Browse Source

Relocate haproxy to stx-integ/base/haproxy

Move content from stx-gplv2 into stx-integ

Packages will be relocated to

stx-integ:
    base/
        bash
        cgcs-users
        cluster-resource-agents
        dpkg
        haproxy
        libfdt
        netpbm
        rpm

    database/
        mariadb

    filesystem/
        iscsi-initiator-utils

    filesystem/drbd/
        drbd-tools

    kernel/kernel-modules/
        drbd
        integrity
        intel-e1000e
        intel-i40e
        intel-i40evf
        intel-ixgbe
        intel-ixgbevf
        qat17
        tpmdd

    ldap/
        ldapscripts

    networking/
        iptables
        net-tools

Change-Id: Id89339f3ed454f14998a1ef39e353ecedad05470
Story: 2002801
Task: 22687
Signed-off-by: Scott Little <scott.little@windriver.com>
Scott Little 8 months ago
parent
commit
8ea05fd14a

+ 0
- 1
centos_pkg_dirs View File

@@ -1,4 +1,3 @@
1
-haproxy
2 1
 iptables
3 2
 iscsi-initiator-utils
4 3
 ldapscripts

+ 0
- 15
haproxy/PKG-INFO View File

@@ -1,15 +0,0 @@
1
-Metadata-Version: 1.1
2
-Name: haproxy
3
-Version: 1.5.18
4
-Summary: Abstract asynchronous event notification library
5
-Home-page: 
6
-Author:
7
-Author-email:
8
-License: GPLv2+
9
-
10
-Description:
11
-HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high
12
-availability environments.
13
-
14
-        
15
-Platform: UNKNOWN

+ 0
- 2
haproxy/centos/build_srpm.data View File

@@ -1,2 +0,0 @@
1
-COPY_LIST="haproxy/*"
2
-TIS_PATCH_VER=7

+ 0
- 26
haproxy/centos/meta_patches/0001-Update-package-versioning-for-TIS-format.patch View File

@@ -1,27 +0,0 @@
1
-From 79f025b91d461a948ca6449eb25a11a6c89144b5 Mon Sep 17 00:00:00 2001
2
-From: Scott Little <scott.little@windriver.com>
3
-Date: Mon, 2 Oct 2017 16:12:36 -0400
4
-Subject: [PATCH 7/7] WRS: 0001-Update-package-versioning-for-TIS-format.patch
5
-
6
-Conflicts:
7
-	SPECS/haproxy.spec
8
----
9
- SPECS/haproxy.spec | 2 +-
10
- 1 file changed, 1 insertion(+), 1 deletion(-)
11
-
12
-diff --git a/SPECS/haproxy.spec b/SPECS/haproxy.spec
13
-index c1547ef..097aa79 100644
14
---- a/SPECS/haproxy.spec
15
-+++ b/SPECS/haproxy.spec
16
-@@ -8,7 +8,7 @@
17
- 
18
- Name:           haproxy
19
- Version:        1.5.18
20
--Release:        6%{?dist}
21
-+Release:        6.el7%{?_tis_dist}.%{tis_patch_ver}
22
- Summary:        TCP/HTTP proxy and load balancer for high availability environments
23
- 
24
- Group:          System Environment/Daemons
25
-1.9.1
26
-

+ 0
- 7
haproxy/centos/meta_patches/PATCH_ORDER View File

@@ -1,7 +0,0 @@
1
-spec-include-TiS-config.patch
2
-haproxy-spec-add-init-script.patch
3
-spec-add-haproxy-env-var-patch.patch
4
-meta_remove_bad_logrotate.patch
5
-haproxy-service-file.patch
6
-meta_add_support_for_tpm.patch
7
-0001-Update-package-versioning-for-TIS-format.patch

+ 0
- 25
haproxy/centos/meta_patches/haproxy-service-file.patch View File

@@ -1,26 +0,0 @@
1
-From c4d74c67ee001af849e7a30e824cc0f8e38ef948 Mon Sep 17 00:00:00 2001
2
-From: Scott Little <scott.little@windriver.com>
3
-Date: Mon, 2 Oct 2017 16:12:36 -0400
4
-Subject: [PATCH 5/7] WRS: haproxy-service-file.patch
5
-
6
----
7
- SOURCES/haproxy.service | 3 ++-
8
- 1 file changed, 2 insertions(+), 1 deletion(-)
9
-
10
-diff --git a/SOURCES/haproxy.service b/SOURCES/haproxy.service
11
-index 2d4c954..c2f1086 100644
12
---- a/SOURCES/haproxy.service
13
-+++ b/SOURCES/haproxy.service
14
-@@ -4,7 +4,8 @@ After=syslog.target network.target
15
- 
16
- [Service]
17
- EnvironmentFile=/etc/sysconfig/haproxy
18
--ExecStart=/usr/sbin/haproxy-systemd-wrapper -f /etc/haproxy/haproxy.cfg -p /run/haproxy.pid $OPTIONS
19
-+ExecStart=/etc/init.d/haproxy start
20
-+ExecStop=/etc/init.d/haproxy stop
21
- ExecReload=/bin/kill -USR2 $MAINPID
22
- KillMode=mixed
23
- 
24
-1.9.1
25
-

+ 0
- 46
haproxy/centos/meta_patches/haproxy-spec-add-init-script.patch View File

@@ -1,47 +0,0 @@
1
-From 959767df3285a81f1c5650018ed846fe90a68c9d Mon Sep 17 00:00:00 2001
2
-From: Scott Little <scott.little@windriver.com>
3
-Date: Mon, 2 Oct 2017 16:12:36 -0400
4
-Subject: [PATCH 2/7] WRS: haproxy-spec-add-init-script.patch
5
-
6
----
7
- SPECS/haproxy.spec | 5 +++++
8
- 1 file changed, 5 insertions(+)
9
-
10
-diff --git a/SPECS/haproxy.spec b/SPECS/haproxy.spec
11
-index 42ddeb0..cbd9161 100644
12
---- a/SPECS/haproxy.spec
13
-+++ b/SPECS/haproxy.spec
14
-@@ -21,6 +21,7 @@ Source2:        %{name}.cfg
15
- Source3:        %{name}.logrotate
16
- Source4:        %{name}.sysconfig
17
- Source5:        halog.1
18
-+Source10:       %{name}.sh
19
- 
20
- # WRS
21
- Source6: 503.http
22
-@@ -81,11 +82,14 @@ popd
23
- %{__make} install-bin DESTDIR=%{buildroot} PREFIX=%{_prefix} TARGET="linux2628"
24
- %{__make} install-man DESTDIR=%{buildroot} PREFIX=%{_prefix}
25
- 
26
-+mkdir -p /etc/init.d
27
-+
28
- %{__install} -p -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
29
- %{__install} -p -D -m 0640 %{SOURCE2} %{buildroot}%{haproxy_confdir}/%{name}.cfg
30
- %{__install} -p -D -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
31
- %{__install} -p -D -m 0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/%{name}
32
- %{__install} -p -D -m 0644 %{SOURCE5} %{buildroot}%{_mandir}/man1/halog.1
33
-+%{__install} -p -D -m 0755 %{SOURCE10} %{buildroot}/etc/init.d/%{name}
34
- %{__install} -d -m 0755 %{buildroot}%{haproxy_home}
35
- %{__install} -d -m 0755 %{buildroot}%{haproxy_datadir}
36
- %{__install} -d -m 0755 %{buildroot}%{_bindir}
37
-@@ -149,6 +153,7 @@ fi
38
- %{_bindir}/halog
39
- %{_bindir}/iprange
40
- %{_mandir}/man1/*
41
-+/etc/init.d/%{name}
42
- %attr(-,%{haproxy_user},%{haproxy_group}) %dir %{haproxy_home}
43
- 
44
- # WRS
45
-1.9.1
46
-

+ 0
- 41
haproxy/centos/meta_patches/meta_add_support_for_tpm.patch View File

@@ -1,42 +0,0 @@
1
-From a5329bf1468f55c8d6b983e5999c12139dc7479d Mon Sep 17 00:00:00 2001
2
-From: Scott Little <scott.little@windriver.com>
3
-Date: Mon, 2 Oct 2017 16:12:36 -0400
4
-Subject: [PATCH 6/7] WRS: meta_add_support_for_tpm.patch
5
-
6
----
7
- SPECS/haproxy.spec | 5 +++++
8
- 1 file changed, 5 insertions(+)
9
-
10
-diff --git a/SPECS/haproxy.spec b/SPECS/haproxy.spec
11
-index 3d112e0..c1547ef 100644
12
---- a/SPECS/haproxy.spec
13
-+++ b/SPECS/haproxy.spec
14
-@@ -30,6 +30,7 @@ Patch1:         iprange-return-type.patch
15
- Patch2:         haproxy-tcp-user-timeout.patch
16
- Patch3:         haproxy-systemd-wrapper-exit-code.patch
17
- Patch4:         haproxy-env-var.patch
18
-+Patch5:         haproxy-tpm-support.patch
19
- 
20
- BuildRequires:  pcre-devel
21
- BuildRequires:  zlib-devel
22
-@@ -41,6 +42,9 @@ Requires(post):     systemd
23
- Requires(preun):    systemd
24
- Requires(postun):   systemd
25
- 
26
-+Requires: tpm2-openssl-engine
27
-+
28
-+
29
- %description
30
- HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high
31
- availability environments. Indeed, it can:
32
-@@ -62,6 +66,7 @@ availability environments. Indeed, it can:
33
- %patch2 -p1
34
- %patch3 -p1
35
- %patch4 -p1
36
-+%patch5 -p1
37
- 
38
- %build
39
- regparm_opts=
40
-1.9.1
41
-

+ 0
- 39
haproxy/centos/meta_patches/meta_remove_bad_logrotate.patch View File

@@ -1,40 +0,0 @@
1
-From 3eac39ba534b92dbcb3a898442b09be7acc389bb Mon Sep 17 00:00:00 2001
2
-From: Scott Little <scott.little@windriver.com>
3
-Date: Mon, 2 Oct 2017 16:12:36 -0400
4
-Subject: [PATCH 4/7] WRS: meta_remove_bad_logrotate.patch
5
-
6
----
7
- SPECS/haproxy.spec | 3 ---
8
- 1 file changed, 3 deletions(-)
9
-
10
-diff --git a/SPECS/haproxy.spec b/SPECS/haproxy.spec
11
-index af94d46..3d112e0 100644
12
---- a/SPECS/haproxy.spec
13
-+++ b/SPECS/haproxy.spec
14
-@@ -18,7 +18,6 @@ URL:            http://www.haproxy.org/
15
- Source0:        http://www.haproxy.org/download/1.5/src/haproxy-%{version}.tar.gz
16
- Source1:        %{name}.service
17
- Source2:        %{name}.cfg
18
--Source3:        %{name}.logrotate
19
- Source4:        %{name}.sysconfig
20
- Source5:        halog.1
21
- Source10:       %{name}.sh
22
-@@ -88,7 +87,6 @@ mkdir -p /etc/init.d
23
- 
24
- %{__install} -p -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
25
- %{__install} -p -D -m 0640 %{SOURCE2} %{buildroot}%{haproxy_confdir}/%{name}.cfg
26
--%{__install} -p -D -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
27
- %{__install} -p -D -m 0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/%{name}
28
- %{__install} -p -D -m 0644 %{SOURCE5} %{buildroot}%{_mandir}/man1/halog.1
29
- %{__install} -p -D -m 0755 %{SOURCE10} %{buildroot}/etc/init.d/%{name}
30
-@@ -147,7 +145,6 @@ fi
31
- %dir %{haproxy_datadir}
32
- %{haproxy_datadir}/*
33
- %config(noreplace) %{haproxy_confdir}/%{name}.cfg
34
--%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
35
- %config(noreplace) %{_sysconfdir}/sysconfig/%{name}
36
- %{_unitdir}/%{name}.service
37
- %{_sbindir}/%{name}
38
-1.9.1
39
-

+ 0
- 31
haproxy/centos/meta_patches/spec-add-haproxy-env-var-patch.patch View File

@@ -1,32 +0,0 @@
1
-From 2e37207c026047e2ce1bc9a5278faddfea81c011 Mon Sep 17 00:00:00 2001
2
-From: Scott Little <scott.little@windriver.com>
3
-Date: Mon, 2 Oct 2017 16:12:36 -0400
4
-Subject: [PATCH 3/7] WRS: spec-add-haproxy-env-var-patch.patch
5
-
6
----
7
- SPECS/haproxy.spec | 2 ++
8
- 1 file changed, 2 insertions(+)
9
-
10
-diff --git a/SPECS/haproxy.spec b/SPECS/haproxy.spec
11
-index cbd9161..af94d46 100644
12
---- a/SPECS/haproxy.spec
13
-+++ b/SPECS/haproxy.spec
14
-@@ -30,6 +30,7 @@ Patch0:         halog-unused-variables.patch
15
- Patch1:         iprange-return-type.patch
16
- Patch2:         haproxy-tcp-user-timeout.patch
17
- Patch3:         haproxy-systemd-wrapper-exit-code.patch
18
-+Patch4:         haproxy-env-var.patch
19
- 
20
- BuildRequires:  pcre-devel
21
- BuildRequires:  zlib-devel
22
-@@ -61,6 +62,7 @@ availability environments. Indeed, it can:
23
- %patch1 -p0
24
- %patch2 -p1
25
- %patch3 -p1
26
-+%patch4 -p1
27
- 
28
- %build
29
- regparm_opts=
30
-1.9.1
31
-

+ 0
- 57
haproxy/centos/meta_patches/spec-include-TiS-config.patch View File

@@ -1,58 +0,0 @@
1
-From 419d06285552bc31dce214d37edb925b4a82c68b Mon Sep 17 00:00:00 2001
2
-From: Scott Little <scott.little@windriver.com>
3
-Date: Mon, 2 Oct 2017 16:12:36 -0400
4
-Subject: [PATCH 1/7] WRS: spec-include-TiS-config.patch
5
-
6
----
7
- SPECS/haproxy.spec | 14 +++++++++++++-
8
- 1 file changed, 13 insertions(+), 1 deletion(-)
9
-
10
-diff --git a/SPECS/haproxy.spec b/SPECS/haproxy.spec
11
-index b4dde9e..42ddeb0 100644
12
---- a/SPECS/haproxy.spec
13
-+++ b/SPECS/haproxy.spec
14
-@@ -22,6 +22,9 @@ Source3:        %{name}.logrotate
15
- Source4:        %{name}.sysconfig
16
- Source5:        halog.1
17
- 
18
-+# WRS
19
-+Source6: 503.http
20
-+
21
- Patch0:         halog-unused-variables.patch
22
- Patch1:         iprange-return-type.patch
23
- Patch2:         haproxy-tcp-user-timeout.patch
24
-@@ -79,7 +82,7 @@ popd
25
- %{__make} install-man DESTDIR=%{buildroot} PREFIX=%{_prefix}
26
- 
27
- %{__install} -p -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
28
--%{__install} -p -D -m 0644 %{SOURCE2} %{buildroot}%{haproxy_confdir}/%{name}.cfg
29
-+%{__install} -p -D -m 0640 %{SOURCE2} %{buildroot}%{haproxy_confdir}/%{name}.cfg
30
- %{__install} -p -D -m 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
31
- %{__install} -p -D -m 0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sysconfig/%{name}
32
- %{__install} -p -D -m 0644 %{SOURCE5} %{buildroot}%{_mandir}/man1/halog.1
33
-@@ -106,6 +109,11 @@ do
34
-     %{__rm} -f $textfile.old
35
- done
36
- 
37
-+# WRS
38
-+%{__install} -d 755 %{buildroot}/etc/haproxy/errors/
39
-+%{__install} -m 755 %{SOURCE6} %{buildroot}/etc/haproxy/errors/503.http
40
-+
41
-+
42
- %pre
43
- getent group %{haproxy_group} >/dev/null || groupadd -f -g 188 -r %{haproxy_group}
44
- if ! getent passwd %{haproxy_user} >/dev/null ; then
45
-@@ -143,6 +151,10 @@ fi
46
- %{_mandir}/man1/*
47
- %attr(-,%{haproxy_user},%{haproxy_group}) %dir %{haproxy_home}
48
- 
49
-+# WRS
50
-+%dir /etc/haproxy/errors/
51
-+/etc/haproxy/errors/*
52
-+
53
- %changelog
54
- * Mon May 01 2017 Ryan O'Hara <rohara@redhat.com> - 1.5.18-6
55
- - Use KillMode=mixed in systemd service file (#1444709)
56
-1.9.1
57
-

+ 0
- 1
haproxy/centos/srpm_path View File

@@ -1 +0,0 @@
1
-mirror:Source/haproxy-1.5.18-6.el7.src.rpm

+ 0
- 9
haproxy/haproxy/503.http View File

@@ -1,9 +0,0 @@
1
-HTTP/1.0 503 Service Unavailable
2
-Cache-Control: no-cache
3
-Connection: close
4
-Content-Type: text/html
5
-
6
-<html><body><h1>503 Service Unavailable</h1>
7
-No server is available to handle this request.
8
-</body></html>
9
-

