--- /dev/null
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>
+Date: Wed, 22 May 2019 12:24:45 +0200
+Subject: [PATCH] cfgtool: Improve link status display
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+cherry-picked from upstream master
+
+Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
+---
+ .../cfgtool-Improve-link-status-display.patch | 134 ++++++++++++++++++
+ debian/patches/series | 1 +
+ 2 files changed, 135 insertions(+)
+ create mode 100644 debian/patches/cfgtool-Improve-link-status-display.patch
+
+diff --git a/debian/patches/cfgtool-Improve-link-status-display.patch b/debian/patches/cfgtool-Improve-link-status-display.patch
+new file mode 100644
+index 00000000..93ee9937
+--- /dev/null
++++ b/debian/patches/cfgtool-Improve-link-status-display.patch
+@@ -0,0 +1,134 @@
++From: Christine Caulfield <ccaulfie@redhat.com>
++Date: Tue, 22 Jan 2019 10:06:29 +0000
++Subject: cfgtool: Improve link status display
++
++Now show the nodeids properly, rather than node indexes which were
++annoying and unhelpful.
++
++Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
++Reviewed-by: Jan Friesse <jfriesse@redhat.com>
++(cherry picked from commit c0d14485c3ebdeb2332f7c48acd155163e5b7fc1)
++---
++ tools/Makefile.am | 2 +-
++ tools/corosync-cfgtool.c | 56 ++++++++++++++++++++++++++++++++++++++++++++++--
++ 2 files changed, 55 insertions(+), 3 deletions(-)
++
++diff --git a/tools/Makefile.am b/tools/Makefile.am
++index 7a9ab04..0793884 100644
++--- a/tools/Makefile.am
+++++ b/tools/Makefile.am
++@@ -58,7 +58,7 @@ corosync-blackbox: corosync-blackbox.sh
++
++ corosync_cmapctl_LDADD = $(LIBQB_LIBS) $(top_builddir)/lib/libcmap.la
++
++-corosync_cfgtool_LDADD = $(LIBQB_LIBS) $(top_builddir)/lib/libcfg.la
+++corosync_cfgtool_LDADD = $(LIBQB_LIBS) $(top_builddir)/lib/libcfg.la $(top_builddir)/lib/libcmap.la
++
++ corosync_cpgtool_LDADD = $(LIBQB_LIBS) $(top_builddir)/lib/libcfg.la \
++ $(top_builddir)/lib/libcpg.la
++diff --git a/tools/corosync-cfgtool.c b/tools/corosync-cfgtool.c
++index c138085..ed29694 100644
++--- a/tools/corosync-cfgtool.c
+++++ b/tools/corosync-cfgtool.c
++@@ -50,6 +50,7 @@
++ #include <corosync/corotypes.h>
++ #include <corosync/totem/totem.h>
++ #include <corosync/cfg.h>
+++#include <corosync/cmap.h>
++
++ #define cs_repeat(result, max, code) \
++ do { \
++@@ -75,16 +76,33 @@ enum user_action {
++ ACTION_KILL_NODE,
++ };
++
+++static int node_compare(const void *aptr, const void *bptr)
+++{
+++ uint32_t a,b;
+++
+++ a = *(uint32_t *)aptr;
+++ b = *(uint32_t *)bptr;
+++
+++ return a > b;
+++}
+++
++ static int
++ linkstatusget_do (char *interface_name, int brief)
++ {
++ cs_error_t result;
++ corosync_cfg_handle_t handle;
+++ cmap_handle_t cmap_handle;
++ unsigned int interface_count;
++ char **interface_names;
++ char **interface_status;
+++ uint32_t nodeid_list[KNET_MAX_HOST];
+++ char iter_key[CMAP_KEYNAME_MAXLEN];
++ unsigned int i;
+++ cmap_iter_handle_t iter;
++ unsigned int nodeid;
+++ unsigned int node_pos;
+++ cmap_value_types_t type;
+++ size_t value_len;
++ int rc = 0;
++ int len, s = 0, t;
++
++@@ -95,6 +113,37 @@ linkstatusget_do (char *interface_name, int brief)
++ exit (1);
++ }
++
+++ result = cmap_initialize (&cmap_handle);
+++ if (result != CS_OK) {
+++ printf ("Could not initialize corosync cmap API error %d\n", result);
+++ exit (1);
+++ }
+++ /* Get a list of nodes. We do it this way rather than using votequorum as cfgtool
+++ * needs to be independent of quorum type
+++ */
+++ result = cmap_iter_init(cmap_handle, "nodelist.node.", &iter);
+++ if (result != CS_OK) {
+++ printf ("Could not get nodelist from cmap. error %d\n", result);
+++ exit (1);
+++ }
+++
+++ while ((cmap_iter_next(cmap_handle, iter, iter_key, &value_len, &type)) == CS_OK) {
+++ result = sscanf(iter_key, "nodelist.node.%u.nodeid", &node_pos);
+++ if (result != 1) {
+++ continue;
+++ }
+++ if (cmap_get_uint32(cmap_handle, iter_key, &nodeid) == CS_OK) {
+++ nodeid_list[s++] = nodeid;
+++ }
+++ }
+++
+++ /* totemknet returns nodes in nodeid order - even though it doesn't tell us
+++ what the nodeid is. So sort our node list and we can then look up
+++ knet node pos to get an actual nodeid.
+++ Yep, I really should have totally rewritten the cfg interface for this.
+++ */
+++ qsort(nodeid_list, s, sizeof(uint32_t), node_compare);
+++
++ result = corosync_cfg_local_get(handle, &nodeid);
++ if (result != CS_OK) {
++ printf ("Could not get the local node id, the error is: %d\n", result);
++@@ -134,9 +183,11 @@ linkstatusget_do (char *interface_name, int brief)
++ (!strstr(interface_status[i], "FAULTY"))) {
++ len = strlen(interface_status[i]);
++ printf ("\tstatus:\n");
++- while(s < len) {
+++ while (s < len) {
+++ nodeid = nodeid_list[s];
++ t = interface_status[i][s] - '0';
++- printf("\t\tnode %d:\t", s++);
+++ s++;
+++ printf("\t\tnodeid %2d:\t", nodeid);
++ printf("link enabled:%d\t", t&1? 1 : 0);
++ printf("link connected:%d\n", t&2? 1: 0);
++ }
++@@ -157,6 +208,7 @@ linkstatusget_do (char *interface_name, int brief)
++ free(interface_names);
++ }
++
+++ (void)cmap_finalize (cmap_handle);
++ (void)corosync_cfg_finalize (handle);
++ return rc;
++ }
+diff --git a/debian/patches/series b/debian/patches/series
+index fcba2944..32007175 100644
+--- a/debian/patches/series
++++ b/debian/patches/series
+@@ -6,3 +6,4 @@ AC_PROG_SED-is-already-present.patch
+ Use-the-SED-variable-provided-by-configure.patch
+ Use-the-AWK-variable-provided-by-configure.patch
+ pve__only-start-corosync.service-if-conf-exists.patch
++cfgtool-Improve-link-status-display.patch
--- /dev/null
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>
+Date: Wed, 22 May 2019 12:26:43 +0200
+Subject: [PATCH] add crypto patches
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+cherry-picked from upstream master, to ease in-place upgrade for
+clusters running our default configuration
+
+Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
+---
+ ...rypto-re-introduce-secauth-parameter.patch | 62 ++++++++
+ .../keygen-Reflect-change-in-knet.patch | 100 +++++++++++++
+ ...et-totem.keyfile-and-totem.key-to-RO.patch | 44 ++++++
+ .../totemconfig-Remove-support-for-3des.patch | 138 ++++++++++++++++++
+ debian/patches/series | 4 +
+ 5 files changed, 348 insertions(+)
+ create mode 100644 debian/patches/crypto-re-introduce-secauth-parameter.patch
+ create mode 100644 debian/patches/keygen-Reflect-change-in-knet.patch
+ create mode 100644 debian/patches/set-totem.keyfile-and-totem.key-to-RO.patch
+ create mode 100644 debian/patches/totemconfig-Remove-support-for-3des.patch
+
+diff --git a/debian/patches/crypto-re-introduce-secauth-parameter.patch b/debian/patches/crypto-re-introduce-secauth-parameter.patch
+new file mode 100644
+index 00000000..1c5739c1
+--- /dev/null
++++ b/debian/patches/crypto-re-introduce-secauth-parameter.patch
+@@ -0,0 +1,62 @@
++From: =?utf-8?q?Fabian_Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>
++Date: Wed, 10 Apr 2019 09:43:33 +0200
++Subject: crypto: re-introduce secauth parameter
++MIME-Version: 1.0
++Content-Type: text/plain; charset="utf-8"
++Content-Transfer-Encoding: 8bit
++
++with the following semantics:
++- default off
++- implies crypto_hash SHA256 and crypto_cipher AES256
++- crypto_* have higher precedence
++- only applicable for knet, like crypto_*
++
++this should make upgrading from Corosync 2.x less painful for users that
++have an explicit secauth=on in their configuration.
