SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for keepalived-2.0.19-lp150.2.1.x86_64.rpm :

* Tue Jan 21 2020 Nicolas Bock - update to 2.0.19- new BR pkgconfig(libnftnl) to fix nftables support- add nftables to the BR- added patch
* linux-4.15.patch- add buildrequires for file-devel - used in the checker to verify scripts- enable json stats and config dump support new BR: pkgconfig(json-c)- enable http regexp support: new BR pcre2-devel- disable dbus instance creation support as it is marked as dangerous- Add BFD build option to keepalived.spec rpm file Issue #1114 identified that the keepalived.spec file was not being generated to build BFD support even if keepalived had been configured to support it.- full changelog https://keepalived.org/changelog.html
* Mon Nov 19 2018 Dirk Mueller - update to 1.4.5:
* Update snapcraft.yaml for 1.4.x+git
* Fix generation of git-commit.h with git commit number.
* Set virtual server address family correctly.
* Set virtual server address family correctly when using tunnelled real servers.
* Fix handling of virtual servers with no real servers at config time.
* Add warning if virtual and real servers are different address families. Although normally the virtual server and real servers must have the same address family, if a real server is tunnelled, the address families can be different. However, the kernel didn\'t support that until 3.18, so add a check that the address families are the same if different address families are not supported by the kernel.
* Send correct status in Dbus VrrpStatusChange notification. When an instance transitioned from BACKUP to FAULT, the Dbus status change message reported the old status (BACKUP) rather than the new status (FAULT). This commit attempts to resolved that.
* doc: ipvs schedulers update
* Fix a couple of typos in configure.ac.
* Fix namespace collision with musl if_ether.h.
* Check if return value from read_value_block() is null before using.
* Fix reporting real server stats via SNMP.
* Make checker process handle RTM_NEWLINK messages with -a option Even though the checker process doesn\'t subscribe to RTNLGRP_LINK messages, it appears that older kernels (certainly 2.6.32) can send RTM_NEWLINK (but not RTM_DELLINK) messages. This occurs when the link is set to up state. Only the VRRP process is interested in link messages, and so the checker process doesn\'t do the necessary initialisation to be able to handle RTM_NEWLINK messages. This commit makes the checker process simply discard RTM_NEWLINK and RTM_DELLINK messages, rather than assuming that if it receives an RTM_NEWLINK message it must be the VRRP process. This problem was reported in issue #848 since the checker process was segfaulting when a new interface was added when the -a command line option was specified.
* Fix handling RTM_NEWLINK when building without VRRP code.
* Fix building on Fedora 28. net-snmp-config output can include compiler and linker flags that refer to spec files that were used to build net-snmp but may not exist on the system building keepalived. That would cause the build done by configure to test for net-snmp support to fail; in particular on a Fedora 28 system that doesn\'t have the redhat-rpm-config package installed. This commit checks that any spec files in the compiler and linker flags returned by net-snmp-config exist on the system building keepalived, and if not it removes the reference(s) to the spec file(s).
* keepalived-1.4.3 released.
* vrrp: setting \'0\' as default value for ifa_flags to make gcc happy.
* Add additional libraries when testing for presence of SSL_CTX_new(). It appears that some systems need -lcrypto when linking with -lssl.
* Sanitise checking of libnl3 in configure.ac.
* Report and handle missing \'}\'s in config files.
* Add missing \'\
\' in keepalived.data output.
* Stop backup taking over as master while master reloads. If a reload was initiated just before an advert, and since it took one advert interval after a reload before an advert was sent, if the reload itself took more than one advert interval, the backup could time out and take over as master. This commit makes keepalived send adverts for all instances that are master immediately before a reload, and also sends adverts immediately after a reload, thereby trippling the time available for the reload to complete.
* Add route option fastopen_no_cookie and rule option l3mdev.
* Fix errors in KEEPALIVED-MIB.txt.
* Simplify setting on IN6_ADDR_GEN_MODE.
* Cosmetic changes to keepalived(8) man page.
* Don\'t set ipvs sync daemon to master state before becoming master If a vrrp instance which was the one specified for the ipvs sync daemon was configured with initial state master, the sync daemon was being set to master mode before the vrrp instance transitioned to master mode. This caused an error message when the vrrp instance transitioned to master and attempted to make the sync daemon go from backup to master mode. This commit stops setting the sync daemon to master mode at initialisation time, and it is set to master mode when the vrrp instance transitions to master.
