Change munge authentication message #1230
Conversation
tom95858
force-pushed
the
munge-fix
branch
2 times, most recently
from
216ae59
to
5348e27
Compare
|
@tom95858 I have a couple patches on top of this in repo git@github.com:narategithub/ovis branch '1230-fix' that addressed the 4.3.3 compatibility test issue experienced in this pull request. |
|
Thanks Narate!!
…On Fri, Jul 14, 2023 at 9:42 AM Narate Taerat ***@***.***> wrote:
@tom95858 <https://github.com/tom95858> I have a couple patches on top of
this in repo ***@***.***:narategithub/ovis branch '1230-fix' that
addressed the 4.3.3 compatibility test issue experienced in this pull
request.
—
Reply to this email directly, view it on GitHub
<#1230 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABVTPXDHTVM65DQXOUE5PT3XQFSFBANCNFSM6AAAAAA2JK72ZA>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
--
Thomas Tucker, President, Open Grid Computing, Inc.
|
|
Hi Narate,
What do I need to do to incorporate your change? The -A compat=1 option
needs to be added to talk to the older daemons from the newer ones using
munge. It looks like the test being run does not include your change. Do I
need to accept it?
Thanks,
Tom
…On Fri, Jul 14, 2023 at 9:53 AM Thomas Tucker ***@***.***> wrote:
Thanks Narate!!
On Fri, Jul 14, 2023 at 9:42 AM Narate Taerat ***@***.***>
wrote:
> @tom95858 <https://github.com/tom95858> I have a couple patches on top
> of this in repo ***@***.***:narategithub/ovis branch '1230-fix' that
> addressed the 4.3.3 compatibility test issue experienced in this pull
> request.
>
> —
> Reply to this email directly, view it on GitHub
> <#1230 (comment)>, or
> unsubscribe
> <https://github.com/notifications/unsubscribe-auth/ABVTPXDHTVM65DQXOUE5PT3XQFSFBANCNFSM6AAAAAA2JK72ZA>
> .
> You are receiving this because you were mentioned.Message ID:
> ***@***.***>
>
--
Thomas Tucker, President, Open Grid Computing, Inc.
--
Thomas Tucker, President, Open Grid Computing, Inc.
|
|
I guess you just included the github test changes in the other change and
it works? I tried the same thing.
ldms_ls-4 to ldmsd-4 with -A compat=1 should _not_ require the compat=1
flag on the ldms_ls command line. Maybe you fixed this before I made that
change.
I'll try it now, but thanks for looking at this!
Tom
…On Fri, Jul 14, 2023 at 10:55 AM Thomas Tucker ***@***.***> wrote:
Hi Narate,
What do I need to do to incorporate your change? The -A compat=1 option
needs to be added to talk to the older daemons from the newer ones using
munge. It looks like the test being run does not include your change. Do I
need to accept it?
Thanks,
Tom
On Fri, Jul 14, 2023 at 9:53 AM Thomas Tucker ***@***.***> wrote:
> Thanks Narate!!
>
> On Fri, Jul 14, 2023 at 9:42 AM Narate Taerat ***@***.***>
> wrote:
>
>> @tom95858 <https://github.com/tom95858> I have a couple patches on top
>> of this in repo ***@***.***:narategithub/ovis branch '1230-fix' that
>> addressed the 4.3.3 compatibility test issue experienced in this pull
>> request.
>>
>> —
>> Reply to this email directly, view it on GitHub
>> <#1230 (comment)>,
>> or unsubscribe
>> <https://github.com/notifications/unsubscribe-auth/ABVTPXDHTVM65DQXOUE5PT3XQFSFBANCNFSM6AAAAAA2JK72ZA>
>> .
>> You are receiving this because you were mentioned.Message ID:
>> ***@***.***>
>>
>
>
> --
> Thomas Tucker, President, Open Grid Computing, Inc.
>
--
Thomas Tucker, President, Open Grid Computing, Inc.
--
Thomas Tucker, President, Open Grid Computing, Inc.
|
|
For ldmsd-4 passive side, if I did not specify 'compat=1', ldmsd-4 rejected Thanks, |
|
@narategithub that is correct, the original code would not support the old message unless compat=1 was specified, but then it occurred to me that this would disallow v4.3.3 apps to talk to later versions unless the later daemon specified the compat option ... which would require different ports: one for old clients, one for new. The way it is intended now is that the newer plugin will accept either the old message or the new message. But right now, it is still failing... |
|
Let me be more specific. The passive side will accept either the old or the new message format. The compat= option only applies to the active side. |
The munge authentication message consists of the local and remote addresses of the transport between the two peers. This message presumes that both peers see the same addresses (albeit swapped). This assumption is false in many routed and NAT'd environments. This change replaces the error with an informational message so that administrators will be aware of this difference and can make a determination whether or not this difference is expected.
Change munge error message to info
The munge authentication message consists of the
local and remote addresses of the transport between
the two peers. This message presumes that both peers see
the same addresses (albeit swapped). This assumption is
false in many routed and NAT'd environments.
This change replaces the error with an informational message
so that administrators will be aware of this difference
and can make a determination whether or not this difference
is expected.