add upstream patches

0001-Fix-interfaaces-coming-up-during-vrrp_script-init-ph.patch

@@ -0,0 +1,42 @@
+From 1ef6d477f4bd4b8e8c61748205352b6ff34936d3 Mon Sep 17 00:00:00 2001
+From: Quentin Armitage <quentin@armitage.org.uk>
+Date: Tue, 7 Apr 2020 23:47:16 +0100
+Subject: [PATCH 006/691] Fix interfaaces coming up during vrrp_script init
+ phase
+
+Issue #1532 reported that if a tracked interface transitioned from
+down to up while a vrrp_script was running for the first time, the
+tracking vrrp instances would never come up. This commit resolves
+the issue.
+
+Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
+---
+ keepalived/vrrp/vrrp_scheduler.c | 11 ++++++++++-
+ 1 file changed, 10 insertions(+), 1 deletion(-)
+
+diff --git a/keepalived/vrrp/vrrp_scheduler.c b/keepalived/vrrp/vrrp_scheduler.c
+index 6eac8fd..6f3586d 100644
+--- a/keepalived/vrrp/vrrp_scheduler.c
++++ b/keepalived/vrrp/vrrp_scheduler.c
+@@ -623,8 +623,17 @@ try_up_instance(vrrp_t *vrrp, bool leaving_init)
+ 		if (vrrp->num_script_if_fault)
+ 			return;
+ 	}
+-	else if (--vrrp->num_script_if_fault || vrrp->num_script_init)
++	else if (--vrrp->num_script_if_fault || vrrp->num_script_init) {
++		if (!vrrp->num_script_if_fault) {
++			if (vrrp->sync) {
++				vrrp->sync->num_member_fault--;
++				vrrp->sync->state = VRRP_STATE_INIT;
++			}
++			vrrp->wantstate = VRRP_STATE_BACK;
++		}
++
+ 		return;
++	}
+ 
+ 	if (vrrp->wantstate == VRRP_STATE_MAST && vrrp->base_priority == VRRP_PRIO_OWNER) {
+ 		vrrp->wantstate = VRRP_STATE_MAST;
+-- 
+1.8.3.1
+

0002-Fix-segfault-when-checker-process-terminates-with-SN.patch

@@ -0,0 +1,43 @@
+From 1a94bcfe23ef9deca79f71769b786d774892bd3a Mon Sep 17 00:00:00 2001
+From: Quentin Armitage <quentin@armitage.org.uk>
+Date: Tue, 26 May 2020 15:25:11 +0100
+Subject: [PATCH 093/691] Fix segfault when checker process terminates with
+ SNMP
+
+snmp_agent_close() now has to be called before thread_destroy_master()
+
+Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
+---
+ keepalived/check/check_daemon.c | 9 +++++----
+ 1 file changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/keepalived/check/check_daemon.c b/keepalived/check/check_daemon.c
+index 7da4061..1ce274d 100644
+--- a/keepalived/check/check_daemon.c
++++ b/keepalived/check/check_daemon.c
+@@ -133,6 +133,11 @@ checker_terminate_phase2(void)
+ 	/* Remove the notify fifo */
+ 	notify_fifo_close(&global_data->notify_fifo, &global_data->lvs_notify_fifo);
+ 
++#ifdef _WITH_SNMP_CHECKER_
++	if (global_data && global_data->enable_snmp_checker)
++		check_snmp_agent_close();
++#endif
++
+ 	/* Destroy master thread */
+ 	checker_dispatcher_release();
+ 	thread_destroy_master(master);
+@@ -141,10 +146,6 @@ checker_terminate_phase2(void)
+ 	free_ssl();
+ 
+ 	ipvs_stop();
+-#ifdef _WITH_SNMP_CHECKER_
+-	if (global_data && global_data->enable_snmp_checker)
+-		check_snmp_agent_close();
+-#endif
+ 
+ 	/* Stop daemon */
+ 	pidfile_rm(checkers_pidfile);
+-- 
+1.8.3.1
+

0003-regex-fix-memory-leak-if-not-using-JIT.patch

@@ -0,0 +1,26 @@
+From 4ab53a9bdac7701900d238574cd86e0a987b8a45 Mon Sep 17 00:00:00 2001
+From: Alexandre Cassen <acassen@gmail.com>
+Date: Fri, 5 Jun 2020 16:40:43 +0200
+Subject: [PATCH 149/691] regex: fix memory leak if not using JIT
+
+---
+ keepalived/check/check_http.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/keepalived/check/check_http.c b/keepalived/check/check_http.c
+index f2f61c9..e14f82d 100644
+--- a/keepalived/check/check_http.c
++++ b/keepalived/check/check_http.c
+@@ -771,6 +771,9 @@ prepare_regex(url_t *url)
+ 		pcre2_get_error_message(pcreErrorNumber, buffer, sizeof buffer);
+ 		log_message(LOG_INFO, "Regex JIT compilation failed: '%s': %s\n", url->regex->pattern, (char *)buffer);
+ 
++		FREE_CONST_PTR(r->pattern);
++		FREE(r);
++
+ 		return;
+ 	}
+ #endif
+-- 
+1.8.3.1
+