+ 0
- 245
haproxy/haproxy/haproxy-env-var.patch View File

@@ -1,245 +0,0 @@
1
-Index: haproxy-1.5.11/src/cfgparse.c
2
-===================================================================
3
---- haproxy-1.5.11.orig/src/cfgparse.c
4
-+++ haproxy-1.5.11/src/cfgparse.c
5
-@@ -5789,12 +5789,19 @@ out:
6
-  */
7
- int readcfgfile(const char *file)
8
- {
9
--	char thisline[LINESIZE];
10
-+        char *thisline;
11
-+        int linesize = LINESIZE;
12
- 	FILE *f;
13
- 	int linenum = 0;
14
- 	int err_code = 0;
15
- 	struct cfg_section *cs = NULL;
16
- 	struct cfg_section *ics;
17
-+        int readbytes = 0;
18
-+
19
-+        if ((thisline = malloc(sizeof(*thisline) * linesize)) == NULL) {
20
-+                Alert("parsing [%s] : out of memory.\n", file);
21
-+                return -1;
22
-+        }
23
- 
24
- 	/* Register internal sections */
25
- 	if (!cfg_register_section("listen",   cfg_parse_listen) ||
26
-@@ -5810,11 +5817,14 @@ int readcfgfile(const char *file)
27
- 	if ((f=fopen(file,"r")) == NULL)
28
- 		return -1;
29
- 
30
--	while (fgets(thisline, sizeof(thisline), f) != NULL) {
31
-+next_line:
32
-+        while (fgets(thisline + readbytes, linesize - readbytes, f) != NULL) {
33
- 		int arg, kwm = KWM_STD;
34
- 		char *end;
35
- 		char *args[MAX_LINE_ARGS + 1];
36
- 		char *line = thisline;
37
-+                int dquote = 0;  /* double quote */
38
-+                int squote = 0;  /* simple quote */
39
- 
40
- 		linenum++;
41
- 
42
-@@ -5824,11 +5834,25 @@ int readcfgfile(const char *file)
43
- 			/* Check if we reached the limit and the last char is not \n.
44
- 			 * Watch out for the last line without the terminating '\n'!
45
- 			 */
46
--			Alert("parsing [%s:%d]: line too long, limit: %d.\n",
47
--			      file, linenum, (int)sizeof(thisline)-1);
48
--			err_code |= ERR_ALERT | ERR_FATAL;
49
-+                        char *newline;
50
-+                        int newlinesize = linesize * 2;
51
-+
52
-+                        newline = realloc(thisline, sizeof(*thisline) * newlinesize);
53
-+                        if (newline == NULL) {
54
-+                                Alert("parsing [%s:%d]: line too long, cannot allocate memory.\n",
55
-+                                      file, linenum);
56
-+                                err_code |= ERR_ALERT | ERR_FATAL;
57
-+                                continue;
58
-+                        }
59
-+
60
-+                        readbytes = linesize - 1;
61
-+                        linesize = newlinesize;
62
-+                        thisline = newline;
63
-+                        continue;
64
- 		}
65
- 
66
-+                readbytes = 0;
67
-+
68
- 		/* skip leading spaces */
69
- 		while (isspace((unsigned char)*line))
70
- 			line++;
71
-@@ -5837,10 +5861,26 @@ int readcfgfile(const char *file)
72
- 		args[arg] = line;
73
- 
74
- 		while (*line && arg < MAX_LINE_ARGS) {
75
--			/* first, we'll replace \\, \<space>, \#, \r, \n, \t, \xXX with their
76
--			 * C equivalent value. Other combinations left unchanged (eg: \1).
77
--			 */
78
--			if (*line == '\\') {
79
-+                        if (*line == '"' && !squote) {  /* double quote outside single quotes */
80
-+                                if (dquote)
81
-+                                        dquote = 0;
82
-+                                else
83
-+                                        dquote = 1;
84
-+                                memmove(line, line + 1, end - line);
85
-+                                end--;
86
-+                        }
87
-+                        else if (*line == '\'' && !dquote) { /* single quote outside double quotes */
88
-+                                if (squote)
89
-+                                        squote = 0;
90
-+                                else
91
-+                                        squote = 1;
92
-+                                memmove(line, line + 1, end - line);
93
-+                                end--;
94
-+                        }
95
-+                        else if (*line == '\\' && !squote) {
96
-+                        /* first, we'll replace \\, \<space>, \#, \r, \n, \t, \xXX with their
97
-+                         * C equivalent value. Other combinations left unchanged (eg: \1).
98
-+                         */
99
- 				int skip = 0;
100
- 				if (line[1] == ' ' || line[1] == '\\' || line[1] == '#') {
101
- 					*line = line[1];
102
-@@ -5872,6 +5912,15 @@ int readcfgfile(const char *file)
103
- 						Alert("parsing [%s:%d] : invalid or incomplete '\\x' sequence in '%s'.\n", file, linenum, args[0]);
104
- 						err_code |= ERR_ALERT | ERR_FATAL;
105
- 					}
106
-+                                } else if (line[1] == '"') {
107
-+                                        *line = '"';
108
-+                                        skip = 1;
109
-+                                } else if (line[1] == '\'') {
110
-+                                        *line = '\'';
111
-+                                        skip = 1;
112
-+                                } else if (line[1] == '$' && dquote) { /* escaping of $ only inside double quotes */
113
-+                                        *line = '$';
114
-+                                        skip = 1;
115
- 				}
116
- 				if (skip) {
117
- 					memmove(line + 1, line + 1 + skip, end - (line + skip));
118
-@@ -5879,23 +5928,117 @@ int readcfgfile(const char *file)
119
- 				}
120
- 				line++;
121
- 			}
122
--			else if (*line == '#' || *line == '\n' || *line == '\r') {
123
-+                        else if ((!squote && !dquote && *line == '#') || *line == '\n' || *line == '\r') {
124
- 				/* end of string, end of loop */
125
- 				*line = 0;
126
- 				break;
127
- 			}
128
--			else if (isspace((unsigned char)*line)) {
129
-+                        else if (!squote && !dquote && isspace((unsigned char)*line)) {
130
- 				/* a non-escaped space is an argument separator */
131
- 				*line++ = '\0';
132
- 				while (isspace((unsigned char)*line))
133
- 					line++;
134
