♟ clumens

Refactor: python: Convert to using f-strings in the python module.

Low: cts: Fix a regression in detailed results reporting.

With the recent TLS changes, I think we have all the pieces in place and this should be a simple matter of gluing them together. Most everything in remote CIB admin/Pacemaker Remote gnutls connection management land is pretty well broken into functions now. It might simply be a matter of passing the right cred_type around - it's probably more work to check the environment or command line (or whatever) to decide what connection type it is than it will be to actually implement this.

Refactor: libcrmcommon: pcmk__x509_enabled doesn't need an arg.

Low: libcrmcommon: Set *tls = NULL in a few more locations.

Feature: daemons: Enable TLS support for Pacemaker Remote nodes.

Feature: liblrmd: Enable TLS support for Pacemaker Remote clients.

Doc: sysconfig: Explain permissions needed on TLS-related files.

Feature: sysconfig: Document using certificates for remote nodes.

Doc: Pacemaker Explained: Add documentation for TLS options.

Refactor: libcrmcommon: Only set gnutls priorities when needed.

Refactor: libcrmcommon: pcmk__x509_enabled doesn't need an arg.

Feature: daemons: Enable TLS support for Pacemaker Remote nodes.

Low: libcrmcommon: Set *tls = NULL in a few more locations.

Feature: liblrmd: Enable TLS support for Pacemaker Remote clients.

Doc: sysconfig: Explain permissions needed on TLS-related files.

Feature: sysconfig: Document using certificates for remote nodes.

Doc: Pacemaker Explained: Add documentation for TLS options.

Refactor: libcrmcommon: Only set gnutls priorities when needed.

Refactor: libcib: Unindent code in cib_new.

Refactor: libcib: Rearrange cib_remote_signon a bit.

Refactor: libcrmcommon: Use our own logging for gnutls.

Refactor: libcrmcommon: Move tls priority detection into a function.

Refactor: libs: Move tls-specific code from remote.c to tls.c.

Feature: libcrmcommon: Add pcmk__x509_enabled.

Feature: sysconfig: Add env settings needed for X509 authentication.

Refactor: libcrmcommon: Change the type of tls_session...

Refactor: libcrmcommon: pcmk__new_tls_session can take a cert cred type.

Refactor: libcrmcommon: Add pcmk__tls_t.

Refactor: libs: Use pcmk__tls_t in the client TLS code as well.

Refactor: libcrmcommon: Deprecate crm_gnutls_global_init.

Refactor: libcrmcommon: Simplify args to pcmk__new_tls_session.

Feature: daemons: Set up X509 auth in based if enabled.

Feature: libcrmcommon: If the server supports certs, require them...

Feature: libs: Log if a TLS certificate is close to expiration.

Feature: libcib: Enable TLS certs for remote CIB operations.

Doc: Pacemaker Administration: Explain use of TLS certificates.

Refactor: libcib: Unindent code in cib_new.

Refactor: libcib: Rearrange cib_remote_signon a bit.

Refactor: libcrmcommon: Use our own logging for gnutls.

Refactor: libcrmcommon: Move tls priority detection into a function.

Refactor: libcrmcommon: Change the type of tls_session...

Feature: sysconfig: Add env settings needed for X509 authentication.

Refactor: libs: Move tls-specific code from remote.c to tls.c.

Feature: libcrmcommon: Add pcmk__x509_enabled.

Refactor: libcrmcommon: pcmk__new_tls_session can take a cert cred type.

Refactor: libcrmcommon: Add pcmk__tls_t.

Refactor: libs: Use pcmk__tls_t in the client TLS code as well.

Refactor: libcrmcommon: Deprecate crm_gnutls_global_init.

Refactor: libcrmcommon: Simplify args to pcmk__new_tls_session.

Feature: daemons: Set up X509 auth in based if enabled.

Feature: libcrmcommon: If the server supports certs, require them...

Feature: libs: Log if a TLS certificate is close to expiration.

Feature: libcib: Enable TLS certs for remote CIB operations.

Doc: Pacemaker Administration: Explain use of TLS certificates.

Test: cts-scheduler: Remove sed needed for backwards compat.

Build: rpm: Ignore the lib-package-without-%mklibname rpmlint error

Refactor: Remove global booth_conf variable from notify_client.

Refactor: Remove global booth_conf variable from list_peers.

Refactor: Remove global booth_conf variable from network functions.

Build: rpm: Ignore the lib-package-without-%mklibname rpmlint error

My guess as to why this stopped working is that the API key you use to link github and copr is only good for 180 days and then must be regenerated.

Build: release.mk: Fix the fallback setting of VERSION.

Build: rpm: Define a fallback value for GIT.

Build: copr: Fix the copr Makefile.

Refactor: libcrmcommon: Guard function bodies in procfs.c.

Refactor: libcrmcommon: Move opening /proc/self/fd into a function.

Refactor: libcrmcommon: Move sysrq_trigger into procfs.c.

Refactor: libcrmcommon: Remove guards in pcmk__locate_sbd.

Refactor: libcrmcommon: Remove guards in panic_local_nonroot.

Refactor: daemons: Pass the server we're throttling as an argument.

Refactor: daemons: Use true/false instead of TRUE/FALSE...

Refactor: daemons: Improve code formatting in throttle functions.

Refactor: daemons: Move throttling code into libcrmcommon

Refactor: libcrmcommon: Add pcmk__create_timer.

Refactor: Use pcmk__create_timer...

Refactor: libcrmcommon: Add pcmk__timeout_ms2s.

Refactor: Use pcmk__timeout_ms2s where possible.

Refactor: daemons: Get rid of an implicit fallthrough.

Fix: python: Always use generated corosync config in regression tests

Refactor: python: Fix pylint & pyflake warnings in isoparse.

Looking at that old CTS code sure is unpleasant.

I can see how this might be handy to someone, but it's never come up for me.

Refactor: liblrmd: Minor code cleanups to lrmd_send_command.

Refactor: liblrmd: lrmd_send_command should take a bool.

Refactor: liblrmd: Add lrmd_handshake_hello_msg.

clumens (Chris Lumens)
User

Projects

User Details

Recent Activity
View All

Wed, Jan 15

Mon, Jan 13

Fri, Jan 10

Fri, Jan 3

Thu, Jan 2

Dec 11 2024

Dec 10 2024

Dec 9 2024

Dec 5 2024

Dec 4 2024

Dec 3 2024

Dec 2 2024

Nov 20 2024

Nov 14 2024

Nov 13 2024

Nov 12 2024

Nov 6 2024

clumens (Chris Lumens)User