[arch-commits] Commit in ceph/repos (16 files)
Sébastien Luttringer
seblu at archlinux.org
Sun Oct 9 15:32:25 UTC 2016
Date: Sunday, October 9, 2016 @ 15:32:24
Author: seblu
Revision: 277968
archrelease: copy trunk to staging-x86_64, staging-i686
Added:
ceph/repos/staging-i686/
ceph/repos/staging-i686/01-virtualenv2.patch
(from rev 277967, ceph/trunk/01-virtualenv2.patch)
ceph/repos/staging-i686/02-setup-python2.patch
(from rev 277967, ceph/trunk/02-setup-python2.patch)
ceph/repos/staging-i686/03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch
(from rev 277967, ceph/trunk/03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch)
ceph/repos/staging-i686/04-fix-686-build.patch
(from rev 277967, ceph/trunk/04-fix-686-build.patch)
ceph/repos/staging-i686/PKGBUILD
(from rev 277967, ceph/trunk/PKGBUILD)
ceph/repos/staging-i686/ceph.install
(from rev 277967, ceph/trunk/ceph.install)
ceph/repos/staging-i686/ceph.sysusers
(from rev 277967, ceph/trunk/ceph.sysusers)
ceph/repos/staging-x86_64/
ceph/repos/staging-x86_64/01-virtualenv2.patch
(from rev 277967, ceph/trunk/01-virtualenv2.patch)
ceph/repos/staging-x86_64/02-setup-python2.patch
(from rev 277967, ceph/trunk/02-setup-python2.patch)
ceph/repos/staging-x86_64/03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch
(from rev 277967, ceph/trunk/03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch)
ceph/repos/staging-x86_64/04-fix-686-build.patch
(from rev 277967, ceph/trunk/04-fix-686-build.patch)
ceph/repos/staging-x86_64/PKGBUILD
(from rev 277967, ceph/trunk/PKGBUILD)
ceph/repos/staging-x86_64/ceph.install
(from rev 277967, ceph/trunk/ceph.install)
ceph/repos/staging-x86_64/ceph.sysusers
(from rev 277967, ceph/trunk/ceph.sysusers)
-----------------------------------------------------------------+
staging-i686/01-virtualenv2.patch | 11
staging-i686/02-setup-python2.patch | 38 +
staging-i686/03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch | 309 ++++++++++
staging-i686/04-fix-686-build.patch | 199 ++++++
staging-i686/PKGBUILD | 91 ++
staging-i686/ceph.install | 16
staging-i686/ceph.sysusers | 1
staging-x86_64/01-virtualenv2.patch | 11
staging-x86_64/02-setup-python2.patch | 38 +
staging-x86_64/03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch | 309 ++++++++++
staging-x86_64/04-fix-686-build.patch | 199 ++++++
staging-x86_64/PKGBUILD | 91 ++
staging-x86_64/ceph.install | 16
staging-x86_64/ceph.sysusers | 1
14 files changed, 1330 insertions(+)
Copied: ceph/repos/staging-i686/01-virtualenv2.patch (from rev 277967, ceph/trunk/01-virtualenv2.patch)
===================================================================
--- staging-i686/01-virtualenv2.patch (rev 0)
+++ staging-i686/01-virtualenv2.patch 2016-10-09 15:32:24 UTC (rev 277968)
@@ -0,0 +1,11 @@
+--- a/src/tools/setup-virtualenv.sh 2016-06-14 13:43:58.000000000 +0200
++++ b/src/tools/setup-virtualenv.sh 2016-08-18 02:13:31.418624320 +0200
+@@ -18,7 +18,7 @@
+ DIR=$1
+ rm -fr $DIR
+ mkdir -p $DIR
+-virtualenv --python python2.7 $DIR
++virtualenv2 --python python2.7 $DIR
+ . $DIR/bin/activate
+ # older versions of pip will not install wrap_console scripts
+ # when using wheel packages
Copied: ceph/repos/staging-i686/02-setup-python2.patch (from rev 277967, ceph/trunk/02-setup-python2.patch)
===================================================================
--- staging-i686/02-setup-python2.patch (rev 0)
+++ staging-i686/02-setup-python2.patch 2016-10-09 15:32:24 UTC (rev 277968)
@@ -0,0 +1,38 @@
+--- a/src/Makefile.in 2016-06-14 13:44:59.000000000 +0200
++++ b/src/Makefile.in 2016-08-19 22:09:15.526703376 +0200
+@@ -32623,7 +32623,7 @@
+ cd $(srcdir)/ceph-detect-init ; ../tools/setup-virtualenv.sh ${CEPH_DETECT_INIT_VIRTUALENV} ; test -d wheelhouse && export NO_INDEX=--no-index ; ${CEPH_DETECT_INIT_VIRTUALENV}/bin/pip install $$NO_INDEX --use-wheel --find-links=file://$$(pwd)/wheelhouse -e .
+
+ ceph-detect-init-clean:
+- cd $(srcdir)/ceph-detect-init ; python setup.py clean ; rm -fr wheelhouse .tox build ${CEPH_DETECT_INIT_VIRTUALENV} .coverage *.egg-info
++ cd $(srcdir)/ceph-detect-init ; python2 setup.py clean ; rm -fr wheelhouse .tox build ${CEPH_DETECT_INIT_VIRTUALENV} .coverage *.egg-info
+
+ ceph-detect-init-install-data:
+ cd $(srcdir)/ceph-detect-init ; \
+@@ -32635,7 +32635,7 @@
+ fi ; \
+ root="--root=$(DESTDIR)" ; \
+ fi ; \
+- python setup.py install $$root $$options
++ python2 setup.py install $$root $$options
+
+ export CEPH_DISK_VIRTUALENV = ${CEPH_BUILD_VIRTUALENV}/ceph-disk-virtualenv
+
+@@ -32645,7 +32645,7 @@
+ cd $(srcdir)/ceph-disk ; ../tools/setup-virtualenv.sh ${CEPH_DISK_VIRTUALENV} ; test -d wheelhouse && export NO_INDEX=--no-index ; ${CEPH_DISK_VIRTUALENV}/bin/pip install $$NO_INDEX --use-wheel --find-links=file://$$(pwd)/wheelhouse -e .
+
+ ceph-disk-clean:
+- cd $(srcdir)/ceph-disk ; python setup.py clean ; rm -fr wheelhouse .tox build ${CEPH_DISK_VIRTUALENV} .coverage *.egg-info
++ cd $(srcdir)/ceph-disk ; python2 setup.py clean ; rm -fr wheelhouse .tox build ${CEPH_DISK_VIRTUALENV} .coverage *.egg-info
+
+ ceph-disk-install-data:
+ cd $(srcdir)/ceph-disk ; \
+@@ -32657,7 +32657,7 @@
+ fi ; \
+ root="--root=$(DESTDIR) --install-script=/usr/sbin" ; \
+ fi ; \
+- python setup.py install $$root $$options
++ python2 setup.py install $$root $$options
+
+ #crush_includedir = $(includedir)/crush
+ #crush_include_DATA = \
Copied: ceph/repos/staging-i686/03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch (from rev 277967, ceph/trunk/03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch)
===================================================================
--- staging-i686/03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch (rev 0)
+++ staging-i686/03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch 2016-10-09 15:32:24 UTC (rev 277968)
@@ -0,0 +1,309 @@
+From b1099e8edcda1ab658eaac424bd2e09d6e7cbabd Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?S=C3=A9bastien=20Luttringer?= <seblu at seblu.net>
+Date: Sun, 9 Oct 2016 01:53:36 +0200
+Subject: [PATCH] Revert "rgw ldap: fix ldap bindpw parsing"
+
+This reverts commit fe57aceeb02ad9163feb2d196589b5927cedfa0f.
