Chinaunix首页 | 论坛 | 博客
  • 博客访问: 271321
  • 博文数量: 67
  • 博客积分: 0
  • 博客等级: 民兵
  • 技术积分: 620
  • 用 户 组: 普通用户
  • 注册时间: 2015-07-12 19:56
文章分类

全部博文(67)

文章存档

2019年(1)

2018年(1)

2017年(4)

2016年(34)

2015年(27)

我的朋友

分类: LINUX

2015-08-21 14:40:35

 Teamtrack ID (Bug/RFE/Task):
           BUG87157: Backward IP address octets in SSO logs

        Root Cause (Bug) or Purpose (RFE/Task):
           The exception list obtain ip address from the configuration file, then invoke the function inet_aton to save ipaddress as network byte order. So don't invoke the function "htonl" when outputting the debug message. The functon "htonl" converts from host byte order to network byte order, used to network transmission. Obviously, in this scene it only outputs the message, not network transmission.

           Note: Using the same version, the logs are normal in the newport(PPC platform) box, but the logs are abnormal in the vashon(x86 platform) box. Since x86 platform is little-endian. PPC platform is big-endian. The function "htonl" does nothing in the PPC platorm.

        Solution:
           In this scene, don't convert byte order when output the debug message.

        Unit test:
           (1). Configure SSO on the newport and vashon box respectively.
           (2). Increase diagnostic logging for Authentication to "debug".
           (3). Input some SSO exceptions in the UI and save it to the firebox.

            (3.1). The input ip address are as folows in the vashon box.
                    "1.2.3.4", "5.6.7.8".

            (3.2). The input ip address are as folows in the newport box.
                    "5.6.7.8", "1.2.3.4".

           (4). Observe log output to see the backward IP addresses. The following is a snapshot.

            (4.1) The logs are as follows in the vashon(x86 platform) box.

        Aug 11 05:41:17 2015 XTM535 local3.info admd[2448]: wgadmHandleCfgapi(): cfg update for xpath=x/profile/system-parameters/single-sign-on
        Aug 11 05:41:17 2015 XTM535 local3.info admd[2448]: wgadmHandleCfgapi(): cfg update for xpath=*/profile/system-parameters/single-sign-on
        Aug 11 05:41:17 2015 XTM535 local3.info admd[2448]: SSO: read enableSSO=1
        Aug 11 05:41:17 2015 XTM535 local3.info admd[2448]: SSO: read cache timeout=600
        Aug 11 05:41:17 2015 XTM535 local3.info admd[2448]: SSO: read ssoAgent ip=10.139.36.39
        Aug 11 05:41:17 2015 XTM535 local3.debug admd[2448]: The IP=1.2.3.4(0x4030201)
        Aug 11 05:41:17 2015 XTM535 local3.debug admd[2448]: The IP=5.6.7.8(0x8070605)
        Aug 11 05:41:17 2015 XTM535 local3.info admd[2448]: ====wgadmDumpSsoExceptionList: ====BEGIN
        Aug 11 05:41:17 2015 XTM535 local3.info admd[2448]: SSO:==== EXCLUDE IP LIST====
        Aug 11 05:41:17 2015 XTM535 local3.info admd[2448]: IP=1.2.3.4(0x4030201)
        Aug 11 05:41:17 2015 XTM535 local3.info admd[2448]: IP=5.6.7.8(0x8070605)
        Aug 11 05:41:17 2015 XTM535 local3.info admd[2448]: SSO:==== EXCLUDE SUBNET LIST====
        Aug 11 05:41:17 2015 XTM535 local3.info admd[2448]: SSO:==== EXCLUDE RANGE LIST====
        Aug 11 05:41:17 2015 XTM535 local3.info admd[2448]: ====wgadmDumpSsoExceptionList: ====END


           (4.2) The logs area as follows in the newport(ppc platform) box.


        Aug 11 05:46:21 2015 XTM33-W local3.info admd[6654]: SSO: not connect to sso agent yet in 8 seconds
        Aug 11 05:46:24 2015 XTM33-W local3.info admd[6654]: wgadmHandleCfgapi(): cfg update for xpath=x/profile/system-parameters/single-sign-on
        Aug 11 05:46:24 2015 XTM33-W local3.info admd[6654]: wgadmHandleCfgapi(): cfg update for xpath=*/profile/system-parameters/single-sign-on
        Aug 11 05:46:24 2015 XTM33-W local3.info admd[6654]: SSO: read enableSSO=1
        Aug 11 05:46:24 2015 XTM33-W local3.info admd[6654]: SSO: read cache timeout=600
        Aug 11 05:46:24 2015 XTM33-W local3.info admd[6654]: SSO: read ssoAgent ip=10.10.10.9
        Aug 11 05:46:24 2015 XTM33-W local3.debug admd[6654]: The IP=5.6.7.8(0x5060708)
        Aug 11 05:46:24 2015 XTM33-W local3.debug admd[6654]: The IP=1.2.3.4(0x1020304)
        Aug 11 05:46:24 2015 XTM33-W local3.info admd[6654]: ====wgadmDumpSsoExceptionList: ====BEGIN
        Aug 11 05:46:24 2015 XTM33-W local3.info admd[6654]: SSO:==== EXCLUDE IP LIST====
        Aug 11 05:46:24 2015 XTM33-W local3.info admd[6654]: IP=5.6.7.8(0x5060708)
        Aug 11 05:46:24 2015 XTM33-W local3.info admd[6654]: IP=1.2.3.4(0x1020304)
        Aug 11 05:46:24 2015 XTM33-W local3.info admd[6654]: SSO:==== EXCLUDE SUBNET LIST====
        Aug 11 05:46:24 2015 XTM33-W local3.info admd[6654]: SSO:==== EXCLUDE RANGE LIST====
        Aug 11 05:46:24 2015 XTM33-W local3.info admd[6654]: ====wgadmDumpSsoExceptionList: ====END

阅读(1699) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~