* Fix freeing vector which has not had any entries allocated.
* Add additional mem-check disgnostics vector_alloc, vectot_alloc_slot, vector_free and alloc_strvec all call MALLOC/FREE but the functions written in the mem_check log are vector_alloc etc, not the functions that call them. This commit adds logging of the originating calling function.
* Fix memory leak in parser.c.
* Improve alignment of new mem-check logging.
* Disable all checkers on a virtual server when ha_suspend set. Only the first checker was being disabled; this commit now disables all of them. Also, make the decision to disable a checker when starting/reloading when scheduling the checker, so that the existance of the required address can be checked.
* Stop genhash segfaulting when built with --enable-mem-check.
* Fix memory allocation problems in genhash.
* Properly fix memory allocation problems in genhash.
* Fix persistence_granularity IPv4 netmask validation. The logic test from inet_aton() appears to be inverted.
* Fix segfault when checker configuration is missing expected parameter Issue #806 mentioned as an aside that \"nb_get_retry\" without a parameter was sigfaulting. Commit be7ae80 - \"Stop segfaulting when configuration keyword is missing its parameter\" missed the \"hidden\" uses of vector_slot() (i.e. those used via definitions in header files). This commit now updates those uses of vector_slot() to use strvec_slot() instead.
* Fix compiling on Linux 2.x kernels. There were missing checks for HAVE_DECL_CLONE_NEWNET causing references to an undeclared variable if CLONE_NEWNET wasn\'t defined.
* Improve parsing of kernel release. The kernel EXTRAVERSION can start with any character (although starting with a digit would be daft), so relax the check for it starting with a \'-\'. Kernels using both \'+\' and \'.\' being the first character of EXTRAVERSION have been reported.
* Improve grammer.
* add support for SNI in SSL_GET check. this adds a `enable_sni` parameter to SSL_GET, making sure the check passes the virtualhost in the SNI extension during SSL handshake.
* Optimise setting host name for SSL_GET requests with SNI.
* Allow SNI to be used with SSL_GET with OpenSSL v1.0.0 and LibreSSL.
* Use configure to check for SSL_set_tlsext_host_name() Rather than checking for a specific version of the OpenSSL library (and it would also need checking the version of the LibreSSL library) let configure check for the presence of SSL_set_tlsext_host_name(). Also omit all code related to SNI of SSL_set_tlsext_host_name() is not available.
* Use configure to determine available OpenSSL functionality Rather than using version numbers of the OpenSSL library to determine what functions are available, let configure determine whether the functions are supported. The also means that the same tests work for LibreSSL.
* Add support for gratuitous ARPs for IP over Infiniband.
* Use system header definition instead of local definition IF_HWADDR_MAX linux/netdevice.h has definition MAX_ADDR_LEN, which is 32, whereas IF_HWADDR_MAX was locally defined to be 20. Unfortunately we end up with more system header file juggling to ensure we don\'t have duplicate definitions.
* Fix vrrp_script and check_misc scripts of type * Add the first pre-defined config definition (${_PWD}) ${_PWD} in a configuration file will be replaced with the full path name of the directory that keepalived is reading the current configuration file from.
* Open and run the notify fifo and script if no other fifo Due to the way the code was structured the notify_fifo for both checker and vrrp messages wasn\'t run if neither the vrrp or checker fifo wasn\'t configured. Also, if all three fifos were configured, the general fifo script was executed by both the vrrp and checker process, causing problems.
* Add support for Infiniband interfaces when dumping configuration.
* Tidy up layout in vrrp_arp.c.
* Add configure check for support of position independant executables (PIE).
* Add check for -pie support, and fix writing to keepalived.data.
* keepalived-1.4.2 released.
* Make genhash exit with exit code 1 on error. Issue #766 identified that genhash always exits with exit code 1 even if an error has occurred.
* Rationalise printing of http header in genhash.
* Use http header Content-Length field in HTTP_CHECK/SSL_CHECK. If a Content-Length is supplied in the http header, use that as a limit to the data length (as wget does). If the length of data received does not match the Content-Length log a warning.
* Optimise parameter passing to fprintf in genhash.
* Don\'t declare mark variable if don\'t have MARK socket option.
* Fix sync groups with only one member. Commit c88744a0 allowed sync groups with only 1 member again, but didn\'t stop removing the sync group if there was only 1 member. This commit now doesn\'t remove sync groups with only one member.