+---
+ src/rgw/librgw.cc | 6 ++--
+ src/rgw/rgw_ldap.cc | 35 ---------------------
+ src/rgw/rgw_ldap.h | 54 ++++++++-------------------------
+ src/rgw/rgw_rest_s3.cc | 77 +++++++++++------------------------------------
+ src/test/test_rgw_ldap.cc | 4 +--
+ 5 files changed, 34 insertions(+), 142 deletions(-)
+
+diff --git a/src/rgw/librgw.cc b/src/rgw/librgw.cc
+index c476129..37414fc 100644
+--- a/src/rgw/librgw.cc
++++ b/src/rgw/librgw.cc
+@@ -52,7 +52,6 @@
+ #include <string.h>
+ #include <mutex>
+
+-
+ #define dout_subsys ceph_subsys_rgw
+
+ bool global_stop = false;
+@@ -470,10 +469,9 @@ namespace rgw {
+ const string& ldap_searchdn = store->ctx()->_conf->rgw_ldap_searchdn;
+ const string& ldap_dnattr =
+ store->ctx()->_conf->rgw_ldap_dnattr;
+- std::string ldap_bindpw = parse_rgw_ldap_bindpw(store->ctx());
+
+- ldh = new rgw::LDAPHelper(ldap_uri, ldap_binddn, ldap_bindpw.c_str(),
+- ldap_searchdn, ldap_dnattr);
++ ldh = new rgw::LDAPHelper(ldap_uri, ldap_binddn, ldap_searchdn,
++ ldap_dnattr);
+ ldh->init();
+ ldh->bind();
+
+diff --git a/src/rgw/rgw_ldap.cc b/src/rgw/rgw_ldap.cc
+index 6cca3b8..ac420e3 100644
+--- a/src/rgw/rgw_ldap.cc
++++ b/src/rgw/rgw_ldap.cc
+@@ -2,38 +2,3 @@
+ // vim: ts=8 sw=2 smarttab
+
+ #include "rgw_ldap.h"
+-
+-#include "common/ceph_context.h"
+-#include "common/common_init.h"
+-#include "common/dout.h"
+-#include "common/safe_io.h"
+-#include <boost/algorithm/string.hpp>
+-
+-#include "include/assert.h"
+-
+-#define dout_subsys ceph_subsys_rgw
+-
+-std::string parse_rgw_ldap_bindpw(CephContext* ctx)
+-{
+- string ldap_bindpw;
+- string ldap_secret = ctx->_conf->rgw_ldap_secret;
+-
+- if (ldap_secret.empty()) {
+- ldout(ctx, 10)
+- << __func__ << " LDAP auth no rgw_ldap_secret file found in conf"
+- << dendl;
+- } else {
+- char bindpw[1024];
+- memset(bindpw, 0, 1024);
+- int pwlen = safe_read_file("" /* base */, ldap_secret.c_str(),
+- bindpw, 1023);
+- if (pwlen) {
+- ldap_bindpw = bindpw;
+- boost::algorithm::trim(ldap_bindpw);
+- if (ldap_bindpw.back() == '\n')
+- ldap_bindpw.pop_back();
+- }
+- }
+-
+- return std::move(ldap_bindpw);
+-}
+diff --git a/src/rgw/rgw_ldap.h b/src/rgw/rgw_ldap.h
+index b29e33ad..02eb61e 100644
+--- a/src/rgw/rgw_ldap.h
++++ b/src/rgw/rgw_ldap.h
+@@ -23,38 +23,27 @@ namespace rgw {
+ {
+ std::string uri;
+ std::string binddn;
+- std::string bindpw;
+ std::string searchdn;
+ std::string dnattr;
+ LDAP *ldap;
+- bool msad = false; /* TODO: possible future specialization */
+
+ public:
+- LDAPHelper(std::string _uri, std::string _binddn, std::string _bindpw,
+- std::string _searchdn, std::string _dnattr)
+- : uri(std::move(_uri)), binddn(std::move(_binddn)),
+- bindpw(std::move(_bindpw)), searchdn(_searchdn), dnattr(_dnattr),
+- ldap(nullptr) {
++ LDAPHelper(std::string _uri, std::string _binddn, std::string _searchdn,
++ std::string _dnattr)
++ : uri(std::move(_uri)), binddn(std::move(_binddn)), searchdn(_searchdn),
++ dnattr(_dnattr), ldap(nullptr) {
+ // nothing
+ }
+
+ int init() {
+ int ret;
+ ret = ldap_initialize(&ldap, uri.c_str());
+- if (ret == LDAP_SUCCESS) {
+- unsigned long ldap_ver = LDAP_VERSION3;
+- ret = ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION,
+- (void*) &ldap_ver);
+- }
+- if (ret == LDAP_SUCCESS) {
+- ret = ldap_set_option(ldap, LDAP_OPT_REFERRALS, LDAP_OPT_OFF);
+- }
+ return (ret == LDAP_SUCCESS) ? ret : -EINVAL;
+ }
+
+ int bind() {
+ int ret;
+- ret = ldap_simple_bind_s(ldap, binddn.c_str(), bindpw.c_str());
++ ret = ldap_simple_bind_s(ldap, nullptr, nullptr);
+ return (ret == LDAP_SUCCESS) ? ret : -EINVAL;
+ }
+
+@@ -71,18 +60,11 @@ namespace rgw {
+ int auth(const std::string uid, const std::string pwd) {
+ int ret;
+ std::string filter;
+- if (msad) {
+- filter = "(&(objectClass=user)(sAMAccountName=";
+- filter += uid;
+- filter += "))";
+- } else {
+- /* openldap */
+- filter = "(";
+- filter += dnattr;
+- filter += "=";
+- filter += uid;
+- filter += ")";
+- }
++ filter = "(";
++ filter += dnattr;
++ filter += "=";
++ filter += uid;
++ filter += ")";
+ char *attrs[] = { const_cast<char*>(dnattr.c_str()), nullptr };
+ LDAPMessage *answer = nullptr, *entry = nullptr;
+ ret = ldap_search_s(ldap, searchdn.c_str(), LDAP_SCOPE_SUBTREE,
+@@ -113,8 +95,8 @@ namespace rgw {
+ class LDAPHelper
+ {
+ public:
+- LDAPHelper(std::string _uri, std::string _binddn, std::string _bindpw,
+- std::string _searchdn, std::string _dnattr)
++ LDAPHelper(std::string _uri, std::string _binddn, std::string _searchdn,
++ std::string _dnattr)
+ {}
+
+ int init() {
+@@ -135,17 +117,7 @@ namespace rgw {
+
+
+ #endif /* HAVE_OPENLDAP */
+-
+-} /* namespace rgw */
+-
+-#include "common/ceph_context.h"
+-#include "common/common_init.h"
+-#include "common/dout.h"
+-#include "common/safe_io.h"
+-#include <boost/algorithm/string.hpp>
+
+-#include "include/assert.h"
+-
+-std::string parse_rgw_ldap_bindpw(CephContext* ctx);
++} /* namespace rgw */
+
+ #endif /* RGW_LDAP_H */
+diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
+index e9f24f3..bd952db 100644
+--- a/src/rgw/rgw_rest_s3.cc
++++ b/src/rgw/rgw_rest_s3.cc
+@@ -8,8 +8,6 @@
+ #include "common/Formatter.h"
+ #include "common/utf8.h"
+ #include "common/ceph_json.h"
+-#include "common/safe_io.h"
+-#include <boost/algorithm/string.hpp>
+
+ #include "rgw_rest.h"
+ #include "rgw_rest_s3.h"
+@@ -1747,32 +1745,10 @@ int RGWPostObj_ObjStore_S3::get_policy()
+ s->perm_mask = RGW_PERM_FULL_CONTROL;
+ }
+ } else if (store->ctx()->_conf->rgw_s3_auth_use_ldap &&
+- (! store->ctx()->_conf->rgw_ldap_uri.empty())) {
+-
+- ldout(store->ctx(), 15)
+- << __func__ << " LDAP auth uri="
+- << store->ctx()->_conf->rgw_ldap_uri
+- << dendl;
+-
++ store->ctx()->_conf->rgw_ldap_uri.empty()) {
+ RGWToken token{from_base64(s3_access_key)};
+- if (! token.valid())
+- return -EACCES;
+-
+ rgw::LDAPHelper *ldh = RGW_Auth_S3::get_ldap_ctx(store);
+- if (unlikely(!ldh)) {
+- ldout(store->ctx(), 0)
+- << __func__ << " RGW_Auth_S3::get_ldap_ctx() failed"
+- << dendl;
+- return -EACCES;
+- }
+-
+- ldout(store->ctx(), 10)
+- << __func__ << " try LDAP auth uri="
+- << store->ctx()->_conf->rgw_ldap_uri
+- << " token.id=" << token.id
+- << dendl;
+-
+- if (ldh->auth(token.id, token.key) != 0)
++ if ((! token.valid()) || ldh->auth(token.id, token.key) != 0)
+ return -EACCES;
+
+ /* ok, succeeded */
+@@ -3091,10 +3067,9 @@ void RGW_Auth_S3::init_impl(RGWRados* store)
+ const string& ldap_searchdn = store->ctx()->_conf->rgw_ldap_searchdn;
+ const string& ldap_dnattr =
+ store->ctx()->_conf->rgw_ldap_dnattr;
+- std::string ldap_bindpw = parse_rgw_ldap_bindpw(store->ctx());
+
+- ldh = new rgw::LDAPHelper(ldap_uri, ldap_binddn, ldap_bindpw,
+- ldap_searchdn, ldap_dnattr);
++ ldh = new rgw::LDAPHelper(ldap_uri, ldap_binddn, ldap_searchdn,
++ ldap_dnattr);
+
+ ldh->init();
+ ldh->bind();
+@@ -3935,45 +3910,29 @@ int RGW_Auth_S3::authorize_v2(RGWRados *store, struct req_state *s)
+
+ RGW_Auth_S3::init(store);
+
+- ldout(store->ctx(), 15)
+- << __func__ << " LDAP auth uri="
+- << store->ctx()->_conf->rgw_ldap_uri
+- << dendl;
+-
+ RGWToken token{from_base64(auth_id)};
+-
+- if (! token.valid())
++ if ((! token.valid()) || ldh->auth(token.id, token.key) != 0)
+ external_auth_result = -EACCES;
+ else {
+- ldout(store->ctx(), 10)
+- << __func__ << " try LDAP auth uri="
+- << store->ctx()->_conf->rgw_ldap_uri
+- << " token.id=" << token.id
+- << dendl;
+-
+- if (ldh->auth(token.id, token.key) != 0)
+- external_auth_result = -EACCES;
+- else {
+- /* ok, succeeded */
+- external_auth_result = 0;
++ /* ok, succeeded */
++ external_auth_result = 0;
+
+- /* create local account, if none exists */
+- s->user->user_id = token.id;
+- s->user->display_name = token.id; // cn?
