From nscott@redhat.com Fri Feb 1 00:30:08 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id B93A37F3F for ; Fri, 1 Feb 2013 00:30:08 -0600 (CST) Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15]) by relay1.corp.sgi.com (Postfix) with ESMTP id 994068F8039 for ; Thu, 31 Jan 2013 22:30:05 -0800 (PST) X-ASG-Debug-ID: 1359700203-04cb6c39142969d0001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id z9aZ2yymDg9IHXqp for ; Thu, 31 Jan 2013 22:30:04 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r116U3cB003267 for ; Fri, 1 Feb 2013 01:30:03 -0500 Date: Fri, 1 Feb 2013 01:30:03 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: PCP Message-ID: <1786528910.14930673.1359700203435.JavaMail.root@redhat.com> In-Reply-To: <2057809854.14927739.1359699701197.JavaMail.root@redhat.com> Subject: Secure connections writeup - please review MIME-Version: 1.0 X-ASG-Orig-Subj: Secure connections writeup - please review Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.49.88] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1359700204 X-Barracuda-URL: http://192.48.176.15:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.121488 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Hi all, I've made a tutorial style write-up of recent work done in PCP to allow secure connections to be established. Please have a read & let me know if you have any feedback. http://oss.sgi.com/projects/pcp/pcp-gui.git/man/html/lab.secure.html The code behind the pmchart mockup toward the end is in a very very early state, and the authentication part hinted at there is planned for a future release (via SASL2) - neither of those bits are coded yet, let alone in dev branches anywhere (unlike the rest of the TLS/SSL support, which is merged). Thanks! -- Nathan From mailman-bounces@oss.sgi.com Fri Feb 1 05:00:11 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from oss.sgi.com (localhost [IPv6:::1]) by oss.sgi.com (Postfix) with ESMTP id 66DA7803C for ; Fri, 1 Feb 2013 05:00:11 -0600 (CST) MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: oss.sgi.com mailing list memberships reminder From: mailman-owner@oss.sgi.com To: pcp@oss.sgi.com X-No-Archive: yes Message-ID: Date: Fri, 01 Feb 2013 05:00:05 -0600 Precedence: bulk X-BeenThere: mailman@oss.sgi.com X-Mailman-Version: 2.1.14 List-Id: Mailman mail X-List-Administrivia: yes Errors-To: mailman-bounces@oss.sgi.com Sender: mailman-bounces@oss.sgi.com This is a reminder, sent out once a month, about your oss.sgi.com mailing list memberships. It includes your subscription info and how to use it to change it or unsubscribe from a list. You can visit the URLs to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on. In addition to the URL interfaces, you can also use email to make such changes. For more info, send a message to the '-request' address of the list (for example, mailman-request@oss.sgi.com) containing just the word 'help' in the message body, and an email message will be sent to you with instructions. If you have questions, problems, comments, etc, send them to mailman-owner@oss.sgi.com. Thanks! Passwords for pcp@oss.sgi.com: List Password // URL ---- -------- pcp-announce@oss.sgi.com xE+IBctR http://oss.sgi.com/mailman/options/pcp-announce/pcp%40oss.sgi.com From fche@redhat.com Fri Feb 1 09:16:30 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id 4A4747F55 for ; Fri, 1 Feb 2013 09:16:30 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay2.corp.sgi.com (Postfix) with ESMTP id 2B0F7304081 for ; Fri, 1 Feb 2013 07:16:27 -0800 (PST) X-ASG-Debug-ID: 1359731786-04bdf0231e2d3c70001-S8gJnT Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by cuda.sgi.com with ESMTP id qlq2MBhGBVZ3C5l5 for ; Fri, 01 Feb 2013 07:16:26 -0800 (PST) X-Barracuda-Envelope-From: fche@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.28 X-ASG-Whitelist: Client Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r11FGPRp002922 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Fri, 1 Feb 2013 10:16:26 -0500 Received: from fche.csb (vpn-53-199.rdu2.redhat.com [10.10.53.199]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id r11FGPva024289; Fri, 1 Feb 2013 10:16:25 -0500 Received: by fche.csb (Postfix, from userid 2569) id BC0EE5812F; Fri, 1 Feb 2013 10:16:24 -0500 (EST) To: Nathan Scott Cc: PCP Subject: Re: Secure connections writeup - please review References: <2057809854.14927739.1359699701197.JavaMail.root@redhat.com> <1786528910.14930673.1359700203435.JavaMail.root@redhat.com> X-ASG-Orig-Subj: Re: Secure connections writeup - please review From: fche@redhat.com (Frank Ch. Eigler) Date: Fri, 01 Feb 2013 10:16:24 -0500 In-Reply-To: <1786528910.14930673.1359700203435.JavaMail.root@redhat.com> (Nathan Scott's message of "Fri, 1 Feb 2013 01:30:03 -0500 (EST)") Message-ID: User-Agent: Gnus/5.1008 (Gnus v5.10.8) Emacs/21.4 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24 X-Barracuda-Connect: mx1.redhat.com[209.132.183.28] X-Barracuda-Start-Time: 1359731786 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 Nathan Scott writes: > [...] > http://oss.sgi.com/projects/pcp/pcp-gui.git/man/html/lab.secure.html Looks good. A few suggestions: - mention the possibility of self-signed certificates, possibly working out an example - add code to the code (client-side changes only?) to enable clients to download the server certificate during a first connection, and store it in $HOME/.pcp/ssl, to eliminate the manual steps in the "Monitor Setup" section. - consider defaulting to PCP_SECURE_SOCKETS=1 - FChE From brolley@redhat.com Fri Feb 1 10:46:23 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id 64DA17F51 for ; Fri, 1 Feb 2013 10:46:23 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay2.corp.sgi.com (Postfix) with ESMTP id 554EE30406A for ; Fri, 1 Feb 2013 08:46:23 -0800 (PST) X-ASG-Debug-ID: 1359737179-04cbb00c642b9810001-S8gJnT Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by cuda.sgi.com with ESMTP id N4pjd60qZJMJRoCB for ; Fri, 01 Feb 2013 08:46:19 -0800 (PST) X-Barracuda-Envelope-From: brolley@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.28 X-ASG-Whitelist: Client Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r11GkJFA022693 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Fri, 1 Feb 2013 11:46:19 -0500 Received: from [10.10.63.89] (vpn-63-89.rdu2.redhat.com [10.10.63.89]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id r11GkHtg027326 for ; Fri, 1 Feb 2013 11:46:18 -0500 Message-ID: <510BF159.3070005@redhat.com> Date: Fri, 01 Feb 2013 11:46:17 -0500 From: Dave Brolley User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130110 Thunderbird/17.0.2 MIME-Version: 1.0 To: pcp@oss.sgi.com Subject: Re: [pcp] Secure connections writeup - please review References: <2057809854.14927739.1359699701197.JavaMail.root@redhat.com> <1786528910.14930673.1359700203435.JavaMail.root@redhat.com> X-ASG-Orig-Subj: Re: [pcp] Secure connections writeup - please review In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24 X-Barracuda-Connect: mx1.redhat.com[209.132.183.28] X-Barracuda-Start-Time: 1359737179 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 On 02/01/2013 10:16 AM, Frank Ch. Eigler wrote: > Nathan Scott writes: > >> [...] >> http://oss.sgi.com/projects/pcp/pcp-gui.git/man/html/lab.secure.html > > - add code to the code (client-side changes only?) to enable clients > to download the server certificate during a first connection, and > store it in $HOME/.pcp/ssl, to eliminate the manual steps in the > "Monitor Setup" section. > I haven't yet reviewed this, but I can add to Frank's comments. You can find code which does this in systemtap/csclient.cxx. The server's certificate is obtained by calling SSL_PeerCertificate (sslSocket) once a connection has been established. Have a look at the function trustNewServer to see how the certificate is then added to the client-side database of trusted servers. Dave From chandana@desilva.id.au Fri Feb 1 13:56:42 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id 7B05D7F51 for ; Fri, 1 Feb 2013 13:56:42 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay1.corp.sgi.com (Postfix) with ESMTP id 5C15B8F8050 for ; Fri, 1 Feb 2013 11:56:39 -0800 (PST) X-ASG-Debug-ID: 1359748594-04bdf0231e2e1a10001-S8gJnT Received: from mho-01-ewr.mailhop.org (mho-03-ewr.mailhop.org [204.13.248.66]) by cuda.sgi.com with ESMTP id 29lCRZZbj1zM1dyJ (version=TLSv1 cipher=AES256-SHA bits=256 verify=NO) for ; Fri, 01 Feb 2013 11:56:35 -0800 (PST) X-Barracuda-Envelope-From: chandana@desilva.id.au X-Barracuda-Apparent-Source-IP: 204.13.248.66 Received: from d110-33-169-84.sun801.vic.optusnet.com.au ([110.33.169.84] helo=mail.desilva.id.au) by mho-01-ewr.mailhop.org with esmtpa (Exim 4.72) (envelope-from ) id 1U1Miw-000JsF-6J for pcp@oss.sgi.com; Fri, 01 Feb 2013 19:56:34 +0000 Received: from [192.168.1.57] (unknown [192.168.1.57]) by mail.desilva.id.au (Postfix) with ESMTPSA id 38E6A5CCA for ; Sat, 2 Feb 2013 06:54:00 +1100 (EST) X-Mail-Handler: Dyn Standard SMTP by Dyn X-Originating-IP: 110.33.169.84 X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/sendlabs/outbound_abuse.html for abuse reporting information) X-MHO-User: U2FsdGVkX1+thQqgIOX2selTzyKtDga8WpBB+NWStGk= Message-ID: <510C1DEF.7020307@desilva.id.au> Date: Sat, 02 Feb 2013 06:56:31 +1100 From: Chandana De Silva Reply-To: chandana@desilva.id.au User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130106 Thunderbird/17.0.2 MIME-Version: 1.0 To: pcp@oss.sgi.com Subject: Re: pcp Digest, Vol 55, Issue 1 References: X-ASG-Orig-Subj: Re: pcp Digest, Vol 55, Issue 1 In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Barracuda-Connect: mho-03-ewr.mailhop.org[204.13.248.66] X-Barracuda-Start-Time: 1359748594 X-Barracuda-Encrypted: AES256-SHA X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.121541 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Will this also work via pmproxy ? On 02/02/13 05:00, pcp-request@oss.sgi.com wrote: > Hi all, > > I've made a tutorial style write-up of recent work done in > PCP to allow secure connections to be established. Please > have a read & let me know if you have any feedback. > > http://oss.sgi.com/projects/pcp/pcp-gui.git/man/html/lab.secure.html > > From kenj@internode.on.net Fri Feb 1 15:28:36 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id E05DC7F51 for ; Fri, 1 Feb 2013 15:28:36 -0600 (CST) Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15]) by relay3.corp.sgi.com (Postfix) with ESMTP id 7D753AC003 for ; Fri, 1 Feb 2013 13:28:36 -0800 (PST) X-ASG-Debug-ID: 1359754110-04cb6c39142ccf90001-S8gJnT Received: from ipmail04.adl6.internode.on.net (ipmail04.adl6.internode.on.net [150.101.137.141]) by cuda.sgi.com with ESMTP id JIEDZEeGJXwqodpp for ; Fri, 01 Feb 2013 13:28:31 -0800 (PST) X-Barracuda-Envelope-From: kenj@internode.on.net X-Barracuda-Apparent-Source-IP: 150.101.137.141 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: ApMBAFUyDFF20Q4O/2dsb2JhbAANOIZIuH2DEQEBAQQBAQEgSwsMBAsYAgImAgInMBmIHa8zcZJagSONAoIWgRMDlheTYA Received: from ppp118-209-14-14.lns20.mel4.internode.on.net (HELO [192.168.1.100]) ([118.209.14.14]) by ipmail04.adl6.internode.on.net with ESMTP; 02 Feb 2013 07:58:30 +1030 Message-ID: <1359754109.10468.8.camel@bozo.localdomain> Subject: Re: [pcp] PMCD Listen Interface From: Ken McDonell X-ASG-Orig-Subj: Re: [pcp] PMCD Listen Interface To: chandana@desilva.id.au Cc: Nathan Scott , pcp@oss.sgi.com Date: Sat, 02 Feb 2013 08:28:29 +1100 In-Reply-To: <510B1759.9010900@desilva.id.au> References: <1263623744.14593212.1359680953158.JavaMail.root@redhat.com> <510B1759.9010900@desilva.id.au> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.2.2- Content-Transfer-Encoding: 7bit Mime-Version: 1.0 X-Barracuda-Connect: ipmail04.adl6.internode.on.net[150.101.137.141] X-Barracuda-Start-Time: 1359754110 X-Barracuda-URL: http://192.48.176.15:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_MISMATCH_TO X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.121547 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.00 BSF_SC0_MISMATCH_TO Envelope rcpt doesn't match header Chandana, I've added a commented out -i example in pmcd.options. Thanks. On Fri, 2013-02-01 at 12:16 +1100, Chandana De Silva wrote: > Nathan > Thanks. > > The file did not have an example, but this worked. > /var/lib/pcp/config/pmcd/pmcd.options > # listen only on the one network > -i 192.168.122.108 > > > Before the change > sudo netstat -lnp | grep 44321 > tcp 0 0 0.0.0.0:44321 0.0.0.0:* > LISTEN 4065/pmcd > > After > sudo netstat -lnp | grep 44321 > tcp 0 0 192.168.122.108:44321 0.0.0.0:* > LISTEN 7528/pmcd > > Chandana > On 01/02/13 12:09, Nathan Scott wrote: > > > > ----- Original Message ----- > >> The PMCD man page describes a -i option to pmcd that defines the > >> interface which pmcd listens on. > >> ... > >> I would like to use this option, but cannot find where this can be > >> specified in either pcp.conf or pmcd.conf. > >> > > You want the "pmcd.options" file (rpm -ql pcp | grep pmcd.options) > > > > cheers. > > > > -- > > Nathan > > _______________________________________________ > pcp mailing list > pcp@oss.sgi.com > http://oss.sgi.com/mailman/listinfo/pcp From kenj@internode.on.net Fri Feb 1 20:13:49 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id 6B9997F51 for ; Fri, 1 Feb 2013 20:13:49 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay1.corp.sgi.com (Postfix) with ESMTP id 48AD28F8049 for ; Fri, 1 Feb 2013 18:13:46 -0800 (PST) X-ASG-Debug-ID: 1359771224-04cbb00c652ca310001-S8gJnT Received: from ipmail06.adl2.internode.on.net (ipmail06.adl2.internode.on.net [150.101.137.129]) by cuda.sgi.com with ESMTP id p8jlEpTl3xa7c5Kb for ; Fri, 01 Feb 2013 18:13:44 -0800 (PST) X-Barracuda-Envelope-From: kenj@internode.on.net X-Barracuda-Apparent-Source-IP: 150.101.137.129 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: ApMBAN90DFF20Q4O/2dsb2JhbAANOIZIuQKDO4EFBgImAlMftzRxkkqBI40CghaBEwOWF5Ng Received: from ppp118-209-14-14.lns20.mel4.internode.on.net (HELO [192.168.1.100]) ([118.209.14.14]) by ipmail06.adl2.internode.on.net with ESMTP; 02 Feb 2013 12:43:43 +1030 Message-ID: <1359771222.10468.13.camel@bozo.localdomain> Subject: pcp updates From: Ken McDonell X-ASG-Orig-Subj: pcp updates To: pcp@oss.sgi.com Date: Sat, 02 Feb 2013 13:13:42 +1100 Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.2.2- Content-Transfer-Encoding: 7bit Mime-Version: 1.0 X-Barracuda-Connect: ipmail06.adl2.internode.on.net[150.101.137.129] X-Barracuda-Start-Time: 1359771224 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.121565 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Mostly ia64 alignment issues fixed here (expect this might help RISC CPU platforms also). A bit of housework also. Changes committed to git://oss.sgi.com/kenj/pcp.git dev qa/287 | 2 qa/287.out | 557 ------------------------------------------------ qa/514 | 2 qa/common.filter | 2 qa/src/interp0.c | 13 - qa/src/interp1.c | 13 - qa/src/xval.c | 77 +++--- src/libpcp/src/interp.c | 50 ++-- src/libpcp/src/units.c | 75 +++--- src/pmcd/pmcd.options | 12 - 10 files changed, 149 insertions(+), 654 deletions(-) commit 27da4e716b345e83a2d943cfa84041e996df6ff0 Author: Ken McDonell Date: Sat Feb 2 13:11:04 2013 +1100 qa/287 - old .out file not needed now commit 455e383f1869d4328d934dd29620dca22abd8717 Author: Ken McDonell Date: Sat Feb 2 13:09:53 2013 +1100 pmcd.options - add some missing examples Added -i (thanks to Chandana) and some other refreshing of the commented out options. commit 6116cd735a80f493bfbc0812492d6130b8df7ab5 Author: Ken McDonell Date: Sat Feb 2 13:08:25 2013 +1100 qa/287 - same output expected for x86_64 and ia64 commit 132a6e8bc09a9ececf52a66bc9ad5198c8905cc6 Author: Ken McDonell Date: Sat Feb 2 13:07:25 2013 +1100 qa/src/interp[01].c - alignment issues Problems on ia64 resolved. commit ba2cb05135896224d534ff9e1d1195e9193facba Author: Ken McDonell Date: Sat Feb 2 13:03:40 2013 +1100 libpcp - fix alignment issues We were being a little loose with pointer assignments involving pmAtomValue types and values stored in the vbuf[] field of a pmValueBlock. On ia64 this was generating a lot of alignment warnings at run time when memcpy() was being in-lined by gcc. Fixed by being more careful and more C99 standards-compliant. commit d39708d8f03091eeb2c8d58289bb2b925e15d17c Author: Ken McDonell Date: Sat Feb 2 12:10:58 2013 +1100 qa pmie start filter fix After recent script changes, the hints for enabling pmie include references to update-rc.d on some platforms ... filter these out like similar hints on other platforms. commit ef39005dd8932720d9cfe17e26b452f2a45b20cb Author: Ken McDonell Date: Sat Feb 2 12:03:20 2013 +1100 qa/514 - bizarre award of the year, bozo! Faid iff the local hostname is bozo!! Minor filter tweak required. commit 44bfa9bd2ffcfe40d1061afd286957a7fcb54413 Author: Ken McDonell Date: Fri Feb 1 19:59:08 2013 +1100 qa/src/xval.c - alignment issues Problems on ia64 resolved. From kenj@internode.on.net Sat Feb 2 14:02:51 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id 82C3C7F50 for ; Sat, 2 Feb 2013 14:02:51 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay1.corp.sgi.com (Postfix) with ESMTP id 703748F8049 for ; Sat, 2 Feb 2013 12:02:48 -0800 (PST) X-ASG-Debug-ID: 1359835366-04cbb00c632e9ab0001-S8gJnT Received: from ipmail06.adl2.internode.on.net (ipmail06.adl2.internode.on.net [150.101.137.129]) by cuda.sgi.com with ESMTP id YhfBy9154YiYHZqG for ; Sat, 02 Feb 2013 12:02:47 -0800 (PST) X-Barracuda-Envelope-From: kenj@internode.on.net X-Barracuda-Apparent-Source-IP: 150.101.137.129 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: ApMBAOJvDVF20Q4O/2dsb2JhbAANOIZIuQSDEgEBAQQjVhALDgoCAiYCAlcGE7ZrcZIAgSOPHIETA5Yfk2E Received: from ppp118-209-14-14.lns20.mel4.internode.on.net (HELO [192.168.1.100]) ([118.209.14.14]) by ipmail06.adl2.internode.on.net with ESMTP; 03 Feb 2013 06:32:45 +1030 Message-ID: <1359835363.10468.20.camel@bozo.localdomain> Subject: Re: [pcp] qa/511 failing From: Ken McDonell X-ASG-Orig-Subj: Re: [pcp] qa/511 failing To: David Disseldorp Cc: Nathan Scott , pcp@oss.sgi.com Date: Sun, 03 Feb 2013 07:02:43 +1100 In-Reply-To: <20130129113833.1cc959f3@plati.site> References: <1359417344.4029.24.camel@bozo.localdomain> <857823097.12680679.1359418349671.JavaMail.root@redhat.com> <20130129111400.0bb0df54@plati.site> <1359455230.2630.2.camel@bozo-laptop.localdomain> <20130129113833.1cc959f3@plati.site> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.2.2- Content-Transfer-Encoding: 7bit Mime-Version: 1.0 X-Barracuda-Connect: ipmail06.adl2.internode.on.net[150.101.137.129] X-Barracuda-Start-Time: 1359835366 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.121632 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- On Tue, 2013-01-29 at 11:38 +0100, David Disseldorp wrote: > On Tue, 29 Jan 2013 21:27:10 +1100 > Ken McDonell wrote: > > > On Tue, 2013-01-29 at 11:14 +0100, David Disseldorp wrote: > > > > > > > > Thanks, I've raised bnc#800978 to track this. FWIW the bug is not > > > present in sysstat-10.0.5 shipped with openSUSE 12.2 and 12.3. > > > > Thanks David ... should I retire openSUSE 12.1 from my QA farm and > > replace it with a more recent release? And if so, should that be 12.3 > > and/or 12.2? > > 12.3 is Beta, but an updated 12.2 system in the QA farm would be great. I created a new VM for openSUSE 12.2 ... qa/511 passes just fine there. David, could you please drop me a line when openSUSE 12.3 appears and I'll roll my 12.1 VM to 12.3. Thanks. From nscott@redhat.com Sun Feb 3 18:03:03 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id A0D7A7F56 for ; Sun, 3 Feb 2013 18:03:03 -0600 (CST) Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15]) by relay1.corp.sgi.com (Postfix) with ESMTP id 910268F8033 for ; Sun, 3 Feb 2013 16:03:00 -0800 (PST) X-ASG-Debug-ID: 1359936179-04cb6c3914324690001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id 4gbMFKBeqK6gYTQP for ; Sun, 03 Feb 2013 16:02:59 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1402vah002990; Sun, 3 Feb 2013 19:02:57 -0500 Date: Sun, 3 Feb 2013 19:02:57 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: chandana@desilva.id.au Cc: pcp@oss.sgi.com Message-ID: <197833885.16009249.1359936177511.JavaMail.root@redhat.com> In-Reply-To: <510C1DEF.7020307@desilva.id.au> Subject: pmproxy vs TLS/SSL (was Re: [pcp] pcp Digest, Vol 55, Issue 1) MIME-Version: 1.0 X-ASG-Orig-Subj: pmproxy vs TLS/SSL (was Re: [pcp] pcp Digest, Vol 55, Issue 1) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.49.82] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1359936179 X-Barracuda-URL: http://192.48.176.15:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_MISMATCH_TO X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.121732 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.00 BSF_SC0_MISMATCH_TO Envelope rcpt doesn't match header ----- Original Message ----- > Will this also work via pmproxy ? It doesn't yet, but that's on my ToDo list. cheers. -- Nathan From nscott@redhat.com Sun Feb 3 23:46:48 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id 9C1DB7F52 for ; Sun, 3 Feb 2013 23:46:48 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay3.corp.sgi.com (Postfix) with ESMTP id 3577AAC001 for ; Sun, 3 Feb 2013 21:46:45 -0800 (PST) X-ASG-Debug-ID: 1359956800-04cbb00c65329760001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id yK5FEuFAU9PH05nr for ; Sun, 03 Feb 2013 21:46:40 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r145keIJ015723; Mon, 4 Feb 2013 00:46:40 -0500 Date: Mon, 4 Feb 2013 00:46:40 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: "Frank Ch. Eigler" Cc: PCP Message-ID: <1649221790.16129979.1359956800185.JavaMail.root@redhat.com> In-Reply-To: Subject: Re: Secure connections writeup - please review MIME-Version: 1.0 X-ASG-Orig-Subj: Re: Secure connections writeup - please review Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.49.82] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1359956800 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.01 X-Barracuda-Spam-Status: No, SCORE=0.01 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_MISMATCH_TO, BSF_SC0_SA_TO_FROM_DOMAIN_MATCH X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.121754 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.00 BSF_SC0_MISMATCH_TO Envelope rcpt doesn't match header 0.01 BSF_SC0_SA_TO_FROM_DOMAIN_MATCH Sender Domain Matches Recipient Domain Hi Frank, ----- Original Message ----- > Nathan Scott writes: > > > [...] > > http://oss.sgi.com/projects/pcp/pcp-gui.git/man/html/lab.secure.html > > Looks good. A few suggestions: Thanks! > - mention the possibility of self-signed certificates, possibly > working out an example You mean above and beyond the self-signed cert used in the example, I'm sure. Is that really a valid way to set up a realistic server? I've been put off self-signing by http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf a bit I guess, but possibly I'm getting paranoid? :) > - add code to the code (client-side changes only?) to enable clients > to download the server certificate during a first connection, and > store it in $HOME/.pcp/ssl, to eliminate the manual steps in the > "Monitor Setup" section. Thanks! (and Dave) will look into that shortly. > - consider defaulting to PCP_SECURE_SOCKETS=1 The semantics of that env var are that if a secure connection cannot be established, the connection fails. That seemed like the right way to approach it (people who might want to be using this would want to be sure it doesn't silently fallback to not-secure, in order to not regress existing installations on upgrade). Given that, and the requirements for backwards compatibility when we're operating in environments with down-rev remote hosts, I'm not sure we can switch this mode to default ... thoughts? Perhaps down the track, when we are confident the vast majority of installations have these capabilities (and we have gained more production-system-type confidence in the new code!). cheers. -- Nathan From kenj@internode.on.net Mon Feb 4 00:04:42 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id 2140A7F54 for ; Mon, 4 Feb 2013 00:04:42 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay3.corp.sgi.com (Postfix) with ESMTP id AD44DAC003 for ; Sun, 3 Feb 2013 22:04:41 -0800 (PST) X-ASG-Debug-ID: 1359957876-04bdf0231e34bee0001-S8gJnT Received: from ipmail06.adl6.internode.on.net (ipmail06.adl6.internode.on.net [150.101.137.145]) by cuda.sgi.com with ESMTP id CLCnug47xgQxw2xH for ; Sun, 03 Feb 2013 22:04:37 -0800 (PST) X-Barracuda-Envelope-From: kenj@internode.on.net X-Barracuda-Apparent-Source-IP: 150.101.137.145 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: ApMBAAZPD1F20Q4O/2dsb2JhbAANN4ZIuQaDEgEBAQQjSQ0QCxgCAiYCAlcGtFdxkVmBI48cgRMDkmeDOJNh Received: from ppp118-209-14-14.lns20.mel4.internode.on.net (HELO [192.168.1.100]) ([118.209.14.14]) by ipmail06.adl6.internode.on.net with ESMTP; 04 Feb 2013 16:34:09 +1030 Message-ID: <1359957847.11958.2.camel@bozo.localdomain> Subject: Re: [pcp] Secure connections writeup - please review From: Ken McDonell X-ASG-Orig-Subj: Re: [pcp] Secure connections writeup - please review To: Nathan Scott Cc: "Frank Ch. Eigler" , PCP Date: Mon, 04 Feb 2013 17:04:07 +1100 In-Reply-To: <1649221790.16129979.1359956800185.JavaMail.root@redhat.com> References: <1649221790.16129979.1359956800185.JavaMail.root@redhat.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.2.2- Content-Transfer-Encoding: 7bit Mime-Version: 1.0 X-Barracuda-Connect: ipmail06.adl6.internode.on.net[150.101.137.145] X-Barracuda-Start-Time: 1359957876 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.121756 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- On Mon, 2013-02-04 at 00:46 -0500, Nathan Scott wrote: > ... > > - consider defaulting to PCP_SECURE_SOCKETS=1 > > The semantics of that env var are that if a secure connection cannot > be established, the connection fails. That seemed like the right way > to approach it (people who might want to be using this would want to > be sure it doesn't silently fallback to not-secure, in order to not > regress existing installations on upgrade). > > Given that, and the requirements for backwards compatibility when we're > operating in environments with down-rev remote hosts, I'm not sure we > can switch this mode to default ... thoughts? Perhaps down the track, > when we are confident the vast majority of installations have these > capabilities (and we have gained more production-system-type confidence > in the new code!). I agree with Nathan ... the obligation to NOT break production environments with mixed PCP versions installed across servers and clients is of paramount importance. This is even more so when we're talking about new features that are not battle scarred across the production landscape. From fche@redhat.com Mon Feb 4 08:34:47 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id 2D9DE7F56 for ; Mon, 4 Feb 2013 08:34:47 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay2.corp.sgi.com (Postfix) with ESMTP id F1D83304048 for ; Mon, 4 Feb 2013 06:34:43 -0800 (PST) X-ASG-Debug-ID: 1359988480-04bdf0231d363510001-S8gJnT Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by cuda.sgi.com with ESMTP id 0wdEYBU6JjWKH3ae for ; Mon, 04 Feb 2013 06:34:40 -0800 (PST) X-Barracuda-Envelope-From: fche@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.28 X-ASG-Whitelist: Client Received: from int-mx12.intmail.prod.int.phx2.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.25]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r14EYdHb007142 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Mon, 4 Feb 2013 09:34:39 -0500 Received: from fche.csb (vpn-53-199.rdu2.redhat.com [10.10.53.199]) by int-mx12.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id r14EYdwm012705; Mon, 4 Feb 2013 09:34:39 -0500 Received: by fche.csb (Postfix, from userid 2569) id B44D158145; Mon, 4 Feb 2013 09:34:38 -0500 (EST) Date: Mon, 4 Feb 2013 09:34:38 -0500 From: "Frank Ch. Eigler" To: Nathan Scott Cc: PCP Subject: Re: Secure connections writeup - please review Message-ID: <20130204143438.GF15614@redhat.com> X-ASG-Orig-Subj: Re: Secure connections writeup - please review References: <1649221790.16129979.1359956800185.JavaMail.root@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1649221790.16129979.1359956800185.JavaMail.root@redhat.com> User-Agent: Mutt/1.4.2.2i X-Scanned-By: MIMEDefang 2.68 on 10.5.11.25 X-Barracuda-Connect: mx1.redhat.com[209.132.183.28] X-Barracuda-Start-Time: 1359988480 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 Hi - nathans wrote: > > - mention the possibility of self-signed certificates, possibly > > working out an example > > You mean above and beyond the self-signed cert used in the example, > I'm sure. I only see "obtain and install a certificate ..." in the writeup, not anything about *how*. > Is that really a valid way to set up a realistic server? [...] It's obviously not applicable everywhere, but in other places, it's better than no encryption at all. > [...] > > - consider defaulting to PCP_SECURE_SOCKETS=1 > > The semantics of that env var are that if a secure connection cannot > be established, the connection fails. [...] That could be changed, or a different value could be invented with a "prefer but not require ssl" meaning. The idea would be to get a as-secure-as-possible-by-default kind of situation. - FChE From nscott@redhat.com Tue Feb 5 15:35:01 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id 1E7597F52 for ; Tue, 5 Feb 2013 15:35:01 -0600 (CST) Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15]) by relay1.corp.sgi.com (Postfix) with ESMTP id 0AD2C8F8039 for ; Tue, 5 Feb 2013 13:34:57 -0800 (PST) X-ASG-Debug-ID: 1360100096-04cb6c39143b69f0001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id WZkgieI9ATAZkSkv for ; Tue, 05 Feb 2013 13:34:56 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r15LYu4o002971; Tue, 5 Feb 2013 16:34:56 -0500 Date: Tue, 5 Feb 2013 16:34:56 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: "Frank Ch. Eigler" Cc: PCP Message-ID: <1712549289.258450.1360100096410.JavaMail.root@redhat.com> In-Reply-To: <20130204143438.GF15614@redhat.com> Subject: Re: Secure connections writeup - please review MIME-Version: 1.0 X-ASG-Orig-Subj: Re: Secure connections writeup - please review Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.49.140] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1360100096 X-Barracuda-URL: http://192.48.176.15:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.01 X-Barracuda-Spam-Status: No, SCORE=0.01 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_MISMATCH_TO, BSF_SC0_SA_TO_FROM_DOMAIN_MATCH X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.121912 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.00 BSF_SC0_MISMATCH_TO Envelope rcpt doesn't match header 0.01 BSF_SC0_SA_TO_FROM_DOMAIN_MATCH Sender Domain Matches Recipient Domain Hi Frank, ----- Original Message ----- > Hi - > > nathans wrote: > > > - mention the possibility of self-signed certificates, possibly > > > working out an example > > > > You mean above and beyond the self-signed cert used in the example, > > I'm sure. > > I only see "obtain and install a certificate ..." in the writeup, not > anything about *how*. > Yeah, will expand on that some. I've been refering to other projects writeups for enabling this, and I guess there must be several different ways people/companies go about getting certs (in-house vs ext providers I guess?) resulting in the docs tending to be vague wrt the "how". > > Is that really a valid way to set up a realistic server? [...] > > It's obviously not applicable everywhere, but in other places, it's > better than no encryption at all. > OK. > > [...] > > > - consider defaulting to PCP_SECURE_SOCKETS=1 > > > > The semantics of that env var are that if a secure connection > > cannot be established, the connection fails. [...] > > That could be changed, or a different value could be invented with a > "prefer but not require ssl" meaning. The idea would be to get a > as-secure-as-possible-by-default kind of situation. Yes, I was pondering that as well. Could change it to having a value and not than just being set/not - something like "soft" vs "hard", or "best-effort" vs "enforced" perhaps? I didn't convince myself one approach was better than the other, so left it as always-fail if we cannot connect securely. Will look into the best-effort path again, unless others have a strong opinion that we shouldn't do that. A best-effort mode is something that could become a default in the medium term, methinks, once confidence in the new code grows. cheers. -- Nathan From brolley@redhat.com Wed Feb 6 10:49:29 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=HTML_MESSAGE autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id CC0FF7F3F for ; Wed, 6 Feb 2013 10:49:29 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay1.corp.sgi.com (Postfix) with ESMTP id 9D1818F8052 for ; Wed, 6 Feb 2013 08:49:29 -0800 (PST) X-ASG-Debug-ID: 1360169365-04bdf0231d404f80001-S8gJnT Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by cuda.sgi.com with ESMTP id 57Ub2wZv9RC3GpcI for ; Wed, 06 Feb 2013 08:49:25 -0800 (PST) X-Barracuda-Envelope-From: brolley@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.28 X-ASG-Whitelist: Client Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r16GnPci005725 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Wed, 6 Feb 2013 11:49:25 -0500 Received: from [10.15.16.216] ([10.15.16.216]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id r16GnOQu011878 for ; Wed, 6 Feb 2013 11:49:24 -0500 Message-ID: <51128994.2080904@redhat.com> Date: Wed, 06 Feb 2013 11:49:24 -0500 From: Dave Brolley User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130110 Thunderbird/17.0.2 MIME-Version: 1.0 To: pcp@oss.sgi.com Subject: Re: [pcp] Secure connections writeup - please review References: <1786528910.14930673.1359700203435.JavaMail.root@redhat.com> X-ASG-Orig-Subj: Re: [pcp] Secure connections writeup - please review In-Reply-To: <1786528910.14930673.1359700203435.JavaMail.root@redhat.com> Content-Type: multipart/alternative; boundary="------------010606040605060204050802" X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22 X-Barracuda-Connect: mx1.redhat.com[209.132.183.28] X-Barracuda-Start-Time: 1360169365 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 This is a multi-part message in MIME format. --------------010606040605060204050802 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit On 02/01/2013 01:30 AM, Nathan Scott wrote: > Hi all, > > I've made a tutorial style write-up of recent work done in > PCP to allow secure connections to be established. Please > have a read & let me know if you have any feedback. > > http://oss.sgi.com/projects/pcp/pcp-gui.git/man/html/lab.secure.html I've now had a chance to take a look at this. It all looks technically correct, which is to say that it will work. There are perhaps some usability items that could be improved. * fche has already mentioned allowing the clients to obtain a server's certificate directly from the server. This could be part of the "bad cert handler" where when a server's certificate is not trusted by the client, the client gives the user the opportunity to say "yes, I trust this server". The server could be trusted just for one session (the server's certificate is not added to the client's data base of trusted certificates), or permanently (the server's certificate is added to the client's data base of trusted certificates). Users of firefox may find this procedure familiar. * When using a certificate authority, it is sufficient for the clients to have the CA's signing certificate (as opposed to the server's actual certificate). This is the certificate that the CA uses to sign the certificates that it issues. If the client has the CA's signing certificate then it also trusts any certificates which are signed using that certificate. In this way, when the server's certificate expires, and it obtains a new certificate from the CA, the new certificate will be automatically trusted by clients without having to obtain a new certificate from the server. Dave --------------010606040605060204050802 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit On 02/01/2013 01:30 AM, Nathan Scott wrote:
Hi all,

