[Openais] secauth renders openais lame

Steven Dake sdake at redhat.com
Tue Nov 18 05:05:08 PST 2008


On Tue, 2008-11-18 at 00:43 +0100, Dejan Muhamedagic wrote:
> Hi,
> 
> On Fri, Nov 14, 2008 at 08:17:34AM +0000, Christine Caulfield wrote:
> > Dejan Muhamedagic wrote:
> > > Hi,
> > > 
> > > When I set secauth, nodes can't communicate with each other at
> > > all. They just keep logging:
> > > 
> > > Nov 13 18:01:02 s390vm13 openais[31178]: [MAIN ] Invalid packet data
> > > Nov 13 18:01:02 s390vm13 openais[31178]: [MAIN ] Received message has invalid digest... ignoring.
> > > 
> > > With secauth off, everything works fine. This is with the
> > > whitetank on an s390x platform. Didn't get around to test it yet
> > > on other platforms.
> > > 
> > 
> > I (and many others I'm sure) have been using secauth on openais for a
> > very long time and it works fine. It's enabled by default on all Red Hat
> > system for instance.
> > 
> > Are you sure you have the same key on all your systems ?
> 
> Yes.
> 
> > On the other hand I have never tried it on s390x so I suppose it's
> > possible that there is a problem on that architecture.
> 
> Looks like it. The i386 platform is ok. s390x is a big endian
> arch. Ever run openais on such machine?
> 
> Thanks,
> 
> Dejan
> 

Yes openais has been tested big endian little endian but the crypto
routines specifically check for the machine type using some special
definitions.  It is possible your s390x machine doesn't have the proper
definitions in the header files and is using the wrong endian or byte
size algorithms for your platform.

Regards
-steve

> 
> > Chrissie
> _______________________________________________
> Openais mailing list
> Openais at lists.linux-foundation.org
> https://lists.linux-foundation.org/mailman/listinfo/openais



More information about the Openais mailing list