+- int ret = rgw_get_user_info_by_uid(store, s->user->user_id, *(s->user));
++ /* create local account, if none exists */
++ s->user->user_id = token.id;
++ s->user->display_name = token.id; // cn?
++ int ret = rgw_get_user_info_by_uid(store, s->user->user_id, *(s->user));
++ if (ret < 0) {
++ ret = rgw_store_user_info(store, *(s->user), nullptr, nullptr,
++ real_time(), true);
+ if (ret < 0) {
+- ret = rgw_store_user_info(store, *(s->user), nullptr, nullptr,
+- real_time(), true);
+- if (ret < 0) {
+- dout(10) << "NOTICE: failed to store new user's info: ret=" << ret
+- << dendl;
+- }
++ dout(10) << "NOTICE: failed to store new user's info: ret=" << ret
++ << dendl;
+ }
++ }
+
+ /* set request perms */
+ s->perm_mask = RGW_PERM_FULL_CONTROL;
+- } /* success */
+- } /* token */
++ } /* success */
+ } /* ldap */
+
+ /* keystone failed (or not enabled); check if we want to use rados backend */
+
+--
+2.10.0
+
Copied: ceph/repos/staging-i686/04-fix-686-build.patch (from rev 277967, ceph/trunk/04-fix-686-build.patch)
===================================================================
--- staging-i686/04-fix-686-build.patch (rev 0)
+++ staging-i686/04-fix-686-build.patch 2016-10-09 15:32:24 UTC (rev 277968)
@@ -0,0 +1,199 @@
+# https://github.com/ceph/ceph/pull/10855
+From 518883d939f34ec0afa03aea1bac35960fb579f2 Mon Sep 17 00:00:00 2001
+From: Loic Dachary <ldachary at redhat.com>
+Date: Thu, 25 Aug 2016 09:09:40 +0200
+Subject: [PATCH 1/4] Revert "common: add int64_t template for
+ strict_si_cast()"
+
+This reverts commit e3a99c082e3ebd56d5b40d7d94d98e35629df81e.
+---
+ src/common/strtol.cc | 2 --
+ src/test/strtol.cc | 15 ---------------
+ 2 files changed, 17 deletions(-)
+
+diff --git a/src/common/strtol.cc b/src/common/strtol.cc
+index f43d661..50598b9 100644
+--- a/src/common/strtol.cc
++++ b/src/common/strtol.cc
+@@ -189,8 +189,6 @@ template int strict_si_cast<int>(const char *str, std::string *err);
+
+ template long long strict_si_cast<long long>(const char *str, std::string *err);
+
+-template int64_t strict_si_cast<int64_t>(const char *str, std::string *err);
+-
+ template uint64_t strict_si_cast<uint64_t>(const char *str, std::string *err);
+
+ uint64_t strict_sistrtoll(const char *str, std::string *err)
+diff --git a/src/test/strtol.cc b/src/test/strtol.cc
+index 3946736..646c055 100644
+--- a/src/test/strtol.cc
++++ b/src/test/strtol.cc
+@@ -234,21 +234,6 @@ TEST(StrictSICast, Error) {
+ (void)strict_si_cast<int>("1T", &err);
+ ASSERT_NE(err, "");
+ }
+- {
+- std::string err;
+- (void)strict_si_cast<int64_t>("2E", &err);
+- ASSERT_EQ(err, "");
+- }
+- {
+- std::string err;
+- (void)strict_si_cast<int64_t>("-2E", &err);
+- ASSERT_EQ(err, "");
+- }
+- {
+- std::string err;
+- (void)strict_si_cast<int64_t>("1T", &err);
+- ASSERT_EQ(err, "");
+- }
+ }
+
+ /*
+
+From f7cd28460147530cfd265a593b32d02adb93abe6 Mon Sep 17 00:00:00 2001
+From: Kefu Chai <tchaikov at gmail.com>
+Date: Sat, 30 Apr 2016 18:31:37 +0800
+Subject: [PATCH 2/4] common/config: cast OPT_U32 options using uint32_t
+
+the OPT_U32 options was translated using strict_si_cast<int>(), and then
+cast the converted result to uint32_t. this could cause integer
+underflow. we could have lifted the burden of checking invalid input
+from the user of this option to the strict_si_cast<>() function. so in
+this change, we use strict_si_cast<uint32_t>() instead, before casting
+the converted value into `uint32_t`.
