[erlang-questions] Interconnect question: how to work with names

Max Lapshin max.lapshin@REDACTED
Fri Jun 28 20:15:15 CEST 2019


> Validates the node name and the version number:
https://github.com/erlang/otp/blob/master/lib/kernel/src/dist_util.erl#L772-L773

Yes, this seems to be the answer.


Ok, what have I done:

1) I launch my server with hostname server.l:

master@REDACTED

2) I add this hostname to control tool:

  inet_db:set_lookup([file, dns]),
  inet_db:add_host({127,0,0,1}, ["server.l"]),

Now I can connect to master@REDACTED

Server admin can put any hostname that he wants, I do not depend on it
anymore.



On Fri, Jun 28, 2019 at 4:16 PM Dániel Szoboszlay <dszoboszlay@REDACTED>
wrote:

> I'm not claiming the response to the challenge itself would be dependent
> on the node names. It is not.
>
> What I'm trying to say, is that together with the challenge, in the same
> SEND_CHALLENGE message there are two more pieces of information: the
> protocol version and the node name.
>
> Upon receiving the challenge (
> https://github.com/erlang/otp/blob/master/lib/kernel/src/dist_util.erl#L770) the
> node that's trying to connect:
>
>    - Validates the node name and the version number:
>    https://github.com/erlang/otp/blob/master/lib/kernel/src/dist_util.erl#L772-L773
>    - Only after this step will look at the challenge sent in the message:
>    https://github.com/erlang/otp/blob/master/lib/kernel/src/dist_util.erl#L777
>    - And calculate a challenge response at the place you identified:
>    https://github.com/erlang/otp/blob/master/lib/kernel/src/dist_util.erl#L447
>
> So the recv_challenge/1 function is where the connection attempt fails if
> there's a mismatch in the node names. And that's what you originally asked:
> where does this check happen, what prevents us from connecting to a node
> with the wrong name (in the post-@ part)?
>
> If you rewrite the handshake on your own, and omit this check, than fine,
> you can of course connect. But this is probably not a good thing to do,
> because you've just introduced some inconsistency into the cluster: the
> nodes will disagree on what their name is. That can cause a lot of
> problems, not in the distribution connection layer probably, but higher up
> in the application layer (e.g. you send the value of node() across to your
> peer and it will believe you're not talking about yourself, but a third,
> unknown node).
>
> And as a side note, the is_allowed check has nothing to do with this
> problem. That's a rarely used feature where you can blacklist/whitelist
> nodes that are allowed to connect to you.
>
> On Fri, 28 Jun 2019 at 14:07, Max Lapshin <max.lapshin@REDACTED> wrote:
>
>> I do not understand, what for to use words like "believe"
>>
>> I've rewritten the handshake from scratch and I see that nodes send their
>> names, but encryption digest does not use node name.
>>
>>
>> https://github.com/erlang/otp/blob/master/lib/kernel/src/dist_util.erl#L447
>>
>> Perhaps problem is here:
>>
>>
>> https://github.com/erlang/otp/blob/master/lib/kernel/src/dist_util.erl#L715
>>
>> When we change node name, we can pass interconnect handshake, but do not
>> allow to connect.
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20190628/735db7a5/attachment.htm>


More information about the erlang-questions mailing list