++
++Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
++Reviewed-by: Jan Friesse <jfriesse@redhat.com>
++(cherry picked from commit b97ca8e9f026aaaf2fe9cf697d89803004587f60)
++---
++ exec/totemconfig.c | 8 ++++++++
++ man/corosync.conf.5 | 8 ++++++++
++ 2 files changed, 16 insertions(+)
++
++diff --git a/exec/totemconfig.c b/exec/totemconfig.c
++index 4f69fd5..1954f76 100644
++--- a/exec/totemconfig.c
+++++ b/exec/totemconfig.c
++@@ -450,6 +450,14 @@ static int totem_get_crypto(struct totem_config *totem_config, const char **erro
++ tmp_model = "nss";
++ }
++
+++ if (icmap_get_string("totem.secauth", &str) == CS_OK) {
+++ if (strcmp(str, "on") == 0) {
+++ tmp_cipher = "aes256";
+++ tmp_hash = "sha256";
+++ }
+++ free(str);
+++ }
+++
++ if (icmap_get_string("totem.crypto_cipher", &str) == CS_OK) {
++ if (strcmp(str, "none") == 0) {
++ tmp_cipher = "none";
++diff --git a/man/corosync.conf.5 b/man/corosync.conf.5
++index 216dfc5..b294e11 100644
++--- a/man/corosync.conf.5
+++++ b/man/corosync.conf.5
++@@ -224,6 +224,14 @@ transmission is only supported for the knet transport.
++
++ The default is none.
++
+++.TP
+++secauth
+++This implies crypto_cipher=aes256 and crypto_hash=sha256, unless those options
+++are explicitly set. Encrypted transmission is only supported for the knet
+++transport.
+++
+++The default is off.
+++
++ .TP
++ keyfile
++ This specifies the fully qualified path to the shared key used to
+diff --git a/debian/patches/keygen-Reflect-change-in-knet.patch b/debian/patches/keygen-Reflect-change-in-knet.patch
+new file mode 100644
+index 00000000..068f481f
+--- /dev/null
++++ b/debian/patches/keygen-Reflect-change-in-knet.patch
+@@ -0,0 +1,100 @@
++From: Jan Friesse <jfriesse@redhat.com>
++Date: Tue, 9 Apr 2019 17:09:34 +0200
++Subject: keygen: Reflect change in knet
++
++Knet commit 1cb36f0cffd4559971826ca4774a88c5b05882fb reduced minimal
++key length to 1024-bit. Keygen should keep compatibility with already
++released 3.0.[0-1] so default key length should be 2048 bits. It's
++possible to use -s argument to generate shorter key - keygen respects
++minimum/maximum as defined by knet.
++
++Also fix man page to reflect this change.
++
++Signed-off-by: Jan Friesse <jfriesse@redhat.com>
++Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
++(cherry picked from commit c260bce45b1f5b4a82c74513c4b3302d32daf179)
++---
++ tools/corosync-keygen.c | 4 ++--
++ man/corosync-keygen.8 | 21 +++++++++------------
++ 2 files changed, 11 insertions(+), 14 deletions(-)
++
++diff --git a/tools/corosync-keygen.c b/tools/corosync-keygen.c
++index 40e4d6e..243661a 100644
++--- a/tools/corosync-keygen.c
+++++ b/tools/corosync-keygen.c
++@@ -1,6 +1,6 @@
++ /*
++ * Copyright (c) 2004 MontaVista Software, Inc.
++- * Copyright (c) 2005-2017 Red Hat, Inc.
+++ * Copyright (c) 2005-2019 Red Hat, Inc.
++ *
++ * All rights reserved.
++ *
++@@ -52,7 +52,7 @@
++
++ #define DEFAULT_KEYFILE COROSYSCONFDIR "/authkey"
++
++-#define DEFAULT_KEYFILE_LEN TOTEM_PRIVATE_KEY_LEN_MIN
+++#define DEFAULT_KEYFILE_LEN 256
++
++ #define DEFAULT_RANDOM_DEV "/dev/urandom"
++
++diff --git a/man/corosync-keygen.8 b/man/corosync-keygen.8
++index 0839621..8767ddc 100644
++--- a/man/corosync-keygen.8
+++++ b/man/corosync-keygen.8
++@@ -1,5 +1,5 @@
++ .\"/*
++-.\" * Copyright (C) 2010-2017 Red Hat, Inc.
+++.\" * Copyright (C) 2010-2019 Red Hat, Inc.
++ .\" *
++ .\" * All rights reserved.
++ .\" *
++@@ -31,7 +31,7 @@
++ .\" * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
++ .\" * THE POSSIBILITY OF SUCH DAMAGE.
++ .\" */
++-.TH COROSYNC-KEYGEN 8 2017-07-03
+++.TH COROSYNC-KEYGEN 8 2019-04-09
++ .SH NAME
++ corosync-keygen \- Generate an authentication key for Corosync.
++ .SH SYNOPSIS
++@@ -69,7 +69,7 @@ Random number source file. Default is /dev/urandom. As an example /dev/random ma
++ used when really superb randomness is needed.
++ .TP
++ .B -s size
++-Size of the generated key in bytes. Default is 1024 bytes. Allowed range is <1024, 4096>.
+++Size of the generated key in bytes. Default is 256 bytes. Allowed range is <128, 4096>.
++ .TP
++ .TP
++ .B -l
++@@ -84,7 +84,7 @@ Generate the key.
++ .nf
++ # corosync-keygen
++ Corosync Cluster Engine Authentication key generator.
++-Gathering 8192 bits for key from /dev/urandom.
+++Gathering 2048 bits for key from /dev/urandom.
++ Writing corosync key to /etc/corosync/authkey
++ .fi
++
++@@ -101,15 +101,12 @@ Writing corosync key to /tmp/authkey.
++ Generate superb key using /dev/random
++ .nf
++ # corosync-keygen -r /dev/random
++-Corosync Cluster Engine Authentication key generator.
++-Gathering 8192 bits for key from /dev/random.
+++Gathering 2048 bits for key from /dev/random.
++ Press keys on your keyboard to generate entropy.
++-Press keys on your keyboard to generate entropy (7928 bits still needed).
++-Press keys on your keyboard to generate entropy (7880 bits still needed).
++- ...
++-Press keys on your keyboard to generate entropy (104 bits still needed).
++-Press keys on your keyboard to generate entropy (56 bits still needed).
++-Press keys on your keyboard to generate entropy (8 bits still needed).
+++Press keys on your keyboard to generate entropy (1128 bits still needed).
+++Press keys on your keyboard to generate entropy (504 bits still needed).
+++Press keys on your keyboard to generate entropy (128 bits still needed).
+++Press keys on your keyboard to generate entropy (32 bits still needed).