+
+Signed-off-by: Kefu Chai <tchaikov at gmail.com>
+(cherry picked from commit b7babd6aa671d688eef0af61ca17fd11eec22773)
+---
+ src/common/config.cc | 2 +-
+ src/common/strtol.cc | 3 +--
+ 2 files changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/src/common/config.cc b/src/common/config.cc
+index 622e237..d27bfbf 100644
+--- a/src/common/config.cc
++++ b/src/common/config.cc
+@@ -994,7 +994,7 @@ int md_config_t::set_val_raw(const char *val, const config_option *opt)
+ return 0;
+ case OPT_U32: {
+ std::string err;
+- int f = strict_si_cast<int>(val, &err);
++ int f = strict_si_cast<uint32_t>(val, &err);
+ if (!err.empty())
+ return -EINVAL;
+ *(uint32_t*)opt->conf_ptr(this) = f;
+diff --git a/src/common/strtol.cc b/src/common/strtol.cc
+index 50598b9..bc5ccc7 100644
+--- a/src/common/strtol.cc
++++ b/src/common/strtol.cc
+@@ -186,10 +186,9 @@ T strict_si_cast(const char *str, std::string *err)
+ }
+
+ template int strict_si_cast<int>(const char *str, std::string *err);
+-
+ template long long strict_si_cast<long long>(const char *str, std::string *err);
+-
+ template uint64_t strict_si_cast<uint64_t>(const char *str, std::string *err);
++template uint32_t strict_si_cast<uint32_t>(const char *str, std::string *err);
+
+ uint64_t strict_sistrtoll(const char *str, std::string *err)
+ {
+
+From d93eda88048d2bcefe4be3ea0aaa6ca0289eabbf Mon Sep 17 00:00:00 2001
+From: Vikhyat Umrao <vumrao at redhat.com>
+Date: Thu, 26 May 2016 23:30:25 +0530
+Subject: [PATCH 3/4] common: add int64_t template for strict_si_cast()
+
+Signed-off-by: Vikhyat Umrao <vumrao at redhat.com>
+(cherry picked from commit 8e429d05370fbe7935212d0ae9608e7547f39860)
+---
+ src/common/strtol.cc | 1 +
+ src/test/strtol.cc | 15 +++++++++++++++
+ 2 files changed, 16 insertions(+)
+
+diff --git a/src/common/strtol.cc b/src/common/strtol.cc
+index bc5ccc7..0e7ea7d 100644
+--- a/src/common/strtol.cc
++++ b/src/common/strtol.cc
+@@ -187,6 +187,7 @@ T strict_si_cast(const char *str, std::string *err)
+
+ template int strict_si_cast<int>(const char *str, std::string *err);
+ template long long strict_si_cast<long long>(const char *str, std::string *err);
++template int64_t strict_si_cast<int64_t>(const char *str, std::string *err);
+ template uint64_t strict_si_cast<uint64_t>(const char *str, std::string *err);
+ template uint32_t strict_si_cast<uint32_t>(const char *str, std::string *err);
+
+diff --git a/src/test/strtol.cc b/src/test/strtol.cc
+index 646c055..3946736 100644
+--- a/src/test/strtol.cc
++++ b/src/test/strtol.cc
+@@ -234,6 +234,21 @@ TEST(StrictSICast, Error) {
+ (void)strict_si_cast<int>("1T", &err);
+ ASSERT_NE(err, "");
+ }
++ {
++ std::string err;
++ (void)strict_si_cast<int64_t>("2E", &err);
++ ASSERT_EQ(err, "");
++ }
++ {
++ std::string err;
++ (void)strict_si_cast<int64_t>("-2E", &err);
++ ASSERT_EQ(err, "");
++ }
++ {
++ std::string err;
++ (void)strict_si_cast<int64_t>("1T", &err);
++ ASSERT_EQ(err, "");
++ }
+ }
+
+ /*
+
+From 117aa35094c059dbf5770b01ac13a583471e54aa Mon Sep 17 00:00:00 2001
+From: Kefu Chai <kchai at redhat.com>
+Date: Sun, 26 Jun 2016 01:02:03 +0800
+Subject: [PATCH 4/4] common: instantiate strict_si_cast<long> not
+ strict_si_cast<int64_t>
+
+this fixes the build on armf.
+
+on 32bit platforms, cstdint is very likely to
+
+ typedef long long int int64_t;
+
+this results in compilation error like
+
+ `common/strtol.cc:190:75: error: duplicate explicit instantiation of 'T
+ strict_si_cast(const char, std::string) [with T = long long int;
+ std::string = std::basic_string]'
+
+ [-fpermissive]
+ template int64_t strict_si_cast(const char *str, std::string *err);
+ ^`
+
+we can address this by instantiate the primitive type of `long long`
+instead of `in64_t`.
+
+Fixes: http://tracker.ceph.com/issues/16398
+Signed-off-by: Kefu Chai <kchai at redhat.com>
+(cherry picked from commit 31db4c5f9f725e13e38f3c90744e299e023d02a4)
+---
+ src/common/strtol.cc | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/common/strtol.cc b/src/common/strtol.cc
+index 0e7ea7d..321521d 100644
+--- a/src/common/strtol.cc
++++ b/src/common/strtol.cc
+@@ -186,8 +186,8 @@ T strict_si_cast(const char *str, std::string *err)
+ }
+
+ template int strict_si_cast<int>(const char *str, std::string *err);
++template long strict_si_cast<long>(const char *str, std::string *err);
+ template long long strict_si_cast<long long>(const char *str, std::string *err);
+-template int64_t strict_si_cast<int64_t>(const char *str, std::string *err);
+ template uint64_t strict_si_cast<uint64_t>(const char *str, std::string *err);
+ template uint32_t strict_si_cast<uint32_t>(const char *str, std::string *err);
+
Copied: ceph/repos/staging-i686/PKGBUILD (from rev 277967, ceph/trunk/PKGBUILD)
===================================================================
--- staging-i686/PKGBUILD (rev 0)
+++ staging-i686/PKGBUILD 2016-10-09 15:32:24 UTC (rev 277968)
@@ -0,0 +1,91 @@
+# $Id$
+# Maintainer: Sébastien "Seblu" Luttringer <seblu at archlinux.org>
+
+pkgname=ceph
+pkgver=10.2.3
+pkgrel=1
+pkgdesc='Distributed, fault-tolerant storage platform delivering object, block, and file system'
+arch=('x86_64' 'i686')
+url='http://ceph.com/'
+license=('GPL')
+makedepends=('boost' 'systemd' 'xfsprogs' 'python2-setuptools' 'python2-sphinx'
+ 'python2-virtualenv' 'cython2')
+depends=('boost-libs' 'curl' 'expat' 'fcgi' 'fuse' 'gcc-libs' 'glibc'
+ 'gperftools' 'keyutils' 'leveldb' 'libaio' 'libatomic_ops' 'libedit'
+ 'libsystemd' 'libutil-linux' 'ncurses' 'nss' 'python2' 'snappy')
+optdepends=('xfsprogs: support xfs backend')
+options=('emptydirs')
+install=ceph.install
+source=("http://ceph.com/download/$pkgname-$pkgver.tar.gz"
+ 'ceph.sysusers'
+ '01-virtualenv2.patch'
+ '02-setup-python2.patch'
+ '03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch'
+ '04-fix-686-build.patch')
+md5sums=('5d660c78a211f6d53161e197729aebd2'
+ 'b3e24e3aa005a657ab475f84bfe3291a'
+ 'a3f72dc8e97f9fd5708d52256bcd9e75'
+ 'f11582acceeb6c1790518c3a5a29bb18'
+ '6c4cbe6288858421832e751164617774'
+ 'e8fbd2dfb359a8f6d2738d46441fbffa')
+
+prepare() {
