Argonne National Laboratory

Experimental Physics and
Industrial Control System

<20022003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020  Index <20022003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020 
<== Date ==> <== Thread ==>

Subject: RE: INET address
From: "Jeff Hill" <johill@lanl.gov>
To: "'Marty Kraimer'" <mrk@aps.anl.gov>
Cc: "'Johnson, Andrew N.'" <anj@aps.anl.gov>, <evans@aps.anl.gov>, "'Ralph Lange'" <Ralph.Lange@mail.bessy.de>
Date: Wed, 27 Nov 2002 10:02:43 -0700
Marty,

> Allen Biocca (ALS) requested that the access security rules
> should accept a host
> name OR inet address. This sounds like a valid request.

The raw network addresses, when they are known, should definitely be
considered to be better identification than the ASCII host names. The AS
document should probably be updated to say that "a higher level of
security is maintained if the user provides IP addresses instead of host
names, or if the access security system is able to convert host names to
IP addresses during initialization".

We need to be careful about how this is implemented if we would like to
allow EPICS to be used with different networking systems in the future.
For example, IP V6 has different network addresses than what is commonly
used today with internet programs. Currently I am using the class
caNetAddr and also the structure osiSockAddr to abstract network
addresses in public APIs. The osiSockAddr structure is specific to the
sockets API and perhaps isn't generic enough for this purpose. I will
need to research this further.

> The other request is let a PCAS application know the inet
> address of a client.
> Andrew thinks that this is what caSnooper needs. Ken can
> correct me if this is
> wrong.

This is a similar issue, but with some additional considerations. In the
access security situation I suspect that only rsrv and the gateway
currently use the access security interface so we can easily change it.
However with the cas API many different codes use it so I need to be
careful. The problem is that Ken was getting things out of the casCtx by
making its definition available to the server tools. However, there are
many things in this class that should not be seen or used by the server
tools, and I never intended to provide, the server tools with a public
definition of this class. Nevertheless, I think that I see a simple
solution which I will be implementing in the next few weeks. Sorry that
this was not fixed earlier, but there have been other things that needed
to be addressed first. In particular, I am looking at the gateway
performance issues.

Jeff

> -----Original Message-----
> From: Marty Kraimer [mailto:mrk@aps.anl.gov]
> Sent: Wednesday, November 27, 2002 6:31 AM
> To: Jeff Hill
> Cc: Johnson, Andrew N.; evans@aps.anl.gov; Ralph Lange; Marty
> Kraimer
> Subject: INET address
> 
> Two similar requests
> 
> Allen Biocca (ALS) requested that the access security rules
> should accept a host
> name OR inet address. This sounds like a valid request.
> 
> Thus instead of
> 
> HAG(hag1) {mercury}
> 
> The user could specify
> 
> HAG(hag1) {164.54.8.12}
> 
> The other request is let a PCAS application know the inet
> address of a client.
> Andrew thinks that this is what caSnooper needs. Ken can
> correct me if this is
> wrong.
> 
> Thus both requests amount to finding the inet addresss of a
> client.
> 
> For access security it means RSRV must make it available.
> Currently RSRV calls
> 
> asAddClient(asClientPvt,asMemberPvt,asl,user,host)
> 
> This could be changed to
> 
> asAddClient(asClientPvt,asMemberPvt,asl,user,host,inetAddr)
> 
> What do you think?
> 
> Marty

References:
INET address Marty Kraimer

Navigate by Date:
Prev: Re: base max thread priority Eric Norum
Next: RE: base max thread priority Jeff Hill
Index: <20022003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020 
Navigate by Thread:
Prev: INET address Marty Kraimer
Next: Gateway Marty Kraimer
Index: <20022003  2004  2005  2006  2007  2008  2009  2010  2011  2012  2013  2014  2015  2016  2017  2018  2019  2020 
ANJ, 02 Feb 2012 Valid HTML 4.01! · Home · News · About · Base · Modules · Extensions · Distributions · Download ·
· Search · EPICS V4 · IRMIS · Talk · Bugs · Documents · Links · Licensing ·