++ Writing corosync key to /etc/corosync/authkey.
++ .fi
++
+diff --git a/debian/patches/set-totem.keyfile-and-totem.key-to-RO.patch b/debian/patches/set-totem.keyfile-and-totem.key-to-RO.patch
+new file mode 100644
+index 00000000..9daad20b
+--- /dev/null
++++ b/debian/patches/set-totem.keyfile-and-totem.key-to-RO.patch
+@@ -0,0 +1,44 @@
++From: =?utf-8?q?Fabian_Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>
++Date: Wed, 3 Apr 2019 21:57:30 +0200
++Subject: set totem.keyfile and totem.key to RO
++MIME-Version: 1.0
++Content-Type: text/plain; charset="utf-8"
++Content-Transfer-Encoding: 8bit
++
++so that we get the nice log message when attempting to modify them at
++runtime, just like for totem.crypto_* and co.
++
++Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
++Reviewed-by: Jan Friesse <jfriesse@redhat.com>
++(cherry picked from commit 03fba21503f1b8395519190cc537f63100e995f5)
++---
++ exec/cfg.c | 2 ++
++ exec/main.c | 2 ++
++ 2 files changed, 4 insertions(+)
++
++diff --git a/exec/cfg.c b/exec/cfg.c
++index dec7dbf..9aeba0c 100644
++--- a/exec/cfg.c
+++++ b/exec/cfg.c
++@@ -578,6 +578,8 @@ static void remove_ro_entries(icmap_map_t temp_map)
++ delete_and_notify_if_changed(temp_map, "totem.secauth");
++ delete_and_notify_if_changed(temp_map, "totem.crypto_hash");
++ delete_and_notify_if_changed(temp_map, "totem.crypto_cipher");
+++ delete_and_notify_if_changed(temp_map, "totem.keyfile");
+++ delete_and_notify_if_changed(temp_map, "totem.key");
++ delete_and_notify_if_changed(temp_map, "totem.version");
++ delete_and_notify_if_changed(temp_map, "totem.threads");
++ delete_and_notify_if_changed(temp_map, "totem.ip_version");
++diff --git a/exec/main.c b/exec/main.c
++index 8554036..06a519c 100644
++--- a/exec/main.c
+++++ b/exec/main.c
++@@ -1036,6 +1036,8 @@ static void set_icmap_ro_keys_flag (void)
++ */
++ icmap_set_ro_access("totem.crypto_cipher", CS_FALSE, CS_TRUE);
++ icmap_set_ro_access("totem.crypto_hash", CS_FALSE, CS_TRUE);
+++ icmap_set_ro_access("totem.keyfile", CS_FALSE, CS_TRUE);
+++ icmap_set_ro_access("totem.key", CS_FALSE, CS_TRUE);
++ icmap_set_ro_access("totem.secauth", CS_FALSE, CS_TRUE);
++ icmap_set_ro_access("totem.ip_version", CS_FALSE, CS_TRUE);
++ icmap_set_ro_access("totem.rrp_mode", CS_FALSE, CS_TRUE);
+diff --git a/debian/patches/totemconfig-Remove-support-for-3des.patch b/debian/patches/totemconfig-Remove-support-for-3des.patch
+new file mode 100644
+index 00000000..c46f137f
+--- /dev/null
++++ b/debian/patches/totemconfig-Remove-support-for-3des.patch
+@@ -0,0 +1,138 @@
++From: Jan Friesse <jfriesse@redhat.com>
++Date: Thu, 11 Apr 2019 08:23:29 +0200
++Subject: totemconfig: Remove support for 3des
++
++Triple DES is considered as a "weak cipher" since 2016 so there is
++really no need to support it in the corosync. Thanks to bug in
++Corosync/Knet/NSS which caused 3des to not work at all,
++no matter what library was used, we can just remove support for 3des
++without braking the compatibility.
++
++Also fix coroparse so:
++- totem.crypto_type is removed (this is 1.x construct which was not used
++even in 2.x)
++- Add checking of totem.crypto_model.
++- Enumarate possible values for crypto_model, crypto_cipher and
++crypto_hash error messages
++
++Signed-off-by: Jan Friesse <jfriesse@redhat.com>
++Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
++(cherry picked from commit d05636b738e3cb1cd7a491e4ef492cd44a8bf6a9)
++---
++ exec/coroparse.c | 21 ++++++++++-----------
++ exec/totemconfig.c | 3 ---
++ conf/lenses/corosync.aug | 4 ++--
++ man/corosync.conf.5 | 6 +++---
++ 4 files changed, 15 insertions(+), 19 deletions(-)
++
++diff --git a/exec/coroparse.c b/exec/coroparse.c
++index bee0a8c..16e0257 100644
++--- a/exec/coroparse.c
+++++ b/exec/coroparse.c
++@@ -1,5 +1,5 @@
++ /*
++- * Copyright (c) 2006-2018 Red Hat, Inc.
+++ * Copyright (c) 2006-2019 Red Hat, Inc.
++ *
++ * All rights reserved.
++ *
++@@ -747,13 +747,11 @@ static int main_config_parser_cb(const char *path,
++ return (0);
++ }
++ }
++- if (strcmp(path, "totem.crypto_type") == 0) {
+++ if (strcmp(path, "totem.crypto_model") == 0) {
++ if ((strcmp(value, "nss") != 0) &&
++- (strcmp(value, "aes256") != 0) &&
++- (strcmp(value, "aes192") != 0) &&
++- (strcmp(value, "aes128") != 0) &&
++- (strcmp(value, "3des") != 0)) {
++- *error_string = "Invalid crypto type";
+++ (strcmp(value, "openssl") != 0)) {
+++ *error_string = "Invalid crypto model. "
+++ "Should be nss or openssl";
++
++ return (0);
++ }
++@@ -762,9 +760,9 @@ static int main_config_parser_cb(const char *path,
++ if ((strcmp(value, "none") != 0) &&
++ (strcmp(value, "aes256") != 0) &&
++ (strcmp(value, "aes192") != 0) &&
++- (strcmp(value, "aes128") != 0) &&
++- (strcmp(value, "3des") != 0)) {
++- *error_string = "Invalid cipher type";
+++ (strcmp(value, "aes128") != 0)) {
+++ *error_string = "Invalid cipher type. "
+++ "Should be none, aes256, aes192 or aes128";
++
++ return (0);
++ }
++@@ -776,7 +774,8 @@ static int main_config_parser_cb(const char *path,
++ (strcmp(value, "sha256") != 0) &&
++ (strcmp(value, "sha384") != 0) &&
++ (strcmp(value, "sha512") != 0)) {
++- *error_string = "Invalid hash type";
+++ *error_string = "Invalid hash type. "
+++ "Should be none, md5, sha1, sha256, sha384 or sha512";
++
++ return (0);
++ }
++diff --git a/exec/totemconfig.c b/exec/totemconfig.c
++index d57562a..4f69fd5 100644
++--- a/exec/totemconfig.c
+++++ b/exec/totemconfig.c
++@@ -463,9 +463,6 @@ static int totem_get_crypto(struct totem_config *totem_config, const char **erro
++ if (strcmp(str, "aes128") == 0) {
++ tmp_cipher = "aes128";
++ }
++- if (strcmp(str, "3des") == 0) {
++- tmp_cipher = "3des";
++- }
++ free(str);
++ }
++
++diff --git a/conf/lenses/corosync.aug b/conf/lenses/corosync.aug
++index 39334f1..edeb4fb 100644
++--- a/conf/lenses/corosync.aug
+++++ b/conf/lenses/corosync.aug
++@@ -51,8 +51,8 @@ let totem =
++ |kv "rrp_mode" /none|active|passive/
++ |kv "vsftype" /none|ykd/
++ |kv "secauth" /on|off/
++- |kv "crypto_type" /nss|aes256|aes192|aes128|3des/
++- |kv "crypto_cipher" /none|nss|aes256|aes192|aes128|3des/
+++ |kv "crypto_model" /nss|openssl/
+++ |kv "crypto_cipher" /none|nss|aes256|aes192|aes128/
++ |kv "crypto_hash" /none|md5|sha1|sha256|sha384|sha512/
++ |kv "transport" /udp|iba|udpu/
++ |kv "version" Rx.integer
++diff --git a/man/corosync.conf.5 b/man/corosync.conf.5
++index dd6f3ba..216dfc5 100644
++--- a/man/corosync.conf.5
+++++ b/man/corosync.conf.5
++@@ -1,6 +1,6 @@
++ .\"/*
++ .\" * Copyright (c) 2005 MontaVista Software, Inc.
