Table of Contents | ||||
---|---|---|---|---|
|
...
How Client Authenticate to Server (TCP)
How Server Authenticate client (TCP)
How TPP Leaf/Router authenticate to Router
How Secure data flows in TCP connection (between Client and Server)
How Secure data flows in TPP connection (between TPP Leaf/Router and Router)
Changes in PR:
- Removed tcparray, pbs_client_thread_lock_tcp() and pbs_client_thread_unlock_tcp()
- fd number == index in connection table
- Removed unused ch_stream from connection struct, and removed ch_inuse and ch_socket from the same struct as those are no longer needed
- Removed pbs_connection_getsocket(), socket_to_handle() since not need due to fd == index
- Moved in TCP chan to the connection structure
- New value to PBS_AUTH_METHOD, "resvport", to indicate resv port auth and a default value
- Removed pbs_auth_method enum, as no longer needed
- Removed PBSPRO_IGNORE_KERBEROS, not needed anymore, all its use case can be fulfilled by PBS_AUTH_METHOD=resvport
- changed pbs_conf.auth_method to char array from flag, to store auth method name, needed by load_auth_lib()
- changed tpp_config.auth_method to char array from flag, to store auth method name, needed by post_connect and pkt_handler()
- Added pbs_conf.is_auth_resvport, to indicate whether current auth is resv-port or not? just to save few strcmp()
- Removed unused cnt2mom()
- Removed PBS_NET_CONN_GSSAPIAUTH and B_EXTERNAL, no longer needed
- Removed get_ext_auth_data and validate_ext_auth_data from tpp_config struct and args to set_tpp_config(), no longer needed
- Removed DIS functions pointers and merged all DIS routines for different transports (see dis_helpers.c)
- Changes TPP transport handlers to support generic authentication, encrypt data and decrypt data for any kind of auth method
- Merged PBS_BATCH_AuthenResvPort and PBS_BATCH_AuthExternal batch request types into one generic batch request type called PBS_BATCH_Authenticate
- Merged rq_authen_resvport and rq_authen_external structs into one generic struct called rq_auth in batch_request.h
- Removed engage_external_authentication() as no longer needed, as all of its functionality is covered by the use of LibAuth API at different places in code
- Removed SC_DAEMON macro and its use to mark the connection as privilege connection in req_connect(), as no one is using SC_DAEMON, it was introduced in earlier Multi-Sched design but the new design of Multi-Sched doesn't need it.
- Removed Libifl/tcp_dis_gss.c, Libifl/tcp_dis_win.c and Libtpp/tpp_dis.c as all of its functionality is covered by tcp_dis.c and refactored DIS method in dis_helpers.c
...
Project Documentation Main Page
...