glusterfs.git/xlators/protocol, branch v4.1.7 protocol: remove the option 'verify-volfile-checksum' 2018-11-12T15:38:44+00:00 Amar Tumballi amarts@redhat.com 2018-11-01T01:46:32+00:00 f87246d11d69b01b05a593b8378469d1cc67fdbc 'getspec' operation is not used between 'client' and 'server' ever since we have off-loaded volfile management to glusterd, ie, at least 7 years. No reason to keep the dead code! The removed option had no meaning, as glusterd didn't provide a way to set (or unset) this option. So, no regression should be observed from any of the existing glusterfs deployment, supported or unsupported. Updates: CVE-2018-14653 Updates: bz#1647670 Change-Id: I4a2e0f673c5bcd4644976a61dbd2d37003a428eb Signed-off-by: Amar Tumballi <amarts@redhat.com> 
'getspec' operation is not used between 'client' and 'server' ever since
we have off-loaded volfile management to glusterd, ie, at least 7 years.

No reason to keep the dead code! The removed option had no meaning,
as glusterd didn't provide a way to set (or unset) this option. So,
no regression should be observed from any of the existing glusterfs
deployment, supported or unsupported.

Updates: CVE-2018-14653

Updates: bz#1647670
Change-Id: I4a2e0f673c5bcd4644976a61dbd2d37003a428eb
Signed-off-by: Amar Tumballi <amarts@redhat.com>
server: don't allow '/' in basename 2018-11-09T14:04:35+00:00 Amar Tumballi amarts@redhat.com 2018-11-08T05:32:32+00:00 f0b5816f775ee75d42946694f031e70616a98cd9 Server stack needs to have all the sort of validation, assuming clients can be compromized. It is possible for a compromized client to send basenames with paths with '/', and with that create files without permission on server. By sanitizing the basename, and not allowing anything other than actual directory as the parent for any entry creation, we can mitigate the effects of clients not able to exploit the server. Fixes: CVE-2018-14651 Fixes: bz#1647667 Change-Id: I5dc0da0da2713452ff2b65ac2ddbccf1a267dc20 Signed-off-by: Amar Tumballi <amarts@redhat.com> 
Server stack needs to have all the sort of validation, assuming
clients can be compromized. It is possible for a compromized
client to send basenames with paths with '/', and with that
create files without permission on server. By sanitizing the basename,
and not allowing anything other than actual directory as the parent
for any entry creation, we can mitigate the effects of clients
not able to exploit the server.

Fixes: CVE-2018-14651

Fixes: bz#1647667
Change-Id: I5dc0da0da2713452ff2b65ac2ddbccf1a267dc20
Signed-off-by: Amar Tumballi <amarts@redhat.com>
protocol: don't use alloca 2018-09-06T15:02:15+00:00 Amar Tumballi amarts@redhat.com 2018-07-24T08:26:56+00:00 3c66ee967cf7377595c714693e6e9a70861cf822 current implementation of alloca can cause issues when strings larger than the allocated buffer is passed to the xdr. Hence it makes sense to allow XDR decode functions to deal with memory allocations, which we can free later. Fixes: bz#1625097 Change-Id: I3a05553f5702de9575c244649ca0e5ac9abaac94 Signed-off-by: Amar Tumballi <amarts@redhat.com> 
current implementation of alloca can cause issues when strings larger
than the allocated buffer is passed to the xdr. Hence it makes sense
to allow XDR decode functions to deal with memory allocations, which
we can free later.

Fixes: bz#1625097

Change-Id: I3a05553f5702de9575c244649ca0e5ac9abaac94
Signed-off-by: Amar Tumballi <amarts@redhat.com>
server-protocol: don't allow '../' path in 'name' 2018-09-06T15:00:58+00:00 Amar Tumballi amarts@redhat.com 2018-08-09T07:30:01+00:00 2af8e50a55085df7ede57184558029afc46fb8f9 This will prevent any arbitrary file creation through glusterfs by modifying the client bits. Also check for the similar flaw inside posix too, so we prevent any changes in layers in-between. Fixes: bz#1625095 Signed-off-by: Amar Tumballi <amarts@redhat.com> Change-Id: Id9fe0ef6e86459e8ed85ab947d977f058c5ae06e 
This will prevent any arbitrary file creation through glusterfs
by modifying the client bits.

Also check for the similar flaw inside posix too, so we prevent any
changes in layers in-between.

