Blame SOURCES/0004-fix-dbus-conf-setting-deprecated-properties-should-b.patch

47f735
From 9c26e2d1eb45c5afc0e6430d2736aeefe9f07cf1 Mon Sep 17 00:00:00 2001
47f735
From: Eric Garver <eric@garver.life>
47f735
Date: Mon, 25 Jan 2021 11:29:48 -0500
47f735
Subject: [PATCH 04/22] fix(dbus): conf: setting deprecated properties should
47f735
 be ignored
47f735
47f735
They weren't being written to the config file, but the runtime dbus
47f735
values were being changed.
47f735
47f735
(cherry picked from commit 9001e0cfc18fdcf8526d774fad396414d223c70a)
47f735
(cherry picked from commit e8451a455461b5cf177ea8a9aaab7a5e5100991b)
47f735
---
47f735
 src/firewall/server/config.py    | 23 +++++------------------
47f735
 src/tests/dbus/firewalld.conf.at |  4 ++--
47f735
 2 files changed, 7 insertions(+), 20 deletions(-)
47f735
47f735
diff --git a/src/firewall/server/config.py b/src/firewall/server/config.py
47f735
index 1f832a459915..031ef5d1afaa 100644
47f735
--- a/src/firewall/server/config.py
47f735
+++ b/src/firewall/server/config.py
47f735
@@ -706,22 +706,11 @@ class FirewallDConfig(slip.dbus.service.Object):
47f735
         self.accessCheck(sender)
47f735
 
47f735
         if interface_name == config.dbus.DBUS_INTERFACE_CONFIG:
47f735
-            if property_name in [ "MinimalMark", "CleanupOnExit", "Lockdown",
47f735
+            if property_name in [ "CleanupOnExit", "Lockdown",
47f735
                                   "IPv6_rpfilter", "IndividualCalls",
47f735
-                                  "LogDenied", "AutomaticHelpers",
47f735
+                                  "LogDenied",
47f735
                                   "FirewallBackend", "FlushAllOnReload",
47f735
                                   "RFC3964_IPv4", "AllowZoneDrifting" ]:
47f735
-                if property_name == "MinimalMark":
47f735
-                    try:
47f735
-                        int(new_value)
47f735
-                    except ValueError:
47f735
-                        raise FirewallError(errors.INVALID_MARK, new_value)
47f735
-                try:
47f735
-                    new_value = str(new_value)
47f735
-                except:
47f735
-                    raise FirewallError(errors.INVALID_VALUE,
47f735
-                                        "'%s' for %s" % \
47f735
-                                        (new_value, property_name))
47f735
                 if property_name in [ "CleanupOnExit", "Lockdown",
47f735
                                       "IPv6_rpfilter", "IndividualCalls" ]:
47f735
                     if new_value.lower() not in [ "yes", "no",
47f735
@@ -734,11 +723,6 @@ class FirewallDConfig(slip.dbus.service.Object):
47f735
                         raise FirewallError(errors.INVALID_VALUE,
47f735
                                             "'%s' for %s" % \
47f735
                                             (new_value, property_name))
47f735
-                if property_name == "AutomaticHelpers":
47f735
-                    if new_value not in config.AUTOMATIC_HELPERS_VALUES:
47f735
-                        raise FirewallError(errors.INVALID_VALUE,
47f735
-                                            "'%s' for %s" % \
47f735
-                                            (new_value, property_name))
47f735
                 if property_name == "FirewallBackend":
47f735
                     if new_value not in config.FIREWALL_BACKEND_VALUES:
47f735
                         raise FirewallError(errors.INVALID_VALUE,
47f735
@@ -764,6 +748,9 @@ class FirewallDConfig(slip.dbus.service.Object):
47f735
                 self.config.get_firewalld_conf().write()
47f735
                 self.PropertiesChanged(interface_name,
47f735
                                        { property_name: new_value }, [ ])
47f735
+            elif property_name in ["MinimalMark", "AutomaticHelpers"]:
47f735
+                # deprecated fields. Ignore setting them.
47f735
+                pass
47f735
             else:
47f735
                 raise dbus.exceptions.DBusException(
47f735
                     "org.freedesktop.DBus.Error.InvalidArgs: "
47f735
diff --git a/src/tests/dbus/firewalld.conf.at b/src/tests/dbus/firewalld.conf.at
47f735
index cc15318c78dc..9fc5502a8d0b 100644
47f735
--- a/src/tests/dbus/firewalld.conf.at
47f735
+++ b/src/tests/dbus/firewalld.conf.at
47f735
@@ -37,8 +37,8 @@ $3
47f735
 ])
47f735
 
47f735
 dnl Test individual Set/Get
47f735
-_helper([MinimalMark], [int32:1234], [variant int32 1234])
47f735
-_helper([AutomaticHelpers], [string:"no"], [variant string "no"])
47f735
+_helper([MinimalMark], [int32:1234], [variant int32 100])
47f735
+_helper([AutomaticHelpers], [string:"yes"], [variant string "no"])
47f735
 _helper([Lockdown], [string:"yes"], [variant string "yes"])
47f735
 _helper([LogDenied], [string:"all"], [variant string "all"])
47f735
 _helper([IPv6_rpfilter], [string:"yes"], [variant string "yes"])
47f735
-- 
47f735
2.27.0
47f735