rpms / firewalld

Clone
Source Code
GIT

Blame SOURCES/0004-fix-dbus-conf-setting-deprecated-properties-should-b.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c7-sig-altarch-fasttrack c8 c8-beta c8s c9 c9-beta
  1.   c8
  2.   SOURCES
  3.   0004-fix-dbus-conf-setting-deprecated-properties-should-b.patch
Blob History Raw
63f414 
From 9c26e2d1eb45c5afc0e6430d2736aeefe9f07cf1 Mon Sep 17 00:00:00 2001
63f414 
From: Eric Garver <eric@garver.life>
63f414 
Date: Mon, 25 Jan 2021 11:29:48 -0500
63f414 
Subject: [PATCH 04/22] fix(dbus): conf: setting deprecated properties should
63f414 
 be ignored
63f414
63f414 
They weren't being written to the config file, but the runtime dbus
63f414 
values were being changed.
63f414
63f414 
(cherry picked from commit 9001e0cfc18fdcf8526d774fad396414d223c70a)
63f414 
(cherry picked from commit e8451a455461b5cf177ea8a9aaab7a5e5100991b)
63f414 
---
63f414 
 src/firewall/server/config.py    | 23 +++++------------------
63f414 
 src/tests/dbus/firewalld.conf.at |  4 ++--
63f414 
 2 files changed, 7 insertions(+), 20 deletions(-)
63f414
63f414 
diff --git a/src/firewall/server/config.py b/src/firewall/server/config.py
63f414 
index 1f832a459915..031ef5d1afaa 100644
63f414 
--- a/src/firewall/server/config.py
63f414 
+++ b/src/firewall/server/config.py
63f414 
@@ -706,22 +706,11 @@ class FirewallDConfig(slip.dbus.service.Object):
63f414 
         self.accessCheck(sender)
63f414
63f414 
         if interface_name == config.dbus.DBUS_INTERFACE_CONFIG:
63f414 
-            if property_name in [ "MinimalMark", "CleanupOnExit", "Lockdown",
63f414 
+            if property_name in [ "CleanupOnExit", "Lockdown",
63f414 
                                   "IPv6_rpfilter", "IndividualCalls",
63f414 
-                                  "LogDenied", "AutomaticHelpers",
63f414 
+                                  "LogDenied",
63f414 
                                   "FirewallBackend", "FlushAllOnReload",
63f414 
                                   "RFC3964_IPv4", "AllowZoneDrifting" ]:
63f414 
-                if property_name == "MinimalMark":
63f414 
-                    try:
63f414 
-                        int(new_value)
63f414 
-                    except ValueError:
63f414 
-                        raise FirewallError(errors.INVALID_MARK, new_value)
63f414 
-                try:
63f414 
-                    new_value = str(new_value)
63f414 
-                except:
63f414 
-                    raise FirewallError(errors.INVALID_VALUE,
63f414 
-                                        "'%s' for %s" % \
63f414 
-                                        (new_value, property_name))
63f414 
                 if property_name in [ "CleanupOnExit", "Lockdown",
63f414 
                                       "IPv6_rpfilter", "IndividualCalls" ]:
63f414 
                     if new_value.lower() not in [ "yes", "no",
63f414 
@@ -734,11 +723,6 @@ class FirewallDConfig(slip.dbus.service.Object):
63f414 
                         raise FirewallError(errors.INVALID_VALUE,
63f414 
                                             "'%s' for %s" % \
63f414 
                                             (new_value, property_name))
63f414 
-                if property_name == "AutomaticHelpers":
63f414 
-                    if new_value not in config.AUTOMATIC_HELPERS_VALUES:
63f414 
-                        raise FirewallError(errors.INVALID_VALUE,
63f414 
-                                            "'%s' for %s" % \
63f414 
-                                            (new_value, property_name))
63f414 
                 if property_name == "FirewallBackend":
63f414 
                     if new_value not in config.FIREWALL_BACKEND_VALUES:
63f414 
                         raise FirewallError(errors.INVALID_VALUE,
63f414 
@@ -764,6 +748,9 @@ class FirewallDConfig(slip.dbus.service.Object):
63f414 
                 self.config.get_firewalld_conf().write()
63f414 
                 self.PropertiesChanged(interface_name,
63f414 
                                        { property_name: new_value }, [ ])
63f414 
+            elif property_name in ["MinimalMark", "AutomaticHelpers"]:
63f414 
+                # deprecated fields. Ignore setting them.
63f414 
+                pass
63f414 
             else:
63f414 
                 raise dbus.exceptions.DBusException(
63f414 
                     "org.freedesktop.DBus.Error.InvalidArgs: "
63f414 
diff --git a/src/tests/dbus/firewalld.conf.at b/src/tests/dbus/firewalld.conf.at
63f414 
index cc15318c78dc..9fc5502a8d0b 100644
63f414 
--- a/src/tests/dbus/firewalld.conf.at
63f414 
+++ b/src/tests/dbus/firewalld.conf.at
63f414 
@@ -37,8 +37,8 @@ $3
63f414 
 ])
63f414
63f414 
 dnl Test individual Set/Get
63f414 
-_helper([MinimalMark], [int32:1234], [variant int32 1234])
63f414 
-_helper([AutomaticHelpers], [string:"no"], [variant string "no"])
63f414 
+_helper([MinimalMark], [int32:1234], [variant int32 100])
63f414 
+_helper([AutomaticHelpers], [string:"yes"], [variant string "no"])
63f414 
 _helper([Lockdown], [string:"yes"], [variant string "yes"])
63f414 
 _helper([LogDenied], [string:"all"], [variant string "all"])
63f414 
 _helper([IPv6_rpfilter], [string:"yes"], [variant string "yes"])
63f414 
--
63f414 
2.27.0
63f414

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation