Commit Graph

218 Commits

Author SHA1 Message Date
liangxin1300
f0e1eaff2d totemconfig: validate totem.transport value
Signed-off-by: liangxin1300 <XLiang@suse.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2020-09-03 16:00:31 +02:00
Christine Caulfield
5f71445be0 config: Allow reconfiguration of crypto options
Needs new knet crypto API.

If it's not available, then fall back to the old
API and forbid changing crypto while running.

To avoid us being dependant on the leader node, each
node sends its own crypto_reconfig_phase messages so
we can guarantee that the reconfiguration always completes
on each node.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2020-07-09 16:54:16 +02:00
Christine Caulfield
f8b63083e1 config: Fix crash when a reload fails twice
Have string values stored in char arrays in totem_config
so we don't get into a mess with the pointers.

Also remove vsftype (which hasn't been used since corosync 1)

Use strncpy even though we know the string is fine. Keep covscan happy

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2020-04-24 16:27:18 +02:00
Christine Caulfield
4ddc96cd4e config: Don't free pointers used by transports
reload failed for UDP[U] because they had saved pointers
to the interfaces[] array. so memcpy into that rather then
re-allocate it.

Also, move the check for different IP address families so
it also gets run at reload time.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2020-04-24 16:27:09 +02:00
Christine Caulfield
7cb539e2e3 config: don't reload vquorum if reload fails
Fix an 'error: success' stype message by propogating error_string
back down the stack.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2020-04-24 16:27:01 +02:00
Christine Caulfield
f078fff6eb config: Reorganise the config system
To be more reliable & maintainable

The basic plan here is to fix reloads to be more stable
using read/parse/verify/build/commit stages, so that any errors
will not leave corosync in an unstable state. This should
also make the code more maintainable as currently the verify/commit
stages are horribly intertwined.

Also:
- Fix local_node_pos not being updated in the new map during validation
 (broke adding and removing new nodes in the middle of the list).
- Fix reconfiguration so that nodes are indexed by nodeid and not their
  position in the list. This is an old bug that's just been carried
  over

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2020-04-24 16:26:44 +02:00
Jan Friesse
a24cbad590 totemconfig: Initialize warnings variable
Signed-off-by: Jan Friesse <jfriesse@redhat.com>
2019-11-28 09:44:44 +01:00
Jan Friesse
e925e389a2 totemconfig: Reuse already fetched pointer
Make code a bit readable and easier to process for coverity.

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
2019-11-28 09:44:44 +01:00
Jan Friesse
efe48120e2 totemconfig: Free leaks found by coverity
Signed-off-by: Jan Friesse <jfriesse@redhat.com>
2019-11-28 09:44:43 +01:00
Thomas Lamprecht
721c5d4b5b man: Fix corosync.conf knet pong count default
commit 029b8ebad6 changed the default
of the KNET_PONG_COUNT from the kronosnet default of 5 to 2, as
corosync bring up was deemed to slow.

The documentation, and the comment stating that the totem config
default values match the knet ones were not updated, and thus now out
of date.

Fixhis by noting the correct default of 2 for KNET_PONG_COUNT and
note that all but that one are in sync with the korosync defaults in
the comment.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2019-10-17 08:27:07 +02:00
Jan Friesse
5731af2782 logging: Add CS_PRI_NODE_ID and CS_PRI_RING_ID
Previously node id was logged ether as a %d (most often), %u, %x or
PRI.32 and ring id ether as %lld, %llx with various separators (., :, /)
between rep nodeid and seq. This seems to cause confusion.

This patch adds macros CS_PRI_NODE_ID, CS_PRI_RING_ID and
CS_PRI_RING_ID_SEQ (CS prefix = corosync, PRI modeled in spirit of
inttypes.h PRIx32) and makes code use them.

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
2019-07-03 10:53:52 +02:00
Jan Friesse
51fbd7bafe totemconfig: Fix compiler warning
Compiler is unable to understand relation between members and
num_configured and warns about uninitialized members. Instead of
initializing members to 0 and (potentially after some code
refactor) let code fall to display error message, more explicit method
of assert is used.

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
2019-06-17 17:44:10 +02:00
Thomas Lamprecht
816324c94c totem: fix check if all nodes have same number of links
configured links may not come in order in the interfaces array, which
holds an entry for _all_ possible links, not just configured ones.