- 				args[++arg] = line;
135
- 			}
136
-+                        else if (dquote && *line == '$') {
137
-+                                /* environment variables are evaluated inside double quotes */
138
-+                                char *var_beg;
139
-+                                char *var_end;
140
-+                                char save_char;
141
-+                                char *value;
142
-+                                int val_len;
143
-+                                int newlinesize;
144
-+                                int braces = 0;
145
-+
146
-+                                var_beg = line + 1;
147
-+                                var_end = var_beg;
148
-+
149
-+                                if (*var_beg == '{') {
150
-+                                        var_beg++;
151
-+                                        var_end++;
152
-+                                        braces = 1;
153
-+                                }
154
-+
155
-+                                if (!isalpha((int)(unsigned char)*var_beg) && *var_beg != '_') {
156
-+                                        Alert("parsing [%s:%d] : Variable expansion: Unrecognized character '%c' in variable name.\n", file, linenum, *var_beg);
157
-+                                        err_code |= ERR_ALERT | ERR_FATAL;
158
-+                                        goto next_line; /* skip current line */
159
-+                                }
160
-+
161
-+                                while (isalnum((int)(unsigned char)*var_end) || *var_end == '_')
162
-+                                        var_end++;
163
-+
164
-+                                save_char = *var_end;
165
-+                                *var_end = '\0';
166
-+                                value = getenv(var_beg);
167
-+                                *var_end = save_char;
168
-+                                val_len = value ? strlen(value) : 0;
169
-+
170
-+                                if (braces) {
171
-+                                        if (*var_end == '}') {
172
-+                                                var_end++;
173
-+                                                braces = 0;
174
-+                                        } else {
175
-+                                                Alert("parsing [%s:%d] : Variable expansion: Mismatched braces.\n", file, linenum);
176
-+                                                err_code |= ERR_ALERT | ERR_FATAL;
177
-+                                                goto next_line; /* skip current line */
178
-+                                        }
179
-+                                }
180
-+
181
-+                                newlinesize = (end - thisline) - (var_end - line) + val_len + 1;
182
-+
183
-+                                /* if not enough space in thisline */
184
-+                                if (newlinesize  > linesize) {
185
-+                                        char *newline;
186
-+
187
-+                                        newline = realloc(thisline, newlinesize * sizeof(*thisline));
188
-+                                        if (newline == NULL) {
189
-+                                                Alert("parsing [%s:%d] : Variable expansion: Not enough memory.\n", file, linenum);
190
-+                                                err_code |= ERR_ALERT | ERR_FATAL;
191
-+                                                goto next_line; /* slip current line */
192
-+                                        }
193
-+                                        /* recompute pointers if realloc returns a new pointer */
194
-+                                        if (newline != thisline) {
195
-+                                                int i;
196
-+                                                int diff;
197
-+
198
-+                                                for (i = 0; i <= arg; i++) {
199
-+                                                        diff = args[i] - thisline;
200
-+                                                        args[i] = newline + diff;
201
-+                                                }
202
-+
203
-+                                                diff = var_end - thisline;
204
-+                                                var_end = newline + diff;
205
-+                                                diff = end - thisline;
206
-+                                                end = newline + diff;
207
-+                                                diff = line - thisline;
208
-+                                                line = newline + diff;
209
-+                                                thisline = newline;
210
-+                                        }
211
-+                                        linesize = newlinesize;
212
-+                                }
213
-+
214
-+                                /* insert value inside the line */
215
-+                                memmove(line + val_len, var_end, end - var_end + 1);
216
-+                                memcpy(line, value, val_len);
217
-+                                end += val_len - (var_end - line);
218
-+                                line += val_len;
219
-+                        }
220
- 			else {
221
- 				line++;
222
- 			}
223
- 		}
224
- 
225
-+                if (dquote) {
226
-+                        Alert("parsing [%s:%d] : Mismatched double quotes.\n", file, linenum);
227
-+                        err_code |= ERR_ALERT | ERR_FATAL;
228
-+                }
229
-+
230
-+                if (squote) {
231
-+                        Alert("parsing [%s:%d] : Mismatched simple quotes.\n", file, linenum);
232
-+                        err_code |= ERR_ALERT | ERR_FATAL;
233
-+                }
234
-+
235
- 		/* empty line */
236
- 		if (!**args)
237
- 			continue;
238
-@@ -5966,6 +6109,7 @@ int readcfgfile(const char *file)
239
- 			break;
240
- 	}
241
- 	cursection = NULL;
242
-+        free(thisline);
243
- 	fclose(f);
244
- 	return err_code;
245
- }