I've made a tutorial style write-up of recent work done in
PCP to allow secure connections to be established.  Please
have a read & let me know if you have any feedback.

http://oss.sgi.com/projects/pcp/pcp-gui.git/man/html/lab.secure.html
I've now had a chance to take a look at this. It all looks technically correct, which is to say that it will work. There are perhaps some usability items that could be improved.
  • fche has already mentioned allowing the clients to obtain a server's certificate directly from the server. This could be part of the "bad cert handler" where when a server's certificate is not trusted by the client, the client gives the user the opportunity to say "yes, I trust this server". The server could be trusted just for one session (the server's certificate is not added to the client's data base of trusted certificates), or permanently (the server's certificate is added to the client's data base of trusted certificates). Users of firefox may find this procedure familiar.
  • When using a certificate authority, it is sufficient for the clients to have the CA's signing certificate (as opposed to the server's actual certificate). This is the certificate that the CA uses to sign the certificates that it issues. If the client has the CA's signing certificate then it also trusts any certificates which are signed using that certificate. In this way, when the server's certificate expires, and it obtains a new certificate from the CA, the new certificate will be automatically trusted by clients without having to obtain a new certificate from the server.
Dave

--------------010606040605060204050802-- From nscott@redhat.com Wed Feb 6 18:22:15 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id 195B97F3F for ; Wed, 6 Feb 2013 18:22:15 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay3.corp.sgi.com (Postfix) with ESMTP id AE697AC002 for ; Wed, 6 Feb 2013 16:22:11 -0800 (PST) X-ASG-Debug-ID: 1360196530-04bdf0231a41e1e0001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id sKEwo1DxS91qSzdF for ; Wed, 06 Feb 2013 16:22:10 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r170MAou021030; Wed, 6 Feb 2013 19:22:10 -0500 Date: Wed, 6 Feb 2013 19:22:10 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: Dave Brolley Cc: pcp@oss.sgi.com Message-ID: <946930016.871164.1360196530068.JavaMail.root@redhat.com> In-Reply-To: <51128994.2080904@redhat.com> Subject: Re: [pcp] Secure connections writeup - please review MIME-Version: 1.0 X-ASG-Orig-Subj: Re: [pcp] Secure connections writeup - please review Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.49.147] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1360196530 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.01 X-Barracuda-Spam-Status: No, SCORE=0.01 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_SA_TO_FROM_DOMAIN_MATCH X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.122020 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.01 BSF_SC0_SA_TO_FROM_DOMAIN_MATCH Sender Domain Matches Recipient Domain Hi Dave, ----- Original Message ----- > > I've now had a chance to take a look at this. It all looks > technically correct, which is to say that it will work. There are > perhaps some usability items that could be improved. > > * fche has already mentioned allowing the clients to obtain a > server's certificate directly from the server. This could be > part of the "bad cert handler" where when a server's certificate > is not trusted by the client, the client gives the user the > opportunity to say "yes, I trust this server". The server could > be trusted just for one session (the server's certificate is not > added to the client's data base of trusted certificates), or > permanently (the server's certificate is added to the client's > data base of trusted certificates). Users of firefox may find > this procedure familiar. OK, yep - sounds good, will do. > * When using a certificate authority, it is sufficient for the > clients to have the CA's signing certificate (as opposed to the > server's actual certificate). This is the certificate that the > CA uses to sign the certificates that it issues. If the client > has the CA's signing certificate then it also trusts any > certificates which are signed using that certificate. In this > way, when the server's certificate expires, and it obtains a new > certificate from the CA, the new certificate will be > automatically trusted by clients without having to obtain a new > certificate from the server. Ah, that makes alot of sense. Where would the client look to find the CA's certificates? I see there's an /etc/pki/nssdb that ships with nspr, but it appears to be empty (no certs at all, according to certutil -L). Are they installed somewhere else? thanks! -- Nathan From nscott@redhat.com Wed Feb 6 21:35:25 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id B1A787F3F for ; Wed, 6 Feb 2013 21:35:25 -0600 (CST) Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15]) by relay1.corp.sgi.com (Postfix) with ESMTP id 9E7D38F8050 for ; Wed, 6 Feb 2013 19:35:25 -0800 (PST) X-ASG-Debug-ID: 1360208121-04cb6c3914402d20001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id C3V1mzJENoygFhOk for ; Wed, 06 Feb 2013 19:35:21 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r173ZH81020381; Wed, 6 Feb 2013 22:35:17 -0500 Date: Wed, 6 Feb 2013 22:35:17 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: pcp@oss.sgi.com Cc: Ryan Doyle Message-ID: <1051007973.908860.1360208117478.JavaMail.root@redhat.com> Subject: pcp updates: pmdaapache MIME-Version: 1.0 X-ASG-Orig-Subj: pcp updates: pmdaapache Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.49.147] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1360208121 X-Barracuda-URL: http://192.48.176.15:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.122032 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/pcp/pcp.git dev src/libpcp_http/src/http_fetcher.c | 2 +- src/pmdas/apache/apache.c | 21 ++++++++++++++------- 2 files changed, 15 insertions(+), 8 deletions(-) commit 2d0560735f1d0d792a67028d15ce0dbdc0c01c03 Author: Nathan Scott Date: Thu Feb 7 14:33:59 2013 +1100 Improve pmdaapache fetch handling Ryan reported and fixed a pmdaapache fd leak. He also noticed that one descriptor per metric was leaked on each fetch, which suggested the http request was being performed too often. On closer inspection, there's a fetchcallback guard which uses time(2) to prevent multiple fetches within a second, caching the last result. However, that means we still call time(2) on each callback (per-metric) and in the failure case we call the full refresh that often as well. Added a per-fetch hook and moved the refresh logic there (with the one-second caching guard still in place) to improve this a little. commit 5de27f4f83ed12cc3d68db21e6caa9c5157944a0 Author: Ryan Doyle Date: Thu Feb 7 14:17:14 2013 +1100 Fix an open file descriptor leak in pmdaapache connect error paths The libpcp_http library which performs simple http requests for PMDAs fails to close socket file descriptors on the connect error path. The problem was observed when the Apache PMDA was failing to show metrics. Ended up stracing the process and saw that pam_limits was denying any new files to be opened. Checked /proc/$pid/fd and found ~1000 sockets. Reproduced this behaviour by stopping Apache and then attempting to fetch all the apache metrics. Each time I'd do a fetch, the amount of FDs would jump up by 20 each time. Tracked it to http_fetcher.c in the makeSocket routine. Fix reviewed by mgoodwin and nathans on #pcp. From brolley@redhat.com Thu Feb 7 09:36:39 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id A0A067F4C for ; Thu, 7 Feb 2013 09:36:39 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay1.corp.sgi.com (Postfix) with ESMTP id 72D4F8F8050 for ; Thu, 7 Feb 2013 07:36:39 -0800 (PST) X-ASG-Debug-ID: 1360251395-04bdf0231a4398f0001-S8gJnT Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by cuda.sgi.com with ESMTP id 3xMnYEx8rJE2HEJ9 for ; Thu, 07 Feb 2013 07:36:35 -0800 (PST) X-Barracuda-Envelope-From: brolley@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.28 X-ASG-Whitelist: Client Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r17FaYLs019461 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Thu, 7 Feb 2013 10:36:35 -0500 Received: from [10.15.16.216] ([10.15.16.216]) by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r17FaY0B023931 for ; Thu, 7 Feb 2013 10:36:34 -0500 Message-ID: <5113CA02.1030106@redhat.com> Date: Thu, 07 Feb 2013 10:36:34 -0500 From: Dave Brolley User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130110 Thunderbird/17.0.2 MIME-Version: 1.0 To: pcp@oss.sgi.com Subject: Re: [pcp] Secure connections writeup - please review References: <946930016.871164.1360196530068.JavaMail.root@redhat.com> X-ASG-Orig-Subj: Re: [pcp] Secure connections writeup - please review In-Reply-To: <946930016.871164.1360196530068.JavaMail.root@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.67 on 10.5.11.12 X-Barracuda-Connect: mx1.redhat.com[209.132.183.28] X-Barracuda-Start-Time: 1360251395 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 On 02/06/2013 07:22 PM, Nathan Scott wrote: >> * When using a certificate authority, it is sufficient for the >> clients to have the CA's signing certificate (as opposed to the >> server's actual certificate). This is the certificate that the >> CA uses to sign the certificates that it issues. If the client >> has the CA's signing certificate then it also trusts any >> certificates which are signed using that certificate. In this >> way, when the server's certificate expires, and it obtains a new >> certificate from the CA, the new certificate will be >> automatically trusted by clients without having to obtain a new >> certificate from the server. > Ah, that makes alot of sense. Where would the client look to find > the CA's certificates? I see there's an /etc/pki/nssdb that ships > with nspr, but it appears to be empty (no certs at all, according > to certutil -L). Are they installed somewhere else? > I would assume that one would get the signing certificate from the CA itself. I don't know for sure. The systemtap compile-server does not use certificates from a CA. It uses its own self-signed certificates. Dave From nscott@redhat.com Thu Feb 7 17:22:02 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id F00B57F3F for ; Thu, 7 Feb 2013 17:22:01 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay2.corp.sgi.com (Postfix) with ESMTP id D04A330406A for ; Thu, 7 Feb 2013 15:22:01 -0800 (PST) X-ASG-Debug-ID: 1360279317-04cbb00c65422f80001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id XNDwZtX9hooLPZ6j for ; Thu, 07 Feb 2013 15:21:57 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r17NLuOl002064; Thu, 7 Feb 2013 18:21:56 -0500 Date: Thu, 7 Feb 2013 18:21:56 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: Dave Brolley Cc: pcp@oss.sgi.com Message-ID: <833453649.1538581.1360279316800.JavaMail.root@redhat.com> In-Reply-To: <5113CA02.1030106@redhat.com> Subject: Re: [pcp] Secure connections writeup - please review MIME-Version: 1.0 X-ASG-Orig-Subj: Re: [pcp] Secure connections writeup - please review Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.49.147] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1360279317 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.01 X-Barracuda-Spam-Status: No, SCORE=0.01 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_SA_TO_FROM_DOMAIN_MATCH X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.122112 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.01 BSF_SC0_SA_TO_FROM_DOMAIN_MATCH Sender Domain Matches Recipient Domain ----- Original Message ----- > On 02/06/2013 07:22 PM, Nathan Scott wrote: > >> * When using a certificate authority, it is sufficient for > >> the > >> clients to have the CA's signing certificate (as opposed to > >> the > >> server's actual certificate). This is the certificate that > >> the > >> CA uses to sign the certificates that it issues. If the > >> client > >> has the CA's signing certificate then it also trusts any > >> certificates which are signed using that certificate. In this > >> way, when the server's certificate expires, and it obtains a > >> new > >> certificate from the CA, the new certificate will be > >> automatically trusted by clients without having to obtain a > >> new > >> certificate from the server. > > Ah, that makes alot of sense. Where would the client look to find > > the CA's certificates? I see there's an /etc/pki/nssdb that ships > > with nspr, but it appears to be empty (no certs at all, according > > to certutil -L). Are they installed somewhere else? > > > I would assume that one would get the signing certificate from the CA > itself. I don't know for sure. The systemtap compile-server does not > use > certificates from a CA. It uses its own self-signed certificates. Hmmm. So, somehow firefox manages this without manual intervention - not sure how though? Digging around below ~/.mozilla uncovers ... $ certutil -d /home/nathans/.mozilla/firefox/bqxm6ne3.default -L Certificate Nickname Trust Attributes SSL,S/MIME,JAR/XPI VeriSign Class 3 Extended Validation SSL CA ,, DigiCert High Assurance CA-3 ,, VeriSign Class 3 International Server CA - G3 ,, [snip bunch more root certs] Looks like somehow firefox has created a NSS DB for me with all these (root certs) plus all the ones I've added - which sounds alot like what we're after? Just need to figure out where it's started from with the initial DB... some code archeology is in order I think. cheers. -- Nathan From nscott@redhat.com Thu Feb 7 21:46:16 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id 06C067F3F for ; Thu, 7 Feb 2013 21:46:16 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay1.corp.sgi.com (Postfix) with ESMTP id E9FFA8F8035 for ; Thu, 7 Feb 2013 19:46:15 -0800 (PST) X-ASG-Debug-ID: 1360295171-04cbb00c6643c630001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id shnWGNAy9u8bsE2x for ; Thu, 07 Feb 2013 19:46:11 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r183kAWU013075; Thu, 7 Feb 2013 22:46:10 -0500 Date: Thu, 7 Feb 2013 22:46:10 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: Dave Brolley Cc: pcp@oss.sgi.com Message-ID: <1065417736.1612108.1360295170905.JavaMail.root@redhat.com> In-Reply-To: <833453649.1538581.1360279316800.JavaMail.root@redhat.com> Subject: Re: [pcp] Secure connections writeup - please review MIME-Version: 1.0 X-ASG-Orig-Subj: Re: [pcp] Secure connections writeup - please review Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.49.147] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1360295171 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.01 X-Barracuda-Spam-Status: No, SCORE=0.01 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_SA_TO_FROM_DOMAIN_MATCH X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.122128 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.01 BSF_SC0_SA_TO_FROM_DOMAIN_MATCH Sender Domain Matches Recipient Domain ----- Original Message ----- > ... > Looks like somehow firefox has created a NSS DB for me with all > these (root certs) plus all the ones I've added - which sounds > alot like what we're after? Just need to figure out where it's > started from with the initial DB... some code archeology is in > order I think. Hooboy, what a quagmire. Firstly, found some good Red Hat docs, especially around certificate requests (from our earlier mail): https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Certificate_System/7.3/html/Administration_Guide/Administration_Guide-Managing_Certificates-Requesting_and_Receiving_Certificates.html Links to that will probably be the best bet, I think, and little detail beyond the certutil basics. Back to the NSS databases. It's starting to look like we should be removing any pcp-specific paths / databases, and make use of /etc/pki/nssdb and $HOME/.pki/nssdb for servers and clients. It also looks like we should encourage (enforce?) the use of sqlite nss databases to aid us in sharing them (the separate $HOME and system DBs I'd envisaged before is not really where it seems the NSS/Mozilla folks are headed. Some related links, discussing Firefox and Chrome, particularly at the end, and their use of shared NSS databases: https://wiki.mozilla.org/NSS_Shared_DB_And_LINUX https://wiki.mozilla.org/NSS_Shared_DB_Howto https://bugzilla.redhat.com/show_bug.cgi?id=546221 https://bugzilla.mozilla.org/show_bug.cgi?id=620373 https://bugzilla.mozilla.org/show_bug.cgi?id=449498 http://code.google.com/p/chromium/wiki/LinuxCertManagement My earlier question around how firefox is finding the root certs: looks like its via libnsssysinit.so (in /etc/pki/nssdb/pkcs11.txt on my local rhel6 machine). And the certutil root cert list I'd found and wondered about in the last mail looks like its a merged database, old (dbm) format. Also found nss-gui (RHEL/Fedora), which is a simple c++ xulrunner application front-end (standalone), that provides the same UI for managing NSS databases as firefox itself (its XUL, so literally its the same code AIUI) - e.g. nss-gui --dbdir sql:/etc/pki/nssdb and hey-presto its listing all the root certs even though certutil reports that as an empty DB. A twisty maze. :) Would also seem a good idea to fork/exec nss-gui rather than adding any certificate management code at all into pmchart. At this stage I am thinking we should switch to those two system paths and remove any pcp-specific ones, and also enforce the sql: prefix on the NSS_Init calls (since we don't have any back-compat issues to worry about at this stage, we can insist on the current NSS database format, which is merge-able). Bleurgh. Apologies for the brain dump. cheers. -- Nathan From noreply@webmaster.no Tue Feb 12 01:28:18 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=T_FRT_CLICK autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id 81C837F86 for ; Tue, 12 Feb 2013 01:28:18 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay3.corp.sgi.com (Postfix) with ESMTP id 264BAAC004 for ; Mon, 11 Feb 2013 23:28:14 -0800 (PST) X-ASG-Debug-ID: 1360654090-04bdf0231b5885c0001-S8gJnT Received: from poczta.oeiizk.waw.pl (poczta.oeiizk.waw.pl [212.244.131.16]) by cuda.sgi.com with ESMTP id pWQVHhwooc7IMsfL for ; Mon, 11 Feb 2013 23:28:10 -0800 (PST) X-Barracuda-Envelope-From: noreply@webmaster.no X-Barracuda-Apparent-Source-IP: 212.244.131.16 Received: from localhost (localhost [127.0.0.1]) by poczta.oeiizk.waw.pl (Postfix) with ESMTP id 2DB1545887D4; Tue, 12 Feb 2013 08:19:46 +0100 (CET) X-Virus-Scanned: amavisd-new at oeiizk.waw.pl Received: from poczta.oeiizk.waw.pl ([127.0.0.1]) by localhost (poczta.oeiizk.waw.pl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 16lZk8OQ-Aid; Tue, 12 Feb 2013 08:19:44 +0100 (CET) Received: by poczta.oeiizk.waw.pl (Postfix, from userid 30) id 3D02D45887C7; Tue, 12 Feb 2013 06:18:45 +0100 (CET) Received: from 95.141.29.55 (SquirrelMail authenticated user ewa.rogalska.monserrat@wcies.edu.pl) by poczta.wcies.edu.pl with HTTP; Tue, 12 Feb 2013 08:19:42 +0100 Message-ID: <8b6a9da71665a4ee58e259eadcb72342.squirrel@poczta.wcies.edu.pl> Date: Tue, 12 Feb 2013 08:19:42 +0100 Subject: Sikkerhetsadvarsel (kf03#7^2)!!! From: "System Administrator" X-ASG-Orig-Subj: Sikkerhetsadvarsel (kf03#7^2)!!! Reply-To: noreply@webmaster.no User-Agent: SquirrelMail/1.5.2 [SVN] MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-2 Content-Transfer-Encoding: 8bit X-Barracuda-Connect: poczta.oeiizk.waw.pl[212.244.131.16] X-Barracuda-Start-Time: 1360654090 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 