* Make track scripts work with --enable-debug config option.
* Add warning if --enable-debug configure option is used.
* Allow more flexibility of layout of { and } in config files. keepalived was a bit fussy about where \'{\'s and \'}\'s (braces) could be placed in terms of after the keyword, or on a line on their own. It certainly was not possible to have multiple braces on one line. This commit now provides complete flexibility of where braces are, so long as they occur in the correct order.
* Make alloc_value_block() report block type if there is an error.
* Simplify alloc_value_block() by using libc string functions.
* Add dumping of garp delay config when using -d option.
* Fix fractions of seconds for garp group garp_interval.
* Make read_value_block() use alloc_value_block(). This removes quite a bit of duplication of functionality, and ensures the configuration parsing will be more consistent.
* Fix build with Linux kernel headers v4.15. Linux kernel version 4.15 changed the libc/kernel headers suppression logic in a way that introduces collisions.
* Add missing command line options to keepalived(8) man page.
* Fix --dont-release-vrrp. On github, ushuz reported that commit 62e8455 - \"Don\'t delete vmac interfaces before dropping multicast membership\" broke --dont-release-vrrp. This commit restores the correct functionality.
* Define _GNU_SOURCE for all compilation units. Rather than defining _GNU_SOURCE when needed, let configure add it to the flags passed to the C compiler, so that it is defined for all compilation units. This ensures consistence.
* Fix new warnings procuded by gcc 8.
* Fix dumping empty lists. Add a check in dump_list() for an empty list, and don\'t attempt to dump it if it is empty.
* Resolve conversion-check compiler warnings.
* Add missing content to installing_keepalived.rst documentation. Issue #778 identified that there was text missing at the end of the document, and that is now added.
* Fix systemd service to start after network-online.target. This fix was merged downstream by RedHat in response to RHBZ #1413320.
* Update INSTALL file to describe packages needed for building documentation.
* INSTALL: note linux distro package that provides \'sphinx_rtd_theme\'
* Clear /proc/sys/net/ipv6/conf/IF/disable_ipv6 when create VMACs. An issue was identified where keepalived was reporting permission denied when attempting to add an IPv6 address to a VMAC interface. It turned out that this was because /proc/sys/net/ipv6/conf/default/disable_ipv6 was set to 1, causing IPv6 to be disables on all interfaces that keepalived created. This commit clears disable_ipv6 on any VMAC interfaces that keepalived creates if the vrrp instance is using IPv6.- remove linux-4.15.patch: does not apply anymore and not needed (the distros using 4.15 have moved on to keepalived 2.x)
* Mon Apr 30 2018 crrodriguezAATTopensuse.org- Only Require insserv on distributions without systemd.- Fix systemd related requires/buildRequires- Do not run scriptlets that use insserv when using systemd
* Thu Feb 22 2018 dmuellerAATTsuse.com- add linux-4.15.patch
* Wed Feb 21 2018 dmuellerAATTsuse.com- update to 1.4.1:
* Improve and fix use of getopt_long(). We musn\'t use a long option val of 1, since getopt_long() can return that value. getopt_long() also returns longindex == 0 when there is no matching long option, and there needs to be careful checking if there is an error to work out whether a long or short option was used, which is needed for meaningful error messages.
* Write assert() messages to syslog. assert()s are nasty things, but at least let\'s get the benefit of them, and write the messages to syslog, rather than losing them down stderr.
* Enable sorry server at startup if quorum down due to alpha mode If alpha mode is configured on sufficient checkers so that a virtual server doesn\'t have a quorum, we need to add the sorry server at startup, otherwise it won\'t be added until a quorum has been achieved and subsequently lost again. In the case where some of the checkers remain in the down state at startup, this would have meant that the sorry server never got added.
* For virtual servers, ensure quorum <= number of real servers If the quorum were gigher than the number of real servers, the quorum for the real server to come up could never be achieved, so if the quorum is greater than the number of real servers, reduce it to the number of real servers.
* Fix some SNMP keepalived checker integer types and default values. Some virtual server and real server values were being sent to SNMP with a signed type whereas the value is unsigned, so set the type field correctly. Some virtual server and real server values that apply to checkers are set to nonsense default values in order to determine if a value has been specified. Handle these values when reporting them to SNMP replying with 0 rather than a nonsense value.