++-.\" * Copyright (c) 2006-2018 Red Hat, Inc.
+++.\" * Copyright (c) 2006-2019 Red Hat, Inc.
++ .\" *
++ .\" * All rights reserved.
++ .\" *
++@@ -32,7 +32,7 @@
++ .\" * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
++ .\" * THE POSSIBILITY OF SUCH DAMAGE.
++ .\" */
++-.TH COROSYNC_CONF 5 2019-01-10 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual"
+++.TH COROSYNC_CONF 5 2019-04-11 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual"
++ .SH NAME
++ corosync.conf - corosync executive configuration file
++
++@@ -218,7 +218,7 @@ The default is none.
++ .TP
++ crypto_cipher
++ This specifies which cipher should be used to encrypt all messages.
++-Valid values are none (no encryption), aes256, aes192, aes128 and 3des.
+++Valid values are none (no encryption), aes256, aes192 and aes128.
++ Enabling crypto_cipher, requires also enabling of crypto_hash. Encrypted
++ transmission is only supported for the knet transport.
++
+diff --git a/debian/patches/series b/debian/patches/series
+index 2caabe1c..6f18c886 100644
+--- a/debian/patches/series
++++ b/debian/patches/series
+@@ -8,3 +8,7 @@ Use-the-AWK-variable-provided-by-configure.patch
+ pve__only-start-corosync.service-if-conf-exists.patch
+ cfgtool-Improve-link-status-display.patch
+ Revert-init-Enable-StopWhenUnneeded.patch
++set-totem.keyfile-and-totem.key-to-RO.patch
++keygen-Reflect-change-in-knet.patch
++totemconfig-Remove-support-for-3des.patch
++crypto-re-introduce-secauth-parameter.patch
--- /dev/null
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>
+Date: Wed, 22 May 2019 12:27:19 +0200
+Subject: [PATCH] CPG callback merging
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+cherry-picked from upstream PR 468.
+
+this series aims to minimize callback calls in case of cluster cold
+starts or re-joining after network partitions, which cause a huge spike
+in network load on bigger clusters running pmxcfs.
+
+Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
+---
+ .../cpg-Add-CPG_REASON_UNDEFINED.patch | 152 +++++++++++++
+ ...more-comments-to-notify_lib_joinlist.patch | 193 +++++++++++++++++
+ ...illing-of-member_list-to-subfunction.patch | 130 ++++++++++++
+ ...ify_lib_joinlist-drop-conn-parameter.patch | 112 ++++++++++
+ ...-confchg-event-per-group-on-joinlist.patch | 199 ++++++++++++++++++
+ debian/patches/series | 5 +
+ 6 files changed, 791 insertions(+)
+ create mode 100644 debian/patches/cpg-Add-CPG_REASON_UNDEFINED.patch
+ create mode 100644 debian/patches/cpg-Add-more-comments-to-notify_lib_joinlist.patch
+ create mode 100644 debian/patches/cpg-Move-filling-of-member_list-to-subfunction.patch
+ create mode 100644 debian/patches/cpg-notify_lib_joinlist-drop-conn-parameter.patch
+ create mode 100644 debian/patches/cpg-send-single-confchg-event-per-group-on-joinlist.patch
+
+diff --git a/debian/patches/cpg-Add-CPG_REASON_UNDEFINED.patch b/debian/patches/cpg-Add-CPG_REASON_UNDEFINED.patch
+new file mode 100644
+index 00000000..a69b53ac
+--- /dev/null
++++ b/debian/patches/cpg-Add-CPG_REASON_UNDEFINED.patch
+@@ -0,0 +1,152 @@
++From: Jan Friesse <jfriesse@redhat.com>
++Date: Tue, 16 Apr 2019 12:52:31 +0200
++Subject: cpg: Add CPG_REASON_UNDEFINED
++
++Previously the reason field for the member_list items
++in cpg_totem_confchg_fn was unset what may be little confusing.
++
++Solution is to add a special value CPG_REASON_UNDEFINED and use it for
++the member_list items.
++
++Signed-off-by: Jan Friesse <jfriesse@redhat.com>
++Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
++(cherry picked from commit 41f9e966bb1cfa70d0f6ec1ce46d9c845845b599)
++---
++ include/corosync/cpg.h | 3 ++-
++ man/cpg_initialize.3.in | 18 ++++++++++--------
++ man/cpg_model_initialize.3.in | 18 ++++++++++--------
++ exec/cpg.c | 3 ++-
++ 4 files changed, 24 insertions(+), 18 deletions(-)
++
++diff --git a/include/corosync/cpg.h b/include/corosync/cpg.h
++index 5ebd478..600bbf7 100644
++--- a/include/corosync/cpg.h
+++++ b/include/corosync/cpg.h
++@@ -1,5 +1,5 @@
++ /*
++- * Copyright (c) 2006-2011 Red Hat, Inc.
+++ * Copyright (c) 2006-2019 Red Hat, Inc.
++ *
++ * All rights reserved.
++ *
++@@ -80,6 +80,7 @@ typedef enum {
++ * @brief The cpg_reason_t enum
++ */
++ typedef enum {
+++ CPG_REASON_UNDEFINED = 0,
++ CPG_REASON_JOIN = 1,
++ CPG_REASON_LEAVE = 2,
++ CPG_REASON_NODEDOWN = 3,
++diff --git a/man/cpg_initialize.3.in b/man/cpg_initialize.3.in
++index bdecc1e..38c7de5 100644
++--- a/man/cpg_initialize.3.in
+++++ b/man/cpg_initialize.3.in
++@@ -1,5 +1,5 @@
++ .\"/*
++-.\" * Copyright (c) 2006-2009 Red Hat, Inc.
+++.\" * Copyright (c) 2006-2019 Red Hat, Inc.
++ .\" *
++ .\" * All rights reserved.
++ .\" *
++@@ -31,7 +31,7 @@
++ .\" * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
++ .\" * THE POSSIBILITY OF SUCH DAMAGE.
++ .\" */
++-.TH CPG_INITIALIZE 3 2004-08-31 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual"
+++.TH CPG_INITIALIZE 3 2019-04-16 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual"
++ .SH NAME
++ cpg_initialize \- Create a new connection to the CPG service
++ .SH SYNOPSIS
++@@ -132,18 +132,20 @@ struct cpg_address {
++ .IP
++ .PP
++ where nodeid is a 32 bit unique node identifier, pid is the process ID of the process that has joined/left the group
++-or sent the message, and reason is an integer code indicating why the node joined/left the group.
+++or sent the message, and reason is an integer code indicating why the node joined/left the group (this value is not
+++set for the member_list items).
++ .PP
++ .IP
++ .RS
++ .ne 18
++ .nf
++ .PP
++-CPG_REASON_JOIN - the process joined a group using cpg_join().
++-CPG_REASON_LEAVE - the process left a group using cpg_leave()
++-CPG_REASON_NODEDOWN - the process left a group because the node left the cluster.
++-CPG_REASON_NODEUP - the process joined a group because it was already a member of a group on a node that has just joined the cluster
++-CPG_REASON_PROCDOWN - the process left a group without calling cpg_leave()
+++CPG_REASON_JOIN - the process joined a group using cpg_join().