1.67 X-Barracuda-Spam-Status: No, SCORE=1.67 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=MISSING_HEADERS, PLING_PLING, TO_CC_NONE X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.122434 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 1.21 MISSING_HEADERS Missing To: header 0.46 PLING_PLING Subject has lots of exclamation marks 0.00 TO_CC_NONE No To: or Cc: header To: undisclosed-recipients:; Kjære konto Eier, Vi holder på å oppdatere vår sentrale database, e-post for første kvartal 2013, innser at webpostkontoen ble kompromittert av spammers.They hadde tilgang til din webmail konto og har brukt Internett til ulovlige aktiviteter. sette sikkerhet revisjon for å gjenopprette og vedlikeholde din e-postkonto aktiv. Bare klikk på linken under og fyll ut nødvendig informasjon for å opprettholde aktiv e-post. https://docs.google.com/forms/d/1CXAVzLaKWSHd7pQZZdM6jvkE6O-UFwyHnXu7dRaFMew/viewform Advarsel! I fiasko for å bekrefte kontoen innen 48 timer på å motta dette varsling, vil kontoen automatisk bli deaktivert. Takk for at du bruker webmail-konto. Advarsel Code: QATO8B52AXV Vennlig hilsen, Webmail-kontoen Service Team Management. Takk for ditt samarbeid. Copyright @ 2013 WEBMAIL OFFICE Alle rettigheter reservert. From noreply@webmaster.no Tue Feb 12 01:30:59 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=T_FRT_CLICK autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id ECA177F86 for ; Tue, 12 Feb 2013 01:30:59 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay1.corp.sgi.com (Postfix) with ESMTP id CE96A8F8035 for ; Mon, 11 Feb 2013 23:30:56 -0800 (PST) X-ASG-Debug-ID: 1360654255-04bdf0231d588750001-S8gJnT Received: from poczta.oeiizk.waw.pl (poczta.oeiizk.waw.pl [212.244.131.16]) by cuda.sgi.com with ESMTP id Q7dnEUjRajBDTyvP for ; Mon, 11 Feb 2013 23:30:55 -0800 (PST) X-Barracuda-Envelope-From: noreply@webmaster.no X-Barracuda-Apparent-Source-IP: 212.244.131.16 Received: from localhost (localhost [127.0.0.1]) by poczta.oeiizk.waw.pl (Postfix) with ESMTP id 43C834588867; Tue, 12 Feb 2013 08:20:58 +0100 (CET) X-Virus-Scanned: amavisd-new at oeiizk.waw.pl Received: from poczta.oeiizk.waw.pl ([127.0.0.1]) by localhost (poczta.oeiizk.waw.pl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0XRT0WA5enAE; Tue, 12 Feb 2013 08:20:56 +0100 (CET) Received: by poczta.oeiizk.waw.pl (Postfix, from userid 30) id 686B74588856; Tue, 12 Feb 2013 06:19:56 +0100 (CET) Received: from 95.141.29.55 (SquirrelMail authenticated user ewa.rogalska.monserrat@wcies.edu.pl) by poczta.wcies.edu.pl with HTTP; Tue, 12 Feb 2013 08:20:53 +0100 Message-ID: <4c35de990e94c96d4354f82e72efe8d8.squirrel@poczta.wcies.edu.pl> Date: Tue, 12 Feb 2013 08:20:53 +0100 Subject: Sikkerhetsadvarsel (kf03#7^2)!!! From: "System Administrator" X-ASG-Orig-Subj: Sikkerhetsadvarsel (kf03#7^2)!!! Reply-To: noreply@webmaster.no User-Agent: SquirrelMail/1.5.2 [SVN] MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-2 Content-Transfer-Encoding: 8bit Return-Receipt-To: "System Administrator" X-Barracuda-Connect: poczta.oeiizk.waw.pl[212.244.131.16] X-Barracuda-Start-Time: 1360654255 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 1.67 X-Barracuda-Spam-Status: No, SCORE=1.67 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=MISSING_HEADERS, PLING_PLING, TO_CC_NONE X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.122434 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 1.21 MISSING_HEADERS Missing To: header 0.46 PLING_PLING Subject has lots of exclamation marks 0.00 TO_CC_NONE No To: or Cc: header To: undisclosed-recipients:; Kjære konto Eier, Vi holder på å oppdatere vår sentrale database, e-post for første kvartal 2013, innser at webpostkontoen ble kompromittert av spammers.They hadde tilgang til din webmail konto og har brukt Internett til ulovlige aktiviteter. sette sikkerhet revisjon for å gjenopprette og vedlikeholde din e-postkonto aktiv. Bare klikk på linken under og fyll ut nødvendig informasjon for å opprettholde aktiv e-post. https://docs.google.com/forms/d/1CXAVzLaKWSHd7pQZZdM6jvkE6O-UFwyHnXu7dRaFMew/viewform Advarsel! I fiasko for å bekrefte kontoen innen 48 timer på å motta dette varsling, vil kontoen automatisk bli deaktivert. Takk for at du bruker webmail-konto. Advarsel Code: QATO8B52AXV Vennlig hilsen, Webmail-kontoen Service Team Management. Takk for ditt samarbeid. Copyright @ 2013 WEBMAIL OFFICE Alle rettigheter reservert. From nscott@redhat.com Tue Feb 12 04:40:08 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id 3864D7F86 for ; Tue, 12 Feb 2013 04:40:08 -0600 (CST) Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15]) by relay2.corp.sgi.com (Postfix) with ESMTP id 2942E304039 for ; Tue, 12 Feb 2013 02:40:05 -0800 (PST) X-ASG-Debug-ID: 1360665600-04cb6c5361199bb0001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id KIgQ3eFaHbA2N24E for ; Tue, 12 Feb 2013 02:40:00 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1CAe0Zw006072 for ; Tue, 12 Feb 2013 05:40:00 -0500 Date: Tue, 12 Feb 2013 05:40:00 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: pcp@oss.sgi.com Message-ID: <380657571.1099442.1360665600335.JavaMail.root@redhat.com> Subject: pcp updates: pmproxy and ssl updates (WIP) MIME-Version: 1.0 X-ASG-Orig-Subj: pcp updates: pmproxy and ssl updates (WIP) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.6] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1360665600 X-Barracuda-URL: http://192.48.176.15:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.122446 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/nathans/pcp.git dev man/man1/pmproxy.1 | 26 qa/713 | 151 +++++ qa/713.out | 22 src/include/pcp/impl.h | 19 src/libpcp/src/GNUmakefile | 32 - src/libpcp/src/auxconnect.c | 1193 ++----------------------------------------- src/libpcp/src/check-statics | 9 src/libpcp/src/internal.h | 43 + src/libpcp/src/nss_connect.c | 1142 +++++++++++++++++++++++++++++++++++++++-- src/libpcp/src/nss_server.c | 390 +++++++++++++- src/libpcp/src/oldpmapi.h | 44 - src/libpcp/src/p_error.c | 19 src/pmcd/src/GNUmakefile | 12 src/pmcd/src/dopdus.c | 3 src/pmcd/src/pmcd.c | 9 src/pmcd/src/secure.c | 343 ------------ src/pmcd/src/secure.h | 34 - src/pmdas/pmcd/help | 10 src/pmdas/pmcd/root_pmcd | 7 src/pmdas/pmcd/src/pmcd.c | 20 src/pmproxy/pmproxy.c | 204 ++++--- src/pmproxy/pmproxy.h | 5 22 files changed, 2046 insertions(+), 1691 deletions(-) commit 50f065bb17f1774346a854ca04e77f52bcee28c8 Author: Nathan Scott Date: Tue Feb 12 21:37:46 2013 +1100 Switch from PCP-specific NSS databases Came across numerous pointers in various online documentation (and bug systems, mail chatter, etc) that the way we should approach the application-shared NSS DB is present in NSS already, and involves using /etc/pki/nssdb and $HOME/.pki/nssdb. This commit switches us over from the early PCP-specific NSS database locations to now use these NSS-upstream-prefered variants. We also by default enforce the use of sqlite form databases (also, for application sharing). commit 9b198a22e7fde69d3223d884cdff1443540fbd91 Author: Nathan Scott Date: Tue Feb 12 13:20:52 2013 +1100 Make non-secure-sockets builds pass once more commit 0ecacb9764327f4f63948201f610e5cfe3aa5709 Author: Nathan Scott Date: Tue Feb 12 11:22:47 2013 +1100 Add pmcd.feature metrics to query state of several new pmcd options Makes debugging a setup alot easier, particularly for SSL connections. commit 9136c6697e2dda3161004c6af6f6d3b323bc91fe Author: Nathan Scott Date: Tue Feb 12 11:04:09 2013 +1100 Support TLS/SSL client connections via pmproxy as well Refactor previously-pmcd-specific secure connection code in such a way that it can be shared with the pmproxy daemon when needed. This primarily involved moving this into libpcp. As the earlier model of adding everything-NSS to auxconnect.c started to wear thin, have split these files into auxconnect (native networking) nss_connect (nss networking) and nss_server (secure NSS serving) files. This required moving some internal networking structures into libpcp/src/internal.h for sharing. The pmproxy changes involve decoding the initial credentials PDU that a client sends to pmcd, to determine if a secure connection is being requested. If so, pmproxy establishes an SSL socket to both the client and pmcd, and all communication continues as per normal with pmproxy in the middle. No PDUs are permitted before seeing that first client credentials PDU. From nscott@redhat.com Thu Feb 14 03:49:41 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id 38AC57FFA for ; Thu, 14 Feb 2013 03:49:41 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay2.corp.sgi.com (Postfix) with ESMTP id 0329830404E for ; Thu, 14 Feb 2013 01:49:37 -0800 (PST) X-ASG-Debug-ID: 1360835373-04bdf0104b13ea0001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id XHpQmJzqkVAyrdtR for ; Thu, 14 Feb 2013 01:49:33 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1E9nWfP027187 for ; Thu, 14 Feb 2013 04:49:32 -0500 Date: Thu, 14 Feb 2013 04:49:32 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: PCP Message-ID: <1807110030.2641107.1360835372292.JavaMail.root@redhat.com> Subject: pcp updates: ssl updates (WIP), deb packaging MIME-Version: 1.0 X-ASG-Orig-Subj: pcp updates: ssl updates (WIP), deb packaging Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.6] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1360835373 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Barracuda-BRTS-Status: 1 X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.122632 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/nathans/pcp.git dev debian/control | 8 - debian/rules | 45 +++---- man/man1/pcpintro.1 | 38 +++--- man/man1/pmcd.1 | 16 +- man/man1/pmproxy.1 | 17 ++ src/libpcp/src/GNUmakefile | 3 src/libpcp/src/internal.h | 2 src/libpcp/src/nss_connect.c | 270 ++++++++++++++++++++++++++++++++++--------- src/libpcp/src/nss_server.c | 49 +++++-- 9 files changed, 326 insertions(+), 122 deletions(-) commit 68eaf47ff41a6618ec0faa240985a678605b816f Author: Nathan Scott Date: Thu Feb 14 16:20:17 2013 +1100 Finally lintian clean variants of deb pyton-pcp package commit 41fd7f0511d8e3d7f03ca6d8c619d083365191d3 Author: Nathan Scott Date: Thu Feb 14 13:53:16 2013 +1100 Further work toward a valid python deb package build commit 6a869198e473776f784635e00021990330a925c9 Author: Nathan Scott Date: Thu Feb 14 12:23:34 2013 +1100 Further ease-of-use changes for supporting SSL connections. If the per-user shared NSS database does not exist (e.g. via firefox, pidgin, chrome, or some other application) we now create it on the fly as a new-form sqlite3 NSS DB, including creating the path to it (with appropriate directory modes) as needed. Additionally, support code for the addition of certificates to user databases by the monitor tools is here as well. This can require interaction with the user, which at this stage is done for console tools only. Longer term, will need a callback driven model so that pmchart can play in this sandpit too. However its certain that the authentication changes will require similar treatment, so planning to tackle those together to reduce API churn. commit bdd462fdab1f78f363dabcdc8edc74c1d69e469c Author: Nathan Scott Date: Thu Feb 14 11:29:21 2013 +1100 Add missing internal.h build dependencies for libpcp sources commit 35311097e47995ab56b7ad60daabc8c53c240e92 Author: Nathan Scott Date: Wed Feb 13 11:16:25 2013 +1100 Update man pages to reference the new NSS database locations commit 9530cee3c106ef44b8c31639873b0df13d8fc0d8 Author: Nathan Scott Date: Wed Feb 13 10:32:14 2013 +1100 Open the user (client) database r/w so we can add certificates later Switch to NSS_InitReadWrite API and fix database path typo. From nscott@redhat.com Thu Feb 14 20:39:02 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id 09EDF806C for ; Thu, 14 Feb 2013 20:39:02 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay1.corp.sgi.com (Postfix) with ESMTP id DB3B18F8049 for ; Thu, 14 Feb 2013 18:38:58 -0800 (PST) X-ASG-Debug-ID: 1360895936-04bdf0104b4d650001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id JBaKswD1AD50lVNM for ; Thu, 14 Feb 2013 18:38:56 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1F2cuBL016024 for ; Thu, 14 Feb 2013 21:38:56 -0500 Date: Thu, 14 Feb 2013 21:38:56 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: pcp@oss.sgi.com Message-ID: <950619311.3096738.1360895936186.JavaMail.root@redhat.com> Subject: pcp updates: ssl relaxed mode, fingerprints MIME-Version: 1.0 X-ASG-Orig-Subj: pcp updates: ssl relaxed mode, fingerprints Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.14] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1360895936 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Barracuda-BRTS-Status: 1 X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.122699 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/nathans/pcp.git dev build/rpm/pcp.spec.head.in | 4 +- qa/712 | 2 + qa/713 | 2 + src/include/pcp/pmapi.h | 1 src/libpcp/src/connect.c | 6 +-- src/libpcp/src/context.c | 14 +++++++- src/libpcp/src/nss_connect.c | 71 +++++++++++++++++++++++++++++-------------- 7 files changed, 70 insertions(+), 30 deletions(-) commit abc13d2d36e90afa93bfb7139a25785c25ac0457 Author: Nathan Scott Date: Fri Feb 15 13:32:26 2013 +1100 Add support for "relaxed" mode secure connections As discussed recently on-list, some users would like the option of having the monitor tools prefer to connect to collectors securely, iff the collector supports secure connections. This is now possible using the PCP_SECURE_SOCKETS=relaxed variable in ones environment (or programmatically via the context flag of same name). The previous semantics are still available using the PCP_SECURE_SOCKETS=enforce option (or setting PCP_SECURE_SOCKETS to one, or simply setting it - all give the hard-fail guarantee). commit 5407b15372ae127732343c0ee773895ace365345 Author: Nathan Scott Date: Fri Feb 15 13:28:48 2013 +1100 Certificate fingerprint reporting when querying untrusted certificates commit d7a42e95125559ba9856a9ea9c1f37f37809420f Author: Corneliu Boac Date: Fri Feb 15 13:28:20 2013 +1100 Update Vendor field of in-tree spec to match SGIs prefered name for SGI commit d43bcfa80c0d291ee5627825ae9d385f672a2a12 Author: Nathan Scott Date: Fri Feb 15 13:27:03 2013 +1100 Notrun the secure tests, until the database move changes reflected there From vantech@topway.cn Fri Feb 15 22:14:01 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: * X-Spam-Status: No, score=1.6 required=5.0 tests=HTML_MESSAGE,MIME_BASE64_TEXT, MSGID_FROM_MTA_HEADER,RCVD_DOUBLE_IP_LOOSE autolearn=no version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id 8153D8049 for ; Fri, 15 Feb 2013 22:14:01 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay1.corp.sgi.com (Postfix) with ESMTP id 654528F8033 for ; Fri, 15 Feb 2013 20:13:58 -0800 (PST) X-ASG-Debug-ID: 1360988017-04cbb06b6810c3f0001-S8gJnT Received: from mail02.topway.cn (mail.szthm.com [211.148.192.242]) by cuda.sgi.com with SMTP id DM16Ay6BKmW71kG5 for ; Fri, 15 Feb 2013 20:13:37 -0800 (PST) X-Barracuda-Envelope-From: vantech@topway.cn X-Barracuda-Apparent-Source-IP: 211.148.192.242 X-EYOU-SPAMVALUE:0 X-EYOU-DEALDRC: X-EMDG-VER:2011-01-28 Received: (eyou anti_spam gateway 3.0); Sat, 16 Feb 2013 12:13:31 +0800 Message-ID: <560988011.08902@mail02.topway.cn> X-EYOUMAIL-SMTPAUTH: vantech@topway.cn Received: from 113.118.44.155 by 211.148.192.242 with SMTP; Sat, 16 Feb 2013 12:13:30 +0800 Date: Sat, 16 Feb 2013 12:13:11 +0800 From: "Dennis Yang" To: pcp Reply-To: vantech Subject: nickel plated foil for EMI/RFI shielding Disposition-Notification-To: "Dennis Yang" X-ASG-Orig-Subj: nickel plated foil for EMI/RFI shielding X-Priority: 3 X-Has-Attach: no X-Mailer: Foxmail 7.0.1.92[cn] Mime-Version: 1.0 Message-ID: <201302161134465966250@topway.cn> Content-Type: multipart/related; boundary="----=_001_NextPart038665441666_=----" X-Barracuda-Connect: mail.szthm.com[211.148.192.242] X-Barracuda-Start-Time: 1360988017 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.72 X-Barracuda-Spam-Status: No, SCORE=0.72 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_SA038b, HTML_MESSAGE, MIME_BASE64_TEXT, MSGID_FROM_MTA_HEADER, RCVD_DOUBLE_IP_LOOSE X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.122799 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.00 HTML_MESSAGE BODY: HTML included in message 0.52 MIME_BASE64_TEXT RAW: Message text disguised using base64 encoding 0.00 MSGID_FROM_MTA_HEADER Message-Id was added by a relay 0.20 BSF_SC0_SA038b Custom Rule SA038b 0.00 RCVD_DOUBLE_IP_LOOSE Received: by and from look like IP addresses This is a multi-part message in MIME format. ------=_001_NextPart038665441666_=---- Content-Type: multipart/alternative; boundary="----=_002_NextPart028085563257_=----" ------=_002_NextPart028085563257_=---- Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: base64 DQoNCg0KICAgICAgICAgICAgRGVhciBQdXJjaGFzaW5nIE1hbmFnZXIsDQoNCkhvdyBhcmUgeW91 Pw0KDQpJIGFtIERlbm5pcyBZYW5nIGZyb20gU2hlbnpoZW4gVmFubGVhZCBUZWNobm9sb2d5IENv LiBMdGQuIGluIENoaW5hLCAgd2hvIGlzIGEgbGVhZGluZyBhbmQgcHJvZmVzc2lvbmFsIG1hbnVm YWN0dXJlciAgb2YgIGVsZWN0cm9seXRpYyBDT1BQRVIgRk9JTCAoIEVEIGNvcHBlciBmb2lsICkg aW4gQ2hpbmEuDQoNCk91ciBwcm9kdWN0cyBhcmUgbWFpbmx5ICBmb3IgUFBUQyBhbmQgIEVNSS9S RkkgIHNoaWVsZGluZywgLGV0Yy4gDQoNClRoZSBkZXRhaWxlZCBzcGVjaWZpY2F0aW9ucyBhcmUg YXMgZm9sbG93aW5nczoNCjEuIE1heC4gd2lkdGggaXMgMTM3MCBtbQ0KMi4gVGhpY2tuZXNzIGlz IGZyb20gOSB1bSB0byA0MDAgdW0NCjMuIG9uZSBzaWRlIG1hdHRlLCBkb3VibGUgc2lkZSBtYXR0 ZSwgZG91YmxlIHNpZGUgcm91Z2huZXNzIGNvcHBlciAgZm9pbA0KDQpPdXIgcHJvZHVjdHMgYXJl IGNoYXJhY3Rlcml6ZWQgYnkgZ29vZCBxdWFsaXR5ICBhbmQgY29tcGV0aXRpdmUgcHJpY2UuDQoN ClBscy4gcmVmZXIgdG8gb3VyIHdlYnNpdGU6ICB3d3cudmFubGVhZHRlY2guY29tICB0byBmaW5k IG91ciBkZXRhaWxzLCAgYW5kIG91ciBwbGFudCAgaXMgIElTTzkwMDEgY2VydGlmaWVkLg0KDQpX ZSBoYXZlIGJlZW4gcHJvZHVjaW5nIG5pY2tlbCBmb2lsIGFuZCAgSEktIFJPVUdIRU5FRCwgRE9V QkxFIFNJREUgTklDS0VMIFBMQVRFRCBDT1BQRVIgRk9JTCBmb3IgIFBQVEMgb3IgRU1JL1JGSSBT SElFTERJTkcgLCAgd2hpY2ggZW5kdXJlIGhpZ2ggdGVtcGVyYXR1cmUgd2l0aCAgc291bmQgZWxl Y3Ryb25pYyBwZXJmb3JtYW5jZXMsIHdob3NlIHJvdWdoIHNpZGUgaXMgZWFzaWx5IGxhbWluYXRl ZCB3aXRoIHBvbHltZXIgbWF0ZXJpYWxzIGFuZCBoYXMgc3Ryb25nZXIgYW50aS1wZWVsIHN0cmVu Z3RoLg0KDQoNCiAgICAgICAgICAgICAgICAgICAgICAgICANCg0KICAgIGNvcHBlciBmb2lsICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgbmlja2Vs IHBsYXRlZCBjb3BwZXIgZm9pbA0KDQoNCldlIGhhdmUgYmVlbiBzdXBwbHlpbmcgb3VyIGhpZ2gg cXVhbGl0eSBlbGVjdHJvbHl0aWMgY29wcGVyIGZvaWwgdG8gQ2FuYWRhLCBHZXJtYW55LCBLb3Jl YSwgZXRjLiBmb3IgbWFueSB5ZWFycywgIHRoZSBmZWVkYmFja3Mgb2Ygb3VyIGN1c3RvbWVycyBh cmUgcXVpdGUgcG9zaXRpdmUuIA0KDQpXZSBjYW4gcHJvY2VzcyBhcyBwZXIgdGhlIGN1c3RvbWVy cycgcmVxdWlyZW1lbnQsICB3b3VsZCB5b3UgcGxzLiBpbmZvcm0gdXMgb2YgdGhlIGRldGFpbGVk IHZhcmlldHkgYW5kIHNwZWNpZmljYXRpb25zIHlvdSByZXF1ZXN0KCB3aWR0aCwgdGhpY2tuZXNz LCBkZW1hbmQgcXVhbnRpdGllcykgZm9yIG91ciBmdXJ0aGVyIGJ1c2luZXNzPw0KDQpXZSBsaWtl IHRvIGVzdGFibGlzaCBvdXIgYnVzaW5lc3MgcmVsYXRpb24gd2l0aCB5b3UgLCAgYW5kIGFyZSBs b29raW5nIGZvcndhcmQgdG8geW91ciBlYXJseSByZXBseSBmb3Igb3VyIHF1b3RhdGlvbnMsIHNh bXBsZXMgYW5kIGZ1cnRoZXIgYnVzaW5lc3MuDQoNCkJlc3QgcmVnYXJkcywgDQoNCkRlbm5pcyBZ YW5nDQpEaXJlY3RvciBvZiBCdXNpbmVzcyANCiANClNoZW56aGVuIFZhbmxlYWQgVGVjaG5vbG9n eSBDby4sIEx0ZC4NCkFkZHJlc3M6IEIgQmxvY2ssIEJ1IFhpbiBCbGRnLiwgRG9uZ3hpYW8gUm9h ZCwgU2hlbnpoZW4gQ2l0eSwgR3Vhbmdkb25nIFByb3ZpbmNlLCBDaGluYQ0KRW1haWw6IGR5YW5n QHZhbmxlYWR0ZWNoLmNvbQ0KV2Vic2l0ZTogd3d3LnZhbmxlYWR0ZWNoLmNvbSANClRlbDogMDA4 Ni03NTUtIDg5OTgyMDUzDQpGYXg6IDAwODYtNzU1LTI1NTE3NTIyIA0KIA0KICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICANCiAgICAgIA== ------=_002_NextPart028085563257_=---- Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
 