+ cd $pkgname-$pkgver
+ # apply patch from the source array (should be a pacman feature)
+ local filename
+ for filename in "${source[@]}"; do
+ if [[ "$filename" =~ \.patch$ ]]; then
+ msg2 "Applying patch $filename"
+ patch -p1 -N -i "$srcdir/$filename"
+ fi
+ done
+ :
+}
+
+build() {
+ cd $pkgname-$pkgver
+ ./configure \
+ --prefix=/usr \
+ --sbindir=/usr/bin \
+ --libexecdir=/usr/lib \
+ --sysconfdir=/etc \
+ --localstatedir=/var \
+ --with-man-pages \
+ --with-radosgw \
+ --without-openldap \
+ PYTHON=/usr/bin/python2 \
+ CYTHON_CHECK=yes \
+ PYTHON_CONFIG_CHECK=yes \
+ SPHINX_BUILD=sphinx-build2
+ make
+}
+
+package() {
+ cd $pkgname-$pkgver
+
+ make DESTDIR="$pkgdir" install
+
+ # install tmpfiles.d
+ install -Dm644 systemd/ceph.tmpfiles.d "$pkgdir/usr/lib/tmpfiles.d/$pkgname.conf"
+ install -Dm644 "$srcdir"/ceph.sysusers "$pkgdir/usr/lib/sysusers.d/$pkgname.conf"
+
+ cd "$pkgdir"
+
+ # fix sbin path
+ msg2 'Fix sbin paths'
+ mv -v usr/sbin/* usr/bin
+ rmdir -v usr/sbin
+
+ # fix bash completions path
+ msg2 'Fix bash completion path'
+ install -d -m 755 usr/share/bash-completion
+ mv etc/bash_completion.d usr/share/bash-completion/completions
+
+ # fix python2 shebang, did not do it in prepare() anymore because it
+ # confuse automake
+ msg2 'Fix python2 shebang'
+ find . -type f -executable -exec \
+ sed -i '1s,^#! \?/usr/bin/\(env \|\)python$,#!/usr/bin/python2,' {} \;
+}
+
+# vim:set ts=2 sw=2 et:
Copied: ceph/repos/staging-i686/ceph.install (from rev 277967, ceph/trunk/ceph.install)
===================================================================
--- staging-i686/ceph.install (rev 0)
+++ staging-i686/ceph.install 2016-10-09 15:32:24 UTC (rev 277968)
@@ -0,0 +1,16 @@
+# vim: ft=sh ts=2 sw=2 et:
+
+# arg 1: the new package version
+post_install() {
+ systemd-sysusers ceph.conf
+ systemd-tmpfiles --create ceph.conf
+}
+
+# arg 1: the new package version
+# arg 2: the old package version
+post_upgrade() {
+ if (( "$(vercmp $2 '10.2.2-1')" < 0 )); then
+ systemd-sysusers ceph.conf
+ systemd-tmpfiles --create ceph.conf
+ fi
+}
Copied: ceph/repos/staging-i686/ceph.sysusers (from rev 277967, ceph/trunk/ceph.sysusers)
===================================================================
--- staging-i686/ceph.sysusers (rev 0)
+++ staging-i686/ceph.sysusers 2016-10-09 15:32:24 UTC (rev 277968)
@@ -0,0 +1 @@
+u ceph - - /run/ceph
Copied: ceph/repos/staging-x86_64/01-virtualenv2.patch (from rev 277967, ceph/trunk/01-virtualenv2.patch)
===================================================================
--- staging-x86_64/01-virtualenv2.patch (rev 0)
+++ staging-x86_64/01-virtualenv2.patch 2016-10-09 15:32:24 UTC (rev 277968)
@@ -0,0 +1,11 @@
+--- a/src/tools/setup-virtualenv.sh 2016-06-14 13:43:58.000000000 +0200
++++ b/src/tools/setup-virtualenv.sh 2016-08-18 02:13:31.418624320 +0200
+@@ -18,7 +18,7 @@
+ DIR=$1
+ rm -fr $DIR
+ mkdir -p $DIR
+-virtualenv --python python2.7 $DIR
++virtualenv2 --python python2.7 $DIR
+ . $DIR/bin/activate
+ # older versions of pip will not install wrap_console scripts
+ # when using wheel packages
Copied: ceph/repos/staging-x86_64/02-setup-python2.patch (from rev 277967, ceph/trunk/02-setup-python2.patch)
===================================================================
--- staging-x86_64/02-setup-python2.patch (rev 0)
+++ staging-x86_64/02-setup-python2.patch 2016-10-09 15:32:24 UTC (rev 277968)
@@ -0,0 +1,38 @@
+--- a/src/Makefile.in 2016-06-14 13:44:59.000000000 +0200
++++ b/src/Makefile.in 2016-08-19 22:09:15.526703376 +0200
+@@ -32623,7 +32623,7 @@
+ cd $(srcdir)/ceph-detect-init ; ../tools/setup-virtualenv.sh ${CEPH_DETECT_INIT_VIRTUALENV} ; test -d wheelhouse && export NO_INDEX=--no-index ; ${CEPH_DETECT_INIT_VIRTUALENV}/bin/pip install $$NO_INDEX --use-wheel --find-links=file://$$(pwd)/wheelhouse -e .
+
+ ceph-detect-init-clean:
+- cd $(srcdir)/ceph-detect-init ; python setup.py clean ; rm -fr wheelhouse .tox build ${CEPH_DETECT_INIT_VIRTUALENV} .coverage *.egg-info
++ cd $(srcdir)/ceph-detect-init ; python2 setup.py clean ; rm -fr wheelhouse .tox build ${CEPH_DETECT_INIT_VIRTUALENV} .coverage *.egg-info
+
+ ceph-detect-init-install-data:
+ cd $(srcdir)/ceph-detect-init ; \
+@@ -32635,7 +32635,7 @@
+ fi ; \
+ root="--root=$(DESTDIR)" ; \
+ fi ; \
+- python setup.py install $$root $$options
++ python2 setup.py install $$root $$options
+
+ export CEPH_DISK_VIRTUALENV = ${CEPH_BUILD_VIRTUALENV}/ceph-disk-virtualenv
+
+@@ -32645,7 +32645,7 @@
+ cd $(srcdir)/ceph-disk ; ../tools/setup-virtualenv.sh ${CEPH_DISK_VIRTUALENV} ; test -d wheelhouse && export NO_INDEX=--no-index ; ${CEPH_DISK_VIRTUALENV}/bin/pip install $$NO_INDEX --use-wheel --find-links=file://$$(pwd)/wheelhouse -e .
+
+ ceph-disk-clean:
+- cd $(srcdir)/ceph-disk ; python setup.py clean ; rm -fr wheelhouse .tox build ${CEPH_DISK_VIRTUALENV} .coverage *.egg-info
++ cd $(srcdir)/ceph-disk ; python2 setup.py clean ; rm -fr wheelhouse .tox build ${CEPH_DISK_VIRTUALENV} .coverage *.egg-info
+
+ ceph-disk-install-data:
+ cd $(srcdir)/ceph-disk ; \
+@@ -32657,7 +32657,7 @@
+ fi ; \
+ root="--root=$(DESTDIR) --install-script=/usr/sbin" ; \
+ fi ; \
+- python setup.py install $$root $$options
++ python2 setup.py install $$root $$options
+
+ #crush_includedir = $(includedir)/crush
+ #crush_include_DATA = \
Copied: ceph/repos/staging-x86_64/03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch (from rev 277967, ceph/trunk/03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch)
===================================================================
--- staging-x86_64/03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch (rev 0)
+++ staging-x86_64/03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch 2016-10-09 15:32:24 UTC (rev 277968)
@@ -0,0 +1,309 @@
+From b1099e8edcda1ab658eaac424bd2e09d6e7cbabd Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?S=C3=A9bastien=20Luttringer?= <seblu at seblu.net>
+Date: Sun, 9 Oct 2016 01:53:36 +0200
+Subject: [PATCH] Revert "rgw ldap: fix ldap bindpw parsing"
+
+This reverts commit fe57aceeb02ad9163feb2d196589b5927cedfa0f.