+++CPG_REASON_LEAVE - the process left a group using cpg_leave()
+++CPG_REASON_NODEDOWN - the process left a group because the node left the cluster.
+++CPG_REASON_NODEUP - the process joined a group because it was already a member of a group on a node that has just joined the cluster
+++CPG_REASON_PROCDOWN - the process left a group without calling cpg_leave()
+++CPG_REASON_UNDEFINED - a special value used for the member_list items
++ .ta
++ .fi
++ .RE
++diff --git a/man/cpg_model_initialize.3.in b/man/cpg_model_initialize.3.in
++index e06325d..17ca16a 100644
++--- a/man/cpg_model_initialize.3.in
+++++ b/man/cpg_model_initialize.3.in
++@@ -1,5 +1,5 @@
++ .\"/*
++-.\" * Copyright (c) 2010 Red Hat, Inc.
+++.\" * Copyright (c) 2010-2019 Red Hat, Inc.
++ .\" *
++ .\" * All rights reserved.
++ .\" *
++@@ -32,7 +32,7 @@
++ .\" * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
++ .\" * THE POSSIBILITY OF SUCH DAMAGE.
++ .\" */
++-.TH CPG_MODEL_INITIALIZE 3 2010-04-07 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual"
+++.TH CPG_MODEL_INITIALIZE 3 2019-04-16 "corosync Man Page" "Corosync Cluster Engine Programmer's Manual"
++ .SH NAME
++ cpg_model_initialize \- Create a new connection to the CPG service
++ .SH SYNOPSIS
++@@ -166,18 +166,20 @@ struct cpg_address {
++ .IP
++ .PP
++ where nodeid is a 32 bit unique node identifier, pid is the process ID of the process that has joined/left the group
++-or sent the message, and reason is an integer code indicating why the node joined/left the group.
+++or sent the message, and reason is an integer code indicating why the node joined/left the group (this value is not
+++set for the member_list items).
++ .PP
++ .IP
++ .RS
++ .ne 18
++ .nf
++ .PP
++-CPG_REASON_JOIN - the process joined a group using cpg_join().
++-CPG_REASON_LEAVE - the process left a group using cpg_leave()
++-CPG_REASON_NODEDOWN - the process left a group because the node left the cluster.
++-CPG_REASON_NODEUP - the process joined a group because it was already a member of a group on a node that has just joined the cluster
++-CPG_REASON_PROCDOWN - the process left a group without calling cpg_leave()
+++CPG_REASON_JOIN - the process joined a group using cpg_join().
+++CPG_REASON_LEAVE - the process left a group using cpg_leave()
+++CPG_REASON_NODEDOWN - the process left a group because the node left the cluster.
+++CPG_REASON_NODEUP - the process joined a group because it was already a member of a group on a node that has just joined the cluster
+++CPG_REASON_PROCDOWN - the process left a group without calling cpg_leave()
+++CPG_REASON_UNDEFINED - a special value used for the member_list items
++ .ta
++ .fi
++ .RE
++diff --git a/exec/cpg.c b/exec/cpg.c
++index b7ac579..e39ca34 100644
++--- a/exec/cpg.c
+++++ b/exec/cpg.c
++@@ -1,5 +1,5 @@
++ /*
++- * Copyright (c) 2006-2015 Red Hat, Inc.
+++ * Copyright (c) 2006-2019 Red Hat, Inc.
++ *
++ * All rights reserved.
++ *
++@@ -712,6 +712,7 @@ static int notify_lib_joinlist(
++ if (!founded) {
++ retgi->nodeid = pi->nodeid;
++ retgi->pid = pi->pid;
+++ retgi->reason = CPG_REASON_UNDEFINED;
++ retgi++;
++ }
++ }
+diff --git a/debian/patches/cpg-Add-more-comments-to-notify_lib_joinlist.patch b/debian/patches/cpg-Add-more-comments-to-notify_lib_joinlist.patch
+new file mode 100644
+index 00000000..e32102fa
+--- /dev/null
++++ b/debian/patches/cpg-Add-more-comments-to-notify_lib_joinlist.patch
+@@ -0,0 +1,193 @@
++From: Jan Friesse <jfriesse@redhat.com>
++Date: Wed, 15 May 2019 17:39:13 +0200
++Subject: cpg: Add more comments to notify_lib_joinlist
++
++And make handling of left_list more generic. Also free skiplist
++allocated by joinlist_inform_clients function. Last (but not least)
++remove czechlish founded (should have been pp of "find").
++
++Signed-off-by: Jan Friesse <jfriesse@redhat.com>
++(cherry picked from commit 10702c7e6c0cf8164ad8f05acb4e334461555973)
++---
++ exec/cpg.c | 91 +++++++++++++++++++++++++++++++++++++++++---------------------
++ 1 file changed, 60 insertions(+), 31 deletions(-)
++
++diff --git a/exec/cpg.c b/exec/cpg.c
++index e04ba57..2ecdc6b 100644
++--- a/exec/cpg.c
+++++ b/exec/cpg.c
++@@ -663,31 +663,37 @@ static int notify_lib_joinlist(
++ int size;
++ char *buf;
++ struct qb_list_head *iter;
++- int count;
+++ int member_list_entries;
++ struct res_lib_cpg_confchg_callback *res;
++ mar_cpg_address_t *retgi;
+++ int i;
++
++- count = 0;
+++ /*
+++ * Find size of member_list (use process_info_list but remove items in left_list)
+++ */
+++ member_list_entries = 0;
++
++ qb_list_for_each(iter, &process_info_list_head) {
++ struct process_info *pi = qb_list_entry (iter, struct process_info, list);
+++
++ if (mar_name_compare (&pi->group, group_name) == 0) {
++- int i;
++- int founded = 0;
+++ int in_left_list = 0;
++
++ for (i = 0; i < left_list_entries; i++) {
++ if (left_list[i].nodeid == pi->nodeid && left_list[i].pid == pi->pid) {
++- founded++;
+++ in_left_list = 1;
+++ break ;
++ }
++ }
++
++- if (!founded)
++- count++;
+++ if (!in_left_list) {
+++ member_list_entries++;
+++ }
++ }
++ }
++
++ size = sizeof(struct res_lib_cpg_confchg_callback) +
++- sizeof(mar_cpg_address_t) * (count + left_list_entries + joined_list_entries);
+++ sizeof(mar_cpg_address_t) * (member_list_entries + left_list_entries + joined_list_entries);
++ buf = alloca(size);
++ if (!buf)
++ return CS_ERR_LIBRARY;
++@@ -695,27 +701,30 @@ static int notify_lib_joinlist(
++ res = (struct res_lib_cpg_confchg_callback *)buf;
++ res->joined_list_entries = joined_list_entries;
++ res->left_list_entries = left_list_entries;
++- res->member_list_entries = count;
+++ res->member_list_entries = member_list_entries;
++ retgi = res->member_list;
++ res->header.size = size;
++ res->header.id = id;
++ res->header.error = CS_OK;
++ memcpy(&res->group_name, group_name, sizeof(mar_cpg_name_t));
++
+++ /*
+++ * Fill res->memberlist. Use process_info_list but remove items in left_list.