 
 
 =20           Dear Purchasin= g=20 Manager,

 

How are you?

 

I am Dennis Yang from Shenzhen Vanlead Technology = Co. Ltd.=20 in China,  who is a leading and professional manufacturer  of&nb= sp;=20 electrolytic COPPER FOIL ( ED copper foil ) in China.

 

Our products are mainly  for PPTC and  EMI/RFI  sh= ielding,=20 ,etc.

 

The detailed specifications are as followings:

1. Max. width is 1370 mm

2. Thickness is from 9 um to 400 um

3. one side matte, double side matte, double side roughness = copper=20  foil

 

Our products are characterized by good quality  and com= petitive=20 price.

 

Pls. refer to our website:  www.vanleadtech.com  to find our=20 details,  and our plant  is  ISO9001=20 certified.

 

We have been producing nickel foil and  HI- ROUGHENED, = DOUBLE=20 SIDE NICKEL PLATED COPPER FOIL for  PPTC or EMI/RFI=20 SHIELDING ,  which endure high temperature with  sound= =20 electronic performances, whose rough side is easily laminated with polymer= =20 materials and has stronger anti-peel strength.

 

 

<= FONT=20 color=3D#0000ff>        =             &n= bsp;   =20

 

    copper foil&n= bsp;       &nbs= p;            =             &n= bsp;           &nbs= p;      =20  nickel plated copper foil

 

 

We have been supplying our high quality electroly= tic copper=20 foil to Canada, Germany,=20 Korea, etc. for many years,&n= bsp; the=20 feedbacks of our customers are quite positive.
 
We can process as per the customers' requirement,  would you= pls.=20 inform us of the detailed variety and specifications you request( width,=20 thickness, demand quantities) for our further business?
 
We like to establish our business relation with you ,  and a= re=20 looking forward to your early reply for our quotations, samples and furthe= r=20 business.
 
Best regards,=20

 

Dennis Yang

Director of Business

 

Shenzhen Vanlead Technology Co.,=20 Ltd.

Address: B Block, Bu Xin Bldg., <= st1:Street=20 w:st=3D"on">Dongxiao Road, Shenzhen=20 City, Guangdong=20 Province, China

Email: dyang@vanleadtech.com

Website: www.vanleadtech.com=20

Tel: 0086-755- 89982053

Fax:=20 0086-755-25517522 

<= FONT=20 color=3D#0000ff> 

<= FONT=20 color=3D#0000ff>        &nbs= p;                 &nbs= p;            =         <= /SPAN>