+ 0
- 318
haproxy/haproxy/haproxy-tpm-support.patch View File

@@ -1,319 +0,0 @@
1
-From a2a25214f6f4913b774bdd6c0b80d3ea424d3a1b Mon Sep 17 00:00:00 2001
2
-From: Kam Nasim <kam.nasim@windriver.com>
3
-Date: Wed, 22 Mar 2017 12:07:24 -0400
4
-Subject: [PATCH] haproxy tpm support
5
-
6
----
7
- include/types/global.h |  13 +++++
8
- src/cfgparse.c         |  28 ++++++++++
9
- src/haproxy.c          |  26 ++++++++-
10
- src/ssl_sock.c         | 147 +++++++++++++++++++++++++++++++++++++++++++------
11
- 4 files changed, 197 insertions(+), 17 deletions(-)
12
-
13
-diff --git a/include/types/global.h b/include/types/global.h
14
-index f1525ae..2e9c077 100644
15
---- a/include/types/global.h
16
-+++ b/include/types/global.h
17
-@@ -30,6 +30,10 @@
18
- #include <types/proxy.h>
19
- #include <types/task.h>
20
- 
21
-+#ifdef USE_OPENSSL
22
-+#include <openssl/engine.h>
23
-+#endif
24
-+
25
- #ifndef UNIX_MAX_PATH
26
- #define UNIX_MAX_PATH 108
27
- #endif
28
-@@ -71,6 +75,14 @@ enum {
29
- 	SSL_SERVER_VERIFY_REQUIRED = 1,
30
- };
31
- 
32
-+// WRS: Define a new TPM configuration structure
33
-+struct tpm_conf {
34
-+    char *tpm_object;
35
-+    char *tpm_engine;
36
-+    EVP_PKEY *tpm_key;
37
-+    ENGINE *tpm_engine_ref;
38
-+};
39
-+
40
- /* FIXME : this will have to be redefined correctly */
41
- struct global {
42
- #ifdef USE_OPENSSL
43
-@@ -87,6 +99,7 @@ struct global {
44
- 	char *connect_default_ciphers;
45
- 	int listen_default_ssloptions;
46
- 	int connect_default_ssloptions;
47
-+	struct tpm_conf tpm; // tpm configuration
48
- #endif
49
- 	unsigned int ssl_server_verify; /* default verify mode on servers side */
50
- 	struct freq_ctr conn_per_sec;
51
-diff --git a/src/cfgparse.c b/src/cfgparse.c
52
-index 6a7f80c..3bc6e79 100644
53
---- a/src/cfgparse.c
54
-+++ b/src/cfgparse.c
55
-@@ -1541,6 +1541,34 @@ int cfg_parse_global(const char *file, int linenum, char **args, int kwm)
56
- 		goto out;
57
- #endif
58
- 	}
59
-+	else if (!strcmp(args[0], "tpm-object")) {
60
-+		if (global.tpm.tpm_object) {
61
-+			free(global.tpm.tpm_object);
62
-+		}
63
-+#ifdef USE_OPENSSL
64
-+		if (*(args[1]) && (access(args[1], F_OK) != -1)) {
65
-+			global.tpm.tpm_object = strdup(args[1]);
66
-+		}
67
-+#else
68
-+		Alert("parsing [%s:%d] : '%s' is not implemented.\n", file, linenum, args[0]);
69
-+		err_code |= ERR_ALERT | ERR_FATAL;
70
-+		goto out;
71
-+#endif
72
-+    }
73
-+	else if (!strcmp(args[0], "tpm-engine")) {
74
-+		if (global.tpm.tpm_engine) {
75
-+			free(global.tpm.tpm_engine);
76
-+		}
77
-+#ifdef USE_OPENSSL
78
-+		if (*(args[1]) && (access(args[1], F_OK) != -1)) {
79
-+			global.tpm.tpm_engine = strdup(args[1]);
80
-+		}
81
-+#else
82
-+		Alert("parsing [%s:%d] : '%s' is not implemented.\n", file, linenum, args[0]);
83
-+		err_code |= ERR_ALERT | ERR_FATAL;
84
-+		goto out;
85
-+#endif
86
-+    }
87
- 	else {
88
- 		struct cfg_kw_list *kwl;
89
- 		int index;
90
-diff --git a/src/haproxy.c b/src/haproxy.c
91
-index 862697d..2a1a0dc 100644
92
---- a/src/haproxy.c
93
-+++ b/src/haproxy.c
94
-@@ -959,6 +959,24 @@ static void deinit_stick_rules(struct list *rules)
95
- 	}
96
- }
97
- 
98
-+static void deinit_tpm_engine()
99
-+{
100
-+	/*
101
-+     * if the tpm engine is present then
102
-+     * deinit it, this is needed to
103
-+     * flush the TPM key handle from TPM memory
104
-+     */
105
-+	if (global.tpm.tpm_engine_ref) {
106
-+		ENGINE_finish(global.tpm.tpm_engine_ref);
107
-+	}
108
-+
109
-+	if (global.tpm.tpm_key) {
110
-+		EVP_PKEY_free(global.tpm.tpm_key);
111
-+	}
112
-+	free(global.tpm.tpm_engine);  global.tpm.tpm_engine = NULL;
113
-+	free(global.tpm.tpm_object);  global.tpm.tpm_object = NULL;
114
-+}
115
-+
116
- void deinit(void)
117
- {
118
- 	struct proxy *p = proxy, *p0;
119
-@@ -1218,7 +1236,13 @@ void deinit(void)
120
- 
121
- 		free(uap);
122
- 	}
123
--
124
-+    
125
-+	/* if HAProxy was in TPM mode then deinit
126
-+	 * that configuration as well.
127
-+	 */
128
-+	if (global.tpm.tpm_object && global.tpm.tpm_object != '\0')
129
-+		deinit_tpm_engine();
130
-+    
131
- 	userlist_free(userlist);
132
- 
133
- 	protocol_unbind_all();
134
-diff --git a/src/ssl_sock.c b/src/ssl_sock.c
135
-index ead4c7b..4e16026 100644
136
---- a/src/ssl_sock.c
137
-+++ b/src/ssl_sock.c
138
-@@ -50,6 +50,7 @@
139
- #ifndef OPENSSL_NO_DH
140
- #include <openssl/dh.h>
141
- #endif
142
-+#include <openssl/engine.h>
143
- 
144
- #include <common/buffer.h>
145
- #include <common/compat.h>
146
-@@ -1115,6 +1116,80 @@ end:
147
- 	return ret;
148
- }
149
- 
150
-+/*
151
-+ * initialize the TPM engine and load the 
152
-+ * TPM object as private key within the Engine.
153
-+ * Only do this for the first bind since TPM can
154
-+ * only load 3-4 contexes before it runs out of memory
155
-+ */
156
-+static int ssl_sock_load_tpm_key(SSL_CTX *ctx, char **err) {
157
-+	if (!global.tpm.tpm_object || global.tpm.tpm_object[0] == '\0') {
158
-+		/* not in TPM mode */
159
-+		return -1;
160
-+	}
161
-+	if (!global.tpm.tpm_key) {
162
-+		Warning ("Could not find tpm_key; initializing engine\n");
163
-+		/* no key present; load the dynamic TPM engine */
164
-+		if (global.tpm.tpm_engine && global.tpm.tpm_engine[0]) {
165
-+			ENGINE_load_dynamic();
166
-+			ENGINE *engine = ENGINE_by_id("dynamic");
167
-+			if (!engine) {
168
-+				memprintf(err, "%s Unable to load the dynamic engine "
169
-+				          "(needed for loading custom TPM engine)\n",
170
-+				          err && *err ? *err : "");
171
-+				return 1;
172
-+            }
173
-+
174
-+			ENGINE_ctrl_cmd_string(engine, "SO_PATH", global.tpm.tpm_engine, 0);
175
-+			ENGINE_ctrl_cmd_string(engine, "LOAD", NULL, 0);
176
-+			/* stow away for ENGINE cleanup */
177
-+			global.tpm.tpm_engine_ref = engine;