So iterate through all interfaces, but skip those which are not
configured. This allows to start corosync with a configuration where
link 0 is currently not mentioned, as else it was checked but had
member_count = 0 from it's default initialization, which then made
this code report a false positive for the "Not all nodes have the
same number of links" check even on a correct config.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2019-06-17 12:29:30 +02:00
Thomas Lamprecht
7ada508a82 totem: fix check if all nodes have name attrs in multi-link setups
As totem_config->interfaces entries are _all_ possible links and not
only the configured ones we cannot trust that interface[0] is
configured at the time of checking, and thus has a valid
member_count. So set the members variable to the member_count entry
from an actually configured interface and loop over that one.

This fixes a case where the check for the name property on all nodes
for multi links was skipped if link 0 was not configured, as then its
member_count was 0.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2019-06-17 12:29:09 +02:00
Jan Friesse
299c9c5b70 totemconfig: ipaddr_equal use switch
Compiler may have problem understanding relation between addr1p and
addrlen. Small change makes code a little more readable and compiler
happy.

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
2019-06-12 15:40:50 +02:00
Jan Friesse
72737d3929 udpu: Drop packets from unlisted IPs
This feature allows corosync to block packets received from unknown
nodes (nodes with IP address which is not in the nodelist). This is
mainly for situations when "forgotten" node is booted and tries to join
cluster which already removed such node from configuration. Another use
case is to allow atomic reconfiguration and rejoin of two separate
clusters.

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
2019-05-29 16:30:10 +02:00
yuan ren
2a4cd3c4af totemconfig: Fix minimum limit for hold timeout
Make sure the retransmit timeout have the lowest limit
`MINIMUM_TIMEOUT`. So, the lowest limit of hold should be
recalculated.

Also token timeout and retransmits count should
keep a relational expression.

Signed-off-by: yuan ren <yren@suse.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2019-05-15 16:28:43 +02:00
Christine Caulfield
01ce5a96ef knet: Fix a couple of errors when adding a new link
When adding a new link for the first time you will often see:
1) knet_link_set_ping_timers for nodeid 1, link 1 failed: Invalid
argument (22)
2) New config has different knet transport for link 1. Internal value
was NOT changed. To reconfigure an interface it must be deleted and
recreated. A working interface needs to be available to corosync at all
times

1) is caused by setting the ping timers twice, once in
totemknet_member_add() and once in totemknet_refresh_config().
The first time we don't know the value
so it's zero and thus display an error. For this we simply check
for the zero and skip the knet API call. It's not ideal, but
totemconfig needs a lot of reconfiguring itself before we can
make this more sane.

2) was caused by simply comparing an unconfigured link with
a configured one, so OF COURSE, they are going to be different!

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2019-05-02 16:42:03 +02:00
yuan ren
70cda5d55f totemconfig: fix autogen mcastaddr for ipv6-4
When UDP is used as a transport, the error would occur
"Multicast address family does not match bind address family"
because there is no ipv6 in /etc/hosts specified but using the
totem.ip_version: ipv6-4. because
the mcastaddr generated (if not specified) only according to
the totem.ip_version.

Solution is to use bindnetaddr (configured or generated from
nodelist) addr family.

Signed-off-by: yuan ren <yren@suse.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2019-05-02 10:53:54 +02:00
Jan Friesse
3172a76d12 totemconfig: Ensure nodeid is specified for IPv6
Thanks Yuan Ren <yren@suse.com> for finding this problem.

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
2019-04-25 17:11:12 +02:00
Jan Friesse
d05c1593a1 totemconfig: ipaddr_equal check just addr part
Checking whole structure is fine for IPv4, but IPv6 contains also scope
id, what may be problem for local address. It's possible to use a zone
index, but because it's not required when host name is used, it
shouldn't be needed when IPv6 address is used.

Example configuration snip which fails without patch:

...
nodelist {
  node {
    nodeid: 1
      ring0_addr: fe80:🔢5678:9abc:def1
    }
}
...

(example succeed when %eth0 is used).

With patch, zone index is not needed.

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
2019-04-23 16:17:42 +02:00
Fabian Grünbichler
b97ca8e9f0 crypto: re-introduce secauth parameter
with the following semantics:
- default off
- implies crypto_hash SHA256 and crypto_cipher AES256
- crypto_* have higher precedence
- only applicable for knet, like crypto_*

this should make upgrading from Corosync 2.x less painful for users that
have an explicit secauth=on in their configuration.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2019-04-15 13:29:41 +02:00
Jan Friesse
d05636b738 totemconfig: Remove support for 3des
Triple DES is considered as a "weak cipher" since 2016 so there is
really no need to support it in the corosync. Thanks to bug in
Corosync/Knet/NSS which caused 3des to not work at all,
no matter what library was used, we can just remove support for 3des
without braking the compatibility.

Also fix coroparse so:
- totem.crypto_type is removed (this is 1.x construct which was not used
even in 2.x)
- Add checking of totem.crypto_model.
- Enumarate possible values for crypto_model, crypto_cipher and
crypto_hash error messages

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
2019-04-11 15:15:38 +02:00
Ferenc Wágner
ba24bef8bd More natural error messages
Signed-off-by: Ferenc Wágner <wferi@debian.org>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2019-01-03 09:48:51 +01:00
Jan Friesse
a84ade701c totemconfig: Enhance totem.ip_version
Originally totem.ip_version was used to force ip version used by totem.
With Knet this variable didn't make too much sense so it was not used.

Sadly rely only on DNS resolver order doesn't always work (RFC is quite
complicated, but if IPv6 is not configured then IPv4 is preferred), what
we tried to solve by forcing IPv6 and only if that fails, use IPv4.

Sadly this collides with nss_myhostname which is able to return every
local address and today system usually have at least one autogenerated
link-local IPv6 address so it is able to "overwrite" /etc/hosts.

Solution is to enhance totem.ip_version and use it also for Knet.
totem.ip_version is now just a flag for resolver and can have four
states: ipv4 (only IPv4 is used), ipv6 (only IPv6 is used), ipv4-6 (ask
IPv4 first and if it fails ask for IPv6) and ipv6-4 (ask IPv6 first and
if it fails ask for IPv4). Default for Knet and UDPU transports is
ipv6-4, for UDP it's ipv4, because autogenerated mcast addr doesn't play
too well with ipv6-4.

So everywhere where nss_myhostname becomes problem, it's just possible
to set totem.ip_version to ipv4-6.

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-12-14 10:56:06 +01:00
Jan Friesse
e17e3f4b81 totemconfig: Add IPs to family mismatch error
Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
2018-12-13 15:24:37 +01:00
Jan Friesse
41ce8fc640 totemconfig: Really use totemip_parse results
Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
2018-12-10 11:40:13 +01:00
Christine Caulfield
e6be234565 config: Disallow corosync-cmapctl updates of nodelist
It didn't work anyway (the config system requires whole links
to be configured at once) and caused crashes.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-12-06 14:30:34 +01:00
Christine Caulfield
ab941843d5 config: Report IP addr/nodename parse errors back
Corosync used to just ignore parse errors so that un-resolved names
could cause silent failures. We now always check the result from
totemip_parse() and at least print something in syslog.

There's also a little get-out here that allows you to correct
a bad node address without having to destroy and recreate the
whole link. I'm being nice to you.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-12-03 17:25:42 +01:00
Jan Friesse
29f46c56d0 main: Remove COROSYNC_TOTEM_AUTHKEY_FILE
Remove another environment variable (reasons similar to removal of
COROSYNC_MAIN_CONFIG_FILE).

Also properly document both totem.keyfile and totem.key.

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
2018-11-15 17:30:22 +01:00
Jan Friesse
bd338449ac totemconfig: Fix logging of freed string
Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
2018-10-29 17:45:19 +01:00
Christine Caulfield
707a9afa30 config: Allow generated nodeis for UDP & UDPU
The conversion to the new srp_addr format broke the feature where
UDP/UDPU nodes could get their nodeids generated from the IP address.

A big part of this was the removal of mandatory ring0_addr - it was used
as a placeholder when reading down the nodelist. I replaced this with
nodeid thinking that nodeid was now mandatory, forgetting this use case.
So the compare on "ring0_addr" or "nodeid" is now replaced with a more
robust check that we're only reading keys from the same node_pos once,
this was needed in votequorum.c as well as totemconfig.c

Another tidying side-effect of this patch is that the nodeid generation
is now all in a single routine in totemconfig.c and not shared between
it and totemip.c.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-10-25 18:21:02 +02:00
Jan Friesse
b13ab76e10 totemconfig: Replace strcpy by strncpy
Formally not needed, because totemip_print should not return string
longer than INET6_ADDRSTRLEN, but static analysis tools are not capable
of such conclusion.

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
2018-10-16 12:30:58 +02:00
Christine Caulfield
9f2d5a3a3f config: Fix crash in reload if new interfaces are added
This is a bug I seem to have introduced in
429209f4aa where we compare links
for changes. if a new node was added on an existing link then it
was compared against a non-existant one in the previous configuration.
We now only compare nodes that are in both interfaces.

As I needed min() for this function, I moved it from individual
.c files into util.h so we only have one copy.