Fixes: bz#1625095

Signed-off-by: Amar Tumballi <amarts@redhat.com>
Change-Id: Id9fe0ef6e86459e8ed85ab947d977f058c5ae06e
protocol/server: Fix xdata leak in seek fop 2018-06-12T07:08:02+00:00 Pranith Kumar K pkarampu@redhat.com 2018-06-11T07:33:58+00:00 2cca9b4f1ca853c20be43213400f9a8803a71a7d Change-Id: I6125283ed22c04564f0b77bb7a50579a83e02eb0 fixes: bz#1590128 Signed-off-by: Pranith Kumar K <pkarampu@redhat.com> (cherry picked from commit fd5b48ea0afd907deb08604415bee14ab65f378b) 
Change-Id: I6125283ed22c04564f0b77bb7a50579a83e02eb0
fixes: bz#1590128
Signed-off-by: Pranith Kumar K <pkarampu@redhat.com>
(cherry picked from commit fd5b48ea0afd907deb08604415bee14ab65f378b)
protocol/client: Don't send fops till SETVOLUME is complete 2018-05-31T20:29:45+00:00 Raghavendra G rgowdapp@redhat.com 2018-05-30T04:04:44+00:00 4f591e873c0a38b662910f8e8a5768fd3e9bbeaa An earlier commit set conf->connected just after rpc layer sends RPC_CLNT_CONNECT event. However, success of socket level connection connection doesn't indicate brick stack is ready to receive fops, as an handshake has to be done b/w client and server after RPC_CLNT_CONNECT event. Any fop sent to brick in the window between, * protocol/client receiving RPC_CLNT_CONNECT event * protocol/client receiving a successful setvolume response can end up accessing an uninitialized brick stack. So, set conf->connected only after a successful SETVOLUME. Change-Id: I139a03d2da6b0d95a0d68391fcf54b00e749decf fixes: bz#1584633 Signed-off-by: Raghavendra G <rgowdapp@redhat.com> (cherry picked from commit 430e4872db43447c8a15b638760d23c188257139) 
An earlier commit set conf->connected just after rpc layer sends
RPC_CLNT_CONNECT event. However, success of socket level connection
connection doesn't indicate brick stack is ready to receive fops, as
an handshake has to be done b/w client and server after
RPC_CLNT_CONNECT event. Any fop sent to brick in the window between,
* protocol/client receiving RPC_CLNT_CONNECT event
* protocol/client receiving a successful setvolume response

can end up accessing an uninitialized brick stack. So, set
conf->connected only after a successful SETVOLUME.

Change-Id: I139a03d2da6b0d95a0d68391fcf54b00e749decf
fixes: bz#1584633
Signed-off-by: Raghavendra G <rgowdapp@redhat.com>
(cherry picked from commit 430e4872db43447c8a15b638760d23c188257139)
Revert "glusterfsd: Memleak in glusterfsd process while brick mux is on" 2018-05-25T02:05:37+00:00 Mohit Agrawal moagrawa@redhat.com 2018-05-23T03:40:11+00:00 b679fd4b73d9ec039029088769722887b61d750a Updates: bz#1582286 This reverts commit 7c3cc485054e4ede1efb358552135b432fb7047a. Change-Id: I831d646112bcfa13d0c2153482ad00ff1b23aa6c Signed-off-by: Mohit Agrawal <moagrawa@redhat.com> 
Updates: bz#1582286
This reverts commit 7c3cc485054e4ede1efb358552135b432fb7047a.
Change-Id: I831d646112bcfa13d0c2153482ad00ff1b23aa6c
Signed-off-by: Mohit Agrawal <moagrawa@redhat.com>
Revert "gluster: Sometimes Brick process is crashed at the time of stopping brick" 2018-05-25T02:05:37+00:00 Mohit Agrawal moagrawa@redhat.com 2018-05-23T03:36:04+00:00 7b95d5a4b3988757bf8c91f82dcaf86ed3da6875 Updates: bz#1582286 This reverts commit 0043c63f70776444f69667a4ef9596217ecb42b7. Change-Id: Iab3b4f4a54e122c589e515add93c6effc966b3e0 
Updates: bz#1582286
This reverts commit 0043c63f70776444f69667a4ef9596217ecb42b7.
Change-Id: Iab3b4f4a54e122c589e515add93c6effc966b3e0
Revert "server: fix unresolved symbols by moving them to libglusterfs" 2018-05-25T02:05:37+00:00 Mohit Agrawal moagrawa@redhat.com 2018-05-23T03:34:41+00:00 57dd3692d1a10d446db7fe919497335984e2cd3f Updates: bz#1582286 This reverts commit 408a6d07ababde234ddeafe16687aacd2b810b42. Change-Id: If8247d7980d698141f47130a3c532b942408ec2b 
Updates: bz#1582286
This reverts commit 408a6d07ababde234ddeafe16687aacd2b810b42.
Change-Id: If8247d7980d698141f47130a3c532b942408ec2b
feature/leases : fixing bugs found while testing glfs_test.t 2018-05-04T17:13:13+00:00 Jiffin Tony Thottan jthottan@redhat.com 2018-04-27T09:52:50+00:00 15866ac9773e89cd9e017e7d3bf8aa01a87edfd8 Change-Id: Iee8f431601ecda184108a079f665e05902b0f78b updates: #350 Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com> 
Change-Id: Iee8f431601ecda184108a079f665e05902b0f78b
updates: #350
Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com>