0004-parser-fix-multiple-command-line-substitutions-condi.patch

@@ -0,0 +1,32 @@
+From d37b2f4794acf1b0b431110c5e1fb23d652c5962 Mon Sep 17 00:00:00 2001
+From: Quentin Armitage <quentin@armitage.org.uk>
+Date: Tue, 7 Jul 2020 21:16:26 +0100
+Subject: [PATCH 283/691] parser: fix multiple command line
+ substitutions/conditions
+
+For example:
+$NO_STRICT      @high   unicast_src_ip 10.1.5.1
+would cause the parser to enter an infinite loop.
+
+Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
+---
+ lib/parser.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/parser.c b/lib/parser.c
+index f6c522c..73911d9 100644
+--- a/lib/parser.c
++++ b/lib/parser.c
+@@ -1826,8 +1826,8 @@ read_line(char *buf, size_t size)
+ 		if (len == 0)
+ 			continue;
+ 
+-		recheck = false;
+ 		do {
++			recheck = false;
+ 			if (buf[0] == '@') {
+ 				/* If the line starts '@', check the following word matches the system id.
+ 				   @^ reverses the sense of the match */
+-- 
+1.8.3.1
+

0005-Fix-detecting-setsid-error-in-xdaemon.patch

@@ -0,0 +1,29 @@
+From d058988e1f2a67769075066e875cd8b16de931a4 Mon Sep 17 00:00:00 2001
+From: Quentin Armitage <quentin@armitage.org.uk>
+Date: Thu, 20 Aug 2020 17:06:19 +0100
+Subject: [PATCH 322/691] Fix detecting setsid() error in xdaemon()
+
+setsid() return should be checked for < 0 rather than < -1. This
+error was fixed in the zebra code in 2004!
+
+Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
+---
+ keepalived/core/daemon.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/keepalived/core/daemon.c b/keepalived/core/daemon.c
+index 0e3621d..3f99d34 100644
+--- a/keepalived/core/daemon.c
++++ b/keepalived/core/daemon.c
+@@ -59,7 +59,7 @@ xdaemon(bool nochdir, bool noclose, bool exitflag)
+ 
+ 	/* Become session leader and get pid. */
+ 	pid = setsid();
+-	if (pid < -1) {
++	if (pid < 0) {
+ 		log_message(LOG_INFO, "xdaemon: setsid error");
+ 		return -1;
+ 	}
+-- 
+1.8.3.1
+

0006-vrrp-fix-checking-if-kernel-netlink-socket-is-open.patch

@@ -0,0 +1,28 @@
+From 2f7fdfc1a45931753d77a17b1b67c6725a5f6784 Mon Sep 17 00:00:00 2001
+From: Quentin Armitage <quentin@armitage.org.uk>
+Date: Wed, 14 Oct 2020 16:17:08 +0100
+Subject: [PATCH 380/691] vrrp: fix checking if kernel netlink socket is open
+
+0 is a valid value for a file descriptor.
+
+Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
+---
+ keepalived/core/keepalived_netlink.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/keepalived/core/keepalived_netlink.c b/keepalived/core/keepalived_netlink.c
+index 6ac26dc..3169013 100644
+--- a/keepalived/core/keepalived_netlink.c
++++ b/keepalived/core/keepalived_netlink.c
+@@ -2314,7 +2314,7 @@ kernel_netlink(thread_ref_t thread)
+ void
+ kernel_netlink_poll(void)
+ {
+-	if (!nl_kernel.fd)
++	if (nl_kernel.fd < 0)
+ 		return;
+ 
+ 	netlink_parse_info(netlink_broadcast_filter, &nl_kernel, NULL, true);
+-- 
+1.8.3.1
+