* Fix some MALLOC/FREE issues with notify FIFOs.
* Add instance_name/config_id to alert emails\' subjects if configured. If multiple instances of keepalived are running, either different instance_names and/or config_ids, it is useful to know which keepalived instance the email relates to.
* Ensure that email body string isn\'t unterminated. Using strncpy() needs to ensure that there is a nul termination byte, so this commits adds always writing a nul byte to the end of the buffer.
* Remove duplicate fault notification.
* Fix problem with scripts found via PATH with a \'/\' in parameters. Recent discussions on issue #101 led to discovering that if an executable without a fully qualified name was specified as a script and there was a \'/\' character in the parameters, then the path resolution would not work.
* Send SNMP traps when go from backup to fault due to sync group. Commit 020a9ab added executing notify_fault for vrrp instances transitioning from backup to fault state due to another instance in the sync group going to fault state. This commit adds sending SNMP traps in the same circumstance.
* Revert \"Add instance_name/config_id to alert emails\' subjects if configured\". This should be handled by setting router_id
* Add config option to send smtp-alerts to file rather than send emails This is useful for debugging purposes.
* Add additional entry to Travis-CI build matrix.
* Fix segfault if no sorry server configured for a virtual server.
* Mon Jan 22 2018 mrueckertAATTsuse.de- enable json stats and config dump support new BR: pkgconfig(json-c)- disable dynamic loading of libipset and link it instead- enable stacktrace support- turn on snmp-rfcv2 and snmp-rfcv3 support- do not reference the keepalived.socket in the rpm scriptlets
* Fri Jan 12 2018 larsAATTlinux-schulserver.de- update to 1.4.0
* Add Linux build and runtime versions to -v output.
* Log kernel version and build kernel version to log at startup.
* Don\'t sleep for 1 send when exiting vrrp process if no vrrp instances.
* With large configurations the syslog can get flooded and drop output. This commit adds options to not log to syslog, and also to log all output to files.
* Add option to only flush log files before forking.
* Don\'t poll netlink for all interfaces each time add a VMAC. We can poll for the individual interface details which significantly reduces what we have to process.
* Print interface details in keepalived.data output.
* Add high performace child finder code. The code to find the relevant thread to execute afer a child process (either a vrrp track script or a misc_check healthchecker) was doing a linear search for the matching pid, which if there are a large number of child processes running could become time consuming. The code now will enable high performance child finding, based on using mlists hashed by the pid, if there are 32 or more vrrp track scripts or misc check healthcheckers. The size of the mlist is based on the number of scripts, with a limit of 256.
* Improve high performance child termination timeout code.
* Preserve filename in script path name resolution. Some executables change their behaviour depending on the name by which they are invoked (e.g. /usr/sbin/pidof when it is a link to /usr/sbin/killall5). Using realpath() changes the file name part if it is a symbolic link. This commit resolves all symbolic links to directories, but leaves the file name part unaltered. It then checks the security of both the path to the link and the path to the real file.
* Handle scripts names that are symbolic links properly.
* Fix some RFC SNMP issues.
* Fix removing left-over addresses if keepalived aborts.
* Update openssl use to stop using deprecated functions openssl from version 1.1 deprecated certain functions that keepalived was using. This commit ceases using those functions if the version of openssl is >= 1.1.
* Allow sync groups with only 1 member, but issue a warning.
* Add replaceable parameters in configuration files.
* Add multiline configuration definitions.
* Fix keepalived.conf(5) man page.
* Suppress error message when removing leftover addresses at startup. => find more changes at /usr/share/doc/packages/keepalived/- rebase keepalive-init.patch- use upstream systemd service file instead providing an own one => removed keepalived.service- remove executable bit from samples in docdir- check that LVS support is enabled- optionally enable dump configuration and stats as JSON (via bcond) => BuildRequire libjson-c-devel- restrict /etc/keepalived permissions to root
* Mon Nov 27 2017 jengelhAATTinai.de- Do not suppress errors from useradd.- Ensure neutrality of description.
* Mon Nov 27 2017 igarciaAATTsuse.com- update to 1.3.9: Revert using github tarball and use original source again. Too many fixes and features to list, refer to /usr/share/doc/packages/keepalived/ChangeLog for a detailed list.
