Project

General

Profile

GDP 2.1.19: changed default for HONGD availability

Default has changed so that HONGD is required by default in 2.1.19
Added by Eric Allman 4 months ago

Version 2.1.19 of the GDP changes the default for the Human-Oriented Name to GDPname Directory to "required"; previously it had been optional. This means that applications will (by default) fail if they cannot access the Directory Service. This is part of our transition to more cryptographically secure naming of all objects in the GDP including logs, servers, and services. Previously HONGD was optional — if it was not configured or the service could not be contacted the code fell back to taking the SHA-256 hash of a Human-Oriented Name and using that as the GDPname. Note that this is still the default if no entry can be found in HONGD.

The swarm.gdp.hongd.optional administrative parameter can be set to true to get the old behavior. Note that an application that does not use HONGD can pass the GDP_INIT_NO_HONGD flag to gdp_init2 to prevent all attempt to access HONGD, or (new behavior) can set GDP_INIT_OPT_HONGD to get the optional behavior. This second flag is expected to disappear when we have completed the transition.


Comments