0007-vrrp-ensure-memory-used-for-entries-in-etc-iproute2-.patch

@@ -0,0 +1,54 @@
+From ed07bd83ef06dc33365c286654a9fddc08fbb8f5 Mon Sep 17 00:00:00 2001
+From: Quentin Armitage <quentin@armitage.org.uk>
+Date: Wed, 14 Oct 2020 16:19:54 +0100
+Subject: [PATCH 381/691] vrrp: ensure memory used for entries in /etc/iproute2
+ is freed
+
+Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
+---
+ keepalived/vrrp/vrrp_daemon.c | 2 ++
+ keepalived/vrrp/vrrp_data.c   | 2 --
+ lib/parser.c                  | 4 +---
+ 3 files changed, 3 insertions(+), 5 deletions(-)
+
+diff --git a/keepalived/vrrp/vrrp_daemon.c b/keepalived/vrrp/vrrp_daemon.c
+index 4533f06..ea950c9 100644
+--- a/keepalived/vrrp/vrrp_daemon.c
++++ b/keepalived/vrrp/vrrp_daemon.c
+@@ -246,6 +246,8 @@ vrrp_terminate_phase2(int exit_status)
+ 		dbus_stop();
+ #endif
+ 
++	clear_rt_names();
++
+ 	if (global_data->vrrp_notify_fifo.fd != -1)
+ 		notify_fifo_close(&global_data->notify_fifo, &global_data->vrrp_notify_fifo);
+ 
+diff --git a/keepalived/vrrp/vrrp_data.c b/keepalived/vrrp/vrrp_data.c
+index 31f4b82..40d10ba 100644
+--- a/keepalived/vrrp/vrrp_data.c
++++ b/keepalived/vrrp/vrrp_data.c
+@@ -1157,6 +1157,4 @@ dump_data_vrrp(FILE *fp)
+ 		conf_write(fp, "------< Interfaces >------");
+ 		dump_list(fp, ifl);
+ 	}
+-
+-	clear_rt_names();
+ }
+diff --git a/lib/parser.c b/lib/parser.c
+index 73911d9..c13e133 100644
+--- a/lib/parser.c
++++ b/lib/parser.c
+@@ -2099,8 +2099,6 @@ init_data(const char *conf_file, const vector_t * (*init_keywords) (void))
+ 
+ 	free_keywords(keywords);
+ 	free_parser_data();
+-#ifdef _WITH_VRRP_
+-	clear_rt_names();
+-#endif
++
+ 	notify_resource_release();
+ }
+-- 
+1.8.3.1
+

0008-ipvs-fix-a-file-descriptor-leak-with-SSL_GET.patch

@@ -0,0 +1,41 @@
+From 48d398a186afb0c71eb2fc05328f4fed580f975e Mon Sep 17 00:00:00 2001
+From: Quentin Armitage <quentin@armitage.org.uk>
+Date: Wed, 28 Oct 2020 16:10:01 +0000
+Subject: [PATCH 426/691] ipvs: fix a file descriptor leak with SSL_GET
+
+Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
+---
+ keepalived/check/check_ssl.c | 9 ++++-----
+ 1 file changed, 4 insertions(+), 5 deletions(-)
+
+diff --git a/keepalived/check/check_ssl.c b/keepalived/check/check_ssl.c
+index c7fb2ca..2999244 100644
+--- a/keepalived/check/check_ssl.c
++++ b/keepalived/check/check_ssl.c
+@@ -301,8 +301,8 @@ ssl_read_thread(thread_ref_t thread)
+ 	if (req->error == SSL_ERROR_WANT_READ) {
+ 		 /* async read unfinished */
+ 		thread_add_read(thread->master, ssl_read_thread, checker,
+-				thread->u.f.fd, timeout, false);
+-	} else if (r > 0 && req->error == 0) {
++				thread->u.f.fd, timeout, true);
++	} else if (r > 0 && req->error == SSL_ERROR_NONE) {
+ 		/* Handle response stream */
+ 		http_process_response(req, (size_t)r, url);
+ 
+@@ -311,10 +311,9 @@ ssl_read_thread(thread_ref_t thread)
+ 		 * Register itself to not perturbe global I/O multiplexer.
+ 		 */
+ 		thread_add_read(thread->master, ssl_read_thread, checker,
+-				thread->u.f.fd, timeout, false);
++				thread->u.f.fd, timeout, true);
+ 	} else if (req->error) {
+-
+-		/* All the SSL streal has been parsed */
++		/* All the SSL stream has been parsed */
+ 		if (url->digest)
+ 			MD5_Final(digest, &req->context);
+ 		SSL_set_quiet_shutdown(req->ssl, 1);
+-- 
+1.8.3.1
+