<= FONT=20 color=3D#0000ff>      <= /FONT>

=
------=_002_NextPart028085563257_=------ ------=_001_NextPart038665441666_=---- Content-Type: image/jpeg; name="clip_image002(12(02-16-11-34-13).jpg" Content-Transfer-Encoding: base64 Content-ID: <_Foxmail.0@F47B3F07-E2AD-408F-A774-30F20A5F3337> /9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0VFhEYIx8lJCIf IiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCIoOzs7Ozs7 Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCACrAOEDASIA AhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQA AAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3 ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWm p6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEA AwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSEx BhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElK U1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3 uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwDhtKP/ ABOLUf7deiMvzHJxXm+lH/ibW5zjDd69BZsnPmqc+hp1dxw2Jwq92o+TvUA/3h+dKACfvj86xLsT Dy6NyD8KiKqP+Wg/OgKOzA0gsT+Yg5oYoV64NQhcc0FQRjNFwsSfLjlsmkBQdTUWwAd6UKvfNF0F iTMdLvQVHtXsKNoougsSCRacJExUW0UoA9KLodmSiRKTzVB6UzA9KUfSi6CzJPOXPSlEo9Ki2+gp QDnmi6CzJPOXPSk84HtTCDRg+lF0HKx4mHpS+aPSowD6UuD7UXQcrJBMPSl84elRAH0p200XQcrH +cB2pROo7Uwg0mCe1F0PlZIJ19KUzD0qPaaXafSi6DlYvnUUbPaii6Hys8vs7K5umLxoxCnhhWku n3i8kSfma7fTZ/D+lWEdlGDKYvvOf4quJrGhHlojWVSvdmsadjg0srvriT8zUy2V1/zzk/M13i6x oA/5Y1MmuaAOsVZ+0bNOVLocEljdH/lnJ+tW4bG94xFJXcpr+gDkR4/CrCeJNBXon6Uudk6djkYr S+xhoH/KrC2N1/zxf8q69PFeiDt+lSDxZovt+VO/mTd9jkl065I/1LflT10m5P8Ayyb8q6weLNG9 R+VOHi3SOzD8qL+Yry7HKjRLo8+U35U7+wrsj/VN+VdV/wAJfpX94/lR/wAJfpX98/lT07i5pdjl hoV2P+WTflS/2Fd/88m/KuoPi/S/75/Kj/hL9M9T+VPTuPml2OZ/sK6/55N+VKNDuf8Ank35V0h8 X6b6n8qT/hLtO9T+VS2u4c0uxzZ0S5B/1bflR/Y1x/zzb8q6M+LdO9/ypp8Wad/kUXHeXY58aPP/ AM82/Kj+yJv+ebVvHxXp9MPiqw/u0rju+xif2TMP+WZo/suX/nmfyra/4SixPRaafE1kf4aOYepj /wBmS/3DS/2bL/cNah8TWX92k/4SSzPRaOYepmf2dKP4DR/Z8n9w1pHxHaelN/4SO0/u0XYalD7B J/cNL/Z8n9w1dPiS0H8NJ/wklr/dpcwtSn9gl/55mirv/CSW3pRRzD1OIHhi7XgRsamTwxeFR+7a ug/tuTP+qqwmuSBB+5P5UWHc5oeF7z/nm1SL4WvP7hrpBrsn/PI/lUq69J/zwppMXMzmh4UvCP8A Vmnr4UvP+eZrphr0v/PGpF16X/nhRyiuzmR4TvD/AMszTx4Svf7hrp116X/nhUo16b/nhRyA5SOW HhG9/uGnjwhe/wBw11I12b/n3P5U9dcmP/Lufyo5CeaRyg8H3x/gpw8H3vTbXWDWpj/y7mnjV5j/ AMu5p8gueRyX/CH3o/hNKPB95/drrhqs5/5djThqU5/5dzRyIXPI5D/hELzH3aP+ERux/Ca7H7fc HpbmlF5dH/l3NPkD2kjjf+ERu/7tKPCV0P4a7L7VdH/lhS+fdH/lhR7MPaSOM/4RO5/u0f8ACKXP 9012nm3R/wCWIo33Z/5ZCj2Ye0Zxn/CKXP8AdNH/AAitx6GuzBuj1iFLtuv+eYo9kP2jOL/4RW49 KUeFp/Suz2XX91aBHcnqBT9kw9ocZ/wi03pTv+EWm9K7Lybj0FHkXHtR7Jh7RHG/8IrMe1KPCstd j5E/qKPs8/qKPZMPanHf8ItL6UV2P2ef1FFHsmHtTyf+2T02ipBrhx0Arm/NBPBpQxP8VM20Ok/t 4+1L/wAJA2O1cyWb1pC7+tK4rHVDxER6U8eJPpXI737mje3rRcLHZL4mPtTx4oYf3a4sNJ60uZPW lzIOQ7YeLHHdacPFzjutcRmSlw/rT5g5DuV8YOO61IPGTjutcF+89aUeZ60+cOQ78eNZP9mnDxs/ tXn4831pw8z3o5w9megjxu49DTh45f8AuivPR5nvR+89TRzh7JHog8cv6ClHjph2FedfvPel/e+9 HtBeyR6MPHR/uinf8Jyf7orzfMvvS/vfU0/ai9kj0ceOf9kU4eOR/dFeb4l96Ueb70/ah7FHpH/C cj+6KP8AhOB/dFecfvfU0o833o9qHsUej/8ACcL/AHBR/wAJwv8AcFecfvfel/e+9HtQ9ij0f/hO F/uij/hOF/uivOR5nvS/vPel7UPYo9E/4Tcf3RRXnmJPU0Ue1D2KOYWdj0NTxzPyM1k28x27GPSr cc3TB5705wszSDUjSR3ParMccjH7tRWUbSkEcitqKMIPu1yTnY640lYqxWbsOVqymmk9hVlZCP4a eJn7CsXNleyRAukA08aOvrU4nkHanC4k9KnmY/ZIhGjL6ilGjL61OLiT0pwuH9KOZh7JEH9jL6il /sZfUVOLh/SnfaH9KOdh7IrjRl9ad/Yw9RU4uJPSl+0yelLnY/ZEA0YZ6il/sYeoqf7Q/pSi4ajn YeyK/wDY49RS/wBjjHUVY+0P6UG4k9KOdi9iit/Y49RS/wBke9WBcSelL9pf0o52P2SK39ke9KNI 96sfaJKUTyUc7D2SK/8AZHuKP7J9xVjz5KPPkp87D2KIP7J9xS/2SfUVN58lHnv60c7F7FEH9kn1 FH9le4qfz5KPOko5h+xRD/ZXuKKm86SijmD2SPHqesjA9aZSjHOfSvekkzxIya2Ou8H+beJP5gHl x8DjvXSC0TON1VfB2n/Z9AR2GGnO41uLb88ivOqKPMelCUlHVmf9kT+9ThaJ/erQ+z+1KLf2rLlR fO+5RFon96l+yJ/eq+Lf2p32fnpRyormZQFon96j7Kv96tAW/tS/Z/alyrsHOygLVf71L9lX+9V4 Qe1L5HtRyofOyiLZf71H2Vf7xq+IPaj7PS5YhzspC1X+9S/Zl/vVdFvS+RRyxDnZR+zr/eo+zKf4 qveR9KBB7CjkXYOdlH7MP71H2Zf71X/I9hQIPajkQc7KH2Zf71KLZf71XvI9qUQewo5EHOyl9mX+ 9QbZf71XfI9hS+R9KOSPYOdlD7Mv96lNsv8Aeq95H0oMHtRyR7BzspfZl/vUfZl/vVeEHsKPI9hR yrsHOyj9lX+9RV7yPYUUcqDnZ4UBU1rbtc3MUCDJkcColBJrpvAunfbNb88jKW4z+NevN2R5UFdn odtbrbWcVugwEUCpQopTyc0uK816naJgU7FJSiixQoFLiloqR3ACl4oxQKAuLxRx6UUDrQFxRil4 oopDuGBRgUUUBcXAooooC4uBRgUlFAXDFKBSUooC4uKKKSgBaKSlxQAUUUUAFFLRQB4KBxmvTfBG nfYtEE7LtkuDk/SvPdOsmvdQgtlGTI4B+lexQwLbwRwoMKihQK76zsrHHRXUUDmlpwGKTFch0CCn CkApwFAwopcUVAB2pRR2oFMApR1oopALRRRSGFLSUtABRRRQAUUZooAKUUlKKBi0GkzQTQAUtNzS 0DFooFFAC0U3NFAHnfgDTRLfS37r8kQ2p9a733rK8M6cNN0SGFhh2+Z/rWr15rerLmlcxirKwGlA opQKgoAtLtpaUUgExRtp3FHFIY3FGKfxRigBuKMU6lxSAZijFPxRikMZil5p2KMUAN5oxTsUUANx Rg07ijFADQKWlxRigaExRinUUDG4op1FACCilFLQA3FFOopAVsbQMj2AFLgY4pQOaDitWZiYpRSZ paQC0tIKWgBRRSClpAFKKSlpAL3o7UUUFBRRRSEFFFFAwoopaAEopaSgAFLSCloGgooopDCiiigA FLSCloAKKSigCuWpu6mGgVqZEgNLmmClFAx4NLmmUUgJAaM1GKWiwD91LmmUtFhjwaM00dKKkY7P NGaTtSdqAHZopopaQC5pc0zvS0AOzSZpKDQA6imiloAXNGaSkNIY4HNFNHWloGOBozTRS0ALk0Ul FAH/2Q== ------=_001_NextPart038665441666_=---- Content-Type: image/jpeg; name="clip_image004(12(02-16-11-34-13).jpg" Content-Transfer-Encoding: base64 Content-ID: <_Foxmail.1@770A29E1-3D3F-4518-AA5A-D44CE1834FBC> /9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0VFhEYIx8lJCIf IiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCIoOzs7Ozs7 Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCACrAOADASIA AhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQA AAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3 ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWm p6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEA AwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSEx BhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElK U1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3 uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwDyY5+t HXvT2BHUceopu38qoQgZga3PC1vHqOt29nNKsSytyW7j0+tYmOeBWhoXmDXbARAs/wBoXAH6/pmn F2dwaue06tpGm6KY7PS4ykeN7gnPzHvWZtqzcSPLM5ZixJ6moyKlu7uMhK0balIpNtSBFsppWpit JtoAhK4FASpSuTQRxQBCVyaXbipAtIwoAh25PSlK4FSbeKQjmgCML3NKwqTbikxTAj20m32qTFIR QBHikxUmKTFAEeKMU/FJigCPbSbakxQRQBEVrz/xAxbxBe+z4/SvRNvIrzjWTu1y+P8A02NAGafx pD/vU8j170xuO9MQq5BzXUfD6x+0a894y5js4ywP+23A/TNcz29q9K8CWH2Pwyk7DEl65lP+6OB/ WgZ0AGaUinAUYqQGbaNtPxzRjigCPbSbakIpMUAR7aTbUhFJigBmKbjmpSKTFAEZFIFp+M0YoAjI oxT8UYoAjIpCKeRSYoAZikxxT8UmKAGYppFSYpuKAG4pMU/FJigBFGXH1ry/UW3apdtnrO3869TX 76/WvKLlt13O396Vj+tMCuelIemRTj06U04qhEttbvdzw2sYJedxGMe5/wAK9ojgS2ijtoxhIVEa gegGK848AWP2vxALll/d2UZk/wCBHhf616UBUsYuKMUoFKBxSATFIRTyKQigBmM0Ec0/FJjmgBhF JinkUmKAGYpCKkxTSKAGYpMU/FJigBuKbipMU0igBmKQin4pCKAGYpMU8ikxQAwikxTzTaAGUYp2 KMUANB25PopNeQPcAu5Ck5cn9a9dnIS1nf8AuxMf0ryFZFYYEfJyeDimgH980gBpTn60qRtPIkEY JeVgi49ScVQj0b4f2H2Xw6126gPeylgf9heB+ua6gCo7e1SytYbNPu28axj8Bz+tTAVIwApRRilp AJikxzTqKAGminYFIRQA3FJin4xSEUANxTSKfSYoAYRRinGkxQAwikp5pDigBhpCKdikxQA0im4p +KQigBhFJ7U40hFADTSYpxpCKAKuqNs0i+f+7buf0rx5WO0YXJxXrmuSeToF/J/dgPWvKGu5WXCh UGP4RTAfkZrovAth9u8URSspMdkhnb0yOFH51iwWqyDLO34V6J4B0uOy0me9AO+8k2gn+4v/ANfN O4HTjJNOpBTsVICUtLilxQA3FFOxikxQAmKSnY/KjGKAG0UtFADSKTFOpDQA2kxTqTFADcUhFOIp D16UAMIpMU/FIRQAwim4p5FIaAIyOKDzzTiKaKAGkUmKfikxg0AY3ix/L8K6gfVFH5kV5SBn616n 4yP/ABTE64zvkRf1rzu5t4kQKqgMDyR3pgXbcEoqIuXc4A9Sa9cs7RbCxt7JQMQRhD/vd/1rz3wn YC68SWaMuY4Mzv8AReR+telAFjk9T1oAAKUClApcUgACjGaXGBRjAoAaeTRilAzRigBuOKMU7HrS GgBuKDT8U2gBuKTFPI4puKAEpMUuOaKAG4ppp+KTHegBmKQin0mKAGEU3FPxSUAMI4puKfnsaQig BmKQjmndKODxQBgeMBu0RVAzmYH8q4CdWdTsUtz0Fej+JIzJpwXHcmvOtpaViM8HoKTdi4xctj0H wFZbbO61FvvTMIU/3V5P68V1gFZvhyzNl4dsYSPmMe9v95uTWoFzVECAU7FOCnFKENADMUEU8Ic0 GM0gI6MVJ5Z9aPL96AIsUYqXyqPKoAiI4pKm8qjyhQBAaTHFWPLFHligCtj9aTFWvLFHligCrimk e1XDGKTyxQBU2n0pNp9Kt+WKNgoAp7DSbD6VcKDPSk2CgClsbPSkMZq4UFIUFAFMxmmmM1cKU0rQ Bl6jb+dYuD2U15pbruy2O5r1DVJBDbOSePKc/pXmtggaFfesah0UT2XykU7FwFXgAdhT1RaxzqDe Yfm71Kmof7VbnOawjFO8sVnJfj1qZb5cdaALfl0eXUC3iH+KnC7T1pAS7KTZTftaeoo+1R/3qYC7 KNh9KT7XF6ilF3H6igA2Gk8s0v2uP+8KPtkfqKQCeUaPKal+2ReopftsXqKAE8lqPJal+3Reoo+3 xetACeQ1H2dqX7fH60n9oR+ooAX7M1H2Y03+0Y/WkOox+ooGO+zGj7KaYdST1pp1NP71AD/s1Iba ojqS+opjakvPNAEpt8UxoKhbUh61E1+PWkBh+MZ/stuicYkicHNcbpVq01sjrjB9TW/49uPNism9 A4rlLG5dIUUNwO1Z1Fob0mdPZ6obmzhn3ffQZ+verA1Bgetchol6Uje2Y8A7k/qK1Dce+K2Oc3hq ZH8VOGrMD96ue+0+9J9p96AOkGsEfxUf2yR3rmTcGkNyTQB1H9tEd/1o/to5+9XLG4bsaQ3DUAdV /bRzw1H9tZ/irlfPPrQZ265pDOq/tv8A2qP7a/2v1rlPPb1o84469aAOq/to/wB6j+2v9r9a5Uzn 14pPPPXNAHWf21j+L9aQ61/tVygnPrR557GgDq/7Z/2qT+2f9quV+0H1pPtB9etAHVHWe26k/tj/ AGq5X7Q3rR9oOOppgdUdY/2qP7WB/irlftJ9aBckHrSA6r+1h60f2p/tVy32k+tKLo+vNMDqBqWf 4qP7Q/2q5n7UR3604XZ9aALHiu586yt8Ho5H6VzltJgfQ1o6rL51mAT91waxo22SMtTJXRcHZj48 eZkEjjqO1atvcwSJieQxyDjpkNWetuy9xntSmN89B1rTklfYx54tbmrvtAD+/P5Uhe27TVUKg44F NC+wrf2HmY+28i2ZYB0kzTTLF2aq5QY6Dik8tT1FL2HmHtvIsGaPseab56Va0jTrS9eZLgMBGoYE NiszUlW11aS1hH7kAMhJ55FZOFnY1Urx5iz560ecvaqhQn+I/SjYT/Ear2TJ9qi15wzR5w9aqeW3 9+l8tuOaPZSH7SJa80UnmDpVXa/IBpdsnak6ch88Sx5lHmA96rBZB2ow47UvZyDniWC9JvqD58dK TL+hpcjHzonL8daTefXpUBLDsRSbiKORhzInLnvRvPQcVAWNG40uVjuifzDR5h6ZqDcfWl3k0rML k4kPrS+aeueDVfdRv7cUWY7k0j742HqKzZTg7h1B596ub/yqpIMbhiiwXNIfd96cBkUdhRXfuefc fjim4pRwtOxyPpV2FcbxigDjAHSlHP5UtCQXL2jP5d9wM7kIKnvVTxUIhrFvJEgQPAMj3BqzpX/I St/qf5VB4pJa7tieoBH61y1dKiOqlrTKaHKilxRF92nd62T0uYX1sN24owOc0hPFOJ5UetJTTKsJ j2pwWg8ZxQPWr3JDbz70uMdqGJx9aVeetHUa2EoxmnYGaTAwaTbSuCabsN6HrSHke9OI+YfWmk5J HoeKVyuo0DPBAppUZ+6PpT+mKZk4NTJ21Y4q4hUegpML02/jQpJXn1oyc4qE0ynFrQAi/wB3PFJs GPu0/uKQnKn61o4qxCY0xgjjNMaFCefxqbHIpMDpScENTb2P/9k= ------=_001_NextPart038665441666_=------ From nscott@redhat.com Sun Feb 17 20:41:15 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id 7220B7F3F for ; Sun, 17 Feb 2013 20:41:15 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay2.corp.sgi.com (Postfix) with ESMTP id 60B87304039 for ; Sun, 17 Feb 2013 18:41:12 -0800 (PST) X-ASG-Debug-ID: 1361155267-04cbb06b67150ad0001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id AACBfNuW1G2pW6Ig for ; Sun, 17 Feb 2013 18:41:07 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1I2f6LT016594 for ; Sun, 17 Feb 2013 21:41:06 -0500 Date: Sun, 17 Feb 2013 21:41:06 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: PCP Message-ID: <2075118105.4310118.1361155266899.JavaMail.root@redhat.com> Subject: pcp-doc: secure conns writeup updated MIME-Version: 1.0 X-ASG-Orig-Subj: pcp-doc: secure conns writeup updated Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.69] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1361155267 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.122980 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/pcp/pcp-gui.git dev man/html/lab.secure.html | 347 ++++++++++++++++++++++------------------------- 1 file changed, 169 insertions(+), 178 deletions(-) commit 9e1b8b05e0e715b8329949f19d9de7cd69dc14a8 Author: Nathan Scott Date: Mon Feb 18 13:40:03 2013 +1100 Update the secure conns docs re monitor db setup commit bca593ad0b6d2b1ad12ea8065e99adbbc5a99085 Author: Nathan Scott Date: Mon Feb 18 09:22:55 2013 +1100 Rearrange the secure monitor section after reviewing commit 29cf887188ba990e2a79334bf5a3eff4ee53ef6f Author: Nathan Scott Date: Mon Feb 18 08:56:58 2013 +1100 Make secure conns references to CA name more consistent commit 3d66eea36077fe181661b178f771e769fbb0d1c6 Author: Nathan Scott Date: Sun Feb 17 15:08:41 2013 +1100 Update docs for NSS DB locations and other recent secure sockets changes From nscott@redhat.com Mon Feb 18 00:02:34 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id 3C6EE7F3F for ; Mon, 18 Feb 2013 00:02:34 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay3.corp.sgi.com (Postfix) with ESMTP id C03A1AC003 for ; Sun, 17 Feb 2013 22:02:30 -0800 (PST) X-ASG-Debug-ID: 1361167346-04cbb06b67157290001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id imPz2471ht5zWs7R for ; Sun, 17 Feb 2013 22:02:26 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1I62P5x023398 for ; Mon, 18 Feb 2013 01:02:25 -0500 Date: Mon, 18 Feb 2013 01:02:25 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: PCP Message-ID: <536561884.4330878.1361167345000.JavaMail.root@redhat.com> Subject: pcp updates: nss qa MIME-Version: 1.0 X-ASG-Orig-Subj: pcp updates: nss qa Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.112] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1361167346 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.122991 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/nathans/pcp.git dev qa/712 | 167 +++++++++++++++++++++++++------------------ qa/712.out | 13 +-- src/libpcp/src/nss_connect.c | 18 +++- 3 files changed, 121 insertions(+), 77 deletions(-) commit 8b338190d0d5227be63f4c5f523f0795ebb7910c Author: Nathan Scott Date: Mon Feb 18 17:01:22 2013 +1100 Update test QA 712 to cater for changes in nssdb path/format/etc commit 967582328c6f30ea20a579d5253f800b90d55676 Author: Nathan Scott Date: Mon Feb 18 09:59:05 2013 +1100 Take more care with pmflush, else odd behaviour in pmchart results commit 1c531282b598eb28a6791b8aee5fc1ac339a708a Author: Nathan Scott Date: Mon Feb 18 09:43:39 2013 +1100 Add a warning-level diagnostic if saving to local certdb fails From nscott@redhat.com Mon Feb 18 19:06:27 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id 0EBB07F4C for ; Mon, 18 Feb 2013 19:06:27 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay3.corp.sgi.com (Postfix) with ESMTP id A26EEAC003 for ; Mon, 18 Feb 2013 17:06:26 -0800 (PST) X-ASG-Debug-ID: 1361235981-04cbb06b65198730001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id Mi2P47lD2q8HXNZE for ; Mon, 18 Feb 2013 17:06:22 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1J16LvF010573 for ; Mon, 18 Feb 2013 20:06:21 -0500 Date: Mon, 18 Feb 2013 20:06:21 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: pcp@oss.sgi.com Message-ID: <1217512584.4881777.1361235981093.JavaMail.root@redhat.com> Subject: pcp updates: further ssl qa MIME-Version: 1.0 X-ASG-Orig-Subj: pcp updates: further ssl qa Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.112] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1361235982 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123066 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/nathans/pcp.git dev qa/712 | 163 +++++++------------------------------------- qa/712.out | 6 + qa/713 | 144 ++++++++------------------------------ qa/713.out | 14 +-- qa/714 | 49 +++++++++++++ qa/714.out | 19 +++++ qa/GNUmakefile | 2 qa/common.secure | 153 +++++++++++++++++++++++++++++++++++++++++ qa/group | 2 src/libpcp/src/nss_server.c | 7 + 10 files changed, 298 insertions(+), 261 deletions(-) commit 5b79afa12e4a380f0ea7b1125a9ba9e1fd3845d4 Author: Nathan Scott Date: Tue Feb 19 12:03:20 2013 +1100 Add test 714 exercising SSL connection failure with invalid certificate commit 4e2a83bde54412e67cda4dacac6381d37731bfcf Author: Nathan Scott Date: Tue Feb 19 11:55:50 2013 +1100 Bring the pmproxy SSL test back into the fold, with new style DBs Abstracted much of the test code that was being duplicated in test 712 as well into a common.secure shared shell script for sourcing. commit ba4847c2c42636cd9f0fadf1739c0dea7f675252 Author: Nathan Scott Date: Tue Feb 19 10:06:14 2013 +1100 Add another case to 712 testing db-exists-but-no-certs case commit 90db3cb7c812412920b0532f4684755607fdc927 Author: Nathan Scott Date: Tue Feb 19 09:07:19 2013 +1100 Make the server side nssdb access check more liberal Previously we were only erroring out if the database does not exist at all (ENOENT). However, its also a possibility that the permissions are such that the "pcp" user cannot read it, as I came across in QA when not following the SSL setup recipe to the letter (missed chmod, default is 0700). From nscott@redhat.com Tue Feb 19 03:08:35 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id F38877F53 for ; Tue, 19 Feb 2013 03:08:34 -0600 (CST) Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15]) by relay2.corp.sgi.com (Postfix) with ESMTP id D2B1230405F for ; Tue, 19 Feb 2013 01:08:31 -0800 (PST) X-ASG-Debug-ID: 1361264907-04cb6c427522efc0001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id 1CHnH1sZplokjKUr for ; Tue, 19 Feb 2013 01:08:27 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1J98R1U026696 for ; Tue, 19 Feb 2013 04:08:27 -0500 Date: Tue, 19 Feb 2013 04:08:27 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: pcp@oss.sgi.com Message-ID: <455656240.4982629.1361264907034.JavaMail.root@redhat.com> Subject: pcp updates: IPv6 dev merge MIME-Version: 1.0 X-ASG-Orig-Subj: pcp updates: IPv6 dev merge Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.115] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1361264907 X-Barracuda-URL: http://192.48.176.15:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123090 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/nathans/pcp.git dev qa/182 | 2 qa/src/chkacc1.c | 19 - qa/src/chkacc2.c | 19 - qa/src/chkacc3.c | 21 -- qa/src/multithread2.c | 7 src/include/pcp/impl.h | 69 +++--- src/libpcp/src/access.c | 146 +++++++++----- src/libpcp/src/auxconnect.c | 413 ++++++++++++++++++++++------------------ src/libpcp/src/internal.h | 16 - src/libpcp/src/logconnect.c | 32 +-- src/libpcp/src/nss_connect.c | 301 +++++++++++++++++++---------- src/libpcp_gui/src/timeclient.c | 14 - src/libpcp_pmcd/src/client.c | 12 - src/libpcp_pmda/src/open.c | 21 +- src/perl/PMDA/local.c | 65 +++--- src/pmcd/src/client.c | 31 +-- src/pmcd/src/client.h | 12 - src/pmcd/src/config.c | 41 +-- src/pmcd/src/pmcd.c | 338 +++++++++++++++++++------------- src/pmlogger/ports.c | 69 +++--- src/pmproxy/client.c | 37 ++- src/pmproxy/pmproxy.c | 69 ++---- 22 files changed, 995 insertions(+), 759 deletions(-) commit e1873654568bab94b6d28f6db6ad70b6da07d812 Author: Dave Brolley Date: Tue Feb 19 20:05:55 2013 +1100 Allow more time for pmlc to connect to pmlogger (qa/182). commit a5e1488b78a4d1a2ad1cf0bd4bac3224c4eaff1e Author: Dave Brolley Date: Tue Feb 19 20:04:46 2013 +1100 Initial work toward IPv6 support and API cleanup First pass at IPv6 socket connections in libpcp for NSS/NSPR. Enable IPv6 connections in pmcd (Inet connections also still accepted). First pass at the cleanup of the libpcp socket I/O API. - Canonicalize the names of the API functions. - Make the arguments and return values more consistent - Remove some functions which served identical purposes. - Update all callers. From nscott@redhat.com Tue Feb 19 21:12:36 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id 5B3777F4E for ; Tue, 19 Feb 2013 21:12:36 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay2.corp.sgi.com (Postfix) with ESMTP id 49455304066 for ; Tue, 19 Feb 2013 19:12:33 -0800 (PST) X-ASG-Debug-ID: 1361329948-04cbb06b6627dcb0001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id ETDMo3fyXFVyNqOx for ; Tue, 19 Feb 2013 19:12:29 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1K3CRUe003792 for ; Tue, 19 Feb 2013 22:12:28 -0500 Date: Tue, 19 Feb 2013 22:12:27 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: PCP Message-ID: <2040155211.5846350.1361329947897.JavaMail.root@redhat.com> In-Reply-To: <1141340275.5845223.1361329876243.JavaMail.root@redhat.com> Subject: pcp updates: IPv6 merging MIME-Version: 1.0 X-ASG-Orig-Subj: pcp updates: IPv6 merging Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.115] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1361329948 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123129 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/nathans/pcp.git dev src/include/pcp/impl.h | 7 +- src/libpcp/src/access.c | 18 +----- src/libpcp/src/auxconnect.c | 119 ++++++++++++++++++++++++++----------------- src/libpcp/src/internal.h | 5 + src/libpcp/src/logconnect.c | 7 -- src/libpcp/src/nss_connect.c | 49 ++++++++++++++--- src/libpcp_pmcd/src/client.c | 13 +--- src/perl/PMDA/local.c | 12 +--- src/pmcd/src/config.c | 7 -- src/pmcd/src/pmcd.c | 5 + src/pmdas/trace/src/client.c | 44 +++++++-------- src/pmdas/trace/src/client.h | 2 src/pmdas/trace/src/comms.c | 26 +++++---- src/pmdas/weblog/weblog.c | 8 ++ src/pmlogger/ports.c | 30 ++++------ src/pmproxy/pmproxy.h | 4 - 16 files changed, 191 insertions(+), 165 deletions(-) commit bb4714d451f4e4ddf6629f92ae5fe33ddc1bda1d Author: Nathan Scott Date: Wed Feb 20 14:08:54 2013 +1100 Fix a recent double-free regression in pmcd Picked up by test 243; if we do not set myAddr to null after we free it, there's an error path or two that will attempt to free it (again) during fail-case teardown. Attempting to bind to an address-already-in-use is one easy way to trigger it. commit 28119fbc6c2eb66dfbaacf2063f2b7921a95b7ef Author: Dave Brolley Date: Wed Feb 20 11:53:58 2013 +1100 More libpcp socket I/O API cleanup. - __pmGetHostByName and __pmGetHostByAddr replaced by __pmGetAddrInfo and __pmGetNameInfo respectively. - __pmHostEntGetName now returns a pointer to the heap which must be freed by the caller. - Update all callers. commit fd77c8dcfd5a6018face8248fd7af6e74be9ec1d Author: Dave Brolley Date: Tue Feb 19 14:45:56 2013 -0500 Cleanup the native implementation of __pmSockAddr. Replace the 'family' member of the union with a member of type 'struct sockaddr'. This can then be passed to native I/O functions without casting. From nscott@redhat.com Tue Feb 19 22:28:31 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id 7CFF67F4E for ; Tue, 19 Feb 2013 22:28:31 -0600 (CST) Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15]) by relay2.corp.sgi.com (Postfix) with ESMTP id 6C744304048 for ; Tue, 19 Feb 2013 20:28:28 -0800 (PST) X-ASG-Debug-ID: 1361334498-04cb6c42752821c0001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id EY8Het4ZQ6bXpAxF for ; Tue, 19 Feb 2013 20:28:18 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1K4SIQM023279 for ; Tue, 19 Feb 2013 23:28:18 -0500 Date: Tue, 19 Feb 2013 23:28:18 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: PCP Message-ID: <1760093285.5867007.1361334498035.JavaMail.root@redhat.com> Subject: pcp-doc updates: intro page updates MIME-Version: 1.0 X-ASG-Orig-Subj: pcp-doc updates: intro page updates Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.115] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1361334498 X-Barracuda-URL: http://192.48.176.15:80/cgi-mod/mark.cgi X-Barracuda-BRTS-Status: 1 X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123133 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/pcp/pcp-gui.git dev man/html/pcpintro.html | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) commit c61441450a47b86cd40d02312fd514d82a4f11ea Author: Nathan Scott Date: Wed Feb 20 15:26:51 2013 +1100 Consistent use of bold for commands in intro doc commit 584c14747f15e4441de9449818d3ae1a4e49bc9d Author: Nathan Scott Date: Wed Feb 20 09:54:03 2013 +1100 Remove reference to -n (namespace) in docs, unhelpful commit 8d06eb4be5d9317189960810c67cd76c70122d98 Author: Nathan Scott Date: Wed Feb 20 09:47:57 2013 +1100 Fix some inaccuracies (out-of-date) in the intro pcp-doc From nscott@redhat.com Wed Feb 20 20:23:54 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id 4535B7F50 for ; Wed, 20 Feb 2013 20:23:54 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay1.corp.sgi.com (Postfix) with ESMTP id 33E178F8037 for ; Wed, 20 Feb 2013 18:23:51 -0800 (PST) X-ASG-Debug-ID: 1361413429-04cbb06b662dddb0001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id 9A3MvvEiQJN9OgUS for ; Wed, 20 Feb 2013 18:23:50 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1L2NjZ0012028; Wed, 20 Feb 2013 21:23:45 -0500 Date: Wed, 20 Feb 2013 21:23:45 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: "Frank Ch. Eigler" , Dave Brolley , chandana@desilva.id.au Cc: PCP Message-ID: <674868402.6751798.1361413425715.JavaMail.root@redhat.com> In-Reply-To: Subject: Re: Secure connections writeup - please review MIME-Version: 1.0 X-ASG-Orig-Subj: Re: Secure connections writeup - please review Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.115] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1361413429 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.01 X-Barracuda-Spam-Status: No, SCORE=0.01 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_SA_TO_FROM_DOMAIN_MATCH X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123182 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.01 BSF_SC0_SA_TO_FROM_DOMAIN_MATCH Sender Domain Matches Recipient Domain Hi guys, ----- Original Message ----- > Nathan Scott writes: > > > [...] > > http://oss.sgi.com/projects/pcp/pcp-gui.git/man/html/lab.secure.html > > Looks good. A few suggestions: > I've updated the code and this document extensively now, with all of your most excellent suggestions (thanks!). If you'd like to take another review pass over the document, that'd be much appreciated (even typos, etc, would be good to know about). All of the code implementing this is also available in my git tree too (git://oss.sgi.com/nathans/pcp "dev" branch), so if you'd like to kick the tyres by running it too that would certainly earn bonus points &| karma for you. It's my expectation that Dave and I will continue knocking off the remaining QA issues, finishing up the last of the IPv6 and network API tweaks, then merge to dev, then master shortly thereafter, and release pcp-3.6.11 with these changes. cheers. -- Nathan From nscott@redhat.com Wed Feb 20 20:30:06 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id B800B7F50 for ; Wed, 20 Feb 2013 20:30:06 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay1.corp.sgi.com (Postfix) with ESMTP id 97EAD8F8037 for ; Wed, 20 Feb 2013 18:30:06 -0800 (PST) X-ASG-Debug-ID: 1361413800-04bdf010492efbf0001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id V2638XTC6BPyE7ga for ; Wed, 20 Feb 2013 18:30:01 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1L2U0bs004260 for ; Wed, 20 Feb 2013 21:30:00 -0500 Date: Wed, 20 Feb 2013 21:30:00 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: PCP Message-ID: <828468126.6754308.1361413800726.JavaMail.root@redhat.com> Subject: pcp updates: qa MIME-Version: 1.0 X-ASG-Orig-Subj: pcp updates: qa Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.115] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1361413801 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123182 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/nathans/pcp.git dev INSTALL | 36 +++++++++++++++++++++++++----------- qa/051 | 1 + qa/365 | 1 + qa/589 | 2 ++ qa/645 | 1 + qa/common.secure | 8 ++++---- 6 files changed, 34 insertions(+), 15 deletions(-) commit 21e9bc5f0a5c9e5ee6777373d5d24937ab6b19f9 Author: Nathan Scott Date: Thu Feb 21 13:28:45 2013 +1100 Update common.secure QA script to use Dave's magic certutil invocation commit 58bde3599fcda4383729e08d3b1be8de5b5de3cc Author: Nathan Scott Date: Thu Feb 21 09:34:15 2013 +1100 Update the INSTALL script a little Refer to "pmcd" and "pmlogger" start scripts rather than the (compat) "pcp" start script. Add in the configure step that is needed nowadays before running initial "make". Talk up a few more agents. Mention .NeedInstall as a handy/simple way to do an agent install with defaults. commit af5d56b36bbc4cc06c1b75631b1de0a994c1b3d4 Author: Nathan Scott Date: Wed Feb 20 14:28:29 2013 +1100 QA test updates to handle use of getaddrinfo too From kenj@internode.on.net Thu Feb 21 14:26:17 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id 7253C7F50 for ; Thu, 21 Feb 2013 14:26:17 -0600 (CST) Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15]) by relay3.corp.sgi.com (Postfix) with ESMTP id E796AAC003 for ; Thu, 21 Feb 2013 12:26:13 -0800 (PST) X-ASG-Debug-ID: 1361478367-04cb6c42763287f0001-S8gJnT Received: from ipmail05.adl6.internode.on.net (ipmail05.adl6.internode.on.net [150.101.137.143]) by cuda.sgi.com with ESMTP id zsuMcD2AKIaXE3wW for ; Thu, 21 Feb 2013 12:26:08 -0800 (PST) X-Barracuda-Envelope-From: kenj@internode.on.net X-Barracuda-Apparent-Source-IP: 150.101.137.143 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AmkRAKuBJlEBmM9fPGdsb2JhbAANOIZOu1gDAQEBATiCfX4HBgImAkUttDlxkhKBI5AfgRMDl1OEeo1i Received: from unknown (HELO [10.10.0.2]) ([1.152.207.95]) by ipmail05.adl6.internode.on.net with ESMTP; 22 Feb 2013 06:56:06 +1030 Message-ID: <1361478366.15056.4.camel@bozo-laptop> Subject: pcp updates - porting to NetBSD From: Ken McDonell X-ASG-Orig-Subj: pcp updates - porting to NetBSD Reply-To: kenj@internode.on.net To: pcp@oss.sgi.com Date: Fri, 22 Feb 2013 07:26:06 +1100 Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.6.2-0ubuntu0.1 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-Barracuda-Connect: ipmail05.adl6.internode.on.net[150.101.137.143] X-Barracuda-Start-Time: 1361478367 X-Barracuda-URL: http://192.48.176.15:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123224 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Nothing like a BSD-based platform to shake out some portability issues! Changes committed to git://oss.sgi.com/kenj/pcp.git dev configure |15630 ++++++++--------------------------- configure.in | 47 qa/src/GNUlocaldefs | 2 qa/src/proc_test.c | 6 src/include/builddefs.in | 6 src/include/buildrules | 2 src/include/pcp/platform_header.h.in | 7 src/libpcp/src/check-statics | 4 src/libpcp/src/config.c | 6 src/libpcp/src/connectlocal.c | 14 src/libpcp/src/derive.c | 22 src/libpcp/src/err.c | 2 src/libpcp/src/fault.c | 10 src/libpcp/src/pmns.c | 3 src/libpcp/src/spec.c | 2 src/libpcp/src/util.c | 31 src/libpcp_http/src/http_fetcher.c | 2 src/libpcp_pmda/src/queues.c | 4 src/pcp/pcp.sh | 8 src/pmdas/GNUmakefile | 2 src/pmdas/bash/event.c | 39 src/pmdas/bash/util.c | 4 src/pmdas/gfs2/glocks.c | 4 src/pmdas/gfs2/sbstats.c | 4 src/pmdas/hotproc/src/hotproc.c | 4 src/pmdas/linux/interrupts.c | 10 src/pmdas/linux/linux_table.c | 4 src/pmdas/linux/proc_meminfo.c | 2 src/pmdas/linux/proc_net_dev.c | 6 src/pmdas/linux/proc_partitions.c | 4 src/pmdas/linux/proc_slabinfo.c | 2 src/pmdas/linux/proc_stat.c | 4 src/pmdas/linux/proc_vmstat.c | 2 src/pmdas/linux_proc/cgroups.c | 8 src/pmdas/linux_proc/getinfo.c | 2 src/pmdas/linux_proc/ksym.c | 2 src/pmdas/linux_proc/pmda.c | 4 src/pmdas/linux_proc/proc_pid.c | 10 src/pmdas/linux_proc/proc_runq.c | 2 src/pmdas/logger/event.c | 23 src/pmdas/logger/util.c | 4 src/pmdas/mmv/mmv.c | 4 src/pmdas/netbsd/GNUmakefile | 68 src/pmdas/netbsd/disk.c | 216 src/pmdas/netbsd/help | 95 src/pmdas/netbsd/netbsd.c | 979 ++ src/pmdas/netbsd/netbsd.h | 44 src/pmdas/netbsd/netif.c | 233 src/pmdas/netbsd/root_netbsd | 172 src/pmdas/pmcd/src/pmcd.c | 2 src/pmdas/shping/shping.c | 2 src/pmdas/weblog/check_match.c | 2 src/pmdas/weblog/weblog.c | 2 src/pmdas/windows/helptext.c | 4 src/pmdas/windows/instance.c | 4 src/pmie/src/dstruct.c | 20 src/pmie/src/pragmatics.c | 323 src/pmie/src/stomp.c | 2 src/pmieconf/rules.c | 6 src/pmlogger/pmlogger.c | 2 src/pmlogrewrite/util.c | 4 src/pmns/stdpmid.pcp | 1 src/pmstore/pmstore.c | 2 63 files changed, 6289 insertions(+), 11852 deletions(-) commit 4e5c39cba0be9be0d058d526b33d23920efe3cf2 Author: Ken McDonell Date: Fri Feb 22 07:23:41 2013 +1100 Add a NetBSD platform pmda Note this is heavily borrowed from the FreeBSD pmda, and provides only a handful of metrics as a proof of concept ... considerable extra effort would required to make this a useful platform pmda. commit 46d5cdfde3ff10982de750c9aa9a1841efa766be Author: Ken McDonell Date: Fri Feb 22 07:18:58 2013 +1100 qa/src/proc_test.c - NetBSD porting Some code change for procfs and correct isdigit() casting. commit e1893313554005099fcbc24af5792fefd2562c38 Author: Ken McDonell Date: Fri Feb 22 07:17:52 2013 +1100 weblog pmda - fix compiler warning Make initialization unconditional to remove compilation warnings on NetBSD. commit 7d1726a372f6cf6d5e54dce21d53ba638a40c425 Author: Ken McDonell Date: Fri Feb 22 07:16:40 2013 +1100 pmie/pragmatics.c - pow() (non-)issue Include open source version of pow() for platforms where this is not in the maths library ... only needed in this one place if configure determines we do not HAVE_POW. commit 863b718681e0520352e11fd74b0c50b89d7b1c21 Author: Ken McDonell Date: Fri Feb 22 07:15:44 2013 +1100 libpcp/util.c - prefer mkstemp() over tempnam() commit 99cc8e892d72c6692898af3ffdad95e8cd2e6c9f Author: Ken McDonell Date: Fri Feb 22 07:14:37 2013 +1100 libpcp/pmns.c - workaround NetBSD compiler warning commit 3ef3be998fe4a6ff795f58af6a39f9ea3c850f25 Author: Ken McDonell Date: Fri Feb 22 07:12:59 2013 +1100 NetBSD porting - platform differences Changes to required to support existing functionality to NetBSD. Mostly API differences (have posix_memalign() but not memalign(), stat() stucture name differences, gcc __thread is broken) and command line option variations (fmt -g N not fmt -N), different signal semantics. commit f128d3d16c7edf5bb6127b2018a5a472c5e5fcd4 Author: Ken McDonell Date: Fri Feb 22 07:11:41 2013 +1100 builddefs - NetBSD porting Real versions of sed (from the olden days) do not have a -i command line option. commit ac9c0a56b49e53a0d6872d04ff438a8bab1e17e5 Author: Ken McDonell Date: Fri Feb 22 07:10:09 2013 +1100 QA src make usage Replace make by $(MAKE) for platforms where MAKE=gmake is needed because make does not exist. commit ceb3eb1c8feae3ece9d3bd682a077a9b16e31fe5 Author: Ken McDonell Date: Fri Feb 22 07:08:43 2013 +1100 Porting to NetBSD Platform configuration changes, e.g. + __thread is broken in some gcc versions, sigh + check for pow() availability and library + check for posix_memalign() availability commit 16ad1976095816ebc03ddc90ba67d5265adb66e9 Author: Ken McDonell Date: Fri Feb 22 07:03:19 2013 +1100 Casting for character classification routines We were being sloppy and inconsistent about casting the argument to the character classificaton routines like isalpha(), isspace(), isdigit(), isprint(), toupper(), tolower(), etc. If the argument is type char, it needs to be cast to (int) to be correct for all implementations of these library routines. Without this we get compilation warnings on NetBSD, for example. From nscott@redhat.com Thu Feb 21 17:57:37 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id BF0A27F52 for ; Thu, 21 Feb 2013 17:57:37 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay2.corp.sgi.com (Postfix) with ESMTP id 9081B304070 for ; Thu, 21 Feb 2013 15:57:37 -0800 (PST) X-ASG-Debug-ID: 1361491052-04bdf01048348a10001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id SAMBzzzEiCx5tR0v for ; Thu, 21 Feb 2013 15:57:33 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1LNvT4X024551; Thu, 21 Feb 2013 18:57:29 -0500 Date: Thu, 21 Feb 2013 18:57:29 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: kenj@internode.on.net Cc: pcp@oss.sgi.com Message-ID: <1451085955.7481964.1361491049719.JavaMail.root@redhat.com> In-Reply-To: <1361478366.15056.4.camel@bozo-laptop> Subject: Re: [pcp] pcp updates - porting to NetBSD MIME-Version: 1.0 X-ASG-Orig-Subj: Re: [pcp] pcp updates - porting to NetBSD Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.91] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1361491052 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_MISMATCH_TO X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123238 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.00 BSF_SC0_MISMATCH_TO Envelope rcpt doesn't match header Hi Ken, ----- Original Message ----- > Nothing like a BSD-based platform to shake out some portability > issues! > Awesome. > > pmie/pragmatics.c - pow() (non-)issue > > Include open source version of pow() for platforms where this is > not > in the maths library ... only needed in this one place if > configure > determines we do not HAVE_POW. The (new) comment in the code says "We have not found a platform yet that needs this" which seems contrary to the above (if we don't need it, why...?) Assuming we really do need it just for this platform, I guess I'd anticipate it live with the other helper routines that are added in specifically for a platform, in src/libpcp/src/util.c (dirname, basename, scandir, and friends) so that when the next pow() call is added somewhere else in PCP, the build doesn't fail. Could sanitise that code a little too - the endianness sniffing in there looks odd & the commented out header seems unneeded too. > Real versions of sed (from the olden days) do not have a -i > command line option. Heh. Looks like "real" kernels prefer /dev/kmem readers too. :) cheers. -- Nathan From nscott@redhat.com Thu Feb 21 19:57:03 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id 65ED77F50 for ; Thu, 21 Feb 2013 19:57:03 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay3.corp.sgi.com (Postfix) with ESMTP id EBE24AC003 for ; Thu, 21 Feb 2013 17:56:59 -0800 (PST) X-ASG-Debug-ID: 1361498218-04bdf0104b34efe0001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id Axfivldgcxsfi5c8 for ; Thu, 21 Feb 2013 17:56:58 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1M1uwlY010476 for ; Thu, 21 Feb 2013 20:56:58 -0500 Date: Thu, 21 Feb 2013 20:56:58 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: PCP Message-ID: <441566360.7536854.1361498218465.JavaMail.root@redhat.com> Subject: pcp updates: qa MIME-Version: 1.0 X-ASG-Orig-Subj: pcp updates: qa Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.91] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1361498218 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123246 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/nathans/pcp.git dev qa/README | 5 +++++ qa/common.filter | 1 + 2 files changed, 6 insertions(+) commit 6db2b541d5219d0d8a359c385d1d3cd685493f4e Author: Nathan Scott Date: Fri Feb 22 12:00:52 2013 +1100 Handle pmcd.feature metrics in torture_api tests commit f38531bf39b1e2728a537479c6e0c047e9abe8a2 Author: Nathan Scott Date: Fri Feb 22 11:46:22 2013 +1100 Add a note to the README about X11 authentication tweaks commit 60c91a3152fd007df64a3bc8cbbbf716742a386b Merge: 21e9bc5 4e5c39c Author: Nathan Scott Date: Fri Feb 22 09:30:33 2013 +1100 Merge branch 'dev' of git://oss.sgi.com/kenj/pcp into dev From nscott@redhat.com Thu Feb 21 20:04:14 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id 416F87F50 for ; Thu, 21 Feb 2013 20:04:14 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay2.corp.sgi.com (Postfix) with ESMTP id 21ED7304053 for ; Thu, 21 Feb 2013 18:04:10 -0800 (PST) X-ASG-Debug-ID: 1361498646-04cbb06b6533c620001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id AUo5dSRf0FwomrcU for ; Thu, 21 Feb 2013 18:04:06 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1M246KX011362; Thu, 21 Feb 2013 21:04:06 -0500 Date: Thu, 21 Feb 2013 21:04:06 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: Dave Brolley Cc: PCP Message-ID: <1228622042.7538919.1361498646197.JavaMail.root@redhat.com> In-Reply-To: <674868402.6751798.1361413425715.JavaMail.root@redhat.com> Subject: QA status (was Re: Secure connections writeup - please review) MIME-Version: 1.0 X-ASG-Orig-Subj: QA status (was Re: Secure connections writeup - please review) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.91] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1361498646 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.01 X-Barracuda-Spam-Status: No, SCORE=0.01 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_SA_TO_FROM_DOMAIN_MATCH X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123246 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.01 BSF_SC0_SA_TO_FROM_DOMAIN_MATCH Sender Domain Matches Recipient Domain Hi Dave, ----- Original Message ----- > ... > It's my expectation that Dave and I will continue knocking off the > remaining QA issues, finishing up the last of the IPv6 and network > API tweaks, then merge to dev, then master shortly thereafter, and > release pcp-3.6.11 with these changes. > These are the remaining failures I have after fixing up everything else after a full pcpqa run today. 023 - pmcd.log format, net address related changes, ipv6 port open 051 - pmcd.log format, net address related changes, ipv6 port open 062 - pmcd.log format, net address related changes 067 - pmcd.log format, net address related changes, ipv6 port open 172 - ipv6 port open? (changes netstat report) 197 - suggests several file descriptors leaked? (expect 4 -> got 9) 243 - bind output on failure now reports for two open ports (ipv6) 244 - pmcd.log format, net address related changes, ipv6 port open 255 - pmcd.log format, ipv6 port open 449 - pmcd.log format, net address related changes I'll take a deeper look into 197, and also look into backward-compat in the QA sources which we've not maintained for other folks at this stage (i.e. people like Ken - testing older PCP versions with latest pcpqa sources). cheers. -- Nathan From kenj@internode.on.net Thu Feb 21 23:51:49 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id 574D07F50 for ; Thu, 21 Feb 2013 23:51:49 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay3.corp.sgi.com (Postfix) with ESMTP id E568AAC004 for ; Thu, 21 Feb 2013 21:51:48 -0800 (PST) X-ASG-Debug-ID: 1361512304-04bdf0104b359e80001-S8gJnT Received: from ipmail06.adl6.internode.on.net (ipmail06.adl6.internode.on.net [150.101.137.145]) by cuda.sgi.com with ESMTP id dTywpUowD6qv4GRO for ; Thu, 21 Feb 2013 21:51:44 -0800 (PST) X-Barracuda-Envelope-From: kenj@internode.on.net X-Barracuda-Apparent-Source-IP: 150.101.137.145 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AvsUALMGJ1EBmDL9PGdsb2JhbAANOIZOhDe2FIEgAwEBAQE4glMBAQEDASNWBQsLDQ0CJgICQxQGiB+sNHGSHIEjjWsHgi2BEwOcTY1i Received: from unknown (HELO [10.10.0.2]) ([1.152.50.253]) by ipmail06.adl6.internode.on.net with ESMTP; 22 Feb 2013 16:21:33 +1030 Message-ID: <1361512296.15056.18.camel@bozo-laptop> Subject: Re: [pcp] pcp updates - porting to NetBSD From: Ken McDonell X-ASG-Orig-Subj: Re: [pcp] pcp updates - porting to NetBSD Reply-To: kenj@internode.on.net To: Nathan Scott Cc: pcp@oss.sgi.com Date: Fri, 22 Feb 2013 16:51:36 +1100 In-Reply-To: <1451085955.7481964.1361491049719.JavaMail.root@redhat.com> References: <1451085955.7481964.1361491049719.JavaMail.root@redhat.