Changes committed to git://oss.sgi.com/nathans/pcp.git dev
man/man1/pmproxy.1 | 26
qa/713 | 151 +++++
qa/713.out | 22
src/include/pcp/impl.h | 19
src/libpcp/src/GNUmakefile | 32 -
src/libpcp/src/auxconnect.c | 1193 ++-----------------------------------------
src/libpcp/src/check-statics | 9
src/libpcp/src/internal.h | 43 +
src/libpcp/src/nss_connect.c | 1142 +++++++++++++++++++++++++++++++++++++++--
src/libpcp/src/nss_server.c | 390 +++++++++++++-
src/libpcp/src/oldpmapi.h | 44 -
src/libpcp/src/p_error.c | 19
src/pmcd/src/GNUmakefile | 12
src/pmcd/src/dopdus.c | 3
src/pmcd/src/pmcd.c | 9
src/pmcd/src/secure.c | 343 ------------
src/pmcd/src/secure.h | 34 -
src/pmdas/pmcd/help | 10
src/pmdas/pmcd/root_pmcd | 7
src/pmdas/pmcd/src/pmcd.c | 20
src/pmproxy/pmproxy.c | 204 ++++---
src/pmproxy/pmproxy.h | 5
22 files changed, 2046 insertions(+), 1691 deletions(-)
commit 50f065bb17f1774346a854ca04e77f52bcee28c8
Author: Nathan Scott <nathans@xxxxxxxxxx>
Date: Tue Feb 12 21:37:46 2013 +1100
Switch from PCP-specific NSS databases
Came across numerous pointers in various online documentation (and
bug systems, mail chatter, etc) that the way we should approach the
application-shared NSS DB is present in NSS already, and involves
using /etc/pki/nssdb and $HOME/.pki/nssdb. This commit switches us
over from the early PCP-specific NSS database locations to now use
these NSS-upstream-prefered variants. We also by default enforce
the use of sqlite form databases (also, for application sharing).
commit 9b198a22e7fde69d3223d884cdff1443540fbd91
Author: Nathan Scott <nathans@xxxxxxxxxx>
Date: Tue Feb 12 13:20:52 2013 +1100
Make non-secure-sockets builds pass once more
commit 0ecacb9764327f4f63948201f610e5cfe3aa5709
Author: Nathan Scott <nathans@xxxxxxxxxx>
Date: Tue Feb 12 11:22:47 2013 +1100
Add pmcd.feature metrics to query state of several new pmcd options
Makes debugging a setup alot easier, particularly for SSL connections.
commit 9136c6697e2dda3161004c6af6f6d3b323bc91fe
Author: Nathan Scott <nathans@xxxxxxxxxx>
Date: Tue Feb 12 11:04:09 2013 +1100
Support TLS/SSL client connections via pmproxy as well
Refactor previously-pmcd-specific secure connection code in such
a way that it can be shared with the pmproxy daemon when needed.
This primarily involved moving this into libpcp. As the earlier
model of adding everything-NSS to auxconnect.c started to wear
thin, have split these files into auxconnect (native networking)
nss_connect (nss networking) and nss_server (secure NSS serving)
files. This required moving some internal networking structures
into libpcp/src/internal.h for sharing.
The pmproxy changes involve decoding the initial credentials PDU
that a client sends to pmcd, to determine if a secure connection
is being requested. If so, pmproxy establishes an SSL socket to
both the client and pmcd, and all communication continues as per
normal with pmproxy in the middle. No PDUs are permitted before
seeing that first client credentials PDU.
|