And the error message was fixed.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-10-15 15:54:57 +02:00
Chris Walker
3f7d2cf6aa Add token_warning configuration option
Token_warning is used to present information about
when the token was last received.

Signed-off-by: Chris Walker <cwalker@cray.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-08-14 10:34:49 +02:00
Jan Friesse
1d2c6e4696 totemconfig: Enlarge error_string_response
... so error_reason can be fully included into parse error message.

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
2018-08-13 09:00:44 +02:00
Christine Caulfield
a471bab798 config: Fail config validation if not all nodes have all links
KNET requires that all links be full-mesh (this may change in the future
but almost certainly not before knet 2.0), so enforce this in the
config.

Also avoid a potential div-by-0 error if the local node is not fully
configured either.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-07-03 12:38:02 +02:00
Christine Caulfield
d1db8c2851 config: Enforce use of 'name' node attribute in multi-link clusters
If the local host does not have a 'name' attribute and the cluster
has more than one link then fail the validation test.

I'm open to the idea of checking all of the nodes in the nodelist
if necessary. It seems overkill as each node will check its own
entry though.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-07-03 12:37:45 +02:00
Christine Caulfield
429209f4aa totemconfig: Check for things that cannot be changed on the fly
There are a few things in the interface that cannot be changed on the
fly. Warn about them and tell the user that these things need to be done
in two steps and why.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-07-02 09:54:31 +02:00
Christine Caulfield
f5871c6b4c config: Allow use of ring0_addr
Allow ring0_addr to be used in place of 'name' for
backwards compatibility

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-03-01 14:21:37 +01:00
Christine Caulfield
7a639d1b62 config: Update message when local host isn't found
Make the message more representative of what's going on.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-03-01 14:20:00 +01:00
Christine Caulfield
386d710ed1 cfg: Fix cfg_get_node_addrs so that DLM works
Also update copyright dates

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-03-01 14:19:45 +01:00
Christine Caulfield
fc8580bdbf totem: Use nodeid ONLY in srp_addr
This shrinks the srp_addr (and consequently every packet sent by
corosync) so that instead of containing loads of IP addresses to
identify a node, it just sends the nodeid.

This then allows us to make ring0 optional and replaceable when running
knet.

It also means that we need some other way of identifying the local
node in corosync.conf, so the nodelist.node.name entry is now mandatory
and is mapped to the local host using the same algorithm as used in
cman.

This code needs LOTS of testing as it touches a huge amount of totemsrp
and totemconfig.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-03-01 14:18:51 +01:00
Christine Caulfield
31ddba64a2 config: Don't fudge port numbers
When I was adding knet I wanted the port numbers to default to the
base port number + the linknumber.

However I seem to have messed this up such that any port number
specified in the config file has the link number added to it. Which
is almost certainly not what people would expect.

This patch sets it right. If a port number is not specified
then 5405+linknumber is used. If a port number IS specified
then that actual number is used.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-01-18 16:31:24 +01:00
Christine Caulfield
22ae4cacda knet: Allow ping_timers to be auto-configured
knet ping_timers are auto-configured according to token value.

This patch also fixes some knet config bugs that resulted in defaults
not being applied when values were removed from corosync.conf.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-01-15 15:08:19 +01:00
Christine Caulfield
236032f7b5 config: if local node addr is wrong, fail with a sensible message
If no valid local address is found in corosync.conf then corosync
exits with: "parse error in config: No multicast port specified"

This is because of the config change for knet that always populates
the interfaces. The old error of "no interfaces found" was only
slightly better anyway IMHO.

This patch adds an explicit check that local_node_pos has been
set in icmap and uses that to determine if a valid local address
has been found.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-01-09 17:50:12 +01:00
Jan Friesse
3982f795d5 totemconfig: Fix UDP autogeneration of mcast addr
Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Christine Caulfield <ccaulfie@redhat.com>
2018-01-09 17:46:21 +01:00
Christine Caulfield
98bb0c78c8 config: Allow selection of crypto_model
KNET has options for nss or openssl crpyto libraries, make this
available to corosync.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2018-01-05 15:25:17 +01:00
Christine Caulfield
2a6a571c06 config: Allow links to have different ip_versions
knet allows links to have different IP versions - proivided they
all match per link. So don't force them all to be the same.

I've added a check here to make sure that all nodes on the same
link are using the same IP version.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2017-12-22 17:15:19 +01:00
Bin Liu
af21baf0ff totemconfig: remove duplicate aes256 test
Signed-off-by: Bin Liu <bliu@suse.com>
Reviewed-by: Jan Friesse <jfriesse@redhat.com>
2017-11-29 18:18:52 +01:00