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.6.2-0ubuntu0.1 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-Barracuda-Connect: ipmail06.adl6.internode.on.net[150.101.137.145] X-Barracuda-Start-Time: 1361512304 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Barracuda-BRTS-Status: 1 X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123262 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Thanks for the feedbakc Nathan. On Thu, 2013-02-21 at 18:57 -0500, Nathan Scott wrote: > > pmie/pragmatics.c - pow() (non-)issue > > > > Include open source version of pow() for platforms where this is > > not > > in the maths library ... only needed in this one place if > > configure > > determines we do not HAVE_POW. > > The (new) comment in the code says > "We have not found a platform yet that needs this" > which seems contrary to the above (if we don't need it, why...?) In NetBSD, pow() is not in libc, so I had to add configure glue to find if pow() is supported, and if so, in what library. This leads to the possibility of HAVE_POW being undefined (although I don't think we have a platform where this is true, ... yet). For completeness I added the open source version of pow() that Sun donated to humankind a long time ago. > Assuming we really do need it just for this platform, I guess I'd > anticipate it live with the other helper routines that are added > in specifically for a platform, in src/libpcp/src/util.c (dirname, > basename, scandir, and friends) so that when the next pow() call > is added somewhere else in PCP, the build doesn't fail. Good point ... I'll move it in my next commit. > Could sanitise that code a little too - the endianness sniffing in > there looks odd & the commented out header seems unneeded too. Endianness _is_ odd ... I've left it alone for the moment, as I don't think we currently have a cpp-time endianness check in the configure glue. The endian mess came from this header! ... comment is gone. > > Real versions of sed (from the olden days) do not have a -i > > command line option. > > Heh. Looks like "real" kernels prefer /dev/kmem readers too. :) Hmm ... now I am pretty sure I wrote my first /dev/kmem reader code for Sixth Edition Unix in 1976 ... no reason to believe something that worked 37 years ago would not still work ... 8^)> (let's see how Java and Python are making out in 30+ years ... I'll need you to check on that, 'cause I won't be here). Thanks again for reviewing my changes. From nscott@redhat.com Fri Feb 22 02:28:13 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id 108D77F58 for ; Fri, 22 Feb 2013 02:28:13 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay1.corp.sgi.com (Postfix) with ESMTP id E55598F8035 for ; Fri, 22 Feb 2013 00:28:09 -0800 (PST) X-ASG-Debug-ID: 1361521688-04cbb06b6534aaa0001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id QDFblf5FBOAvmXoj for ; Fri, 22 Feb 2013 00:28:08 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1M8S5wP003824; Fri, 22 Feb 2013 03:28:05 -0500 Date: Fri, 22 Feb 2013 03:28:05 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: kenj@internode.on.net Cc: pcp@oss.sgi.com Message-ID: <1902857525.7634884.1361521685182.JavaMail.root@redhat.com> In-Reply-To: <1361512296.15056.18.camel@bozo-laptop> Subject: Re: [pcp] pcp updates - porting to NetBSD MIME-Version: 1.0 X-ASG-Orig-Subj: Re: [pcp] pcp updates - porting to NetBSD Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.99] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1361521688 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_MISMATCH_TO X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123272 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.00 BSF_SC0_MISMATCH_TO Envelope rcpt doesn't match header ----- Original Message ----- > Thanks for the feedbakc Nathan. > No worries. Just got through a QA run with those changes (and others), and this failure below may be some unintended fallout of those mkstemp / tempdir changes just made? [73%] 448 0s ... - output mismatch (see 448.out.bad) 7a8,9 > getconfig: vpmprintf: failed to create "/pcp-piYj5S": Permission denied > vpmprintf msg: 12a15,16 > getconfig: vpmprintf: failed to create "/pcp-SdS4QT": Permission denied > vpmprintf msg: Looks like something is not being set... ah this is the "bad $PCP_DIR" case. I think what may have happened is previously we were going down the tempnam(3) path, which when passed NULL as its first argument uses the system TMPDIR. We probably need a hard-coded fail-safe like this for such a pathological case... diff --git a/src/libpcp/src/util.c b/src/libpcp/src/util.c index a92f98c..6f07b13 100644 --- a/src/libpcp/src/util.c +++ b/src/libpcp/src/util.c @@ -1091,9 +1091,10 @@ vpmprintf(const char *msg, va_list arg) int fd = -1; #if HAVE_MKSTEMP + char *tmpdir = pmGetConfig("PCP_TMP_DIR"); fname = (char *)malloc(MAXPATHLEN+1); if (fname == NULL) goto fail; - snprintf(fname, MAXPATHLEN, "%s/pcp-XXXXXX", pmGetConfig("PCP_TMP_DIR")) + snprintf(fname, MAXPATHLEN, "%s/pcp-XXXXXX", tmpdir ? tmpdir : "/tmp")); fd = mkstemp(fname); #else fname = tempnam(pmGetConfig("PCP_TMP_DIR"), "pcp-"); > > Heh. Looks like "real" kernels prefer /dev/kmem readers too. :) > > Hmm ... now I am pretty sure I wrote my first /dev/kmem reader code > for > Sixth Edition Unix in 1976 ... no reason to believe something that > worked 37 years ago would not still work ... 8^)> (let's see how Java > and Python are making out in 30+ years ... I'll need you to check on > that, 'cause I won't be here). :^) cheers. -- Nathan From nscott@redhat.com Fri Feb 22 03:33:25 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id F0FB77F50 for ; Fri, 22 Feb 2013 03:33:24 -0600 (CST) Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15]) by relay2.corp.sgi.com (Postfix) with ESMTP id DFFC030406B for ; Fri, 22 Feb 2013 01:33:21 -0800 (PST) X-ASG-Debug-ID: 1361525600-04cb6c427834df60001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id qkCkAEJnAJGYqczi for ; Fri, 22 Feb 2013 01:33:20 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1M9XGop015184; Fri, 22 Feb 2013 04:33:16 -0500 Date: Fri, 22 Feb 2013 04:33:16 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: kenj@internode.on.net Cc: pcp@oss.sgi.com Message-ID: <103619508.7665555.1361525596066.JavaMail.root@redhat.com> In-Reply-To: <1902857525.7634884.1361521685182.JavaMail.root@redhat.com> Subject: Re: [pcp] pcp updates - porting to NetBSD MIME-Version: 1.0 X-ASG-Orig-Subj: Re: [pcp] pcp updates - porting to NetBSD Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.99] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1361525600 X-Barracuda-URL: http://192.48.176.15:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_MISMATCH_TO X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123276 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.00 BSF_SC0_MISMATCH_TO Envelope rcpt doesn't match header ----- Original Message ----- > [...] We probably need a hard-coded fail-safe like this > for such a pathological case... > > diff --git a/src/libpcp/src/util.c b/src/libpcp/src/util.c > index a92f98c..6f07b13 100644 > --- a/src/libpcp/src/util.c > +++ b/src/libpcp/src/util.c > @@ -1091,9 +1091,10 @@ vpmprintf(const char *msg, va_list arg) > int fd = -1; > > #if HAVE_MKSTEMP > + char *tmpdir = pmGetConfig("PCP_TMP_DIR"); > fname = (char *)malloc(MAXPATHLEN+1); > if (fname == NULL) goto fail; > - snprintf(fname, MAXPATHLEN, "%s/pcp-XXXXXX", > pmGetConfig("PCP_TMP_DIR")) > + snprintf(fname, MAXPATHLEN, "%s/pcp-XXXXXX", tmpdir ? tmpdir > : "/tmp")); The theory was good, but the patch didn't count on pmGetConfig always returning a value (empty string if not found, not NULL). I've fixed it up & verified the test now passes - will commit shortly. cheers. -- Nathan From kenj@internode.on.net Fri Feb 22 03:53:26 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id 485927F50 for ; Fri, 22 Feb 2013 03:53:26 -0600 (CST) Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15]) by relay3.corp.sgi.com (Postfix) with ESMTP id B326DAC006 for ; Fri, 22 Feb 2013 01:53:22 -0800 (PST) X-ASG-Debug-ID: 1361526800-04cb6c427634e710001-S8gJnT Received: from ipmail05.adl6.internode.on.net (ipmail05.adl6.internode.on.net [150.101.137.143]) by cuda.sgi.com with ESMTP id vmBOVrGfpA6HRpT6 for ; Fri, 22 Feb 2013 01:53:21 -0800 (PST) X-Barracuda-Envelope-From: kenj@internode.on.net X-Barracuda-Apparent-Source-IP: 150.101.137.143 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: AjsWALA+J1EBmE3APGdsb2JhbAANOIZOhDezQoJYgR8DAQEBATiCUwEBAQQjVgwECw0LAgImAgJDFAa0S3GSMIEjjWsHgi2BEwOcUY1n Received: from unknown (HELO [10.10.0.2]) ([1.152.77.192]) by ipmail05.adl6.internode.on.net with ESMTP; 22 Feb 2013 20:23:14 +1030 Message-ID: <1361526797.15056.20.camel@bozo-laptop> Subject: Re: [pcp] pcp updates - porting to NetBSD From: Ken McDonell X-ASG-Orig-Subj: Re: [pcp] pcp updates - porting to NetBSD Reply-To: kenj@internode.on.net To: Nathan Scott Cc: pcp@oss.sgi.com Date: Fri, 22 Feb 2013 20:53:17 +1100 In-Reply-To: <103619508.7665555.1361525596066.JavaMail.root@redhat.com> References: <103619508.7665555.1361525596066.JavaMail.root@redhat.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.6.2-0ubuntu0.1 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-Barracuda-Connect: ipmail05.adl6.internode.on.net[150.101.137.143] X-Barracuda-Start-Time: 1361526800 X-Barracuda-URL: http://192.48.176.15:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123278 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- On Fri, 2013-02-22 at 04:33 -0500, Nathan Scott wrote: > > ----- Original Message ----- > > [...] We probably need a hard-coded fail-safe like this > > for such a pathological case... > > > > diff --git a/src/libpcp/src/util.c b/src/libpcp/src/util.c > > index a92f98c..6f07b13 100644 > > --- a/src/libpcp/src/util.c > > +++ b/src/libpcp/src/util.c > > @@ -1091,9 +1091,10 @@ vpmprintf(const char *msg, va_list arg) > > int fd = -1; > > > > #if HAVE_MKSTEMP > > + char *tmpdir = pmGetConfig("PCP_TMP_DIR"); > > fname = (char *)malloc(MAXPATHLEN+1); > > if (fname == NULL) goto fail; > > - snprintf(fname, MAXPATHLEN, "%s/pcp-XXXXXX", > > pmGetConfig("PCP_TMP_DIR")) > > + snprintf(fname, MAXPATHLEN, "%s/pcp-XXXXXX", tmpdir ? tmpdir > > : "/tmp")); > > The theory was good, but the patch didn't count on pmGetConfig always > returning a value (empty string if not found, not NULL). > > I've fixed it up & verified the test now passes - will commit shortly. > OK we're doubling up here ... I'll compare your patch with my fix ... I've also changed to pmGetConfig man page so it no longer lies! From nscott@redhat.com Fri Feb 22 03:57:13 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id EDDFB7F50 for ; Fri, 22 Feb 2013 03:57:12 -0600 (CST) Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15]) by relay2.corp.sgi.com (Postfix) with ESMTP id C9B92304066 for ; Fri, 22 Feb 2013 01:57:12 -0800 (PST) X-ASG-Debug-ID: 1361527028-04cb6c427734e8b0001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id BnNQFBtWybkWONr5 for ; Fri, 22 Feb 2013 01:57:08 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1M9v89A019345; Fri, 22 Feb 2013 04:57:08 -0500 Date: Fri, 22 Feb 2013 04:57:08 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: PCP Cc: Serguei Makarov Message-ID: <125977888.7678813.1361527028235.JavaMail.root@redhat.com> Subject: pcp updates: tmpdir fix, configurable default user MIME-Version: 1.0 X-ASG-Orig-Subj: pcp updates: tmpdir fix, configurable default user Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.99] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1361527028 X-Barracuda-URL: http://192.48.176.15:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123278 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/nathans/pcp.git dev configure |14104 +++++++++++++++++++++++++++++--------- configure.in | 10 src/include/pcp.conf.in | 4 src/include/pcp/impl.h | 2 src/libpcp/src/util.c | 16 src/pmcd/src/pmcd.c | 3 src/pmdas/aix/aix.c | 3 src/pmdas/apache/apache.c | 4 src/pmdas/bash/bash.c | 6 src/pmdas/cisco/pmda.c | 3 src/pmdas/darwin/pmda.c | 3 src/pmdas/freebsd/freebsd.c | 3 src/pmdas/hotproc/src/hotproc.c | 9 src/pmdas/linux/pmda.c | 3 src/pmdas/lmsensors/lmsensors.c | 3 src/pmdas/logger/logger.c | 6 src/pmdas/lustrecomm/lustrecomm.c | 4 src/pmdas/mailq/mailq.c | 4 src/pmdas/mmv/mmv.c | 4 src/pmdas/mounts/mounts.c | 3 src/pmdas/netbsd/netbsd.c | 3 src/pmdas/sample/src/pmda.c | 3 src/pmdas/sendmail/sendmail.c | 4 src/pmdas/shping/pmda.c | 3 src/pmdas/simple/simple.c | 3 src/pmdas/summary/pmda.c | 3 src/pmdas/systemd/systemd.c | 2 src/pmdas/trace/src/pmda.c | 3 src/pmdas/trivial/trivial.c | 3 src/pmdas/txmon/txmon.c | 3 src/pmdas/weblog/pmda.c | 3 src/pmie/src/pmie.c | 3 src/pmlogger/pmlogger.c | 3 src/pmproxy/pmproxy.c | 3 34 files changed, 11192 insertions(+), 3047 deletions(-) commit 476e5d68a4a46b11bbd77b302b11118b540166f6 Author: Nathan Scott Date: Fri Feb 22 20:54:27 2013 +1100 Add a PCP_USER setting, replacing the hard-coded value Serhei was building PCP using the configure-me-sideways option to get a local developer build and found there's still a need to become root, in order to use the start scripts. These want to change user to "pcp" nowadays, but this may not exist in such a build environment. This provides configure option, environment variable and a pcp.conf setting allowing this to be changed. This is still achievable using the more manual -U option to each of the daemons/agents as well. commit 5b280e87223f8281e28e62d7e621a8f60c3d0894 Author: Nathan Scott Date: Fri Feb 22 20:41:46 2013 +1100 Ensure tmpdir used in vpmprintf always gets a sane value Recent changes in temporary file handling (BSD porting) regressed a corner case exercised by test 448, where no /etc/pcp.conf exists. This resulted in invalid tmpfile paths being requested (in the fs root), and EPERM ended up being the result. Fix to ensure we always get a sane fallback for tmpdir. From brolley@redhat.com Fri Feb 22 12:10:20 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.9 required=5.0 tests=MISSING_HEADERS autolearn=no version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id DB25B7F50 for ; Fri, 22 Feb 2013 12:10:20 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay1.corp.sgi.com (Postfix) with ESMTP id C77B38F8071 for ; Fri, 22 Feb 2013 10:10:20 -0800 (PST) X-ASG-Debug-ID: 1361556619-04cbb06b653601d0001-S8gJnT Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by cuda.sgi.com with ESMTP id dHY2yy7PRMpfWAnJ for ; Fri, 22 Feb 2013 10:10:19 -0800 (PST) X-Barracuda-Envelope-From: brolley@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.28 X-ASG-Whitelist: Client Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r1MIAB77005424 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Fri, 22 Feb 2013 13:10:19 -0500 Received: from [10.10.51.227] (vpn-51-227.rdu2.redhat.com [10.10.51.227]) by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1MIAAjv032462 for ; Fri, 22 Feb 2013 13:10:11 -0500 Message-ID: <5127B482.7090103@redhat.com> Date: Fri, 22 Feb 2013 13:10:10 -0500 From: Dave Brolley User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130110 Thunderbird/17.0.2 MIME-Version: 1.0 CC: PCP Subject: Re: QA status (was Re: Secure connections writeup - please review) References: <1228622042.7538919.1361498646197.JavaMail.root@redhat.com> X-ASG-Orig-Subj: Re: QA status (was Re: Secure connections writeup - please review) In-Reply-To: <1228622042.7538919.1361498646197.JavaMail.root@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.67 on 10.5.11.12 X-Barracuda-Connect: mx1.redhat.com[209.132.183.28] X-Barracuda-Start-Time: 1361556619 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 This is good news Nathan. It looks to me like most of the failures could potentially be due to the same ipv6 socket leak. I may be able to track it down before you wake up. It's Saturday for you now anyway, so no need for you to delve into it unnecessarily. I assume that this is all with a NSS-enabled build. I'm still working on a few missing IPv6 bits for native sockets. One other area that I need to address for IPv6 is the code which creates/processes ip address wilcards/masks for access control purposes. Dave On 02/21/2013 09:04 PM, Nathan Scott wrote: > Hi Dave, > > ----- Original Message ----- >> ... >> It's my expectation that Dave and I will continue knocking off the >> remaining QA issues, finishing up the last of the IPv6 and network >> API tweaks, then merge to dev, then master shortly thereafter, and >> release pcp-3.6.11 with these changes. >> > These are the remaining failures I have after fixing up everything > else after a full pcpqa run today. > > 023 - pmcd.log format, net address related changes, ipv6 port open > 051 - pmcd.log format, net address related changes, ipv6 port open > 062 - pmcd.log format, net address related changes > 067 - pmcd.log format, net address related changes, ipv6 port open > 172 - ipv6 port open? (changes netstat report) > 197 - suggests several file descriptors leaked? (expect 4 -> got 9) > 243 - bind output on failure now reports for two open ports (ipv6) > 244 - pmcd.log format, net address related changes, ipv6 port open > 255 - pmcd.log format, ipv6 port open > 449 - pmcd.log format, net address related changes > > I'll take a deeper look into 197, and also look into backward-compat > in the QA sources which we've not maintained for other folks at this > stage (i.e. people like Ken - testing older PCP versions with latest > pcpqa sources). > > cheers. > > -- > Nathan From brolley@redhat.com Fri Feb 22 12:20:21 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=HTML_MESSAGE autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id B1F4C7F50 for ; Fri, 22 Feb 2013 12:20:21 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay3.corp.sgi.com (Postfix) with ESMTP id 418FAAC003 for ; Fri, 22 Feb 2013 10:20:18 -0800 (PST) X-ASG-Debug-ID: 1361557217-04cbb06b653606b0001-S8gJnT Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by cuda.sgi.com with ESMTP id SE8RnRJov2ubZoB6 for ; Fri, 22 Feb 2013 10:20:17 -0800 (PST) X-Barracuda-Envelope-From: brolley@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.28 X-ASG-Whitelist: Client Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r1MIKFfx021601 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 22 Feb 2013 13:20:15 -0500 Received: from [10.10.51.227] (vpn-51-227.rdu2.redhat.com [10.10.51.227]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id r1MIK6pt007482; Fri, 22 Feb 2013 13:20:13 -0500 Message-ID: <5127B6D6.80508@redhat.com> Date: Fri, 22 Feb 2013 13:20:06 -0500 From: Dave Brolley User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130110 Thunderbird/17.0.2 MIME-Version: 1.0 To: Nathan Scott CC: "Frank Ch. Eigler" , chandana@desilva.id.au, PCP Subject: Re: Secure connections writeup - please review References: <674868402.6751798.1361413425715.JavaMail.root@redhat.com> X-ASG-Orig-Subj: Re: Secure connections writeup - please review In-Reply-To: <674868402.6751798.1361413425715.JavaMail.root@redhat.com> Content-Type: multipart/alternative; boundary="------------040000010404040907020603" X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22 X-Barracuda-Connect: mx1.redhat.com[209.132.183.28] X-Barracuda-Start-Time: 1361557217 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 This is a multi-part message in MIME format. --------------040000010404040907020603 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 02/20/2013 09:23 PM, Nathan Scott wrote: > Hi guys, > > ----- Original Message ----- >> Nathan Scott writes: >> >>> [...] >>> http://oss.sgi.com/projects/pcp/pcp-gui.git/man/html/lab.secure.html*-s "PCP Collector"* >> Looks good. A few suggestions:-s "PCP Collector" >> > I've updated the code and this document extensively now, with all of > your most excellent suggestions (thanks!). > > If you'd like to take another review pass over the document, that'd > be much appreciated (even typos, etc, would be good to know about). > Only one comment: When creating the collector certificates, on the certutil command, -s "PCP Collector" should be -s "cn=PCP Collector" Dave --------------040000010404040907020603 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 7bit On 02/20/2013 09:23 PM, Nathan Scott wrote:
Hi guys,