+++ */
++ qb_list_for_each(iter, &process_info_list_head) {
++- struct process_info *pi=qb_list_entry (iter, struct process_info, list);
+++ struct process_info *pi = qb_list_entry (iter, struct process_info, list);
++
++ if (mar_name_compare (&pi->group, group_name) == 0) {
++- int i;
++- int founded = 0;
+++ int in_left_list = 0;
++
++- for (i = 0;i < left_list_entries; i++) {
+++ for (i = 0; i < left_list_entries; i++) {
++ if (left_list[i].nodeid == pi->nodeid && left_list[i].pid == pi->pid) {
++- founded++;
+++ in_left_list = 1;
+++ break ;
++ }
++ }
++
++- if (!founded) {
+++ if (!in_left_list) {
++ retgi->nodeid = pi->nodeid;
++ retgi->pid = pi->pid;
++ retgi->reason = CPG_REASON_UNDEFINED;
++@@ -724,23 +733,30 @@ static int notify_lib_joinlist(
++ }
++ }
++
+++ /*
+++ * Fill res->left_list
+++ */
++ if (left_list_entries) {
++ memcpy (retgi, left_list, left_list_entries * sizeof(mar_cpg_address_t));
++ retgi += left_list_entries;
++ }
++
++ if (joined_list_entries) {
++- int i;
++-
+++ /*
+++ * Fill res->joined_list
+++ */
++ memcpy (retgi, joined_list, joined_list_entries * sizeof(mar_cpg_address_t));
++ retgi += joined_list_entries;
++
++- for (i=0; i < joined_list_entries; i++) {
+++ /*
+++ * Update cpd_state for all local joined processes in group
+++ */
+++ for (i = 0; i < joined_list_entries; i++) {
++ if (joined_list[i].nodeid == api->totem_nodeid_get()) {
++- qb_list_for_each(iter, &cpg_pd_list_head) {
+++ qb_list_for_each(iter, &cpg_pd_list_head) {
++ struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list);
++- if (mar_name_compare (&cpd->group_name, group_name) == 0 &&
++- joined_list[i].pid == cpd->pid) {
+++ if (joined_list[i].pid == cpd->pid &&
+++ mar_name_compare (&cpd->group_name, group_name) == 0) {
++ cpd->cpd_state = CPD_STATE_JOIN_COMPLETED;
++ }
++ }
++@@ -748,6 +764,9 @@ static int notify_lib_joinlist(
++ }
++ }
++
+++ /*
+++ * Send notification to all ipc clients joined in group_name
+++ */
++ qb_list_for_each(iter, &cpg_pd_list_head) {
++ struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list);
++ if (mar_name_compare (&cpd->group_name, group_name) == 0) {
++@@ -760,16 +779,25 @@ static int notify_lib_joinlist(
++ }
++ }
++
++- if (left_list_entries &&
++- left_list[0].nodeid == api->totem_nodeid_get() &&
++- left_list[0].reason == CONFCHG_CPG_REASON_LEAVE) {
++- qb_list_for_each(iter, &cpg_pd_list_head) {
++- struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list);
++- if (mar_name_compare (&cpd->group_name, group_name) == 0 &&
++- left_list[0].pid == cpd->pid) {
++- cpd->pid = 0;
++- memset (&cpd->group_name, 0, sizeof(cpd->group_name));
++- cpd->cpd_state = CPD_STATE_UNJOINED;
+++ if (left_list_entries) {
+++ /*
+++ * Zero internal cpd state for all local processes leaving group
+++ * (this loop is not strictly needed because left_list always either
+++ * contains exactly one process running on local node or more items
+++ * but none of them is running on local node)
+++ */
+++ for (i = 0; i < joined_list_entries; i++) {
+++ if (left_list[i].nodeid == api->totem_nodeid_get() &&
+++ left_list[i].reason == CONFCHG_CPG_REASON_LEAVE) {
+++ qb_list_for_each(iter, &cpg_pd_list_head) {
+++ struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list);
+++ if (left_list[i].pid == cpd->pid &&
+++ mar_name_compare (&cpd->group_name, group_name) == 0) {
+++ cpd->pid = 0;
+++ memset (&cpd->group_name, 0, sizeof(cpd->group_name));
+++ cpd->cpd_state = CPD_STATE_UNJOINED;
+++ }
+++ }
++ }
++ }
++ }
++@@ -966,6 +994,7 @@ static void joinlist_inform_clients (void)
++ free(jld);
++ }
++ qb_map_iter_free(miter);
+++ qb_map_destroy(group_notify_map);
++
++ joinlist_remove_zombie_pi_entries ();
++ }
+diff --git a/debian/patches/cpg-Move-filling-of-member_list-to-subfunction.patch b/debian/patches/cpg-Move-filling-of-member_list-to-subfunction.patch
+new file mode 100644
+index 00000000..9ec65353
+--- /dev/null
++++ b/debian/patches/cpg-Move-filling-of-member_list-to-subfunction.patch
+@@ -0,0 +1,130 @@
++From: Jan Friesse <jfriesse@redhat.com>
++Date: Thu, 16 May 2019 14:08:25 +0200
++Subject: cpg: Move filling of member_list to subfunction
++
++Signed-off-by: Jan Friesse <jfriesse@redhat.com>
++(cherry picked from commit 0c1de94461368b4a924b516b77691e6ec471dcb0)
++---
++ exec/cpg.c | 86 ++++++++++++++++++++++++++++++++++++--------------------------
++ 1 file changed, 50 insertions(+), 36 deletions(-)
++
++diff --git a/exec/cpg.c b/exec/cpg.c
++index 2ecdc6b..98a16a6 100644
++--- a/exec/cpg.c
+++++ b/exec/cpg.c
++@@ -652,26 +652,27 @@ static int notify_lib_totem_membership (
++ return CS_OK;
++ }
++
++-static int notify_lib_joinlist(
+++/*
+++ * Helper function for notify_lib_joinlist which prepares member_list using
+++ * process_info_list with removed left_list items.
+++ * member_list_entries - When not NULL it contains number of member_list entries
+++ * member_list - When not NULL it is used as pointer to start of preallocated
+++ * array of members. Pointer is adjusted to the end of array on
+++ * exit.
+++ */
+++static void notify_lib_joinlist_fill_member_list(
++ const mar_cpg_name_t *group_name,
++- int joined_list_entries,
++- mar_cpg_address_t *joined_list,
++ int left_list_entries,
++- mar_cpg_address_t *left_list,
++- int id)
+++ const mar_cpg_address_t *left_list,
+++ int *member_list_entries,
+++ mar_cpg_address_t **member_list)
++ {
++- int size;
++- char *buf;
++ struct qb_list_head *iter;
++- int member_list_entries;
++- struct res_lib_cpg_confchg_callback *res;
++- mar_cpg_address_t *retgi;
++ int i;
++
++- /*
++- * Find size of member_list (use process_info_list but remove items in left_list)
++- */
++- member_list_entries = 0;
+++ if (member_list_entries != NULL) {
+++ *member_list_entries = 0;
+++ }
++
++ qb_list_for_each(iter, &process_info_list_head) {
++ struct process_info *pi = qb_list_entry (iter, struct process_info, list);
++@@ -687,10 +688,42 @@ static int notify_lib_joinlist(
++ }
++
++ if (!in_left_list) {
++- member_list_entries++;
+++ if (member_list_entries != NULL) {
+++ (*member_list_entries)++;
+++ }
+++
+++ if (member_list != NULL) {
+++ (*member_list)->nodeid = pi->nodeid;
+++ (*member_list)->pid = pi->pid;
+++ (*member_list)->reason = CPG_REASON_UNDEFINED;
+++ (*member_list)++;
+++ }
++ }
++ }
++ }
+++}
+++
+++static int notify_lib_joinlist(
+++ const mar_cpg_name_t *group_name,
+++ int joined_list_entries,
+++ mar_cpg_address_t *joined_list,
+++ int left_list_entries,
+++ mar_cpg_address_t *left_list,
+++ int id)
+++{
+++ int size;
+++ char *buf;
+++ struct qb_list_head *iter;
+++ int member_list_entries;
+++ struct res_lib_cpg_confchg_callback *res;
+++ mar_cpg_address_t *retgi;
+++ int i;
+++
+++ /*
+++ * Find size of member_list (use process_info_list but remove items in left_list)
+++ */
+++ notify_lib_joinlist_fill_member_list(group_name, left_list_entries, left_list,
+++ &member_list_entries, NULL);
++
++ size = sizeof(struct res_lib_cpg_confchg_callback) +
++ sizeof(mar_cpg_address_t) * (member_list_entries + left_list_entries + joined_list_entries);
++@@ -711,27 +744,8 @@ static int notify_lib_joinlist(
++ /*
++ * Fill res->memberlist. Use process_info_list but remove items in left_list.
