(644,frr,frr) /etc/frr/daemons
 %config(noreplace) /etc/pam.d/frr
 %{_unitdir}/*.service
 %dir /usr/share/yang
 /usr/share/yang/*.yang
 %{_tmpfilesdir}/%{name}.conf
 #%%{_libdir}/frr/frr/libyang_plugins/*
 %changelog
 * Mon Sep 21 2020 Michal Ruprich <mruprich@redhat.com> - 7.4-1
 - New version
 * Thu Jun 18 2020 Michal Ruprich <michalruprich@gmail.com> - 7.3.1-1
 - New version 7.3.1
 - Fixes a couple of bugs(#1832259, #1835039, #1830815, #1830808, #1830806, #1830800, #1830798, #1814773)
 * Wed Feb 19 2020 Michal Ruprich <mruprich@redhat.com> - 7.3-1
 - New version 7.3
 * Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 7.2-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--- a/3
+++ b/3
@@ -1 +1,2 @@
-SHA512 (frr-7.2.tar.gz) = a99cd23ef9499e28fdf3b2d23993e4a9bcfea3c5eb4c8ddc33ad50b0afab961733729116e01397af9e77918b8c0de5598f6c22bbab92050b548fb5c21e5d81d8
+SHA512 (frr-7.4.tar.gz) = 3342eac15483631c772eb83af0eabb33ecaafe8ba6d3cf9e2a390a50fb23a0238a2767961a0eef40a1e9c3a1f255dc5a578b927616030cf51867114b74aa24c8
 SHA512 (remove-babeld-ldpd.sh) = a5bf67a3722cb20d43cef1dac28f839db68df73a1b7d34d8438e4f9366da3b67d85c1f44281f93434e8dd8ebcb2d3dc258b77eaa5627475b7395d207f020839d
Author	SHA1	Message	Date
Zoran Peričić	724af68a66	Bump version for ST	2020-10-12 20:37:15 +02:00
Zoran Peričić	830ffffb6c	Add patach for setting custom vici socket path.	2020-10-12 20:37:14 +02:00
Michal Ruprich	4d48243fdb	New version 7.4	2020-09-21 14:40:08 +02:00
Michal Ruprich	02cad89e06	New version 7.3.1 Fixes a couple of bugs(#1832259, #1835039, #1830815, #1830808, #1830806, #1830800, #1830798, #1814773)	2020-06-18 12:20:25 +02:00
Michal Ruprich	3627b81013	New version 7.3	2020-02-19 10:36:30 +01:00
`@@ -1 +1,2 @@`
	`SHA512 (frr-7.2.tar.gz) = a99cd23ef9499e28fdf3b2d23993e4a9bcfea3c5eb4c8ddc33ad50b0afab961733729116e01397af9e77918b8c0de5598f6c22bbab92050b548fb5c21e5d81d8`	`SHA512 (frr-7.4.tar.gz) = 3342eac15483631c772eb83af0eabb33ecaafe8ba6d3cf9e2a390a50fb23a0238a2767961a0eef40a1e9c3a1f255dc5a578b927616030cf51867114b74aa24c8`
		`SHA512 (remove-babeld-ldpd.sh) = a5bf67a3722cb20d43cef1dac28f839db68df73a1b7d34d8438e4f9366da3b67d85c1f44281f93434e8dd8ebcb2d3dc258b77eaa5627475b7395d207f020839d`