* Thu Nov 23 2017 rbrownAATTsuse.com- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)
* Thu Feb 16 2017 mrueckertAATTsuse.de- use tarball from https://github.com/acassen/keepalived/issues/524 the original tarball did not build. This has the necessary fix applied. for the 1.3.4 update see the TODO entry in the preamble.
* Wed Feb 15 2017 mrueckertAATTsuse.de- update to 1.3.3 Some minor fix, extensions and updates. snapcraft support. Refer to /usr/share/doc/packages/keepalived/ChangeLog for more infos.
* Mon Dec 12 2016 mrueckertAATTsuse.de- fix building with libnfnetlink. the additional include path needs to be in CPPFLAGS instead of CFLAGS now.- enabled a few more features: - enhanced snmp support (V2/V3 RFC) - make sure we build with ipset/libiptc and routes support- prepared dbus support: waiting for boo#1015141
* Mon Dec 12 2016 mrueckertAATTsuse.de- update 1.3.2 - Security focused on notify heplers. Some minor fix and extensions. - changes from 1.3.1 - Quick script fix for regression brought by last release. - changes from 1.3.0 - New MAJOR release with stabilization fixes. Support to DBus. Conf extensions. Parser error log. Security extensions to run scripts more secure. - changes from 1.2.24 - MAJOR release with stabilization fixes and new features like support to network namespace. Refer to /usr/share/doc/packages/keepalived/ChangeLog for more infos.
* Wed Jul 20 2016 michaelAATTstroeder.com- update to 1.2.23 Some VRRP fixes. Some Healthcheckers fixes. Refer to ChangeLog for more infos.
* Fri Jul 08 2016 mrueckertAATTsuse.de- update to 1.2.22 Some VRRP fixes. Refer to ChangeLog for more infos.- update to 1.2.21 Some fixes for last major release 1.2.20. Extensions on vrrp framework. Refer to ChangeLog for more infos.- update to 1.2.20 BUNCH of extensions, fixes, cleanup & production considerations. Distro packages maintainers are strongly encouraged to upgrade.- new BR libnfnetlink-devel- we no longer ship the VRRP-MIB
* Thu Feb 11 2016 larsAATTlinux-schulserver.de- enhanced keepalive-init.patch : + replace tabs with spaces + read /etc/sysconfig/keepalived, if exists and use the settings there instead of the default KEEPALIVED_OPTIONS in case the user changed them
* Thu Jan 28 2016 mrueckertAATTsuse.de- use package name buildrequires on sle11 to fix building
* Thu Jan 28 2016 mrueckertAATTsuse.de- enable snmp for better monitoring- enable sha1 support
* Wed Oct 07 2015 dimstarAATTopensuse.org- Update to version 1.2.19: + vrrp: fix checksum computation in vrrp v2 for socket family AF_INET. + Some cosmetics at Makefile stuff.- Changes from version 1.2.18: + some cosmetics changes (in memory and parser). + remove dead/not used code. + revert notify script brought by last release. + revert VRRP preemption speed up extension. + vrrp: ix vrrp removes incorrect IPv4 address when VIPs are removed. + vrrp: Re-enable VRRPv2 checksum on inbound pkts.- Changes from version 1.2.17: + zalloc use xalloc for consistency. + memory: fix wrong size calculation in zfree. + Fix keepalived snmp configuration. + Change comments to match kernel style. + smtp: Fix wrong algorithm in RCPT-TO building. + Lots of vrrp fixes.- Changes from version 1.2.16: + Properly close netlink channel to avoid fd leak. + Use getaddrinfo instead of gethostbyname to workaround glibc gethostbyname function buffer overflow (boo#949238). + Lots of ipvs fixes.
* Wed Oct 07 2015 mrueckertAATTsuse.de- no longer install the init script on systemd systems
* Wed Mar 11 2015 dimstarAATTopensuse.org- Update to version 1.2.15: + Bugfixes.- Changes from version 1.2.14: + VRRP bugfixes and extensions. IPVS bugfixes and code code cleanup.- Changes from version 1.2.13: + VRRP fixes and extensions. Extrend and unify checker framework.
* Mon Feb 02 2015 crrodriguezAATTopensuse.org- Build with -DOPENSSL_NO_SSL_INTERN, if package starts accessing the SSL library internals it must fail to build now, in upcoming openSSL versions structures are opaque.- BuildRequire libnl3- Do not strip binaries, fix -debuginfo packages.
* Sun Nov 09 2014 Led - fix bashisms in pre script
  
ICM