You may not like this, and feel free to hack/reimplement another way, but at
least with this change I can avoid the regression introduced by secure sockets,
and clients not using secure sockets are able to work again on platforms that
apparently do not support the sql: method for the certificate and keys
database, like Centos 5.9.
Changes committed to git://oss.sgi.com/kenj/pcp.git dev
man/man1/pcpintro.1 | 9 +++++++++
qa/713 | 2 +-
qa/common.secure | 9 +++++----
src/libpcp/src/nss_connect.c | 16 ++++++++++------
src/libpcp/src/nss_server.c | 12 ++++++++----
5 files changed, 33 insertions(+), 15 deletions(-)
commit ef41da6eaede837775f96a41082fe457b222a313
Author: Ken McDonell <kenj@xxxxxxxxxxxxxxxx>
Date: Tue Apr 23 16:30:45 2013 +1000
Introduce $PCP_SECURE_DB_METHOD environment var
This is an attempt to overcome the problems associated with
hardcoding the sql: method into the certificate and key database
management, which fails badly on older platforms, e.g. CentOS 5.9
(and probably other, non-Linux platforms) where the sql: method
is not supported and using export PCP_SECURE_DB_METHOD='' seems
to restore old functionality for the non-secure socket users.
Note that $NSS_DEFAULT_DB_TYPE is not an option as this apparently
intended for compatibility support in the other direction,
as "sql" appears to be the only well-defined value for this
environment variable to enable the "new" method.
|