RHBA-2011:0100 - Bug Fix Advisory

Topic

An updated openais package that fixes various bugs is now available.

Description

The Application Interface Specification (AIS) is an API and a set of policies
for developing applications that maintain services during faults. The OpenAIS
Standards Based Cluster Framework is an OSI-certified implementation of the
Service Availability Forum AIS. The openais package contains the openais
executable, OpenAIS service handlers, default configuration files, and an init
script.

This updated openais package includes fixes for the following bugs:

• Previously, openais crashed with a segmentation fault if it received an

unknown message (this could happen when upgrading openais). Unknown messages are
now ignored so that openais no longer crashes in these circumstances.
(BZ#606028)

• When an Openais client process sent an event to the server (aisexec), the

server stopped working. When the client process tried to send the event using
the saEvtEventPublish() function, it hung indefinitely on a semaphore (semop())
operation. Even when the server was restarted, the blocked client process was
still blocked. The client process no longer hangs indefinitely and is unblocked
after a set period of time. (BZ#579081)

• When the openais server was stopped, server clients may have encountered a

segmentation fault because of an invalid return code in an internal function.
This crash no longer occurs. (BZ#596359)

• Previously, the Closed Process Group (CPG) interface returned the wrong

result, which could have led to incorrect behavior in some situations. With this
update, the CPG interface now behaves as expected. (BZ#599654)

• An incorrectly-configured network could have casued the openais server to

enter a continuous FAILED TO RECEIVE/GATHER loop. (BZ#533383)

• A gather operation which interrupted synchronization could have caused cluster

lockup. (BZ#586519)

• A memmove() operation on a high-loss network could have caused possible stack

corruption resulting in stack protector abort due to an incorrectly-calculated
length in the memmove() operation. (BZ#588489)

• The retransmit list is now properly-typed so as not to confuse the compiler.

(BZ#588494)

• In high-loss networks, an assert based on a constant value for the retransmit

message queue size could have caused a some nodes to receive SIGABRT signals,
and therefore terminate. This constant value has been increased to correspond to
the maximum number of entries, thus resolving the issue. (BZ#588500)

• An internal timer variable was reset on each token retransmission rather than

only on original token transmission; this has been fixed in this updated
package. (BZ#614222)

• OpenAIS has been enabled to work in network environments wherein multicast

messages are slightly delayed when compared to token messages. (BZ#619536)

• In high loss networks, all nodes in a cluster experienced a buffer overflow

and aborted when a threshold of unprocessed/not transmitted packets was reached.
With this update, even when a significant number of packets is unprocessed/not
transmitted, all nodes in a cluster work as expected and do not abort.
(BZ#594480)

• Isolating a node and then removing the isolation potentially resulted in

membership misbehavior. (BZ#611129)

• When a checkpoint name was not terminated with the NULL character, the aisexec

process may have terminated unexpectedly with a segmentation fault, causing a
cluster outage. With this update, the underlying source code has been modified
to resolve this issue, and such strings no longer cause aisexec to crash.
(BZ#625947)

• In rare circumstances, an invalid CPG member was delivered in a configuration

change callback. (BZ#568650)

• An internal protocol variable was set on retransmission when it should only

have been set on the first transmission. With this update, the aforementioned
variable is only set on the first transmission. (BZ#598689)

• The receipt of out-of-order messages could have resulted in token loss.

(BZ#619570)

All users of openais are advised to upgrade to this updated package, which
resolves these issues.

Solution

Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Affected Products

• Red Hat Enterprise Linux Server 5 x86_64
• Red Hat Enterprise Linux Server 5 ia64
• Red Hat Enterprise Linux Server 5 i386
• Red Hat Enterprise Linux Workstation 5 x86_64
• Red Hat Enterprise Linux Workstation 5 i386
• Red Hat Enterprise Linux for Power, big endian 5 ppc
• Red Hat Enterprise Linux Server from RHUI 5 x86_64
• Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

• BZ - 533383 - openais FAILED TO RECEIVE / GATHER loop
• BZ - 568650 - stale CPG members in confchg callback
• BZ - 579081 - Openais client blocked indefinitely on semaphore when the server goes down
• BZ - 588489 - memmove causes stack corruption on lossy network
• BZ - 588494 - use proper typing with retransmit buffer
• BZ - 588500 - if a node originates more then 512 messages in recovery it will sigabort (assert)
• BZ - 594480 - All nodes fail during recovery with stack protector sigabrt
• BZ - 596359 - When dispatch_avail is set to -1 (openais server is killed), library functions segfault
• BZ - 598689 - token retransmissions reset last_aru to current token's aru.
• BZ - 599654 - killing process gives CPG_REASON_LEAVE instead of CPG_REASON_PROCDOWN
• BZ - 606028 - corosync 2801 introduces need for compat patch in rhel to roll
• BZ - 611129 - isolating a node and then removing the isolation at 30 seconds causes a protocol meltdown 15% of time
• BZ - 614222 - token timer is reset on each received retransmitted token resulting in membership meltdown in some conditions
• BZ - 619536 - make openais more resilient to delayed multicast packets
• BZ - 619570 - receipt of out of order regular message can result in token loss
• BZ - 625947 - openais should handle non null terminated chkpoint strings

CVEs

(none)

References

(none)