Hi Martins,
----- Original Message -----
> Nathan,
>
> OK, This all makes sense. Thanks for the pointer to this code.
Great, no problem.
> [...]
> think the pmServerFeature stuff will help here if I understand it correctly.
Yep & will definitely help with getting a pmcd.feature.* metric in place
too, as that PMDA code uses those libpcp pmServerFeature interfaces too.
> At the client end, regardless of whether or not pmproxy is in the mix,
> if a CERT_REQD is received and the client was not invoked with
> "PCP_SECURE_SOCKETS=enforce" should that be an error? Or should we try
> to upgrade the connection?
I think an error would be OK, but I guess go with whichever behaviour makes
the most sense for your real-world use-case.
> Of course. I've got most of this in a rough form, since I've been going
> through it over and over again in testing.
Heh, good stuff.
> > [...] /var/lib/pcp/config/nssdb would suit? Not sure.
>
> Yeah, that probably makes sense. This could be used by any server side
> process that runs as the pcp user. So pmcd and pmproxy for sure.
>
> Thanks for the notes.
No worries. I punted that this will be ready for next release, so added a
card in for 3.11.3 - feel free to move it somewhere else more appropriate,
if that sounds too soon. ( http://pcp.io/roadmap )
cheers.
--
Nathan
|