178
-+
179
-+			if (ENGINE_init(engine) != 1) {
180
-+				const char *error_str = ERR_error_string(ERR_get_error(), NULL); 
181
-+				memprintf(err, "%s Unable to init the TPM engine (%s). Err: %s\n",
182
-+				          err && *err ? *err : "", 
183
-+				          global.tpm.tpm_engine, error_str);
184
-+				goto tpm_err;
185
-+			}
186
-+			EVP_PKEY *pkey = ENGINE_load_private_key(engine, 
187
-+			                                         global.tpm.tpm_object,
188
-+			                                         NULL, NULL);
189
-+			if (!pkey) {
190
-+				const char *error_str = ERR_error_string(ERR_get_error(), NULL); 
191
-+				memprintf(err, "%s Unable to load TPM object (%s). Err: %s\n",
192
-+				          err && *err ? *err : "", 
193
-+				          global.tpm.tpm_object, error_str);
194
-+				goto tpm_err;
195
-+			}
196
-+			global.tpm.tpm_key = pkey;
197
-+		}
198
-+		else { /* no TPM engine found */
199
-+			memprintf(err, "%s TPM engine option not set when TPM mode expected\n",
200
-+			          err && *err ? *err : "");
201
-+			goto tpm_err;
202
-+		}
203
-+	} 
204
-+
205
-+	if (SSL_CTX_use_PrivateKey(ctx, global.tpm.tpm_key) <= 0){
206
-+		const char *error_str = ERR_error_string(ERR_get_error(),
207
-+                                                 NULL);
208
-+		memprintf(err, "%s Invalid private key provided from TPM engine(%s). Err: %s\n",
209
-+		          err && *err ? *err : "", 
210
-+		          global.tpm.tpm_object, error_str);
211
-+		goto tpm_err;
212
-+	}
213
-+
214
-+	return 0;
215
-+
216
-+tpm_err:
217
-+	ENGINE_finish(global.tpm.tpm_engine_ref);
218
-+	global.tpm.tpm_engine_ref = NULL;
219
-+	EVP_PKEY_free(global.tpm.tpm_key);
220
-+	global.tpm.tpm_key = NULL;
221
-+	return 1;
222
-+}
223
-+
224
- static int ssl_sock_load_cert_file(const char *path, struct bind_conf *bind_conf, struct proxy *curproxy, char **sni_filter, int fcount, char **err)
225
- {
226
- 	int ret;
227
-@@ -1127,26 +1202,54 @@ static int ssl_sock_load_cert_file(const char *path, struct bind_conf *bind_conf
228
- 		return 1;
229
- 	}
230
- 
231
--	if (SSL_CTX_use_PrivateKey_file(ctx, path, SSL_FILETYPE_PEM) <= 0) {
232
--		memprintf(err, "%sunable to load SSL private key from PEM file '%s'.\n",
233
--		          err && *err ? *err : "", path);
234
--		SSL_CTX_free(ctx);
235
--		return 1;
236
-+	/* NOTE (knasim-wrs): US93721: TPM support
237
-+	 * This SSL context applies to SSL frontends only.
238
-+	 * If the TPM option is set then the Private key 
239
-+	 * is stored in TPM.
240
-+	 *
241
-+	 * Launch the OpenSSL TPM engine and load the TPM
242
-+	 * Private Key. The Public key will still be located
243
-+	 * at the provided path and needs to be loaded as
244
-+	 * per usual.
245
-+	 */
246
-+	if (global.tpm.tpm_object) {
247
-+		ret = ssl_sock_load_tpm_key(ctx, err);
248
-+		if (ret > 0) {
249
-+			/* tpm configuration failed */
250
-+			SSL_CTX_free(ctx);
251
-+			return 1;
252
-+		}
253
- 	}
254
--
255
--	ret = ssl_sock_load_cert_chain_file(ctx, path, bind_conf, sni_filter, fcount);
256
--	if (ret <= 0) {
257
--		memprintf(err, "%sunable to load SSL certificate from PEM file '%s'.\n",
258
--		          err && *err ? *err : "", path);
259
--		if (ret < 0) /* serious error, must do that ourselves */
260
-+	else { /* non TPM mode */
261
-+		if (SSL_CTX_use_PrivateKey_file(ctx, path, SSL_FILETYPE_PEM) <= 0) {
262
-+			memprintf(err, "%sunable to load SSL private key from PEM file '%s'.\n",
263
-+			          err && *err ? *err : "", path);
264
- 			SSL_CTX_free(ctx);
265
--		return 1;
266
-+			return 1;
267
-+		}
268
- 	}
269
- 
270
--	if (SSL_CTX_check_private_key(ctx) <= 0) {
271
--		memprintf(err, "%sinconsistencies between private key and certificate loaded from PEM file '%s'.\n",
272
--		          err && *err ? *err : "", path);
273
--		return 1;
274
-+	ret = ssl_sock_load_cert_chain_file(ctx, path, bind_conf, sni_filter, fcount);
275
-+		if (ret <= 0) {
276
-+			memprintf(err, "%sunable to load SSL certificate from PEM file '%s'.\n",
277
-+					  err && *err ? *err : "", path);
278
-+			if (ret < 0) /* serious error, must do that ourselves */
279
-+				SSL_CTX_free(ctx);
280
-+			return 1;
281
-+		}
282
-+
283
-+	/*
284
-+	 * only match the private key to the public key
285
-+	 * for non TPM mode. This op would never work for
286
-+	 * TPM since the private key has been wrapped, whereas
287
-+	 * the public key is still the original one.
288
-+	 */
289
-+	if (!global.tpm.tpm_object) {
290
-+		if (SSL_CTX_check_private_key(ctx) <= 0) {
291
-+			memprintf(err, "%sinconsistencies between private key and certificate loaded from PEM file '%s'.\n",
292
-+			          err && *err ? *err : "", path);
293
-+			return 1;
294
-+		}
295
- 	}
296
- 
297
- 	/* we must not free the SSL_CTX anymore below, since it's already in
298
-@@ -1725,6 +1828,18 @@ int ssl_sock_prepare_srv_ctx(struct server *srv, struct proxy *curproxy)
299
- 		cfgerr++;
300
- 		return cfgerr;
301
- 	}
302
-+
303
-+	/* NOTE (knasim-wrs): US93721: TPM support
304
-+	 * This SSL context applies to SSL backends only.
305
-+	 * Since Titanium backends don't support SSL, there
306
-+	 * is no need to offload these keys in TPM or reuse the
307
-+	 * same TPM key for the frontend engine. 
308
-+	 * 
309
-+	 * If SSL backends are to be supported in the future,
310
-+	 * over TPM, then create a new TPM Engine context and
311
-+	 * load the backend key in TPM, in a similar fashion to
312
-+	 * the frontend key.
313
-+	 */
314
- 	if (srv->ssl_ctx.client_crt) {
315
- 		if (SSL_CTX_use_PrivateKey_file(srv->ssl_ctx.ctx, srv->ssl_ctx.client_crt, SSL_FILETYPE_PEM) <= 0) {
316
- 			Alert("config : %s '%s', server '%s': unable to load SSL private key from PEM file '%s'.\n",
317
-1.8.3.1
318
-

