1. 12 Sep, 2012 5 commits
    • Mike Hibler's avatar
      Add SSL-only "arpinfo" command to return MAC/IP for servers and "peer" nodes. · fb1f8f9a
      Mike Hibler authored
      Details:
      
      Return MAC/IP (ARP) information for a node's "peers" on the node control
      net. We also return info for the control net gateway (if there is one)
      and any servers on the node control network (e.g., subbosses).
      
      As far as "peer" info, right now we just support calls by subbosses that
      will return the info for the set of nodes they control. This could also
      be used by experiment firewalls or gateways to return info for the nodes
      they are protecting and setup filters accordingly.
      
      Note that this call only returns info if invoked using SSL. This allows
      the client to be sure it is getting the info from boss.
      
      Tangentially related, is the addition of an index to the subbosses table
      to speed up a really slow query.
      fb1f8f9a
    • Mike Hibler's avatar
      For Linux MFS, put .localized in /root instead of /. · a5fa1072
      Mike Hibler authored
      Sigh...for whatever reason, the unpacking of the MFS cpio archive
      doesn't pick up /.localized (probably because it is doing something
      akin to "cpio /*") so we put it in /root instead. Actually we put it
      in both places for compat.
      a5fa1072
    • Leigh B Stoller's avatar
      Little hack for elabinelab when boss,ops are XEN VMs with unroutable · 8a0c87bc
      Leigh B Stoller authored
      IPs; if there is an ipalias defined in the interfaces table, and that
      ip is routable, then we can create an entry in the routable map *and*
      the unroutable map.
      8a0c87bc
    • Mike Hibler's avatar
      Add -m to cpio to preserve modtimes in the Linux MFS. · e579e339
      Mike Hibler authored
      Also, add a little feedback.
      e579e339
    • Mike Hibler's avatar
      Get the assorted versions of slicefix in sync. · 637ebe18
      Mike Hibler authored
      All now include the localization code that Leigh added.
      637ebe18
  2. 11 Sep, 2012 2 commits
    • Kirk Webb's avatar
      Merge branch 'sdcollectd-security-fix' · aec49251
      Kirk Webb authored
      aec49251
    • Kirk Webb's avatar
      Update sdcollectd to treat incoming report packets as poisonous. · d6f20014
      Kirk Webb authored
      sdcollectd has been changed to make the parsing of incoming idle report
      packets more robust.  This should squash all existing vulnerabilities on
      the packet reception path.
      
      Changes:
      
      * NULL terminate the incoming packet buffer
      * move from strcpy to strncpy.
      * switch from strtoul, strtod, etc. to sscanf with explicit field lengths.
      * Multi-level parsing of packets into records, then key/val pairs,
        then individual key and value parsing/checking.
      d6f20014
  3. 07 Sep, 2012 10 commits
  4. 06 Sep, 2012 1 commit
  5. 05 Sep, 2012 2 commits
  6. 04 Sep, 2012 20 commits