♟ clumens

This is going to be very, very difficult to do which is why we've removed it from the RHEL board and lowered the priority. Basically, lrmd_send_command implements almost all of the API commands for a lrmd_t. All of those would need to be converted over to an async style, and then all of their callers would be. This includes major portions of the control daemon, which isn't very well set up to call the async versions of these functions. It would require rewriting much of liblrmd and the control daemon, and there's simply not enough time to get around to a project of that size.

cppcheck appears to be fine with pcmk__realloc for me, but I would still be all for investigating removing it in favor of someone else's code.

Build: devel: Replace indent with clang-format.

Refactor: libcrmservice: systemd_init should return a bool.

Refactor: daemons: Fix whitespace problems in execd_commands.c.

Refactor: daemons: Unindent a block of code in action_complete.

Refactor: daemons: Get rid of an unnecessary #endif/#ifdef.

Refactor: daemons: Unindent the goagain block in action_complete.

Low: libcrmservices: Don't leak msg if systemd_proxy is NULL.

Refactor: daemons: Improve whitespace in action_complete.

Refactor: libcrmservices: Unref the dbus connection...

Low: python: Add python value for new CRM_EX_NO_DC exit code.

Refactor: python: Rename variables in Audit __call__ methods.

Refactor: python: Reduce code duplication looking for core dumps.

Low: python: Use coredumpctl to check for core files.

Refactor: cts: _find_core_on_fs can now take a list of locations.

Refactor: doc: Get rid of sphinx templates.

Refactor: doc: Don't use autosummary in the python documentation.

Refactor: cts: Use f-strings in cts regression tests.

Refactor: cts: Use f-strings instead of string addition.

Refactor: cts: Fix pylint problems in cts-fencing.

Refactor: cts: Fix pyflake problems in cts-fencing.

Refactor: cts: Clarify spacing in cts-exec.in.

Refactor: python: Convert to using f-strings in the python module.

Low: cts: Fix a regression in detailed results reporting.

With the recent TLS changes, I think we have all the pieces in place and this should be a simple matter of gluing them together. Most everything in remote CIB admin/Pacemaker Remote gnutls connection management land is pretty well broken into functions now. It might simply be a matter of passing the right cred_type around - it's probably more work to check the environment or command line (or whatever) to decide what connection type it is than it will be to actually implement this.

Refactor: libcrmcommon: pcmk__x509_enabled doesn't need an arg.

Low: libcrmcommon: Set *tls = NULL in a few more locations.

Feature: daemons: Enable TLS support for Pacemaker Remote nodes.

Feature: liblrmd: Enable TLS support for Pacemaker Remote clients.

Doc: sysconfig: Explain permissions needed on TLS-related files.

Feature: sysconfig: Document using certificates for remote nodes.

Doc: Pacemaker Explained: Add documentation for TLS options.

Refactor: libcrmcommon: Only set gnutls priorities when needed.

Refactor: libcrmcommon: pcmk__x509_enabled doesn't need an arg.

Feature: daemons: Enable TLS support for Pacemaker Remote nodes.

Low: libcrmcommon: Set *tls = NULL in a few more locations.

Feature: liblrmd: Enable TLS support for Pacemaker Remote clients.

Doc: sysconfig: Explain permissions needed on TLS-related files.

Feature: sysconfig: Document using certificates for remote nodes.

Doc: Pacemaker Explained: Add documentation for TLS options.

Refactor: libcrmcommon: Only set gnutls priorities when needed.

Refactor: libcib: Unindent code in cib_new.

Refactor: libcib: Rearrange cib_remote_signon a bit.

Refactor: libcrmcommon: Use our own logging for gnutls.

Refactor: libcrmcommon: Move tls priority detection into a function.

Refactor: libs: Move tls-specific code from remote.c to tls.c.

Feature: libcrmcommon: Add pcmk__x509_enabled.

Feature: sysconfig: Add env settings needed for X509 authentication.

Refactor: libcrmcommon: Change the type of tls_session...

Refactor: libcrmcommon: pcmk__new_tls_session can take a cert cred type.

Refactor: libcrmcommon: Add pcmk__tls_t.

Refactor: libs: Use pcmk__tls_t in the client TLS code as well.

Refactor: libcrmcommon: Deprecate crm_gnutls_global_init.

Refactor: libcrmcommon: Simplify args to pcmk__new_tls_session.

Feature: daemons: Set up X509 auth in based if enabled.

Feature: libcrmcommon: If the server supports certs, require them...

Feature: libs: Log if a TLS certificate is close to expiration.

Feature: libcib: Enable TLS certs for remote CIB operations.

Doc: Pacemaker Administration: Explain use of TLS certificates.

Refactor: libcib: Unindent code in cib_new.

Refactor: libcib: Rearrange cib_remote_signon a bit.

Refactor: libcrmcommon: Use our own logging for gnutls.

Refactor: libcrmcommon: Move tls priority detection into a function.

Refactor: libcrmcommon: Change the type of tls_session...

Feature: sysconfig: Add env settings needed for X509 authentication.

Refactor: libs: Move tls-specific code from remote.c to tls.c.

Feature: libcrmcommon: Add pcmk__x509_enabled.

Refactor: libcrmcommon: pcmk__new_tls_session can take a cert cred type.

Refactor: libcrmcommon: Add pcmk__tls_t.

Refactor: libs: Use pcmk__tls_t in the client TLS code as well.

Refactor: libcrmcommon: Deprecate crm_gnutls_global_init.

Refactor: libcrmcommon: Simplify args to pcmk__new_tls_session.

Feature: daemons: Set up X509 auth in based if enabled.

clumens (Chris Lumens)
User

Projects

User Details

Recent Activity
View All

Yesterday

Tue, Feb 18

Mon, Feb 17

Thu, Feb 6

Wed, Feb 5

Mon, Feb 3

Fri, Jan 31

Thu, Jan 30

Wed, Jan 29

Tue, Jan 28

Mon, Jan 27

Thu, Jan 23

Jan 15 2025

Jan 13 2025

Jan 10 2025

Jan 3 2025

Jan 2 2025

Dec 11 2024

Dec 10 2024

Dec 9 2024

clumens (Chris Lumens)User