+---
+ src/rgw/librgw.cc | 6 ++--
+ src/rgw/rgw_ldap.cc | 35 ---------------------
+ src/rgw/rgw_ldap.h | 54 ++++++++-------------------------
+ src/rgw/rgw_rest_s3.cc | 77 +++++++++++------------------------------------
+ src/test/test_rgw_ldap.cc | 4 +--
+ 5 files changed, 34 insertions(+), 142 deletions(-)
+
+diff --git a/src/rgw/librgw.cc b/src/rgw/librgw.cc
+index c476129..37414fc 100644
+--- a/src/rgw/librgw.cc
++++ b/src/rgw/librgw.cc
+@@ -52,7 +52,6 @@
+ #include <string.h>
+ #include <mutex>
+
+-
+ #define dout_subsys ceph_subsys_rgw
+
+ bool global_stop = false;
+@@ -470,10 +469,9 @@ namespace rgw {
+ const string& ldap_searchdn = store->ctx()->_conf->rgw_ldap_searchdn;
+ const string& ldap_dnattr =
+ store->ctx()->_conf->rgw_ldap_dnattr;
+- std::string ldap_bindpw = parse_rgw_ldap_bindpw(store->ctx());
+
+- ldh = new rgw::LDAPHelper(ldap_uri, ldap_binddn, ldap_bindpw.c_str(),
+- ldap_searchdn, ldap_dnattr);
++ ldh = new rgw::LDAPHelper(ldap_uri, ldap_binddn, ldap_searchdn,
++ ldap_dnattr);
+ ldh->init();
+ ldh->bind();
+
+diff --git a/src/rgw/rgw_ldap.cc b/src/rgw/rgw_ldap.cc
+index 6cca3b8..ac420e3 100644
+--- a/src/rgw/rgw_ldap.cc
++++ b/src/rgw/rgw_ldap.cc
+@@ -2,38 +2,3 @@
+ // vim: ts=8 sw=2 smarttab
+
+ #include "rgw_ldap.h"
+-
+-#include "common/ceph_context.h"
+-#include "common/common_init.h"
+-#include "common/dout.h"
+-#include "common/safe_io.h"
+-#include <boost/algorithm/string.hpp>
+-
+-#include "include/assert.h"
+-
+-#define dout_subsys ceph_subsys_rgw
+-
+-std::string parse_rgw_ldap_bindpw(CephContext* ctx)
+-{
+- string ldap_bindpw;
+- string ldap_secret = ctx->_conf->rgw_ldap_secret;
+-
+- if (ldap_secret.empty()) {
+- ldout(ctx, 10)
+- << __func__ << " LDAP auth no rgw_ldap_secret file found in conf"
+- << dendl;
+- } else {
+- char bindpw[1024];
+- memset(bindpw, 0, 1024);
+- int pwlen = safe_read_file("" /* base */, ldap_secret.c_str(),
+- bindpw, 1023);
+- if (pwlen) {
+- ldap_bindpw = bindpw;
+- boost::algorithm::trim(ldap_bindpw);
+- if (ldap_bindpw.back() == '\n')
+- ldap_bindpw.pop_back();
+- }
+- }
+-
+- return std::move(ldap_bindpw);
+-}
+diff --git a/src/rgw/rgw_ldap.h b/src/rgw/rgw_ldap.h
+index b29e33ad..02eb61e 100644
+--- a/src/rgw/rgw_ldap.h
++++ b/src/rgw/rgw_ldap.h
+@@ -23,38 +23,27 @@ namespace rgw {
+ {
+ std::string uri;
+ std::string binddn;
+- std::string bindpw;
+ std::string searchdn;
+ std::string dnattr;
+ LDAP *ldap;
+- bool msad = false; /* TODO: possible future specialization */
+
+ public:
+- LDAPHelper(std::string _uri, std::string _binddn, std::string _bindpw,
+- std::string _searchdn, std::string _dnattr)
+- : uri(std::move(_uri)), binddn(std::move(_binddn)),
+- bindpw(std::move(_bindpw)), searchdn(_searchdn), dnattr(_dnattr),
+- ldap(nullptr) {
++ LDAPHelper(std::string _uri, std::string _binddn, std::string _searchdn,
++ std::string _dnattr)
++ : uri(std::move(_uri)), binddn(std::move(_binddn)), searchdn(_searchdn),
++ dnattr(_dnattr), ldap(nullptr) {
+ // nothing
+ }
+
+ int init() {
+ int ret;
+ ret = ldap_initialize(&ldap, uri.c_str());
+- if (ret == LDAP_SUCCESS) {
+- unsigned long ldap_ver = LDAP_VERSION3;
+- ret = ldap_set_option(ldap, LDAP_OPT_PROTOCOL_VERSION,
+- (void*) &ldap_ver);
+- }
+- if (ret == LDAP_SUCCESS) {
+- ret = ldap_set_option(ldap, LDAP_OPT_REFERRALS, LDAP_OPT_OFF);
+- }
+ return (ret == LDAP_SUCCESS) ? ret : -EINVAL;
+ }
+
+ int bind() {
+ int ret;
+- ret = ldap_simple_bind_s(ldap, binddn.c_str(), bindpw.c_str());
++ ret = ldap_simple_bind_s(ldap, nullptr, nullptr);
+ return (ret == LDAP_SUCCESS) ? ret : -EINVAL;
+ }
+
+@@ -71,18 +60,11 @@ namespace rgw {
+ int auth(const std::string uid, const std::string pwd) {
+ int ret;
+ std::string filter;
+- if (msad) {
+- filter = "(&(objectClass=user)(sAMAccountName=";
+- filter += uid;
+- filter += "))";
+- } else {
+- /* openldap */
+- filter = "(";
+- filter += dnattr;
+- filter += "=";
+- filter += uid;
+- filter += ")";
+- }
++ filter = "(";
++ filter += dnattr;
++ filter += "=";
++ filter += uid;
++ filter += ")";
+ char *attrs[] = { const_cast<char*>(dnattr.c_str()), nullptr };
+ LDAPMessage *answer = nullptr, *entry = nullptr;
+ ret = ldap_search_s(ldap, searchdn.c_str(), LDAP_SCOPE_SUBTREE,
+@@ -113,8 +95,8 @@ namespace rgw {
+ class LDAPHelper
+ {
+ public:
+- LDAPHelper(std::string _uri, std::string _binddn, std::string _bindpw,
+- std::string _searchdn, std::string _dnattr)
++ LDAPHelper(std::string _uri, std::string _binddn, std::string _searchdn,
++ std::string _dnattr)
+ {}
+
+ int init() {
+@@ -135,17 +117,7 @@ namespace rgw {
+
+
+ #endif /* HAVE_OPENLDAP */
+-
+-} /* namespace rgw */
+-
+-#include "common/ceph_context.h"
+-#include "common/common_init.h"
+-#include "common/dout.h"
+-#include "common/safe_io.h"
+-#include <boost/algorithm/string.hpp>
+
+-#include "include/assert.h"
+-
+-std::string parse_rgw_ldap_bindpw(CephContext* ctx);
++} /* namespace rgw */
+
+ #endif /* RGW_LDAP_H */
+diff --git a/src/rgw/rgw_rest_s3.cc b/src/rgw/rgw_rest_s3.cc
+index e9f24f3..bd952db 100644
+--- a/src/rgw/rgw_rest_s3.cc
++++ b/src/rgw/rgw_rest_s3.cc
+@@ -8,8 +8,6 @@
+ #include "common/Formatter.h"
+ #include "common/utf8.h"
+ #include "common/ceph_json.h"
+-#include "common/safe_io.h"
+-#include <boost/algorithm/string.hpp>
+
+ #include "rgw_rest.h"
+ #include "rgw_rest_s3.h"
+@@ -1747,32 +1745,10 @@ int RGWPostObj_ObjStore_S3::get_policy()
+ s->perm_mask = RGW_PERM_FULL_CONTROL;
+ }
+ } else if (store->ctx()->_conf->rgw_s3_auth_use_ldap &&
+- (! store->ctx()->_conf->rgw_ldap_uri.empty())) {
+-
+- ldout(store->ctx(), 15)
+- << __func__ << " LDAP auth uri="
+- << store->ctx()->_conf->rgw_ldap_uri
+- << dendl;
+-
++ store->ctx()->_conf->rgw_ldap_uri.empty()) {
+ RGWToken token{from_base64(s3_access_key)};
+- if (! token.valid())
+- return -EACCES;
+-
+ rgw::LDAPHelper *ldh = RGW_Auth_S3::get_ldap_ctx(store);
+- if (unlikely(!ldh)) {
+- ldout(store->ctx(), 0)
+- << __func__ << " RGW_Auth_S3::get_ldap_ctx() failed"
+- << dendl;
+- return -EACCES;
+- }
+-
+- ldout(store->ctx(), 10)
+- << __func__ << " try LDAP auth uri="
+- << store->ctx()->_conf->rgw_ldap_uri
+- << " token.id=" << token.id
+- << dendl;
+-
+- if (ldh->auth(token.id, token.key) != 0)
++ if ((! token.valid()) || ldh->auth(token.id, token.key) != 0)
+ return -EACCES;
+
+ /* ok, succeeded */
+@@ -3091,10 +3067,9 @@ void RGW_Auth_S3::init_impl(RGWRados* store)
+ const string& ldap_searchdn = store->ctx()->_conf->rgw_ldap_searchdn;
+ const string& ldap_dnattr =
+ store->ctx()->_conf->rgw_ldap_dnattr;
+- std::string ldap_bindpw = parse_rgw_ldap_bindpw(store->ctx());
+
+- ldh = new rgw::LDAPHelper(ldap_uri, ldap_binddn, ldap_bindpw,
+- ldap_searchdn, ldap_dnattr);
++ ldh = new rgw::LDAPHelper(ldap_uri, ldap_binddn, ldap_searchdn,
++ ldap_dnattr);
+
+ ldh->init();
+ ldh->bind();
+@@ -3935,45 +3910,29 @@ int RGW_Auth_S3::authorize_v2(RGWRados *store, struct req_state *s)
+
+ RGW_Auth_S3::init(store);
+
+- ldout(store->ctx(), 15)
+- << __func__ << " LDAP auth uri="
+- << store->ctx()->_conf->rgw_ldap_uri
+- << dendl;
+-
+ RGWToken token{from_base64(auth_id)};
+-
+- if (! token.valid())
++ if ((! token.valid()) || ldh->auth(token.id, token.key) != 0)
+ external_auth_result = -EACCES;
+ else {
+- ldout(store->ctx(), 10)
+- << __func__ << " try LDAP auth uri="
+- << store->ctx()->_conf->rgw_ldap_uri
+- << " token.id=" << token.id
+- << dendl;
+-
+- if (ldh->auth(token.id, token.key) != 0)
+- external_auth_result = -EACCES;
+- else {
+- /* ok, succeeded */
+- external_auth_result = 0;
++ /* ok, succeeded */
++ external_auth_result = 0;
+
+- /* create local account, if none exists */
+- s->user->user_id = token.id;
+- s->user->display_name = token.id; // cn?