++ */
++- qb_list_for_each(iter, &process_info_list_head) {
++- struct process_info *pi = qb_list_entry (iter, struct process_info, list);
++-
++- if (mar_name_compare (&pi->group, group_name) == 0) {
++- int in_left_list = 0;
++-
++- for (i = 0; i < left_list_entries; i++) {
++- if (left_list[i].nodeid == pi->nodeid && left_list[i].pid == pi->pid) {
++- in_left_list = 1;
++- break ;
++- }
++- }
++-
++- if (!in_left_list) {
++- retgi->nodeid = pi->nodeid;
++- retgi->pid = pi->pid;
++- retgi->reason = CPG_REASON_UNDEFINED;
++- retgi++;
++- }
++- }
++- }
+++ notify_lib_joinlist_fill_member_list(group_name, left_list_entries, left_list,
+++ NULL, &retgi);
++
++ /*
++ * Fill res->left_list
+diff --git a/debian/patches/cpg-notify_lib_joinlist-drop-conn-parameter.patch b/debian/patches/cpg-notify_lib_joinlist-drop-conn-parameter.patch
+new file mode 100644
+index 00000000..e1742bf9
+--- /dev/null
++++ b/debian/patches/cpg-notify_lib_joinlist-drop-conn-parameter.patch
+@@ -0,0 +1,112 @@
++From: =?utf-8?q?Fabian_Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>
++Date: Wed, 15 May 2019 13:45:13 +0200
++Subject: cpg: notify_lib_joinlist: drop conn parameter
++
++since it is always set to NULL.
++
++(cherry picked from commit d5e9723695b2ae63162b238300013d785e875ea7)
++---
++ exec/cpg.c | 54 ++++++++++++++++++++++++------------------------------
++ 1 file changed, 24 insertions(+), 30 deletions(-)
++
++diff --git a/exec/cpg.c b/exec/cpg.c
++index e39ca34..b752cc1 100644
++--- a/exec/cpg.c
+++++ b/exec/cpg.c
++@@ -647,7 +647,6 @@ static int notify_lib_totem_membership (
++
++ static int notify_lib_joinlist(
++ const mar_cpg_name_t *group_name,
++- void *conn,
++ int joined_list_entries,
++ mar_cpg_address_t *joined_list,
++ int left_list_entries,
++@@ -728,40 +727,35 @@ static int notify_lib_joinlist(
++ retgi += joined_list_entries;
++ }
++
++- if (conn) {
++- api->ipc_dispatch_send (conn, buf, size);
++- } else {
++ qb_list_for_each(iter, &cpg_pd_list_head) {
++- struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list);
++- if (mar_name_compare (&cpd->group_name, group_name) == 0) {
++- assert (joined_list_entries <= 1);
++- if (joined_list_entries) {
++- if (joined_list[0].pid == cpd->pid &&
++- joined_list[0].nodeid == api->totem_nodeid_get()) {
++- cpd->cpd_state = CPD_STATE_JOIN_COMPLETED;
++- }
+++ struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list);
+++ if (mar_name_compare (&cpd->group_name, group_name) == 0) {
+++ assert (joined_list_entries <= 1);
+++ if (joined_list_entries) {
+++ if (joined_list[0].pid == cpd->pid &&
+++ joined_list[0].nodeid == api->totem_nodeid_get()) {
+++ cpd->cpd_state = CPD_STATE_JOIN_COMPLETED;
++ }
++- if (cpd->cpd_state == CPD_STATE_JOIN_COMPLETED ||
++- cpd->cpd_state == CPD_STATE_LEAVE_STARTED) {
+++ }
+++ if (cpd->cpd_state == CPD_STATE_JOIN_COMPLETED ||
+++ cpd->cpd_state == CPD_STATE_LEAVE_STARTED) {
++
++- api->ipc_dispatch_send (cpd->conn, buf, size);
++- cpd->transition_counter++;
++- }
++- if (left_list_entries) {
++- if (left_list[0].pid == cpd->pid &&
++- left_list[0].nodeid == api->totem_nodeid_get() &&
++- left_list[0].reason == CONFCHG_CPG_REASON_LEAVE) {
++-
++- cpd->pid = 0;
++- memset (&cpd->group_name, 0, sizeof(cpd->group_name));
++- cpd->cpd_state = CPD_STATE_UNJOINED;
++- }
+++ api->ipc_dispatch_send (cpd->conn, buf, size);
+++ cpd->transition_counter++;
+++ }
+++ if (left_list_entries) {
+++ if (left_list[0].pid == cpd->pid &&
+++ left_list[0].nodeid == api->totem_nodeid_get() &&
+++ left_list[0].reason == CONFCHG_CPG_REASON_LEAVE) {
+++
+++ cpd->pid = 0;
+++ memset (&cpd->group_name, 0, sizeof(cpd->group_name));
+++ cpd->cpd_state = CPD_STATE_UNJOINED;
++ }
++ }
++ }
++ }
++
++-
++ /*
++ * Traverse thru cpds and send totem membership for cpd, where it is not send yet
++ */
++@@ -858,7 +852,7 @@ static void downlist_inform_clients (void)
++ }
++
++ /* send confchg event */
++- notify_lib_joinlist(&group, NULL,
+++ notify_lib_joinlist(&group,
++ 0, NULL,
++ pcd->left_list_entries,
++ pcd->left_list,
++@@ -1157,7 +1151,7 @@ static void do_proc_join(
++ notify_info.nodeid = nodeid;
++ notify_info.reason = reason;
++
++- notify_lib_joinlist(&pi->group, NULL,
+++ notify_lib_joinlist(&pi->group,
++ 1, ¬ify_info,
++ 0, NULL,
++ MESSAGE_RES_CPG_CONFCHG_CALLBACK);
++@@ -1177,7 +1171,7 @@ static void do_proc_leave(
++ notify_info.nodeid = nodeid;
++ notify_info.reason = reason;
++
++- notify_lib_joinlist(name, NULL,
+++ notify_lib_joinlist(name,
++ 0, NULL,
++ 1, ¬ify_info,
++ MESSAGE_RES_CPG_CONFCHG_CALLBACK);
+diff --git a/debian/patches/cpg-send-single-confchg-event-per-group-on-joinlist.patch b/debian/patches/cpg-send-single-confchg-event-per-group-on-joinlist.patch
+new file mode 100644
+index 00000000..013baaa0
+--- /dev/null
++++ b/debian/patches/cpg-send-single-confchg-event-per-group-on-joinlist.patch
+@@ -0,0 +1,199 @@
++From: =?utf-8?q?Fabian_Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>
++Date: Wed, 8 May 2019 16:31:15 +0200
++Subject: cpg: send single confchg event per group on joinlist
++MIME-Version: 1.0
++Content-Type: text/plain; charset="utf-8"
++Content-Transfer-Encoding: 8bit
++
++using a similar approach to
++
++43bead364514e8ae2ba00bcf07c460e31d0b1765 "Send one confchg event per CPG group to CPG client"
++
++which did the same for leave events on a network partition.