0009-core-Fix-a-file-descriptor-leak-when-reloading.patch

@@ -0,0 +1,62 @@
+From ba3ce49606271ec49188b8c73ff341b9f680f254 Mon Sep 17 00:00:00 2001
+From: Quentin Armitage <quentin@armitage.org.uk>
+Date: Wed, 28 Oct 2020 16:11:37 +0000
+Subject: [PATCH 427/691] core: Fix a file descriptor leak when reloading
+
+Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
+---
+ lib/scheduler.c | 29 +++++++++++++++++++----------
+ 1 file changed, 19 insertions(+), 10 deletions(-)
+
+diff --git a/lib/scheduler.c b/lib/scheduler.c
+index f54e3b4..139b8e5 100644
+--- a/lib/scheduler.c
++++ b/lib/scheduler.c
+@@ -839,10 +839,24 @@ thread_destroy_list(thread_master_t *m, list_head_t *l)
+ 	thread_t *thread, *thread_tmp;
+ 
+ 	list_for_each_entry_safe(thread, thread_tmp, l, next) {
+-		if (thread->event) {
+-			thread_del_read(thread);
+-			thread_del_write(thread);
++		/* The following thread types are relevant for the ready list */
++		if (thread->type == THREAD_READY_READ_FD ||
++		    thread->type == THREAD_READY_WRITE_FD ||
++		    thread->type == THREAD_READ_TIMEOUT ||
++		    thread->type == THREAD_WRITE_TIMEOUT ||
++		    thread->type == THREAD_READ_ERROR ||
++		    thread->type == THREAD_WRITE_ERROR) {
++			/* Do we have a thread_event, and does it need deleting? */
++			if (thread->event) {
++				thread_del_read(thread);
++				thread_del_write(thread);
++			}
++
++			/* Do we have a file descriptor that needs closing ? */
++			if (thread->u.f.close_on_reload)
++				thread_close_fd(thread);
+ 		}
++
+ 		list_head_del(&thread->next);
+ 		thread_add_unuse(m, thread);
+ 	}
+@@ -856,14 +870,9 @@ thread_destroy_rb(thread_master_t *m, rb_root_cached_t *root)
+ 	rb_for_each_entry_safe_cached(thread, thread_tmp, root, n) {
+ 		rb_erase_cached(&thread->n, root);
+ 
++		/* The following are relevant for the read and write rb lists */
+ 		if (thread->type == THREAD_READ ||
+-		    thread->type == THREAD_WRITE ||
+-		    thread->type == THREAD_READY_READ_FD ||
+-		    thread->type == THREAD_READY_WRITE_FD ||
+-		    thread->type == THREAD_READ_TIMEOUT ||
+-		    thread->type == THREAD_WRITE_TIMEOUT ||
+-		    thread->type == THREAD_READ_ERROR ||
+-		    thread->type == THREAD_WRITE_ERROR) {
++		    thread->type == THREAD_WRITE) {
+ 			/* Do we have a thread_event, and does it need deleting? */
+ 			if (thread->type == THREAD_READ)
+ 				thread_del_read(thread);
+-- 
+1.8.3.1
+

keepalived.spec

@@ -9,13 +9,25 @@
 
 Name:		keepalived
 Version:	2.0.20
-Release:	2
+Release:	3
 Summary:	High Availability monitor built upon LVS, VRRP and service pollers
 License:	GPLv2+
 URL:		http://www.keepalived.org/
 Source0:	http://www.keepalived.org/software/keepalived-%{version}.tar.gz
 Source1: 	keepalived.service
 
+Patch0001:      0001-Fix-interfaaces-coming-up-during-vrrp_script-init-ph.patch
+Patch0002:      0002-Fix-segfault-when-checker-process-terminates-with-SN.patch
+Patch0003:      0003-regex-fix-memory-leak-if-not-using-JIT.patch
+Patch0004:      0004-parser-fix-multiple-command-line-substitutions-condi.patch
+Patch0005:      0005-Fix-detecting-setsid-error-in-xdaemon.patch
+Patch0006:      0006-vrrp-fix-checking-if-kernel-netlink-socket-is-open.patch
+Patch0007:      0007-vrrp-ensure-memory-used-for-entries-in-etc-iproute2-.patch
+Patch0008:      0008-ipvs-fix-a-file-descriptor-leak-with-SSL_GET.patch
+Patch0009:      0009-core-Fix-a-file-descriptor-leak-when-reloading.patch
+Patch0010:      0010-vrrp-Don-t-segfault-when-a-VRID-is-changed-on-a-VMAC.patch
+Patch0011:      0011-vrrp-clear-old_vrrp_data-and-old_global_data-when-me.patch
+
 BuildRequires:	net-snmp-devel gcc systemd-units openssl-devel libnl3-devel
 BuildRequires:  ipset-devel iptables-devel libnfnetlink-devel libnftnl-devel
 %{?systemd requires}
@@ -39,7 +51,7 @@ or all together to provide resilient infrastructures.
 %package_help
 
 %prep
-%autosetup -n %{name}-%{version}
+%autosetup -n %{name}-%{version} -p1
 
 %build
 %configure  %{?with_debug:--enable-debug}  %{?with_profile:--enable-profile} \
@@ -89,5 +101,11 @@ install -Dd -m 0755 %{buildroot}%{_libexecdir}/keepalived
 %{_mandir}/man*
 
 %changelog
+* Wed Jun 10 2021 wangxp006 <wangxp006@163.com> -  2.0.20-3
+- Type:bugfix
+- ID:NA 
+- SUG:NA
+- DESC:backport upstream patches
+
 * Fri  21 2020 openEuler Buildteam <buildteam@openeuler.org> - 2.0.20-2
 - Package init