+- int ret = rgw_get_user_info_by_uid(store, s->user->user_id, *(s->user));
++ /* create local account, if none exists */
++ s->user->user_id = token.id;
++ s->user->display_name = token.id; // cn?
++ int ret = rgw_get_user_info_by_uid(store, s->user->user_id, *(s->user));
++ if (ret < 0) {
++ ret = rgw_store_user_info(store, *(s->user), nullptr, nullptr,
++ real_time(), true);
+ if (ret < 0) {
+- ret = rgw_store_user_info(store, *(s->user), nullptr, nullptr,
+- real_time(), true);
+- if (ret < 0) {
+- dout(10) << "NOTICE: failed to store new user's info: ret=" << ret
+- << dendl;
+- }
++ dout(10) << "NOTICE: failed to store new user's info: ret=" << ret
++ << dendl;
+ }
++ }
+
+ /* set request perms */
+ s->perm_mask = RGW_PERM_FULL_CONTROL;
+- } /* success */
+- } /* token */
++ } /* success */
+ } /* ldap */
+
+ /* keystone failed (or not enabled); check if we want to use rados backend */
+
+--
+2.10.0
+
Copied: ceph/repos/staging-x86_64/04-fix-686-build.patch (from rev 277967, ceph/trunk/04-fix-686-build.patch)
===================================================================
--- staging-x86_64/04-fix-686-build.patch (rev 0)
+++ staging-x86_64/04-fix-686-build.patch 2016-10-09 15:32:24 UTC (rev 277968)
@@ -0,0 +1,199 @@
+# https://github.com/ceph/ceph/pull/10855
+From 518883d939f34ec0afa03aea1bac35960fb579f2 Mon Sep 17 00:00:00 2001
+From: Loic Dachary <ldachary at redhat.com>
+Date: Thu, 25 Aug 2016 09:09:40 +0200
+Subject: [PATCH 1/4] Revert "common: add int64_t template for
+ strict_si_cast()"
+
+This reverts commit e3a99c082e3ebd56d5b40d7d94d98e35629df81e.
+---
+ src/common/strtol.cc | 2 --
+ src/test/strtol.cc | 15 ---------------
+ 2 files changed, 17 deletions(-)
+
+diff --git a/src/common/strtol.cc b/src/common/strtol.cc
+index f43d661..50598b9 100644
+--- a/src/common/strtol.cc
++++ b/src/common/strtol.cc
+@@ -189,8 +189,6 @@ template int strict_si_cast<int>(const char *str, std::string *err);
+
+ template long long strict_si_cast<long long>(const char *str, std::string *err);
+
+-template int64_t strict_si_cast<int64_t>(const char *str, std::string *err);
+-
+ template uint64_t strict_si_cast<uint64_t>(const char *str, std::string *err);
+
+ uint64_t strict_sistrtoll(const char *str, std::string *err)
+diff --git a/src/test/strtol.cc b/src/test/strtol.cc
+index 3946736..646c055 100644
+--- a/src/test/strtol.cc
++++ b/src/test/strtol.cc
+@@ -234,21 +234,6 @@ TEST(StrictSICast, Error) {
+ (void)strict_si_cast<int>("1T", &err);
+ ASSERT_NE(err, "");
+ }
+- {
+- std::string err;
+- (void)strict_si_cast<int64_t>("2E", &err);
+- ASSERT_EQ(err, "");
+- }
+- {
+- std::string err;
+- (void)strict_si_cast<int64_t>("-2E", &err);
+- ASSERT_EQ(err, "");
+- }
+- {
+- std::string err;
+- (void)strict_si_cast<int64_t>("1T", &err);
+- ASSERT_EQ(err, "");
+- }
+ }
+
+ /*
+
+From f7cd28460147530cfd265a593b32d02adb93abe6 Mon Sep 17 00:00:00 2001
+From: Kefu Chai <tchaikov at gmail.com>
+Date: Sat, 30 Apr 2016 18:31:37 +0800
+Subject: [PATCH 2/4] common/config: cast OPT_U32 options using uint32_t
+
+the OPT_U32 options was translated using strict_si_cast<int>(), and then
+cast the converted result to uint32_t. this could cause integer
+underflow. we could have lifted the burden of checking invalid input
+from the user of this option to the strict_si_cast<>() function. so in
+this change, we use strict_si_cast<uint32_t>() instead, before casting
+the converted value into `uint32_t`.
+
+Signed-off-by: Kefu Chai <tchaikov at gmail.com>
+(cherry picked from commit b7babd6aa671d688eef0af61ca17fd11eec22773)
+---
+ src/common/config.cc | 2 +-
+ src/common/strtol.cc | 3 +--
+ 2 files changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/src/common/config.cc b/src/common/config.cc
+index 622e237..d27bfbf 100644
+--- a/src/common/config.cc
++++ b/src/common/config.cc
+@@ -994,7 +994,7 @@ int md_config_t::set_val_raw(const char *val, const config_option *opt)
+ return 0;
+ case OPT_U32: {
+ std::string err;
+- int f = strict_si_cast<int>(val, &err);
++ int f = strict_si_cast<uint32_t>(val, &err);
+ if (!err.empty())
+ return -EINVAL;
+ *(uint32_t*)opt->conf_ptr(this) = f;
+diff --git a/src/common/strtol.cc b/src/common/strtol.cc
+index 50598b9..bc5ccc7 100644
+--- a/src/common/strtol.cc
++++ b/src/common/strtol.cc
+@@ -186,10 +186,9 @@ T strict_si_cast(const char *str, std::string *err)
+ }
+
+ template int strict_si_cast<int>(const char *str, std::string *err);
+-
+ template long long strict_si_cast<long long>(const char *str, std::string *err);
+-
+ template uint64_t strict_si_cast<uint64_t>(const char *str, std::string *err);
++template uint32_t strict_si_cast<uint32_t>(const char *str, std::string *err);
+
+ uint64_t strict_sistrtoll(const char *str, std::string *err)
+ {
+
+From d93eda88048d2bcefe4be3ea0aaa6ca0289eabbf Mon Sep 17 00:00:00 2001
+From: Vikhyat Umrao <vumrao at redhat.com>
+Date: Thu, 26 May 2016 23:30:25 +0530
+Subject: [PATCH 3/4] common: add int64_t template for strict_si_cast()
+
+Signed-off-by: Vikhyat Umrao <vumrao at redhat.com>
+(cherry picked from commit 8e429d05370fbe7935212d0ae9608e7547f39860)
+---
+ src/common/strtol.cc | 1 +
+ src/test/strtol.cc | 15 +++++++++++++++
+ 2 files changed, 16 insertions(+)
+
+diff --git a/src/common/strtol.cc b/src/common/strtol.cc
+index bc5ccc7..0e7ea7d 100644
+--- a/src/common/strtol.cc
++++ b/src/common/strtol.cc
+@@ -187,6 +187,7 @@ T strict_si_cast(const char *str, std::string *err)
+
+ template int strict_si_cast<int>(const char *str, std::string *err);
+ template long long strict_si_cast<long long>(const char *str, std::string *err);
++template int64_t strict_si_cast<int64_t>(const char *str, std::string *err);
+ template uint64_t strict_si_cast<uint64_t>(const char *str, std::string *err);
+ template uint32_t strict_si_cast<uint32_t>(const char *str, std::string *err);
+
+diff --git a/src/test/strtol.cc b/src/test/strtol.cc
+index 646c055..3946736 100644
+--- a/src/test/strtol.cc
++++ b/src/test/strtol.cc
+@@ -234,6 +234,21 @@ TEST(StrictSICast, Error) {
+ (void)strict_si_cast<int>("1T", &err);
+ ASSERT_NE(err, "");
+ }
++ {
++ std::string err;
++ (void)strict_si_cast<int64_t>("2E", &err);
++ ASSERT_EQ(err, "");
++ }
++ {
++ std::string err;
++ (void)strict_si_cast<int64_t>("-2E", &err);
++ ASSERT_EQ(err, "");
++ }
++ {
++ std::string err;
++ (void)strict_si_cast<int64_t>("1T", &err);
++ ASSERT_EQ(err, "");
++ }
+ }
+
+ /*
+
+From 117aa35094c059dbf5770b01ac13a583471e54aa Mon Sep 17 00:00:00 2001
+From: Kefu Chai <kchai at redhat.com>
+Date: Sun, 26 Jun 2016 01:02:03 +0800
+Subject: [PATCH 4/4] common: instantiate strict_si_cast<long> not
+ strict_si_cast<int64_t>
+
+this fixes the build on armf.