----- Original Message -----

Nathan Scott <nathans@redhat.com> writes:


[...]
http://oss.sgi.com/projects/pcp/pcp-gui.git/man/html/lab.secure.html-s "PCP Collector"

Looks good.  A few suggestions:-s "PCP Collector"


I've updated the code and this document extensively now, with all of
your most excellent suggestions (thanks!).

If you'd like to take another review pass over the document, that'd
be much appreciated (even typos, etc, would be good to know about).
Only one comment: When creating the collector certificates, on the certutil command, -s "PCP Collector" should be -s "cn=PCP Collector"

Dave

--------------040000010404040907020603-- From nscott@redhat.com Fri Feb 22 14:12:31 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id CCE127F37 for ; Fri, 22 Feb 2013 14:12:31 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay1.corp.sgi.com (Postfix) with ESMTP id BAE0E8F8066 for ; Fri, 22 Feb 2013 12:12:28 -0800 (PST) X-ASG-Debug-ID: 1361563944-04cbb06b67363da0001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id yHpxnyrrtTRhlHs8 for ; Fri, 22 Feb 2013 12:12:24 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1MKCNu1021723; Fri, 22 Feb 2013 15:12:23 -0500 Date: Fri, 22 Feb 2013 15:12:23 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: Dave Brolley Cc: PCP Message-ID: <1407010941.8207515.1361563943932.JavaMail.root@redhat.com> In-Reply-To: <5127B482.7090103@redhat.com> Subject: Re: [pcp] QA status (was Re: Secure connections writeup - please review) MIME-Version: 1.0 X-ASG-Orig-Subj: Re: [pcp] QA status (was Re: Secure connections writeup - please review) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.94] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1361563944 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.01 X-Barracuda-Spam-Status: No, SCORE=0.01 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_SA_TO_FROM_DOMAIN_MATCH X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123318 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.01 BSF_SC0_SA_TO_FROM_DOMAIN_MATCH Sender Domain Matches Recipient Domain Hi Dave, ----- Original Message ----- > This is good news Nathan. It looks to me like most of the failures > could > potentially be due to the same ipv6 socket leak. I may be able to > track > it down before you wake up. It's Saturday for you now anyway, so no > need > for you to delve into it unnecessarily. > Thanks. I don't think its a leak, I think its just there now where it wasn't before (an extra fd, and open port) - the extra log file diagnostics, netstat output is showing another port, etc. Oh, except for 197, not sure what that is yet. > I assume that this is all with a NSS-enabled build. I'm still working Yep. > on a few missing IPv6 bits for native sockets. > > One other area that I need to address for IPv6 is the code which > creates/processes ip address wilcards/masks for access control > purposes. Ah yes - I bucketed those into "net address related changes". > Dave > > On 02/21/2013 09:04 PM, Nathan Scott wrote: > > Hi Dave, > > > > ----- Original Message ----- > >> ... > >> It's my expectation that Dave and I will continue knocking off the > >> remaining QA issues, finishing up the last of the IPv6 and network > >> API tweaks, then merge to dev, then master shortly thereafter, and > >> release pcp-3.6.11 with these changes. > >> > > These are the remaining failures I have after fixing up everything > > else after a full pcpqa run today. > > > > 023 - pmcd.log format, net address related changes, ipv6 port open > > 051 - pmcd.log format, net address related changes, ipv6 port open > > 062 - pmcd.log format, net address related changes > > 067 - pmcd.log format, net address related changes, ipv6 port open > > 172 - ipv6 port open? (changes netstat report) > > 197 - suggests several file descriptors leaked? (expect 4 -> got > > 9) > > 243 - bind output on failure now reports for two open ports (ipv6) > > 244 - pmcd.log format, net address related changes, ipv6 port open > > 255 - pmcd.log format, ipv6 port open > > 449 - pmcd.log format, net address related changes > > > > I'll take a deeper look into 197, and also look into > > backward-compat > > in the QA sources which we've not maintained for other folks at > > this > > stage (i.e. people like Ken - testing older PCP versions with > > latest > > pcpqa sources). > > > > cheers. > > > > -- > > Nathan > > _______________________________________________ > pcp mailing list > pcp@oss.sgi.com > http://oss.sgi.com/mailman/listinfo/pcp > From nscott@redhat.com Fri Feb 22 14:13:19 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id B8AF67F37 for ; Fri, 22 Feb 2013 14:13:19 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay1.corp.sgi.com (Postfix) with ESMTP id 96F3A8F8071 for ; Fri, 22 Feb 2013 12:13:19 -0800 (PST) X-ASG-Debug-ID: 1361563998-04bdf0104b377b10001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id qYPGZ0YN4iWk5AQU for ; Fri, 22 Feb 2013 12:13:18 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1MKDItU012169; Fri, 22 Feb 2013 15:13:18 -0500 Date: Fri, 22 Feb 2013 15:13:18 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: Dave Brolley Cc: PCP Message-ID: <1670205562.8207711.1361563998261.JavaMail.root@redhat.com> In-Reply-To: <5127B6D6.80508@redhat.com> Subject: Re: Secure connections writeup - please review MIME-Version: 1.0 X-ASG-Orig-Subj: Re: Secure connections writeup - please review Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.94] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1361563998 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.01 X-Barracuda-Spam-Status: No, SCORE=0.01 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_SA_TO_FROM_DOMAIN_MATCH X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123318 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.01 BSF_SC0_SA_TO_FROM_DOMAIN_MATCH Sender Domain Matches Recipient Domain ----- Original Message ----- > ... > Only one comment: When creating the collector certificates, on the > certutil command, -s "PCP Collector" should be -s "cn=PCP Collector" > Yep, good catch - thanks! -- Nathan From brolley@redhat.com Fri Feb 22 16:14:55 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id 5BED07F50 for ; Fri, 22 Feb 2013 16:14:55 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay2.corp.sgi.com (Postfix) with ESMTP id 26E40304032 for ; Fri, 22 Feb 2013 14:14:52 -0800 (PST) X-ASG-Debug-ID: 1361571288-04bdf0104a37db00001-S8gJnT Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by cuda.sgi.com with ESMTP id HxJjuj1gK7IJCEAX for ; Fri, 22 Feb 2013 14:14:48 -0800 (PST) X-Barracuda-Envelope-From: brolley@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.28 X-ASG-Whitelist: Client Received: from int-mx01.intmail.prod.int.phx2.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r1MMElsP023527 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Fri, 22 Feb 2013 17:14:47 -0500 Received: from [10.10.51.227] (vpn-51-227.rdu2.redhat.com [10.10.51.227]) by int-mx01.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1MMElQc025826 for ; Fri, 22 Feb 2013 17:14:47 -0500 Message-ID: <5127EDD6.8040507@redhat.com> Date: Fri, 22 Feb 2013 17:14:46 -0500 From: Dave Brolley User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130110 Thunderbird/17.0.2 MIME-Version: 1.0 To: PCP Subject: Re: [pcp] QA status (was Re: Secure connections writeup - please review) References: <1407010941.8207515.1361563943932.JavaMail.root@redhat.com> X-ASG-Orig-Subj: Re: [pcp] QA status (was Re: Secure connections writeup - please review) In-Reply-To: <1407010941.8207515.1361563943932.JavaMail.root@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.67 on 10.5.11.11 X-Barracuda-Connect: mx1.redhat.com[209.132.183.28] X-Barracuda-Start-Time: 1361571288 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 On 02/22/2013 03:12 PM, Nathan Scott wrote: > Hi Dave, > > ----- Original Message ----- >> This is good news Nathan. It looks to me like most of the failures >> could >> potentially be due to the same ipv6 socket leak. I may be able to >> track >> it down before you wake up. It's Saturday for you now anyway, so no >> need >> for you to delve into it unnecessarily. >> > Thanks. I don't think its a leak, I think its just there now where > it wasn't before (an extra fd, and open port) - the extra log file > diagnostics, netstat output is showing another port, etc. Yeah, I figured that out while working on 172. > > Oh, except for 197, not sure what that is yet. Me neither. I looked into it, but got nowhere. While the fds do not appear to be leaking through the exec() call, there do seem to be more of them after pmNewContext() is called. The results are identical for NSS and non-NSS builds. I merge from you dev branch again and added my updates on top of that into brolley/nssmerge. Included in today's updates are a fix for qa/172 and code to complete the non-NSS implementation of IPv6 support in libpcp. Dave From kenj@internode.on.net Sun Feb 24 13:58:04 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id CBBBB7CBF for ; Sun, 24 Feb 2013 13:58:04 -0600 (CST) Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15]) by relay2.corp.sgi.com (Postfix) with ESMTP id BA3EA304043 for ; Sun, 24 Feb 2013 11:58:01 -0800 (PST) X-ASG-Debug-ID: 1361735879-04cb6c42783c6100001-S8gJnT Received: from ipmail06.adl2.internode.on.net (ipmail06.adl2.internode.on.net [150.101.137.129]) by cuda.sgi.com with ESMTP id gsZwyrDwJ0k41E8c for ; Sun, 24 Feb 2013 11:57:59 -0800 (PST) X-Barracuda-Envelope-From: kenj@internode.on.net X-Barracuda-Apparent-Source-IP: 150.101.137.129 Received: from ppp118-209-114-195.lns20.mel4.internode.on.net (HELO [192.168.1.100]) ([118.209.114.195]) by ipmail06.adl2.internode.on.net with ESMTP; 25 Feb 2013 06:27:31 +1030 Message-ID: <1361735834.7161.9.camel@bozo.localdomain> Subject: pcp updates - minor tweaks From: Ken McDonell X-ASG-Orig-Subj: pcp updates - minor tweaks Reply-To: kenj@internode.on.net To: pcp@oss.sgi.com Date: Mon, 25 Feb 2013 06:57:14 +1100 Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.6.2-0ubuntu0.1 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-Barracuda-Connect: ipmail06.adl2.internode.on.net[150.101.137.129] X-Barracuda-Start-Time: 1361735879 X-Barracuda-URL: http://192.48.176.15:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123505 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/kenj/pcp.git dev man/man3/pmgetconfig.3 | 16 - src/libpcp/src/check-statics | 3 src/libpcp/src/config.c | 1 src/libpcp/src/util.c | 381 ++++++++++++++++++++++++++++++++++++++++--- src/pmie/src/pragmatics.c | 324 ------------------------------------ 5 files changed, 367 insertions(+), 358 deletions(-) commit a405745974f005722fa75d51731acac37c0ee2bf Author: Ken McDonell Date: Mon Feb 25 06:50:58 2013 +1100 Refine last vpmprintf() change Replacing tempnam() with mkstemp() introduced a subtle change in the error case logic which was exposed by qa/448. This set of changes: - restores the original logic - fixes some related pmGetConfig() issues associated with the behaviour of that routine in the presence of pathological errors commit 06b0e9bc162da18ffd895a2b9c90feff484e2acb Author: Ken McDonell Date: Fri Feb 22 17:09:47 2013 +1100 Move pow() implementation from pmie to libpcp As per Nathan's suggestion, plus some cleanup. To repeat, this implementation of pow() is not expected to be compiled into libpcp on any known platform at this time, but is included "just in case". From nscott@redhat.com Sun Feb 24 16:35:33 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id 9E95E7F37 for ; Sun, 24 Feb 2013 16:35:33 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay2.corp.sgi.com (Postfix) with ESMTP id 6CBB9304032 for ; Sun, 24 Feb 2013 14:35:33 -0800 (PST) X-ASG-Debug-ID: 1361745328-04bdf010493ebf80001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id Rmt7Gos3RkttXv3Q for ; Sun, 24 Feb 2013 14:35:28 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1OMZSMo001943 for ; Sun, 24 Feb 2013 17:35:28 -0500 Date: Sun, 24 Feb 2013 17:35:28 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: pcp@oss.sgi.com Message-ID: <921831546.8459917.1361745328284.JavaMail.root@redhat.com> In-Reply-To: <1535637291.8459747.1361745187694.JavaMail.root@redhat.com> Subject: pcp-gui updates: docs MIME-Version: 1.0 X-ASG-Orig-Subj: pcp-gui updates: docs Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.143] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1361745328 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123515 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/pcp/pcp-gui.git dev man/html/lab.secure.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) commit e4e6bb5d5c0d0a7a727cce5b7ab07845356bdb2c Author: Nathan Scott Date: Mon Feb 25 09:31:00 2013 +1100 Correct the collector certificate subject, as Dave noted commit d922faa5c330e537659ae334e5c67a3933cc5517 Author: Nathan Scott Date: Thu Feb 21 13:32:27 2013 +1100 Fix typo in secure conns doc, thanks fche (for the fix, not the typo) From nscott@redhat.com Sun Feb 24 17:45:48 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id 1A9437F4C for ; Sun, 24 Feb 2013 17:45:48 -0600 (CST) Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15]) by relay2.corp.sgi.com (Postfix) with ESMTP id EF074304059 for ; Sun, 24 Feb 2013 15:45:47 -0800 (PST) X-ASG-Debug-ID: 1361749543-04cb6c42763d04d0001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id 1047YZ1WfaNFs6Fv for ; Sun, 24 Feb 2013 15:45:43 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1ONjhji021472 for ; Sun, 24 Feb 2013 18:45:43 -0500 Date: Sun, 24 Feb 2013 18:45:43 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: pcp@oss.sgi.com Message-ID: <641647940.8466257.1361749543035.JavaMail.root@redhat.com> In-Reply-To: <2049713388.8466152.1361749285552.JavaMail.root@redhat.com> Subject: pcp updates: brolley & kenj merges, misc small fixes MIME-Version: 1.0 X-ASG-Orig-Subj: pcp updates: brolley & kenj merges, misc small fixes Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Originating-IP: [10.64.50.143] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1361749543 X-Barracuda-URL: http://192.48.176.15:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123519 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- [also includes a kenj merge (not listed below due to git log oddity)] Changes committed to git://oss.sgi.com/nathans/pcp.git dev qa/172 | 5 - qa/172.out | 5 - qa/common.secure | 2=20 src/libpcp/src/auxconnect.c | 175 ++++++++++++++++++++++++++------------= ----- src/libpcp/src/nss_connect.c | 33 +------- src/libpcp/src/nss_server.c | 10 +- src/pmcd/src/pmcd.c | 4=20 7 files changed, 127 insertions(+), 107 deletions(-) commit 8eac34366dd89e98d9ea6420973de9ec149d9d90 Author: Nathan Scott Date: Mon Feb 25 10:37:33 2013 +1100 Add run-time feature test for IPv6 support commit 05ed7c22419d69a1e1228308dd4dbd3c2f780039 Author: Nathan Scott Date: Mon Feb 25 10:35:51 2013 +1100 Resolve several --without-secure-sockets IPv6 build issues =20 auxconnect.c:757: warning: pointer targets in initialization differ in = signedness (should be unsigned char, fixed) =20 auxconnect.c:764: error: =E2=80=98struct sockaddr=E2=80=99 has no membe= r named =E2=80=98family=E2=80=99 (should be sa_family, fixed) =20 auxconnect.c:778: error: =E2=80=98PR_AF_INET6=E2=80=99 undeclared (firs= t use in this function) auxconnect.c:775: error: =E2=80=98PR_AF_INET=E2=80=99 undeclared (first= use in this function) (should not use NSS/NSPR #defines here, fixed) =20 /* IPv6: is inet_pton supported on MINGW?? */ (looks like it, so optimistically removed conditional code - Win32 ANSI= API call documented here: http://msdn.microsoft.com/en-us/library/windows/= desktop/cc805844%28v=3Dvs.85%29.aspx) =20 auxconnect.c:838: error: =E2=80=98__pmSockAddr=E2=80=99 has no member n= amed =E2=80=98raw=E2=80=99 auxconnect.c:840: error: =E2=80=98__pmSockAddr=E2=80=99 has no member n= amed =E2=80=98inet=E2=80=99 auxconnect.c:842: error: =E2=80=98__pmSockAddr=E2=80=99 has no member n= amed =E2=80=98ipv6=E2=80=99 (missing reference to sockaddr union, fixed) commit a50e6da8cc9893b8e2f3eb20098d1831a7562321 Author: Nathan Scott Date: Mon Feb 25 09:44:27 2013 +1100 Correct certificate subject name specification in QA commit cf33895aad476ae1a1086f9f8c38a267fc899e4e Author: Dave Brolley Date: Fri Feb 22 17:10:27 2013 -0500 A minor code simplification in pmcd.c commit 2f07b81244ede2e8e69838e1a9fd87845010354f Author: Dave Brolley Date: Fri Feb 22 17:09:49 2013 -0500 Complete initial implementation of IPv6 in libpcp for non-NSS builds. commit 12f92800bc116be99b83c89e8c680cca71a2491a Author: Dave Brolley Date: Fri Feb 22 15:02:11 2013 -0500 Adjust the expected output of qa/172 to expect open IPv6 ports. From nscott@redhat.com Sun Feb 24 18:22:56 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id 286EA7F54 for ; Sun, 24 Feb 2013 18:22:56 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay2.corp.sgi.com (Postfix) with ESMTP id 08A4D304048 for ; Sun, 24 Feb 2013 16:22:52 -0800 (PST) X-ASG-Debug-ID: 1361751771-04cbb06b663d2950001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id kdDsUzLgFOFps8t6 for ; Sun, 24 Feb 2013 16:22:51 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1P0Mkcp026792; Sun, 24 Feb 2013 19:22:46 -0500 Date: Sun, 24 Feb 2013 19:22:46 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: Dave Brolley , Ken McDonell , "Frank Ch. Eigler" Cc: PCP Message-ID: <603161407.8469846.1361751766628.JavaMail.root@redhat.com> In-Reply-To: <5127EDD6.8040507@redhat.com> Subject: Port registration (was Re: [pcp] QA status) MIME-Version: 1.0 X-ASG-Orig-Subj: Port registration (was Re: [pcp] QA status) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.143] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1361751771 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.01 X-Barracuda-Spam-Status: No, SCORE=0.01 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_SA_TO_FROM_DOMAIN_MATCH X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123523 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.01 BSF_SC0_SA_TO_FROM_DOMAIN_MATCH Sender Domain Matches Recipient Domain Hi Dave, ----- Original Message ----- > ... > I merge from you dev branch again and added my updates on top of that > into brolley/nssmerge. Included in today's updates are a fix for > qa/172 > and code to complete the non-NSS implementation of IPv6 support in > libpcp. Cool, I've merged that into my dev branch and made additional changes. If you need to make tests/output conditional on ipv6 support, you can use the pmcd.feature.ipv6 metric now (pminfo -f / pmprobe -v). I realised we will soon be adding some additional ports, which we should register. I'm not really sure whats involved, but Kens done this before I believe. Probably a good idea if you guys form a posse and request all of the ones we know we need in the short term in one hit (ipv6 in pmcd, pmproxy?, pmwebapi daemon? x2-for-ipv6?). http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml cheers. -- Nathan From fche@redhat.com Sun Feb 24 19:48:08 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay1.corp.sgi.com [137.38.102.111]) by oss.sgi.com (Postfix) with ESMTP id 9A9327F83 for ; Sun, 24 Feb 2013 19:48:08 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay1.corp.sgi.com (Postfix) with ESMTP id 6B4EC8F8033 for ; Sun, 24 Feb 2013 17:48:05 -0800 (PST) X-ASG-Debug-ID: 1361756881-04bdf010493f4920001-S8gJnT Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by cuda.sgi.com with ESMTP id t4yEPpVE8jCdYtxU for ; Sun, 24 Feb 2013 17:48:01 -0800 (PST) X-Barracuda-Envelope-From: fche@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.28 X-ASG-Whitelist: Client Received: from int-mx12.intmail.prod.int.phx2.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.25]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r1P1lwG7001552 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Sun, 24 Feb 2013 20:47:58 -0500 Received: from fche.csb (vpn-63-235.rdu2.redhat.com [10.10.63.235]) by int-mx12.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id r1P1lvxB024996; Sun, 24 Feb 2013 20:47:57 -0500 Received: by fche.csb (Postfix, from userid 2569) id 2B08B58CD5; Sun, 24 Feb 2013 20:47:57 -0500 (EST) Date: Sun, 24 Feb 2013 20:47:56 -0500 From: "Frank Ch. Eigler" To: Nathan Scott Cc: Dave Brolley , Ken McDonell , PCP Subject: Re: Port registration (was Re: [pcp] QA status) Message-ID: <20130225014756.GG32162@redhat.com> X-ASG-Orig-Subj: Re: Port registration (was Re: [pcp] QA status) References: <5127EDD6.8040507@redhat.com> <603161407.8469846.1361751766628.JavaMail.root@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <603161407.8469846.1361751766628.JavaMail.root@redhat.com> User-Agent: Mutt/1.4.2.2i X-Scanned-By: MIMEDefang 2.68 on 10.5.11.25 X-Barracuda-Connect: mx1.redhat.com[209.132.183.28] X-Barracuda-Start-Time: 1361756881 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 Hi - On Sun, Feb 24, 2013 at 07:22:46PM -0500, Nathan Scott wrote: > [...] Probably a good idea if you guys form a posse and request all > of the ones we know we need in the short term in one hit (ipv6 in pmcd, > pmproxy?, pmwebapi daemon? x2-for-ipv6?). One should not require a separate port# for ipv6; don't confuse separate kernel-level socket FDs with separate tcp port #s. - FChE From nscott@redhat.com Sun Feb 24 20:23:42 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id 543407F77 for ; Sun, 24 Feb 2013 20:23:42 -0600 (CST) Received: from cuda.sgi.com (cuda2.sgi.com [192.48.176.25]) by relay3.corp.sgi.com (Postfix) with ESMTP id D75E0AC003 for ; Sun, 24 Feb 2013 18:23:38 -0800 (PST) X-ASG-Debug-ID: 1361759014-04cbb06b653d7a80001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id 35fjlanpWXRvPmju for ; Sun, 24 Feb 2013 18:23:34 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1P2NXeI013390; Sun, 24 Feb 2013 21:23:33 -0500 Date: Sun, 24 Feb 2013 21:23:33 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: "Frank Ch. Eigler" , Dave Brolley Cc: PCP Message-ID: <668363097.8491550.1361759013836.JavaMail.root@redhat.com> In-Reply-To: <20130225014756.GG32162@redhat.com> Subject: Re: Port registration (was Re: [pcp] QA status) MIME-Version: 1.0 X-ASG-Orig-Subj: Re: Port registration (was Re: [pcp] QA status) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.143] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1361759014 X-Barracuda-URL: http://192.48.176.25:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.01 X-Barracuda-Spam-Status: No, SCORE=0.01 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_SA_TO_FROM_DOMAIN_MATCH X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123530 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.01 BSF_SC0_SA_TO_FROM_DOMAIN_MATCH Sender Domain Matches Recipient Domain ----- Original Message ----- > Hi - > > On Sun, Feb 24, 2013 at 07:22:46PM -0500, Nathan Scott wrote: > > [...] Probably a good idea if you guys form a posse and request > > all > > of the ones we know we need in the short term in one hit (ipv6 in > > pmcd, > > pmproxy?, pmwebapi daemon? x2-for-ipv6?). > > One should not require a separate port# for ipv6; don't confuse > separate kernel-level socket FDs with separate tcp port #s. > Hmm, I may have been led astray by this code in pmcd: fputs("pmcd request port(s):\n" " sts fd port IP addr\n" " === ==== ===== ==========\n", stderr); for (i = 0; i < nReqPorts; i++) { ReqPortInfo *rp = &reqPorts[i]; for (j = FIRST_FD; j <= LAST_FD; ++j) { fprintf(stderr, " %s %4d %5d %s\n", (rp->fds[j] != -1) ? "ok " : "err", rp->fds[j], rp->port - 1 + j/* IPv6 TESTING */, rp->ipSpec ? rp->ipSpec : "(any address)"); } } fflush(stderr); Which is reporting port 44320 open as well as 44321 in several QA test failures... we should probably undo that now Dave? (perhaps a "family" column needs to be added to that table at this point? Might be worth renaming "IP addr" to "Address" now as well, since we need to deal with QA fallout from the other formatting changes in there already - wider fd column & address reporting changes). cheers. -- Nathan From nscott@redhat.com Sun Feb 24 23:17:36 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id BDC147F7D for ; Sun, 24 Feb 2013 23:17:36 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay3.corp.sgi.com (Postfix) with ESMTP id 6DFF6AC001 for ; Sun, 24 Feb 2013 21:17:33 -0800 (PST) X-ASG-Debug-ID: 1361769452-04bdf0104b3fdfb0001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id WSXCGFHHhhTUlU2m for ; Sun, 24 Feb 2013 21:17:32 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1P5HVXo028647 for ; Mon, 25 Feb 2013 00:17:31 -0500 Date: Mon, 25 Feb 2013 00:17:31 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: PCP Message-ID: <1597226711.8522469.1361769451890.JavaMail.root@redhat.com> In-Reply-To: <467859576.8521363.1361769203717.JavaMail.root@redhat.com> Subject: pcp updates: qa MIME-Version: 1.0 X-ASG-Orig-Subj: pcp updates: qa Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.143] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1361769452 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123540 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/nathans/pcp.git dev qa/src/chkacc1.c | 16 ++++++++++++++-- qa/src/chkacc2.c | 12 ++++++++++++ qa/src/chkacc3.c | 20 ++++++++++++++++++++ qa/src/multithread2.c | 12 ++++++++++++ 4 files changed, 58 insertions(+), 2 deletions(-) commit c643772bd832f99a3f894d163c4aa37bafa7f6c1 Author: Nathan Scott Date: Mon Feb 25 16:09:16 2013 +1100 Ensure QA tests still compile with earlier impl.h variants From nscott@redhat.com Mon Feb 25 02:23:00 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id 349CA7F80 for ; Mon, 25 Feb 2013 02:23:00 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay3.corp.sgi.com (Postfix) with ESMTP id ACB50AC005 for ; Mon, 25 Feb 2013 00:22:56 -0800 (PST) X-ASG-Debug-ID: 1361780575-04bdf0104b405e60001-S8gJnT Received: from mx3-phx2.redhat.com (mx3-phx2.redhat.com [209.132.183.24]) by cuda.sgi.com with ESMTP id 5jUr1CJtpEYQsoY4 for ; Mon, 25 Feb 2013 00:22:55 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.24 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx3-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1P8MtcN000705; Mon, 25 Feb 2013 03:22:55 -0500 Date: Mon, 25 Feb 2013 03:22:55 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: Dave Brolley Cc: PCP Message-ID: <1382698873.8575799.1361780575090.JavaMail.root@redhat.com> In-Reply-To: <5127EDD6.8040507@redhat.com> Subject: Re: [pcp] QA status (was Re: Secure connections writeup - please review) MIME-Version: 1.0 X-ASG-Orig-Subj: Re: [pcp] QA status (was Re: Secure connections writeup - please review) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.143] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx3-phx2.redhat.com[209.132.183.24] X-Barracuda-Start-Time: 1361780575 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.01 X-Barracuda-Spam-Status: No, SCORE=0.01 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests=BSF_SC0_SA_TO_FROM_DOMAIN_MATCH X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123554 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.01 BSF_SC0_SA_TO_FROM_DOMAIN_MATCH Sender Domain Matches Recipient Domain Hi Dave, ----- Original Message ----- > > On 02/22/2013 03:12 PM, Nathan Scott wrote: > > Thanks. I don't think its a leak, I think its just there now where > > it wasn't before (an extra fd, and open port) - the extra log file > > diagnostics, netstat output is showing another port, etc. > Yeah, I figured that out while working on 172. > > > > Oh, except for 197, not sure what that is yet. > Me neither. I looked into it, but got nowhere. While the fds do not > appear to be leaking through the exec() call, there do seem to be > more of them after pmNewContext() is called. The results are identical for > NSS and non-NSS builds. > Hmm, I'm not sure about that last statement - AFAICT, the problem is as a result of the NSS_InitReadWrite that opens the NSS sqlite DB, seems to open several new file descriptors ... this looks like a failure I have unwittingly introduced, will fix shortly. thanks! -- Nathan From brolley@redhat.com Mon Feb 25 08:45:22 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id 87DB67F82 for ; Mon, 25 Feb 2013 08:45:22 -0600 (CST) Received: from cuda.sgi.com (cuda3.sgi.com [192.48.176.15]) by relay2.corp.sgi.com (Postfix) with ESMTP id 693D6304032 for ; Mon, 25 Feb 2013 06:45:19 -0800 (PST) X-ASG-Debug-ID: 1361803515-04cb6c42763faa80001-S8gJnT Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by cuda.sgi.com with ESMTP id XjuXIaq7rY593nds for ; Mon, 25 Feb 2013 06:45:15 -0800 (PST) X-Barracuda-Envelope-From: brolley@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.28 X-ASG-Whitelist: Client Received: from int-mx01.intmail.prod.int.phx2.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id r1PEjFJW005367 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Mon, 25 Feb 2013 09:45:15 -0500 Received: from [10.10.49.202] (vpn-49-202.rdu2.redhat.com [10.10.49.202]) by int-mx01.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r1PEjERK001241 for ; Mon, 25 Feb 2013 09:45:14 -0500 Message-ID: <512B78FA.6030406@redhat.com> Date: Mon, 25 Feb 2013 09:45:14 -0500 From: Dave Brolley User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130110 Thunderbird/17.0.2 MIME-Version: 1.0 To: PCP Subject: Re: Port registration (was Re: [pcp] QA status) References: <668363097.8491550.1361759013836.JavaMail.root@redhat.com> X-ASG-Orig-Subj: Re: Port registration (was Re: [pcp] QA status) In-Reply-To: <668363097.8491550.1361759013836.JavaMail.root@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.67 on 10.5.11.11 X-Barracuda-Connect: mx1.redhat.com[209.132.183.28] X-Barracuda-Start-Time: 1361803515 X-Barracuda-URL: http://192.48.176.15:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 On 02/24/2013 09:23 PM, Nathan Scott wrote: > > ----- Original Message ----- >> Hi - >> >> On Sun, Feb 24, 2013 at 07:22:46PM -0500, Nathan Scott wrote: >>> [...] Probably a good idea if you guys form a posse and request >>> all >>> of the ones we know we need in the short term in one hit (ipv6 in >>> pmcd, >>> pmproxy?, pmwebapi daemon? x2-for-ipv6?). >> One should not require a separate port# for ipv6; don't confuse >> separate kernel-level socket FDs with separate tcp port #s. >> > Hmm, I may have been led astray by this code in pmcd: > > fputs("pmcd request port(s):\n" > " sts fd port IP addr\n" > " === ==== ===== ==========\n", stderr); > for (i = 0; i < nReqPorts; i++) { > ReqPortInfo *rp = &reqPorts[i]; > for (j = FIRST_FD; j <= LAST_FD; ++j) { > fprintf(stderr, " %s %4d %5d %s\n", > (rp->fds[j] != -1) ? "ok " : "err", > rp->fds[j], rp->port - 1 + j/* IPv6 TESTING */, > rp->ipSpec ? rp->ipSpec : "(any address)"); > } > } > fflush(stderr); > > Which is reporting port 44320 open as well as 44321 in several QA > test failures... we should probably undo that now Dave? (perhaps > a "family" column needs to be added to that table at this point? > Might be worth renaming "IP addr" to "Address" now as well, since > we need to deal with QA fallout from the other formatting changes > in there already - wider fd column & address reporting changes). > Yikes --- that's a remnant from a debugging session. A Frank has said, it should not be necessary to use a separatye port for the IPv6 socket. I'll remove it and retest to make sure it doesn't cause any problems. Dave From kenj@internode.on.net Mon Feb 25 15:50:08 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay2.corp.sgi.com [137.38.102.29]) by oss.sgi.com (Postfix) with ESMTP id B56BD7F60 for ; Mon, 25 Feb 2013 15:50:08 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay2.corp.sgi.com (Postfix) with ESMTP id 95CB5304032 for ; Mon, 25 Feb 2013 13:50:05 -0800 (PST) X-ASG-Debug-ID: 1361829000-04bdf0104b435430001-S8gJnT Received: from ipmail05.adl6.internode.on.net (ipmail05.adl6.internode.on.net [150.101.137.143]) by cuda.sgi.com with ESMTP id KKqGPciYWmOMhrST for ; Mon, 25 Feb 2013 13:50:00 -0800 (PST) X-Barracuda-Envelope-From: kenj@internode.on.net X-Barracuda-Apparent-Source-IP: 150.101.137.143 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: ApMBAETbK1F20XLD/2dsb2JhbAANOIZPvCaDPIEFBgImAnK0cHGCQJACgSOMGIFwgheBEwOWPZQAgVU Received: from ppp118-209-114-195.lns20.mel4.internode.on.net (HELO [192.168.1.100]) ([118.209.114.195]) by ipmail05.adl6.internode.on.net with ESMTP; 26 Feb 2013 08:19:59 +1030 Message-ID: <1361828999.3341.2.camel@bozo.localdomain> Subject: pcp updates ... try again for vpmprintf() From: Ken McDonell X-ASG-Orig-Subj: pcp updates ... try again for vpmprintf() Reply-To: kenj@internode.on.net To: pcp@oss.sgi.com Date: Tue, 26 Feb 2013 08:49:59 +1100 Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.6.2-0ubuntu0.1 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-Barracuda-Connect: ipmail05.adl6.internode.on.net[150.101.137.143] X-Barracuda-Start-Time: 1361829000 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123599 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/kenj/pcp.git dev src/libpcp/src/util.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) commit e918272f2c65dcb75dabd31b439f1afe23bf8368 Author: Ken McDonell Date: Tue Feb 26 08:46:48 2013 +1100 One more vpmprintf() tweak Refine the error handling logic one more time to regain the original behaviour from before the mkstemp() change. With this change, passes QA: 110, 199, 325, 448, 560 and 572. From nscott@redhat.com Thu Feb 28 18:40:32 2013 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on oss.sgi.com X-Spam-Level: X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham version=3.3.1 X-Original-To: pcp@oss.sgi.com Delivered-To: pcp@oss.sgi.com Received: from relay.sgi.com (relay3.corp.sgi.com [198.149.34.15]) by oss.sgi.com (Postfix) with ESMTP id A4B0B7F9A for ; Thu, 28 Feb 2013 18:40:32 -0600 (CST) Received: from cuda.sgi.com (cuda1.sgi.com [192.48.157.11]) by relay3.corp.sgi.com (Postfix) with ESMTP id 2114CAC002 for ; Thu, 28 Feb 2013 16:40:28 -0800 (PST) X-ASG-Debug-ID: 1362098427-04bdf0229505b80001-S8gJnT Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) by cuda.sgi.com with ESMTP id aOgfGneXLxMoYqCQ for ; Thu, 28 Feb 2013 16:40:27 -0800 (PST) X-Barracuda-Envelope-From: nscott@redhat.com X-Barracuda-Apparent-Source-IP: 209.132.183.25 Received: from zmail20.collab.prod.int.phx2.redhat.com (zmail20.collab.prod.int.phx2.redhat.com [10.5.83.23]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id r210eR7j005202 for ; Thu, 28 Feb 2013 19:40:27 -0500 Date: Thu, 28 Feb 2013 19:40:27 -0500 (EST) From: Nathan Scott Reply-To: Nathan Scott To: pcp@oss.sgi.com Message-ID: <521411680.12447855.1362098427306.JavaMail.root@redhat.com> In-Reply-To: <2049854652.12445376.1362097573602.JavaMail.root@redhat.com> Subject: pcp updates: kenj+brolley merges, ipv6 work MIME-Version: 1.0 X-ASG-Orig-Subj: pcp updates: kenj+brolley merges, ipv6 work Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [10.64.50.225] X-Mailer: Zimbra 7.2.0_GA_2669 (ZimbraWebClient - FF3.0 (Linux)/7.2.0_GA_2669) X-Barracuda-Connect: mx4-phx2.redhat.com[209.132.183.25] X-Barracuda-Start-Time: 1362098427 X-Barracuda-URL: http://192.48.157.11:80/cgi-mod/mark.cgi X-Virus-Scanned: by bsmtpd at sgi.com X-Barracuda-BRTS-Status: 1 X-Barracuda-Spam-Score: 0.00 X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=1000.0 KILL_LEVEL=2.7 tests= X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.123895 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- Changes committed to git://oss.sgi.com/nathans/pcp.git dev src/include/pcp/impl.h | 16 + src/libpcp/src/GNUmakefile | 6 src/libpcp/src/access.c | 20 + src/libpcp/src/auxconnect.c | 224 ++++++++++++--------- src/libpcp/src/auxserver.c | 362 +++++++++++++++++++++++++++++++++++ src/libpcp/src/check-statics | 4 src/libpcp/src/config.c | 3 src/libpcp/src/logconnect.c | 93 +++++---- src/libpcp/src/nss_connect.c | 31 ++- src/libpcp/src/nss_server.c | 2 src/libpcp/src/util.c | 4 src/perl/PMDA/local.c | 115 ++++++++--- src/pmcd/src/config.c | 116 ++++++----- src/pmcd/src/pmcd.c | 439 ++++++++----------------------------------- src/pmcd/src/pmcd.h | 17 + src/pmdas/pmcd/src/pmcd.c | 3 src/pmproxy/client.c | 10 src/pmproxy/pmproxy.c | 272 +++++--------------------- src/pmproxy/pmproxy.h | 16 - 19 files changed, 927 insertions(+), 826 deletions(-) commit bf4a26a555733ff3c1db07aa3a5cf0f6cec22261 Author: Nathan Scott Date: Fri Mar 1 11:03:05 2013 +1100 Refactor common server process (pmcd/pmproxy) request port code Share the code between pmcd and pmproxy that sets up ports, and responds to new client requests on those ports. This code was 99% the same originally, but diverged with the introduction of IPv6 support in pmcd. Refactoring this into shared code should make pmproxy automagically support IPv6 too, thanks to Dave's earlier efforts with pmcd. Several other trivial code cleanups in here - moving function prototypes into headers (pmcd.h), abstracted the pmcd/pmproxy AddClient handling a little making it more readable and neat, and able to be shared, make one unnecessarily global static pmcd variable static in the only function using it. Added a pmconfig -L check for IPv6 support in libpcp now too, for use by QA tests (next). Since the pmcd.log format (port section) had changed in preparation for IPv6, QA tests need to be made conditional anyway. So, have added address family into those logs too. commit b9f6bce414e67a0edd971d03603ef8ccc835b08b Author: Dave Brolley Date: Thu Feb 28 17:52:37 2013 -0500 Clients now iterate properly over host addresses. Was broken in a previous commit. Client's were going past the end of the address chain. Known to fix qa tests 068 139 151 182 200 273 in NSS-enabled builds. Likely fixes others as well. commit 6b0fa053b3ad75e41cd5bd53062f62b1fc9ea4bc Author: Dave Brolley Date: Wed Feb 27 16:39:16 2013 -0500 More instances of clients iterating over addresses returned by __pmGetAddrInfo until one succeeds. commit 68376691323775255ac1a92f2d76e1b7f571c2da Author: Dave Brolley Date: Wed Feb 27 16:34:12 2013 -0500 Native Ipv6 code touch ups. Handle IPv6 addresses in __pmBind, __pmConnect, __pmGetNameInfo, __pmStringToSockAddr and __pmSockAddrToString. When connecting to PMCD, iterate over addresses returned by __pmGetAddrInfo until one succeeds. commit 793ddecd594332019c053f4e9c07485f98affa61 Author: Dave Brolley Date: Wed Feb 27 16:33:15 2013 -0500 Make sure that the __pmHostEnt host name is not NULL before using it. commit 8cd14adbef1705ebdb1c8ab51568180884ca389f Author: Dave Brolley Date: Wed Feb 27 16:30:13 2013 -0500 Ensure that __pmSockAddr families match before calling __pmSockAddrMask. commit 3b8629f14e82005a1eea4f55444e943981876c44 Author: Dave Brolley Date: Mon Feb 25 11:37:05 2013 -0500 Remove some old debugging code from pmcd.c. commit bc019d501b60475eb761a588dadd06c5f7ffa0c5 Merge: 7093a0c e918272 Author: Nathan Scott Date: Thu Feb 28 11:17:52 2013 +1100 Merge branch 'dev' of git://oss.sgi.com/kenj/pcp into dev commit e918272f2c65dcb75dabd31b439f1afe23bf8368 Author: Ken McDonell Date: Tue Feb 26 08:46:48 2013 +1100 One more vpmprintf() tweak Refine the error handling logic one more time to regain the original behaviour from before the mkstemp() change. With this change, passes QA: 110, 199, 325, 448, 560 and 572.