++
++Fixes: #351
++
++Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
++(cherry picked from commit 9c60289b831ef0b138142c3fc39c9a9da8a2ada2)
++---
++ exec/cpg.c | 97 ++++++++++++++++++++++++++++++++++++++++++++++----------------
++ 1 file changed, 73 insertions(+), 24 deletions(-)
++
++diff --git a/exec/cpg.c b/exec/cpg.c
++index b752cc1..e04ba57 100644
++--- a/exec/cpg.c
+++++ b/exec/cpg.c
++@@ -194,6 +194,12 @@ struct join_list_entry {
++ mar_cpg_name_t group_name;
++ };
++
+++struct join_list_confchg_data {
+++ mar_cpg_name_t cpg_group;
+++ mar_cpg_address_t join_list[CPG_MEMBERS_MAX];
+++ int join_list_entries;
+++};
+++
++ /*
++ * Service Interfaces required by service_message_handler struct
++ */
++@@ -312,7 +318,8 @@ static void do_proc_join(
++ const mar_cpg_name_t *name,
++ uint32_t pid,
++ unsigned int nodeid,
++- int reason);
+++ int reason,
+++ qb_map_t *group_notify_map);
++
++ static void do_proc_leave(
++ const mar_cpg_name_t *name,
++@@ -723,35 +730,46 @@ static int notify_lib_joinlist(
++ }
++
++ if (joined_list_entries) {
+++ int i;
+++
++ memcpy (retgi, joined_list, joined_list_entries * sizeof(mar_cpg_address_t));
++ retgi += joined_list_entries;
+++
+++ for (i=0; i < joined_list_entries; i++) {
+++ if (joined_list[i].nodeid == api->totem_nodeid_get()) {
+++ qb_list_for_each(iter, &cpg_pd_list_head) {
+++ struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list);
+++ if (mar_name_compare (&cpd->group_name, group_name) == 0 &&
+++ joined_list[i].pid == cpd->pid) {
+++ cpd->cpd_state = CPD_STATE_JOIN_COMPLETED;
+++ }
+++ }
+++ }
+++ }
++ }
++
++ qb_list_for_each(iter, &cpg_pd_list_head) {
++ struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list);
++ if (mar_name_compare (&cpd->group_name, group_name) == 0) {
++- assert (joined_list_entries <= 1);
++- if (joined_list_entries) {
++- if (joined_list[0].pid == cpd->pid &&
++- joined_list[0].nodeid == api->totem_nodeid_get()) {
++- cpd->cpd_state = CPD_STATE_JOIN_COMPLETED;
++- }
++- }
++ if (cpd->cpd_state == CPD_STATE_JOIN_COMPLETED ||
++ cpd->cpd_state == CPD_STATE_LEAVE_STARTED) {
++
++ api->ipc_dispatch_send (cpd->conn, buf, size);
++ cpd->transition_counter++;
++ }
++- if (left_list_entries) {
++- if (left_list[0].pid == cpd->pid &&
++- left_list[0].nodeid == api->totem_nodeid_get() &&
++- left_list[0].reason == CONFCHG_CPG_REASON_LEAVE) {
++-
++- cpd->pid = 0;
++- memset (&cpd->group_name, 0, sizeof(cpd->group_name));
++- cpd->cpd_state = CPD_STATE_UNJOINED;
++- }
+++ }
+++ }
+++
+++ if (left_list_entries &&
+++ left_list[0].nodeid == api->totem_nodeid_get() &&
+++ left_list[0].reason == CONFCHG_CPG_REASON_LEAVE) {
+++ qb_list_for_each(iter, &cpg_pd_list_head) {
+++ struct cpg_pd *cpd = qb_list_entry (iter, struct cpg_pd, list);
+++ if (mar_name_compare (&cpd->group_name, group_name) == 0 &&
+++ left_list[0].pid == cpd->pid) {
+++ cpd->pid = 0;
+++ memset (&cpd->group_name, 0, sizeof(cpd->group_name));
+++ cpd->cpd_state = CPD_STATE_UNJOINED;
++ }
++ }
++ }
++@@ -915,6 +933,11 @@ static void joinlist_inform_clients (void)
++ struct joinlist_msg *stored_msg;
++ struct qb_list_head *iter;
++ unsigned int i;
+++ qb_map_t *group_notify_map;
+++ qb_map_iter_t *miter;
+++ struct join_list_confchg_data *jld;
+++
+++ group_notify_map = qb_skiplist_create();
++
++ i = 0;
++ qb_list_for_each(iter, &joinlist_messages_head) {
++@@ -931,9 +954,19 @@ static void joinlist_inform_clients (void)
++ }
++
++ do_proc_join (&stored_msg->group_name, stored_msg->pid, stored_msg->sender_nodeid,
++- CONFCHG_CPG_REASON_NODEUP);
+++ CONFCHG_CPG_REASON_NODEUP, group_notify_map);
++ }
++
+++ miter = qb_map_iter_create(group_notify_map);
+++ while (qb_map_iter_next(miter, (void **)&jld)) {
+++ notify_lib_joinlist(&jld->cpg_group,
+++ jld->join_list_entries, jld->join_list,
+++ 0, NULL,
+++ MESSAGE_RES_CPG_CONFCHG_CALLBACK);
+++ free(jld);
+++ }
+++ qb_map_iter_free(miter);
+++
++ joinlist_remove_zombie_pi_entries ();
++ }
++
++@@ -1111,13 +1144,15 @@ static void do_proc_join(
++ const mar_cpg_name_t *name,
++ uint32_t pid,
++ unsigned int nodeid,
++- int reason)
+++ int reason,
+++ qb_map_t *group_notify_map)
++ {
++ struct process_info *pi;
++ struct process_info *pi_entry;
++ mar_cpg_address_t notify_info;
++ struct qb_list_head *list;
++ struct qb_list_head *list_to_add = NULL;
+++ int size;
++
++ if (process_info_find (name, pid, nodeid) != NULL) {
++ return ;
++@@ -1151,10 +1186,24 @@ static void do_proc_join(
++ notify_info.nodeid = nodeid;
++ notify_info.reason = reason;
++
++- notify_lib_joinlist(&pi->group,
++- 1, ¬ify_info,
++- 0, NULL,
++- MESSAGE_RES_CPG_CONFCHG_CALLBACK);
+++ if (group_notify_map == NULL) {
+++ notify_lib_joinlist(&pi->group,
+++ 1, ¬ify_info,
+++ 0, NULL,
+++ MESSAGE_RES_CPG_CONFCHG_CALLBACK);
+++ } else {
+++ struct join_list_confchg_data *jld = qb_map_get(group_notify_map, pi->group.value);
+++ if (jld == NULL) {
+++ jld = (struct join_list_confchg_data *)calloc(1, sizeof(struct join_list_confchg_data));
+++ memcpy(&jld->cpg_group, &pi->group, sizeof(mar_cpg_name_t));
+++ qb_map_put(group_notify_map, jld->cpg_group.value, jld);
+++ }
+++ size = jld->join_list_entries;
+++ jld->join_list[size].nodeid = notify_info.nodeid;
+++ jld->join_list[size].pid = notify_info.pid;
+++ jld->join_list[size].reason = notify_info.reason;
+++ jld->join_list_entries++;
+++ }
++ }
++
++ static void do_proc_leave(
++@@ -1219,7 +1268,7 @@ static void message_handler_req_exec_cpg_procjoin (
++
++ do_proc_join (&req_exec_cpg_procjoin->group_name,
++ req_exec_cpg_procjoin->pid, nodeid,
++- CONFCHG_CPG_REASON_JOIN);
+++ CONFCHG_CPG_REASON_JOIN, NULL);
++ }
++
++ static void message_handler_req_exec_cpg_procleave (
+diff --git a/debian/patches/series b/debian/patches/series
+index 6f18c886..324cc365 100644
+--- a/debian/patches/series
++++ b/debian/patches/series
+@@ -12,3 +12,8 @@ set-totem.keyfile-and-totem.key-to-RO.patch
+ keygen-Reflect-change-in-knet.patch
+ totemconfig-Remove-support-for-3des.patch
+ crypto-re-introduce-secauth-parameter.patch
++cpg-Add-CPG_REASON_UNDEFINED.patch
++cpg-notify_lib_joinlist-drop-conn-parameter.patch
++cpg-send-single-confchg-event-per-group-on-joinlist.patch
++cpg-Add-more-comments-to-notify_lib_joinlist.patch
++cpg-Move-filling-of-member_list-to-subfunction.patch
projects / corosync-pve.git / commitdiff