File pacemaker-lrmd-TLS-listener-messages.patch of Package pacemaker.14737

commit b728824f9701c7cb77b9e7dfcac1b9cf21caed5f
Author: Ken Gaillot <kgaillot@redhat.com>
Date:   Wed Oct 25 15:02:34 2017 -0500

    Log: lrmd: tweak TLS listener messages
    
    also minor refactor for simplicity

diff --git a/lrmd/lrmd_private.h b/lrmd/lrmd_private.h
index 773374b46..4ceb74e85 100644
--- a/lrmd/lrmd_private.h
+++ b/lrmd/lrmd_private.h
@@ -61,7 +61,7 @@ typedef struct lrmd_rsc_s {
 
 #  ifdef HAVE_GNUTLS_GNUTLS_H
 /* in remote_tls.c */
-int lrmd_init_remote_tls_server(int port);
+int lrmd_init_remote_tls_server(void);
 void lrmd_tls_server_destroy(void);
 
 /* Hidden in lrmd client lib */
diff --git a/lrmd/main.c b/lrmd/main.c
index e4c499889..9670015a1 100644
--- a/lrmd/main.c
+++ b/lrmd/main.c
@@ -618,15 +618,11 @@ main(int argc, char **argv, char **envp)
     }
 
 #ifdef ENABLE_PCMK_REMOTE
-    {
-        int remote_port = crm_default_remote_port();
-
-        if (lrmd_init_remote_tls_server(remote_port) < 0) {
-            crm_err("Failed to create TLS server on port %d: shutting down and inhibiting respawn", remote_port);
-            crm_exit(DAEMON_RESPAWN_STOP);
-        }
-        ipc_proxy_init();
+    if (lrmd_init_remote_tls_server() < 0) {
+        crm_err("Failed to create TLS listener: shutting down and staying down");
+        crm_exit(DAEMON_RESPAWN_STOP);
     }
+    ipc_proxy_init();
 #endif
 
     mainloop_add_signal(SIGTERM, lrmd_shutdown);
diff --git a/lrmd/tls_backend.c b/lrmd/tls_backend.c
index 7d790cf80..ce62bfbf6 100644
--- a/lrmd/tls_backend.c
+++ b/lrmd/tls_backend.c
@@ -291,19 +291,20 @@ bind_and_listen(struct addrinfo *addr)
 }
 
 int
-lrmd_init_remote_tls_server(int port)
+lrmd_init_remote_tls_server()
 {
     int rc;
     int filter;
+    int port = crm_default_remote_port();
     struct addrinfo hints, *res = NULL, *iter;
-    char port_str[16];
+    char port_str[6]; // at most "65535"
 
     static struct mainloop_fd_callbacks remote_listen_fd_callbacks = {
         .dispatch = lrmd_remote_listen,
         .destroy = lrmd_remote_connection_destroy,
     };
 
-    crm_notice("Starting a tls listener on port %d.", port);
+    crm_notice("Starting TLS listener on port %d", port);
     crm_gnutls_global_init();
     gnutls_global_set_log_function(debug_log);
 
@@ -314,7 +315,10 @@ lrmd_init_remote_tls_server(int port)
     gnutls_psk_set_server_dh_params(psk_cred_s, dh_params);
 
     memset(&hints, 0, sizeof(struct addrinfo));
-    hints.ai_flags = AI_PASSIVE; /* Only return socket addresses with wildcard INADDR_ANY or IN6ADDR_ANY_INIT */
+    /* Bind to the wildcard address (INADDR_ANY or IN6ADDR_ANY_INIT).
+     * @TODO allow user to specify a specific address
+     */
+    hints.ai_flags = AI_PASSIVE;
     hints.ai_family = AF_UNSPEC; /* Return IPv6 or IPv4 */
     hints.ai_socktype = SOCK_STREAM;
     hints.ai_protocol = IPPROTO_TCP;
@@ -322,7 +326,8 @@ lrmd_init_remote_tls_server(int port)
     snprintf(port_str, sizeof(port_str), "%d", port);
     rc = getaddrinfo(NULL, port_str, &hints, &res);
     if (rc) {
-        crm_err("getaddrinfo: %s", gai_strerror(rc));
+        crm_err("Unable to get IP address info for local node: %s",
+                gai_strerror(rc));
         return -1;
     }