+
+on 32bit platforms, cstdint is very likely to
+
+ typedef long long int int64_t;
+
+this results in compilation error like
+
+ `common/strtol.cc:190:75: error: duplicate explicit instantiation of 'T
+ strict_si_cast(const char, std::string) [with T = long long int;
+ std::string = std::basic_string]'
+
+ [-fpermissive]
+ template int64_t strict_si_cast(const char *str, std::string *err);
+ ^`
+
+we can address this by instantiate the primitive type of `long long`
+instead of `in64_t`.
+
+Fixes: http://tracker.ceph.com/issues/16398
+Signed-off-by: Kefu Chai <kchai at redhat.com>
+(cherry picked from commit 31db4c5f9f725e13e38f3c90744e299e023d02a4)
+---
+ src/common/strtol.cc | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/common/strtol.cc b/src/common/strtol.cc
+index 0e7ea7d..321521d 100644
+--- a/src/common/strtol.cc
++++ b/src/common/strtol.cc
+@@ -186,8 +186,8 @@ T strict_si_cast(const char *str, std::string *err)
+ }
+
+ template int strict_si_cast<int>(const char *str, std::string *err);
++template long strict_si_cast<long>(const char *str, std::string *err);
+ template long long strict_si_cast<long long>(const char *str, std::string *err);
+-template int64_t strict_si_cast<int64_t>(const char *str, std::string *err);
+ template uint64_t strict_si_cast<uint64_t>(const char *str, std::string *err);
+ template uint32_t strict_si_cast<uint32_t>(const char *str, std::string *err);
+
Copied: ceph/repos/staging-x86_64/PKGBUILD (from rev 277967, ceph/trunk/PKGBUILD)
===================================================================
--- staging-x86_64/PKGBUILD (rev 0)
+++ staging-x86_64/PKGBUILD 2016-10-09 15:32:24 UTC (rev 277968)
@@ -0,0 +1,91 @@
+# $Id$
+# Maintainer: Sébastien "Seblu" Luttringer <seblu at archlinux.org>
+
+pkgname=ceph
+pkgver=10.2.3
+pkgrel=1
+pkgdesc='Distributed, fault-tolerant storage platform delivering object, block, and file system'
+arch=('x86_64' 'i686')
+url='http://ceph.com/'
+license=('GPL')
+makedepends=('boost' 'systemd' 'xfsprogs' 'python2-setuptools' 'python2-sphinx'
+ 'python2-virtualenv' 'cython2')
+depends=('boost-libs' 'curl' 'expat' 'fcgi' 'fuse' 'gcc-libs' 'glibc'
+ 'gperftools' 'keyutils' 'leveldb' 'libaio' 'libatomic_ops' 'libedit'
+ 'libsystemd' 'libutil-linux' 'ncurses' 'nss' 'python2' 'snappy')
+optdepends=('xfsprogs: support xfs backend')
+options=('emptydirs')
+install=ceph.install
+source=("http://ceph.com/download/$pkgname-$pkgver.tar.gz"
+ 'ceph.sysusers'
+ '01-virtualenv2.patch'
+ '02-setup-python2.patch'
+ '03-Revert-rgw-ldap-fix-ldap-bindpw-parsing.patch'
+ '04-fix-686-build.patch')
+md5sums=('5d660c78a211f6d53161e197729aebd2'
+ 'b3e24e3aa005a657ab475f84bfe3291a'
+ 'a3f72dc8e97f9fd5708d52256bcd9e75'
+ 'f11582acceeb6c1790518c3a5a29bb18'
+ '6c4cbe6288858421832e751164617774'
+ 'e8fbd2dfb359a8f6d2738d46441fbffa')
+
+prepare() {
+ cd $pkgname-$pkgver
+ # apply patch from the source array (should be a pacman feature)
+ local filename
+ for filename in "${source[@]}"; do
+ if [[ "$filename" =~ \.patch$ ]]; then
+ msg2 "Applying patch $filename"
+ patch -p1 -N -i "$srcdir/$filename"
+ fi
+ done
+ :
+}
+
+build() {
+ cd $pkgname-$pkgver
+ ./configure \
+ --prefix=/usr \
+ --sbindir=/usr/bin \
+ --libexecdir=/usr/lib \
+ --sysconfdir=/etc \
+ --localstatedir=/var \
+ --with-man-pages \
+ --with-radosgw \
+ --without-openldap \
+ PYTHON=/usr/bin/python2 \
+ CYTHON_CHECK=yes \
+ PYTHON_CONFIG_CHECK=yes \
+ SPHINX_BUILD=sphinx-build2
+ make
+}
+
+package() {
+ cd $pkgname-$pkgver
+
+ make DESTDIR="$pkgdir" install
+
+ # install tmpfiles.d
+ install -Dm644 systemd/ceph.tmpfiles.d "$pkgdir/usr/lib/tmpfiles.d/$pkgname.conf"
+ install -Dm644 "$srcdir"/ceph.sysusers "$pkgdir/usr/lib/sysusers.d/$pkgname.conf"
+
+ cd "$pkgdir"
+
+ # fix sbin path
+ msg2 'Fix sbin paths'
+ mv -v usr/sbin/* usr/bin
+ rmdir -v usr/sbin
+
+ # fix bash completions path
+ msg2 'Fix bash completion path'
+ install -d -m 755 usr/share/bash-completion
+ mv etc/bash_completion.d usr/share/bash-completion/completions
+
+ # fix python2 shebang, did not do it in prepare() anymore because it
+ # confuse automake
+ msg2 'Fix python2 shebang'
+ find . -type f -executable -exec \
+ sed -i '1s,^#! \?/usr/bin/\(env \|\)python$,#!/usr/bin/python2,' {} \;
+}
+
+# vim:set ts=2 sw=2 et:
Copied: ceph/repos/staging-x86_64/ceph.install (from rev 277967, ceph/trunk/ceph.install)
===================================================================
--- staging-x86_64/ceph.install (rev 0)
+++ staging-x86_64/ceph.install 2016-10-09 15:32:24 UTC (rev 277968)
@@ -0,0 +1,16 @@
+# vim: ft=sh ts=2 sw=2 et:
+
+# arg 1: the new package version
+post_install() {
+ systemd-sysusers ceph.conf
+ systemd-tmpfiles --create ceph.conf
+}
+
+# arg 1: the new package version
+# arg 2: the old package version
+post_upgrade() {
+ if (( "$(vercmp $2 '10.2.2-1')" < 0 )); then
+ systemd-sysusers ceph.conf
+ systemd-tmpfiles --create ceph.conf
+ fi
+}
Copied: ceph/repos/staging-x86_64/ceph.sysusers (from rev 277967, ceph/trunk/ceph.sysusers)
===================================================================
--- staging-x86_64/ceph.sysusers (rev 0)
+++ staging-x86_64/ceph.sysusers 2016-10-09 15:32:24 UTC (rev 277968)
@@ -0,0 +1 @@
+u ceph - - /run/ceph
More information about the arch-commits
mailing list