+ 0
- 80
haproxy/haproxy/haproxy.cfg View File

@@ -1,80 +0,0 @@
1
-# this config needs haproxy-1.1.28 or haproxy-1.2.1
2
-
3
-global
4
-	log 127.0.0.1	local0
5
-	log 127.0.0.1	local1 notice
6
-	#log loghost	local0 info
7
-	maxconn 4096
8
-	chroot /usr/share/haproxy
9
-	uid 99
10
-	gid 99
11
-	daemon
12
-	#debug
13
-	#quiet
14
-
15
-defaults
16
-	log	global
17
-	mode	http
18
-	option	httplog
19
-	option	dontlognull
20
-	retries	3
21
-	option redispatch
22
-	maxconn	2000
23
-	timeout	connect 5000
24
-	timeout	client 50000
25
-	timeout	server 50000
26
-
27
-listen	appli1-rewrite 0.0.0.0:10001
28
-	cookie	SERVERID rewrite
29
-	balance	roundrobin
30
-	server	app1_1 192.168.34.23:8080 cookie app1inst1 check inter 2000 rise 2 fall 5
31
-	server	app1_2 192.168.34.32:8080 cookie app1inst2 check inter 2000 rise 2 fall 5
32
-	server	app1_3 192.168.34.27:8080 cookie app1inst3 check inter 2000 rise 2 fall 5
33
-	server	app1_4 192.168.34.42:8080 cookie app1inst4 check inter 2000 rise 2 fall 5
34
-
35
-listen	appli2-insert 0.0.0.0:10002
36
-	option	httpchk
37
-	balance	roundrobin
38
-	cookie	SERVERID insert indirect nocache
39
-	server	inst1 192.168.114.56:80 cookie server01 check inter 2000 fall 3
40
-	server	inst2 192.168.114.56:81 cookie server02 check inter 2000 fall 3
41
-	capture cookie vgnvisitor= len 32
42
-
43
-	option	httpclose		# disable keep-alive
44
-	rspidel ^Set-cookie:\ IP=	# do not let this cookie tell our internal IP address
45
-	
46
-listen	appli3-relais 0.0.0.0:10003
47
-	dispatch 192.168.135.17:80
48
-
49
-listen	appli4-backup 0.0.0.0:10004
50
-	option	httpchk /index.html
51
-	option	persist
52
-	balance	roundrobin
53
-	server	inst1 192.168.114.56:80 check inter 2000 fall 3
54
-	server	inst2 192.168.114.56:81 check inter 2000 fall 3 backup
55
-
56
-listen	ssl-relay 0.0.0.0:8443
57
-	option	ssl-hello-chk
58
-	balance	source
59
-	server	inst1 192.168.110.56:443 check inter 2000 fall 3
60
-	server	inst2 192.168.110.57:443 check inter 2000 fall 3
61
-	server	back1 192.168.120.58:443 backup
62
-
63
-listen	appli5-backup 0.0.0.0:10005
64
-	option	httpchk *
65
-	balance	roundrobin
66
-	cookie	SERVERID insert indirect nocache
67
-	server	inst1 192.168.114.56:80 cookie server01 check inter 2000 fall 3
68
-	server	inst2 192.168.114.56:81 cookie server02 check inter 2000 fall 3
69
-	server	inst3 192.168.114.57:80 backup check inter 2000 fall 3
70
-	capture cookie ASPSESSION len 32
71
-	timeout	server 20000
72
-
73
-	option	httpclose		# disable keep-alive
74
-	option  checkcache		# block response if set-cookie & cacheable
75
-
76
-	rspidel ^Set-cookie:\ IP=	# do not let this cookie tell our internal IP address
77
-	
78
-	errorloc	502	http://192.168.114.58/error502.html
79
-	errorfile	503	/etc/haproxy/errors/503.http
80
-

+ 0
- 120
haproxy/haproxy/haproxy.sh View File

@@ -1,120 +0,0 @@
1
-#!/bin/sh
2
-
3
-### BEGIN INIT INFO
4
-# Provides:          HA-Proxy
5
-# Required-Start:    networking
6
-# Required-Stop:     networking
7
-# Default-Start:     2 3 4 5
8
-# Default-Stop:      0 1 6
9
-# Short-Description: HA-Proxy TCP/HTTP reverse proxy
10
-# Description:       HA-Proxy is a TCP/HTTP reverse proxy 
11
-### END INIT INFO
12
-
13
-PATH=/sbin:/bin:/usr/sbin:/usr/bin
14
-DAEMON=/usr/sbin/haproxy
15
-NAME=haproxy
16
-DESC="HA-Proxy TCP/HTTP reverse proxy"
17
-PIDFILE="/var/run/$NAME.pid"
18
-TPM_DATA_DIR="/var/run/TPM_haproxy/"
19
-OPTS="-D -f /etc/haproxy/haproxy.cfg -p $PIDFILE"
20
-RETVAL=0
21
-
22
-# This is only needed till TPM In-Kernel
23
-# ResourceMgr comes in
24
-remove_TPM_transients () {
25
-   _HANDLES=`find $TPM_DATA_DIR -type f -name "hp*.bin" -printf "%f "`
26
-   for handle in $_HANDLES; do
27
-        handle_addr=`echo $handle | sed 's/hp\([0-9]*\)\.bin/\1/g'`
28
-        tss2_flushcontext -ha $handle_addr &> /dev/null
29
-   done
30
-   rm -f $TPM_DATA_DIR/*
31
-}
32
-
33
-start() {
34
-    if [ -e $PIDFILE ]; then
35
-        PIDDIR=/proc/$(cat $PIDFILE)
36
-        if [ -d $PIDDIR ]; then
37
-            echo "$DESC already running."
38
-            return
39
-        else
40
-            echo "Removing stale PID file $PIDFILE"
41
-            rm -f $PIDFILE
42
-        fi
43
-    fi
44
-
45
-    # TODO: This is a temporary workaround till
46
-    # we eventually add a resource manager for TPM
47
-    mkdir -p $TPM_DATA_DIR
48
-
49
-    echo -n "Starting $NAME: "
50
-
51
-    TPM_DATA_DIR=$TPM_DATA_DIR start-stop-daemon --start --pidfile $PIDFILE -x "$DAEMON" -- $OPTS
52
-    RETVAL=$?
53
-    if [ $RETVAL -eq 0 ]; then
54
-        echo "done."
55
-    else
56
-        remove_TPM_transients
57
-        echo "failed."
58
-    fi
59
-}
60
-
61
-stop() {
62
-    if [ ! -e $PIDFILE ]; then return; fi
63
-    
64
-    echo -n "Stopping $DESC..."
65
-    
66
-    start-stop-daemon --stop --quiet --retry 3 --oknodo --pidfile $PIDFILE -x "$DAEMON"
67
-    if [ -n "`pidof $DAEMON`" ] ; then
68
-        pkill -KILL -f $DAEMON
69
-    fi
70
-    echo "done."
71
-    rm -f $PIDFILE
72
-    rm -f /var/lock/subsys/$NAME
73
-    remove_TPM_transients
74
-}
75
-
76
-status()
77
-{
78
-    pid=`cat $PIDFILE 2>/dev/null`
79
-    if [ -n "$pid" ]; then
80
-        if ps -p $pid &>/dev/null ; then
81
-            echo "$DESC is running"
82
-            RETVAL=0
83
-            return
84
-        else
85
-            RETVAL=1
86
-        fi
87
-    fi
88
-    echo "$DESC is not running"
89
-    RETVAL=1
90
-}
91
-
92
-check() {
93
-  /usr/sbin/$NAME -c -q -V -f /etc/$NAME/$NAME.cfg
94
-}
95
-
96
-# See how we were called.
97
-case "$1" in
98
-    start)
99
-        start
100
-        ;;
101
-    stop)
102
-        stop
103
-        ;;
104
-    restart|force-reload|reload)
105
-        stop
106
-        start
107
-        ;;
108
-    status)
109
-        status
110
-        ;;
111
-    check)
112
-        check
113
-        ;;
114
-    *)
115
-        echo "Usage: $0 {start|stop|force-reload|restart|reload|status|check}"
116
-        RETVAL=1
117
-        ;;
118
-esac
119
- 
120
-exit $RETVAL

Loading…
Cancel
Save